From c3d587ac5c198aa29afe92fad87843e514ddd284 Mon Sep 17 00:00:00 2001 From: Scott Addie <10702007+scottaddie@users.noreply.github.com> Date: Tue, 5 Sep 2023 11:09:49 -0500 Subject: [PATCH] docs: Remove duplicate Azure Identity SDK content (#1082) Co-authored-by: Anish Ramasekar --- .github/dependabot.yml | 90 -- docs/book/src/SUMMARY.md | 2 +- docs/book/src/faq.md | 4 +- .../azure-identity-sdk.md | 34 +- examples/azure-identity/dotnet/Dockerfile | 12 - examples/azure-identity/dotnet/Makefile | 63 -- examples/azure-identity/dotnet/Program.cs | 28 - .../azure-identity/dotnet/akvdotnet.csproj | 13 - examples/azure-identity/go/Dockerfile | 29 - examples/azure-identity/go/Makefile | 64 -- examples/azure-identity/go/go.mod | 25 - examples/azure-identity/go/go.sum | 39 - examples/azure-identity/go/main.go | 35 - examples/azure-identity/go/windows.Dockerfile | 29 - examples/azure-identity/java/Dockerfile | 15 - examples/azure-identity/java/Makefile | 39 - examples/azure-identity/java/pom.xml | 97 -- .../com/example/azureidentity/java/App.java | 26 - examples/azure-identity/node/.gitignore | 1 - examples/azure-identity/node/Dockerfile | 15 - examples/azure-identity/node/Makefile | 39 - examples/azure-identity/node/index.js | 24 - .../azure-identity/node/package-lock.json | 955 ------------------ examples/azure-identity/node/package.json | 15 - examples/azure-identity/python/Dockerfile | 23 - examples/azure-identity/python/Makefile | 39 - examples/azure-identity/python/__init__.py | 0 examples/azure-identity/python/main.py | 18 - .../azure-identity/python/requirements.txt | 2 - 29 files changed, 5 insertions(+), 1770 deletions(-) delete mode 100644 examples/azure-identity/dotnet/Dockerfile delete mode 100644 examples/azure-identity/dotnet/Makefile delete mode 100644 examples/azure-identity/dotnet/Program.cs delete mode 100644 examples/azure-identity/dotnet/akvdotnet.csproj delete mode 100644 examples/azure-identity/go/Dockerfile delete mode 100644 examples/azure-identity/go/Makefile delete mode 100644 examples/azure-identity/go/go.mod delete mode 100644 examples/azure-identity/go/go.sum delete mode 100644 examples/azure-identity/go/main.go delete mode 100644 examples/azure-identity/go/windows.Dockerfile delete mode 100644 examples/azure-identity/java/Dockerfile delete mode 100644 examples/azure-identity/java/Makefile delete mode 100644 examples/azure-identity/java/pom.xml delete mode 100644 examples/azure-identity/java/src/main/java/com/example/azureidentity/java/App.java delete mode 100644 examples/azure-identity/node/.gitignore delete mode 100644 examples/azure-identity/node/Dockerfile delete mode 100644 examples/azure-identity/node/Makefile delete mode 100644 examples/azure-identity/node/index.js delete mode 100644 examples/azure-identity/node/package-lock.json delete mode 100644 examples/azure-identity/node/package.json delete mode 100644 examples/azure-identity/python/Dockerfile delete mode 100644 examples/azure-identity/python/Makefile delete mode 100644 examples/azure-identity/python/__init__.py delete mode 100644 examples/azure-identity/python/main.py delete mode 100644 examples/azure-identity/python/requirements.txt diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 3d5fac12c..614ce8d9f 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -54,85 +54,6 @@ updates: patterns: - "k8s.io/*" - - package-ecosystem: docker - directory: /examples/azure-identity/dotnet - schedule: - interval: weekly - commit-message: - prefix: "chore" - - - package-ecosystem: nuget - directory: /examples/azure-identity/dotnet - schedule: - interval: weekly - commit-message: - prefix: "chore" - groups: - all: - patterns: - - "*" - - - package-ecosystem: docker - directory: /examples/azure-identity/go - schedule: - interval: weekly - commit-message: - prefix: "chore" - - - package-ecosystem: gomod - directory: /examples/azure-identity/go - schedule: - interval: weekly - commit-message: - prefix: "chore" - groups: - all: - patterns: - - "*" - - - package-ecosystem: docker - directory: /examples/azure-identity/java - schedule: - interval: weekly - commit-message: - prefix: "chore" - - - package-ecosystem: docker - directory: /examples/azure-identity/node - schedule: - interval: weekly - commit-message: - prefix: "chore" - - - package-ecosystem: npm - directory: /examples/azure-identity/node - schedule: - interval: weekly - commit-message: - prefix: "chore" - groups: - all: - patterns: - - "*" - - - package-ecosystem: docker - directory: /examples/azure-identity/python - schedule: - interval: weekly - commit-message: - prefix: "chore" - - - package-ecosystem: pip - directory: /examples/azure-identity/python - schedule: - interval: weekly - commit-message: - prefix: "chore" - groups: - all: - patterns: - - "*" - - package-ecosystem: docker directory: /examples/msal-go schedule: @@ -212,17 +133,6 @@ updates: patterns: - "*" - - package-ecosystem: maven - directory: /examples/azure-identity/java - schedule: - interval: weekly - commit-message: - prefix: "chore" - groups: - all: - patterns: - - "*" - - package-ecosystem: maven directory: /examples/msal-java schedule: diff --git a/docs/book/src/SUMMARY.md b/docs/book/src/SUMMARY.md index 1034a5894..01ae78acd 100644 --- a/docs/book/src/SUMMARY.md +++ b/docs/book/src/SUMMARY.md @@ -25,7 +25,7 @@ - [Examples](./topics/self-managed-clusters/examples.md) - [Kubernetes in Docker (kind)](./topics/self-managed-clusters/examples/kind.md) - [Language-Specific Examples](./topics/language-specific-examples.md) - - [Azure Identity SDK](./topics/language-specific-examples/azure-identity-sdk.md) + - [Azure Identity client libraries](./topics/language-specific-examples/azure-identity-sdk.md) - [Microsoft Authentication Library (MSAL)](./topics/language-specific-examples/msal.md) - [Metrics](./topics/metrics.md) - [Frequently Asked Questions](./faq.md) diff --git a/docs/book/src/faq.md b/docs/book/src/faq.md index e44e16b0a..fa1d6efdc 100644 --- a/docs/book/src/faq.md +++ b/docs/book/src/faq.md @@ -60,11 +60,11 @@ Required permissions to create/update/delete federated identity credential: ## How to migrate from `aad-pod-identity`? -You can refer to [this link](https://learn.microsoft.com/en-us/azure/aks/workload-identity-migrate-from-pod-identity) for more information. +You can refer to [this link](https://learn.microsoft.com/azure/aks/workload-identity-migrate-from-pod-identity) for more information. tl;dr: -1. If you use DefaultAzureCredential in your workload, you can update the azure identity sdk version to the latest that supports workload identity (ref: [link](https://azure.github.io/azure-workload-identity/docs/topics/language-specific-examples/azure-identity-sdk.html)). +1. If you use `DefaultAzureCredential` in your workload, you can update the Azure Identity client library version to the latest that supports Workload Identity (ref: [link](https://azure.github.io/azure-workload-identity/docs/topics/language-specific-examples/azure-identity-sdk.html)). 2. If you still have workloads that get managed identity token from IMDS, you can annotate the pod to get a proxy sidecar injected, that'll do the token exchange with the new flow. ## Does Workload Identity work in disconnected environments? diff --git a/docs/book/src/topics/language-specific-examples/azure-identity-sdk.md b/docs/book/src/topics/language-specific-examples/azure-identity-sdk.md index 4fb5fc365..e7a4d0450 100644 --- a/docs/book/src/topics/language-specific-examples/azure-identity-sdk.md +++ b/docs/book/src/topics/language-specific-examples/azure-identity-sdk.md @@ -1,33 +1,3 @@ -# Azure Identity SDK +# Azure Identity client libraries -In the Azure Identity client libraries, choose one of the following approaches: - -- Use `DefaultAzureCredential`, which will attempt to use the `WorkloadIdentityCredential`. -- Create a `ChainedTokenCredential` instance that includes `WorkloadIdentityCredential`. -- Use `WorkloadIdentityCredential` directly. - -The following client libraries are the **minimum** version required and recommended: - -* `Minimum Recommended Version` - The version of the client library that is recommended for use with Workload Identity. - * This version is the minimum version that includes the `WorkloadIdentityCredential` in addition to the `DefaultAzureCredential`. -* `Minimum Version Required for Workload Identity` - The minimum version of the client library that will work with Workload Identity (i.e. the version that supports workload identity with the `DefaultAzureCredential`). - -| Language | Library | Minimum Recommended Version | Minimum Version Required for Workload Identity | -| --------------------- | --------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------- | -| Go | [azure-sdk-for-go](https://github.com/Azure/azure-sdk-for-go) | [sdk/azidentity/v1.3.0](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity@v1.3.0) | [sdk/azidentity/v1.3.0](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity@v1.3.0) | -| C# | [azure-sdk-for-net](https://github.com/Azure/azure-sdk-for-net) | [Azure.Identity_1.9.0](https://github.com/Azure/azure-sdk-for-net/releases/tag/Azure.Identity_1.9.0) | [Azure.Identity_1.5.0](https://github.com/Azure/azure-sdk-for-net/releases/tag/Azure.Identity_1.5.0) | -| JavaScript/TypeScript | [azure-sdk-for-js](https://github.com/Azure/azure-sdk-for-js) | [@azure/identity_3.2.0](https://github.com/Azure/azure-sdk-for-js/releases/tag/@azure/identity_3.2.0) | [@azure/identity_2.0.0](https://github.com/Azure/azure-sdk-for-js/releases/tag/@azure/identity_2.0.0) | -| Python | [azure-sdk-for-python](https://github.com/Azure/azure-sdk-for-python) | [azure-identity_1.13.0](https://github.com/Azure/azure-sdk-for-python/releases/tag/azure-identity_1.13.0) | [azure-identity_1.7.0](https://github.com/Azure/azure-sdk-for-python/releases/tag/azure-identity_1.7.0) | -| Java | [azure-sdk-for-java](https://github.com/Azure/azure-sdk-for-java) | [azure-identity_1.9.0](https://github.com/Azure/azure-sdk-for-java/releases/tag/azure-identity_1.9.0) | [azure-identity_1.4.0](https://github.com/Azure/azure-sdk-for-java/releases/tag/azure-identity_1.4.0) | - -## Examples - -### Using `DefaultAzureCredential` - -| Language | Library | Example | -| --------------------- | --------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------- | -| Go | [azure-sdk-for-go](https://github.com/Azure/azure-sdk-for-go) | [Link](https://github.com/Azure/azure-workload-identity/tree/main/examples/azure-identity/go) | -| Python | [azure-sdk-for-python](https://github.com/Azure/azure-sdk-for-python) | [Link](https://github.com/Azure/azure-workload-identity/tree/main/examples/azure-identity/python) | -| JavaScript/TypeScript | [azure-sdk-for-js](https://github.com/Azure/azure-sdk-for-js) | [Link](https://github.com/Azure/azure-workload-identity/tree/main/examples/azure-identity/node) | -| C# | [azure-sdk-for-net](https://github.com/Azure/azure-sdk-for-net) | [Link](https://github.com/Azure/azure-workload-identity/tree/main/examples/azure-identity/dotnet) | -| Java | [azure-sdk-for-java](https://github.com/Azure/azure-sdk-for-java) | [Link](https://github.com/Azure/azure-workload-identity/tree/main/examples/azure-identity/java) | +For details on Workload Identity support in the Azure Identity client libraries, see [Azure Identity client libraries](https://learn.microsoft.com/azure/aks/workload-identity-overview#azure-identity-client-libraries). diff --git a/examples/azure-identity/dotnet/Dockerfile b/examples/azure-identity/dotnet/Dockerfile deleted file mode 100644 index 628425e8d..000000000 --- a/examples/azure-identity/dotnet/Dockerfile +++ /dev/null @@ -1,12 +0,0 @@ -FROM --platform=linux/amd64 mcr.microsoft.com/dotnet/sdk:7.0 AS builder -WORKDIR /app -ADD . . -RUN dotnet build akvdotnet.csproj && dotnet publish -c release - -ARG BASEIMAGE -FROM ${BASEIMAGE:-mcr.microsoft.com/dotnet/runtime:6.0} -WORKDIR /app -COPY --from=builder /app/bin/release/netcoreapp6.0/publish/ . -# Kubernetes runAsNonRoot requires USER to be numeric -USER 65532:65532 -ENTRYPOINT ["dotnet", "akvdotnet.dll"] diff --git a/examples/azure-identity/dotnet/Makefile b/examples/azure-identity/dotnet/Makefile deleted file mode 100644 index 8ef39657b..000000000 --- a/examples/azure-identity/dotnet/Makefile +++ /dev/null @@ -1,63 +0,0 @@ -REGISTRY ?= ghcr.io/azure/azure-workload-identity -IMAGE_NAME := azid-dotnet -IMAGE_VERSION ?= latest - -DEMO_IMAGE := $(REGISTRY)/$(IMAGE_NAME):$(IMAGE_VERSION) - -## -------------------------------------- -## Images -## -------------------------------------- - -# Output type of docker buildx build -OUTPUT_TYPE ?= type=registry - -ALL_OS = linux windows -ALL_ARCH.linux = amd64 arm64 -ALL_ARCH.windows = amd64 -ALL_OSVERSIONS.windows := 1809 ltsc2022 -ALL_OS_ARCH.linux = $(foreach arch, ${ALL_ARCH.linux}, linux-$(arch)) -ALL_OS_ARCH.windows = $(foreach osver, ${ALL_OSVERSIONS.windows}, windows-$(osver)-$(foreach arch, ${ALL_ARCH.windows},$(arch))) -ALL_OS_ARCH = $(foreach os, $(ALL_OS), ${ALL_OS_ARCH.${os}}) - -# The architecture of the image -ARCH ?= amd64 -# OS Version for the Windows images: 1809, ltsc2022 -OSVERSION ?= 1809 - -.PHONY: container-linux -container-linux: - docker buildx build \ - --output=$(OUTPUT_TYPE) \ - --platform="linux/$(ARCH)" \ - --tag=$(DEMO_IMAGE)-linux-$(ARCH) . - -.PHONY: container-windows -container-windows: - docker buildx build \ - --build-arg BASEIMAGE=mcr.microsoft.com/dotnet/runtime:6.0-nanoserver-${OSVERSION} \ - --output=$(OUTPUT_TYPE) \ - --platform="windows/$(ARCH)" \ - --tag=$(DEMO_IMAGE)-windows-$(OSVERSION)-$(ARCH) . - -.PHONY: container-all -container-all: - for arch in $(ALL_ARCH.linux); do \ - ARCH=$${arch} $(MAKE) container-linux; \ - done - for osversion in $(ALL_OSVERSIONS.windows); do \ - OSVERSION=$${osversion} $(MAKE) container-windows; \ - done - -.PHONY: push-manifest -push-manifest: - docker manifest create --amend $(DEMO_IMAGE) $(foreach osarch, $(ALL_OS_ARCH), $(DEMO_IMAGE)-${osarch}) - for arch in $(ALL_ARCH.linux); do docker manifest annotate --os linux --arch $${arch} $(DEMO_IMAGE) $(DEMO_IMAGE)-linux-$${arch}; done; \ - set -x; \ - for arch in $(ALL_ARCH.windows); do \ - for osversion in $(ALL_OSVERSIONS.windows); do \ - BASEIMAGE=mcr.microsoft.com/windows/nanoserver:$${osversion}; \ - full_version=`docker manifest inspect $${BASEIMAGE} | jq -r '.manifests[0].platform["os.version"]'`; \ - docker manifest annotate --os windows --arch $${arch} --os-version $${full_version} $(DEMO_IMAGE) $(DEMO_IMAGE)-windows-$${osversion}-$${arch}; \ - done; \ - done; \ - docker manifest push --purge $(DEMO_IMAGE) diff --git a/examples/azure-identity/dotnet/Program.cs b/examples/azure-identity/dotnet/Program.cs deleted file mode 100644 index 0a98cb607..000000000 --- a/examples/azure-identity/dotnet/Program.cs +++ /dev/null @@ -1,28 +0,0 @@ -// -using System; -using Azure.Identity; -using Azure.Security.KeyVault.Secrets; -// - -namespace akvdotnet -{ - public class Program - { - static void Main(string[] args) - { - Program P = new Program(); - string keyvaultURL = Environment.GetEnvironmentVariable("KEYVAULT_URL"); - string secretName = Environment.GetEnvironmentVariable("SECRET_NAME"); - - // DefaultAzureCredential will use the environment variables injected by the Azure Workload Identity - // mutating webhook to authenticate with Azure Key Vault. - SecretClient client = new SecretClient( - new Uri(keyvaultURL), - new DefaultAzureCredential()); - - // - var keyvaultSecret = client.GetSecret(secretName).Value; - Console.WriteLine("Your secret is " + keyvaultSecret.Value); - } - } -} diff --git a/examples/azure-identity/dotnet/akvdotnet.csproj b/examples/azure-identity/dotnet/akvdotnet.csproj deleted file mode 100644 index 391cf4540..000000000 --- a/examples/azure-identity/dotnet/akvdotnet.csproj +++ /dev/null @@ -1,13 +0,0 @@ - - - - Exe - netcoreapp6.0 - - - - - - - - diff --git a/examples/azure-identity/go/Dockerfile b/examples/azure-identity/go/Dockerfile deleted file mode 100644 index 45a603cde..000000000 --- a/examples/azure-identity/go/Dockerfile +++ /dev/null @@ -1,29 +0,0 @@ -ARG BUILDER=mcr.microsoft.com/oss/go/microsoft/golang:1.20-bullseye -ARG BASEIMAGE=gcr.io/distroless/static:nonroot - -FROM ${BUILDER} as builder - -WORKDIR /workspace -# Copy the Go Modules manifests -COPY go.mod go.mod -COPY go.sum go.sum -# cache deps before building and copying source so that we don't need to re-download as much -# and so that source changes don't invalidate our downloaded layer -RUN go mod download - -# Copy the go source -COPY main.go main.go - -# Build -ARG TARGETARCH -RUN CGO_ENABLED=0 GOOS=linux GOARCH=${TARGETARCH} GO111MODULE=on go build -a -o azidgo . - -# Use distroless as minimal base image to package the manager binary -# Refer to https://github.com/GoogleContainerTools/distroless for more details -FROM --platform=${TARGETPLATFORM:-linux/amd64} ${BASEIMAGE} -WORKDIR / -COPY --from=builder /workspace/azidgo . -# Kubernetes runAsNonRoot requires USER to be numeric -USER 65532:65532 - -ENTRYPOINT ["/azidgo"] diff --git a/examples/azure-identity/go/Makefile b/examples/azure-identity/go/Makefile deleted file mode 100644 index ec7e6c62e..000000000 --- a/examples/azure-identity/go/Makefile +++ /dev/null @@ -1,64 +0,0 @@ -REGISTRY ?= ghcr.io/azure/azure-workload-identity -IMAGE_NAME := azid-go -IMAGE_VERSION ?= latest - -DEMO_IMAGE := $(REGISTRY)/$(IMAGE_NAME):$(IMAGE_VERSION) - -## -------------------------------------- -## Images -## -------------------------------------- - -# Output type of docker buildx build -OUTPUT_TYPE ?= type=registry - -ALL_OS = linux windows -ALL_ARCH.linux = amd64 arm64 -ALL_ARCH.windows = amd64 -ALL_OSVERSIONS.windows := 1809 ltsc2022 -ALL_OS_ARCH.linux = $(foreach arch, ${ALL_ARCH.linux}, linux-$(arch)) -ALL_OS_ARCH.windows = $(foreach osver, ${ALL_OSVERSIONS.windows}, windows-$(osver)-$(foreach arch, ${ALL_ARCH.windows},$(arch))) -ALL_OS_ARCH = $(foreach os, $(ALL_OS), ${ALL_OS_ARCH.${os}}) - -# The architecture of the image -ARCH ?= amd64 -# OS Version for the Windows images: 1809, ltsc2022 -OSVERSION ?= 1809 - -.PHONY: container-linux -container-linux: - docker buildx build \ - --output=$(OUTPUT_TYPE) \ - --platform="linux/$(ARCH)" \ - --tag=$(DEMO_IMAGE)-linux-$(ARCH) . - -.PHONY: container-windows -container-windows: - docker buildx build \ - --build-arg OS_VERSION=$(OSVERSION) \ - --output=$(OUTPUT_TYPE) \ - --platform="windows/$(ARCH)" \ - --file=windows.Dockerfile \ - --tag=$(DEMO_IMAGE)-windows-$(OSVERSION)-$(ARCH) . - -.PHONY: container-all -container-all: - for arch in $(ALL_ARCH.linux); do \ - ARCH=$${arch} $(MAKE) container-linux; \ - done - for osversion in $(ALL_OSVERSIONS.windows); do \ - OSVERSION=$${osversion} $(MAKE) container-windows; \ - done - -.PHONY: push-manifest -push-manifest: - docker manifest create --amend $(DEMO_IMAGE) $(foreach osarch, $(ALL_OS_ARCH), $(DEMO_IMAGE)-${osarch}) - for arch in $(ALL_ARCH.linux); do docker manifest annotate --os linux --arch $${arch} $(DEMO_IMAGE) $(DEMO_IMAGE)-linux-$${arch}; done; \ - set -x; \ - for arch in $(ALL_ARCH.windows); do \ - for osversion in $(ALL_OSVERSIONS.windows); do \ - BASEIMAGE=mcr.microsoft.com/windows/nanoserver:$${osversion}; \ - full_version=`docker manifest inspect $${BASEIMAGE} | jq -r '.manifests[0].platform["os.version"]'`; \ - docker manifest annotate --os windows --arch $${arch} --os-version $${full_version} $(DEMO_IMAGE) $(DEMO_IMAGE)-windows-$${osversion}-$${arch}; \ - done; \ - done; \ - docker manifest push --purge $(DEMO_IMAGE) diff --git a/examples/azure-identity/go/go.mod b/examples/azure-identity/go/go.mod deleted file mode 100644 index 80d2fc896..000000000 --- a/examples/azure-identity/go/go.mod +++ /dev/null @@ -1,25 +0,0 @@ -module github.com/Azure/azure-workload-identity/example/azure-identity/go - -go 1.19 - -require ( - github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.3.1 - github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets v1.0.0 - k8s.io/klog/v2 v2.100.1 -) - -require ( - github.com/Azure/azure-sdk-for-go/sdk/azcore v1.7.1 // indirect - github.com/Azure/azure-sdk-for-go/sdk/internal v1.3.0 // indirect - github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v0.8.0 // indirect - github.com/AzureAD/microsoft-authentication-library-for-go v1.1.1 // indirect - github.com/go-logr/logr v1.2.0 // indirect - github.com/golang-jwt/jwt/v5 v5.0.0 // indirect - github.com/google/uuid v1.3.0 // indirect - github.com/kylelemons/godebug v1.1.0 // indirect - github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 // indirect - golang.org/x/crypto v0.12.0 // indirect - golang.org/x/net v0.14.0 // indirect - golang.org/x/sys v0.11.0 // indirect - golang.org/x/text v0.12.0 // indirect -) diff --git a/examples/azure-identity/go/go.sum b/examples/azure-identity/go/go.sum deleted file mode 100644 index 2a3f80ce2..000000000 --- a/examples/azure-identity/go/go.sum +++ /dev/null @@ -1,39 +0,0 @@ -github.com/Azure/azure-sdk-for-go/sdk/azcore v1.7.1 h1:/iHxaJhsFr0+xVFfbMr5vxz848jyiWuIEDhYq3y5odY= -github.com/Azure/azure-sdk-for-go/sdk/azcore v1.7.1/go.mod h1:bjGvMhVMb+EEm3VRNQawDMUyMMjo+S5ewNjflkep/0Q= -github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.3.1 h1:LNHhpdK7hzUcx/k1LIcuh5k7k1LGIWLQfCjaneSj7Fc= -github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.3.1/go.mod h1:uE9zaUfEQT/nbQjVi2IblCG9iaLtZsuYZ8ne+PuQ02M= -github.com/Azure/azure-sdk-for-go/sdk/internal v1.3.0 h1:sXr+ck84g/ZlZUOZiNELInmMgOsuGwdjjVkEIde0OtY= -github.com/Azure/azure-sdk-for-go/sdk/internal v1.3.0/go.mod h1:okt5dMMTOFjX/aovMlrjvvXoPMBVSPzk9185BT0+eZM= -github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets v1.0.0 h1:qvCB+Za4z8dtU3R5CC7zhlxTLlT3eaEMugglVvjUWtk= -github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets v1.0.0/go.mod h1:w2K61Z8eppIuGbQRx1SKYld2Lrr5vrGvnUwWAhF4nso= -github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v0.8.0 h1:T028gtTPiYt/RMUfs8nVsAL7FDQrfLlrm/NnRG/zcC4= -github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v0.8.0/go.mod h1:cw4zVQgBby0Z5f2v0itn6se2dDP17nTjbZFXW5uPyHA= -github.com/AzureAD/microsoft-authentication-library-for-go v1.1.1 h1:WpB/QDNLpMw72xHJc34BNNykqSOeEJDAWkhf0u12/Jk= -github.com/AzureAD/microsoft-authentication-library-for-go v1.1.1/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= -github.com/dnaeon/go-vcr v1.2.0 h1:zHCHvJYTMh1N7xnV7zf1m1GPBF9Ad0Jk/whtQ1663qI= -github.com/go-logr/logr v1.2.0 h1:QK40JKJyMdUDz+h+xvCsru/bJhvG0UxvePV0ufL/AcE= -github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/golang-jwt/jwt/v5 v5.0.0 h1:1n1XNM9hk7O9mnQoNBGolZvzebBQ7p93ULHRc28XJUE= -github.com/golang-jwt/jwt/v5 v5.0.0/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= -github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= -github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= -github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= -github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 h1:KoWmjvw+nsYOo29YJK9vDA65RGE3NrOnUtO7a+RF9HU= -github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8/go.mod h1:HKlIX3XHQyzLZPlr7++PzdhaXEj94dEiJgZDTsxEqUI= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= -github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= -golang.org/x/crypto v0.12.0 h1:tFM/ta59kqch6LlvYnPa0yx5a83cL2nHflFhYKvv9Yk= -golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98yw= -golang.org/x/net v0.14.0 h1:BONx9s002vGdD9umnlX1Po8vOZmrgH34qlHcD1MfK14= -golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI= -golang.org/x/sys v0.0.0-20210616045830-e2b7044e8c71/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.11.0 h1:eG7RXZHdqOJ1i+0lgLgCpSXAp6M3LYlAo6osgSi0xOM= -golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/text v0.12.0 h1:k+n5B8goJNdU7hSvEtMUz3d1Q6D/XW4COJSJR6fN0mc= -golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= -gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= -gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= -k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg= -k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= diff --git a/examples/azure-identity/go/main.go b/examples/azure-identity/go/main.go deleted file mode 100644 index 68488bbbf..000000000 --- a/examples/azure-identity/go/main.go +++ /dev/null @@ -1,35 +0,0 @@ -package main - -import ( - "context" - "os" - - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" - "github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azsecrets" - "k8s.io/klog/v2" -) - -func main() { - keyvaultURL := os.Getenv("KEYVAULT_URL") - secretName := os.Getenv("SECRET_NAME") - - // create a secret client with the default credential - // DefaultAzureCredential will use the environment variables injected by the Azure Workload Identity - // mutating webhook to authenticate with Azure Key Vault. - - cred, err := azidentity.NewDefaultAzureCredential(nil) - if err != nil { - klog.Fatal(err) - } - client, err := azsecrets.NewClient(keyvaultURL, cred, nil) - if err != nil { - klog.Fatal(err) - } - - secretBundle, err := client.GetSecret(context.Background(), secretName, "", nil) - if err != nil { - klog.ErrorS(err, "failed to get secret from keyvault", "keyvault", keyvaultURL, "secretName", secretName) - os.Exit(1) - } - klog.InfoS("successfully got secret", "secret", *secretBundle.Value) -} diff --git a/examples/azure-identity/go/windows.Dockerfile b/examples/azure-identity/go/windows.Dockerfile deleted file mode 100644 index 64b61e16a..000000000 --- a/examples/azure-identity/go/windows.Dockerfile +++ /dev/null @@ -1,29 +0,0 @@ -ARG BUILDER=mcr.microsoft.com/oss/go/microsoft/golang:1.20-bullseye -ARG SERVERCORE_CACHE=gcr.io/k8s-staging-e2e-test-images/windows-servercore-cache:1.0-linux-amd64-${OS_VERSION:-1809} -ARG BASEIMAGE=mcr.microsoft.com/windows/nanoserver:${OS_VERSION:-1809} - -FROM --platform=linux/amd64 ${BUILDER} as builder - -WORKDIR /workspace -# Copy the Go Modules manifests -COPY go.mod go.mod -COPY go.sum go.sum -# cache deps before building and copying source so that we don't need to re-download as much -# and so that source changes don't invalidate our downloaded layer -RUN go mod download - -# Copy the go source -COPY main.go main.go - -# Build -RUN CGO_ENABLED=0 GOOS=windows GO111MODULE=on go build -a -o azidgo.exe . - -FROM --platform=linux/amd64 ${SERVERCORE_CACHE} as core - -FROM --platform=${TARGETPLATFORM:-windows/amd64} ${BASEIMAGE} -WORKDIR / -COPY --from=builder /workspace/azidgo.exe . -COPY --from=core /Windows/System32/netapi32.dll /Windows/System32/netapi32.dll -USER ContainerAdministrator - -ENTRYPOINT [ "/azidgo.exe" ] diff --git a/examples/azure-identity/java/Dockerfile b/examples/azure-identity/java/Dockerfile deleted file mode 100644 index 015f62435..000000000 --- a/examples/azure-identity/java/Dockerfile +++ /dev/null @@ -1,15 +0,0 @@ -ARG BUILDER=maven:3.8.4-jdk-11 -ARG BASEIMAGE=gcr.io/distroless/java:11-nonroot - -FROM ${BUILDER} as builder -WORKDIR /app -COPY pom.xml . -RUN mvn -e -B dependency:resolve -COPY src ./src -RUN mvn -e -B package - -FROM ${BASEIMAGE} -COPY --from=builder /app/target/azid-java-*.jar /app.jar -# Kubernetes runAsNonRoot requires USER to be numeric -USER 65532:65532 -CMD ["/app.jar"] diff --git a/examples/azure-identity/java/Makefile b/examples/azure-identity/java/Makefile deleted file mode 100644 index 29a97be2a..000000000 --- a/examples/azure-identity/java/Makefile +++ /dev/null @@ -1,39 +0,0 @@ -REGISTRY ?= ghcr.io/azure/azure-workload-identity -IMAGE_NAME := azid-java -IMAGE_VERSION ?= latest - -DEMO_IMAGE := $(REGISTRY)/$(IMAGE_NAME):$(IMAGE_VERSION) - -## -------------------------------------- -## Images -## -------------------------------------- - -# Output type of docker buildx build -OUTPUT_TYPE ?= type=registry - -ALL_OS = linux -ALL_ARCH.linux = amd64 arm64 -ALL_OS_ARCH.linux = $(foreach arch, ${ALL_ARCH.linux}, linux-$(arch)) -ALL_OS_ARCH = $(foreach os, $(ALL_OS), ${ALL_OS_ARCH.${os}}) - -# The architecture of the image -ARCH ?= amd64 - -.PHONY: container-linux -container-linux: - docker buildx build \ - --output=$(OUTPUT_TYPE) \ - --platform="linux/$(ARCH)" \ - --tag=$(DEMO_IMAGE)-linux-$(ARCH) . - -.PHONY: container-all -container-all: - for arch in $(ALL_ARCH.linux); do \ - ARCH=$${arch} $(MAKE) container-linux; \ - done - -.PHONY: push-manifest -push-manifest: - docker manifest create --amend $(DEMO_IMAGE) $(foreach osarch, $(ALL_OS_ARCH), $(DEMO_IMAGE)-${osarch}) - for arch in $(ALL_ARCH.linux); do docker manifest annotate --os linux --arch $${arch} $(DEMO_IMAGE) $(DEMO_IMAGE)-linux-$${arch}; done; \ - docker manifest push --purge $(DEMO_IMAGE) diff --git a/examples/azure-identity/java/pom.xml b/examples/azure-identity/java/pom.xml deleted file mode 100644 index 7e19bd34a..000000000 --- a/examples/azure-identity/java/pom.xml +++ /dev/null @@ -1,97 +0,0 @@ - - - - 4.0.0 - - com.example.azureidentity.java - azid-java - 1.0-SNAPSHOT - - azid-java - - http://www.example.com - - - UTF-8 - 1.8 - 1.8 - - - - - com.azure - azure-security-keyvault-secrets - 4.6.4 - - - com.azure - azure-identity - 1.10.0 - - - com.azure - azure-core - 1.42.0 - - - - org.slf4j - slf4j-simple - 2.0.7 - - - - - - org.apache.maven.plugins - maven-shade-plugin - 3.5.0 - - - package - - shade - - - - - com.example.azureidentity.java.App - - - - - *:* - - META-INF/*.SF - META-INF/*.DSA - META-INF/*.RSA - - - - - - - - - org.apache.maven.plugins - maven-dependency-plugin - 3.6.0 - - - unpack-dependencies - package - - unpack-dependencies - - - system - META-INF/*.SF,META-INF/*.DSA,META-INF/*.RSA - junit,org.mockito,org.hamcrest - ${project.build.directory}/classes - - - - - - - diff --git a/examples/azure-identity/java/src/main/java/com/example/azureidentity/java/App.java b/examples/azure-identity/java/src/main/java/com/example/azureidentity/java/App.java deleted file mode 100644 index 47db7117d..000000000 --- a/examples/azure-identity/java/src/main/java/com/example/azureidentity/java/App.java +++ /dev/null @@ -1,26 +0,0 @@ -package com.example.azureidentity.java; - -import java.util.Map; - -import com.azure.security.keyvault.secrets.SecretClient; -import com.azure.security.keyvault.secrets.SecretClientBuilder; -import com.azure.security.keyvault.secrets.models.KeyVaultSecret; -import com.azure.identity.DefaultAzureCredentialBuilder; -import com.azure.identity.DefaultAzureCredential; - -public class App { - public static void main(String[] args) { - Map env = System.getenv(); - String keyvaultURL = env.get("KEYVAULT_URL"); - String secretName = env.get("SECRET_NAME"); - - DefaultAzureCredential defaultCredential = new DefaultAzureCredentialBuilder().build(); - - SecretClient secretClient = new SecretClientBuilder() - .vaultUrl(keyvaultURL) - .credential(defaultCredential) - .buildClient(); - KeyVaultSecret secret = secretClient.getSecret(secretName); - System.out.printf("successfully got secret, secret=%s", secret.getValue()); - } -} diff --git a/examples/azure-identity/node/.gitignore b/examples/azure-identity/node/.gitignore deleted file mode 100644 index c2658d7d1..000000000 --- a/examples/azure-identity/node/.gitignore +++ /dev/null @@ -1 +0,0 @@ -node_modules/ diff --git a/examples/azure-identity/node/Dockerfile b/examples/azure-identity/node/Dockerfile deleted file mode 100644 index 5f255c3fc..000000000 --- a/examples/azure-identity/node/Dockerfile +++ /dev/null @@ -1,15 +0,0 @@ -ARG BUILDER=mcr.microsoft.com/cbl-mariner/base/nodejs:16 -ARG BASEIMAGE=mcr.microsoft.com/mirror/gcr/distroless/nodejs-debian11:16 - -# ref: https://github.com/GoogleContainerTools/distroless/blob/main/examples/nodejs/Dockerfile -FROM ${BUILDER} AS build-env -ADD . /app -WORKDIR /app -RUN npm install - -FROM ${BASEIMAGE} -COPY --from=build-env /app /app -WORKDIR /app -# Kubernetes runAsNonRoot requires USER to be numeric -USER 65532:65532 -CMD ["index.js"] diff --git a/examples/azure-identity/node/Makefile b/examples/azure-identity/node/Makefile deleted file mode 100644 index 199b202f8..000000000 --- a/examples/azure-identity/node/Makefile +++ /dev/null @@ -1,39 +0,0 @@ -REGISTRY ?= ghcr.io/azure/azure-workload-identity -IMAGE_NAME := azid-node -IMAGE_VERSION ?= latest - -DEMO_IMAGE := $(REGISTRY)/$(IMAGE_NAME):$(IMAGE_VERSION) - -## -------------------------------------- -## Images -## -------------------------------------- - -# Output type of docker buildx build -OUTPUT_TYPE ?= type=registry - -ALL_OS = linux -ALL_ARCH.linux = amd64 arm64 -ALL_OS_ARCH.linux = $(foreach arch, ${ALL_ARCH.linux}, linux-$(arch)) -ALL_OS_ARCH = $(foreach os, $(ALL_OS), ${ALL_OS_ARCH.${os}}) - -# The architecture of the image -ARCH ?= amd64 - -.PHONY: container-linux -container-linux: - docker buildx build \ - --output=$(OUTPUT_TYPE) \ - --platform="linux/$(ARCH)" \ - --tag=$(DEMO_IMAGE)-linux-$(ARCH) . - -.PHONY: container-all -container-all: - for arch in $(ALL_ARCH.linux); do \ - ARCH=$${arch} $(MAKE) container-linux; \ - done - -.PHONY: push-manifest -push-manifest: - docker manifest create --amend $(DEMO_IMAGE) $(foreach osarch, $(ALL_OS_ARCH), $(DEMO_IMAGE)-${osarch}) - for arch in $(ALL_ARCH.linux); do docker manifest annotate --os linux --arch $${arch} $(DEMO_IMAGE) $(DEMO_IMAGE)-linux-$${arch}; done; \ - docker manifest push --purge $(DEMO_IMAGE) diff --git a/examples/azure-identity/node/index.js b/examples/azure-identity/node/index.js deleted file mode 100644 index dc710692f..000000000 --- a/examples/azure-identity/node/index.js +++ /dev/null @@ -1,24 +0,0 @@ -/** - * @summary Uses a SecretClient and DefaultAzureCredential to get a secret from a Key Vault. - */ - -import { DefaultAzureCredential } from "@azure/identity"; -import { SecretClient } from "@azure/keyvault-secrets"; - -const main = async () => { - const keyvaultURL = process.env["KEYVAULT_URL"]; - const secretName = process.env["SECRET_NAME"]; - - // DefaultAzureCredential will use the environment variables injected by the Azure Workload Identity - // mutating webhook to authenticate with Azure Key Vault. - const credential = new DefaultAzureCredential(); - const client = new SecretClient(keyvaultURL, credential); - - const secret = await client.getSecret(secretName); - console.log(`successfully got secret, secret=${secret.value}`); -} - -main().catch((error) => { - console.error("An error occurred:", error); - process.exit(1); -}); diff --git a/examples/azure-identity/node/package-lock.json b/examples/azure-identity/node/package-lock.json deleted file mode 100644 index 52c06a2c1..000000000 --- a/examples/azure-identity/node/package-lock.json +++ /dev/null @@ -1,955 +0,0 @@ -{ - "name": "@azure-workload-identity-sample/azid-node", - "version": "0.0.1", - "lockfileVersion": 2, - "requires": true, - "packages": { - "": { - "name": "@azure-workload-identity-sample/azid-node", - "version": "0.0.1", - "dependencies": { - "@azure/identity": "^3.2.2", - "@azure/keyvault-secrets": "^4.7.0" - } - }, - "node_modules/@azure/abort-controller": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@azure/abort-controller/-/abort-controller-1.1.0.tgz", - "integrity": "sha512-TrRLIoSQVzfAJX9H1JeFjzAoDGcoK1IYX1UImfceTZpsyYfWr09Ss1aHW1y5TrrR3iq6RZLBwJ3E24uwPhwahw==", - "dependencies": { - "tslib": "^2.2.0" - }, - "engines": { - "node": ">=12.0.0" - } - }, - "node_modules/@azure/core-auth": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/@azure/core-auth/-/core-auth-1.4.0.tgz", - "integrity": "sha512-HFrcTgmuSuukRf/EdPmqBrc5l6Q5Uu+2TbuhaKbgaCpP2TfAeiNaQPAadxO+CYBRHGUzIDteMAjFspFLDLnKVQ==", - "dependencies": { - "@azure/abort-controller": "^1.0.0", - "tslib": "^2.2.0" - }, - "engines": { - "node": ">=12.0.0" - } - }, - "node_modules/@azure/core-client": { - "version": "1.6.1", - "resolved": "https://registry.npmjs.org/@azure/core-client/-/core-client-1.6.1.tgz", - "integrity": "sha512-mZ1MSKhZBYoV8GAWceA+PEJFWV2VpdNSpxxcj1wjIAOi00ykRuIQChT99xlQGZWLY3/NApWhSImlFwsmCEs4vA==", - "dependencies": { - "@azure/abort-controller": "^1.0.0", - "@azure/core-auth": "^1.4.0", - "@azure/core-rest-pipeline": "^1.9.1", - "@azure/core-tracing": "^1.0.0", - "@azure/core-util": "^1.0.0", - "@azure/logger": "^1.0.0", - "tslib": "^2.2.0" - }, - "engines": { - "node": ">=12.0.0" - } - }, - "node_modules/@azure/core-http-compat": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/@azure/core-http-compat/-/core-http-compat-1.3.0.tgz", - "integrity": "sha512-ZN9avruqbQ5TxopzG3ih3KRy52n8OAbitX3fnZT5go4hzu0J+KVPSzkL+Wt3hpJpdG8WIfg1sBD1tWkgUdEpBA==", - "dependencies": { - "@azure/abort-controller": "^1.0.4", - "@azure/core-client": "^1.3.0", - "@azure/core-rest-pipeline": "^1.3.0" - }, - "engines": { - "node": ">=12.0.0" - } - }, - "node_modules/@azure/core-lro": { - "version": "2.4.0", - "resolved": "https://registry.npmjs.org/@azure/core-lro/-/core-lro-2.4.0.tgz", - "integrity": "sha512-F65+rYkll1dpw3RGm8/SSiSj+/QkMeYDanzS/QKlM1dmuneVyXbO46C88V1MRHluLGdMP6qfD3vDRYALn0z0tQ==", - "dependencies": { - "@azure/abort-controller": "^1.0.0", - "@azure/logger": "^1.0.0", - "tslib": "^2.2.0" - }, - "engines": { - "node": ">=12.0.0" - } - }, - "node_modules/@azure/core-paging": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/@azure/core-paging/-/core-paging-1.3.0.tgz", - "integrity": "sha512-H6Tg9eBm0brHqLy0OSAGzxIh1t4UL8eZVrSUMJ60Ra9cwq2pOskFqVpz2pYoHDsBY1jZ4V/P8LRGb5D5pmC6rg==", - "dependencies": { - "tslib": "^2.2.0" - }, - "engines": { - "node": ">=12.0.0" - } - }, - "node_modules/@azure/core-rest-pipeline": { - "version": "1.9.2", - "resolved": "https://registry.npmjs.org/@azure/core-rest-pipeline/-/core-rest-pipeline-1.9.2.tgz", - "integrity": "sha512-8rXI6ircjenaLp+PkOFpo37tQ1PQfztZkfVj97BIF3RPxHAsoVSgkJtu3IK/bUEWcb7HzXSoyBe06M7ODRkRyw==", - "dependencies": { - "@azure/abort-controller": "^1.0.0", - "@azure/core-auth": "^1.4.0", - "@azure/core-tracing": "^1.0.1", - "@azure/core-util": "^1.0.0", - "@azure/logger": "^1.0.0", - "form-data": "^4.0.0", - "http-proxy-agent": "^5.0.0", - "https-proxy-agent": "^5.0.0", - "tslib": "^2.2.0", - "uuid": "^8.3.0" - }, - "engines": { - "node": ">=12.0.0" - } - }, - "node_modules/@azure/core-tracing": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/@azure/core-tracing/-/core-tracing-1.0.1.tgz", - "integrity": "sha512-I5CGMoLtX+pI17ZdiFJZgxMJApsK6jjfm85hpgp3oazCdq5Wxgh4wMr7ge/TTWW1B5WBuvIOI1fMU/FrOAMKrw==", - "dependencies": { - "tslib": "^2.2.0" - }, - "engines": { - "node": ">=12.0.0" - } - }, - "node_modules/@azure/core-util": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@azure/core-util/-/core-util-1.1.0.tgz", - "integrity": "sha512-+i93lNJNA3Pl3KSuC6xKP2jTL4YFeDfO6VNOaYdk0cppZcLCxt811gS878VsqsCisaltdhl9lhMzK5kbxCiF4w==", - "dependencies": { - "tslib": "^2.2.0" - }, - "engines": { - "node": ">=12.0.0" - } - }, - "node_modules/@azure/identity": { - "version": "3.2.2", - "resolved": "https://registry.npmjs.org/@azure/identity/-/identity-3.2.2.tgz", - "integrity": "sha512-1xspoCfluAQUZmmWdPUNuiweIjE/ckZtR4gcnDbB2NMr36fk9MwXWaVJ7m1NKhOSz2RgMMLVUvZ2AISGcaAOTA==", - "dependencies": { - "@azure/abort-controller": "^1.0.0", - "@azure/core-auth": "^1.3.0", - "@azure/core-client": "^1.4.0", - "@azure/core-rest-pipeline": "^1.1.0", - "@azure/core-tracing": "^1.0.0", - "@azure/core-util": "^1.0.0", - "@azure/logger": "^1.0.0", - "@azure/msal-browser": "^2.32.2", - "@azure/msal-common": "^9.0.2", - "@azure/msal-node": "^1.14.6", - "events": "^3.0.0", - "jws": "^4.0.0", - "open": "^8.0.0", - "stoppable": "^1.1.0", - "tslib": "^2.2.0", - "uuid": "^8.3.0" - }, - "engines": { - "node": ">=14.0.0" - } - }, - "node_modules/@azure/keyvault-secrets": { - "version": "4.7.0", - "resolved": "https://registry.npmjs.org/@azure/keyvault-secrets/-/keyvault-secrets-4.7.0.tgz", - "integrity": "sha512-YvlFXRQ+SI5NT4GtSFbb6HGo6prW3yzDab8tr6vga2/SjDQew3wJsCAAr/xwZz6XshFXCYEX26CDKmPf+SJKJg==", - "dependencies": { - "@azure/abort-controller": "^1.0.0", - "@azure/core-auth": "^1.3.0", - "@azure/core-client": "^1.5.0", - "@azure/core-http-compat": "^1.3.0", - "@azure/core-lro": "^2.2.0", - "@azure/core-paging": "^1.1.1", - "@azure/core-rest-pipeline": "^1.8.0", - "@azure/core-tracing": "^1.0.0", - "@azure/core-util": "^1.0.0", - "@azure/logger": "^1.0.0", - "tslib": "^2.2.0" - }, - "engines": { - "node": ">=14.0.0" - } - }, - "node_modules/@azure/logger": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/@azure/logger/-/logger-1.0.3.tgz", - "integrity": "sha512-aK4s3Xxjrx3daZr3VylxejK3vG5ExXck5WOHDJ8in/k9AqlfIyFMMT1uG7u8mNjX+QRILTIn0/Xgschfh/dQ9g==", - "dependencies": { - "tslib": "^2.2.0" - }, - "engines": { - "node": ">=12.0.0" - } - }, - "node_modules/@azure/msal-browser": { - "version": "2.37.0", - "resolved": "https://registry.npmjs.org/@azure/msal-browser/-/msal-browser-2.37.0.tgz", - "integrity": "sha512-YNGD/W/tw/5wDWlXOfmrVILaxVsorVLxYU2ovmL1PDvxkdudbQRyGk/76l4emqgDAl/kPQeqyivxjOU6w1YfvQ==", - "dependencies": { - "@azure/msal-common": "13.0.0" - }, - "engines": { - "node": ">=0.8.0" - } - }, - "node_modules/@azure/msal-browser/node_modules/@azure/msal-common": { - "version": "13.0.0", - "resolved": "https://registry.npmjs.org/@azure/msal-common/-/msal-common-13.0.0.tgz", - "integrity": "sha512-GqCOg5H5bouvLij9NFXFkh+asRRxsPBRwnTDsfK7o0KcxYHJbuidKw8/VXpycahGXNxgtuhqtK/n5he+5NhyEA==", - "engines": { - "node": ">=0.8.0" - } - }, - "node_modules/@azure/msal-common": { - "version": "9.1.1", - "resolved": "https://registry.npmjs.org/@azure/msal-common/-/msal-common-9.1.1.tgz", - "integrity": "sha512-we9xR8lvu47fF0h+J8KyXoRy9+G/fPzm3QEa2TrdR3jaVS3LKAyE2qyMuUkNdbVkvzl8Zr9f7l+IUSP22HeqXw==", - "engines": { - "node": ">=0.8.0" - } - }, - "node_modules/@azure/msal-node": { - "version": "1.14.6", - "resolved": "https://registry.npmjs.org/@azure/msal-node/-/msal-node-1.14.6.tgz", - "integrity": "sha512-em/qqFL5tLMxMPl9vormAs13OgZpmQoJbiQ/GlWr+BA77eCLoL+Ehr5xRHowYo+LFe5b+p+PJVkRvT+mLvOkwA==", - "dependencies": { - "@azure/msal-common": "^9.0.2", - "jsonwebtoken": "^9.0.0", - "uuid": "^8.3.0" - }, - "engines": { - "node": "10 || 12 || 14 || 16 || 18" - } - }, - "node_modules/@tootallnate/once": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/@tootallnate/once/-/once-2.0.0.tgz", - "integrity": "sha512-XCuKFP5PS55gnMVu3dty8KPatLqUoy/ZYzDzAGCQ8JNFCkLXzmI7vNHCR+XpbZaMWQK/vQubr7PkYq8g470J/A==", - "engines": { - "node": ">= 10" - } - }, - "node_modules/agent-base": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-6.0.2.tgz", - "integrity": "sha512-RZNwNclF7+MS/8bDg70amg32dyeZGZxiDuQmZxKLAlQjr3jGyLx+4Kkk58UO7D2QdgFIQCovuSuZESne6RG6XQ==", - "dependencies": { - "debug": "4" - }, - "engines": { - "node": ">= 6.0.0" - } - }, - "node_modules/asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" - }, - "node_modules/buffer-equal-constant-time": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/buffer-equal-constant-time/-/buffer-equal-constant-time-1.0.1.tgz", - "integrity": "sha512-zRpUiDwd/xk6ADqPMATG8vc9VPrkck7T07OIx0gnjmJAnHnTVXNQG3vfvWNuiZIkwu9KrKdA1iJKfsfTVxE6NA==" - }, - "node_modules/combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "dependencies": { - "delayed-stream": "~1.0.0" - }, - "engines": { - "node": ">= 0.8" - } - }, - "node_modules/debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", - "dependencies": { - "ms": "2.1.2" - }, - "engines": { - "node": ">=6.0" - }, - "peerDependenciesMeta": { - "supports-color": { - "optional": true - } - } - }, - "node_modules/define-lazy-prop": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/define-lazy-prop/-/define-lazy-prop-2.0.0.tgz", - "integrity": "sha512-Ds09qNh8yw3khSjiJjiUInaGX9xlqZDY7JVryGxdxV7NPeuqQfplOpQ66yJFZut3jLa5zOwkXw1g9EI2uKh4Og==", - "engines": { - "node": ">=8" - } - }, - "node_modules/delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==", - "engines": { - "node": ">=0.4.0" - } - }, - "node_modules/ecdsa-sig-formatter": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.11.tgz", - "integrity": "sha512-nagl3RYrbNv6kQkeJIpt6NJZy8twLB/2vtz6yN9Z4vRKHN4/QZJIEbqohALSgwKdnksuY3k5Addp5lg8sVoVcQ==", - "dependencies": { - "safe-buffer": "^5.0.1" - } - }, - "node_modules/events": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/events/-/events-3.3.0.tgz", - "integrity": "sha512-mQw+2fkQbALzQ7V0MY0IqdnXNOeTtP4r0lN9z7AAawCXgqea7bDii20AYrIBrFd/Hx0M2Ocz6S111CaFkUcb0Q==", - "engines": { - "node": ">=0.8.x" - } - }, - "node_modules/form-data": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz", - "integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==", - "dependencies": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.8", - "mime-types": "^2.1.12" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/http-proxy-agent": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/http-proxy-agent/-/http-proxy-agent-5.0.0.tgz", - "integrity": "sha512-n2hY8YdoRE1i7r6M0w9DIw5GgZN0G25P8zLCRQ8rjXtTU3vsNFBI/vWK/UIeE6g5MUUz6avwAPXmL6Fy9D/90w==", - "dependencies": { - "@tootallnate/once": "2", - "agent-base": "6", - "debug": "4" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/https-proxy-agent": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-5.0.1.tgz", - "integrity": "sha512-dFcAjpTQFgoLMzC2VwU+C/CbS7uRL0lWmxDITmqm7C+7F0Odmj6s9l6alZc6AELXhrnggM2CeWSXHGOdX2YtwA==", - "dependencies": { - "agent-base": "6", - "debug": "4" - }, - "engines": { - "node": ">= 6" - } - }, - "node_modules/is-docker": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/is-docker/-/is-docker-2.2.1.tgz", - "integrity": "sha512-F+i2BKsFrH66iaUFc0woD8sLy8getkwTwtOBjvs56Cx4CgJDeKQeqfz8wAYiSb8JOprWhHH5p77PbmYCvvUuXQ==", - "bin": { - "is-docker": "cli.js" - }, - "engines": { - "node": ">=8" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/is-wsl": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/is-wsl/-/is-wsl-2.2.0.tgz", - "integrity": "sha512-fKzAra0rGJUUBwGBgNkHZuToZcn+TtXHpeCgmkMJMMYx1sQDYaCSyjJBSCa2nH1DGm7s3n1oBnohoVTBaN7Lww==", - "dependencies": { - "is-docker": "^2.0.0" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/jsonwebtoken": { - "version": "9.0.0", - "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-9.0.0.tgz", - "integrity": "sha512-tuGfYXxkQGDPnLJ7SibiQgVgeDgfbPq2k2ICcbgqW8WxWLBAxKQM/ZCu/IT8SOSwmaYl4dpTFCW5xZv7YbbWUw==", - "dependencies": { - "jws": "^3.2.2", - "lodash": "^4.17.21", - "ms": "^2.1.1", - "semver": "^7.3.8" - }, - "engines": { - "node": ">=12", - "npm": ">=6" - } - }, - "node_modules/jsonwebtoken/node_modules/jwa": { - "version": "1.4.1", - "resolved": "https://registry.npmjs.org/jwa/-/jwa-1.4.1.tgz", - "integrity": "sha512-qiLX/xhEEFKUAJ6FiBMbes3w9ATzyk5W7Hvzpa/SLYdxNtng+gcurvrI7TbACjIXlsJyr05/S1oUhZrc63evQA==", - "dependencies": { - "buffer-equal-constant-time": "1.0.1", - "ecdsa-sig-formatter": "1.0.11", - "safe-buffer": "^5.0.1" - } - }, - "node_modules/jsonwebtoken/node_modules/jws": { - "version": "3.2.2", - "resolved": "https://registry.npmjs.org/jws/-/jws-3.2.2.tgz", - "integrity": "sha512-YHlZCB6lMTllWDtSPHz/ZXTsi8S00usEV6v1tjq8tOUZzw7DpSDWVXjXDre6ed1w/pd495ODpHZYSdkRTsa0HA==", - "dependencies": { - "jwa": "^1.4.1", - "safe-buffer": "^5.0.1" - } - }, - "node_modules/jwa": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/jwa/-/jwa-2.0.0.tgz", - "integrity": "sha512-jrZ2Qx916EA+fq9cEAeCROWPTfCwi1IVHqT2tapuqLEVVDKFDENFw1oL+MwrTvH6msKxsd1YTDVw6uKEcsrLEA==", - "dependencies": { - "buffer-equal-constant-time": "1.0.1", - "ecdsa-sig-formatter": "1.0.11", - "safe-buffer": "^5.0.1" - } - }, - "node_modules/jws": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/jws/-/jws-4.0.0.tgz", - "integrity": "sha512-KDncfTmOZoOMTFG4mBlG0qUIOlc03fmzH+ru6RgYVZhPkyiy/92Owlt/8UEN+a4TXR1FQetfIpJE8ApdvdVxTg==", - "dependencies": { - "jwa": "^2.0.0", - "safe-buffer": "^5.0.1" - } - }, - "node_modules/lodash": { - "version": "4.17.21", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", - "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" - }, - "node_modules/lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/mime-db": { - "version": "1.52.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", - "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==", - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/mime-types": { - "version": "2.1.35", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", - "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", - "dependencies": { - "mime-db": "1.52.0" - }, - "engines": { - "node": ">= 0.6" - } - }, - "node_modules/ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" - }, - "node_modules/open": { - "version": "8.4.0", - "resolved": "https://registry.npmjs.org/open/-/open-8.4.0.tgz", - "integrity": "sha512-XgFPPM+B28FtCCgSb9I+s9szOC1vZRSwgWsRUA5ylIxRTgKozqjOCrVOqGsYABPYK5qnfqClxZTFBa8PKt2v6Q==", - "dependencies": { - "define-lazy-prop": "^2.0.0", - "is-docker": "^2.1.1", - "is-wsl": "^2.2.0" - }, - "engines": { - "node": ">=12" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/safe-buffer": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", - "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==", - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/feross" - }, - { - "type": "patreon", - "url": "https://www.patreon.com/feross" - }, - { - "type": "consulting", - "url": "https://feross.org/support" - } - ] - }, - "node_modules/semver": { - "version": "7.3.8", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.8.tgz", - "integrity": "sha512-NB1ctGL5rlHrPJtFDVIVzTyQylMLu9N9VICA6HSFJo8MCGVTMW6gfpicwKmmK/dAjTOrqu5l63JJOpDSrAis3A==", - "dependencies": { - "lru-cache": "^6.0.0" - }, - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/stoppable": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/stoppable/-/stoppable-1.1.0.tgz", - "integrity": "sha512-KXDYZ9dszj6bzvnEMRYvxgeTHU74QBFL54XKtP3nyMuJ81CFYtABZ3bAzL2EdFUaEwJOBOgENyFj3R7oTzDyyw==", - "engines": { - "node": ">=4", - "npm": ">=6" - } - }, - "node_modules/tslib": { - "version": "2.4.0", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.4.0.tgz", - "integrity": "sha512-d6xOpEDfsi2CZVlPQzGeux8XMwLT9hssAsaPYExaQMuYskwb+x1x7J371tWlbBdWHroy99KnVB6qIkUbs5X3UQ==" - }, - "node_modules/uuid": { - "version": "8.3.2", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", - "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", - "bin": { - "uuid": "dist/bin/uuid" - } - }, - "node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" - } - }, - "dependencies": { - "@azure/abort-controller": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@azure/abort-controller/-/abort-controller-1.1.0.tgz", - "integrity": "sha512-TrRLIoSQVzfAJX9H1JeFjzAoDGcoK1IYX1UImfceTZpsyYfWr09Ss1aHW1y5TrrR3iq6RZLBwJ3E24uwPhwahw==", - "requires": { - "tslib": "^2.2.0" - } - }, - "@azure/core-auth": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/@azure/core-auth/-/core-auth-1.4.0.tgz", - "integrity": "sha512-HFrcTgmuSuukRf/EdPmqBrc5l6Q5Uu+2TbuhaKbgaCpP2TfAeiNaQPAadxO+CYBRHGUzIDteMAjFspFLDLnKVQ==", - "requires": { - "@azure/abort-controller": "^1.0.0", - "tslib": "^2.2.0" - } - }, - "@azure/core-client": { - "version": "1.6.1", - "resolved": "https://registry.npmjs.org/@azure/core-client/-/core-client-1.6.1.tgz", - "integrity": "sha512-mZ1MSKhZBYoV8GAWceA+PEJFWV2VpdNSpxxcj1wjIAOi00ykRuIQChT99xlQGZWLY3/NApWhSImlFwsmCEs4vA==", - "requires": { - "@azure/abort-controller": "^1.0.0", - "@azure/core-auth": "^1.4.0", - "@azure/core-rest-pipeline": "^1.9.1", - "@azure/core-tracing": "^1.0.0", - "@azure/core-util": "^1.0.0", - "@azure/logger": "^1.0.0", - "tslib": "^2.2.0" - } - }, - "@azure/core-http-compat": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/@azure/core-http-compat/-/core-http-compat-1.3.0.tgz", - "integrity": "sha512-ZN9avruqbQ5TxopzG3ih3KRy52n8OAbitX3fnZT5go4hzu0J+KVPSzkL+Wt3hpJpdG8WIfg1sBD1tWkgUdEpBA==", - "requires": { - "@azure/abort-controller": "^1.0.4", - "@azure/core-client": "^1.3.0", - "@azure/core-rest-pipeline": "^1.3.0" - } - }, - "@azure/core-lro": { - "version": "2.4.0", - "resolved": "https://registry.npmjs.org/@azure/core-lro/-/core-lro-2.4.0.tgz", - "integrity": "sha512-F65+rYkll1dpw3RGm8/SSiSj+/QkMeYDanzS/QKlM1dmuneVyXbO46C88V1MRHluLGdMP6qfD3vDRYALn0z0tQ==", - "requires": { - "@azure/abort-controller": "^1.0.0", - "@azure/logger": "^1.0.0", - "tslib": "^2.2.0" - } - }, - "@azure/core-paging": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/@azure/core-paging/-/core-paging-1.3.0.tgz", - "integrity": "sha512-H6Tg9eBm0brHqLy0OSAGzxIh1t4UL8eZVrSUMJ60Ra9cwq2pOskFqVpz2pYoHDsBY1jZ4V/P8LRGb5D5pmC6rg==", - "requires": { - "tslib": "^2.2.0" - } - }, - "@azure/core-rest-pipeline": { - "version": "1.9.2", - "resolved": "https://registry.npmjs.org/@azure/core-rest-pipeline/-/core-rest-pipeline-1.9.2.tgz", - "integrity": "sha512-8rXI6ircjenaLp+PkOFpo37tQ1PQfztZkfVj97BIF3RPxHAsoVSgkJtu3IK/bUEWcb7HzXSoyBe06M7ODRkRyw==", - "requires": { - "@azure/abort-controller": "^1.0.0", - "@azure/core-auth": "^1.4.0", - "@azure/core-tracing": "^1.0.1", - "@azure/core-util": "^1.0.0", - "@azure/logger": "^1.0.0", - "form-data": "^4.0.0", - "http-proxy-agent": "^5.0.0", - "https-proxy-agent": "^5.0.0", - "tslib": "^2.2.0", - "uuid": "^8.3.0" - } - }, - "@azure/core-tracing": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/@azure/core-tracing/-/core-tracing-1.0.1.tgz", - "integrity": "sha512-I5CGMoLtX+pI17ZdiFJZgxMJApsK6jjfm85hpgp3oazCdq5Wxgh4wMr7ge/TTWW1B5WBuvIOI1fMU/FrOAMKrw==", - "requires": { - "tslib": "^2.2.0" - } - }, - "@azure/core-util": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@azure/core-util/-/core-util-1.1.0.tgz", - "integrity": "sha512-+i93lNJNA3Pl3KSuC6xKP2jTL4YFeDfO6VNOaYdk0cppZcLCxt811gS878VsqsCisaltdhl9lhMzK5kbxCiF4w==", - "requires": { - "tslib": "^2.2.0" - } - }, - "@azure/identity": { - "version": "3.2.2", - "resolved": "https://registry.npmjs.org/@azure/identity/-/identity-3.2.2.tgz", - "integrity": "sha512-1xspoCfluAQUZmmWdPUNuiweIjE/ckZtR4gcnDbB2NMr36fk9MwXWaVJ7m1NKhOSz2RgMMLVUvZ2AISGcaAOTA==", - "requires": { - "@azure/abort-controller": "^1.0.0", - "@azure/core-auth": "^1.3.0", - "@azure/core-client": "^1.4.0", - "@azure/core-rest-pipeline": "^1.1.0", - "@azure/core-tracing": "^1.0.0", - "@azure/core-util": "^1.0.0", - "@azure/logger": "^1.0.0", - "@azure/msal-browser": "^2.32.2", - "@azure/msal-common": "^9.0.2", - "@azure/msal-node": "^1.14.6", - "events": "^3.0.0", - "jws": "^4.0.0", - "open": "^8.0.0", - "stoppable": "^1.1.0", - "tslib": "^2.2.0", - "uuid": "^8.3.0" - } - }, - "@azure/keyvault-secrets": { - "version": "4.7.0", - "resolved": "https://registry.npmjs.org/@azure/keyvault-secrets/-/keyvault-secrets-4.7.0.tgz", - "integrity": "sha512-YvlFXRQ+SI5NT4GtSFbb6HGo6prW3yzDab8tr6vga2/SjDQew3wJsCAAr/xwZz6XshFXCYEX26CDKmPf+SJKJg==", - "requires": { - "@azure/abort-controller": "^1.0.0", - "@azure/core-auth": "^1.3.0", - "@azure/core-client": "^1.5.0", - "@azure/core-http-compat": "^1.3.0", - "@azure/core-lro": "^2.2.0", - "@azure/core-paging": "^1.1.1", - "@azure/core-rest-pipeline": "^1.8.0", - "@azure/core-tracing": "^1.0.0", - "@azure/core-util": "^1.0.0", - "@azure/logger": "^1.0.0", - "tslib": "^2.2.0" - } - }, - "@azure/logger": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/@azure/logger/-/logger-1.0.3.tgz", - "integrity": "sha512-aK4s3Xxjrx3daZr3VylxejK3vG5ExXck5WOHDJ8in/k9AqlfIyFMMT1uG7u8mNjX+QRILTIn0/Xgschfh/dQ9g==", - "requires": { - "tslib": "^2.2.0" - } - }, - "@azure/msal-browser": { - "version": "2.37.0", - "resolved": "https://registry.npmjs.org/@azure/msal-browser/-/msal-browser-2.37.0.tgz", - "integrity": "sha512-YNGD/W/tw/5wDWlXOfmrVILaxVsorVLxYU2ovmL1PDvxkdudbQRyGk/76l4emqgDAl/kPQeqyivxjOU6w1YfvQ==", - "requires": { - "@azure/msal-common": "13.0.0" - }, - "dependencies": { - "@azure/msal-common": { - "version": "13.0.0", - "resolved": "https://registry.npmjs.org/@azure/msal-common/-/msal-common-13.0.0.tgz", - "integrity": "sha512-GqCOg5H5bouvLij9NFXFkh+asRRxsPBRwnTDsfK7o0KcxYHJbuidKw8/VXpycahGXNxgtuhqtK/n5he+5NhyEA==" - } - } - }, - "@azure/msal-common": { - "version": "9.1.1", - "resolved": "https://registry.npmjs.org/@azure/msal-common/-/msal-common-9.1.1.tgz", - "integrity": "sha512-we9xR8lvu47fF0h+J8KyXoRy9+G/fPzm3QEa2TrdR3jaVS3LKAyE2qyMuUkNdbVkvzl8Zr9f7l+IUSP22HeqXw==" - }, - "@azure/msal-node": { - "version": "1.14.6", - "resolved": "https://registry.npmjs.org/@azure/msal-node/-/msal-node-1.14.6.tgz", - "integrity": "sha512-em/qqFL5tLMxMPl9vormAs13OgZpmQoJbiQ/GlWr+BA77eCLoL+Ehr5xRHowYo+LFe5b+p+PJVkRvT+mLvOkwA==", - "requires": { - "@azure/msal-common": "^9.0.2", - "jsonwebtoken": "^9.0.0", - "uuid": "^8.3.0" - } - }, - "@tootallnate/once": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/@tootallnate/once/-/once-2.0.0.tgz", - "integrity": "sha512-XCuKFP5PS55gnMVu3dty8KPatLqUoy/ZYzDzAGCQ8JNFCkLXzmI7vNHCR+XpbZaMWQK/vQubr7PkYq8g470J/A==" - }, - "agent-base": { - "version": "6.0.2", - "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-6.0.2.tgz", - "integrity": "sha512-RZNwNclF7+MS/8bDg70amg32dyeZGZxiDuQmZxKLAlQjr3jGyLx+4Kkk58UO7D2QdgFIQCovuSuZESne6RG6XQ==", - "requires": { - "debug": "4" - } - }, - "asynckit": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", - "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" - }, - "buffer-equal-constant-time": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/buffer-equal-constant-time/-/buffer-equal-constant-time-1.0.1.tgz", - "integrity": "sha512-zRpUiDwd/xk6ADqPMATG8vc9VPrkck7T07OIx0gnjmJAnHnTVXNQG3vfvWNuiZIkwu9KrKdA1iJKfsfTVxE6NA==" - }, - "combined-stream": { - "version": "1.0.8", - "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", - "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", - "requires": { - "delayed-stream": "~1.0.0" - } - }, - "debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", - "requires": { - "ms": "2.1.2" - } - }, - "define-lazy-prop": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/define-lazy-prop/-/define-lazy-prop-2.0.0.tgz", - "integrity": "sha512-Ds09qNh8yw3khSjiJjiUInaGX9xlqZDY7JVryGxdxV7NPeuqQfplOpQ66yJFZut3jLa5zOwkXw1g9EI2uKh4Og==" - }, - "delayed-stream": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", - "integrity": "sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ==" - }, - "ecdsa-sig-formatter": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.11.tgz", - "integrity": "sha512-nagl3RYrbNv6kQkeJIpt6NJZy8twLB/2vtz6yN9Z4vRKHN4/QZJIEbqohALSgwKdnksuY3k5Addp5lg8sVoVcQ==", - "requires": { - "safe-buffer": "^5.0.1" - } - }, - "events": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/events/-/events-3.3.0.tgz", - "integrity": "sha512-mQw+2fkQbALzQ7V0MY0IqdnXNOeTtP4r0lN9z7AAawCXgqea7bDii20AYrIBrFd/Hx0M2Ocz6S111CaFkUcb0Q==" - }, - "form-data": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz", - "integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==", - "requires": { - "asynckit": "^0.4.0", - "combined-stream": "^1.0.8", - "mime-types": "^2.1.12" - } - }, - "http-proxy-agent": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/http-proxy-agent/-/http-proxy-agent-5.0.0.tgz", - "integrity": "sha512-n2hY8YdoRE1i7r6M0w9DIw5GgZN0G25P8zLCRQ8rjXtTU3vsNFBI/vWK/UIeE6g5MUUz6avwAPXmL6Fy9D/90w==", - "requires": { - "@tootallnate/once": "2", - "agent-base": "6", - "debug": "4" - } - }, - "https-proxy-agent": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-5.0.1.tgz", - "integrity": "sha512-dFcAjpTQFgoLMzC2VwU+C/CbS7uRL0lWmxDITmqm7C+7F0Odmj6s9l6alZc6AELXhrnggM2CeWSXHGOdX2YtwA==", - "requires": { - "agent-base": "6", - "debug": "4" - } - }, - "is-docker": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/is-docker/-/is-docker-2.2.1.tgz", - "integrity": "sha512-F+i2BKsFrH66iaUFc0woD8sLy8getkwTwtOBjvs56Cx4CgJDeKQeqfz8wAYiSb8JOprWhHH5p77PbmYCvvUuXQ==" - }, - "is-wsl": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/is-wsl/-/is-wsl-2.2.0.tgz", - "integrity": "sha512-fKzAra0rGJUUBwGBgNkHZuToZcn+TtXHpeCgmkMJMMYx1sQDYaCSyjJBSCa2nH1DGm7s3n1oBnohoVTBaN7Lww==", - "requires": { - "is-docker": "^2.0.0" - } - }, - "jsonwebtoken": { - "version": "9.0.0", - "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-9.0.0.tgz", - "integrity": "sha512-tuGfYXxkQGDPnLJ7SibiQgVgeDgfbPq2k2ICcbgqW8WxWLBAxKQM/ZCu/IT8SOSwmaYl4dpTFCW5xZv7YbbWUw==", - "requires": { - "jws": "^3.2.2", - "lodash": "^4.17.21", - "ms": "^2.1.1", - "semver": "^7.3.8" - }, - "dependencies": { - "jwa": { - "version": "1.4.1", - "resolved": "https://registry.npmjs.org/jwa/-/jwa-1.4.1.tgz", - "integrity": "sha512-qiLX/xhEEFKUAJ6FiBMbes3w9ATzyk5W7Hvzpa/SLYdxNtng+gcurvrI7TbACjIXlsJyr05/S1oUhZrc63evQA==", - "requires": { - "buffer-equal-constant-time": "1.0.1", - "ecdsa-sig-formatter": "1.0.11", - "safe-buffer": "^5.0.1" - } - }, - "jws": { - "version": "3.2.2", - "resolved": "https://registry.npmjs.org/jws/-/jws-3.2.2.tgz", - "integrity": "sha512-YHlZCB6lMTllWDtSPHz/ZXTsi8S00usEV6v1tjq8tOUZzw7DpSDWVXjXDre6ed1w/pd495ODpHZYSdkRTsa0HA==", - "requires": { - "jwa": "^1.4.1", - "safe-buffer": "^5.0.1" - } - } - } - }, - "jwa": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/jwa/-/jwa-2.0.0.tgz", - "integrity": "sha512-jrZ2Qx916EA+fq9cEAeCROWPTfCwi1IVHqT2tapuqLEVVDKFDENFw1oL+MwrTvH6msKxsd1YTDVw6uKEcsrLEA==", - "requires": { - "buffer-equal-constant-time": "1.0.1", - "ecdsa-sig-formatter": "1.0.11", - "safe-buffer": "^5.0.1" - } - }, - "jws": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/jws/-/jws-4.0.0.tgz", - "integrity": "sha512-KDncfTmOZoOMTFG4mBlG0qUIOlc03fmzH+ru6RgYVZhPkyiy/92Owlt/8UEN+a4TXR1FQetfIpJE8ApdvdVxTg==", - "requires": { - "jwa": "^2.0.0", - "safe-buffer": "^5.0.1" - } - }, - "lodash": { - "version": "4.17.21", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", - "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" - }, - "lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "requires": { - "yallist": "^4.0.0" - } - }, - "mime-db": { - "version": "1.52.0", - "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz", - "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg==" - }, - "mime-types": { - "version": "2.1.35", - "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz", - "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==", - "requires": { - "mime-db": "1.52.0" - } - }, - "ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" - }, - "open": { - "version": "8.4.0", - "resolved": "https://registry.npmjs.org/open/-/open-8.4.0.tgz", - "integrity": "sha512-XgFPPM+B28FtCCgSb9I+s9szOC1vZRSwgWsRUA5ylIxRTgKozqjOCrVOqGsYABPYK5qnfqClxZTFBa8PKt2v6Q==", - "requires": { - "define-lazy-prop": "^2.0.0", - "is-docker": "^2.1.1", - "is-wsl": "^2.2.0" - } - }, - "safe-buffer": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", - "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==" - }, - "semver": { - "version": "7.3.8", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.8.tgz", - "integrity": "sha512-NB1ctGL5rlHrPJtFDVIVzTyQylMLu9N9VICA6HSFJo8MCGVTMW6gfpicwKmmK/dAjTOrqu5l63JJOpDSrAis3A==", - "requires": { - "lru-cache": "^6.0.0" - } - }, - "stoppable": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/stoppable/-/stoppable-1.1.0.tgz", - "integrity": "sha512-KXDYZ9dszj6bzvnEMRYvxgeTHU74QBFL54XKtP3nyMuJ81CFYtABZ3bAzL2EdFUaEwJOBOgENyFj3R7oTzDyyw==" - }, - "tslib": { - "version": "2.4.0", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.4.0.tgz", - "integrity": "sha512-d6xOpEDfsi2CZVlPQzGeux8XMwLT9hssAsaPYExaQMuYskwb+x1x7J371tWlbBdWHroy99KnVB6qIkUbs5X3UQ==" - }, - "uuid": { - "version": "8.3.2", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", - "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==" - }, - "yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" - } - } -} diff --git a/examples/azure-identity/node/package.json b/examples/azure-identity/node/package.json deleted file mode 100644 index df15f9677..000000000 --- a/examples/azure-identity/node/package.json +++ /dev/null @@ -1,15 +0,0 @@ -{ - "name": "@azure-workload-identity-sample/azid-node", - "version": "0.0.1", - "description": "", - "main": "index.js", - "scripts": { - "start": "node index.js" - }, - "author": "aramase", - "type": "module", - "dependencies": { - "@azure/keyvault-secrets": "^4.7.0", - "@azure/identity": "^3.2.2" - } -} diff --git a/examples/azure-identity/python/Dockerfile b/examples/azure-identity/python/Dockerfile deleted file mode 100644 index 8dc188696..000000000 --- a/examples/azure-identity/python/Dockerfile +++ /dev/null @@ -1,23 +0,0 @@ -ARG BUILDER=debian:11-slim -ARG BASEIMAGE=gcr.io/distroless/python3-debian11 - -# ref: https://github.com/GoogleContainerTools/distroless/blob/main/examples/python3-requirements/Dockerfile -FROM ${BUILDER} AS build -RUN apt-get update && \ - apt-get install --no-install-suggests --no-install-recommends --yes python3-venv gcc libpython3-dev && \ - python3 -m venv /venv && \ - /venv/bin/pip install --upgrade pip setuptools wheel - -# Build the virtualenv as a separate step: Only re-execute this step when requirements.txt changes -FROM build AS build-venv -COPY requirements.txt /requirements.txt -RUN /venv/bin/pip install --disable-pip-version-check -r /requirements.txt - -# Copy the virtualenv into a distroless image -FROM ${BASEIMAGE} -COPY --from=build-venv /venv /venv -COPY . /app -WORKDIR /app -# Kubernetes runAsNonRoot requires USER to be numeric -USER 65532:65532 -ENTRYPOINT ["/venv/bin/python3", "main.py"] diff --git a/examples/azure-identity/python/Makefile b/examples/azure-identity/python/Makefile deleted file mode 100644 index 0c7a52bd8..000000000 --- a/examples/azure-identity/python/Makefile +++ /dev/null @@ -1,39 +0,0 @@ -REGISTRY ?= ghcr.io/azure/azure-workload-identity -IMAGE_NAME := azid-python -IMAGE_VERSION ?= latest - -DEMO_IMAGE := $(REGISTRY)/$(IMAGE_NAME):$(IMAGE_VERSION) - -## -------------------------------------- -## Images -## -------------------------------------- - -# Output type of docker buildx build -OUTPUT_TYPE ?= type=registry - -ALL_OS = linux -ALL_ARCH.linux = amd64 arm64 -ALL_OS_ARCH.linux = $(foreach arch, ${ALL_ARCH.linux}, linux-$(arch)) -ALL_OS_ARCH = $(foreach os, $(ALL_OS), ${ALL_OS_ARCH.${os}}) - -# The architecture of the image -ARCH ?= amd64 - -.PHONY: container-linux -container-linux: - docker buildx build \ - --output=$(OUTPUT_TYPE) \ - --platform="linux/$(ARCH)" \ - --tag=$(DEMO_IMAGE)-linux-$(ARCH) . - -.PHONY: container-all -container-all: - for arch in $(ALL_ARCH.linux); do \ - ARCH=$${arch} $(MAKE) container-linux; \ - done - -.PHONY: push-manifest -push-manifest: - docker manifest create --amend $(DEMO_IMAGE) $(foreach osarch, $(ALL_OS_ARCH), $(DEMO_IMAGE)-${osarch}) - for arch in $(ALL_ARCH.linux); do docker manifest annotate --os linux --arch $${arch} $(DEMO_IMAGE) $(DEMO_IMAGE)-linux-$${arch}; done; \ - docker manifest push --purge $(DEMO_IMAGE) diff --git a/examples/azure-identity/python/__init__.py b/examples/azure-identity/python/__init__.py deleted file mode 100644 index e69de29bb..000000000 diff --git a/examples/azure-identity/python/main.py b/examples/azure-identity/python/main.py deleted file mode 100644 index 9f4e563a2..000000000 --- a/examples/azure-identity/python/main.py +++ /dev/null @@ -1,18 +0,0 @@ -import os - -from azure.keyvault.secrets import SecretClient -from azure.identity import DefaultAzureCredential - -def main(): - keyvault_url = os.getenv('KEYVAULT_URL', '') - secret_name = os.getenv('SECRET_NAME', '') - - # create a secret client with the default credential - # DefaultAzureCredential will use the environment variables injected by the Azure Workload Identity - # mutating webhook to authenticate with Azure Key Vault. - keyvault_client = SecretClient(vault_url=keyvault_url, credential=DefaultAzureCredential()) - secret = keyvault_client.get_secret(secret_name) - print('successfully got secret, secret={}'.format(secret.value)) - -if __name__ == '__main__': - main() diff --git a/examples/azure-identity/python/requirements.txt b/examples/azure-identity/python/requirements.txt deleted file mode 100644 index aa04c9433..000000000 --- a/examples/azure-identity/python/requirements.txt +++ /dev/null @@ -1,2 +0,0 @@ -azure-keyvault-secrets==4.7.0 -azure-identity==1.13.0