Convert armauthorization NewListPager to v2 NewListForScopePager.

openshift · Jun 20, 2023 · 0d96ce4 · 0d96ce4
1 parent 7286cda
commit 0d96ce4
Show file tree

Hide file tree

Showing 4 changed files with 32 additions and 23 deletions.
diff --git a/pkg/azure/clients.go b/pkg/azure/clients.go
@@ -8,7 +8,7 @@ import (
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore"
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore/arm/policy"
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
-	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization"
+	armauthorization "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v2"
 	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/msi/armmsi"
 	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resources/armresources"
 	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage"
@@ -234,7 +234,7 @@ func (roleDefinitionsClient *roleDefinitionsClient) GetByID(ctx context.Context,
 
 type RoleAssignmentsClient interface {
 	Create(ctx context.Context, scope string, roleAssignmentName string, parameters armauthorization.RoleAssignmentCreateParameters, options *armauthorization.RoleAssignmentsClientCreateOptions) (armauthorization.RoleAssignmentsClientCreateResponse, error)
-	NewListPager(options *armauthorization.RoleAssignmentsClientListOptions) *runtime.Pager[armauthorization.RoleAssignmentsClientListResponse]
+	NewListForScopePager(scope string, options *armauthorization.RoleAssignmentsClientListForScopeOptions) *runtime.Pager[armauthorization.RoleAssignmentsClientListForScopeResponse]
 	Delete(ctx context.Context, scope string, roleAssignmentName string, options *armauthorization.RoleAssignmentsClientDeleteOptions) (armauthorization.RoleAssignmentsClientDeleteResponse, error)
 }
 
@@ -254,8 +254,8 @@ func (roleAssignmentsClient *roleAssignmentsClient) Create(ctx context.Context,
 	return roleAssignmentsClient.client.Create(ctx, scope, roleAssignmentName, parameters, options)
 }
 
-func (roleAssignmentsClient *roleAssignmentsClient) NewListPager(options *armauthorization.RoleAssignmentsClientListOptions) *runtime.Pager[armauthorization.RoleAssignmentsClientListResponse] {
-	return roleAssignmentsClient.client.NewListPager(options)
+func (roleAssignmentsClient *roleAssignmentsClient) NewListForScopePager(scope string, options *armauthorization.RoleAssignmentsClientListForScopeOptions) *runtime.Pager[armauthorization.RoleAssignmentsClientListForScopeResponse] {
+	return roleAssignmentsClient.client.NewListForScopePager(scope, options)
 }
 
 func (roleAssignmentsClient *roleAssignmentsClient) Delete(ctx context.Context, scope string, roleAssignmentName string, options *armauthorization.RoleAssignmentsClientDeleteOptions) (armauthorization.RoleAssignmentsClientDeleteResponse, error) {

diff --git a/pkg/azure/mock/client_generated.go b/pkg/azure/mock/client_generated.go
diff --git a/pkg/cmd/provisioning/azure/create_managed_identities.go b/pkg/cmd/provisioning/azure/create_managed_identities.go
@@ -14,7 +14,7 @@ import (
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime"
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
 	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
-	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization"
+	armauthorization "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v2"
 	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/msi/armmsi"
 
 	credreqv1 "github.com/openshift/cloud-credential-operator/pkg/apis/cloudcredential/v1"
@@ -121,9 +121,10 @@ func ensureRolesAssignedToManagedIdentity(client *azureclients.AzureClientWrappe
 	// List role assignments by the user-assigned managed identity principal ID
 	// This list of role assignments are roles which are assigned to the user-assigned managed identity
 	existingRoleAssignments := []*armauthorization.RoleAssignment{}
-	listRoleAssignments := client.RoleAssignmentClient.NewListPager(
-		&armauthorization.RoleAssignmentsClientListOptions{
-			Filter: to.Ptr(fmt.Sprintf("principalId eq '%s'", managedIdentityPrincipalID)),
+	listRoleAssignments := client.RoleAssignmentClient.NewListForScopePager(
+		"/subscriptions/"+subscriptionID,
+		&armauthorization.RoleAssignmentsClientListForScopeOptions{
+			Filter: to.Ptr(fmt.Sprintf("assignedTo('%s')", managedIdentityPrincipalID)),
 		},
 	)
 	for listRoleAssignments.More() {

diff --git a/pkg/cmd/provisioning/azure/create_managed_identities_test.go b/pkg/cmd/provisioning/azure/create_managed_identities_test.go
@@ -120,9 +120,10 @@ func TestCreateManagedIdentities(t *testing.T) {
 				mockCreateOrUpdateResourceGroupSuccess(wrapper, testInstallResourceGroupName, testRegionName, testSubscriptionID, resourceTags)
 				mockGetUserAssignedManagedIdentityNotFound(wrapper, testOIDCResourceGroupName, "testinfraname-secretName1-namespace1")
 				mockCreateOrUpdateManagedIdentitySuccess(wrapper, testOIDCResourceGroupName, "testinfraname-secretName1-namespace1", testRegionName, testSubscriptionID, resourceTags)
-				mockRoleAssignmentsListPager(wrapper,
+				mockRoleAssignmentsListForScopePager(wrapper,
 					[]*armauthorization.RoleAssignment{},
 					testManagedIdentityPrincipalID,
+					testSubscriptionID,
 				)
 				mockRoleDefinitionsListPager(wrapper, "/subscriptions/"+testSubscriptionID,
 					[]*armauthorization.RoleDefinition{
@@ -214,9 +215,10 @@ func TestCreateManagedIdentities(t *testing.T) {
 				mockCreateOrUpdateResourceGroupSuccess(wrapper, testInstallResourceGroupName, testRegionName, testSubscriptionID, resourceTags)
 				mockGetUserAssignedManagedIdentityNotFound(wrapper, testOIDCResourceGroupName, "testinfraname-secretName1-namespace1")
 				mockCreateOrUpdateManagedIdentitySuccess(wrapper, testOIDCResourceGroupName, "testinfraname-secretName1-namespace1", testRegionName, testSubscriptionID, resourceTags)
-				mockRoleAssignmentsListPager(wrapper,
+				mockRoleAssignmentsListForScopePager(wrapper,
 					[]*armauthorization.RoleAssignment{},
 					testManagedIdentityPrincipalID,
+					testSubscriptionID,
 				)
 				mockRoleDefinitionsListPager(wrapper, "/subscriptions/"+testSubscriptionID,
 					[]*armauthorization.RoleDefinition{
@@ -481,7 +483,7 @@ func TestEnsureRolesAssignedToManagedIdentity(t *testing.T) {
 			},
 			mockAzureClientWrapper: func(mockCtrl *gomock.Controller) *azureclients.AzureClientWrapper {
 				wrapper := mockAzureClientWrapper(mockCtrl)
-				mockRoleAssignmentsListPager(wrapper,
+				mockRoleAssignmentsListForScopePager(wrapper,
 					[]*armauthorization.RoleAssignment{
 						{
 							Name: to.Ptr("PrivateDNSZoneContibutorRoleAssignmentName"),
@@ -501,6 +503,7 @@ func TestEnsureRolesAssignedToManagedIdentity(t *testing.T) {
 						},
 					},
 					testManagedIdentityPrincipalID,
+					testSubscriptionID,
 				)
 				mockRoleDefinitionsListPager(wrapper, "/subscriptions/"+testSubscriptionID,
 					[]*armauthorization.RoleDefinition{
@@ -534,7 +537,7 @@ func TestEnsureRolesAssignedToManagedIdentity(t *testing.T) {
 			},
 			mockAzureClientWrapper: func(mockCtrl *gomock.Controller) *azureclients.AzureClientWrapper {
 				wrapper := mockAzureClientWrapper(mockCtrl)
-				mockRoleAssignmentsListPager(wrapper,
+				mockRoleAssignmentsListForScopePager(wrapper,
 					[]*armauthorization.RoleAssignment{
 						{
 							Name: to.Ptr("PrivateDNSZoneContibutorRoleAssignmentName"),
@@ -555,6 +558,7 @@ func TestEnsureRolesAssignedToManagedIdentity(t *testing.T) {
 						},
 					},
 					testManagedIdentityPrincipalID,
+					testSubscriptionID,
 				)
 				mockRoleDefinitionsListPager(wrapper, "/subscriptions/"+testSubscriptionID,
 					[]*armauthorization.RoleDefinition{
@@ -584,7 +588,7 @@ func TestEnsureRolesAssignedToManagedIdentity(t *testing.T) {
 			},
 			mockAzureClientWrapper: func(mockCtrl *gomock.Controller) *azureclients.AzureClientWrapper {
 				wrapper := mockAzureClientWrapper(mockCtrl)
-				mockRoleAssignmentsListPager(wrapper,
+				mockRoleAssignmentsListForScopePager(wrapper,
 					[]*armauthorization.RoleAssignment{
 						{
 							Name: to.Ptr("PrivateDNSZoneContibutorRoleAssignmentName"),
@@ -596,6 +600,7 @@ func TestEnsureRolesAssignedToManagedIdentity(t *testing.T) {
 						},
 					},
 					testManagedIdentityPrincipalID,
+					testSubscriptionID,
 				)
 				mockRoleDefinitionsListPager(wrapper, "/subscriptions/"+testSubscriptionID,
 					[]*armauthorization.RoleDefinition{
@@ -746,7 +751,7 @@ func mockRoleDefinitionsListPager(wrapper *azureclients.AzureClientWrapper, scop
 	)
 }
 
-func mockRoleAssignmentsListPager(wrapper *azureclients.AzureClientWrapper, existingRoleAssignments []*armauthorization.RoleAssignment, managedIdentityPrincipalID string) {
+func mockRoleAssignmentsListForScopePager(wrapper *azureclients.AzureClientWrapper, existingRoleAssignments []*armauthorization.RoleAssignment, managedIdentityPrincipalID, subscriptionID string) {
 	roleAssignmentsListResult := armauthorization.RoleAssignmentsClientListResponse{
 		RoleAssignmentListResult: armauthorization.RoleAssignmentListResult{
 			Value: existingRoleAssignments,
@@ -755,7 +760,10 @@ func mockRoleAssignmentsListPager(wrapper *azureclients.AzureClientWrapper, exis
 	options := armauthorization.RoleAssignmentsClientListOptions{
 		Filter: to.Ptr(fmt.Sprintf("principalId eq '%s'", managedIdentityPrincipalID)),
 	}
-	wrapper.RoleAssignmentClient.(*mockazure.MockRoleAssignmentsClient).EXPECT().NewListPager(&options).Return(
+	wrapper.RoleAssignmentClient.(*mockazure.MockRoleAssignmentsClient).EXPECT().NewListForScopePager(
+		"/subscriptions/"+subscriptionID,
+		&options,
+	).Return(
 		runtime.NewPager(runtime.PagingHandler[armauthorization.RoleAssignmentsClientListResponse]{
 			More: func(current armauthorization.RoleAssignmentsClientListResponse) bool {
 				return current.NextLink != nil