VictoriaMetrics/lib/backup
justinrush e65e55e2dd
lib/backup: add support for Azure Managed Identity (#6518)
### Describe Your Changes

These changes support using Azure Managed Identity for the `vmbackup`
utility. It adds two new environment variables:

* `AZURE_USE_DEFAULT_CREDENTIAL`: Instructs the `vmbackup` utility to
build a connection using the [Azure Default
Credential](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity@v1.5.2#NewDefaultAzureCredential)
mode. This causes the Azure SDK to check for a variety of environment
variables to try and make a connection. By default, it tries to use
managed identity if that is set up.

This will close
https://github.com/VictoriaMetrics/VictoriaMetrics/issues/5984

### Checklist

The following checks are **mandatory**:

- [x] My change adheres [VictoriaMetrics contributing
guidelines](https://docs.victoriametrics.com/contributing/).

### Testing

However you normally test the `vmbackup` utility using Azure Blob should
continue to work without any changes. The set up for that is environment
specific and not listed out here.

Once regression testing has been done you can set up [Azure Managed
Identity](https://learn.microsoft.com/en-us/entra/identity/managed-identities-azure-resources/overview)
so your resource (AKS, VM, etc), can use that credential method. Once it
is set up, update your environment variables according to the updated
documentation.

I added unit tests to the `FS.Init` function, then made my changes, then
updated the unit tests to capture the new branches.

I tested this in our environment, but with SAS token auth and managed
identity and it works as expected.

---------

Signed-off-by: Zakhar Bessarab <z.bessarab@victoriametrics.com>
Co-authored-by: Justin Rush <jarush@epic.com>
Co-authored-by: Zakhar Bessarab <z.bessarab@victoriametrics.com>
Co-authored-by: hagen1778 <roman@victoriametrics.com>
(cherry picked from commit 5fd3aef549)
2024-07-10 12:26:21 +02:00
..
actions lib/backup: add -s3TLSInsecureSkipVerify command-line flag (#6318) 2024-05-22 16:40:06 +02:00
azremote lib/backup: add support for Azure Managed Identity (#6518) 2024-07-10 12:26:21 +02:00
backupnames fix removing storage data dir before restoring from backup (#598) 2023-07-06 22:32:12 -07:00
common all: replace old https://docs.victoriametrics.com/vmbackup.html url with the new one - https://docs.victoriametrics.com/vmbackup/ 2024-04-18 01:58:00 +02:00
fscommon lib/backup/common: consistently use canonical path with / directory separators at Part.Path 2023-09-19 00:36:32 +02:00
fslocal lib/backup/common: consistently use canonical path with / directory separators at Part.Path 2023-09-19 00:36:32 +02:00
fsnil lib/backup: add MustStop() method for all remote filesystems 2020-10-09 15:32:13 +03:00
fsremote lib/backup/common: consistently use canonical path with / directory separators at Part.Path 2023-09-19 00:36:32 +02:00
gcsremote lib/backup: consistently use path.Join() when constructing paths for s3, gs and azblob 2023-12-04 17:25:41 +02:00
s3remote lib/backup/s3remote: fixed credsFilePath flag (#6488) 2024-06-14 14:14:58 +02:00