worker: add azure image upload target

This commit adds and implements org.osbuild.azure.image target.

Let's talk about the already implemented org.osbuild.azure target firstly:
The purpose of this target is to authenticate using the Azure Storage
credentials and upload the image file as a Page Blob. Page Blob is basically
an object in storage and it cannot be directly used to launch a VM. To achieve
that, you need to define an actual Azure Image with the Page Blob attached.

For the cloud API, we would like to create an actual Azure Image that is
immediately available for new VMs. The new target accomplishes it.
To achieve this, it must use a different authentication method: Azure OAuth.
The other important difference is that currently, the credentials are stored
on the worker and not in target options. This should lead to better security
because we don't send the credentials over network. In the future, we would
like to have credential-less setup using workers in Azure with the right
IAM policies applied but this requires more investigation and is not
implemented in this commit.

Signed-off-by: Ondřej Budai <ondrej@budai.cz>

internal/upload/azure/credentials.go

@@ -0,0 +1,35 @@
+package azure
+
+import (
+	"fmt"
+
+	"github.com/BurntSushi/toml"
+)
+
+type Credentials struct {
+	clientID     string
+	clientSecret string
+}
+
+// ParseAzureCredentialsFile parses a credentials file for azure.
+// The file is in toml format and contains two keys: client_id and
+// client_secret
+//
+// Example of the file:
+// client_id     = "clientIdOfMyApplication"
+// client_secret = "ToucanToucan~"
+func ParseAzureCredentialsFile(filename string) (*Credentials, error) {
+	var creds struct {
+		ClientID     string `toml:"client_id"`
+		ClientSecret string `toml:"client_secret"`
+	}
+	_, err := toml.DecodeFile(filename, &creds)
+	if err != nil {
+		return nil, fmt.Errorf("cannot parse azure credentials: %v", err)
+	}
+
+	return &Credentials{
+		clientID:     creds.ClientID,
+		clientSecret: creds.ClientSecret,
+	}, nil
+}