- fence_azure_arm: fix sovereign cloud and MSI support

Resolves: rhbz#2010652
- fence_amt_ws: fix "or" causing dead code
  Resolves: rhbz#2010709
This commit is contained in:
Oyvind Albrigtsen 2021-10-05 15:06:16 +02:00
parent 3afca3d4c4
commit 69ddab129d
3 changed files with 170 additions and 2 deletions

View File

@ -0,0 +1,139 @@
From e339f304d4423a0e661d915f72ba88553b21d74a Mon Sep 17 00:00:00 2001
From: MSSedusch <sedusch@microsoft.com>
Date: Tue, 28 Sep 2021 12:23:37 +0000
Subject: [PATCH 1/2] add support for sovereign clouds and MSI
---
lib/azure_fence.py.py | 14 ++++++++------
1 file changed, 8 insertions(+), 6 deletions(-)
diff --git a/lib/azure_fence.py.py b/lib/azure_fence.py.py
index 1f38bd4ea..75b63fdad 100644
--- a/lib/azure_fence.py.py
+++ b/lib/azure_fence.py.py
@@ -286,11 +286,11 @@ def get_azure_credentials(config):
credentials = None
cloud_environment = get_azure_cloud_environment(config)
if config.UseMSI and cloud_environment:
- from msrestazure.azure_active_directory import MSIAuthentication
- credentials = MSIAuthentication(cloud_environment=cloud_environment)
+ from azure.identity import ManagedIdentityCredential
+ credentials = ManagedIdentityCredential(cloud_environment=cloud_environment)
elif config.UseMSI:
- from msrestazure.azure_active_directory import MSIAuthentication
- credentials = MSIAuthentication()
+ from azure.identity import ManagedIdentityCredential
+ credentials = ManagedIdentityCredential()
elif cloud_environment:
try:
# try to use new libraries ClientSecretCredential (azure.identity, based on azure.core)
@@ -340,7 +340,8 @@ def get_azure_compute_client(config):
compute_client = ComputeManagementClient(
credentials,
config.SubscriptionId,
- base_url=cloud_environment.endpoints.resource_manager
+ base_url=cloud_environment.endpoints.resource_manager,
+ credential_scopes=[cloud_environment.endpoints.resource_manager + "/.default"]
)
else:
compute_client = ComputeManagementClient(
@@ -359,7 +360,8 @@ def get_azure_network_client(config):
network_client = NetworkManagementClient(
credentials,
config.SubscriptionId,
- base_url=cloud_environment.endpoints.resource_manager
+ base_url=cloud_environment.endpoints.resource_manager,
+ credential_scopes=[cloud_environment.endpoints.resource_manager + "/.default"]
)
else:
network_client = NetworkManagementClient(
From f08f02a7561e78dd9c95c66ccdcf6246c5ee7d6a Mon Sep 17 00:00:00 2001
From: MSSedusch <sedusch@microsoft.com>
Date: Fri, 1 Oct 2021 15:28:39 +0000
Subject: [PATCH 2/2] compatiblity fix
---
lib/azure_fence.py.py | 54 ++++++++++++++++++++++++++++++-------------
1 file changed, 38 insertions(+), 16 deletions(-)
diff --git a/lib/azure_fence.py.py b/lib/azure_fence.py.py
index 75b63fdad..5ca71eb42 100644
--- a/lib/azure_fence.py.py
+++ b/lib/azure_fence.py.py
@@ -286,11 +286,19 @@ def get_azure_credentials(config):
credentials = None
cloud_environment = get_azure_cloud_environment(config)
if config.UseMSI and cloud_environment:
- from azure.identity import ManagedIdentityCredential
- credentials = ManagedIdentityCredential(cloud_environment=cloud_environment)
+ try:
+ from azure.identity import ManagedIdentityCredential
+ credentials = ManagedIdentityCredential(cloud_environment=cloud_environment)
+ except ImportError:
+ from msrestazure.azure_active_directory import MSIAuthentication
+ credentials = MSIAuthentication(cloud_environment=cloud_environment)
elif config.UseMSI:
- from azure.identity import ManagedIdentityCredential
- credentials = ManagedIdentityCredential()
+ try:
+ from azure.identity import ManagedIdentityCredential
+ credentials = ManagedIdentityCredential()
+ except ImportError:
+ from msrestazure.azure_active_directory import MSIAuthentication
+ credentials = MSIAuthentication()
elif cloud_environment:
try:
# try to use new libraries ClientSecretCredential (azure.identity, based on azure.core)
@@ -337,12 +345,19 @@ def get_azure_compute_client(config):
credentials = get_azure_credentials(config)
if cloud_environment:
- compute_client = ComputeManagementClient(
- credentials,
- config.SubscriptionId,
- base_url=cloud_environment.endpoints.resource_manager,
- credential_scopes=[cloud_environment.endpoints.resource_manager + "/.default"]
- )
+ try:
+ compute_client = ComputeManagementClient(
+ credentials,
+ config.SubscriptionId,
+ base_url=cloud_environment.endpoints.resource_manager,
+ credential_scopes=[cloud_environment.endpoints.resource_manager + "/.default"]
+ )
+ except TypeError:
+ compute_client = ComputeManagementClient(
+ credentials,
+ config.SubscriptionId,
+ base_url=cloud_environment.endpoints.resource_manager
+ )
else:
compute_client = ComputeManagementClient(
credentials,
@@ -357,12 +372,19 @@ def get_azure_network_client(config):
credentials = get_azure_credentials(config)
if cloud_environment:
- network_client = NetworkManagementClient(
- credentials,
- config.SubscriptionId,
- base_url=cloud_environment.endpoints.resource_manager,
- credential_scopes=[cloud_environment.endpoints.resource_manager + "/.default"]
- )
+ try:
+ network_client = NetworkManagementClient(
+ credentials,
+ config.SubscriptionId,
+ base_url=cloud_environment.endpoints.resource_manager,
+ credential_scopes=[cloud_environment.endpoints.resource_manager + "/.default"]
+ )
+ except TypeError:
+ network_client = NetworkManagementClient(
+ credentials,
+ config.SubscriptionId,
+ base_url=cloud_environment.endpoints.resource_manager
+ )
else:
network_client = NetworkManagementClient(
credentials,

View File

@ -0,0 +1,22 @@
From 06855a8227fa91f6216119daa3d32d5858c62837 Mon Sep 17 00:00:00 2001
From: Oyvind Albrigtsen <oalbrigt@redhat.com>
Date: Mon, 27 Sep 2021 12:05:41 +0200
Subject: [PATCH] fence_amt_ws: fix "or" causing dead code
---
agents/amt_ws/fence_amt_ws.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/agents/amt_ws/fence_amt_ws.py b/agents/amt_ws/fence_amt_ws.py
index 23c8a61a4..122cec309 100755
--- a/agents/amt_ws/fence_amt_ws.py
+++ b/agents/amt_ws/fence_amt_ws.py
@@ -148,7 +148,7 @@ def set_boot_order(_, client, options):
if options["--boot-option"] == "pxe":
device = "Intel(r) AMT: Force PXE Boot"
- elif options["--boot-option"] == "hd" or "hdsafe":
+ elif options["--boot-option"] in ["hd", "hdsafe"]:
device = "Intel(r) AMT: Force Hard-drive Boot"
elif options["--boot-option"] == "cd":
device = "Intel(r) AMT: Force CD/DVD Boot"

View File

@ -9,7 +9,7 @@
Name: fence-agents
Summary: Set of unified programs capable of host isolation ("fencing")
Version: 4.10.0
Release: 9%{?alphatag:.%{alphatag}}%{?dist}
Release: 10%{?alphatag:.%{alphatag}}%{?dist}
License: GPLv2+ and LGPLv2+
URL: https://github.com/ClusterLabs/fence-agents
Source0: https://fedorahosted.org/releases/f/e/fence-agents/%{name}-%{version}.tar.gz
@ -134,6 +134,8 @@ Patch3: ha-cloud-support-google.patch
Patch4: ha-openstack-support.patch
Patch5: bundled-pexpect.patch
Patch6: bundled-suds.patch
Patch7: bz2010652-fence_azure_arm-fix-sovereign-cloud-msi-support.patch
Patch8: bz2010709-fence_amt_ws-fix-or-causing-dead-code.patch
%global supportedagents amt_ws apc apc_snmp bladecenter brocade cisco_mds cisco_ucs compute drac5 eaton_snmp emerson eps evacuate hpblade ibmblade ifmib ilo ilo_moonshot ilo_mp ilo_ssh intelmodular ipdu ipmilan kdump lpar mpath redfish rhevm rsa rsb sbd scsi vmware_rest vmware_soap wti
%ifarch x86_64
@ -1272,6 +1274,12 @@ are located on corosync cluster nodes.
%endif
%changelog
* Tue Oct 5 2021 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.10.0-10
- fence_azure_arm: fix sovereign cloud and MSI support
Resolves: rhbz#2010652
- fence_amt_ws: fix "or" causing dead code
Resolves: rhbz#2010709
* Tue Aug 31 2021 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.10.0-9
- Only build fence-virt subpackages for x86_64 arch
Resolves: rhbz#1965988
@ -1418,7 +1426,6 @@ are located on corosync cluster nodes.
* Thu Aug 3 2017 Oyvind Albrigtsen <oalbrigt@redhat.com> - 4.0.24-9
- Fix encoding for pexpect with Python 3.6
Resolves: rhbz#1473908
* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 4.0.24-8