Azure kms handling for noobaa

.github/workflows/run_kms_azure_vault_test.yml

@@ -0,0 +1,43 @@
+name: KMS Test - Azure Vault
+on: [push, pull_request, workflow_dispatch]
+
+jobs:
+  run-azure-vault-test:
+    runs-on: ubuntu-latest
+    timeout-minutes: 90
+    concurrency:
+      group: ${{ github.workflow }}-${{ github.ref }}
+      cancel-in-progress: true
+    steps:
+      - name: checkout
+        uses: actions/checkout@v4
+      - uses: actions/setup-go@v4
+        with:
+          go-version: "1.21"
+
+      - name: Set environment variables
+        run: |
+          echo PATH=$PATH:$HOME/go/bin                                          >> $GITHUB_ENV
+          echo OPERATOR_IMAGE=localhost:5000/noobaa/noobaa-operator:integration >> $GITHUB_ENV
+
+      - name: Deploy Dependencies
+        run: |
+          set -x
+          bash .travis/install-5nodes-kind-cluster.sh
+          go get -v github.com/onsi/ginkgo/ginkgo
+          go install -mod=mod -v github.com/onsi/ginkgo/ginkgo
+          ginkgo version
+
+      - name: Build NooBaa
+        run: |
+          make cli
+          make image
+          docker tag noobaa/noobaa-operator:$(go run cmd/version/main.go) $OPERATOR_IMAGE
+          docker push $OPERATOR_IMAGE
+
+      - name: Install NooBaa
+        run: |
+          bash  .travis/install-noobaa-pull-azure-parameters.sh
+
+      - name: Run KMS Azure test
+        run: make test-kms-azure-vault

.travis/install-noobaa-pull-azure-parameters.sh

@@ -0,0 +1,13 @@
+#!/bin/sh
+set -o errexit
+
+
+# TODO: Replace it with azure key vault URL once we have Azure key vault
+# account is created
+echo AZURE_VAULT_URL="https://noobaa-vault.vault.azure.net/" >> $GITHUB_ENV
+
+echo "💬 Install NooBaa CRD"
+./build/_output/bin/noobaa-operator-local crd create
+
+echo "💬 Create NooBaa operator deployment"
+./build/_output/bin/noobaa-operator-local operator --operator-image=$OPERATOR_IMAGE install

Makefile

@@ -240,6 +240,11 @@ test-kms-tls-token: vendor
 	@echo "✅ test-kms-tls-token"
 .PHONY: test-kms-tls-token
 
+test-kms-azure-vault: vendor
+	ginkgo -v pkg/util/kms/test/azure-vault
+	@echo "✅ test-kms-azure-vault"
+.PHONY: test-kms-azure-vault
+
 test-kms-ibm-kp: vendor
 	ginkgo -v pkg/util/kms/test/ibm-kp
 	@echo "✅ test-kms-ibm-kp"

go.mod

@@ -2,6 +2,12 @@ module github.com/noobaa/noobaa-operator/v5
 
 go 1.21
 
+replace (
+	// TODO: remove this replace once https://github.com/libopenstorage/secrets/pull/83 is merged
+	github.com/libopenstorage/secrets => github.com/rook/secrets v0.0.0-20240315053144-3195f6906937
+	github.com/portworx/sched-ops => github.com/portworx/sched-ops v0.20.4-openstorage-rc3
+)
+
 require (
 	cloud.google.com/go/storage v1.30.1
 	github.com/Azure/azure-sdk-for-go v67.2.0+incompatible
@@ -59,11 +65,23 @@ require (
 )
 
 require (
+	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.1 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.1 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/keyvault/azsecrets v0.12.0 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/keyvault/internal v0.7.1 // indirect
+	github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1 // indirect
 	github.com/containernetworking/cni v1.1.2 // indirect
 	github.com/go-errors/errors v1.5.1 // indirect
 	github.com/go-logr/zapr v1.3.0 // indirect
+	github.com/go-test/deep v1.1.0 // indirect
+	github.com/golang-jwt/jwt/v5 v5.2.0 // indirect
+	github.com/gorilla/websocket v1.5.0 // indirect
+	github.com/hashicorp/vault/api/auth/kubernetes v0.5.0 // indirect
 	github.com/k8snetworkplumbingwg/network-attachment-definition-client v1.4.0 // indirect
+	github.com/kylelemons/godebug v1.1.0 // indirect
 	github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 // indirect
+	github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect
 	golang.org/x/exp v0.0.0-20231127185646-65229373498e // indirect
 	golang.org/x/sync v0.5.0 // indirect
 )
@@ -83,7 +101,6 @@ require (
 	github.com/MakeNowJust/heredoc v1.0.0 // indirect
 	github.com/ansel1/merry v1.8.0 // indirect
 	github.com/ansel1/merry/v2 v2.2.0 // indirect
-	github.com/armon/go-metrics v0.4.1 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/bytedance/sonic v1.10.0 // indirect
 	github.com/cenkalti/backoff/v3 v3.2.2 // indirect
@@ -105,7 +122,6 @@ require (
 	github.com/golang-jwt/jwt/v4 v4.5.0 // indirect
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
 	github.com/golang/protobuf v1.5.3 // indirect
-	github.com/golang/snappy v0.0.4 // indirect
 	github.com/google/gnostic-models v0.6.8 // indirect
 	github.com/google/go-cmp v0.6.0 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
@@ -115,19 +131,15 @@ require (
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
 	github.com/hashicorp/go-hclog v1.5.0 // indirect
-	github.com/hashicorp/go-immutable-radix v1.3.1 // indirect
 	github.com/hashicorp/go-multierror v1.1.1 // indirect
 	github.com/hashicorp/go-retryablehttp v0.7.5 // indirect
 	github.com/hashicorp/go-rootcerts v1.0.2 // indirect
 	github.com/hashicorp/go-secure-stdlib/parseutil v0.1.8 // indirect
 	github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 // indirect
 	github.com/hashicorp/go-sockaddr v1.0.6 // indirect
-	github.com/hashicorp/golang-lru v1.0.2 // indirect
 	github.com/hashicorp/hcl v1.0.1-vault-5 // indirect
-	github.com/hashicorp/vault v1.13.12 // indirect
 	github.com/hashicorp/vault/api v1.10.0 // indirect
 	github.com/hashicorp/vault/api/auth/approle v0.5.0 // indirect
-	github.com/hashicorp/vault/sdk v0.9.2 // indirect
 	github.com/imdario/mergo v0.3.16 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/jmespath/go-jmespath v0.4.0 // indirect
@@ -155,7 +167,6 @@ require (
 	github.com/nxadm/tail v1.4.8 // indirect
 	github.com/opencontainers/go-digest v1.0.0 // indirect
 	github.com/pelletier/go-toml/v2 v2.0.9 // indirect
-	github.com/pierrec/lz4 v2.6.1+incompatible // indirect
 	github.com/portworx/sched-ops v1.20.4-rc1.0.20220208024433-611d861089d4 // indirect
 	github.com/prometheus/client_golang v1.17.0 // indirect
 	github.com/prometheus/client_model v0.5.0 // indirect
@@ -199,13 +210,13 @@ require (
 )
 
 // see https://github.com/rook/rook/blob/master/go.mod#L42-L43
-replace github.com/portworx/sched-ops => github.com/portworx/sched-ops v0.20.4-openstorage-rc3
+//replace github.com/portworx/sched-ops => github.com/portworx/sched-ops v0.20.4-openstorage-rc3
 
 // we need to get rid of "github.com/Azure/azure-sdk-for-go/services/storage/mgmt/2019-06-01/storage" in azure utils.go
 replace github.com/Azure/azure-sdk-for-go => github.com/Azure/azure-sdk-for-go v62.0.0+incompatible
 
 // TODO fix the KNS
-replace github.com/libopenstorage/secrets => github.com/libopenstorage/secrets v0.0.0-20230117230814-885ae38d82f8
+// replace github.com/libopenstorage/secrets => github.com/libopenstorage/secrets v0.0.0-20230117230814-885ae38d82f8
 
 // https://github.com/rook/rook/blob/master/go.mod#L47-L49
 exclude (