Added an aad_prefix option

bink-archive · Mar 25, 2022 · 8b7425c · 8b7425c
1 parent 656d9c1
commit 8b7425c
Showing 1 changed file with 21 additions and 4 deletions.
diff --git a/main.go b/main.go
@@ -2,14 +2,15 @@ package main
 
 import (
 	"context"
+	"os"
+	"strings"
+	"time"
+
 	"github.com/rs/zerolog"
 	"github.com/rs/zerolog/log"
 	msgraph "github.com/yaegashi/msgraph.go/beta"
 	"github.com/yaegashi/msgraph.go/msauth"
 	"golang.org/x/oauth2"
-	"os"
-	"strings"
-	"time"
 
 	rbacv1 "k8s.io/api/rbac/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -19,6 +20,8 @@ import (
 
 const CHECK_INTERVAL = 5 * time.Minute
 
+var aadPrefix = true
+
 func main() {
 	zerolog.SetGlobalLevel(zerolog.InfoLevel)
 	log.Info().Msg("Started Azure CRB manager")
@@ -35,6 +38,10 @@ func main() {
 	if len(groupID) == 0 {
 		log.Fatal().Msgf("Environment variable AZURE_AD_GROUP_ID missing")
 	}
+	prefix := os.Getenv("AAD_PREFIX")
+	if len(prefix) == 0 {
+		aadPrefix = false
+	}
 
 	for {
 		// Get AAD users
@@ -173,6 +180,16 @@ func DeleteCRBsFromKube(aadUsers, kubeUsers map[string]string) error {
 	return nil
 }
 
+func prefix(email string) string {
+	var response string
+	if aadPrefix {
+		response = "aad:" + email
+	} else {
+		response = email
+	}
+	return response
+}
+
 func AddCRBsToKube(aadUsers, kubeUsers map[string]string) error {
 	config, err := rest.InClusterConfig()
 	if err != nil {
@@ -207,7 +224,7 @@ func AddCRBsToKube(aadUsers, kubeUsers map[string]string) error {
 				{
 					APIGroup: "rbac.authorization.k8s.io",
 					Kind:     "User",
-					Name:     "aad:" + email,
+					Name:     prefix(email),
 				},
 			},
 			RoleRef: rbacv1.RoleRef{