Author: Eike Waldt <waldt@b1-systems.de>
Author: Cleber Paiva de Souza <cleber@ssys.com.br>
Author: Robie Basak <robie.basak@canonical.com>
Origin: backport, https://github.com/ClusterLabs/fence-agents/commit/8d746be92f191aa289f13a3703031c122a5e6cf3
Origin: backport, https://github.com/ClusterLabs/fence-agents/commit/cb1ff52c14451482dc1faf9aa660a8c525097f94
Bug-Ubuntu: https://launchpad.net/bugs/1990316
Description: fence_azure_arm: corrections to support Azure SDK >= 15
 [Robie Basak]
 A newer version of python3-azure requires changes in the way the API is used;
 otherwise the fence agent doesn't work at all. This is a minimal backport of
 those changes (two commits) to Jammy. I've removed the conditional code that
 falls back to the old API, as we know that in Jammy the new API is available,
 and this reduces the number of code paths for which QA may be necessary.
Last-Update: 2022-11-16

diff --git a/agents/azure_arm/fence_azure_arm.py b/agents/azure_arm/fence_azure_arm.py
index 6b1a377..daa4cd0 100755
--- a/agents/azure_arm/fence_azure_arm.py
+++ b/agents/azure_arm/fence_azure_arm.py
@@ -115,10 +115,10 @@ def set_power_status(clients, options):
 
         if (options["--action"]=="off"):
             logging.info("Poweroff " + vmName + " in resource group " + rgName)
-            compute_client.virtual_machines.power_off(rgName, vmName, skip_shutdown=True)
+            compute_client.virtual_machines.begin_power_off(rgName, vmName, skip_shutdown=True)
         elif (options["--action"]=="on"):
             logging.info("Starting " + vmName + " in resource group " + rgName)
-            compute_client.virtual_machines.start(rgName, vmName)
+            compute_client.virtual_machines.begin_start(rgName, vmName)
 
 
 def define_new_opts():
diff --git a/lib/azure_fence.py.py b/lib/azure_fence.py.py
index 4e44ca9..87b2d3a 100644
--- a/lib/azure_fence.py.py
+++ b/lib/azure_fence.py.py
@@ -286,25 +286,25 @@ def get_azure_credentials(config):
     credentials = None
     cloud_environment = get_azure_cloud_environment(config)
     if config.UseMSI and cloud_environment:
-        from msrestazure.azure_active_directory import MSIAuthentication
-        credentials = MSIAuthentication(cloud_environment=cloud_environment)
+        from azure.identity import ManagedIdentityCredential
+        credentials = ManagedIdentityCredential(cloud_environment=cloud_environment)
     elif config.UseMSI:
-        from msrestazure.azure_active_directory import MSIAuthentication
-        credentials = MSIAuthentication()
+        from azure.identity import ManagedIdentityCredential
+        credentials = ManagedIdentityCredential()
     elif cloud_environment:
-        from azure.common.credentials import ServicePrincipalCredentials
-        credentials = ServicePrincipalCredentials(
+        from azure.identity import ClientSecretCredential
+        credentials = ClientSecretCredential(
             client_id = config.ApplicationId,
-            secret = config.ApplicationKey,
-            tenant = config.Tenantid,
+            client_secret = config.ApplicationKey,
+            tenant_id = config.Tenantid,
             cloud_environment=cloud_environment
         )
     else:
-        from azure.common.credentials import ServicePrincipalCredentials
-        credentials = ServicePrincipalCredentials(
+        from azure.identity import ClientSecretCredential
+        credentials = ClientSecretCredential(
             client_id = config.ApplicationId,
-            secret = config.ApplicationKey,
-            tenant = config.Tenantid
+            client_secret = config.ApplicationKey,
+            tenant_id = config.Tenantid
         )
 
     return credentials
@@ -319,7 +319,8 @@ def get_azure_compute_client(config):
         compute_client = ComputeManagementClient(
             credentials,
             config.SubscriptionId,
-            base_url=cloud_environment.endpoints.resource_manager
+            base_url=cloud_environment.endpoints.resource_manager,
+            credential_scopes=[cloud_environment.endpoints.resource_manager + "/.default"]
         )
     else:
         compute_client = ComputeManagementClient(
@@ -338,7 +339,8 @@ def get_azure_network_client(config):
         network_client = NetworkManagementClient(
             credentials,
             config.SubscriptionId,
-            base_url=cloud_environment.endpoints.resource_manager
+            base_url=cloud_environment.endpoints.resource_manager,
+            credential_scopes=[cloud_environment.endpoints.resource_manager + "/.default"]
         )
     else:
         network_client = NetworkManagementClient(
