cloud-provider-azure icon indicating copy to clipboard operation
cloud-provider-azure copied to clipboard

Published 20 hours ago verified publisher icon kubernetes-sigs

Migrate to Microsoft Authentication Library (MSAL)

Open feiskyer opened this issue 4 years ago • 28 comments

per the AAD docs here, we should migrate ADAL to MSAL:

Q: Is ADAL being deprecated? A: Yes. Starting June 30th, 2020, we will no longer add new features to ADAL. We'll continue adding critical security fixes to ADAL until June 30th, 2022. After this date, your apps using ADAL will continue to work, but we recommend upgrading to MSAL to take advantage of the latest features and to stay secure.

Dependency

The GO library AzureAD/microsoft-authentication-library-for-go is not yet ready for public preview.

feiskyer avatar Dec 09 '20 11:12 feiskyer

Issues go stale after 90d of inactivity. Mark the issue as fresh with /remove-lifecycle stale. Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale

fejta-bot avatar Mar 09 '21 11:03 fejta-bot

Issues go stale after 90d of inactivity. Mark the issue as fresh with /remove-lifecycle stale. Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale

fejta-bot avatar Jun 07 '21 23:06 fejta-bot

/remove-lifecycle stale

pierluigilenoci avatar Jun 08 '21 07:06 pierluigilenoci

The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue or PR as fresh with /remove-lifecycle stale
  • Mark this issue or PR as rotten with /lifecycle rotten
  • Close this issue or PR with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

k8s-triage-robot avatar Sep 06 '21 08:09 k8s-triage-robot

The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue or PR as fresh with /remove-lifecycle stale
  • Mark this issue or PR as rotten with /lifecycle rotten
  • Close this issue or PR with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

k8s-triage-robot avatar Dec 05 '21 08:12 k8s-triage-robot

@feiskyer so what happens to this issue?

pierluigilenoci avatar Dec 06 '21 16:12 pierluigilenoci

related: https://github.com/Azure/azure-sdk-for-go/issues/14920

MartinForReal avatar Dec 08 '21 09:12 MartinForReal

https://github.com/AzureAD/microsoft-authentication-library-for-go is not ready yet for production, it is still in preview version.

feiskyer avatar Dec 09 '21 01:12 feiskyer

The azidentity package is stable: https://azure.github.io/azure-sdk/releases/latest/index.html#go. ADAL deprecation is the end of this month. It looks like everything is set for migration and it should be a priority. Are there still blockers?

patrickdillon avatar Dec 01 '22 17:12 patrickdillon

multi-tenant support is not merged. https://github.com/Azure/azure-sdk-for-go/issues/17159

MartinForReal avatar Dec 02 '22 01:12 MartinForReal

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue as fresh with /remove-lifecycle stale
  • Close this issue with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

k8s-triage-robot avatar Mar 14 '23 13:03 k8s-triage-robot

https://github.com/Azure/azure-sdk-for-go/issues/17159#issuecomment-1421238790

feature is in preview.

MartinForReal avatar Mar 14 '23 13:03 MartinForReal

/remove-lifecycle stale

MartinForReal avatar Mar 14 '23 13:03 MartinForReal

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue as fresh with /remove-lifecycle stale
  • Close this issue with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

k8s-triage-robot avatar Jun 12 '23 13:06 k8s-triage-robot

Seems unblocked now that v1.3.0 went GA back in May? https://github.com/Azure/azure-sdk-for-go/blob/main/sdk/azidentity/CHANGELOG.md#130-2023-05-09

sdodson avatar Jun 12 '23 13:06 sdodson

support is added in track2 sdk client. will close this issue once the new client is adopted. https://pkg.go.dev/sigs.k8s.io/cloud-provider-azure/pkg/azclient

MartinForReal avatar Jun 12 '23 14:06 MartinForReal

/remove-lifecycle stale

pierluigilenoci avatar Jun 12 '23 15:06 pierluigilenoci

/assign @MartinForReal

feiskyer avatar Jun 13 '23 07:06 feiskyer

This would be done together with Azure track2 SDK migration.

feiskyer avatar Jun 13 '23 07:06 feiskyer

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue as fresh with /remove-lifecycle stale
  • Close this issue with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

k8s-triage-robot avatar Jan 22 '24 10:01 k8s-triage-robot

@feiskyer what about Azure track2 SDK migration?

pierluigilenoci avatar Jan 22 '24 16:01 pierluigilenoci

@pierluigilenoci The clients are generated. And azure csi drivers have been migrated to these clients.

MartinForReal avatar Jan 23 '24 01:01 MartinForReal

/remove-lifecycle stale

MartinForReal avatar Jan 23 '24 01:01 MartinForReal

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue as fresh with /remove-lifecycle stale
  • Close this issue with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

k8s-triage-robot avatar Apr 22 '24 02:04 k8s-triage-robot

/remove-lifecycle stale

pierluigilenoci avatar Apr 30 '24 15:04 pierluigilenoci