Bug 1994690

Summary: Azure CSI driver should use CredentialsRequest
Product: OpenShift Container Platform Reporter: Jan Safranek <jsafrane>
Component: StorageAssignee: aos-storage-staff <aos-storage-staff>
Storage sub component: Operators QA Contact: Wei Duan <wduan>
Status: CLOSED DUPLICATE Docs Contact:
Severity: high    
Priority: unspecified CC: aos-bugs, fbertina
Version: 4.9   
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-08-20 14:29:08 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jan Safranek 2021-08-17 17:27:23 UTC 
azure-disk-csi-driver does not use its own credentials / secret for Azure API. It reuses /etc/kubernetes/cloud.conf from the host, used as a HostPath volume in CSI driver pods.

The cloud.conf will not contain credentials when https://github.com/openshift/installer/pull/5138 is merged.

The CSI driver operator should use CredentialsRequest to obtain its own Azure credentials, merge it with ConfigMap openshift-config/cloud-provider-config and provide it to the driver. This should work the same both on Azure Cloud and Azure Stack hub.
Comment 1 Jan Safranek 2021-08-17 17:54:16 UTC 
cloud-controller-manager-operator will use an init container to merge the ConfigMap and Secret: https://github.com/openshift/cluster-cloud-controller-manager-operator/pull/106
We could reuse the same injector image.
Comment 2 Fabio Bertinatto 2021-08-19 12:40:19 UTC 
This bug has some information on that. Can we close one of them? Which one?

https://bugzilla.redhat.com/show_bug.cgi?id=1953185
Comment 3 Fabio Bertinatto 2021-08-20 14:29:08 UTC 
Closing as duplicate of 1953185, feel free to re-open if you disagree.

*** This bug has been marked as a duplicate of bug 1953185 ***