Azure
diff --git a/‎pkg/frontend/features_validation.go‎
Lines changed: 5 additions & 9 deletions b/‎pkg/frontend/features_validation.go‎
Lines changed: 5 additions & 9 deletions
diff --git a/‎pkg/frontend/openshiftcluster_putorpatch.go‎
Lines changed: 8 additions & 3 deletions b/‎pkg/frontend/openshiftcluster_putorpatch.go‎
Lines changed: 8 additions & 3 deletions
diff --git a/‎pkg/frontend/openshiftcluster_putorpatch_test.go‎
Lines changed: 3 additions & 3 deletions b/‎pkg/frontend/openshiftcluster_putorpatch_test.go‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎pkg/frontend/quota_validation.go‎
Lines changed: 8 additions & 11 deletions b/‎pkg/frontend/quota_validation.go‎
Lines changed: 8 additions & 11 deletions
diff --git a/‎pkg/frontend/sku_validation.go‎
Lines changed: 4 additions & 9 deletions b/‎pkg/frontend/sku_validation.go‎
Lines changed: 4 additions & 9 deletions
diff --git a/‎pkg/util/mocks/frontend/features_validation.go‎
Lines changed: 6 additions & 7 deletions b/‎pkg/util/mocks/frontend/features_validation.go‎
Lines changed: 6 additions & 7 deletions
diff --git a/‎pkg/util/mocks/frontend/providers_validation.go‎
Lines changed: 1 addition & 2 deletions b/‎pkg/util/mocks/frontend/providers_validation.go‎
Lines changed: 1 addition & 2 deletions
diff --git a/‎pkg/util/mocks/frontend/quota_validation.go‎
Lines changed: 6 additions & 6 deletions b/‎pkg/util/mocks/frontend/quota_validation.go‎
Lines changed: 6 additions & 6 deletions
diff --git a/‎pkg/util/mocks/frontend/sku_validation.go‎
Lines changed: 6 additions & 7 deletions b/‎pkg/util/mocks/frontend/sku_validation.go‎
Lines changed: 6 additions & 7 deletions
@@ -8,19 +8,20 @@ import (
 	"fmt"
 	"net/http"
 
+	"github.com/Azure/azure-sdk-for-go/sdk/azcore"
+
 	"github.com/Azure/ARO-RP/pkg/api"
 	"github.com/Azure/ARO-RP/pkg/env"
-	"github.com/Azure/ARO-RP/pkg/util/azureclient"
 	"github.com/Azure/ARO-RP/pkg/util/azureclient/azuresdk/armfeatures"
 )
 
 type FeaturesValidator interface {
-	ValidateSubscriptionFeatures(ctx context.Context, azEnv *azureclient.AROEnvironment, environment env.Interface, subscriptionID, tenantID string, oc *api.OpenShiftCluster) error
+	ValidateSubscriptionFeatures(ctx context.Context, environment env.Interface, subscriptionID string, fpCred azcore.TokenCredential, oc *api.OpenShiftCluster) error
 }
 
 type featuresValidator struct{}
 
-func (f featuresValidator) ValidateSubscriptionFeatures(ctx context.Context, azEnv *azureclient.AROEnvironment, environment env.Interface, subscriptionID, tenantID string, oc *api.OpenShiftCluster) error {
+func (f featuresValidator) ValidateSubscriptionFeatures(ctx context.Context, environment env.Interface, subscriptionID string, fpCred azcore.TokenCredential, oc *api.OpenShiftCluster) error {
 	var fieldPath string
 	if oc.Properties.MasterProfile.EncryptionAtHost == api.EncryptionAtHostEnabled {
 		fieldPath = "properties.masterProfile.encryptionAtHost"
@@ -29,12 +30,7 @@ func (f featuresValidator) ValidateSubscriptionFeatures(ctx context.Context, azE
 	}
 
 	if fieldPath != "" {
-		fpCred, err := environment.FPNewClientCertificateCredential(tenantID, nil)
-		if err != nil {
-			return err
-		}
-
-		featuresClient, err := armfeatures.NewFeaturesClient(subscriptionID, fpCred, azEnv.ArmClientOptions())
+		featuresClient, err := armfeatures.NewFeaturesClient(subscriptionID, fpCred, environment.Environment().ArmClientOptions())
 		if err != nil {
 			return err
 		}
 
@@ -450,17 +450,22 @@ func (f *frontend) ValidateNewCluster(ctx context.Context, subscription *api.Sub
 		return err
 	}
 
-	err = f.skuValidator.ValidateVMSku(ctx, f.env.Environment(), f.env, subscription.ID, subscription.Subscription.Properties.TenantID, cluster)
+	fpCred, err := f.env.FPNewClientCertificateCredential(subscription.Subscription.Properties.TenantID, nil)
 	if err != nil {
 		return err
 	}
 
-	err = f.featuresValidator.ValidateSubscriptionFeatures(ctx, f.env.Environment(), f.env, subscription.ID, subscription.Subscription.Properties.TenantID, cluster)
+	err = f.skuValidator.ValidateVMSku(ctx, f.env, subscription.ID, fpCred, cluster)
 	if err != nil {
 		return err
 	}
 
-	err = f.quotaValidator.ValidateQuota(ctx, f.env.Environment(), f.env, subscription.ID, subscription.Subscription.Properties.TenantID, cluster)
+	err = f.featuresValidator.ValidateSubscriptionFeatures(ctx, f.env, subscription.ID, fpCred, cluster)
+	if err != nil {
+		return err
+	}
+
+	err = f.quotaValidator.ValidateQuota(ctx, f.env.Environment(), f.env, subscription.ID, fpCred, cluster)
 	if err != nil {
 		return err
 	}
 
@@ -741,7 +741,7 @@ func TestPutorPatchOpenShiftClusterCreate(t *testing.T) {
 			mockQuotaValidator.EXPECT().ValidateQuota(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return(tt.quotaValidatorError).AnyTimes()
 
 			mockSkuValidator := mock_frontend.NewMockSkuValidator(controller)
-			mockSkuValidator.EXPECT().ValidateVMSku(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return(tt.skuValidatorError).AnyTimes()
+			mockSkuValidator.EXPECT().ValidateVMSku(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return(tt.skuValidatorError).AnyTimes()
 
 			mockProvidersValidator := mock_frontend.NewMockProvidersValidator(controller)
 			mockProvidersValidator.EXPECT().ValidateProviders(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return(tt.providersValidatorError).AnyTimes()
@@ -1112,7 +1112,7 @@ func TestPutorPatchOpenShiftClusterUpdatePut(t *testing.T) {
 			mockQuotaValidator.EXPECT().ValidateQuota(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return(tt.quotaValidatorError).AnyTimes()
 
 			mockSkuValidator := mock_frontend.NewMockSkuValidator(controller)
-			mockSkuValidator.EXPECT().ValidateVMSku(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return(tt.skuValidatorError).AnyTimes()
+			mockSkuValidator.EXPECT().ValidateVMSku(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return(tt.skuValidatorError).AnyTimes()
 
 			mockProvidersValidator := mock_frontend.NewMockProvidersValidator(controller)
 			mockProvidersValidator.EXPECT().ValidateProviders(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return(tt.providersValidatorError).AnyTimes()
@@ -1586,7 +1586,7 @@ func TestPutorPatchOpenShiftClusterUpdatePatch(t *testing.T) {
 			mockQuotaValidator.EXPECT().ValidateQuota(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return(tt.quotaValidatorError).AnyTimes()
 
 			mockSkuValidator := mock_frontend.NewMockSkuValidator(controller)
-			mockSkuValidator.EXPECT().ValidateVMSku(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return(tt.skuValidatorError).AnyTimes()
+			mockSkuValidator.EXPECT().ValidateVMSku(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return(tt.skuValidatorError).AnyTimes()
 
 			mockProvidersValidator := mock_frontend.NewMockProvidersValidator(controller)
 			mockProvidersValidator.EXPECT().ValidateProviders(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return(tt.providersValidatorError).AnyTimes()
 
@@ -8,6 +8,10 @@ import (
 	"fmt"
 	"net/http"
 
+	"github.com/jongio/azidext/go/azidext"
+
+	"github.com/Azure/azure-sdk-for-go/sdk/azcore"
+
 	"github.com/Azure/ARO-RP/pkg/api"
 	"github.com/Azure/ARO-RP/pkg/api/validate"
 	"github.com/Azure/ARO-RP/pkg/env"
@@ -17,7 +21,7 @@ import (
 )
 
 type QuotaValidator interface {
-	ValidateQuota(ctx context.Context, azEnv *azureclient.AROEnvironment, environment env.Interface, subscriptionID, tenantID string, oc *api.OpenShiftCluster) error
+	ValidateQuota(ctx context.Context, azEnv *azureclient.AROEnvironment, environment env.Interface, subscriptionID string, fpCred azcore.TokenCredential, oc *api.OpenShiftCluster) error
 }
 
 type quotaValidator struct{}
@@ -39,20 +43,13 @@ func addRequiredResources(requiredResources map[string]int, vmSize api.VMSize, c
 // ValidateQuota checks usage quotas vs. resources required by cluster before cluster
 // creation
 // It is a method on struct so we can make use of interfaces.
-func (q quotaValidator) ValidateQuota(ctx context.Context, azEnv *azureclient.AROEnvironment, environment env.Interface, subscriptionID, tenantID string, oc *api.OpenShiftCluster) error {
-	fpAuthorizer, err := environment.FPAuthorizer(tenantID, nil, environment.Environment().ResourceManagerScope)
-	if err != nil {
-		return err
-	}
+func (q quotaValidator) ValidateQuota(ctx context.Context, azEnv *azureclient.AROEnvironment, environment env.Interface, subscriptionID string, fpCred azcore.TokenCredential, oc *api.OpenShiftCluster) error {
+	fpAuthorizer := azidext.NewTokenCredentialAdapter(fpCred, []string{environment.Environment().ResourceManagerScope})
 
-	credential, err := environment.FPNewClientCertificateCredential(tenantID, []string{})
-	if err != nil {
-		return err
-	}
 	options := environment.Environment().ArmClientOptions()
 
 	spComputeUsage := compute.NewUsageClient(azEnv, subscriptionID, fpAuthorizer)
-	spNetworkUsage, err := armnetwork.NewUsagesClient(subscriptionID, credential, options)
+	spNetworkUsage, err := armnetwork.NewUsagesClient(subscriptionID, fpCred, options)
 	if err != nil {
 		return err
 	}
 
@@ -8,28 +8,23 @@ import (
 	"fmt"
 	"net/http"
 
+	"github.com/Azure/azure-sdk-for-go/sdk/azcore"
 	sdkcompute "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v7"
 
 	"github.com/Azure/ARO-RP/pkg/api"
 	"github.com/Azure/ARO-RP/pkg/env"
-	"github.com/Azure/ARO-RP/pkg/util/azureclient"
 	"github.com/Azure/ARO-RP/pkg/util/azureclient/azuresdk/armcompute"
 	"github.com/Azure/ARO-RP/pkg/util/computeskus"
 )
 
 type SkuValidator interface {
-	ValidateVMSku(ctx context.Context, azEnv *azureclient.AROEnvironment, environment env.Interface, subscriptionID, tenantID string, oc *api.OpenShiftCluster) error
+	ValidateVMSku(ctx context.Context, environment env.Interface, subscriptionID string, fpCred azcore.TokenCredential, oc *api.OpenShiftCluster) error
 }
 
 type skuValidator struct{}
 
-func (s skuValidator) ValidateVMSku(ctx context.Context, azEnv *azureclient.AROEnvironment, environment env.Interface, subscriptionID, tenantID string, oc *api.OpenShiftCluster) error {
-	fpCredClusterTenant, err := environment.FPNewClientCertificateCredential(tenantID, nil)
-	if err != nil {
-		return err
-	}
-
-	armResourceSKUsClient, err := armcompute.NewResourceSKUsClient(subscriptionID, fpCredClusterTenant, environment.Environment().ArmClientOptions())
+func (s skuValidator) ValidateVMSku(ctx context.Context, environment env.Interface, subscriptionID string, fpCred azcore.TokenCredential, oc *api.OpenShiftCluster) error {
+	armResourceSKUsClient, err := armcompute.NewResourceSKUsClient(subscriptionID, fpCred, environment.Environment().ArmClientOptions())
 	if err != nil {
 		return err
 	}
Original file line number	Diff line number	Diff line change
`@@ -450,17 +450,22 @@ func (f frontend) ValidateNewCluster(ctx context.Context, subscription api.Sub`
`450`	`450`	`return err`
`451`	`451`	`}`
`452`	`452`
`453`		`- err = f.skuValidator.ValidateVMSku(ctx, f.env.Environment(), f.env, subscription.ID, subscription.Subscription.Properties.TenantID, cluster)`
	`453`	`+ fpCred, err := f.env.FPNewClientCertificateCredential(subscription.Subscription.Properties.TenantID, nil)`
`454`	`454`	`if err != nil {`
`455`	`455`	`return err`
`456`	`456`	`}`
`457`	`457`
`458`		`- err = f.featuresValidator.ValidateSubscriptionFeatures(ctx, f.env.Environment(), f.env, subscription.ID, subscription.Subscription.Properties.TenantID, cluster)`
	`458`	`+ err = f.skuValidator.ValidateVMSku(ctx, f.env, subscription.ID, fpCred, cluster)`
`459`	`459`	`if err != nil {`
`460`	`460`	`return err`
`461`	`461`	`}`
`462`	`462`
`463`		`- err = f.quotaValidator.ValidateQuota(ctx, f.env.Environment(), f.env, subscription.ID, subscription.Subscription.Properties.TenantID, cluster)`
	`463`	`+ err = f.featuresValidator.ValidateSubscriptionFeatures(ctx, f.env, subscription.ID, fpCred, cluster)`
	`464`	`+ if err != nil {`
	`465`	`+ return err`
	`466`	`+ }`
	`467`	`+`
	`468`	`+ err = f.quotaValidator.ValidateQuota(ctx, f.env.Environment(), f.env, subscription.ID, fpCred, cluster)`
`464`	`469`	`if err != nil {`
`465`	`470`	`return err`
`466`	`471`	`}`