def create_tunnel(cmd, resource_group_name, name, port=None, slot=None): import time profiles = list_publish_profiles(cmd, resource_group_name, name, slot) user_name = next(p['userName'] for p in profiles) user_password = next(p['userPWD'] for p in profiles) import threading from .tunnel import TunnelServer if port is None: port = 0 # Will auto-select a free port from 1024-65535 logger.info('No port defined, creating on random free port') host_name = name if slot is not None: host_name += "-" + slot tunnel_server = TunnelServer('', port, host_name, user_name, user_password) config = get_site_configs(cmd, resource_group_name, name, slot) _ping_scm_site(cmd, resource_group_name, name) t = threading.Thread(target=_start_tunnel, args=(tunnel_server, config.remote_debugging_enabled)) t.daemon = True t.start() # Wait indefinitely for CTRL-C while True: time.sleep(5)
def create_tunnel(cmd, resource_group_name, name, port=None, slot=None): logger.warning("remote-connection is deprecated and moving to cli-core, use `webapp create-remote-connection`") webapp = show_webapp(cmd, resource_group_name, name, slot) is_linux = webapp.reserved if not is_linux: logger.error("Only Linux App Service Plans supported, Found a Windows App Service Plan") return import time profiles = list_publish_profiles(cmd, resource_group_name, name, slot) user_name = next(p['userName'] for p in profiles) user_password = next(p['userPWD'] for p in profiles) import threading from .tunnel import TunnelServer if port is None: port = 0 # Will auto-select a free port from 1024-65535 logger.info('No port defined, creating on random free port') host_name = name if slot is not None: host_name += "-" + slot tunnel_server = TunnelServer('', port, host_name, user_name, user_password) config = get_site_configs(cmd, resource_group_name, name, slot) _ping_scm_site(cmd, resource_group_name, name) t = threading.Thread(target=_start_tunnel, args=(tunnel_server, config.remote_debugging_enabled)) t.daemon = True t.start() # Wait indefinitely for CTRL-C while True: time.sleep(5)
def add_webapp_access_restriction(cmd, resource_group_name, name, priority, rule_name=None, action='Allow', ip_address=None, subnet=None, vnet_name=None, description=None, scm_site=False, ignore_missing_vnet_service_endpoint=False, slot=None, vnet_resource_group=None): configs = get_site_configs(cmd, resource_group_name, name, slot) if (ip_address and subnet) or (not ip_address and not subnet): raise CLIError('Usage error: --subnet | --ip-address') # get rules list access_rules = configs.scm_ip_security_restrictions if scm_site else configs.ip_security_restrictions # check for null access_rules = access_rules or [] rule_instance = None if subnet: vnet_rg = vnet_resource_group if vnet_resource_group else resource_group_name subnet_id = _validate_subnet(cmd.cli_ctx, subnet, vnet_name, vnet_rg) if not ignore_missing_vnet_service_endpoint: _ensure_subnet_service_endpoint(cmd.cli_ctx, subnet_id) rule_instance = IpSecurityRestriction( name=rule_name, vnet_subnet_resource_id=subnet_id, priority=priority, action=action, tag='Default', description=description) access_rules.append(rule_instance) elif ip_address: rule_instance = IpSecurityRestriction(name=rule_name, ip_address=ip_address, priority=priority, action=action, tag='Default', description=description) access_rules.append(rule_instance) result = _generic_site_operation(cmd.cli_ctx, resource_group_name, name, 'update_configuration', slot, configs) return result.scm_ip_security_restrictions if scm_site else result.ip_security_restrictions
def show_webapp_access_restrictions(cmd, resource_group_name, name, slot=None): import json configs = get_site_configs(cmd, resource_group_name, name, slot) access_restrictions = json.dumps(configs.ip_security_restrictions, default=lambda x: x.__dict__) scm_access_restrictions = json.dumps(configs.scm_ip_security_restrictions, default=lambda x: x.__dict__) access_rules = { "scmIpSecurityRestrictionsUseMain": configs.scm_ip_security_restrictions_use_main, "ipSecurityRestrictions": json.loads(access_restrictions), "scmIpSecurityRestrictions": json.loads(scm_access_restrictions) } return access_rules
def set_webapp_access_restriction(cmd, resource_group_name, name, use_same_restrictions_for_scm_site, slot=None): configs = get_site_configs(cmd, resource_group_name, name, slot) setattr(configs, 'scm_ip_security_restrictions_use_main', bool(use_same_restrictions_for_scm_site)) use_main = _generic_site_operation( cmd.cli_ctx, resource_group_name, name, 'update_configuration', slot, configs).scm_ip_security_restrictions_use_main use_main_json = {"scmIpSecurityRestrictionsUseMain": use_main} return use_main_json
def remove_webapp_access_restriction(cmd, resource_group_name, name, rule_name=None, action='Allow', ip_address=None, subnet=None, vnet_name=None, scm_site=False, slot=None): configs = get_site_configs(cmd, resource_group_name, name, slot) rule_instance = None # get rules list access_rules = configs.scm_ip_security_restrictions if scm_site else configs.ip_security_restrictions for rule in list(access_rules): if rule_name: if rule.name and rule.name.lower() == rule_name.lower( ) and rule.action == action: rule_instance = rule break elif ip_address: if rule.ip_address == ip_address and rule.action == action: if rule_name and rule.name and rule.name.lower( ) != rule_name.lower(): continue rule_instance = rule break elif subnet: subnet_id = _validate_subnet(cmd.cli_ctx, subnet, vnet_name, resource_group_name) if rule.vnet_subnet_resource_id == subnet_id and rule.action == action: if rule_name and rule.name and rule.name.lower( ) != rule_name.lower(): continue rule_instance = rule break if rule_instance is None: raise CLIError( 'No rule found with the specified criteria. ' 'If you are trying to remove a Deny rule, you must explicitly specify --action Deny' ) access_rules.remove(rule_instance) result = _generic_site_operation(cmd.cli_ctx, resource_group_name, name, 'update_configuration', slot, configs) return result.scm_ip_security_restrictions if scm_site else result.ip_security_restrictions
def remove_webapp_access_restriction(cmd, resource_group_name, name, rule_name, scm_site=False, slot=None): configs = get_site_configs(cmd, resource_group_name, name, slot) rule_instance = None # get rules list access_rules = configs.scm_ip_security_restrictions if scm_site else configs.ip_security_restrictions for rule in list(access_rules): if rule.name.lower() == rule_name.lower(): rule_instance = rule break if rule_instance is not None: access_rules.remove(rule_instance) result = _generic_site_operation(cmd.cli_ctx, resource_group_name, name, 'update_configuration', slot, configs) return result.scm_ip_security_restrictions if scm_site else result.ip_security_restrictions
def add_webapp_access_restriction(cmd, resource_group_name, name, rule_name, priority, action='Allow', ip_address=None, subnet=None, vnet_name=None, description=None, scm_site=False, ignore_missing_vnet_service_endpoint=False, slot=None): configs = get_site_configs(cmd, resource_group_name, name, slot) # get rules list access_rules = configs.scm_ip_security_restrictions if scm_site else configs.ip_security_restrictions # check for null access_rules = access_rules or [] rule_instance = None if subnet or vnet_name: subnet_id = _validate_subnet(cmd.cli_ctx, subnet, vnet_name, resource_group_name) if not ignore_missing_vnet_service_endpoint: _ensure_subnet_service_endpoint(cmd.cli_ctx, subnet_id) for rule in list(access_rules): if rule.vnet_subnet_resource_id: if rule.action.lower() == action.lower( ) and rule.vnet_subnet_resource_id.lower() == subnet_id.lower( ): rule_instance = rule break if rule_instance: rule_instance.name = rule_name rule_instance.priority = priority rule_instance.description = description if description else rule_instance.description else: rule_instance = IpSecurityRestriction( name=rule_name, vnet_subnet_resource_id=subnet_id, priority=priority, action=action, tag='Default', description=description) access_rules.append(rule_instance) if ip_address: for rule in list(access_rules): if rule.ip_address: if rule.action.lower() == action.lower( ) and rule.ip_address.lower() == ip_address.lower(): rule_instance = rule break if rule_instance: rule_instance.name = rule_name rule_instance.priority = priority rule_instance.description = description or rule_instance.description else: rule_instance = IpSecurityRestriction(name=rule_name, ip_address=ip_address, priority=priority, action=action, tag='Default', description=description) access_rules.append(rule_instance) result = _generic_site_operation(cmd.cli_ctx, resource_group_name, name, 'update_configuration', slot, configs) return result.scm_ip_security_restrictions if scm_site else result.ip_security_restrictions