Skip to content

Commit e80f6e1

Browse files
authored
Make Azure MSI auth account compatible (#544)
## Changes <!-- Summary of your changes that are easy to understand --> Currently it is not possible to use azure msi authentication for accounts. This PR adds that functionality ## Tests <!-- How is this tested? Please see the checklist below and also describe any other relevant tests --> Existing integration tests passing for azure-prod and azure-prod-acct Need to test manually for MSI accounts auth - [x] `make test` passing - [x] `make fmt` applied - [ ] relevant integration tests applied
1 parent 84f5bf6 commit e80f6e1

File tree

1 file changed

+9
-5
lines changed

1 file changed

+9
-5
lines changed

config/auth_azure_msi.go

Lines changed: 9 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -27,16 +27,18 @@ func (c AzureMsiCredentials) Name() string {
2727
}
2828

2929
func (c AzureMsiCredentials) Configure(ctx context.Context, cfg *Config) (func(*http.Request) error, error) {
30-
if !cfg.IsAzure() || !cfg.AzureUseMSI || cfg.AzureResourceID == "" {
30+
if !cfg.IsAzure() || !cfg.AzureUseMSI || (cfg.AzureResourceID == "" && !cfg.IsAccountClient()) {
3131
return nil, nil
3232
}
3333
env, err := c.getInstanceEnvironment(ctx)
3434
if err != nil {
3535
return nil, err
3636
}
37-
err = cfg.azureEnsureWorkspaceUrl(ctx, c)
38-
if err != nil {
39-
return nil, fmt.Errorf("resolve host: %w", err)
37+
if !cfg.IsAccountClient() {
38+
err = cfg.azureEnsureWorkspaceUrl(ctx, c)
39+
if err != nil {
40+
return nil, fmt.Errorf("resolve host: %w", err)
41+
}
4042
}
4143
logger.Debugf(ctx, "Generating AAD token via Azure MSI")
4244
inner := azureMsiTokenSource{
@@ -48,7 +50,9 @@ func (c AzureMsiCredentials) Configure(ctx context.Context, cfg *Config) (func(*
4850
clientId: cfg.AzureClientID,
4951
}
5052
return func(r *http.Request) error {
51-
r.Header.Set("X-Databricks-Azure-Workspace-Resource-Id", cfg.AzureResourceID)
53+
if !cfg.IsAccountClient() {
54+
r.Header.Set("X-Databricks-Azure-Workspace-Resource-Id", cfg.AzureResourceID)
55+
}
5256
return serviceToServiceVisitor(inner, platform,
5357
"X-Databricks-Azure-SP-Management-Token")(r)
5458
}, nil

0 commit comments

Comments
 (0)