Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Azure Container Registry] Expose authenticationClient/authenticationPolicy in containerregistry package #23253

Closed
MartinForReal opened this issue Jul 26, 2024 · 1 comment
Closed

[Azure Container Registry] Expose authenticationClient/authenticationPolicy in containerregistry package #23253

MartinForReal opened this issue Jul 26, 2024 · 1 comment
Labels
customer-reported Issues that are reported by GitHub users external to the Azure organization. needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. question The issue doesn't require a change to the product in order to be resolved. Most issues start as that

Comments

@MartinForReal
Copy link
Contributor

MartinForReal commented Jul 26, 2024
edited
Loading

Service Package Request

azure cloud provider team needs to migrate credential provider to track2 client. Credential provider will exchange token for kubelet when kubelet try to fetch image from acr.
acr token exchange logic has been implemented in authenticationClient.

azure-sdk-for-go/sdk/containers/azcontainerregistry/authentication_client.go

Lines 37 to 55 in 0eb9152

func (client *authenticationClient) ExchangeAADAccessTokenForACRRefreshToken(ctx context.Context, grantType postContentSchemaGrantType, service string, options *authenticationClientExchangeAADAccessTokenForACRRefreshTokenOptions) (authenticationClientExchangeAADAccessTokenForACRRefreshTokenResponse, error) {
var err error
ctx, endSpan := runtime.StartSpan(ctx, "AuthenticationClient.ExchangeAADAccessTokenForACRRefreshToken", client.internal.Tracer(), nil)
defer func() { endSpan(err) }()
req, err := client.exchangeAADAccessTokenForACRRefreshTokenCreateRequest(ctx, grantType, service, options)
if err != nil {
return authenticationClientExchangeAADAccessTokenForACRRefreshTokenResponse{}, err
}
httpResp, err := client.internal.Pipeline().Do(req)
if err != nil {
return authenticationClientExchangeAADAccessTokenForACRRefreshTokenResponse{}, err
}
if !runtime.HasStatusCode(httpResp, http.StatusOK) {
err = runtime.NewResponseError(httpResp)
return authenticationClientExchangeAADAccessTokenForACRRefreshTokenResponse{}, err
}
resp, err := client.exchangeAADAccessTokenForACRRefreshTokenHandleResponse(httpResp)
return resp, err
}

I'm wondering if the client can be exposed to the public so that it can be reused. Thanks!
@github-actions github-actions bot added customer-reported Issues that are reported by GitHub users external to the Azure organization. needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. question The issue doesn't require a change to the product in order to be resolved. Most issues start as that labels Jul 26, 2024
@jhendrixMSFT
Copy link
Member

This is being tracked in #20571

I believe there is a plan to expose, just uncertain when it will happen.

@tadelesh FYI

@github-actions github-actions bot locked and limited conversation to collaborators Oct 24, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
customer-reported Issues that are reported by GitHub users external to the Azure organization. needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. question The issue doesn't require a change to the product in order to be resolved. Most issues start as that
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@MartinForReal @jhendrixMSFT