kubernetes-sigs
diff --git a/‎azure/services/virtualmachines/virtualmachines.go‎
Lines changed: 1 addition & 1 deletion b/‎azure/services/virtualmachines/virtualmachines.go‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎azure/services/virtualmachines/virtualmachines_test.go‎
Lines changed: 12 additions & 5 deletions b/‎azure/services/virtualmachines/virtualmachines_test.go‎
Lines changed: 12 additions & 5 deletions
diff --git a/‎docs/book/src/topics/workload-identity.md‎
Lines changed: 2 additions & 2 deletions b/‎docs/book/src/topics/workload-identity.md‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎templates/test/ci/cluster-template-prow-apiserver-ilb.yaml‎
Lines changed: 2 additions & 2 deletions b/‎templates/test/ci/cluster-template-prow-apiserver-ilb.yaml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎templates/test/ci/cluster-template-prow-ci-version-dra.yaml‎
Lines changed: 2 additions & 2 deletions b/‎templates/test/ci/cluster-template-prow-ci-version-dra.yaml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎templates/test/ci/cluster-template-prow-ci-version-dual-stack.yaml‎
Lines changed: 2 additions & 2 deletions b/‎templates/test/ci/cluster-template-prow-ci-version-dual-stack.yaml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎templates/test/ci/cluster-template-prow-ci-version-ipv6.yaml‎
Lines changed: 2 additions & 2 deletions b/‎templates/test/ci/cluster-template-prow-ci-version-ipv6.yaml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎templates/test/ci/cluster-template-prow-ci-version-md-and-mp.yaml‎
Lines changed: 5 additions & 5 deletions b/‎templates/test/ci/cluster-template-prow-ci-version-md-and-mp.yaml‎
Lines changed: 5 additions & 5 deletions
diff --git a/‎templates/test/ci/cluster-template-prow-ci-version.yaml‎
Lines changed: 3 additions & 3 deletions b/‎templates/test/ci/cluster-template-prow-ci-version.yaml‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎templates/test/ci/cluster-template-prow-custom-vnet.yaml‎
Lines changed: 2 additions & 2 deletions b/‎templates/test/ci/cluster-template-prow-custom-vnet.yaml‎
Lines changed: 2 additions & 2 deletions
@@ -171,7 +171,7 @@ func (s *Service) checkUserAssignedIdentities(specIdentities []infrav1.UserAssig
 
 	// Check if the expected identities are present in the vm.
 	for _, expectedIdentity := range specIdentities {
-		_, exists := actualMap[expectedIdentity.ProviderID]
+		_, exists := actualMap[strings.TrimPrefix(expectedIdentity.ProviderID, azureutil.ProviderIDPrefix)]
 		if !exists {
 			s.Scope.SetConditionFalse(infrav1.VMIdentitiesReadyCondition, infrav1.UserAssignedIdentityMissingReason, clusterv1.ConditionSeverityWarning, vmMissingUAI+expectedIdentity.ProviderID)
 			return
 
@@ -38,6 +38,7 @@ import (
 	"sigs.k8s.io/cluster-api-provider-azure/azure/services/publicips"
 	"sigs.k8s.io/cluster-api-provider-azure/azure/services/virtualmachines/mock_virtualmachines"
 	gomockinternal "sigs.k8s.io/cluster-api-provider-azure/internal/test/matchers/gomock"
+	azureutil "sigs.k8s.io/cluster-api-provider-azure/util/azure"
 	"sigs.k8s.io/cluster-api-provider-azure/util/reconciler"
 )
 
@@ -113,10 +114,16 @@ var (
 		},
 	}
 	fakeUserAssignedIdentity = infrav1.UserAssignedIdentity{
-		ProviderID: "azure:///subscriptions/123/resourceGroups/test-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/fake-provider-id",
+		ProviderID: "/subscriptions/123/resourceGroups/test-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/fake-provider-id",
+	}
+	fakeUserAssignedIdentityWithPrefix = infrav1.UserAssignedIdentity{
+		ProviderID: azureutil.ProviderIDPrefix + fakeUserAssignedIdentity.ProviderID,
 	}
 	fakeUserAssignedIdentity2 = infrav1.UserAssignedIdentity{
-		ProviderID: "azure:///subscriptions/123/resourceGroups/test-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/fake-provider-id-2",
+		ProviderID: fakeUserAssignedIdentity.ProviderID + "-2",
+	}
+	fakeUserAssignedIdentity2WithPrefix = infrav1.UserAssignedIdentity{
+		ProviderID: azureutil.ProviderIDPrefix + fakeUserAssignedIdentity2.ProviderID,
 	}
 )
 
@@ -324,14 +331,14 @@ func TestCheckUserAssignedIdentities(t *testing.T) {
 		},
 		{
 			name:             "matching user assigned identities",
-			specIdentities:   []infrav1.UserAssignedIdentity{fakeUserAssignedIdentity},
+			specIdentities:   []infrav1.UserAssignedIdentity{fakeUserAssignedIdentityWithPrefix},
 			actualIdentities: []infrav1.UserAssignedIdentity{fakeUserAssignedIdentity},
 		},
 		{
 			name:             "less user assigned identities than expected",
-			specIdentities:   []infrav1.UserAssignedIdentity{fakeUserAssignedIdentity, fakeUserAssignedIdentity2},
+			specIdentities:   []infrav1.UserAssignedIdentity{fakeUserAssignedIdentity, fakeUserAssignedIdentity2WithPrefix},
 			actualIdentities: []infrav1.UserAssignedIdentity{fakeUserAssignedIdentity},
-			expectedKey:      fakeUserAssignedIdentity2.ProviderID,
+			expectedKey:      fakeUserAssignedIdentity2WithPrefix.ProviderID,
 		},
 		{
 			name:             "more user assigned identities than expected",
 
@@ -142,7 +142,7 @@ to give the identity Contributor access to the Azure subscription where the work
   ```yaml
   identity: UserAssigned
   userAssignedIdentities:
-  - providerID: /subscriptions/${AZURE_SUBSCRIPTION_ID}/resourceGroups/${RESOURCE_GROUP}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/${USER_ASSIGNED_IDENTITY_NAME}
+  - providerID: azure:///subscriptions/${AZURE_SUBSCRIPTION_ID}/resourceGroups/${RESOURCE_GROUP}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/${USER_ASSIGNED_IDENTITY_NAME}
   ```
 
   A sample `AzureMachineTemplate` after the edit should look like the below:
@@ -162,7 +162,7 @@ to give the identity Contributor access to the Azure subscription where the work
         sshPublicKey: ${AZURE_SSH_PUBLIC_KEY_B64:=""}
         identity: UserAssigned
         userAssignedIdentities:
-        - providerID: /subscriptions/${AZURE_SUBSCRIPTION_ID}/resourceGroups/${RESOURCE_GROUP}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/${USER_ASSIGNED_IDENTITY_NAME}
+        - providerID: azure:///subscriptions/${AZURE_SUBSCRIPTION_ID}/resourceGroups/${RESOURCE_GROUP}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/${USER_ASSIGNED_IDENTITY_NAME}
         vmSize: ${AZURE_NODE_MACHINE_TYPE}
   ```
Original file line number	Diff line number	Diff line change
`@@ -38,6 +38,7 @@ import (`
`38`	`38`	`"sigs.k8s.io/cluster-api-provider-azure/azure/services/publicips"`
`39`	`39`	`"sigs.k8s.io/cluster-api-provider-azure/azure/services/virtualmachines/mock_virtualmachines"`
`40`	`40`	`gomockinternal "sigs.k8s.io/cluster-api-provider-azure/internal/test/matchers/gomock"`
	`41`	`+ azureutil "sigs.k8s.io/cluster-api-provider-azure/util/azure"`
`41`	`42`	`"sigs.k8s.io/cluster-api-provider-azure/util/reconciler"`
`42`	`43`	`)`
`43`	`44`
`@@ -113,10 +114,16 @@ var (`
`113`	`114`	`},`
`114`	`115`	`}`
`115`	`116`	`fakeUserAssignedIdentity = infrav1.UserAssignedIdentity{`
`116`		`- ProviderID: "azure:///subscriptions/123/resourceGroups/test-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/fake-provider-id",`
	`117`	`+ ProviderID: "/subscriptions/123/resourceGroups/test-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/fake-provider-id",`
	`118`	`+ }`
	`119`	`+ fakeUserAssignedIdentityWithPrefix = infrav1.UserAssignedIdentity{`
	`120`	`+ ProviderID: azureutil.ProviderIDPrefix + fakeUserAssignedIdentity.ProviderID,`
`117`	`121`	`}`
`118`	`122`	`fakeUserAssignedIdentity2 = infrav1.UserAssignedIdentity{`
`119`		`- ProviderID: "azure:///subscriptions/123/resourceGroups/test-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/fake-provider-id-2",`
	`123`	`+ ProviderID: fakeUserAssignedIdentity.ProviderID + "-2",`
	`124`	`+ }`
	`125`	`+ fakeUserAssignedIdentity2WithPrefix = infrav1.UserAssignedIdentity{`
	`126`	`+ ProviderID: azureutil.ProviderIDPrefix + fakeUserAssignedIdentity2.ProviderID,`
`120`	`127`	`}`
`121`	`128`	`)`
`122`	`129`
`@@ -324,14 +331,14 @@ func TestCheckUserAssignedIdentities(t *testing.T) {`
`324`	`331`	`},`
`325`	`332`	`{`
`326`	`333`	`name: "matching user assigned identities",`
`327`		`- specIdentities: []infrav1.UserAssignedIdentity{fakeUserAssignedIdentity},`
	`334`	`+ specIdentities: []infrav1.UserAssignedIdentity{fakeUserAssignedIdentityWithPrefix},`
`328`	`335`	`actualIdentities: []infrav1.UserAssignedIdentity{fakeUserAssignedIdentity},`
`329`	`336`	`},`
`330`	`337`	`{`
`331`	`338`	`name: "less user assigned identities than expected",`
`332`		`- specIdentities: []infrav1.UserAssignedIdentity{fakeUserAssignedIdentity, fakeUserAssignedIdentity2},`
	`339`	`+ specIdentities: []infrav1.UserAssignedIdentity{fakeUserAssignedIdentity, fakeUserAssignedIdentity2WithPrefix},`
`333`	`340`	`actualIdentities: []infrav1.UserAssignedIdentity{fakeUserAssignedIdentity},`
`334`		`- expectedKey: fakeUserAssignedIdentity2.ProviderID,`
	`341`	`+ expectedKey: fakeUserAssignedIdentity2WithPrefix.ProviderID,`
`335`	`342`	`},`
`336`	`343`	`{`
`337`	`344`	`name: "more user assigned identities than expected",`