feat(HMS-1674): Verify Azure source availability #750
Conversation
| "github.com/RHEnVision/provisioning-backend/internal/telemetry" | ||
| ) | ||
|
|
||
| const AZURE_SERVICE_ACCOUNT_OBJECT_ID = "bf9c3e0e-4bbd-425b-adb1-f005d3dfe9f9" |
There was a problem hiding this comment.
Ugly, unfortunatelly this is the attribute we do not have in config, we do have application ID.
We could:
a) resolve applicationID to objectID through azure sdk,
b) store the applicationID in config as new value used just for this check.
There was a problem hiding this comment.
Storing it in the config makes sense, assuming it does not change too often.
| "github.com/RHEnVision/provisioning-backend/internal/telemetry" | ||
| ) | ||
|
|
||
| const AZURE_SERVICE_ACCOUNT_OBJECT_ID = "bf9c3e0e-4bbd-425b-adb1-f005d3dfe9f9" |
There was a problem hiding this comment.
Storing it in the config makes sense, assuming it does not change too often.
ezr-ondrej
force-pushed
the
verify_azure_availability
branch
2 times, most recently
from
75761a6 to
31e08d6
Compare
|
Relevant test error I believe. |
|
/retest Right, I've updated the account in ephemeral, lets 🙏 |
|
Bad luck. |
|
Relevant failure error. |
ezr-ondrej
force-pushed
the
verify_azure_availability
branch
from
bd2e559 to
0564821
Compare
|
I've completely changed the approach here. I've tried to verify the correct role assignment, but it's bit too ambitious as Azure lighthouse works bit differently. |
Implement Azure availability check. We are only checking that we can login to the given subscritpion and fetch metadata. We currently fetch the tenant ID.
ezr-ondrej
force-pushed
the
verify_azure_availability
branch
from
0564821 to
dabf313
Compare
|
🍏 |
|
Thanks. |
Implement Azure availability check.
We are checking for subscription metadata.
If we are able to fetch that, we consider the source available. It's not bullet proof, but it covers basics ;)