diff --git a/cmd/aro/const.go b/cmd/aro/const.go index 3cb68f670a4..4177b5f9fb5 100644 --- a/cmd/aro/const.go +++ b/cmd/aro/const.go @@ -4,9 +4,6 @@ package main // Licensed under the Apache License 2.0. const ( - envDatabaseName = "DATABASE_NAME" - envDatabaseAccountName = "DATABASE_ACCOUNT_NAME" - envKeyVaultPrefix = "KEYVAULT_PREFIX" envOpenShiftVersions = "OPENSHIFT_VERSIONS" envInstallerImageDigests = "INSTALLER_IMAGE_DIGESTS" envPlatformWorkloadIdentityRoleSets = "PLATFORM_WORKLOAD_IDENTITY_ROLE_SETS" diff --git a/cmd/aro/gateway.go b/cmd/aro/gateway.go index d64a31ced12..82e9b388f40 100644 --- a/cmd/aro/gateway.go +++ b/cmd/aro/gateway.go @@ -5,7 +5,6 @@ package main import ( "context" - "fmt" "os" "os/signal" "syscall" @@ -35,28 +34,12 @@ func gateway(ctx context.Context, log *logrus.Entry) error { go g.Run() - if err := env.ValidateVars(envDatabaseAccountName); err != nil { - return err - } - - msiToken, err := _env.NewMSITokenCredential() - if err != nil { - return err - } - logrusEntry := log.WithField("component", "database") - - dbAccountName := os.Getenv(envDatabaseAccountName) - scope := []string{fmt.Sprintf("https://%s.%s", dbAccountName, _env.Environment().CosmosDBDNSSuffixScope)} - dbAuthorizer, err := database.NewTokenAuthorizer(ctx, logrusEntry, msiToken, dbAccountName, scope) - if err != nil { - return err - } - dbc, err := database.NewDatabaseClient(logrusEntry, _env, dbAuthorizer, m, nil, dbAccountName) + dbc, err := database.NewDatabaseClientFromEnv(ctx, _env, log, m, nil) if err != nil { return err } - dbName, err := DBName(_env.IsLocalDevelopmentMode()) + dbName, err := env.DBName(_env) if err != nil { return err } diff --git a/cmd/aro/main.go b/cmd/aro/main.go index 24f95ca38cd..e629e8202ab 100644 --- a/cmd/aro/main.go +++ b/cmd/aro/main.go @@ -12,7 +12,6 @@ import ( "os" "strings" - "github.com/Azure/ARO-RP/pkg/env" utillog "github.com/Azure/ARO-RP/pkg/util/log" _ "github.com/Azure/ARO-RP/pkg/util/scheme" "github.com/Azure/ARO-RP/pkg/util/version" @@ -98,15 +97,3 @@ func checkMinArgs(required int) { os.Exit(2) } } - -func DBName(isLocalDevelopmentMode bool) (string, error) { - if !isLocalDevelopmentMode { - return "ARO", nil - } - - if err := env.ValidateVars(envDatabaseName); err != nil { - return "", fmt.Errorf("%v (development mode)", err.Error()) - } - - return os.Getenv(envDatabaseName), nil -} diff --git a/cmd/aro/monitor.go b/cmd/aro/monitor.go index 58695cde095..44d0c36b8f8 100644 --- a/cmd/aro/monitor.go +++ b/cmd/aro/monitor.go @@ -5,7 +5,6 @@ package main import ( "context" - "fmt" "os" "github.com/Azure/go-autorest/tracing" @@ -22,7 +21,6 @@ import ( pkgmonitor "github.com/Azure/ARO-RP/pkg/monitor" "github.com/Azure/ARO-RP/pkg/proxy" "github.com/Azure/ARO-RP/pkg/util/encryption" - "github.com/Azure/ARO-RP/pkg/util/keyvault" ) func monitor(ctx context.Context, log *logrus.Entry) error { @@ -60,48 +58,17 @@ func monitor(ctx context.Context, log *logrus.Entry) error { clusterm := statsd.New(ctx, log.WithField("component", "metrics"), _env, os.Getenv("CLUSTER_MDM_ACCOUNT"), os.Getenv("CLUSTER_MDM_NAMESPACE"), os.Getenv("MDM_STATSD_SOCKET")) - msiToken, err := _env.NewMSITokenCredential() + aead, err := encryption.NewAEADWithCore(ctx, _env, env.EncryptionSecretV2Name, env.EncryptionSecretName) if err != nil { return err } - msiKVAuthorizer, err := _env.NewMSIAuthorizer(_env.Environment().KeyVaultScope) + dbc, err := database.NewDatabaseClientFromEnv(ctx, _env, log, &noop.Noop{}, aead) if err != nil { return err } - if err := env.ValidateVars(envKeyVaultPrefix); err != nil { - return err - } - keyVaultPrefix := os.Getenv(envKeyVaultPrefix) - // TODO: should not be using the service keyvault here - serviceKeyvaultURI := keyvault.URI(_env, env.ServiceKeyvaultSuffix, keyVaultPrefix) - serviceKeyvault := keyvault.NewManager(msiKVAuthorizer, serviceKeyvaultURI) - - aead, err := encryption.NewMulti(ctx, serviceKeyvault, env.EncryptionSecretV2Name, env.EncryptionSecretName) - if err != nil { - return err - } - - if err := env.ValidateVars(envDatabaseAccountName); err != nil { - return err - } - - dbAccountName := os.Getenv(envDatabaseAccountName) - - logrusEntry := log.WithField("component", "database") - scope := []string{fmt.Sprintf("https://%s.%s", dbAccountName, _env.Environment().CosmosDBDNSSuffixScope)} - dbAuthorizer, err := database.NewTokenAuthorizer(ctx, logrusEntry, msiToken, dbAccountName, scope) - if err != nil { - return err - } - - dbc, err := database.NewDatabaseClient(log.WithField("component", "database"), _env, dbAuthorizer, &noop.Noop{}, aead, dbAccountName) - if err != nil { - return err - } - - dbName, err := DBName(_env.IsLocalDevelopmentMode()) + dbName, err := env.DBName(_env) if err != nil { return err } diff --git a/cmd/aro/portal.go b/cmd/aro/portal.go index eb71913af6f..d4aa00360fb 100644 --- a/cmd/aro/portal.go +++ b/cmd/aro/portal.go @@ -6,7 +6,6 @@ package main import ( "context" "crypto/x509" - "fmt" "net" "os" "strings" @@ -61,16 +60,6 @@ func portal(ctx context.Context, log *logrus.Entry, audit *logrus.Entry) error { return err } - msiToken, err := _env.NewMSITokenCredential() - if err != nil { - return err - } - - msiKVAuthorizer, err := _env.NewMSIAuthorizer(_env.Environment().KeyVaultScope) - if err != nil { - return err - } - m := statsd.New(ctx, log.WithField("component", "portal"), _env, os.Getenv("MDM_ACCOUNT"), os.Getenv("MDM_NAMESPACE"), os.Getenv("MDM_STATSD_SOCKET")) g, err := golang.NewMetrics(log.WithField("component", "portal"), m) @@ -80,52 +69,37 @@ func portal(ctx context.Context, log *logrus.Entry, audit *logrus.Entry) error { go g.Run() - if err := env.ValidateVars(envKeyVaultPrefix); err != nil { - return err - } - keyVaultPrefix := os.Getenv(envKeyVaultPrefix) - // TODO: should not be using the service keyvault here - serviceKeyvaultURI := keyvault.URI(_env, env.ServiceKeyvaultSuffix, keyVaultPrefix) - serviceKeyvault := keyvault.NewManager(msiKVAuthorizer, serviceKeyvaultURI) - - aead, err := encryption.NewMulti(ctx, serviceKeyvault, env.EncryptionSecretV2Name, env.EncryptionSecretName) + aead, err := encryption.NewAEADWithCore(ctx, _env, env.EncryptionSecretV2Name, env.EncryptionSecretName) if err != nil { return err } - if err := env.ValidateVars(envDatabaseAccountName); err != nil { - return err - } - - dbAccountName := os.Getenv(envDatabaseAccountName) - - logrusEntry := log.WithField("component", "database") - scope := []string{fmt.Sprintf("https://%s.%s", dbAccountName, _env.Environment().CosmosDBDNSSuffixScope)} - dbAuthorizer, err := database.NewTokenAuthorizer(ctx, logrusEntry, msiToken, dbAccountName, scope) + dbc, err := database.NewDatabaseClientFromEnv(ctx, _env, log, m, aead) if err != nil { return err } - dbc, err := database.NewDatabaseClient(log.WithField("component", "database"), _env, dbAuthorizer, m, aead, dbAccountName) + dbName, err := env.DBName(_env) if err != nil { return err } - dbName, err := DBName(_env.IsLocalDevelopmentMode()) + dbOpenShiftClusters, err := database.NewOpenShiftClusters(ctx, dbc, dbName) if err != nil { return err } - dbOpenShiftClusters, err := database.NewOpenShiftClusters(ctx, dbc, dbName) + dbPortal, err := database.NewPortal(ctx, dbc, dbName) if err != nil { return err } - dbPortal, err := database.NewPortal(ctx, dbc, dbName) + msiKVAuthorizer, err := _env.NewMSIAuthorizer(_env.Environment().KeyVaultScope) if err != nil { return err } + keyVaultPrefix := os.Getenv(encryption.KeyVaultPrefix) portalKeyvaultURI := keyvault.URI(_env, env.PortalKeyvaultSuffix, keyVaultPrefix) portalKeyvault := keyvault.NewManager(msiKVAuthorizer, portalKeyvaultURI) diff --git a/cmd/aro/rp.go b/cmd/aro/rp.go index 3eb9a14c3c1..8f0cbde9ace 100644 --- a/cmd/aro/rp.go +++ b/cmd/aro/rp.go @@ -100,34 +100,17 @@ func rp(ctx context.Context, log, audit *logrus.Entry) error { clusterm := statsd.New(ctx, log.WithField("component", "metrics"), _env, os.Getenv("CLUSTER_MDM_ACCOUNT"), os.Getenv("CLUSTER_MDM_NAMESPACE"), os.Getenv("MDM_STATSD_SOCKET")) - msiToken, err := _env.NewMSITokenCredential() + aead, err := encryption.NewAEADWithCore(ctx, _env, env.EncryptionSecretV2Name, env.EncryptionSecretName) if err != nil { return err } - aead, err := encryption.NewMulti(ctx, _env.ServiceKeyvault(), env.EncryptionSecretV2Name, env.EncryptionSecretName) + dbc, err := database.NewDatabaseClientFromEnv(ctx, _env, log, metrics, aead) if err != nil { return err } - if err := env.ValidateVars(envDatabaseAccountName); err != nil { - return err - } - dbAccountName := os.Getenv(envDatabaseAccountName) - - logrusEntry := log.WithField("component", "database") - scope := []string{fmt.Sprintf("https://%s.%s", dbAccountName, _env.Environment().CosmosDBDNSSuffixScope)} - dbAuthorizer, err := database.NewTokenAuthorizer(ctx, logrusEntry, msiToken, dbAccountName, scope) - if err != nil { - return err - } - - dbc, err := database.NewDatabaseClient(log.WithField("component", "database"), _env, dbAuthorizer, metrics, aead, dbAccountName) - if err != nil { - return err - } - - dbName, err := DBName(env.IsLocalDevelopmentMode()) + dbName, err := env.DBName(_env) if err != nil { return err } diff --git a/cmd/aro/update_ocp_versions.go b/cmd/aro/update_ocp_versions.go index 9754ca6eae7..b5d7eff1924 100644 --- a/cmd/aro/update_ocp_versions.go +++ b/cmd/aro/update_ocp_versions.go @@ -10,15 +10,12 @@ import ( "fmt" "os" - "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm/policy" "github.com/sirupsen/logrus" "github.com/Azure/ARO-RP/pkg/api" "github.com/Azure/ARO-RP/pkg/database" "github.com/Azure/ARO-RP/pkg/env" "github.com/Azure/ARO-RP/pkg/metrics/statsd" - "github.com/Azure/ARO-RP/pkg/util/encryption" - "github.com/Azure/ARO-RP/pkg/util/keyvault" "github.com/Azure/ARO-RP/pkg/util/version" ) @@ -160,53 +157,18 @@ func getVersionsDatabase(ctx context.Context, log *logrus.Entry) (database.OpenS } } - msiToken, err := _env.NewMSITokenCredential() - if err != nil { - return nil, fmt.Errorf("MSI Authorizer failed with: %s", err.Error()) - } - - msiKVAuthorizer, err := _env.NewMSIAuthorizer(_env.Environment().KeyVaultScope) - if err != nil { - return nil, fmt.Errorf("MSI KeyVault Authorizer failed with: %s", err.Error()) - } - m := statsd.New(ctx, log.WithField("component", "update-ocp-versions"), _env, os.Getenv("MDM_ACCOUNT"), os.Getenv("MDM_NAMESPACE"), os.Getenv("MDM_STATSD_SOCKET")) - if err := env.ValidateVars(envKeyVaultPrefix); err != nil { - return nil, err - } - keyVaultPrefix := os.Getenv(envKeyVaultPrefix) - serviceKeyvaultURI := keyvault.URI(_env, env.ServiceKeyvaultSuffix, keyVaultPrefix) - serviceKeyvault := keyvault.NewManager(msiKVAuthorizer, serviceKeyvaultURI) - - aead, err := encryption.NewMulti(ctx, serviceKeyvault, env.EncryptionSecretV2Name, env.EncryptionSecretName) + dbc, err := database.NewDatabaseClientFromEnv(ctx, _env, log, m, nil) if err != nil { - return nil, err + return nil, fmt.Errorf("failed creating database client: %w", err) } - if err := env.ValidateVars(envDatabaseAccountName); err != nil { - return nil, err - } - - dbAccountName := os.Getenv(envDatabaseAccountName) - clientOptions := &policy.ClientOptions{ - ClientOptions: _env.Environment().ManagedIdentityCredentialOptions().ClientOptions, - } - logrusEntry := log.WithField("component", "database") - dbAuthorizer, err := database.NewMasterKeyAuthorizer(ctx, logrusEntry, msiToken, clientOptions, _env.SubscriptionID(), _env.ResourceGroup(), dbAccountName) - if err != nil { - return nil, err - } - - dbc, err := database.NewDatabaseClient(log.WithField("component", "database"), _env, dbAuthorizer, m, aead, dbAccountName) + dbName, err := env.DBName(_env) if err != nil { return nil, err } - dbName, err := DBName(_env.IsLocalDevelopmentMode()) - if err != nil { - return nil, err - } dbOpenShiftVersions, err := database.NewOpenShiftVersions(ctx, dbc, dbName) if err != nil { return nil, err diff --git a/cmd/aro/update_role_sets.go b/cmd/aro/update_role_sets.go index 148045441eb..8d0fb094dfb 100644 --- a/cmd/aro/update_role_sets.go +++ b/cmd/aro/update_role_sets.go @@ -16,7 +16,6 @@ import ( "github.com/Azure/ARO-RP/pkg/env" "github.com/Azure/ARO-RP/pkg/metrics/statsd" "github.com/Azure/ARO-RP/pkg/util/encryption" - "github.com/Azure/ARO-RP/pkg/util/keyvault" ) func getRoleSetsFromEnv() ([]api.PlatformWorkloadIdentityRoleSetProperties, error) { @@ -38,26 +37,23 @@ func getPlatformWorkloadIdentityRoleSetDatabase(ctx context.Context, log *logrus return nil, fmt.Errorf("MSI Authorizer failed with: %s", err.Error()) } - msiKVAuthorizer, err := _env.NewMSIAuthorizer(_env.Environment().KeyVaultScope) - if err != nil { - return nil, fmt.Errorf("MSI KeyVault Authorizer failed with: %s", err.Error()) - } - m := statsd.New(ctx, log.WithField("component", "update-role-sets"), _env, os.Getenv("MDM_ACCOUNT"), os.Getenv("MDM_NAMESPACE"), os.Getenv("MDM_STATSD_SOCKET")) - keyVaultPrefix := os.Getenv(envKeyVaultPrefix) - serviceKeyvaultURI := keyvault.URI(_env, env.ServiceKeyvaultSuffix, keyVaultPrefix) - serviceKeyvault := keyvault.NewManager(msiKVAuthorizer, serviceKeyvaultURI) + aead, err := encryption.NewAEADWithCore(ctx, _env, env.EncryptionSecretV2Name, env.EncryptionSecretName) + if err != nil { + return nil, err + } - aead, err := encryption.NewMulti(ctx, serviceKeyvault, env.EncryptionSecretV2Name, env.EncryptionSecretName) + dbName, err := env.DBName(_env) if err != nil { return nil, err } - if err := env.ValidateVars(envDatabaseAccountName); err != nil { + dbAccountName, err := env.DBAccountName() + if err != nil { return nil, err } - dbAccountName := os.Getenv(envDatabaseAccountName) + clientOptions := &policy.ClientOptions{ ClientOptions: _env.Environment().ManagedIdentityCredentialOptions().ClientOptions, } @@ -73,11 +69,6 @@ func getPlatformWorkloadIdentityRoleSetDatabase(ctx context.Context, log *logrus return nil, err } - dbName, err := DBName(_env.IsLocalDevelopmentMode()) - if err != nil { - return nil, err - } - return database.NewPlatformWorkloadIdentityRoleSets(ctx, dbc, dbName) } diff --git a/pkg/database/fromenv.go b/pkg/database/fromenv.go new file mode 100644 index 00000000000..5c6ac20a673 --- /dev/null +++ b/pkg/database/fromenv.go @@ -0,0 +1,51 @@ +package database + +// Copyright (c) Microsoft Corporation. +// Licensed under the Apache License 2.0. + +import ( + "context" + "fmt" + + "github.com/sirupsen/logrus" + + "github.com/Azure/ARO-RP/pkg/database/cosmosdb" + "github.com/Azure/ARO-RP/pkg/env" + "github.com/Azure/ARO-RP/pkg/metrics" + "github.com/Azure/ARO-RP/pkg/util/encryption" +) + +// NewDatabaseClient creates a CosmosDB database client from the environment configuration. +func NewDatabaseClientFromEnv(ctx context.Context, _env env.Core, log *logrus.Entry, m metrics.Emitter, aead encryption.AEAD) (cosmosdb.DatabaseClient, error) { + dbAccountName, err := env.DBAccountName() + if err != nil { + return nil, err + } + + msiToken, err := _env.NewMSITokenCredential() + if err != nil { + return nil, err + } + + scope := []string{ + fmt.Sprintf("https://%s.%s", dbAccountName, _env.Environment().CosmosDBDNSSuffixScope), + } + + logrusEntry := log.WithField("component", "database") + + dbAuthorizer, err := NewTokenAuthorizer( + ctx, logrusEntry, msiToken, dbAccountName, scope, + ) + if err != nil { + return nil, err + } + + dbc, err := NewDatabaseClient( + logrusEntry, _env, dbAuthorizer, m, aead, dbAccountName, + ) + if err != nil { + return nil, err + } + + return dbc, nil +} diff --git a/pkg/env/core.go b/pkg/env/core.go index 440e2e4608b..8ef466616fc 100644 --- a/pkg/env/core.go +++ b/pkg/env/core.go @@ -38,7 +38,7 @@ type Core interface { IsLocalDevelopmentMode() bool IsCI() bool NewMSITokenCredential() (azcore.TokenCredential, error) - NewMSIAuthorizer(...string) (autorest.Authorizer, error) + NewMSIAuthorizer(scope string) (autorest.Authorizer, error) NewLiveConfigManager(context.Context) (liveconfig.Manager, error) instancemetadata.InstanceMetadata @@ -54,6 +54,8 @@ type core struct { component ServiceComponent componentLog *logrus.Entry + + msiAuthorizers map[string]autorest.Authorizer } func (c *core) IsLocalDevelopmentMode() bool { @@ -110,6 +112,7 @@ func NewCore(ctx context.Context, log *logrus.Entry, component ServiceComponent) isCI: isCI, component: component, componentLog: componentLog, + msiAuthorizers: map[string]autorest.Authorizer{}, }, nil } @@ -132,5 +135,6 @@ func NewCoreForCI(ctx context.Context, log *logrus.Entry) (Core, error) { return &core{ InstanceMetadata: im, isLocalDevelopmentMode: isLocalDevelopmentMode, + msiAuthorizers: map[string]autorest.Authorizer{}, }, nil } diff --git a/pkg/env/helpers.go b/pkg/env/helpers.go new file mode 100644 index 00000000000..58c95cac31b --- /dev/null +++ b/pkg/env/helpers.go @@ -0,0 +1,35 @@ +package env + +// Copyright (c) Microsoft Corporation. +// Licensed under the Apache License 2.0. + +import ( + "fmt" + "os" +) + +const ( + EnvDatabaseName = "DATABASE_NAME" + EnvDatabaseAccountName = "DATABASE_ACCOUNT_NAME" +) + +// Fetch the database account name from the environment. +func DBAccountName() (string, error) { + if err := ValidateVars(EnvDatabaseAccountName); err != nil { + return "", err + } + + return os.Getenv(EnvDatabaseAccountName), nil +} + +func DBName(c Core) (string, error) { + if !c.IsLocalDevelopmentMode() { + return "ARO", nil + } + + if err := ValidateVars(EnvDatabaseName); err != nil { + return "", fmt.Errorf("%v (development mode)", err.Error()) + } + + return os.Getenv(EnvDatabaseName), nil +} diff --git a/pkg/env/msiauthorizer.go b/pkg/env/msiauthorizer.go index c090f5e285a..9cb64bc8935 100644 --- a/pkg/env/msiauthorizer.go +++ b/pkg/env/msiauthorizer.go @@ -50,10 +50,19 @@ func (c *core) NewMSITokenCredential() (azcore.TokenCredential, error) { return azidentity.NewClientSecretCredential(tenantId, azureClientId, azureClientSecret, options) } -func (c *core) NewMSIAuthorizer(scopes ...string) (autorest.Authorizer, error) { +func (c *core) NewMSIAuthorizer(scope string) (autorest.Authorizer, error) { + // To prevent creating multiple authorisers with independent token + // refreshes, store them in a cache per-scope when created + auth, ok := c.msiAuthorizers[scope] + if ok { + return auth, nil + } + token, err := c.NewMSITokenCredential() if err != nil { return nil, err } - return azidext.NewTokenCredentialAdapter(token, scopes), nil + auth = azidext.NewTokenCredentialAdapter(token, []string{scope}) + c.msiAuthorizers[scope] = auth + return auth, nil } diff --git a/pkg/util/encryption/azure.go b/pkg/util/encryption/azure.go new file mode 100644 index 00000000000..79cfde3cf7c --- /dev/null +++ b/pkg/util/encryption/azure.go @@ -0,0 +1,34 @@ +package encryption + +// Copyright (c) Microsoft Corporation. +// Licensed under the Apache License 2.0. + +import ( + "context" + "fmt" + "os" + + "github.com/Azure/ARO-RP/pkg/env" + "github.com/Azure/ARO-RP/pkg/util/keyvault" +) + +const ( + KeyVaultPrefix = "KEYVAULT_PREFIX" +) + +// NewAEADWithCore creates an AEAD encryption manager with resources available +// from the Core env object. +func NewAEADWithCore(ctx context.Context, _env env.Core, encryptionSecretV2Name string, encryptionSecretName string) (AEAD, error) { + msiKVAuthorizer, err := _env.NewMSIAuthorizer(_env.Environment().KeyVaultScope) + if err != nil { + return nil, fmt.Errorf("MSI KeyVault Authorizer failed with: %s", err.Error()) + } + + keyVaultPrefix := os.Getenv(KeyVaultPrefix) + serviceKeyvaultURI := keyvault.URI(_env, env.ServiceKeyvaultSuffix, keyVaultPrefix) + serviceKeyvault := keyvault.NewManager(msiKVAuthorizer, serviceKeyvaultURI) + + return NewMulti( + ctx, serviceKeyvault, encryptionSecretV2Name, encryptionSecretName, + ) +} diff --git a/pkg/util/mocks/env/core.go b/pkg/util/mocks/env/core.go index 8129b642cad..c32f4cdbc6c 100644 --- a/pkg/util/mocks/env/core.go +++ b/pkg/util/mocks/env/core.go @@ -153,22 +153,18 @@ func (mr *MockCoreMockRecorder) NewLiveConfigManager(arg0 interface{}) *gomock.C } // NewMSIAuthorizer mocks base method. -func (m *MockCore) NewMSIAuthorizer(arg0 ...string) (autorest.Authorizer, error) { +func (m *MockCore) NewMSIAuthorizer(scope string) (autorest.Authorizer, error) { m.ctrl.T.Helper() - varargs := []interface{}{} - for _, a := range arg0 { - varargs = append(varargs, a) - } - ret := m.ctrl.Call(m, "NewMSIAuthorizer", varargs...) + ret := m.ctrl.Call(m, "NewMSIAuthorizer", scope) ret0, _ := ret[0].(autorest.Authorizer) ret1, _ := ret[1].(error) return ret0, ret1 } // NewMSIAuthorizer indicates an expected call of NewMSIAuthorizer. -func (mr *MockCoreMockRecorder) NewMSIAuthorizer(arg0 ...interface{}) *gomock.Call { +func (mr *MockCoreMockRecorder) NewMSIAuthorizer(scope interface{}) *gomock.Call { mr.mock.ctrl.T.Helper() - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "NewMSIAuthorizer", reflect.TypeOf((*MockCore)(nil).NewMSIAuthorizer), arg0...) + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "NewMSIAuthorizer", reflect.TypeOf((*MockCore)(nil).NewMSIAuthorizer), scope) } // NewMSITokenCredential mocks base method. diff --git a/pkg/util/mocks/env/env.go b/pkg/util/mocks/env/env.go index 0d6c1cc3155..8c6c917ff7f 100644 --- a/pkg/util/mocks/env/env.go +++ b/pkg/util/mocks/env/env.go @@ -494,22 +494,18 @@ func (mr *MockInterfaceMockRecorder) NewLiveConfigManager(arg0 interface{}) *gom } // NewMSIAuthorizer mocks base method. -func (m *MockInterface) NewMSIAuthorizer(arg0 ...string) (autorest.Authorizer, error) { +func (m *MockInterface) NewMSIAuthorizer(scope string) (autorest.Authorizer, error) { m.ctrl.T.Helper() - varargs := []interface{}{} - for _, a := range arg0 { - varargs = append(varargs, a) - } - ret := m.ctrl.Call(m, "NewMSIAuthorizer", varargs...) + ret := m.ctrl.Call(m, "NewMSIAuthorizer", scope) ret0, _ := ret[0].(autorest.Authorizer) ret1, _ := ret[1].(error) return ret0, ret1 } // NewMSIAuthorizer indicates an expected call of NewMSIAuthorizer. -func (mr *MockInterfaceMockRecorder) NewMSIAuthorizer(arg0 ...interface{}) *gomock.Call { +func (mr *MockInterfaceMockRecorder) NewMSIAuthorizer(scope interface{}) *gomock.Call { mr.mock.ctrl.T.Helper() - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "NewMSIAuthorizer", reflect.TypeOf((*MockInterface)(nil).NewMSIAuthorizer), arg0...) + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "NewMSIAuthorizer", reflect.TypeOf((*MockInterface)(nil).NewMSIAuthorizer), scope) } // NewMSITokenCredential mocks base method.