Skip to content

feat(providers): Azure Federated Identity support #4728

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
julio-lopez merged 1 commit into from
Jul 19, 2025
Merged

feat(providers): Azure Federated Identity support #4728

julio-lopez merged 1 commit into from
Jul 19, 2025

Conversation

@julio-lopez
Copy link
Collaborator

@julio-lopez julio-lopez commented Jul 19, 2025
edited
Loading

Add authentication support for Azure Federated Identity (AFI).

Authored by: @alisonb-veeam

@alisonb-veeam
feat(providers): Azure Federated Identity support
d35176a 
Add authentication support for Azure Federated Identity (AFI)
@julio-lopez julio-lopez requested a review from Copilot July 19, 2025 18:58
Copilot AI reviewed Jul 19, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR adds Azure Federated Identity (AFI) authentication support to the Azure blob storage provider, enabling workload identity-based authentication for Azure resources.

  • Adds Azure Federated Token file support as a new authentication method
  • Implements workload identity credential initialization using the Azure Identity SDK
  • Adds comprehensive test coverage for the new authentication method

Reviewed Changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.

File Description
repo/blob/azure/azure_options.go Adds AzureFederatedTokenFile field to Options struct
repo/blob/azure/azure_storage.go Implements Azure Federated Identity authentication logic and updates error messages
repo/blob/azure/azure_storage_test.go Adds test constant and comprehensive test function for Azure Federated Identity
cli/storage_azure.go Adds CLI flag support for Azure Federated Token file path

repo/blob/azure/azure_storage.go
service, serviceErr = azblob.NewClient(fmt.Sprintf("https://%s/", storageHostname), cred, nil)
default:
return nil, errors.New("one of the storage key, SAS token, client secret or client certificate must be provided")
return nil, errors.New("one of the storage key, SAS token, client secret, client certificate, or Azure Federated Token must be provided")
Copy link

Copilot AI Jul 19, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The error message should use consistent terminology. The code uses 'AzureFederatedTokenFile' but the error message refers to 'Azure Federated Token'. Consider using 'Azure Federated Token file' for clarity.

Suggested change
return nil, errors.New("one of the storage key, SAS token, client secret, client certificate, or Azure Federated Token must be provided")
return nil, errors.New("one of the storage key, SAS token, client secret, client certificate, or Azure Federated Token file must be provided")

Copilot uses AI. Check for mistakes.
@codecov
Copy link

codecov bot commented Jul 19, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 76.39%. Comparing base (cb455c6) to head (d35176a).
Report is 608 commits behind head on master.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #4728      +/-   ##
==========================================
+ Coverage   75.86%   76.39%   +0.52%     
==========================================
  Files         470      530      +60     
  Lines       37301    40468    +3167     
==========================================
+ Hits        28299    30914    +2615     
- Misses       7071     7506     +435     
- Partials     1931     2048     +117

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@julio-lopez
Copy link
Collaborator Author

julio-lopez commented Jul 19, 2025

FYI: @alisonb-veeam @ryanmt @kidgilson @andrason

@julio-lopez julio-lopez marked this pull request as ready for review July 19, 2025 19:23
@julio-lopez julio-lopez merged commit 3ae1c0e into kopia:master Jul 19, 2025
27 checks passed
@julio-lopez julio-lopez deleted the feat/afi branch July 19, 2025 19:24
@Jagtapsgar1
Copy link

Jagtapsgar1 commented Nov 19, 2025

hii
We want v0.21.0 key ShA256

@Jagtapsgar1
Copy link

Jagtapsgar1 commented Nov 19, 2025

for linux tar file

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@redgoat650 redgoat650 Awaiting requested review from redgoat650

@Rohit-BM18 Rohit-BM18 Awaiting requested review from Rohit-BM18

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@julio-lopez @Jagtapsgar1 @alisonb-veeam