azure credential

Signed-off-by: Wenkai Yin(尹文开) <yinw@vmware.com>
ywk253100 · Apr 11, 2024 · 5118f32 · 5118f32
1 parent 500e5ae
commit 5118f32
Showing 1 changed file with 17 additions and 33 deletions.
diff --git a/pkg/util/azure/credential.go b/pkg/util/azure/credential.go
@@ -26,54 +26,38 @@ import (
 	"github.com/pkg/errors"
 )
 
+// TODO update comment of the function
 // NewCredential chains the config credential , workload identity credential , managed identity credential
 func NewCredential(creds map[string]string, options policy.ClientOptions) (azcore.TokenCredential, error) {
-	var (
-		credential []azcore.TokenCredential
-		errMsgs    []string
-	)
-
 	additionalTenants := []string{}
 	if tenants := creds[CredentialKeyAdditionallyAllowedTenants]; tenants != "" {
 		additionalTenants = strings.Split(tenants, ";")
 	}
 
 	// config credential
-	cfgCred, err := newConfigCredential(creds, configCredentialOptions{
-		ClientOptions:              options,
-		AdditionallyAllowedTenants: additionalTenants,
-	})
-	if err == nil {
-		credential = append(credential, cfgCred)
-	} else {
-		errMsgs = append(errMsgs, err.Error())
+	if _, exist := creds[CredentialKeyClientID]; exist {
+		return newConfigCredential(creds, configCredentialOptions{
+			ClientOptions:              options,
+			AdditionallyAllowedTenants: additionalTenants,
+		})
 	}
 
 	// workload identity credential
-	wic, err := azidentity.NewWorkloadIdentityCredential(&azidentity.WorkloadIdentityCredentialOptions{
+	return azidentity.NewWorkloadIdentityCredential(&azidentity.WorkloadIdentityCredentialOptions{
 		AdditionallyAllowedTenants: additionalTenants,
 		ClientOptions:              options,
 	})
-	if err == nil {
-		credential = append(credential, wic)
-	} else {
-		errMsgs = append(errMsgs, err.Error())
-	}
 
-	//managed identity credential
-	o := &azidentity.ManagedIdentityCredentialOptions{ClientOptions: options, ID: azidentity.ClientID(creds[CredentialKeyClientID])}
-	msi, err := azidentity.NewManagedIdentityCredential(o)
-	if err == nil {
-		credential = append(credential, msi)
-	} else {
-		errMsgs = append(errMsgs, err.Error())
-	}
-
-	if len(credential) == 0 {
-		return nil, errors.Errorf("failed to create Azure credential: %s", strings.Join(errMsgs, "\n\t"))
-	}
-
-	return azidentity.NewChainedTokenCredential(credential, nil)
+	/*
+		//managed identity credential
+		o := &azidentity.ManagedIdentityCredentialOptions{ClientOptions: options, ID: azidentity.ClientID(creds[CredentialKeyClientID])}
+		msi, err := azidentity.NewManagedIdentityCredential(o)
+		if err == nil {
+			credential = append(credential, msi)
+		} else {
+			errMsgs = append(errMsgs, err.Error())
+		}
+	*/
 }
 
 type configCredentialOptions struct {