Add lstk az Azure CLI integration via LocalStack proxy#251
Draft
carole-lavillonniere wants to merge 3 commits into
Draft
Add lstk az Azure CLI integration via LocalStack proxy#251carole-lavillonniere wants to merge 3 commits into
lstk az Azure CLI integration via LocalStack proxy#251carole-lavillonniere wants to merge 3 commits into
Conversation
carole-lavillonniere
changed the title
lstk setup azure for registering LocalStack custom cloudlstk setup azure for registering custom cloud
carole-lavillonniere
changed the title
lstk setup azure for registering custom cloudlstk az Azure CLI integration via LocalStack proxy
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Motivation
Bring Azure CLI integration into lstk so users can run
azcommands against the LocalStack Azure emulator. Following the team discussion, this uses the proxy/wrap model (azlocal's wrap mode), notstart-interceptionglobal mutation — it mirrorslstk awsand leaves the user's global~/.azureuntouched.Approach
The Azure CLI has no
--endpoint-url/--profile; the only isolation knob isAZURE_CONFIG_DIR. So:lstk setup azureprepares an isolated config dir (<lstk-config-dir>/azure/): discovers LocalStack's proxy via/_localstack/proxy, caches the LocalStack CA (appended to the system trust store), disables Azure CLI telemetry, and does a one-time dummy service-principal login routed through the proxy.lstk az <args>runsaz <args>withAZURE_CONFIG_DIR+HTTP(S)_PROXY(LocalStack proxy) +REQUESTS_CA_BUNDLE/SSL_CERT_FILE(cached CA). Because all traffic is proxied, no per-service endpoint registration is needed — new emulator services work without CLI changes.Changes
internal/azurecli— wraps theazbinary, injecting extra env (config dir, proxy, CA) without touching the global environment.internal/azureconfig— proxy discovery, CA caching,ProxyEnvbuilder,IsSetUpmarker, and theSetupflow. (Dropped the earlier global cloud register/set/instance_discovery code.)cmd/az.go— newlstk azcommand. Uses an HTTP health probe (not Docker container resolution, since Azure isn't inknownImages) to check the emulator is up, and errors with a pointer tolstk setup azureif integration isn't prepared.cmd/setup.go—lstk setup azurereworked to the isolated-dir prep; no longer requires an interactive terminal (the SP login is non-interactive).lstk az/lstk setup azuremirrorlstk aws's default-container fallback (port 4566) — noconfig.tomledit required.Tests
BuildEndpoint,ConfigDir,ProxyEnv,ProxyEndpointparsing,cacheCACert+IsSetUp, andIsRunningagainst an httptest server.lstk azerrors with a setup hint when the isolated dir isn't prepared (deterministic, no Docker).az+localstack/localstack-azure-alpha) still pending —lstk setup azurethenlstk az group listshould hit LocalStack while plainaz group listhits real Azure.Todo
knownImages/emulatorHealthPaths/ContainerPortsolstk startcan launch the Azure emulator (separate ticket).Closes FLC-656