def load_images_from_aliases_doc(publisher=None, offer=None, sku=None): from azure.cli.core.cloud import get_active_cloud, CloudEndpointNotSetException cloud = get_active_cloud() try: target_url = cloud.endpoints.vm_image_alias_doc except CloudEndpointNotSetException: raise CLIError("'endpoint_vm_image_alias_doc' isn't configured. Please invoke 'az cloud update' to configure " "it or use '--all' to retrieve images from server") txt = urlopen(target_url).read() dic = json.loads(txt.decode()) try: all_images = [] result = (dic['outputs']['aliases']['value']) for v in result.values(): # loop around os for alias, vv in v.items(): # loop around distros all_images.append({ 'urnAlias': alias, 'publisher': vv['publisher'], 'offer': vv['offer'], 'sku': vv['sku'], 'version': vv['version'] }) all_images = [i for i in all_images if (_partial_matched(publisher, i['publisher']) and _partial_matched(offer, i['offer']) and _partial_matched(sku, i['sku']))] return all_images except KeyError: raise CLIError('Could not retrieve image list from {}'.format(target_url))
def _get_cli_profile(self, subscription_id): # pylint:disable=no-self-use try: from azure.cli.core.util import CLIError from azure.cli.core.cloud import get_active_cloud try: profile = get_cli_profile() cloud = get_active_cloud() subscription = profile.get_subscription( subscription=subscription_id) return profile, subscription['id'], cloud.endpoints except CLIError: raise ValueError( "Unable to load Azure CLI authenticated session. Please " "run the 'az login' command or supply an AAD credentials " "object from azure.common.credentials.") except ImportError: raise ValueError( 'Unable to load Azure CLI authenticated session. Please ' 'supply an AAD credentials object from azure.common.credentials' ) except (AttributeError, KeyError, TypeError) as error: raise ValueError( 'Unable to load Azure CLI authenticated session. There is ' 'a version conflict with azure-cli-core. Please check for ' 'updates or report this issue at ' 'github.com/Azure/azure-batch-cli-extensions:\n{}'.format( str(error)))
def load_images_from_aliases_doc(publisher=None, offer=None, sku=None): from azure.cli.core.cloud import get_active_cloud, CloudEndpointNotSetException cloud = get_active_cloud() try: target_url = cloud.endpoints.vm_image_alias_doc except CloudEndpointNotSetException: raise CLIError( "'endpoint_vm_image_alias_doc' isn't configured. Please invoke 'az cloud update' to configure " "it or use '--all' to retrieve images from server") txt = urlopen(target_url).read() dic = json.loads(txt.decode()) try: all_images = [] result = (dic['outputs']['aliases']['value']) for v in result.values(): # loop around os for alias, vv in v.items(): # loop around distros all_images.append({ 'urnAlias': alias, 'publisher': vv['publisher'], 'offer': vv['offer'], 'sku': vv['sku'], 'version': vv['version'] }) all_images = [ i for i in all_images if (_partial_matched(publisher, i['publisher']) and _partial_matched(offer, i['offer']) and _partial_matched(sku, i['sku'])) ] return all_images except KeyError: raise CLIError( 'Could not retrieve image list from {}'.format(target_url))
def load_cached_subscriptions(self, all_clouds=False): subscriptions = self._storage.get(_SUBSCRIPTIONS) or [] active_cloud = get_active_cloud() cached_subscriptions = [sub for sub in subscriptions if all_clouds or sub[_ENVIRONMENT_NAME] == active_cloud.name] # use deepcopy as we don't want to persist these changes to file. return deepcopy(cached_subscriptions)
def __init__(self, **kwargs): super(AzCli, self).__init__(**kwargs) from azure.cli.core.commands.arm import ( register_ids_argument, register_global_subscription_argument) from azure.cli.core.cloud import get_active_cloud from azure.cli.core.commands.transform import register_global_transforms from azure.cli.core._session import ACCOUNT, CONFIG, SESSION from knack.util import ensure_dir self.data['headers'] = {} self.data['command'] = 'unknown' self.data['command_extension_name'] = None self.data['completer_active'] = ARGCOMPLETE_ENV_NAME in os.environ self.data['query_active'] = False azure_folder = self.config.config_dir ensure_dir(azure_folder) ACCOUNT.load(os.path.join(azure_folder, 'azureProfile.json')) CONFIG.load(os.path.join(azure_folder, 'az.json')) SESSION.load(os.path.join(azure_folder, 'az.sess'), max_age=3600) self.cloud = get_active_cloud(self) logger.debug('Current cloud config:\n%s', str(self.cloud.name)) register_global_transforms(self) register_global_subscription_argument(self) register_ids_argument(self) # global subscription must be registered first! self.progress_controller = None
def _set_subscriptions(self, new_subscriptions): existing_ones = self.load_cached_subscriptions(all_clouds=True) active_one = next((x for x in existing_ones if x.get(_IS_DEFAULT_SUBSCRIPTION)), None) active_subscription_id = active_one[_SUBSCRIPTION_ID] if active_one else None active_cloud = get_active_cloud() default_sub_id = None # merge with existing ones dic = collections.OrderedDict((x[_SUBSCRIPTION_ID], x) for x in existing_ones) dic.update((x[_SUBSCRIPTION_ID], x) for x in new_subscriptions) subscriptions = list(dic.values()) if active_one: new_active_one = next( (x for x in new_subscriptions if x[_SUBSCRIPTION_ID] == active_subscription_id), None) for s in subscriptions: s[_IS_DEFAULT_SUBSCRIPTION] = False if not new_active_one: new_active_one = Profile._pick_working_subscription(new_subscriptions) else: new_active_one = Profile._pick_working_subscription(new_subscriptions) new_active_one[_IS_DEFAULT_SUBSCRIPTION] = True default_sub_id = new_active_one[_SUBSCRIPTION_ID] set_cloud_subscription(active_cloud.name, default_sub_id) self._storage[_SUBSCRIPTIONS] = subscriptions
def find_recording_dir(cli_ctx, test_file): """ Find the directory containing the recording of given test file based on current profile. """ from azure.cli.core.cloud import get_active_cloud api_profile = get_active_cloud(cli_ctx).profile base_dir = os.path.join(os.path.dirname(test_file), 'recordings') return os.path.join(base_dir, api_profile)
def __init__(self, **kwargs): super(AzCli, self).__init__(**kwargs) from azure.cli.core.commands.arm import add_id_parameters from azure.cli.core.cloud import get_active_cloud from azure.cli.core.extensions import register_extensions from azure.cli.core._session import ACCOUNT, CONFIG, SESSION import knack.events as events from knack.util import ensure_dir self.data['headers'] = {} self.data['command'] = 'unknown' self.data['command_extension_name'] = None self.data['completer_active'] = ARGCOMPLETE_ENV_NAME in os.environ self.data['query_active'] = False azure_folder = self.config.config_dir ensure_dir(azure_folder) ACCOUNT.load(os.path.join(azure_folder, 'azureProfile.json')) CONFIG.load(os.path.join(azure_folder, 'az.json')) SESSION.load(os.path.join(azure_folder, 'az.sess'), max_age=3600) self.cloud = get_active_cloud(self) logger.debug('Current cloud config:\n%s', str(self.cloud.name)) register_extensions(self) self.register_event(events.EVENT_INVOKER_POST_CMD_TBL_CREATE, add_id_parameters) self.progress_controller = None
def get_cli_active_cloud(): """Return a CLI active cloud. *Disclaimer*: This method is not working for azure-cli-core>=2.21.0 (released in March 2021). .. versionadded:: 1.1.6 .. deprecated:: 1.1.28 :return: A CLI Cloud :rtype: azure.cli.core.cloud.Cloud :raises: ImportError if azure-cli-core package is not available """ try: from azure.cli.core.cloud import get_active_cloud except ImportError: raise ImportError( "The public API of azure-cli-core has been deprecated starting 2.21.0, " + "and this method no longer can return a cloud instance. " + "If you want to use this method, you need to install 'azure-cli-core<2.21.0'. " + "You may corrupt data if you use current CLI and old azure-cli-core." ) return get_active_cloud()
def __init__(self, **kwargs): super(AzCli, self).__init__(**kwargs) from azure.cli.core.commands import register_cache_arguments from azure.cli.core.commands.arm import ( register_ids_argument, register_global_subscription_argument) from azure.cli.core.cloud import get_active_cloud from azure.cli.core.commands.transform import register_global_transforms from azure.cli.core._session import ACCOUNT, CONFIG, SESSION from knack.util import ensure_dir self.data['headers'] = {} self.data['command'] = 'unknown' self.data['command_extension_name'] = None self.data['completer_active'] = ARGCOMPLETE_ENV_NAME in os.environ self.data['query_active'] = False azure_folder = self.config.config_dir ensure_dir(azure_folder) ACCOUNT.load(os.path.join(azure_folder, 'azureProfile.json')) CONFIG.load(os.path.join(azure_folder, 'az.json')) SESSION.load(os.path.join(azure_folder, 'az.sess'), max_age=3600) self.cloud = get_active_cloud(self) logger.debug('Current cloud config:\n%s', str(self.cloud.name)) register_global_transforms(self) register_global_subscription_argument(self) register_ids_argument( self) # global subscription must be registered first! register_cache_arguments(self) self.progress_controller = None
def __init__(self, commands_loader_cls=None, **kwargs): import os from azure.cli.core import MainCommandsLoader from azure.cli.core.commands import AzCliCommandInvoker from azure.cli.core.azlogging import AzCliLogging from azure.cli.core.cloud import get_active_cloud from azure.cli.core.parser import AzCliCommandParser from azure.cli.core._config import GLOBAL_CONFIG_DIR, ENV_VAR_PREFIX from azure.cli.core._help import AzCliHelp from knack.completion import ARGCOMPLETE_ENV_NAME super(DummyCli, self).__init__( cli_name='az', config_dir=GLOBAL_CONFIG_DIR, config_env_var_prefix=ENV_VAR_PREFIX, commands_loader_cls=commands_loader_cls or MainCommandsLoader, parser_cls=AzCliCommandParser, logging_cls=AzCliLogging, help_cls=AzCliHelp, invocation_cls=AzCliCommandInvoker) self.data['headers'] = {} # the x-ms-client-request-id is generated before a command is to execute self.data['command'] = 'unknown' self.data['completer_active'] = ARGCOMPLETE_ENV_NAME in os.environ self.data['query_active'] = False loader = self.commands_loader_cls(self) setattr(self, 'commands_loader', loader) self.cloud = get_active_cloud(self)
def get_sp_auth_info(self, subscription_id=None, name=None, password=None, cert_file=None): from collections import OrderedDict account = self.get_subscription(subscription_id) # is the credential created through command like 'create-for-rbac'? result = OrderedDict() if name and (password or cert_file): result['clientId'] = name if password: result['clientSecret'] = password else: result['clientCertificate'] = cert_file result['subscriptionId'] = subscription_id or account[ _SUBSCRIPTION_ID] else: # has logged in through cli user_type = account[_USER_ENTITY].get(_USER_TYPE) if user_type == _SERVICE_PRINCIPAL: result['clientId'] = account[_USER_ENTITY][_USER_NAME] sp_auth = ServicePrincipalAuth( self._creds_cache.retrieve_secret_of_service_principal( account[_USER_ENTITY][_USER_NAME])) secret = getattr(sp_auth, 'secret', None) if secret: result['clientSecret'] = secret else: # we can output 'clientCertificateThumbprint' if asked result['clientCertificate'] = sp_auth.certificate_file result['subscriptionId'] = account[_SUBSCRIPTION_ID] else: raise CLIError( 'SDK Auth file is only applicable on service principals') result[_TENANT_ID] = account[_TENANT_ID] endpoint_mappings = OrderedDict( ) # use OrderedDict to control the output sequence endpoint_mappings['active_directory'] = 'activeDirectoryEndpointUrl' endpoint_mappings['resource_manager'] = 'resourceManagerEndpointUrl' endpoint_mappings[ 'active_directory_graph_resource_id'] = 'activeDirectoryGraphResourceId' endpoint_mappings['sql_management'] = 'sqlManagementEndpointUrl' endpoint_mappings['gallery'] = 'galleryEndpointUrl' endpoint_mappings['management'] = 'managementEndpointUrl' for e in endpoint_mappings: result[endpoint_mappings[e]] = getattr( get_active_cloud(self.cli_ctx).endpoints, e) return result
def get_cli_active_cloud(): """Return a CLI active cloud. .. versionadded:: 1.1.6 :return: A CLI Cloud :rtype: azure.cli.core.cloud.Cloud :raises: ImportError if azure-cli-core package is not available """ try: from azure.cli.core.cloud import get_active_cloud except ImportError: raise ImportError("You need to install 'azure-cli-core' to load CLI active Cloud") return get_active_cloud()
def get_access_token(subscription=None, resource=None): ''' get AAD token to access to a specified resource :param resource: Azure resource endpoints. Default to Azure Resource Manager Use 'az cloud show' command for other Azure resources ''' resource = (resource or get_active_cloud().endpoints.active_directory_resource_id) profile = Profile() creds, subscription, tenant = profile.get_raw_token(resource, subscription=subscription) return { 'tokenType': creds[0], 'accessToken': creds[1], 'expiresOn': creds[2]['expiresOn'], 'subscription': subscription, 'tenant': tenant }
def get_cli_active_cloud(): """Return a CLI active cloud. .. versionadded:: 1.1.6 :return: A CLI Cloud :rtype: azure.cli.core.cloud.Cloud :raises: ImportError if azure-cli-core package is not available """ try: from azure.cli.core.cloud import get_active_cloud except ImportError: raise ImportError( "You need to install 'azure-cli-core' to load CLI active Cloud") return get_active_cloud()
def __init__(self, **kwargs): super(AzCli, self).__init__(**kwargs) from azure.cli.core.commands import register_cache_arguments from azure.cli.core.commands.arm import ( register_ids_argument, register_global_subscription_argument) from azure.cli.core.cloud import get_active_cloud from azure.cli.core.commands.transform import register_global_transforms from azure.cli.core._session import ACCOUNT, CONFIG, SESSION, INDEX, VERSIONS from azure.cli.core.style import format_styled_text from azure.cli.core.util import handle_version_update from azure.cli.core.commands.query_examples import register_global_query_examples_argument from knack.util import ensure_dir self.data['headers'] = {} self.data['command'] = 'unknown' self.data['command_extension_name'] = None self.data['completer_active'] = ARGCOMPLETE_ENV_NAME in os.environ self.data['query_active'] = False azure_folder = self.config.config_dir ensure_dir(azure_folder) ACCOUNT.load(os.path.join(azure_folder, 'azureProfile.json')) CONFIG.load(os.path.join(azure_folder, 'az.json')) SESSION.load(os.path.join(azure_folder, 'az.sess'), max_age=3600) INDEX.load(os.path.join(azure_folder, 'commandIndex.json')) VERSIONS.load(os.path.join(azure_folder, 'versionCheck.json')) handle_version_update() self.cloud = get_active_cloud(self) logger.debug('Current cloud config:\n%s', str(self.cloud.name)) self.local_context = AzCLILocalContext(self) register_global_transforms(self) register_global_subscription_argument(self) register_global_query_examples_argument(self) register_ids_argument( self) # global subscription must be registered first! register_cache_arguments(self) self.progress_controller = None if self.enable_color: theme = self.config.get('core', 'theme', fallback='dark') else: theme = 'none' format_styled_text.theme = theme
def set_active_subscription(self, subscription): # take id or name subscriptions = self.load_cached_subscriptions(all_clouds=True) active_cloud = get_active_cloud() subscription = subscription.lower() result = [x for x in subscriptions if subscription in [x[_SUBSCRIPTION_ID].lower(), x[_SUBSCRIPTION_NAME].lower()] and x[_ENVIRONMENT_NAME] == active_cloud.name] if len(result) != 1: raise CLIError("The subscription of '{}' does not exist or has more than" " one match in cloud '{}'.".format(subscription, active_cloud.name)) for s in subscriptions: s[_IS_DEFAULT_SUBSCRIPTION] = False result[0][_IS_DEFAULT_SUBSCRIPTION] = True set_cloud_subscription(active_cloud.name, result[0][_SUBSCRIPTION_ID]) self._storage[_SUBSCRIPTIONS] = subscriptions
def get_sp_auth_info(self, subscription_id=None, name=None, password=None, cert_file=None): from collections import OrderedDict account = self.get_subscription(subscription_id) # is the credential created through command like 'create-for-rbac'? result = OrderedDict() if name and (password or cert_file): result['clientId'] = name if password: result['clientSecret'] = password else: result['clientCertificate'] = cert_file result['subscriptionId'] = subscription_id or account[_SUBSCRIPTION_ID] else: # has logged in through cli user_type = account[_USER_ENTITY].get(_USER_TYPE) if user_type == _SERVICE_PRINCIPAL: result['clientId'] = account[_USER_ENTITY][_USER_NAME] sp_auth = ServicePrincipalAuth(self._creds_cache.retrieve_secret_of_service_principal( account[_USER_ENTITY][_USER_NAME])) secret = getattr(sp_auth, 'secret', None) if secret: result['clientSecret'] = secret else: # we can output 'clientCertificateThumbprint' if asked result['clientCertificate'] = sp_auth.certificate_file result['subscriptionId'] = account[_SUBSCRIPTION_ID] else: raise CLIError('SDK Auth file is only applicable on service principals') result[_TENANT_ID] = account[_TENANT_ID] endpoint_mappings = OrderedDict() # use OrderedDict to control the output sequence endpoint_mappings['active_directory'] = 'activeDirectoryEndpointUrl' endpoint_mappings['resource_manager'] = 'resourceManagerEndpointUrl' endpoint_mappings['active_directory_graph_resource_id'] = 'activeDirectoryGraphResourceId' endpoint_mappings['sql_management'] = 'sqlManagementEndpointUrl' endpoint_mappings['gallery'] = 'galleryEndpointUrl' endpoint_mappings['management'] = 'managementEndpointUrl' for e in endpoint_mappings: result[endpoint_mappings[e]] = getattr(get_active_cloud(self.cli_ctx).endpoints, e) return result
def get_sp_auth_info(self, subscription_id=None, name=None, password=None, cert_file=None): """Generate a JSON for --sdk-auth argument when used in: - az ad sp create-for-rbac --sdk-auth """ from collections import OrderedDict account = self.get_subscription(subscription_id) # is the credential created through command like 'create-for-rbac'? result = OrderedDict() result['clientId'] = name if password: result['clientSecret'] = password else: result['clientCertificate'] = cert_file result['subscriptionId'] = subscription_id or account[_SUBSCRIPTION_ID] result[_TENANT_ID] = account[_TENANT_ID] endpoint_mappings = OrderedDict( ) # use OrderedDict to control the output sequence endpoint_mappings['active_directory'] = 'activeDirectoryEndpointUrl' endpoint_mappings['resource_manager'] = 'resourceManagerEndpointUrl' endpoint_mappings[ 'active_directory_graph_resource_id'] = 'activeDirectoryGraphResourceId' endpoint_mappings['sql_management'] = 'sqlManagementEndpointUrl' endpoint_mappings['gallery'] = 'galleryEndpointUrl' endpoint_mappings['management'] = 'managementEndpointUrl' from azure.cli.core.cloud import CloudEndpointNotSetException for e in endpoint_mappings: try: result[endpoint_mappings[e]] = getattr( get_active_cloud(self.cli_ctx).endpoints, e) except CloudEndpointNotSetException: result[endpoint_mappings[e]] = None return result
def __init__(self): super(MockCLI, self).__init__(cli_name='mock_cli', config_dir=GLOBAL_CONFIG_DIR, config_env_var_prefix=ENV_VAR_PREFIX, commands_loader_cls=MockLoader) self.cloud = get_active_cloud(self)
def load_cached_subscriptions(self, all_clouds=False): subscriptions = self._storage.get(_SUBSCRIPTIONS) or [] active_cloud = get_active_cloud() return [sub for sub in subscriptions if all_clouds or sub[_ENVIRONMENT_NAME] == active_cloud.name]
def _authentication_context_factory(tenant, cache): import adal authority_url = CLOUD.endpoints.active_directory is_adfs = authority_url.lower().endswith('/adfs') if not is_adfs: authority_url = authority_url + '/' + (tenant or _COMMON_TENANT) return adal.AuthenticationContext(authority_url, cache=cache, api_version=None, validate_authority=(not is_adfs)) _AUTH_CTX_FACTORY = _authentication_context_factory init_known_clouds(force=True) CLOUD = get_active_cloud() logger.debug('Current cloud config:\n%s', str(CLOUD)) def _load_tokens_from_file(file_path): all_entries = [] if os.path.isfile(file_path): all_entries = get_file_json(file_path, throw_on_empty=False) or [] return all_entries def _delete_file(file_path): try: os.remove(file_path) except OSError as e:
class CredentialType(Enum): # pylint: disable=too-few-public-methods cloud = get_active_cloud(cli_ctx) management = cli_ctx.cloud.endpoints.management rbac = cli_ctx.cloud.endpoints.active_directory_graph_resource_id
def get_active_api_profile(cli_ctx): from azure.cli.core.cloud import get_active_cloud return get_active_cloud(cli_ctx).profile
def _get_server_dns_suffx(): # Allow dns suffix to be overridden by environment variable for testing purposes from os import getenv return getenv('_AZURE_CLI_SQL_DNS_SUFFIX', default=get_active_cloud().suffixes.sql_server_hostname)
TOKEN_FIELDS_EXCLUDED_FROM_PERSISTENCE = [ 'familyName', 'givenName', 'isUserIdDisplayable', 'tenantId' ] _CLIENT_ID = '04b07795-8ddb-461a-bbee-02f9e1bf7b46' _COMMON_TENANT = 'common' def _authentication_context_factory(authority, cache): return adal.AuthenticationContext(authority, cache=cache, api_version=None) _AUTH_CTX_FACTORY = _authentication_context_factory CLOUD = get_active_cloud() logger.debug("Current active cloud '%s'", CLOUD.name) logger.debug(pformat(vars(CLOUD.endpoints))) logger.debug(pformat(vars(CLOUD.suffixes))) def get_authority_url(tenant=None): return CLOUD.endpoints.active_directory + '/' + (tenant or _COMMON_TENANT) def _load_tokens_from_file(file_path): all_entries = [] if os.path.isfile(file_path): all_entries = get_file_json(file_path, throw_on_empty=False) or [] return all_entries