diff --git a/.gitignore b/.gitignore index 3e759b75..18e337dd 100644 --- a/.gitignore +++ b/.gitignore @@ -1,330 +1,99 @@ -## Ignore Visual Studio temporary files, build results, and -## files generated by popular Visual Studio add-ons. -## -## Get latest from https://github.com/github/gitignore/blob/master/VisualStudio.gitignore +# Dependency directory +node_modules -# User-specific files -*.suo -*.user -*.userosscache -*.sln.docstates - -# User-specific files (MonoDevelop/Xamarin Studio) -*.userprefs - -# Build results -[Dd]ebug/ -[Dd]ebugPublic/ -[Rr]elease/ -[Rr]eleases/ -x64/ -x86/ -bld/ -[Bb]in/ -[Oo]bj/ -[Ll]og/ - -# Visual Studio 2015/2017 cache/options directory -.vs/ -# Uncomment if you have tasks that create the project's static files in wwwroot -#wwwroot/ - -# Visual Studio 2017 auto generated files -Generated\ Files/ - -# MSTest test Results -[Tt]est[Rr]esult*/ -[Bb]uild[Ll]og.* - -# NUNIT -*.VisualState.xml -TestResult.xml - -# Build Results of an ATL Project -[Dd]ebugPS/ -[Rr]eleasePS/ -dlldata.c - -# Benchmark Results -BenchmarkDotNet.Artifacts/ - -# .NET Core -project.lock.json -project.fragment.lock.json -artifacts/ -**/Properties/launchSettings.json - -# StyleCop -StyleCopReport.xml - -# Files built by Visual Studio -*_i.c -*_p.c -*_i.h -*.ilk -*.meta -*.obj -*.iobj -*.pch -*.pdb -*.ipdb -*.pgc -*.pgd -*.rsp -*.sbr -*.tlb -*.tli -*.tlh -*.tmp -*.tmp_proj +# Rest pulled from https://github.com/github/gitignore/blob/master/Node.gitignore +# Logs +logs *.log -*.vspscc -*.vssscc -.builds -*.pidb -*.svclog -*.scc +npm-debug.log* +yarn-debug.log* +yarn-error.log* +lerna-debug.log* -# Chutzpah Test files -_Chutzpah* +# Diagnostic reports (https://nodejs.org/api/report.html) +report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json -# Visual C++ cache files -ipch/ -*.aps -*.ncb -*.opendb -*.opensdf -*.sdf -*.cachefile -*.VC.db -*.VC.VC.opendb +# Runtime data +pids +*.pid +*.seed +*.pid.lock -# Visual Studio profiler -*.psess -*.vsp -*.vspx -*.sap +# Directory for instrumented libs generated by jscoverage/JSCover +lib-cov -# Visual Studio Trace Files -*.e2e +# Coverage directory used by tools like istanbul +coverage +*.lcov -# TFS 2012 Local Workspace -$tf/ +# nyc test coverage +.nyc_output -# Guidance Automation Toolkit -*.gpState +# Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files) +.grunt -# ReSharper is a .NET coding add-in -_ReSharper*/ -*.[Rr]e[Ss]harper -*.DotSettings.user +# Bower dependency directory (https://bower.io/) +bower_components -# JustCode is a .NET coding add-in -.JustCode +# node-waf configuration +.lock-wscript -# TeamCity is a build add-in -_TeamCity* +# Compiled binary addons (https://nodejs.org/api/addons.html) +build/Release -# DotCover is a Code Coverage Tool -*.dotCover +# Dependency directories +jspm_packages/ -# AxoCover is a Code Coverage Tool -.axoCover/* -!.axoCover/settings.json +# TypeScript v1 declaration files +typings/ -# Visual Studio code coverage results -*.coverage -*.coveragexml +# TypeScript cache +*.tsbuildinfo -# NCrunch -_NCrunch_* -.*crunch*.local.xml -nCrunchTemp_* +# Optional npm cache directory +.npm -# MightyMoose -*.mm.* -AutoTest.Net/ +# Optional eslint cache +.eslintcache -# Web workbench (sass) -.sass-cache/ +# Optional REPL history +.node_repl_history -# Installshield output folder -[Ee]xpress/ +# Output of 'npm pack' +*.tgz -# DocProject is a documentation generator add-in -DocProject/buildhelp/ -DocProject/Help/*.HxT -DocProject/Help/*.HxC -DocProject/Help/*.hhc -DocProject/Help/*.hhk -DocProject/Help/*.hhp -DocProject/Help/Html2 -DocProject/Help/html +# Yarn Integrity file +.yarn-integrity -# Click-Once directory -publish/ +# dotenv environment variables file +.env +.env.test -# Publish Web Output -*.[Pp]ublish.xml -*.azurePubxml -# Note: Comment the next line if you want to checkin your web deploy settings, -# but database connection strings (with potential passwords) will be unencrypted -*.pubxml -*.publishproj +# parcel-bundler cache (https://parceljs.org/) +.cache -# Microsoft Azure Web App publish settings. Comment the next line if you want to -# checkin your Azure Web App publish settings, but sensitive information contained -# in these scripts will be unencrypted -PublishScripts/ +# next.js build output +.next -# NuGet Packages -*.nupkg -# The packages folder can be ignored because of Package Restore -**/[Pp]ackages/* -# except build/, which is used as an MSBuild target. -!**/[Pp]ackages/build/ -# Uncomment if necessary however generally it will be regenerated when needed -#!**/[Pp]ackages/repositories.config -# NuGet v3's project.json files produces more ignorable files -*.nuget.props -*.nuget.targets +# nuxt.js build output +.nuxt -# Microsoft Azure Build Output -csx/ -*.build.csdef +# vuepress build output +.vuepress/dist -# Microsoft Azure Emulator -ecf/ -rcf/ +# Serverless directories +.serverless/ -# Windows Store app package directories and files -AppPackages/ -BundleArtifacts/ -Package.StoreAssociation.xml -_pkginfo.txt -*.appx +# FuseBox cache +.fusebox/ -# Visual Studio cache files -# files ending in .cache can be ignored -*.[Cc]ache -# but keep track of directories ending in .cache -!*.[Cc]ache/ +# DynamoDB Local files +.dynamodb/ -# Others -ClientBin/ -~$* -*~ -*.dbmdl -*.dbproj.schemaview -*.jfm -*.pfx -*.publishsettings -orleans.codegen.cs +# OS metadata +.DS_Store +Thumbs.db -# Including strong name files can present a security risk -# (https://github.com/github/gitignore/pull/2483#issue-259490424) -#*.snk - -# Since there are multiple workflows, uncomment next line to ignore bower_components -# (https://github.com/github/gitignore/pull/1529#issuecomment-104372622) -#bower_components/ - -# RIA/Silverlight projects -Generated_Code/ - -# Backup & report files from converting an old project file -# to a newer Visual Studio version. Backup files are not needed, -# because we have git ;-) -_UpgradeReport_Files/ -Backup*/ -UpgradeLog*.XML -UpgradeLog*.htm -ServiceFabricBackup/ -*.rptproj.bak - -# SQL Server files -*.mdf -*.ldf -*.ndf - -# Business Intelligence projects -*.rdl.data -*.bim.layout -*.bim_*.settings -*.rptproj.rsuser - -# Microsoft Fakes -FakesAssemblies/ - -# GhostDoc plugin setting file -*.GhostDoc.xml - -# Node.js Tools for Visual Studio -.ntvs_analysis.dat -node_modules/ - -# Visual Studio 6 build log -*.plg - -# Visual Studio 6 workspace options file -*.opt - -# Visual Studio 6 auto-generated workspace file (contains which files were open etc.) -*.vbw - -# Visual Studio LightSwitch build output -**/*.HTMLClient/GeneratedArtifacts -**/*.DesktopClient/GeneratedArtifacts -**/*.DesktopClient/ModelManifest.xml -**/*.Server/GeneratedArtifacts -**/*.Server/ModelManifest.xml -_Pvt_Extensions - -# Paket dependency manager -.paket/paket.exe -paket-files/ - -# FAKE - F# Make -.fake/ - -# JetBrains Rider -.idea/ -*.sln.iml - -# CodeRush -.cr/ - -# Python Tools for Visual Studio (PTVS) -__pycache__/ -*.pyc - -# Cake - Uncomment if you are using it -# tools/** -# !tools/packages.config - -# Tabs Studio -*.tss - -# Telerik's JustMock configuration file -*.jmconfig - -# BizTalk build output -*.btp.cs -*.btm.cs -*.odx.cs -*.xsd.cs - -# OpenCover UI analysis results -OpenCover/ - -# Azure Stream Analytics local run output -ASALocalRun/ - -# MSBuild Binary and Structured Log -*.binlog - -# NVidia Nsight GPU debugger configuration file -*.nvuser - -# MFractors (Xamarin productivity tool) working folder -.mfractor/ +# Ignore built ts files +__tests__/runner/* +lib/**/* \ No newline at end of file diff --git a/lib/PowerShell/Constants.js b/lib/PowerShell/Constants.js deleted file mode 100644 index 51d0a3a0..00000000 --- a/lib/PowerShell/Constants.js +++ /dev/null @@ -1,14 +0,0 @@ -"use strict"; -Object.defineProperty(exports, "__esModule", { value: true }); -class Constants { -} -exports.default = Constants; -Constants.prefix = "az_"; -Constants.moduleName = "Az.Accounts"; -Constants.versionPattern = /[0-9]+\.[0-9]+\.[0-9]+/; -Constants.AzureCloud = "AzureCloud"; -Constants.Subscription = "Subscription"; -Constants.ServicePrincipal = "ServicePrincipal"; -Constants.Success = "Success"; -Constants.Error = "Error"; -Constants.AzVersion = "AzVersion"; diff --git a/lib/PowerShell/IAzurePowerShellSession.js b/lib/PowerShell/IAzurePowerShellSession.js deleted file mode 100644 index e69de29b..00000000 diff --git a/lib/PowerShell/ServicePrincipalLogin.js b/lib/PowerShell/ServicePrincipalLogin.js deleted file mode 100644 index 716f07f5..00000000 --- a/lib/PowerShell/ServicePrincipalLogin.js +++ /dev/null @@ -1,100 +0,0 @@ -"use strict"; -var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { - if (k2 === undefined) k2 = k; - Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); -}) : (function(o, m, k, k2) { - if (k2 === undefined) k2 = k; - o[k2] = m[k]; -})); -var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { - Object.defineProperty(o, "default", { enumerable: true, value: v }); -}) : function(o, v) { - o["default"] = v; -}); -var __importStar = (this && this.__importStar) || function (mod) { - if (mod && mod.__esModule) return mod; - var result = {}; - if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); - __setModuleDefault(result, mod); - return result; -}; -var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { - function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } - return new (P || (P = Promise))(function (resolve, reject) { - function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } - function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } - function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } - step((generator = generator.apply(thisArg, _arguments || [])).next()); - }); -}; -var __importDefault = (this && this.__importDefault) || function (mod) { - return (mod && mod.__esModule) ? mod : { "default": mod }; -}; -Object.defineProperty(exports, "__esModule", { value: true }); -exports.ServicePrincipalLogin = void 0; -const core = __importStar(require("@actions/core")); -const Utils_1 = __importDefault(require("./Utilities/Utils")); -const PowerShellToolRunner_1 = __importDefault(require("./Utilities/PowerShellToolRunner")); -const ScriptBuilder_1 = __importDefault(require("./Utilities/ScriptBuilder")); -const Constants_1 = __importDefault(require("./Constants")); -class ServicePrincipalLogin { - constructor(servicePrincipalId, servicePrincipalKey, federatedToken, tenantId, subscriptionId, allowNoSubscriptionsLogin, environment, resourceManagerEndpointUrl) { - this.servicePrincipalId = servicePrincipalId; - this.servicePrincipalKey = servicePrincipalKey; - this.federatedToken = federatedToken; - this.tenantId = tenantId; - this.subscriptionId = subscriptionId; - this.environment = environment; - this.resourceManagerEndpointUrl = resourceManagerEndpointUrl; - this.allowNoSubscriptionsLogin = allowNoSubscriptionsLogin; - } - initialize() { - return __awaiter(this, void 0, void 0, function* () { - Utils_1.default.setPSModulePath(); - const azLatestVersion = yield Utils_1.default.getLatestModule(Constants_1.default.moduleName); - core.debug(`Az Module version used: ${azLatestVersion}`); - Utils_1.default.setPSModulePath(`${Constants_1.default.prefix}${azLatestVersion}`); - }); - } - login() { - return __awaiter(this, void 0, void 0, function* () { - let output = ""; - let commandStdErr = false; - const options = { - listeners: { - stdout: (data) => { - output += data.toString(); - }, - stderr: (data) => { - let error = data.toString(); - if (error && error.trim().length !== 0) { - commandStdErr = true; - core.error(error); - } - } - } - }; - const args = { - servicePrincipalId: this.servicePrincipalId, - servicePrincipalKey: this.servicePrincipalKey, - federatedToken: this.federatedToken, - subscriptionId: this.subscriptionId, - environment: this.environment, - scopeLevel: ServicePrincipalLogin.scopeLevel, - allowNoSubscriptionsLogin: this.allowNoSubscriptionsLogin, - resourceManagerEndpointUrl: this.resourceManagerEndpointUrl - }; - const script = new ScriptBuilder_1.default().getAzPSLoginScript(ServicePrincipalLogin.scheme, this.tenantId, args); - yield PowerShellToolRunner_1.default.init(); - yield PowerShellToolRunner_1.default.executePowerShellScriptBlock(script, options); - const result = JSON.parse(output.trim()); - if (!(Constants_1.default.Success in result)) { - throw new Error(`Azure PowerShell login failed with error: ${result[Constants_1.default.Error]}`); - } - console.log(`Azure PowerShell session successfully initialized`); - }); - } -} -exports.ServicePrincipalLogin = ServicePrincipalLogin; -ServicePrincipalLogin.scopeLevel = Constants_1.default.Subscription; -ServicePrincipalLogin.scheme = Constants_1.default.ServicePrincipal; diff --git a/lib/PowerShell/Utilities/PowerShellToolRunner.js b/lib/PowerShell/Utilities/PowerShellToolRunner.js deleted file mode 100644 index 0ac63086..00000000 --- a/lib/PowerShell/Utilities/PowerShellToolRunner.js +++ /dev/null @@ -1,48 +0,0 @@ -"use strict"; -var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { - if (k2 === undefined) k2 = k; - Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); -}) : (function(o, m, k, k2) { - if (k2 === undefined) k2 = k; - o[k2] = m[k]; -})); -var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { - Object.defineProperty(o, "default", { enumerable: true, value: v }); -}) : function(o, v) { - o["default"] = v; -}); -var __importStar = (this && this.__importStar) || function (mod) { - if (mod && mod.__esModule) return mod; - var result = {}; - if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); - __setModuleDefault(result, mod); - return result; -}; -var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { - function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } - return new (P || (P = Promise))(function (resolve, reject) { - function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } - function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } - function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } - step((generator = generator.apply(thisArg, _arguments || [])).next()); - }); -}; -Object.defineProperty(exports, "__esModule", { value: true }); -const io = __importStar(require("@actions/io")); -const exec = __importStar(require("@actions/exec")); -class PowerShellToolRunner { - static init() { - return __awaiter(this, void 0, void 0, function* () { - if (!PowerShellToolRunner.psPath) { - PowerShellToolRunner.psPath = yield io.which("pwsh", true); - } - }); - } - static executePowerShellScriptBlock(scriptBlock, options = {}) { - return __awaiter(this, void 0, void 0, function* () { - //Options for error handling - yield exec.exec(`"${PowerShellToolRunner.psPath}" -Command`, [scriptBlock], options); - }); - } -} -exports.default = PowerShellToolRunner; diff --git a/lib/PowerShell/Utilities/ScriptBuilder.js b/lib/PowerShell/Utilities/ScriptBuilder.js deleted file mode 100644 index 74aa6ae6..00000000 --- a/lib/PowerShell/Utilities/ScriptBuilder.js +++ /dev/null @@ -1,85 +0,0 @@ -"use strict"; -var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { - if (k2 === undefined) k2 = k; - Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); -}) : (function(o, m, k, k2) { - if (k2 === undefined) k2 = k; - o[k2] = m[k]; -})); -var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { - Object.defineProperty(o, "default", { enumerable: true, value: v }); -}) : function(o, v) { - o["default"] = v; -}); -var __importStar = (this && this.__importStar) || function (mod) { - if (mod && mod.__esModule) return mod; - var result = {}; - if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); - __setModuleDefault(result, mod); - return result; -}; -var __importDefault = (this && this.__importDefault) || function (mod) { - return (mod && mod.__esModule) ? mod : { "default": mod }; -}; -Object.defineProperty(exports, "__esModule", { value: true }); -const core = __importStar(require("@actions/core")); -const Constants_1 = __importDefault(require("../Constants")); -class ScriptBuilder { - constructor() { - this.script = ""; - } - getAzPSLoginScript(scheme, tenantId, args) { - let command = `Clear-AzContext -Scope Process; - Clear-AzContext -Scope CurrentUser -Force -ErrorAction SilentlyContinue;`; - if (scheme === Constants_1.default.ServicePrincipal) { - if (args.environment.toLowerCase() == "azurestack") { - command += `Add-AzEnvironment -Name ${args.environment} -ARMEndpoint ${args.resourceManagerEndpointUrl} | out-null;`; - } - // Separate command script for OIDC and non-OIDC - if (!!args.federatedToken) { - command += `Connect-AzAccount -ServicePrincipal -ApplicationId '${args.servicePrincipalId}' -Tenant '${tenantId}' -FederatedToken '${args.federatedToken}' \ - -Environment '${args.environment}' | out-null;`; - } - else { - command += `Connect-AzAccount -ServicePrincipal -Tenant '${tenantId}' -Credential \ - (New-Object System.Management.Automation.PSCredential('${args.servicePrincipalId}',(ConvertTo-SecureString '${args.servicePrincipalKey.replace("'", "''")}' -AsPlainText -Force))) \ - -Environment '${args.environment}' | out-null;`; - } - // command to set the subscription - if (args.scopeLevel === Constants_1.default.Subscription && !args.allowNoSubscriptionsLogin) { - command += `Set-AzContext -SubscriptionId '${args.subscriptionId}' -TenantId '${tenantId}' | out-null;`; - } - } - this.script += `try { - $ErrorActionPreference = "Stop" - $WarningPreference = "SilentlyContinue" - $output = @{} - ${command} - $output['${Constants_1.default.Success}'] = "true" - } - catch { - $output['${Constants_1.default.Error}'] = $_.exception.Message - } - return ConvertTo-Json $output`; - core.debug(`Azure PowerShell Login Script: ${this.script}`); - return this.script; - } - getLatestModuleScript(moduleName) { - const command = `Get-Module -Name ${moduleName} -ListAvailable | Sort-Object Version -Descending | Select-Object -First 1`; - this.script += `try { - $ErrorActionPreference = "Stop" - $WarningPreference = "SilentlyContinue" - $output = @{} - $data = ${command} - $output['${Constants_1.default.AzVersion}'] = $data.Version.ToString() - $output['${Constants_1.default.Success}'] = "true" - } - catch { - $output['${Constants_1.default.Error}'] = $_.exception.Message - } - return ConvertTo-Json $output`; - core.debug(`GetLatestModuleScript: ${this.script}`); - return this.script; - } -} -exports.default = ScriptBuilder; diff --git a/lib/PowerShell/Utilities/Utils.js b/lib/PowerShell/Utilities/Utils.js deleted file mode 100644 index d890766e..00000000 --- a/lib/PowerShell/Utilities/Utils.js +++ /dev/null @@ -1,92 +0,0 @@ -"use strict"; -var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { - if (k2 === undefined) k2 = k; - Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); -}) : (function(o, m, k, k2) { - if (k2 === undefined) k2 = k; - o[k2] = m[k]; -})); -var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { - Object.defineProperty(o, "default", { enumerable: true, value: v }); -}) : function(o, v) { - o["default"] = v; -}); -var __importStar = (this && this.__importStar) || function (mod) { - if (mod && mod.__esModule) return mod; - var result = {}; - if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); - __setModuleDefault(result, mod); - return result; -}; -var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { - function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } - return new (P || (P = Promise))(function (resolve, reject) { - function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } - function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } - function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } - step((generator = generator.apply(thisArg, _arguments || [])).next()); - }); -}; -var __importDefault = (this && this.__importDefault) || function (mod) { - return (mod && mod.__esModule) ? mod : { "default": mod }; -}; -Object.defineProperty(exports, "__esModule", { value: true }); -const os = __importStar(require("os")); -const Constants_1 = __importDefault(require("../Constants")); -const ScriptBuilder_1 = __importDefault(require("./ScriptBuilder")); -const PowerShellToolRunner_1 = __importDefault(require("./PowerShellToolRunner")); -class Utils { - /** - * Add the folder path where Az modules are present to PSModulePath based on runner - * @param azPSVersion - * If azPSVersion is empty, folder path in which all Az modules are present are set - * If azPSVersion is not empty, folder path of exact Az module version is set - */ - static setPSModulePath(azPSVersion = "") { - let modulePath = ""; - const runner = process.env.RUNNER_OS || os.type(); - switch (runner.toLowerCase()) { - case "linux": - modulePath = `/usr/share/${azPSVersion}:`; - break; - case "windows": - case "windows_nt": - modulePath = `C:\\Modules\\${azPSVersion};`; - break; - case "macos": - case "darwin": - throw new Error(`OS not supported`); - default: - throw new Error(`Unknown os: ${runner.toLowerCase()}`); - } - process.env.PSModulePath = `${modulePath}${process.env.PSModulePath}`; - } - static getLatestModule(moduleName) { - return __awaiter(this, void 0, void 0, function* () { - let output = ""; - const options = { - listeners: { - stdout: (data) => { - output += data.toString(); - } - } - }; - yield PowerShellToolRunner_1.default.init(); - yield PowerShellToolRunner_1.default.executePowerShellScriptBlock(new ScriptBuilder_1.default() - .getLatestModuleScript(moduleName), options); - const result = JSON.parse(output.trim()); - if (!(Constants_1.default.Success in result)) { - throw new Error(result[Constants_1.default.Error]); - } - const azLatestVersion = result[Constants_1.default.AzVersion]; - if (!Utils.isValidVersion(azLatestVersion)) { - throw new Error(`Invalid AzPSVersion: ${azLatestVersion}`); - } - return azLatestVersion; - }); - } - static isValidVersion(version) { - return !!version.match(Constants_1.default.versionPattern); - } -} -exports.default = Utils; diff --git a/lib/main.js b/lib/main.js deleted file mode 100644 index 90d9206a..00000000 --- a/lib/main.js +++ /dev/null @@ -1,244 +0,0 @@ -"use strict"; -var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { - if (k2 === undefined) k2 = k; - Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } }); -}) : (function(o, m, k, k2) { - if (k2 === undefined) k2 = k; - o[k2] = m[k]; -})); -var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { - Object.defineProperty(o, "default", { enumerable: true, value: v }); -}) : function(o, v) { - o["default"] = v; -}); -var __importStar = (this && this.__importStar) || function (mod) { - if (mod && mod.__esModule) return mod; - var result = {}; - if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k); - __setModuleDefault(result, mod); - return result; -}; -var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { - function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } - return new (P || (P = Promise))(function (resolve, reject) { - function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } - function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } - function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } - step((generator = generator.apply(thisArg, _arguments || [])).next()); - }); -}; -Object.defineProperty(exports, "__esModule", { value: true }); -const core = __importStar(require("@actions/core")); -const exec = __importStar(require("@actions/exec")); -const io = __importStar(require("@actions/io")); -const actions_secret_parser_1 = require("actions-secret-parser"); -const ServicePrincipalLogin_1 = require("./PowerShell/ServicePrincipalLogin"); -var azPath; -var prefix = !!process.env.AZURE_HTTP_USER_AGENT ? `${process.env.AZURE_HTTP_USER_AGENT}` : ""; -var azPSHostEnv = !!process.env.AZUREPS_HOST_ENVIRONMENT ? `${process.env.AZUREPS_HOST_ENVIRONMENT}` : ""; -function main() { - return __awaiter(this, void 0, void 0, function* () { - try { - //Options for error handling - const loginOptions = { - silent: true, - listeners: { - stderr: (data) => { - let error = data.toString(); - let startsWithWarning = error.toLowerCase().startsWith('warning'); - let startsWithError = error.toLowerCase().startsWith('error'); - // printing ERROR - if (error && error.trim().length !== 0 && !startsWithWarning) { - if (startsWithError) { - //removing the keyword 'ERROR' to avoid duplicates while throwing error - error = error.slice(5); - } - core.setFailed(error); - } - } - } - }; - // Set user agent variable - var isAzCLISuccess = false; - let usrAgentRepo = `${process.env.GITHUB_REPOSITORY}`; - let actionName = 'AzureLogin'; - let userAgentString = (!!prefix ? `${prefix}+` : '') + `GITHUBACTIONS/${actionName}@v1_${usrAgentRepo}`; - let azurePSHostEnv = (!!azPSHostEnv ? `${azPSHostEnv}+` : '') + `GITHUBACTIONS/${actionName}@v1_${usrAgentRepo}`; - core.exportVariable('AZURE_HTTP_USER_AGENT', userAgentString); - core.exportVariable('AZUREPS_HOST_ENVIRONMENT', azurePSHostEnv); - azPath = yield io.which("az", true); - core.debug(`az cli path: ${azPath}`); - let azureSupportedCloudName = new Set([ - "azureusgovernment", - "azurechinacloud", - "azuregermancloud", - "azurecloud", - "azurestack" - ]); - let output = ""; - const execOptions = { - listeners: { - stdout: (data) => { - output += data.toString(); - } - } - }; - yield executeAzCliCommand("--version", true, execOptions); - core.debug(`az cli version used:\n${output}`); - let creds = core.getInput('creds', { required: false }); - let secrets = creds ? new actions_secret_parser_1.SecretParser(creds, actions_secret_parser_1.FormatType.JSON) : null; - let environment = core.getInput("environment").toLowerCase(); - const enableAzPSSession = core.getInput('enable-AzPSSession').toLowerCase() === "true"; - const allowNoSubscriptionsLogin = core.getInput('allow-no-subscriptions').toLowerCase() === "true"; - //Check for the credentials in individual parameters in the workflow. - var servicePrincipalId = core.getInput('client-id', { required: false }); - var servicePrincipalKey = null; - var tenantId = core.getInput('tenant-id', { required: false }); - var subscriptionId = core.getInput('subscription-id', { required: false }); - var resourceManagerEndpointUrl = "https://management.azure.com/"; - var enableOIDC = true; - var federatedToken = null; - // If any of the individual credentials (clent_id, tenat_id, subscription_id) is present. - if (servicePrincipalId || tenantId || subscriptionId) { - //If few of the individual credentials (clent_id, tenat_id, subscription_id) are missing in action inputs. - if (!(servicePrincipalId && tenantId && (subscriptionId || allowNoSubscriptionsLogin))) - throw new Error("Few credentials are missing. ClientId, tenantId are mandatory. SubscriptionId is also mandatory if allow-no-subscriptions is not set."); - } - else { - if (creds) { - core.debug('using creds JSON...'); - enableOIDC = false; - servicePrincipalId = secrets.getSecret("$.clientId", true); - servicePrincipalKey = secrets.getSecret("$.clientSecret", true); - tenantId = secrets.getSecret("$.tenantId", true); - subscriptionId = secrets.getSecret("$.subscriptionId", true); - resourceManagerEndpointUrl = secrets.getSecret("$.resourceManagerEndpointUrl", false); - } - else { - throw new Error("Credentials are not passed for Login action."); - } - } - //generic checks - //servicePrincipalKey is only required in non-oidc scenario. - if (!servicePrincipalId || !tenantId || !(servicePrincipalKey || enableOIDC)) { - throw new Error("Not all values are present in the credentials. Ensure clientId, clientSecret and tenantId are supplied."); - } - if (!subscriptionId && !allowNoSubscriptionsLogin) { - throw new Error("Not all values are present in the credentials. Ensure subscriptionId is supplied."); - } - if (!azureSupportedCloudName.has(environment)) { - throw new Error("Unsupported value for environment is passed.The list of supported values for environment are ‘azureusgovernment', ‘azurechinacloud’, ‘azuregermancloud’, ‘azurecloud’ or ’azurestack’"); - } - // OIDC specific checks - if (enableOIDC) { - console.log('Using OIDC authentication...'); - try { - //generating ID-token - let audience = core.getInput('audience', { required: false }); - federatedToken = yield core.getIDToken(audience); - if (!!federatedToken) { - if (environment != "azurecloud") - throw new Error(`Your current environment - "${environment}" is not supported for OIDC login.`); - let [issuer, subjectClaim] = yield jwtParser(federatedToken); - console.log("Federated token details: \n issuer - " + issuer + " \n subject claim - " + subjectClaim); - } - } - catch (error) { - core.error(`${error.message.split(':')[1]}. Please make sure to give write permissions to id-token in the workflow.`); - } - } - // Attempting Az cli login - if (environment == "azurestack") { - if (!resourceManagerEndpointUrl) { - throw new Error("resourceManagerEndpointUrl is a required parameter when environment is defined."); - } - console.log(`Unregistering cloud: "${environment}" first if it exists`); - try { - yield executeAzCliCommand(`cloud set -n AzureCloud`, true); - yield executeAzCliCommand(`cloud unregister -n "${environment}"`, false); - } - catch (error) { - console.log(`Ignore cloud not registered error: "${error}"`); - } - console.log(`Registering cloud: "${environment}" with ARM endpoint: "${resourceManagerEndpointUrl}"`); - try { - let baseUri = resourceManagerEndpointUrl; - if (baseUri.endsWith('/')) { - baseUri = baseUri.substring(0, baseUri.length - 1); // need to remove trailing / from resourceManagerEndpointUrl to correctly derive suffixes below - } - let suffixKeyvault = ".vault" + baseUri.substring(baseUri.indexOf('.')); // keyvault suffix starts with . - let suffixStorage = baseUri.substring(baseUri.indexOf('.') + 1); // storage suffix starts without . - let profileVersion = "2019-03-01-hybrid"; - yield executeAzCliCommand(`cloud register -n "${environment}" --endpoint-resource-manager "${resourceManagerEndpointUrl}" --suffix-keyvault-dns "${suffixKeyvault}" --suffix-storage-endpoint "${suffixStorage}" --profile "${profileVersion}"`, false); - } - catch (error) { - core.error(`Error while trying to register cloud "${environment}": "${error}"`); - } - console.log(`Done registering cloud: "${environment}"`); - } - yield executeAzCliCommand(`cloud set -n "${environment}"`, false); - console.log(`Done setting cloud: "${environment}"`); - // Attempting Az cli login - var commonArgs = ["--service-principal", - "-u", servicePrincipalId, - "--tenant", tenantId - ]; - if (allowNoSubscriptionsLogin) { - commonArgs = commonArgs.concat("--allow-no-subscriptions"); - } - if (enableOIDC) { - commonArgs = commonArgs.concat("--federated-token", federatedToken); - } - else { - console.log("Note: Azure/login action also supports OIDC login mechanism. Refer https://github.com/azure/login#configure-a-service-principal-with-a-federated-credential-to-use-oidc-based-authentication for more details."); - commonArgs = commonArgs.concat("-p", servicePrincipalKey); - } - yield executeAzCliCommand(`login`, true, loginOptions, commonArgs); - if (!allowNoSubscriptionsLogin) { - var args = [ - "--subscription", - subscriptionId - ]; - yield executeAzCliCommand(`account set`, true, loginOptions, args); - } - isAzCLISuccess = true; - if (enableAzPSSession) { - // Attempting Az PS login - console.log(`Running Azure PS Login`); - var spnlogin; - spnlogin = new ServicePrincipalLogin_1.ServicePrincipalLogin(servicePrincipalId, servicePrincipalKey, federatedToken, tenantId, subscriptionId, allowNoSubscriptionsLogin, environment, resourceManagerEndpointUrl); - yield spnlogin.initialize(); - yield spnlogin.login(); - } - console.log("Login successful."); - } - catch (error) { - if (!isAzCLISuccess) { - core.setFailed(`Az CLI Login failed with ${error}. Please check the credentials and make sure az is installed on the runner. For more information refer https://aka.ms/create-secrets-for-GitHub-workflows`); - } - else { - core.setFailed(`Azure PowerShell Login failed with ${error}. Please check the credentials and make sure az is installed on the runner. For more information refer https://aka.ms/create-secrets-for-GitHub-workflows"`); - } - } - finally { - // Reset AZURE_HTTP_USER_AGENT - core.exportVariable('AZURE_HTTP_USER_AGENT', prefix); - core.exportVariable('AZUREPS_HOST_ENVIRONMENT', azPSHostEnv); - } - }); -} -function executeAzCliCommand(command, silent, execOptions = {}, args = []) { - return __awaiter(this, void 0, void 0, function* () { - execOptions.silent = !!silent; - yield exec.exec(`"${azPath}" ${command}`, args, execOptions); - }); -} -function jwtParser(federatedToken) { - return __awaiter(this, void 0, void 0, function* () { - let tokenPayload = federatedToken.split('.')[1]; - let bufferObj = Buffer.from(tokenPayload, "base64"); - let decodedPayload = JSON.parse(bufferObj.toString("utf8")); - return [decodedPayload['iss'], decodedPayload['sub']]; - }); -} -main();