From a39f90518babcb5539e9fc93965ca2d923bfe0b4 Mon Sep 17 00:00:00 2001
From: Rikhil Shah <rikhil.shah@metaswitch.com>
Date: Thu, 19 Oct 2023 18:09:57 +0100
Subject: [PATCH] Authenticate using DefaultAzureCredential enabling support
 for Azure Workload Identity resolves #54

Signed-off-by: Rikhil Shah <rikhil.shah@metaswitch.com>
---
 providers/azure/helpers.go | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/providers/azure/helpers.go b/providers/azure/helpers.go
index 7b4a5fbe..01708770 100644
--- a/providers/azure/helpers.go
+++ b/providers/azure/helpers.go
@@ -6,12 +6,14 @@ package azure
 import (
 	"fmt"
 	"net/http"
+	"os"
 	"time"
 
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore"
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
 	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
 	"github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/container"
+	"github.com/pkg/errors"
 
 	"github.com/thanos-io/objstore/exthttp"
 )
@@ -64,11 +66,12 @@ func getContainerClient(conf Config) (*container.Client, error) {
 	}
 
 	// Use MSI for authentication.
-	msiOpt := &azidentity.ManagedIdentityCredentialOptions{}
 	if conf.UserAssignedID != "" {
-		msiOpt.ID = azidentity.ClientID(conf.UserAssignedID)
+		if err := os.Setenv("AZURE_CLIENT_ID", conf.UserAssignedID); err != nil {
+			return nil, errors.Wrapf(err, "unable to set environment variable for AZURE_CLIENT_ID")
+		}
 	}
-	cred, err := azidentity.NewManagedIdentityCredential(msiOpt)
+	cred, err := azidentity.NewDefaultAzureCredential(nil)
 	if err != nil {
 		return nil, err
 	}