Skip to content

Commit 498d4e1

Browse files
andyzhangxandyzhangx
authored
Merge pull request #9493 from andyzhangx/IsSmbOAuthEnabled
feat: add IsSmbOAuthEnabled parameter in storage account creation
2 parents af440cc + a2cb876 commit 498d4e1

File tree

2 files changed

+32
-14
lines changed

2 files changed

+32
-14
lines changed

pkg/provider/storage/azure_storageaccount.go

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -77,6 +77,7 @@ type AccountOptions struct {
7777
RequireInfrastructureEncryption *bool
7878
AllowSharedKeyAccess *bool
7979
IsMultichannelEnabled *bool
80+
IsSmbOAuthEnabled *bool
8081
KeyName *string
8182
KeyVersion *string
8283
KeyVaultURI *string
@@ -605,6 +606,18 @@ func (az *AccountRepo) EnsureStorageAccount(ctx context.Context, accountOptions
605606
}
606607
}
607608

609+
if accountOptions.IsSmbOAuthEnabled != nil {
610+
klog.V(2).Infof("set IsSmbOAuthEnabled(%v) for storage account(%s)", *accountOptions.IsSmbOAuthEnabled, accountName)
611+
if cp.Properties.AzureFilesIdentityBasedAuthentication == nil {
612+
cp.Properties.AzureFilesIdentityBasedAuthentication = &armstorage.AzureFilesIdentityBasedAuthentication{
613+
DirectoryServiceOptions: to.Ptr(armstorage.DirectoryServiceOptionsNone),
614+
}
615+
}
616+
cp.Properties.AzureFilesIdentityBasedAuthentication.SmbOAuthSettings = &armstorage.SmbOAuthSettings{
617+
IsSmbOAuthEnabled: accountOptions.IsSmbOAuthEnabled,
618+
}
619+
}
620+
608621
if _, rerr := storageAccountClient.Create(ctx, resourceGroup, accountName, cp); rerr != nil {
609622
return "", "", fmt.Errorf("failed to create storage account %s, error: %w", accountName, rerr)
610623
}

pkg/provider/storage/azure_storageaccount_test.go

Lines changed: 19 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -423,6 +423,7 @@ func TestEnsureStorageAccount(t *testing.T) {
423423
accessTier string
424424
storageType Type
425425
requireInfrastructureEncryption *bool
426+
isSmbOAuthEnabled *bool
426427
keyVaultURL *string
427428
sourceAccountName string
428429
accountName string
@@ -441,6 +442,7 @@ func TestEnsureStorageAccount(t *testing.T) {
441442
storageType: StorageTypeBlob,
442443
requireInfrastructureEncryption: ptr.To(true),
443444
keyVaultURL: ptr.To("keyVaultURL"),
445+
isSmbOAuthEnabled: ptr.To(true),
444446
resourceGroup: "rg",
445447
accessTier: "AccessTierHot",
446448
accountName: "",
@@ -565,20 +567,23 @@ func TestEnsureStorageAccount(t *testing.T) {
565567
var testAccountOptions *AccountOptions
566568
if test.setAccountOptions {
567569
testAccountOptions = &AccountOptions{
568-
ResourceGroup: test.resourceGroup,
569-
CreatePrivateEndpoint: test.createPrivateEndpoint,
570-
VNetLinkName: test.vNetLinkName,
571-
PublicNetworkAccess: test.publicNetworkAccess,
572-
Name: test.accountName,
573-
CreateAccount: test.createAccount,
574-
SubscriptionID: test.subscriptionID,
575-
AccessTier: test.accessTier,
576-
StorageType: test.storageType,
577-
EnableBlobVersioning: ptr.To(true),
578-
SoftDeleteBlobs: 7,
579-
SoftDeleteContainers: 7,
580-
PickRandomMatchingAccount: test.pickRandomMatchingAccount,
581-
SourceAccountName: test.sourceAccountName,
570+
ResourceGroup: test.resourceGroup,
571+
CreatePrivateEndpoint: test.createPrivateEndpoint,
572+
VNetLinkName: test.vNetLinkName,
573+
PublicNetworkAccess: test.publicNetworkAccess,
574+
Name: test.accountName,
575+
CreateAccount: test.createAccount,
576+
SubscriptionID: test.subscriptionID,
577+
AccessTier: test.accessTier,
578+
StorageType: test.storageType,
579+
EnableBlobVersioning: ptr.To(true),
580+
IsSmbOAuthEnabled: test.isSmbOAuthEnabled,
581+
KeyVaultURI: test.keyVaultURL,
582+
RequireInfrastructureEncryption: test.requireInfrastructureEncryption,
583+
SoftDeleteBlobs: 7,
584+
SoftDeleteContainers: 7,
585+
PickRandomMatchingAccount: test.pickRandomMatchingAccount,
586+
SourceAccountName: test.sourceAccountName,
582587
}
583588
}
584589

0 commit comments

Comments
 (0)