Azure configuration via ENV variables

* Unlike the AWS library, this needs to be done with logic * Closes #96
hashicorp · Feb 26, 2019 · 0371fd1 · 0371fd1
1 parent d762d65
commit 0371fd1
Show file tree

Hide file tree

Showing 2 changed files with 51 additions and 7 deletions.
diff --git a/provider/azure/azure_discover.go b/provider/azure/azure_discover.go
@@ -6,6 +6,7 @@ import (
 	"fmt"
 	"io/ioutil"
 	"log"
+	"os"
 
 	"github.com/Azure/azure-sdk-for-go/services/network/mgmt/2015-06-15/network"
 	"github.com/Azure/go-autorest/autorest"
@@ -29,6 +30,15 @@ func (p *Provider) Help() string {
    client_id:         The id of the client
    subscription_id:   The id of the subscription
    secret_access_key: The authentication credential
+    **NOTE** The secret_access_key value often may have an equals sign in it's value,
+    especially if generated from the Azure Portal. So is important to wrap in single quotes
+    eg. secret_acccess_key='fpOfcHQJAQBczjAxiVpeyLmX1M0M0KPBST+GU2GvEN4='
+
+   Variables can also be provided by environmental variables:
+    export ARM_SUBSCRIPTION_ID for subscription
+    export ARM_TENANT_ID for tenant
+    export ARM_CLIENT_ID for client
+    export ARM_CLIENT_SECRET for secret access key
 
    Use these configuration parameters when using tags:
 
@@ -40,14 +50,22 @@ func (p *Provider) Help() string {
    resource_group:    The name of the resource group to filter on
    vm_scale_set:      The name of the virtual machine scale set to filter on
 
-   When using tags the only permission needed is the 'ListAll' method for
-   'NetworkInterfaces'. When using Virtual Machine Scale Sets the only Role
-   Action needed is 'Microsoft.Compute/virtualMachineScaleSets/*/read'.
+   When using tags the only permission needed is Microsoft.Network/networkInterfaces/*
+
+   When using Virtual Machine Scale Sets the only role action needed is Microsoft.Compute/virtualMachineScaleSets/*/read.
 
    It is recommended you make a dedicated key used only for auto-joining.
 `
 }
 
+// argsOrEnv allows you to pick an environmental variable for a setting if the arg is not set
+func argsOrEnv(args map[string]string, key, env string) string {
+  if value, ok := args[key]; ok {
+    return value
+  }
+  return os.Getenv(env)
+}
+
 func (p *Provider) Addrs(args map[string]string, l *log.Logger) ([]string, error) {
 	if args["provider"] != "azure" {
 		return nil, fmt.Errorf("discover-azure: invalid provider " + args["provider"])
@@ -57,10 +75,11 @@ func (p *Provider) Addrs(args map[string]string, l *log.Logger) ([]string, error
 		l = log.New(ioutil.Discard, "", 0)
 	}
 
-	tenantID := args["tenant_id"]
-	clientID := args["client_id"]
-	subscriptionID := args["subscription_id"]
-	secretKey := args["secret_access_key"]
+	// check for environmental variables, and use if the argument hasn't been set in config
+	tenantID := argsOrEnv(args, "tenant_id", "ARM_TENANT_ID")
+	clientID := argsOrEnv(args, "client_id", "ARM_CLIENT_ID")
+	subscriptionID := argsOrEnv(args, "subscription_id", "ARM_SUBSCRIPTION_ID")
+	secretKey := argsOrEnv(args, "secret_access_key", "ARM_CLIENT_SECRET")
 
 	// Use tags if using network interfaces
 	tagName := args["tag_name"]

diff --git a/provider/azure/azure_discover_test.go b/provider/azure/azure_discover_test.go
@@ -12,6 +12,31 @@ import (
 var _ discover.Provider = (*azure.Provider)(nil)
 var _ discover.ProviderWithUserAgent = (*azure.Provider)(nil)
 
+func TestTagAddrsWithEnv(t *testing.T) {
+	args := discover.Config{
+		"provider":  "azure",
+		"tag_name":  "consul",
+		"tag_value": "server",
+	}
+
+	if os.Getenv("ARM_SUBSCRIPTION_ID") == "" || os.Getenv("ARM_CLIENT_ID") == "" || os.Getenv("ARM_CLIENT_SECRET") == "" || os.Getenv("ARM_TENANT_ID") == "" {
+		t.Skip("Azure Enviornmental credentials missing")
+	}
+
+	if args["environment"] == "" {
+		t.Log("Environments other than Public not supported at the moment")
+	}
+
+	p := &azure.Provider{}
+	l := log.New(os.Stderr, "", log.LstdFlags)
+	addrs, err := p.Addrs(args, l)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if len(addrs) != 2 {
+		t.Fatalf("bad: %v", addrs)
+	}
+}
 func TestTagAddrs(t *testing.T) {
 	args := discover.Config{
 		"provider":          "azure",