Update azure backend storage sdk (#24669)

* update vendored azure sdk

* vendor giovanni storage sdk

* Add giovanni clients

* go mod vendor

* Swap to new storage sdk

* workable tests

* update .go-version to 1.14.2

* Tests working minus SAS

* Add SAS Token support

* Update vendor

* Passing tests

* Add date randomizer

* Captalize RG

* Remove random bits

* Update client var name

Co-authored-by: kt <kt@katbyte.me>

Author: mbfrahry

.go-version

@@ -1 +1 @@
-1.14
+1.14.2

backend/remote-state/azure/arm_client.go

@@ -4,14 +4,14 @@ import (
 	"context"
 	"fmt"
 	"log"
-	"net/url"
 	"os"
-	"strings"
 	"time"
 
+	"github.com/tombuildsstuff/giovanni/storage/2018-11-09/blob/blobs"
+	"github.com/tombuildsstuff/giovanni/storage/2018-11-09/blob/containers"
+
 	"github.com/Azure/azure-sdk-for-go/profiles/2017-03-09/resources/mgmt/resources"
 	armStorage "github.com/Azure/azure-sdk-for-go/profiles/2017-03-09/storage/mgmt/storage"
-	"github.com/Azure/azure-sdk-for-go/storage"
 	"github.com/Azure/go-autorest/autorest"
 	"github.com/Azure/go-autorest/autorest/azure"
 	"github.com/hashicorp/go-azure-helpers/authentication"
@@ -23,6 +23,8 @@ type ArmClient struct {
 	// These Clients are only initialized if an Access Key isn't provided
 	groupsClient          *resources.GroupsClient
 	storageAccountsClient *armStorage.AccountsClient
+	containersClient      *containers.Client
+	blobsClient           *blobs.Client
 
 	accessKey          string
 	environment        azure.Environment
@@ -106,49 +108,81 @@ func buildArmEnvironment(config BackendConfig) (*azure.Environment, error) {
 	return authentication.DetermineEnvironment(config.Environment)
 }
 
-func (c ArmClient) getBlobClient(ctx context.Context) (*storage.BlobStorageClient, error) {
-	if c.accessKey != "" {
-		log.Printf("[DEBUG] Building the Blob Client from an Access Token")
-		storageClient, err := storage.NewBasicClientOnSovereignCloud(c.storageAccountName, c.accessKey, c.environment)
+func (c ArmClient) getBlobClient(ctx context.Context) (*blobs.Client, error) {
+	if c.sasToken != "" {
+		log.Printf("[DEBUG] Building the Blob Client from a SAS Token")
+		storageAuth, err := autorest.NewSASTokenAuthorizer(c.sasToken)
 		if err != nil {
-			return nil, fmt.Errorf("Error creating storage client for storage account %q: %s", c.storageAccountName, err)
+			return nil, fmt.Errorf("Error building Authorizer: %+v", err)
 		}
-		client := storageClient.GetBlobService()
-		return &client, nil
+
+		blobsClient := blobs.NewWithEnvironment(c.environment)
+		c.configureClient(&blobsClient.Client, storageAuth)
+		return &blobsClient, nil
 	}
 
-	if c.sasToken != "" {
-		log.Printf("[DEBUG] Building the Blob Client from a SAS Token")
-		token := strings.TrimPrefix(c.sasToken, "?")
-		uri, err := url.ParseQuery(token)
+	accessKey := c.accessKey
+	if accessKey == "" {
+		log.Printf("[DEBUG] Building the Blob Client from an Access Token (using user credentials)")
+		keys, err := c.storageAccountsClient.ListKeys(ctx, c.resourceGroupName, c.storageAccountName)
 		if err != nil {
-			return nil, fmt.Errorf("Error parsing SAS Token: %+v", err)
+			return nil, fmt.Errorf("Error retrieving keys for Storage Account %q: %s", c.storageAccountName, err)
 		}
 
-		storageClient := storage.NewAccountSASClient(c.storageAccountName, uri, c.environment)
-		client := storageClient.GetBlobService()
-		return &client, nil
+		if keys.Keys == nil {
+			return nil, fmt.Errorf("Nil key returned for storage account %q", c.storageAccountName)
+		}
+
+		accessKeys := *keys.Keys
+		accessKey = *accessKeys[0].Value
 	}
 
-	log.Printf("[DEBUG] Building the Blob Client from an Access Token (using user credentials)")
-	keys, err := c.storageAccountsClient.ListKeys(ctx, c.resourceGroupName, c.storageAccountName)
+	storageAuth, err := autorest.NewSharedKeyAuthorizer(c.storageAccountName, accessKey, autorest.SharedKey)
 	if err != nil {
-		return nil, fmt.Errorf("Error retrieving keys for Storage Account %q: %s", c.storageAccountName, err)
+		return nil, fmt.Errorf("Error building Authorizer: %+v", err)
 	}
 
-	if keys.Keys == nil {
-		return nil, fmt.Errorf("Nil key returned for storage account %q", c.storageAccountName)
+	blobsClient := blobs.NewWithEnvironment(c.environment)
+	c.configureClient(&blobsClient.Client, storageAuth)
+	return &blobsClient, nil
+}
+
+func (c ArmClient) getContainersClient(ctx context.Context) (*containers.Client, error) {
+	if c.sasToken != "" {
+		log.Printf("[DEBUG] Building the Container Client from a SAS Token")
+		storageAuth, err := autorest.NewSASTokenAuthorizer(c.sasToken)
+		if err != nil {
+			return nil, fmt.Errorf("Error building Authorizer: %+v", err)
+		}
+
+		containersClient := containers.NewWithEnvironment(c.environment)
+		c.configureClient(&containersClient.Client, storageAuth)
+		return &containersClient, nil
 	}
+	accessKey := c.accessKey
+	if accessKey == "" {
+		log.Printf("[DEBUG] Building the Container Client from an Access Token (using user credentials)")
+		keys, err := c.storageAccountsClient.ListKeys(ctx, c.resourceGroupName, c.storageAccountName)
+		if err != nil {
+			return nil, fmt.Errorf("Error retrieving keys for Storage Account %q: %s", c.storageAccountName, err)
+		}
 
-	accessKeys := *keys.Keys
-	accessKey := accessKeys[0].Value
+		if keys.Keys == nil {
+			return nil, fmt.Errorf("Nil key returned for storage account %q", c.storageAccountName)
+		}
+
+		accessKeys := *keys.Keys
+		accessKey = *accessKeys[0].Value
+	}
 
-	storageClient, err := storage.NewBasicClientOnSovereignCloud(c.storageAccountName, *accessKey, c.environment)
+	storageAuth, err := autorest.NewSharedKeyAuthorizer(c.storageAccountName, accessKey, autorest.SharedKey)
 	if err != nil {
-		return nil, fmt.Errorf("Error creating storage client for storage account %q: %s", c.storageAccountName, err)
+		return nil, fmt.Errorf("Error building Authorizer: %+v", err)
 	}
-	client := storageClient.GetBlobService()
-	return &client, nil
+
+	containersClient := containers.NewWithEnvironment(c.environment)
+	c.configureClient(&containersClient.Client, storageAuth)
+	return &containersClient, nil
 }
 
 func (c *ArmClient) configureClient(client *autorest.Client, auth autorest.Authorizer) {

backend/remote-state/azure/backend.go

@@ -149,6 +149,7 @@ type Backend struct {
 	armClient     *ArmClient
 	containerName string
 	keyName       string
+	accountName   string
 }
 
 type BackendConfig struct {
@@ -177,6 +178,7 @@ func (b *Backend) configure(ctx context.Context) error {
 	// Grab the resource data
 	data := schema.FromContextBackendConfig(ctx)
 	b.containerName = data.Get("container_name").(string)
+	b.accountName = data.Get("storage_account_name").(string)
 	b.keyName = data.Get("key").(string)
 
 	// support for previously deprecated fields

backend/remote-state/azure/backend_state.go

@@ -6,11 +6,12 @@ import (
 	"sort"
 	"strings"
 
-	"github.com/Azure/azure-sdk-for-go/storage"
 	"github.com/hashicorp/terraform/backend"
 	"github.com/hashicorp/terraform/state"
 	"github.com/hashicorp/terraform/state/remote"
 	"github.com/hashicorp/terraform/states"
+	"github.com/tombuildsstuff/giovanni/storage/2018-11-09/blob/blobs"
+	"github.com/tombuildsstuff/giovanni/storage/2018-11-09/blob/containers"
 )
 
 const (
@@ -21,23 +22,22 @@ const (
 
 func (b *Backend) Workspaces() ([]string, error) {
 	prefix := b.keyName + keyEnvPrefix
-	params := storage.ListBlobsParameters{
-		Prefix: prefix,
+	params := containers.ListBlobsInput{
+		Prefix: &prefix,
 	}
 
 	ctx := context.TODO()
-	client, err := b.armClient.getBlobClient(ctx)
+	client, err := b.armClient.getContainersClient(ctx)
 	if err != nil {
 		return nil, err
 	}
-	container := client.GetContainerReference(b.containerName)
-	resp, err := container.ListBlobs(params)
+	resp, err := client.ListBlobs(ctx, b.armClient.storageAccountName, b.containerName, params)
 	if err != nil {
 		return nil, err
 	}
 
 	envs := map[string]struct{}{}
-	for _, obj := range resp.Blobs {
+	for _, obj := range resp.Blobs.Blobs {
 		key := obj.Name
 		if strings.HasPrefix(key, prefix) {
 			name := strings.TrimPrefix(key, prefix)
@@ -69,11 +69,13 @@ func (b *Backend) DeleteWorkspace(name string) error {
 		return err
 	}
 
-	containerReference := client.GetContainerReference(b.containerName)
-	blobReference := containerReference.GetBlobReference(b.path(name))
-	options := &storage.DeleteBlobOptions{}
+	if resp, err := client.Delete(ctx, b.armClient.storageAccountName, b.containerName, b.path(name), blobs.DeleteInput{}); err != nil {
+		if resp.Response.StatusCode != 404 {
+			return err
+		}
+	}
 
-	return blobReference.Delete(options)
+	return nil
 }
 
 func (b *Backend) StateMgr(name string) (state.State, error) {
@@ -84,9 +86,10 @@ func (b *Backend) StateMgr(name string) (state.State, error) {
 	}
 
 	client := &RemoteClient{
-		blobClient:    *blobClient,
-		containerName: b.containerName,
-		keyName:       b.path(name),
+		giovanniBlobClient: *blobClient,
+		containerName:      b.containerName,
+		keyName:            b.path(name),
+		accountName:        b.accountName,
 	}
 
 	stateMgr := &remote.State{Client: client}