marco/plugin-barman-cloud
1
0
Fork 0
mirror of https://github.com/cloudnative-pg/plugin-barman-cloud.git synced 2026-01-14 06:33:10 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Compare commits

base: marco:2e5eba6e7686dd15e2b0a4320354b2a8ded5dff5
Branches Tags
marco:main
marco:renovate/golangci-golangci-lint-2.x
marco:renovate/ghcr.io-cloudnative-pg-plugin-barman-cloud-base-3.x
marco:dev/reduce-e2e-test-verbosity
marco:release-please--branches--main
marco:renovate/python-3.x
marco:dev/385
marco:snyk-fix-6f890911d063843b8cacf57cf3c8ee75
marco:dev/pprof_server
marco:dev/389
marco:release-please--branches--dev/release-please
marco:v0.10.0
marco:v0.9.0
marco:v0.8.0
marco:v0.7.0
marco:v0.6.0
marco:v0.5.0
marco:v0.4.1
marco:v0.4.0
marco:v0.3.0
marco:v0.2.0
marco:v0.1.0
..
compare: marco:27ab06ba70ea59643060d83c015a90dbc243b9ea
Branches Tags
marco:renovate/golangci-golangci-lint-2.x
marco:renovate/ghcr.io-cloudnative-pg-plugin-barman-cloud-base-3.x
marco:dev/reduce-e2e-test-verbosity
marco:main
marco:release-please--branches--main
marco:renovate/python-3.x
marco:dev/385
marco:snyk-fix-6f890911d063843b8cacf57cf3c8ee75
marco:dev/pprof_server
marco:dev/389
marco:release-please--branches--dev/release-please
marco:v0.10.0
marco:v0.9.0
marco:v0.8.0
marco:v0.7.0
marco:v0.6.0
marco:v0.5.0
marco:v0.4.1
marco:v0.4.0
marco:v0.3.0
marco:v0.2.0
marco:v0.1.0

1 Commits
2e5eba6e76 ... 27ab06ba70

Author SHA1 Message Date
Gabriele Fedi
27ab06ba70
Merge 6d2d3eb925 into 316828cc73 2025-11-17 09:45:45 +00:00
3 changed files with 14 additions and 15 deletions
Show Stats Expand all files Collapse all files

4
internal/cnpgi/common/common.go
View File

@ -105,8 +105,8 @@ func BuildCertificateFilePath(objectStoreName string) string {
// ContextWithProviderOptions enriches the context with cloud service provider specific options // ContextWithProviderOptions enriches the context with cloud service provider specific options
// based on the ObjectStore resource // based on the ObjectStore resource
func ContextWithProviderOptions(ctx context.Context, objectStore apiv1.ObjectStore) context.Context { func ContextWithProviderOptions(ctx context.Context, objectStore apiv1.ObjectStore) context.Context {
if objectStore.GetAnnotations()[pluginmetadata.UseDefaultAzureCredentialAnnotationName] == if objectStore.GetAnnotations()[pluginmetadata.UseDefaultAzureCredentialsAnnotationName] ==
pluginmetadata.UseDefaultAzureCredentialTrueValue { pluginmetadata.UseDefaultAzureCredentialsTrueValue {
return command.ContextWithDefaultAzureCredentials(ctx, true) return command.ContextWithDefaultAzureCredentials(ctx, true)
} }

14
pkg/metadata/labels_annotations.go
View File

@ -4,12 +4,12 @@ package metadata
const MetadataNamespace = "barmancloud.cnpg.io" const MetadataNamespace = "barmancloud.cnpg.io"
const ( const (
// UseDefaultAzureCredentialAnnotationName is an annotation that can be set // UseDefaultAzureCredentialsAnnotationName is an annotation that can be set
// on an ObjectStore resource to enable the authentication to Azure via DefaultAzureCredential. // on an ObjectStore resource to enable the use DefaultAzureCredentials
// This is meant to be used with inheritFromAzureAD enabled. // to authenticate to Azure. This is meant to be used with inheritFromAzureAD enabled.
UseDefaultAzureCredentialAnnotationName = MetadataNamespace + "/useDefaultAzureCredential" UseDefaultAzureCredentialsAnnotationName = MetadataNamespace + "/useDefaultAzureCredentials"
// UseDefaultAzureCredentialTrueValue is the value for the annotation // UseDefaultAzureCredentialsTrueValue is the value for the annotation
// barmancloud.cnpg.io/useDefaultAzureCredential to enable the DefaultAzureCredentials auth mechanism. // barmancloud.cnpg.io/useDefaultAzureCredentials to enable the use of DefaultAzureCredentials
UseDefaultAzureCredentialTrueValue = "true" UseDefaultAzureCredentialsTrueValue = "true"
) )

11
web/docs/object_stores.md
View File

@ -233,7 +233,7 @@ Barman Cloud supports the following authentication methods:
- Storage Account Name + [Access Key](https://learn.microsoft.com/en-us/azure/storage/common/storage-account-keys-manage) - Storage Account Name + [Access Key](https://learn.microsoft.com/en-us/azure/storage/common/storage-account-keys-manage)
- Storage Account Name + [SAS Token](https://learn.microsoft.com/en-us/azure/storage/blobs/sas-service-create) - Storage Account Name + [SAS Token](https://learn.microsoft.com/en-us/azure/storage/blobs/sas-service-create)
- [Azure AD Workload Identity](https://azure.github.io/azure-workload-identity/docs/introduction.html) - [Azure AD Workload Identity](https://azure.github.io/azure-workload-identity/docs/introduction.html)
- [DefaultAzureCredential](https://learn.microsoft.com/en-us/azure/developer/go/sdk/authentication/credential-chains#defaultazurecredential-overview) - [Azure Default Credentials](https://learn.microsoft.com/en-us/azure/developer/go/sdk/authentication/credential-chains#defaultazurecredential-overview)
### Azure AD Workload Identity ### Azure AD Workload Identity
@ -253,11 +253,10 @@ spec:
[...] [...]
``` ```
### DefaultAzureCredential ### Azure Default Credentials
To authenticate using `DefaultAzureCredential`, set the annotation To authenticate using Azure Default Credentials, set the annotation
`barmancloud.cnpg.io/useDefaultAzureCredential="true"` on the ObjectStore in `barmancloud.cnpg.io/useDefaultAzureCredentials="true"` on the ObjectStore:
conjunction with the `.spec.configuration.inheritFromAzureAD` option:
```yaml ```yaml
apiVersion: barmancloud.cnpg.io/v1 apiVersion: barmancloud.cnpg.io/v1
@ -265,7 +264,7 @@ kind: ObjectStore
metadata: metadata:
name: azure-store name: azure-store
annotations: annotations:
barmancloud.cnpg.io/useDefaultAzureCredential: "true" barmancloud.cnpg.io/useDefaultAzureCredentials: "true"
spec: spec:
configuration: configuration:
destinationPath: "<destination path here>" destinationPath: "<destination path here>"