feat(azure): add experimental Azure endpoint support (#1936)

2025-07-25 00:09:40 +02:00 · 2018-05-28 16:40:33 +02:00 · 2018-05-28 16:40:33 +02:00 · 9ad9cc5e2d
commit 9ad9cc5e2d
parent 415c6ce5e1
52 changed files with 1665 additions and 79 deletions
--- a/api/http/handler/endpoint.go
+++ b/api/http/handler/endpoint.go
@ -80,6 +80,7 @@ type (
 	postEndpointPayload struct {
 		name                      string
 		url                       string
+		endpointType              int
 		publicURL                 string
 		groupID                   int
 		useTLS                    bool
@ -88,6 +89,9 @@ type (
 		caCert                    []byte
 		cert                      []byte
 		key                       []byte
+		azureApplicationID        string
+		azureTenantID             string
+		azureAuthenticationKey    string
 	}
 )

@ -117,9 +121,46 @@ func (handler *EndpointHandler) handleGetEndpoints(w http.ResponseWriter, r *htt
 		return
 	}

+	for i := range filteredEndpoints {
+		filteredEndpoints[i].AzureCredentials = portainer.AzureCredentials{}
+	}
+
 	encodeJSON(w, filteredEndpoints, handler.Logger)
 }

+func (handler *EndpointHandler) createAzureEndpoint(payload *postEndpointPayload) (*portainer.Endpoint, error) {
+	credentials := portainer.AzureCredentials{
+		ApplicationID:     payload.azureApplicationID,
+		TenantID:          payload.azureTenantID,
+		AuthenticationKey: payload.azureAuthenticationKey,
+	}
+
+	httpClient := client.NewHTTPClient()
+	_, err := httpClient.ExecuteAzureAuthenticationRequest(&credentials)
+	if err != nil {
+		return nil, err
+	}
+
+	endpoint := &portainer.Endpoint{
+		Name:             payload.name,
+		URL:              payload.url,
+		Type:             portainer.AzureEnvironment,
+		GroupID:          portainer.EndpointGroupID(payload.groupID),
+		PublicURL:        payload.publicURL,
+		AuthorizedUsers:  []portainer.UserID{},
+		AuthorizedTeams:  []portainer.TeamID{},
+		Extensions:       []portainer.EndpointExtension{},
+		AzureCredentials: credentials,
+	}
+
+	err = handler.EndpointService.CreateEndpoint(endpoint)
+	if err != nil {
+		return nil, err
+	}
+
+	return endpoint, nil
+}
+
 func (handler *EndpointHandler) createTLSSecuredEndpoint(payload *postEndpointPayload) (*portainer.Endpoint, error) {
 	tlsConfig, err := crypto.CreateTLSConfigurationFromBytes(payload.caCert, payload.cert, payload.key, payload.skipTLSClientVerification, payload.skipTLSServerVerification)
 	if err != nil {
@ -236,6 +277,10 @@ func (handler *EndpointHandler) createUnsecuredEndpoint(payload *postEndpointPay
 }

 func (handler *EndpointHandler) createEndpoint(payload *postEndpointPayload) (*portainer.Endpoint, error) {
+	if portainer.EndpointType(payload.endpointType) == portainer.AzureEnvironment {
+		return handler.createAzureEndpoint(payload)
+	}
+
 	if payload.useTLS {
 		return handler.createTLSSecuredEndpoint(payload)
 	}
@ -245,11 +290,35 @@ func (handler *EndpointHandler) createEndpoint(payload *postEndpointPayload) (*p
 func convertPostEndpointRequestToPayload(r *http.Request) (*postEndpointPayload, error) {
 	payload := &postEndpointPayload{}
 	payload.name = r.FormValue("Name")
+
+	endpointType := r.FormValue("EndpointType")
+
+	if payload.name == "" || endpointType == "" {
+		return nil, ErrInvalidRequestFormat
+	}
+
+	parsedType, err := strconv.Atoi(endpointType)
+	if err != nil {
+		return nil, err
+	}
+
 	payload.url = r.FormValue("URL")
+	payload.endpointType = parsedType
+
+	if portainer.EndpointType(payload.endpointType) != portainer.AzureEnvironment && payload.url == "" {
+		return nil, ErrInvalidRequestFormat
+	}
+
 	payload.publicURL = r.FormValue("PublicURL")

-	if payload.name == "" || payload.url == "" {
-		return nil, ErrInvalidRequestFormat
+	if portainer.EndpointType(payload.endpointType) == portainer.AzureEnvironment {
+		payload.azureApplicationID = r.FormValue("AzureApplicationID")
+		payload.azureTenantID = r.FormValue("AzureTenantID")
+		payload.azureAuthenticationKey = r.FormValue("AzureAuthenticationKey")
+
+		if payload.azureApplicationID == "" || payload.azureTenantID == "" || payload.azureAuthenticationKey == "" {
+			return nil, ErrInvalidRequestFormat
+		}
 	}

 	rawGroupID := r.FormValue("GroupID")
@ -336,6 +405,8 @@ func (handler *EndpointHandler) handleGetEndpoint(w http.ResponseWriter, r *http
 		return
 	}

+	endpoint.AzureCredentials = portainer.AzureCredentials{}
+
 	encodeJSON(w, endpoint, handler.Logger)
 }