Skip to content

Commit

Permalink
Cherry-pick #3213 for AzBlob DisableEntityMgmt (#3214)
Browse files Browse the repository at this point in the history
Signed-off-by: Bernd Verst <[email protected]>
  • Loading branch information
berndverst authored Nov 6, 2023
1 parent 975b28a commit 45edcfc
Show file tree
Hide file tree
Showing 4 changed files with 28 additions and 14 deletions.
7 changes: 6 additions & 1 deletion bindings/azure/blobstorage/metadata.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -87,4 +87,9 @@ metadata:
example: '3'
description: |
Specifies the maximum number of HTTP requests that will be made to retry blob operations.
A value of zero means that no additional attempts will be made after a failure.
A value of zero means that no additional attempts will be made after a failure.
- name: disableEntityManagement
description: "Disable entity management. Skips the attempt to create the specified storage container. This is useful when operating with minimal Azure AD permissions."
example: "true"
default: '"false"'
type: bool
23 changes: 13 additions & 10 deletions internal/component/azure/blobstorage/client.go
Original file line number Diff line number Diff line change
Expand Up @@ -62,16 +62,19 @@ func CreateContainerStorageClient(parentCtx context.Context, log logger.Logger,
return nil, nil, err
}

// Create the container if it doesn't already exist
var accessLevel *azblob.PublicAccessType
if m.PublicAccessLevel != "" && m.PublicAccessLevel != "none" {
accessLevel = &m.PublicAccessLevel
}
ctx, cancel := context.WithTimeout(parentCtx, 30*time.Second)
defer cancel()
err = m.EnsureContainer(ctx, client, accessLevel)
if err != nil {
return nil, nil, fmt.Errorf("failed to create Azure Storage container %s: %w", m.ContainerName, err)
// if entity management is disabled, do not attempt to create the container
if !m.DisableEntityManagement {
// Create the container if it doesn't already exist
var accessLevel *azblob.PublicAccessType
if m.PublicAccessLevel != "" && m.PublicAccessLevel != "none" {
accessLevel = &m.PublicAccessLevel
}
ctx, cancel := context.WithTimeout(parentCtx, 30*time.Second)
defer cancel()
err = m.EnsureContainer(ctx, client, accessLevel)
if err != nil {
return nil, nil, fmt.Errorf("failed to create Azure Storage container %s: %w", m.ContainerName, err)
}
}

return client, m, nil
Expand Down
7 changes: 4 additions & 3 deletions internal/component/azure/blobstorage/metadata.go
Original file line number Diff line number Diff line change
Expand Up @@ -24,9 +24,10 @@ import (
)

type BlobStorageMetadata struct {
ContainerClientOpts `json:",inline" mapstructure:",squash"`
DecodeBase64 bool `json:"decodeBase64,string" mapstructure:"decodeBase64" mdonly:"bindings"`
PublicAccessLevel azblob.PublicAccessType
ContainerClientOpts `json:",inline" mapstructure:",squash"`
DecodeBase64 bool `json:"decodeBase64,string" mapstructure:"decodeBase64" mdonly:"bindings"`
PublicAccessLevel azblob.PublicAccessType
DisableEntityManagement bool `json:"disableEntityManagement,string" mapstructure:"disableEntityManagement"`
}

type ContainerClientOpts struct {
Expand Down
5 changes: 5 additions & 0 deletions state/azure/blobstorage/metadata.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -74,3 +74,8 @@ metadata:
description: |
Specifies the maximum number of HTTP requests that will be made to retry blob operations.
A value of zero means that no additional attempts will be made after a failure.
- name: disableEntityManagement
description: "Disable entity management. Skips the attempt to create the specified storage container. This is useful when operating with minimal Azure AD permissions."
example: "true"
default: '"false"'
type: bool

0 comments on commit 45edcfc

Please sign in to comment.