Storage Container Endpoint Identity Patch

[kartikkhullar]

---

This checklist is used to make sure that common guidelines for a pull request are followed.

Related command

General Guidelines

• Have you run azdev style <YOUR_EXT> locally? (pip install azdev required)
• Have you run python scripts/ci/test_index.py -q locally? (pip install wheel==0.30.0 required)
• My extension version conforms to the Extension version schema

For new extensions:

• My extension description/summary conforms to the Extension Summary Guidelines.

About Extension Publish

There is a pipeline to automatically build, upload and publish extension wheels.
Once your pull request is merged into main branch, a new pull request will be created to update src/index.json automatically.
You only need to update the version information in file setup.py and historical information in file HISTORY.rst in your PR but do not modify src/index.json.

[azure-client-tools-bot-prd]

️✔️Azure CLI Extensions Breaking Change Test

️✔️Non Breaking Changes

[azure-client-tools-bot-prd]

Hi @kartikkhullar,
Please write the description of changes which can be perceived by customers into HISTORY.rst.
If you want to release a new extension version, please update the version in setup.py as well.

[yonzhan]

Thank you for your contribution! We will review the pull request and get back to you soon.

[github-actions]

The git hooks are available for azure-cli and azure-cli-extensions repos. They could help you run required checks before creating the PR.

Please sync the latest code with latest dev branch (for azure-cli) or main branch (for azure-cli-extensions).
After that please run the following commands to enable git hooks:

pip install azdev --upgrade
azdev setup -c <your azure-cli repo path> -r <your azure-cli-extensions repo path>

[github-actions]

CodeGen Tools Feedback Collection

Thank you for using our CodeGen tool. We value your feedback, and we would like to know how we can improve our product. Please take a few minutes to fill our codegen survey

[github-actions]

Hi @kartikkhullar

Release Suggestions

Module: storage-mover

• Please log updates into to src/storage-mover/HISTORY.rst
• Update VERSION to 1.2.1 in src/storage-mover/setup.py

Notes

• For more info about extension versioning, please refer to Extension version schema

[Copilot]

Pull request overview

This PR adds automatic system-assigned managed identity configuration to storage blob container endpoints in the Azure CLI storage-mover extension.

Key Changes:

• Adds "mi_system_assigned": "True" to the arguments dictionary returned by _get_args_for_endpoint_for_storage_container
• This automatically enables system-assigned managed identity when creating or updating storage container endpoints

[Copilot]

The system-assigned managed identity is being set in the helper function that is used by both create and update operations. This means that every update operation will attempt to set "mi_system_assigned": "True", which may not be the intended behavior. Consider whether the identity assignment should only occur during creation, not during updates.

[Copilot]

System-assigned managed identity is only being applied to storage blob container endpoints but not to NFS file share endpoints (lines 77-88) or SMB file share endpoints (lines 47-58). This inconsistency could be intentional based on Azure Storage Mover requirements, but if all Azure Storage endpoints require managed identity for authentication, the same pattern should be applied to NFS and SMB file share endpoint creation functions as well.

[Copilot]

The new system-assigned managed identity feature for storage container endpoints lacks test coverage. The existing test at line 118-127 creates a storage container endpoint but doesn't verify that the identity is properly set. Consider adding a JMESPathCheck to verify that 'identity.type' equals 'SystemAssigned' and that 'identity.principalId' exists, similar to the verification done for NFS file share endpoints at lines 172-174.