thumbprint based authentication does not work when thumbprint is specified in the VirtualCenter section in vSphere Config Secret

[divyenpatel]

Is this a BUG REPORT or FEATURE REQUEST?:

Uncomment only one, leave it on its own line:

/kind bug

What happened:

Using following vSphere Config Secret having thumbprint specified in the VirtualCenter section is not working. So thumbprint based authentication is not supported in the multi vCenter deployment.

[Global]
cluster-id = "cluster1"
cluster-distribution = "CSI-Vanilla"

[VirtualCenter "vc1@domain.com"]
user = "Administrator@vsphere.local"
password = "password"
thumbprint = "92:87:AE:0F:DE:87:E3:8E:94:F0:A6:E4:CF:A0:65:9F:20:8A:7F:26:44:C0:46:20:BF:82:ED:FD:40:D4:8F:C7"
insecure-flag = "false"
port = "443"
datacenters = "VSAN-DC"

[VirtualCenter "vc2@domain.com"]
user = "Administrator@vsphere.local"
password = "password"
thumbprint = "7B:F3:7E:65:0F:44:3B:AF:D4:BE:D0:91:7F:92:34:98:CA:BB:97:01"
insecure-flag = "false"
port = "443"
datacenters = "VSAN-DC"

For single vCenter deployment, thumbprint based authentication works only when thumbprint is specified in the Global section as below

[Global]
cluster-id = "cluster1"
cluster-distribution = "CSI-Vanilla"
thumbprint = "92:87:AE:0F:DE:87:E3:8E:94:F0:A6:E4:CF:A0:65:9F:20:8A:7F:26:44:C0:46:20:BF:82:ED:FD:40:D4:8F:C7"
insecure-flag = "false"

[VirtualCenter "vc1@domain.com"]
user = "Administrator@vsphere.local"
password = "password"
port = "443"
datacenters = "VSAN-DC"

What you expected to happen: thumbprint, insecure-flag and ca-file etc. vCenter specific parameter should not get overridden when they are not specified in the Global section.

We have a bug in the code Refer to https://github.com/kubernetes-sigs/vsphere-csi-driver/blob/a305ea2788d9d4c1432b1d2ab2df4dcf3d9750d6/pkg/common/cns-lib/vsphere/utils.go#L208-L224

Ever since we added support for thumbprint we have this bug - https://github.com/kubernetes-sigs/vsphere-csi-driver/commit/1aad2254fd39a9fb19dd05f44f26ae50d9209aba