chore(azure devops): rename azure credential types

Renamed `ClientSecret` to `AzureClientSecretCredential` and renamed `ManagedIdentity` to `AzureManagedIdentityCredential`. This makes it more explicit that these are Azure-based credentials.

Signed-off-by: Sander Aernouts <sander.aernouts@gmail.com>

.changeset/silly-jeans-wonder.md

@@ -0,0 +1,5 @@
+---
+'@backstage/integration': patch
+---
+
+Renamed ClientSecret to AzureClientSecretCredential and ManagedIdentity to AzureManagedIdentityCredential

packages/integration/api-report.md

@@ -39,7 +39,16 @@ export type AwsS3IntegrationConfig = {
 };
 
 // @public
-export type AzureCredential = ClientSecret | ManagedIdentity;
+export type AzureClientSecretCredential = {
+  tenantId: string;
+  clientId: string;
+  clientSecret: string;
+};
+
+// @public
+export type AzureCredential =
+  | AzureClientSecretCredential
+  | AzureManagedIdentityCredential;
 
 // @public
 export class AzureIntegration implements ScmIntegration {
@@ -69,6 +78,11 @@ export type AzureIntegrationConfig = {
   credential?: AzureCredential;
 };
 
+// @public
+export type AzureManagedIdentityCredential = {
+  clientId: string;
+};
+
 // @public
 export class BitbucketCloudIntegration implements ScmIntegration {
   constructor(integrationConfig: BitbucketCloudIntegrationConfig);
@@ -158,13 +172,6 @@ export type BitbucketServerIntegrationConfig = {
   password?: string;
 };
 
-// @public
-export type ClientSecret = {
-  tenantId: string;
-  clientId: string;
-  clientSecret: string;
-};
-
 // @public
 export class DefaultGithubCredentialsProvider
   implements GithubCredentialsProvider
@@ -572,11 +579,6 @@ export interface IntegrationsByType {
   gitlab: ScmIntegrationsGroup<GitLabIntegration>;
 }
 
-// @public
-export type ManagedIdentity = {
-  clientId: string;
-};
-
 // @public
 export function parseGerritGitilesUrl(
   config: GerritIntegrationConfig,

packages/integration/src/azure/config.ts

@@ -51,7 +51,7 @@ export type AzureIntegrationConfig = {
  * Authenticate using a client secret that was generated for an App Registration.
  * @public
  */
-export type ClientSecret = {
+export type AzureClientSecretCredential = {
   /**
    * The Azure Active Directory tenant
    */
@@ -71,7 +71,7 @@ export type ClientSecret = {
  * Authenticate using a managed identity available at the deployment environment.
  * @public
  */
-export type ManagedIdentity = {
+export type AzureManagedIdentityCredential = {
   /**
    * The clientId
    */
@@ -82,11 +82,13 @@ export type ManagedIdentity = {
  * Credential used to authenticate to Azure Active Directory.
  * @public
  */
-export type AzureCredential = ClientSecret | ManagedIdentity;
-export const isServicePrincipal = (
+export type AzureCredential =
+  | AzureClientSecretCredential
+  | AzureManagedIdentityCredential;
+export const isAzureClientSecretCredential = (
   credential: Partial<AzureCredential>,
-): credential is ClientSecret => {
-  const clientSecretCredential = credential as ClientSecret;
+): credential is AzureClientSecretCredential => {
+  const clientSecretCredential = credential as AzureClientSecretCredential;
 
   return (
     Object.keys(credential).length === 3 &&
@@ -96,12 +98,12 @@ export const isServicePrincipal = (
   );
 };
 
-export const isManagedIdentity = (
+export const isAzureManagedIdentityCredential = (
   credential: Partial<AzureCredential>,
-): credential is ManagedIdentity => {
+): credential is AzureManagedIdentityCredential => {
   return (
     Object.keys(credential).length === 1 &&
-    (credential as ManagedIdentity).clientId !== undefined
+    (credential as AzureManagedIdentityCredential).clientId !== undefined
   );
 };
 
@@ -133,8 +135,8 @@ export function readAzureIntegrationConfig(
 
   if (
     credential &&
-    !isServicePrincipal(credential) &&
-    !isManagedIdentity(credential)
+    !isAzureClientSecretCredential(credential) &&
+    !isAzureManagedIdentityCredential(credential)
   ) {
     throw new Error(
       `Invalid Azure integration config, credential is not valid`,

packages/integration/src/azure/core.ts

@@ -17,8 +17,8 @@
 import { AzureUrl } from './AzureUrl';
 import {
   AzureIntegrationConfig,
-  isManagedIdentity,
-  isServicePrincipal,
+  isAzureManagedIdentityCredential,
+  isAzureClientSecretCredential,
 } from './config';
 import {
   ClientSecretCredential,
@@ -81,7 +81,7 @@ export async function getAzureRequestOptions(
 
   const { token, credential } = config;
   if (credential) {
-    if (isServicePrincipal(credential)) {
+    if (isAzureClientSecretCredential(credential)) {
       const servicePrincipal = new ClientSecretCredential(
         credential.tenantId,
         credential.clientId,
@@ -90,7 +90,7 @@ export async function getAzureRequestOptions(
 
       const accessToken = await servicePrincipal.getToken(azureDevOpsScope);
       headers.Authorization = `Bearer ${accessToken.token}`;
-    } else if (isManagedIdentity(credential)) {
+    } else if (isAzureManagedIdentityCredential(credential)) {
       const managedIdentity = new ManagedIdentityCredential(
         credential.clientId,
       );

packages/integration/src/azure/index.ts

@@ -22,8 +22,8 @@ export {
 export type {
   AzureIntegrationConfig,
   AzureCredential,
-  ManagedIdentity,
-  ClientSecret,
+  AzureManagedIdentityCredential,
+  AzureClientSecretCredential,
 } from './config';
 export {
   getAzureCommitsUrl,