package azure
import (
"fmt"
"net/http"
"time"
"github.com/Azure/azure-sdk-for-go/sdk/azcore"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/container"
"github.com/thanos-io/objstore/exthttp"
)
const DirDelim = "/"
func getContainerClient(conf Config) (*container.Client, error) {
dt, err := exthttp.DefaultTransport(conf.HTTPConfig)
if err != nil {
return nil, err
}
opt := &container.ClientOptions{
ClientOptions: azcore.ClientOptions{
Retry: policy.RetryOptions{
MaxRetries: conf.PipelineConfig.MaxTries,
TryTimeout: time.Duration(conf.PipelineConfig.TryTimeout),
RetryDelay: time.Duration(conf.PipelineConfig.RetryDelay),
MaxRetryDelay: time.Duration(conf.PipelineConfig.MaxRetryDelay),
},
Telemetry: policy.TelemetryOptions{
ApplicationID: "Thanos",
},
Transport: &http.Client{Transport: dt},
},
}
containerURL := fmt.Sprintf("https://%s.%s/%s", conf.StorageAccountName, conf.Endpoint, conf.ContainerName)
if conf.StorageAccountKey != "" {
cred, err := container.NewSharedKeyCredential(conf.StorageAccountName, conf.StorageAccountKey)
if err != nil {
return nil, err
}
containerClient, err := container.NewClientWithSharedKeyCredential(containerURL, cred, opt)
if err != nil {
return nil, err
}
return containerClient, nil
}
msiOpt := &azidentity.ManagedIdentityCredentialOptions{}
if conf.UserAssignedID != "" {
msiOpt.ID = azidentity.ClientID(conf.UserAssignedID)
}
cred, err := azidentity.NewManagedIdentityCredential(msiOpt)
if err != nil {
return nil, err
}
containerClient, err := container.NewClient(containerURL, cred, opt)
if err != nil {
return nil, err
}
return containerClient, nil
}