Burtiraven2/session_redis_public
1
0
Fork 0
mirror of https://github.com/camptocamp/odoo-cloud-platform.git synced 2026-06-24 08:47:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

[IMP] Add identity (#238)

Browse Source 
* [IMP] can use ad identity to access storage
This commit is contained in:
Vincent Renaville
2021-10-20 22:26:51 +07:00
committed by Nils Hamerlinck
co-authored by Nils Hamerlinck
parent c17f6e7f50
commit 2d55dd1028
3 changed files with 23 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
attachment_azure/__manifest__.py
+1 -1
View File
@@ -13,7 +13,7 @@
"category": "Knowledge Management", "category": "Knowledge Management",
"depends": ["base_attachment_object_storage"], "depends": ["base_attachment_object_storage"],
"external_dependencies": { "external_dependencies": {
"python": ["azure-storage-blob"], "python": ["azure-storage-blob", "azure-identity"],
}, },
"website": "https://github.com/camptocamp/odoo-cloud-platform", "website": "https://github.com/camptocamp/odoo-cloud-platform",
"installable": True, "installable": True,
attachment_azure/models/ir_attachment.py
+21 -2
View File
@@ -22,6 +22,11 @@ try:
except ImportError: except ImportError:
_logger.debug("Cannot 'import azure-storage-blob'.") _logger.debug("Cannot 'import azure-storage-blob'.")
try:
from azure.identity import DefaultAzureCredential
except ImportError:
_logger.debug("Cannot 'import azure-identity'.")
class IrAttachment(models.Model): class IrAttachment(models.Model):
_inherit = "ir.attachment" _inherit = "ir.attachment"
@@ -41,13 +46,20 @@ class IrAttachment(models.Model):
* ``AZURE_STORAGE_ACCOUNT_NAME`` * ``AZURE_STORAGE_ACCOUNT_NAME``
* ``AZURE_STORAGE_ACCOUNT_URL`` * ``AZURE_STORAGE_ACCOUNT_URL``
* ``AZURE_STORAGE_ACCOUNT_KEY`` * ``AZURE_STORAGE_ACCOUNT_KEY``
or if you want to use AAD (pod identity), set it to 1 or 0
* ``AZURE_STORAGE_USE_AAD``
""" """
connect_str = os.environ.get("AZURE_STORAGE_CONNECTION_STRING") connect_str = os.environ.get("AZURE_STORAGE_CONNECTION_STRING")
account_name = os.environ.get("AZURE_STORAGE_ACCOUNT_NAME") account_name = os.environ.get("AZURE_STORAGE_ACCOUNT_NAME")
account_url = os.environ.get("AZURE_STORAGE_ACCOUNT_URL") account_url = os.environ.get("AZURE_STORAGE_ACCOUNT_URL")
account_key = os.environ.get("AZURE_STORAGE_ACCOUNT_KEY") account_key = os.environ.get("AZURE_STORAGE_ACCOUNT_KEY")
if not (connect_str or (account_name and account_url and account_key)): account_use_aad = os.environ.get("AZURE_STORAGE_USE_AAD")
if not (
connect_str
or (account_name and account_url and account_key)
or account_use_aad
):
msg = _( msg = _(
"If you want to read from the Azure container, you must provide the " "If you want to read from the Azure container, you must provide the "
"following environment variables:\n" "following environment variables:\n"
@@ -56,10 +68,17 @@ class IrAttachment(models.Model):
"* AZURE_STORAGE_ACCOUNT_NAME\n" "* AZURE_STORAGE_ACCOUNT_NAME\n"
"* AZURE_STORAGE_ACCOUNT_URL\n" "* AZURE_STORAGE_ACCOUNT_URL\n"
"* AZURE_STORAGE_ACCOUNT_KEY\n" "* AZURE_STORAGE_ACCOUNT_KEY\n"
"or\n"
"* AZURE_STORAGE_USE_AAD\n"
) )
raise exceptions.UserError(msg) raise exceptions.UserError(msg)
blob_service_client = None blob_service_client = None
if connect_str: if account_use_aad:
token_credential = DefaultAzureCredential()
blob_service_client = BlobServiceClient(
account_url=account_url, credential=token_credential
)
elif connect_str:
try: try:
blob_service_client = BlobServiceClient.from_connection_string( blob_service_client = BlobServiceClient.from_connection_string(
connect_str connect_str
requirements.txt
+1
View File
@@ -1,4 +1,5 @@
azure-storage-blob==12.8.1 azure-storage-blob==12.8.1
azure-identity==1.6.0
boto3==1.9.102 boto3==1.9.102
redis==2.10.5 redis==2.10.5
python-json-logger==0.1.5 python-json-logger==0.1.5