def create_github_service_endpoint(name,
github_url,
organization=None,
project=None,
detect=None):
""" Create a GitHub service endpoint.
:param name: Name of service endpoint to create
:type name: str
:param github_url: Url for github for creating service endpoint
:type github_url: str
:rtype: :class:`ServiceEndpoint <service_endpoint.v4_1.models.ServiceEndpoint>`
"""
organization, project = resolve_instance_and_project(
detect=detect, organization=organization, project=project)
client = get_service_endpoint_client(organization)
if AZ_DEVOPS_GITHUB_PAT_ENVKEY not in os.environ:
error_message = 'Please pass GitHub access token in ' + AZ_DEVOPS_GITHUB_PAT_ENVKEY +\
' environment variable in non-interactive mode.'
verify_is_a_tty_or_raise_error(error_message)
github_access_token = prompt_pass('GitHub access token:', confirm=True)
else:
logger.debug('Picking GitHub PAT from environment variable')
github_access_token = os.environ[AZ_DEVOPS_GITHUB_PAT_ENVKEY]
service_endpoint_authorization = EndpointAuthorization(
parameters={'accessToken': github_access_token},
scheme=SERVICE_ENDPOINT_AUTHORIZATION_PERSONAL_ACCESS_TOKEN)
service_endpoint_to_create = ServiceEndpoint(
authorization=service_endpoint_authorization,
name=name,
type=SERVICE_ENDPOINT_TYPE_GITHUB,
url=github_url)
return client.create_service_endpoint(service_endpoint_to_create, project)
def _prompt_for_prop_input(prop_name, prop_type):
verify_is_a_tty_or_raise_error('The template requires a few inputs. These cannot be provided as in command '
'arguments. It can only be input interatively.')
val = prompt(msg='Please enter a value for {prop_name}: '.format(prop_name=prop_name),
help_string='Value of type {prop_type} is required.'.format(prop_type=prop_type))
print('')
return val
def _get_value_from_env_or_stdin(var_name):
env_var_name = AZ_DEVOPS_PIPELINES_VARIABLES_KEY_PREFIX + var_name
logger.debug('Checking for variable %s in environment variable %s', var_name, env_var_name)
import os
value = os.getenv(env_var_name, None)
logger.debug('Value of Variable %s in environment variable is found %s', var_name, value is not None)
if not value:
verify_is_a_tty_or_raise_error(
'For non-interactive consoles set environment variable {}, or pipe the value of variable into the command.'
.format(env_var_name))
value = prompt_pass(msg=var_name + ': ')
return value
def create_import_request(git_source_url, project=None, repository=None,
requires_authorization=False,
user_name=None,
git_service_endpoint_id=None,
organization=None, detect=None):
"""Create a git import request
:param repository: Name or ID of the repository to create the import request in.
:type repository: str
:param git_source_url: Url of the source git repository.
:type git_source_url: str
:param requires_authorization: Flag to tell if source git repository is private.
:type requires_authorization: bool
:param user_name: User name in case source git repository is private.
:type user_name: str
:param git_service_endpoint_id: Service Endpoint for connection to external endpoint.
:type git_service_endpoint_id: str
"""
organization, project, repository = resolve_instance_project_and_repo(
detect=detect,
organization=organization,
project=project,
repo=repository,
repo_required=True)
delete_se_after_import = False
password = None
import random
import string
import os
if requires_authorization and git_service_endpoint_id is None:
delete_se_after_import = True
if GIT_SOURCE_PASSWORD_OR_PAT in os.environ:
password = os.environ[GIT_SOURCE_PASSWORD_OR_PAT]
else:
error_message = 'Please specify target git password / PAT in ' + GIT_SOURCE_PASSWORD_OR_PAT +\
' environment variable in non-interactive mode.'
verify_is_a_tty_or_raise_error(error_message)
password = prompt_pass('Git Password / PAT:', confirm=True)
service_endpoint_authorization = EndpointAuthorization(
parameters={'password': password, 'username': user_name},
scheme='UsernamePassword')
service_endpoint_to_create = ServiceEndpoint(
authorization=service_endpoint_authorization,
name=''.join(random.choice(string.ascii_uppercase + string.digits) for _ in range(10)),
type='git',
url=git_source_url)
client = get_service_endpoint_client(organization)
se_created = client.create_service_endpoint(service_endpoint_to_create, project)
git_service_endpoint_id = se_created.id
client = get_git_client(organization)
gitImportGitSource = GitImportGitSource(overwrite=False, url=git_source_url)
gitImportRequestParameter = GitImportRequestParameters(
delete_service_endpoint_after_import_is_done=delete_se_after_import,
git_source=gitImportGitSource,
service_endpoint_id=git_service_endpoint_id,
tfvc_source=None)
gitImportRequest = GitImportRequest(parameters=gitImportRequestParameter)
importRequest = client.create_import_request(import_request=gitImportRequest, project=project,
repository_id=repository)
return _wait_for_import_request(client, project, repository, importRequest.import_request_id)
def create_service_endpoint(service_endpoint_type,
authorization_scheme,
name,
github_url=None,
azure_rm_tenant_id=None,
azure_rm_service_principal_id=None,
azure_rm_subscription_id=None,
azure_rm_subscription_name=None,
organization=None,
project=None,
detect=None):
""" (PREVIEW) Create a service endpoint
:param service_endpoint_type: Type of service endpoint
:type service_endpoint_type: str
:param name: Name of service endpoint to create
:type name: str
:param authorization_scheme: Authorization to be used in service endpoint creation
Github service endpoint supports PersonalAccessToken
AzureRm service endpoint supports ServicePrincipal
:type authorization_scheme: str
:param github_url: Url for github for creating service endpoint
:type github_url: str
:param azure_rm_tenant_id: tenant id for creating azure rm service endpoint
:type azure_rm_tenant_id: str
:param azure_rm_service_principal_id: service principal id for creating azure rm service endpoint
:type azure_rm_service_principal_id: str
:param azure_rm_subscription_id: subscription id for azure rm service endpoint
:type azure_rm_subscription_id: str
:param azure_rm_subscription_name: name of azure subscription for azure rm service endpoint
:type azure_rm_subscription_name: str
:rtype: :class:`ServiceEndpoint <service_endpoint.v4_1.models.ServiceEndpoint>`
"""
organization, project = resolve_instance_and_project(
detect=detect, organization=organization, project=project)
client = get_service_endpoint_client(organization)
if (service_endpoint_type == SERVICE_ENDPOINT_TYPE_GITHUB
and authorization_scheme
== SERVICE_ENDPOINT_AUTHORIZATION_PERSONAL_ACCESS_TOKEN):
if AZ_DEVOPS_GITHUB_PAT_ENVKEY not in os.environ:
error_message = 'Please pass GitHub access token in ' + AZ_DEVOPS_GITHUB_PAT_ENVKEY +\
' environment variable in non-interactive mode.'
verify_is_a_tty_or_raise_error(error_message)
github_access_token = prompt_pass('GitHub access token:',
confirm=True)
else:
github_access_token = os.environ[AZ_DEVOPS_GITHUB_PAT_ENVKEY]
service_endpoint_authorization = EndpointAuthorization(
parameters={'accessToken': github_access_token},
scheme=SERVICE_ENDPOINT_AUTHORIZATION_PERSONAL_ACCESS_TOKEN)
service_endpoint_to_create = ServiceEndpoint(
authorization=service_endpoint_authorization,
name=name,
type=SERVICE_ENDPOINT_TYPE_GITHUB,
url=github_url)
return client.create_service_endpoint(service_endpoint_to_create,
project)
if (service_endpoint_type == SERVICE_ENDPOINT_TYPE_AZURE_RM
and authorization_scheme
== SERVICE_ENDPOINT_AUTHORIZATION_SERVICE_PRINCIPAL):
AZURE_RM_SP_KEY_END_VARIABLE_NAME = CLI_ENV_VARIABLE_PREFIX + 'AZURE_RM_SERVICE_PRINCIPAL_KEY'
if AZURE_RM_SP_KEY_END_VARIABLE_NAME not in os.environ:
error_message = 'Please specify azure service principal key in ' + AZURE_RM_SP_KEY_END_VARIABLE_NAME +\
' environment variable in non-interactive mode.'
verify_is_a_tty_or_raise_error(error_message)
azure_rm_service_principal_key = prompt_pass(
'Azure RM service principal key:', confirm=True)
else:
azure_rm_service_principal_key = os.environ[
AZURE_RM_SP_KEY_END_VARIABLE_NAME]
service_endpoint_authorization = EndpointAuthorization(
parameters={
'tenantid': azure_rm_tenant_id,
'serviceprincipalid': azure_rm_service_principal_id,
'authenticationType': 'spnKey',
'serviceprincipalkey': azure_rm_service_principal_key
},
scheme=SERVICE_ENDPOINT_AUTHORIZATION_SERVICE_PRINCIPAL)
service_endpoint_data = {
'subscriptionId': azure_rm_subscription_id,
'subscriptionName': azure_rm_subscription_name,
'environment': 'AzureCloud',
'creationMode': 'Manual'
}
service_endpoint_to_create = ServiceEndpoint(
authorization=service_endpoint_authorization,
data=service_endpoint_data,
name=name,
type=SERVICE_ENDPOINT_TYPE_AZURE_RM,
url='https://management.azure.com/')
return client.create_service_endpoint(service_endpoint_to_create,
project)
raise CLIError(
'This combination of endpoint type is not supported with this authorization scheme.'
)
def create_azurerm_service_endpoint(
name,
azure_rm_tenant_id,
azure_rm_service_principal_id,
azure_rm_subscription_id,
azure_rm_subscription_name,
azure_rm_service_principal_certificate_path=None,
organization=None,
project=None,
detect=None):
""" Create an Azure RM type service endpoint.
:param name: Name of service endpoint to create
:type name: str
:param azure_rm_tenant_id: tenant id for creating azure rm service endpoint
:type azure_rm_tenant_id: str
:param azure_rm_service_principal_id: service principal id for creating azure rm service endpoint
:type azure_rm_service_principal_id: str
:param azure_rm_subscription_id: subscription id for azure rm service endpoint
:type azure_rm_subscription_id: str
:param azure_rm_service_principal_certificate_path: Path to (.pem) which is certificate.
Create using command "openssl pkcs12 -in file.pfx -out file.pem -nodes -password pass:<password_here>".
More details : https://aka.ms/azure-devops-cli-service-endpoint
:type azure_rm_service_principal_certificate_path: str
:param azure_rm_subscription_name: name of azure subscription for azure rm service endpoint
:type azure_rm_subscription_name: str
:rtype: :class:`ServiceEndpoint <service_endpoint.v4_1.models.ServiceEndpoint>`
"""
organization, project = resolve_instance_and_project(
detect=detect, organization=organization, project=project)
client = get_service_endpoint_client(organization)
service_endpoint_authorization = EndpointAuthorization(
parameters={
'tenantid': azure_rm_tenant_id,
'serviceprincipalid': azure_rm_service_principal_id
},
scheme=SERVICE_ENDPOINT_AUTHORIZATION_SERVICE_PRINCIPAL)
if azure_rm_service_principal_certificate_path is None:
AZURE_RM_SP_KEY_END_VARIABLE_NAME = CLI_ENV_VARIABLE_PREFIX + 'AZURE_RM_SERVICE_PRINCIPAL_KEY'
if AZURE_RM_SP_KEY_END_VARIABLE_NAME not in os.environ:
error_message = 'Please specify azure service principal key in ' + AZURE_RM_SP_KEY_END_VARIABLE_NAME +\
' environment variable in non-interactive mode or use ' +\
'--azure-rm-service-principal-certificate-path.'
verify_is_a_tty_or_raise_error(error_message)
azure_rm_service_principal_key = prompt_pass(
'Azure RM service principal key:', confirm=True)
else:
logger.debug(
'Picking Azure RM principal key from environment variable')
azure_rm_service_principal_key = os.environ[
AZURE_RM_SP_KEY_END_VARIABLE_NAME]
service_endpoint_authorization.parameters[
'authenticationType'] = 'spnKey'
service_endpoint_authorization.parameters[
'serviceprincipalkey'] = azure_rm_service_principal_key
else:
with open(azure_rm_service_principal_certificate_path, "r") as f:
service_endpoint_authorization.parameters[
'authenticationType'] = 'spnCertificate'
service_endpoint_authorization.parameters[
'servicePrincipalCertificate'] = f.read()
service_endpoint_data = {
'subscriptionId': azure_rm_subscription_id,
'subscriptionName': azure_rm_subscription_name,
'environment': 'AzureCloud',
'creationMode': 'Manual'
}
service_endpoint_to_create = ServiceEndpoint(
authorization=service_endpoint_authorization,
data=service_endpoint_data,
name=name,
type=SERVICE_ENDPOINT_TYPE_AZURE_RM,
url='https://management.azure.com/')
return client.create_service_endpoint(service_endpoint_to_create, project)