-
-
Notifications
You must be signed in to change notification settings - Fork 22
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support for Subscription ID in AzureRM URL #115
Conversation
@fujiwara I'm sorry to bother you but could I get a review on this? |
@ashpr Thank you! I am currently occupied a little. I will review your pull request by this weekend. |
This PR seems only works when {blob_name} does not include '/'. For example, If
The two URLs below should work.
However, the current code is unable to correctly detect elements within the URL path. For compatibility, I would prefer not to include the {subscription_id} in the URL path. I'm not familiar with Azure, how do you think about this URL format?
This format can be parsed by |
Thanks @fujiwara ! I genuinely appreciate the feedback and testing. I think part of the headache here is I tried to retain the URL format that Azure uses. All Azure resources use the format I do like your suggestion to use the user identifier. It should work long-term as the subscription is the highest possible level you can go. I'll attempt that approach and update this PR accordingly and make sure the test cases described function properly |
c367c80
to
bc7bea9
Compare
bc7bea9
to
e5db390
Compare
6de47f5
to
2620ddc
Compare
Thanks again @fujiwara .. Turns out that was a much easier solution! I wish I had done that from the start. Great idea. I've tested the following scenarios:
I've rebased my commits into a single commit for a cleaner history. Proof supplied below with multiple subscriptions as I appreciate you're not familiar with Azure: |
@ashpr Thank you! Great!! I've confirmed works well for two patterns of URL that {subscription_id} is included or not. |
When using the library programmatically, it may be required to talk to a terraform state stored in a different subscription. A common use case is larger orgs which use DevTest subscriptions and whatnot.
I know that this functionality already exists when using environment variables via
AZURE_SUBSCRIPTION_ID
, however this can be problematic if the user is accessing multiple states in different subscriptions in the same execution pipeline which is our use case when using tfstate-lookup via ArgoCD.Tested on my local machine against our own subscriptions covering both scenarios where a user does and doesn't provide the subscription id.
This is my first punt at Go so feedback is very much welcomed :)