func NewConfig()

in pkg/auth/auth.go [121:149]

• 25 lines of code
• 8 McCabe index (conditional complexity)

func NewConfig(
	usePodIdentity,
	useVMManagedIdentity bool,
	userAssignedIdentityID,
	workloadIdentityClientID,
	workloadIdentityToken string,
	secrets map[string]string) (Config, error) {
	config := Config{}
	// aad-pod-identity and user assigned managed identity modes are currently mutually exclusive
	if usePodIdentity && useVMManagedIdentity {
		return config, fmt.Errorf("cannot enable both pod identity and user-assigned managed identity")
	}
	useWorkloadIdentity := len(workloadIdentityClientID) > 0 && len(workloadIdentityToken) > 0

	if !usePodIdentity && !useVMManagedIdentity && !useWorkloadIdentity {
		var err error
		if config.AADClientID, config.AADClientSecret, err = getCredential(secrets); err != nil {
			return config, err
		}
	}

	config.UsePodIdentity = usePodIdentity
	config.UseVMManagedIdentity = useVMManagedIdentity
	config.UserAssignedIdentityID = userAssignedIdentityID
	config.WorkloadIdentityClientID = workloadIdentityClientID
	config.WorkloadIdentityToken = workloadIdentityToken

	return config, nil
}