Skip to content

feat(auth): add support for DefaultAzureCredential #665

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
GabriFedi97 wants to merge 6 commits into
base: main
Choose a base branch
from
Open

feat(auth): add support for DefaultAzureCredential #665

GabriFedi97 wants to merge 6 commits into from

Conversation

@GabriFedi97
Copy link
Contributor

@GabriFedi97 GabriFedi97 commented Nov 14, 2025
edited
Loading

Add support for authenticating to Azure via DefaultAzureCredential.
If the annotation barmancloud.cnpg.io/useDefaultAzureCredentials="true" is detected on the ObjectStore, in addition of setting the value .spec.configuration.azureCredentials.inheritFromAzureAD: true, the barman-cloud commands will be executed to use DefaultAzureCredential.

Fixes #662

@GabriFedi97
feat(auth): add support for DefaultAzureCredential
1c3dd85 
Signed-off-by: Gabriele Fedi <gabriele.fedi@enterprisedb.com>
@GabriFedi97 GabriFedi97 force-pushed the feat/azure-default-creds branch from 02915f4 to 1c3dd85 Compare November 14, 2025 15:21
@GabriFedi97
docs: default azure credentials
c811749 
Signed-off-by: Gabriele Fedi <gabriele.fedi@enterprisedb.com>
@GabriFedi97
style(lint): imports
80dfe72 
Signed-off-by: Gabriele Fedi <gabriele.fedi@enterprisedb.com>
@GabriFedi97
chore(dockerfile): add pkg folder to containers
6d2d3eb 
Signed-off-by: Gabriele Fedi <gabriele.fedi@enterprisedb.com>
@GabriFedi97 GabriFedi97 marked this pull request as ready for review November 18, 2025 08:19
@GabriFedi97 GabriFedi97 requested a review from a team as a code owner November 18, 2025 08:19
@dosubot dosubot bot added size:M This PR changes 30-99 lines, ignoring generated files. enhancement New feature or request labels Nov 18, 2025
@GabriFedi97
docs: minor fixes
cdb893a 
Signed-off-by: Gabriele Fedi <gabriele.fedi@enterprisedb.com>
@GabriFedi97
refactor: mispelled auth method naming
2cb76ef 
Signed-off-by: Gabriele Fedi <gabriele.fedi@enterprisedb.com>
@GabriFedi97 GabriFedi97 force-pushed the feat/azure-default-creds branch from a4fbd84 to 2cb76ef Compare November 18, 2025 08:32
@mnencia
Copy link
Member

mnencia commented Nov 18, 2025
edited
Loading

We should not go ahead with this patch. Barman has added an explicit default option to the --azure-credential option. The API is stable, so we need to update github.com/cloudnative-pg/barman-cloud to support it and change the ObjectStore definition accordingly.

@amnesia0287
Copy link

amnesia0287 commented Dec 12, 2025

We should not go ahead with this patch. Barman has added an explicit default option to the --azure-credential option. The API is stable, so we need to update github.com/cloudnative-pg/barman-cloud to support it and change the ObjectStore definition accordingly.

Do you know if that work is planned? Cause all I can find mentioned is this cloudnative-pg/barman-cloud#115 but that’s much older than this ticket.

@amnesia0287
Copy link

amnesia0287 commented Dec 13, 2025

We should not go ahead with this patch. Barman has added an explicit default option to the --azure-credential option. The API is stable, so we need to update github.com/cloudnative-pg/barman-cloud to support it and change the ObjectStore definition accordingly.

Actually reviewing cloudnative-pg/barman-cloud#59 and https://github.com/cloudnative-pg/barman-cloud/pull/64/files

Does this not already chain to your linked commit and pass default in? Or can we not set the context flag without https://github.com/cloudnative-pg/barman-cloud/pull/115/files?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

enhancement New feature or request size:M This PR changes 30-99 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add DefaultAzureCredential auth mechanism support

3 participants

@GabriFedi97 @mnencia @amnesia0287