Merge branch 'main' into feat/add-aws-profile

.github/workflows/ci.yml

@@ -94,7 +94,7 @@ jobs:
         if: github.event_name != 'pull_request'
 
       - name: Download Syft
-        uses: anchore/sbom-action/download-syft@ab9d16d4b419c9d1a02df5213fa0ebe965ca5a57 # v0.17.1
+        uses: anchore/sbom-action/download-syft@61119d458adab75f756bc0b9e4bde25725f86a7a # v0.17.2
         if: github.ref_type == 'tag'
 
       - name: Install Cosign

.github/workflows/codeql-analysis.yml

@@ -57,7 +57,7 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@883d8588e56d1753a8a58c1c86e88976f0c23449 # v3.26.3
+        uses: github/codeql-action/init@2c779ab0d087cd7fe7b826087247c2c81f27bfa6 # v3.26.5
         with:
           languages: ${{ matrix.language }}
           build-mode: ${{ matrix.build-mode }}
@@ -69,6 +69,6 @@ jobs:
           # queries: security-extended,security-and-quality
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@883d8588e56d1753a8a58c1c86e88976f0c23449 # v3.26.3
+        uses: github/codeql-action/analyze@2c779ab0d087cd7fe7b826087247c2c81f27bfa6 # v3.26.5
         with:
           category: "/language:${{matrix.language}}"

.github/workflows/lint.yml

@@ -32,7 +32,7 @@ jobs:
       - name: Lint Go
         uses: golangci/golangci-lint-action@aaa42aa0628b4ae2578232a66b541047968fac86 # v6.1.0
         with:
-          version: v1.60.2 # renovate: datasource=github-tags depName=golangci/golangci-lint
+          version: v1.60.3 # renovate: datasource=github-tags depName=golangci/golangci-lint
 
   actionlint:
     name: Actionlint

.github/workflows/scorecards.yml

@@ -56,6 +56,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@883d8588e56d1753a8a58c1c86e88976f0c23449 # v3.26.3
+        uses: github/codeql-action/upload-sarif@2c779ab0d087cd7fe7b826087247c2c81f27bfa6 # v3.26.5
         with:
           sarif_file: results.sarif

.goreleaser.yml

@@ -115,9 +115,6 @@ announce:
 milestones:
   - close: true
 
-snapshot:
-  name_template: "edge"
-
 snapcrafts:
   - summary: NGINX Plus Integration with Cloud Autoscaling
     description: |

.pre-commit-config.yaml

@@ -30,7 +30,7 @@ repos:
       - id: detect-private-key
 
   - repo: https://github.com/golangci/golangci-lint
-    rev: v1.60.2
+    rev: v1.60.3
     hooks:
       - id: golangci-lint-full
 

LICENSES

@@ -1,13 +1,9 @@
-github.com/Azure/azure-sdk-for-go,https://github.com/Azure/azure-sdk-for-go/blob/v68.0.0/LICENSE.txt,MIT
-github.com/Azure/go-autorest/autorest,https://github.com/Azure/go-autorest/blob/autorest/v0.11.28/autorest/LICENSE,Apache-2.0
-github.com/Azure/go-autorest/autorest/adal,https://github.com/Azure/go-autorest/blob/autorest/adal/v0.9.22/autorest/adal/LICENSE,Apache-2.0
-github.com/Azure/go-autorest/autorest/azure/auth,https://github.com/Azure/go-autorest/blob/autorest/azure/auth/v0.5.13/autorest/azure/auth/LICENSE,Apache-2.0
-github.com/Azure/go-autorest/autorest/azure/cli,https://github.com/Azure/go-autorest/blob/autorest/azure/cli/v0.4.6/autorest/azure/cli/LICENSE,Apache-2.0
-github.com/Azure/go-autorest/autorest/date,https://github.com/Azure/go-autorest/blob/autorest/date/v0.3.0/autorest/date/LICENSE,Apache-2.0
-github.com/Azure/go-autorest/autorest/to,https://github.com/Azure/go-autorest/blob/autorest/to/v0.4.0/autorest/to/LICENSE,Apache-2.0
-github.com/Azure/go-autorest/autorest/validation,https://github.com/Azure/go-autorest/blob/autorest/validation/v0.3.1/autorest/validation/LICENSE,Apache-2.0
-github.com/Azure/go-autorest/logger,https://github.com/Azure/go-autorest/blob/logger/v0.2.1/logger/LICENSE,Apache-2.0
-github.com/Azure/go-autorest/tracing,https://github.com/Azure/go-autorest/blob/tracing/v0.6.0/tracing/LICENSE,Apache-2.0
+github.com/Azure/azure-sdk-for-go/sdk/azcore,https://github.com/Azure/azure-sdk-for-go/blob/sdk/azcore/v1.13.0/sdk/azcore/LICENSE.txt,MIT
+github.com/Azure/azure-sdk-for-go/sdk/azidentity,https://github.com/Azure/azure-sdk-for-go/blob/sdk/azidentity/v1.7.0/sdk/azidentity/LICENSE.txt,MIT
+github.com/Azure/azure-sdk-for-go/sdk/internal,https://github.com/Azure/azure-sdk-for-go/blob/sdk/internal/v1.10.0/sdk/internal/LICENSE.txt,MIT
+github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v6,https://github.com/Azure/azure-sdk-for-go/blob/sdk/resourcemanager/compute/armcompute/v6.0.0/sdk/resourcemanager/compute/armcompute/LICENSE.txt,MIT
+github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v6,https://github.com/Azure/azure-sdk-for-go/blob/sdk/resourcemanager/network/armnetwork/v6.0.0/sdk/resourcemanager/network/armnetwork/LICENSE.txt,MIT
+github.com/AzureAD/microsoft-authentication-library-for-go/apps,https://github.com/AzureAD/microsoft-authentication-library-for-go/blob/v1.2.2/LICENSE,MIT
 github.com/aws/aws-sdk-go-v2,https://github.com/aws/aws-sdk-go-v2/blob/v1.30.4/LICENSE.txt,Apache-2.0
 github.com/aws/aws-sdk-go-v2/config,https://github.com/aws/aws-sdk-go-v2/blob/config/v1.27.28/config/LICENSE.txt,Apache-2.0
 github.com/aws/aws-sdk-go-v2/credentials,https://github.com/aws/aws-sdk-go-v2/blob/credentials/v1.17.28/credentials/LICENSE.txt,Apache-2.0
@@ -25,11 +21,14 @@ github.com/aws/aws-sdk-go-v2/service/ssooidc,https://github.com/aws/aws-sdk-go-v
 github.com/aws/aws-sdk-go-v2/service/sts,https://github.com/aws/aws-sdk-go-v2/blob/service/sts/v1.30.4/service/sts/LICENSE.txt,Apache-2.0
 github.com/aws/smithy-go,https://github.com/aws/smithy-go/blob/v1.20.4/LICENSE,Apache-2.0
 github.com/aws/smithy-go/internal/sync/singleflight,https://github.com/aws/smithy-go/blob/v1.20.4/internal/sync/singleflight/LICENSE,BSD-3-Clause
-github.com/dimchansky/utfbom,https://github.com/dimchansky/utfbom/blob/v1.1.1/LICENSE,Apache-2.0
-github.com/golang-jwt/jwt/v4,https://github.com/golang-jwt/jwt/blob/v4.5.0/LICENSE,MIT
+github.com/golang-jwt/jwt/v5,https://github.com/golang-jwt/jwt/blob/v5.2.1/LICENSE,MIT
+github.com/google/uuid,https://github.com/google/uuid/blob/v1.6.0/LICENSE,BSD-3-Clause
 github.com/jmespath/go-jmespath,https://github.com/jmespath/go-jmespath/blob/v0.4.0/LICENSE,Apache-2.0
-github.com/mitchellh/go-homedir,https://github.com/mitchellh/go-homedir/blob/v1.1.0/LICENSE,MIT
+github.com/kylelemons/godebug,https://github.com/kylelemons/godebug/blob/v1.1.0/LICENSE,Apache-2.0
 github.com/nginxinc/nginx-asg-sync/cmd/sync,https://github.com/nginxinc/nginx-asg-sync/blob/HEAD/LICENSE,BSD-2-Clause
 github.com/nginxinc/nginx-plus-go-client/client,https://github.com/nginxinc/nginx-plus-go-client/blob/v1.3.0/LICENSE,Apache-2.0
-golang.org/x/crypto/pkcs12,https://cs.opensource.google/go/x/crypto/+/v0.17.0:LICENSE,BSD-3-Clause
+github.com/pkg/browser,https://github.com/pkg/browser/blob/5ac0b6a4141c/LICENSE,BSD-2-Clause
+golang.org/x/crypto/pkcs12,https://cs.opensource.google/go/x/crypto/+/v0.25.0:LICENSE,BSD-3-Clause
+golang.org/x/net,https://cs.opensource.google/go/x/net/+/v0.27.0:LICENSE,BSD-3-Clause
+golang.org/x/text,https://cs.opensource.google/go/x/text/+/v0.16.0:LICENSE,BSD-3-Clause
 gopkg.in/yaml.v3,https://github.com/go-yaml/yaml/blob/v3.0.1/LICENSE,MIT

Makefile

@@ -1,6 +1,6 @@
 .DEFAULT_GOAL := build-goreleaser
 # renovate: datasource=docker depName=golangci/golangci-lint
-GOLANGCI_LINT_VERSION = v1.60.2
+GOLANGCI_LINT_VERSION = v1.60.3
 # renovate: datasource=docker depName=goreleaser/goreleaser
 GORELEASER_VERSION = v2.2.0
 # renovate: datasource=go depName=google/go-licenses

cmd/sync/azure.go

@@ -5,17 +5,17 @@ import (
 	"errors"
 	"fmt"
 
-	"github.com/Azure/azure-sdk-for-go/profiles/latest/compute/mgmt/compute"
-	"github.com/Azure/azure-sdk-for-go/profiles/latest/network/mgmt/network"
-	"github.com/Azure/go-autorest/autorest/azure/auth"
+	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
+	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v6"
+	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v6"
 	yaml "gopkg.in/yaml.v3"
 )
 
 // AzureClient allows you to get the list of IP addresses of VirtualMachines of a VirtualMachine Scale Set. It implements the CloudProvider interface.
 type AzureClient struct {
 	config      *azureConfig
-	vMSSClient  compute.VirtualMachineScaleSetsClient
-	iFaceClient network.InterfacesClient
+	vMSSClient  *armcompute.VirtualMachineScaleSetsClient
+	iFaceClient *armnetwork.InterfacesClient
 }
 
 // NewAzureClient creates an AzureClient.
@@ -52,60 +52,70 @@ func parseAzureConfig(data []byte) (*azureConfig, error) {
 	return cfg, nil
 }
 
+func (client *AzureClient) listScaleSetsNetworkInterfaces(ctx context.Context, resourceGroupName, vmssName string) ([]*armnetwork.Interface, error) {
+	var result []*armnetwork.Interface
+	pager := client.iFaceClient.NewListVirtualMachineScaleSetNetworkInterfacesPager(resourceGroupName, vmssName, nil)
+	for pager.More() {
+		resp, err := pager.NextPage(ctx)
+		if err != nil {
+			return nil, fmt.Errorf("listing network interfaces: %w", err)
+		}
+		result = append(result, resp.Value...)
+	}
+	return result, nil
+}
+
 // GetPrivateIPsForScalingGroup returns the list of IP addresses of instances of the Virtual Machine Scale Set.
 func (client *AzureClient) GetPrivateIPsForScalingGroup(name string) ([]string, error) {
 	var ips []string
 
 	ctx := context.TODO()
 
-	for iFaces, err := client.iFaceClient.ListVirtualMachineScaleSetNetworkInterfaces(ctx, client.config.ResourceGroupName, name); iFaces.NotDone() || err != nil; err = iFaces.NextWithContext(ctx) {
-		if err != nil {
-			return nil, fmt.Errorf("couldn't get the list of network interfaces: %w", err)
-		}
+	iFaces, err := client.listScaleSetsNetworkInterfaces(ctx, client.config.ResourceGroupName, name)
+	if err != nil {
+		return nil, err
+	}
 
-		for _, iFace := range iFaces.Values() {
-			if iFace.VirtualMachine != nil && iFace.VirtualMachine.ID != nil && iFace.IPConfigurations != nil {
-				for _, n := range *iFace.IPConfigurations {
-					ip := getPrimaryIPFromInterfaceIPConfiguration(n)
-					if ip != "" {
-						ips = append(ips, *n.InterfaceIPConfigurationPropertiesFormat.PrivateIPAddress)
-						break
-					}
+	for _, iFace := range iFaces {
+		if iFace.Properties.VirtualMachine != nil && iFace.Properties.VirtualMachine.ID != nil && iFace.Properties.IPConfigurations != nil {
+			for _, n := range iFace.Properties.IPConfigurations {
+				ip := getPrimaryIPFromInterfaceIPConfiguration(n)
+				if ip != "" {
+					ips = append(ips, *n.Properties.PrivateIPAddress)
+					break
 				}
 			}
 		}
 	}
+
 	return ips, nil
 }
 
-func getPrimaryIPFromInterfaceIPConfiguration(ipConfig network.InterfaceIPConfiguration) string {
-	if ipConfig == (network.InterfaceIPConfiguration{}) {
+func getPrimaryIPFromInterfaceIPConfiguration(ipConfig *armnetwork.InterfaceIPConfiguration) string {
+	if ipConfig.Properties == nil {
 		return ""
 	}
 
-	if ipConfig.Primary == nil {
+	if ipConfig.Properties.Primary == nil {
 		return ""
 	}
 
-	if !*ipConfig.Primary {
+	if !*ipConfig.Properties.Primary {
 		return ""
 	}
 
-	if ipConfig.InterfaceIPConfigurationPropertiesFormat == nil {
+	if ipConfig.Properties.PrivateIPAddress == nil {
 		return ""
 	}
 
-	if ipConfig.InterfaceIPConfigurationPropertiesFormat.PrivateIPAddress == nil {
-		return ""
-	}
-
-	return *ipConfig.InterfaceIPConfigurationPropertiesFormat.PrivateIPAddress
+	return *ipConfig.Properties.PrivateIPAddress
 }
 
 // CheckIfScalingGroupExists checks if the Virtual Machine Scale Set exists.
 func (client *AzureClient) CheckIfScalingGroupExists(name string) (bool, error) {
 	ctx := context.TODO()
-	vmss, err := client.vMSSClient.Get(ctx, client.config.ResourceGroupName, name, "userData")
+	expandType := armcompute.ExpandTypesForGetVMScaleSetsUserData
+	vmss, err := client.vMSSClient.Get(ctx, client.config.ResourceGroupName, name, &armcompute.VirtualMachineScaleSetsClientGetOptions{Expand: &expandType})
 	if err != nil {
 		return false, fmt.Errorf("couldn't check if a Virtual Machine Scale Set exists: %w", err)
 	}
@@ -114,16 +124,23 @@ func (client *AzureClient) CheckIfScalingGroupExists(name string) (bool, error)
 }
 
 func (client *AzureClient) configure() error {
-	authorizer, err := auth.NewAuthorizerFromEnvironment()
+	cred, err := azidentity.NewDefaultAzureCredential(nil)
 	if err != nil {
 		return fmt.Errorf("couldn't create authorizer: %w", err)
 	}
 
-	client.vMSSClient = compute.NewVirtualMachineScaleSetsClient(client.config.SubscriptionID)
-	client.vMSSClient.Authorizer = authorizer
+	computeClientFactory, err := armcompute.NewClientFactory(client.config.SubscriptionID, cred, nil)
+	if err != nil {
+		return fmt.Errorf("couldn't create client factory: %w", err)
+	}
+	client.vMSSClient = computeClientFactory.NewVirtualMachineScaleSetsClient()
+
+	iclient, err := armnetwork.NewInterfacesClient(client.config.SubscriptionID, cred, nil)
+	if err != nil {
+		return fmt.Errorf("couldn't create interfaces client: %w", err)
+	}
+	client.iFaceClient = iclient
 
-	client.iFaceClient = network.NewInterfacesClient(client.config.SubscriptionID)
-	client.iFaceClient.Authorizer = authorizer
 	return nil
 }
 

cmd/sync/azure_test.go

@@ -3,7 +3,7 @@ package main
 import (
 	"testing"
 
-	"github.com/Azure/azure-sdk-for-go/profiles/latest/network/mgmt/network"
+	network "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v6"
 )
 
 type testInputAzure struct {
@@ -105,8 +105,8 @@ func TestGetPrimaryIPFromInterfaceIPConfiguration(t *testing.T) {
 	t.Parallel()
 	primary := true
 	address := "127.0.0.1"
-	ipConfig := network.InterfaceIPConfiguration{
-		InterfaceIPConfigurationPropertiesFormat: &network.InterfaceIPConfigurationPropertiesFormat{
+	ipConfig := &network.InterfaceIPConfiguration{
+		Properties: &network.InterfaceIPConfigurationPropertiesFormat{
 			Primary:          &primary,
 			PrivateIPAddress: &address,
 		},
@@ -122,30 +122,30 @@ func TestGetPrimaryIPFromInterfaceIPConfigurationFail(t *testing.T) {
 	primaryFalse := false
 	primaryTrue := true
 	tests := []struct {
-		ipConfig network.InterfaceIPConfiguration
+		ipConfig *network.InterfaceIPConfiguration
 		msg      string
 	}{
 		{
-			ipConfig: network.InterfaceIPConfiguration{},
+			ipConfig: &network.InterfaceIPConfiguration{},
 			msg:      "empty primary",
 		},
 		{
-			ipConfig: network.InterfaceIPConfiguration{
-				InterfaceIPConfigurationPropertiesFormat: &network.InterfaceIPConfigurationPropertiesFormat{
+			ipConfig: &network.InterfaceIPConfiguration{
+				Properties: &network.InterfaceIPConfigurationPropertiesFormat{
 					Primary: &primaryFalse,
 				},
 			},
 			msg: "not primary interface",
 		},
 		{
-			ipConfig: network.InterfaceIPConfiguration{
-				InterfaceIPConfigurationPropertiesFormat: nil,
+			ipConfig: &network.InterfaceIPConfiguration{
+				Properties: nil,
 			},
 			msg: "no interface properties",
 		},
 		{
-			ipConfig: network.InterfaceIPConfiguration{
-				InterfaceIPConfigurationPropertiesFormat: &network.InterfaceIPConfigurationPropertiesFormat{
+			ipConfig: &network.InterfaceIPConfiguration{
+				Properties: &network.InterfaceIPConfigurationPropertiesFormat{
 					Primary:          &primaryTrue,
 					PrivateIPAddress: nil,
 				},

go.mod

@@ -4,40 +4,39 @@ module github.com/nginxinc/nginx-asg-sync
 go 1.22.5
 
 require (
-	github.com/Azure/azure-sdk-for-go v68.0.0+incompatible
-	github.com/Azure/go-autorest/autorest/azure/auth v0.5.13
+	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.7.0
+	github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v6 v6.1.0
+	github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v6 v6.0.0
 	github.com/aws/aws-sdk-go-v2 v1.30.4
-	github.com/aws/aws-sdk-go-v2/config v1.27.28
+	github.com/aws/aws-sdk-go-v2/config v1.27.30
 	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.12
-	github.com/aws/aws-sdk-go-v2/service/autoscaling v1.43.4
-	github.com/aws/aws-sdk-go-v2/service/ec2 v1.175.1
+	github.com/aws/aws-sdk-go-v2/service/autoscaling v1.43.5
+	github.com/aws/aws-sdk-go-v2/service/ec2 v1.176.0
 	github.com/nginxinc/nginx-plus-go-client v1.3.0
 	gopkg.in/yaml.v3 v3.0.1
 )
 
 require (
-	github.com/Azure/go-autorest v14.2.0+incompatible // indirect
-	github.com/Azure/go-autorest/autorest v0.11.28 // indirect
-	github.com/Azure/go-autorest/autorest/adal v0.9.22 // indirect
-	github.com/Azure/go-autorest/autorest/azure/cli v0.4.6 // indirect
-	github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect
-	github.com/Azure/go-autorest/autorest/to v0.4.0 // indirect
-	github.com/Azure/go-autorest/autorest/validation v0.3.1 // indirect
-	github.com/Azure/go-autorest/logger v0.2.1 // indirect
-	github.com/Azure/go-autorest/tracing v0.6.0 // indirect
-	github.com/aws/aws-sdk-go-v2/credentials v1.17.28 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.13.0 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 // indirect
+	github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 // indirect
+	github.com/aws/aws-sdk-go-v2/credentials v1.17.29 // indirect
 	github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.16 // indirect
 	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.16 // indirect
 	github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 // indirect
 	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.4 // indirect
 	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.18 // indirect
 	github.com/aws/aws-sdk-go-v2/service/sso v1.22.5 // indirect
 	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.5 // indirect
-	github.com/aws/aws-sdk-go-v2/service/sts v1.30.4 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sts v1.30.5 // indirect
 	github.com/aws/smithy-go v1.20.4 // indirect
-	github.com/dimchansky/utfbom v1.1.1 // indirect
-	github.com/golang-jwt/jwt/v4 v4.5.0 // indirect
+	github.com/golang-jwt/jwt/v5 v5.2.1 // indirect
+	github.com/google/uuid v1.6.0 // indirect
 	github.com/jmespath/go-jmespath v0.4.0 // indirect
-	github.com/mitchellh/go-homedir v1.1.0 // indirect
-	golang.org/x/crypto v0.17.0 // indirect
+	github.com/kylelemons/godebug v1.1.0 // indirect
+	github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect
+	golang.org/x/crypto v0.25.0 // indirect
+	golang.org/x/net v0.27.0 // indirect
+	golang.org/x/sys v0.22.0 // indirect
+	golang.org/x/text v0.16.0 // indirect
 )