RubyGems - azure-credentials - Versions diffs - 0.1.3 → 0.1.4 - Mend

azure-credentials 0.1.3 → 0.1.4

Files changed (7) hide show

checksums.yaml +5 -5
data/CHANGELOG.md +14 -6
data/LICENSE +14 -14
data/README.md +204 -204
data/bin/azure-credentials +1 -0
data/lib/azure/utility/credentials.rb +49 -46
metadata +5 -45

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 043fe11054aecc92ceba59808f4850cfb4eb0c88
-  data.tar.gz: a95b3cb97fa7c124a142cade63d5e8bf90616ea6
+SHA256:
+  metadata.gz: 41054f1415829e4fd56cac250fe8d16c273eca28a1b223fe5803d3a9f14f3356
+  data.tar.gz: 986b378c95b3fbfd7cfdad139f8c10df9c95fa12ca3eff87f65d061f8fce9982
 SHA512:
-  metadata.gz: 0457229e97bd923d5fe1ce9a6e575d12a2e94a86f086e3ce50506598ce1dbd3344ed2ba578634b07b0489f590667142e4ed3d99fb4c970023f6f3e3a93be71a0
-  data.tar.gz: 63d6ace23649ac547da91ce7d496f4d12235e0d9184f4ce43b6bb084fca9e18c7fb218114a41b7673df15caadcefb8aef0ea78690586f88aa8b9da2a62292ba2
+  metadata.gz: beabe69bbf92b11a2a5189ddf09678f95f312dbce07c8208b3baba8c8474bd7845b8cdf81d83debfeae94eabde2c51bb3987fe3f7f3b3c89c2f9527eb8f5f6a0
+  data.tar.gz: e327fcd93169b5b047150397fe8f295cfd74ff7d37113bc4f62a8ba7671790b9f65f96ec88b2ef37df4babd3d7ceaac617688c7bbaf04152c695e65697d88698

data/CHANGELOG.md CHANGED

@@ -1,6 +1,14 @@
-#azure-credentials changelog
-##v0.1.3 (2016-08-16)
-- Upgrading dependencies (@stuartpreston)
-##v0.1.1 (2016-03-31)
-- Adding debug to authentication HTTP requests (@stuartpreston)
+# azure-credentials changelog
+## v0.1.4 (2018-09-28)
+- Adding bundler configuration, fix style issues (@stuartpreston)
+- Require io/console module to avoid login failures (@blackknight36)
+## v0.1.3 (2016-08-16)
+- Upgrading dependencies (@stuartpreston)
+## v0.1.1 (2016-03-31)
+- Adding debug to authentication HTTP requests (@stuartpreston)

data/LICENSE CHANGED

@@ -1,14 +1,14 @@
-   Copyright 2016 Pendrica Ltd
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-       http://www.apache.org/licenses/LICENSE-2.0
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.
+   Copyright 2016 Pendrica Ltd
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+       http://www.apache.org/licenses/LICENSE-2.0
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

data/README.md CHANGED

@@ -1,204 +1,204 @@
-# azure-credentials
-A tool to provide assistance for those struggling to create Applications, Service Principals and perform Role Assignments in Azure Resource Manager.
-Generate your credentials file/helper for Chef, Puppet, Terraform and others!
-## Background
-Automated access to Azure Resource Manager usually requires PowerShell or the Azure-CLI and to follow the (many) manual steps in [create and authenticate a service principal](https://azure.microsoft.com/en-us/documentation/articles/resource-group-authenticate-service-principal/#authenticate-service-principal-with-password---azure-cli) to allow you to eventually retrieve 4 pieces of information:
-1. **Subscription ID**
-2. **Client ID**
-3. **Client Secret/Password**
-4. **Tenant ID**
-... you then use this information to configure your provisioning system. This tool (created in Ruby) requires only the credentials of the user with global administrator privilege and does the rest of the work for you, making it easier and quicker to get started with the various provisioning and testing toolsets out there.
-## Installation
-The tool is distributed as a [Ruby Gem](https://rubygems.org/gems/azure-credentials).  To install it, run:
-```gem install azure-credentials```
-## Usage
-```
-Usage: azure-credentials (options)
-    -l, --log_level LEVEL            Set the log level (debug, info, warn, error, fatal)
-    -v, --verbose                    Display the credentials in STDOUT after creation? (warning: will contain secrets)
-    -o, --output FILENAME            Enter the filename to save the credentials to
-    -p, --password PASSWORD          Enter the password for the Azure AD user
-    -r, --role ROLENAME              Enter the built-in Azure role to add the service principal to on your subscription (default: Contributor)
-    -s, --subscription ID            Enter the Subscription ID to work against (default: process all subscriptions within the Azure tenant)
-    -t, --type OUTPUTTYPE            Set the output type (default: chef)
-    -u, --username USERNAME          Enter the username (must be an Azure AD user)
-    -h, --help                       Show this message
-```
-## Default behaviour
-By default (providing no options), the utility will prompt for your Azure AD username and password interactively, connect to Azure, retrieve details of all the subscriptions in your tenant, create an Application/Service Principal for each subscription then create you a credentials file with the relevant details that you can start to use with other tools immediately.
-### Example output *(nb: ```chef exec``` typically is only required on Windows systems with ChefDK and no Ruby in their system path)*
-```
-PS C:\Users\StuartPreston\azure-credentials> chef exec azure-credentials
-Enter your Azure AD username (user@domain.com): stuart@pendrica.com
-Enter your password:
-INFO [2016-03-28 15:29:37] Authenticating to Azure Active Directory
-INFO [2016-03-28 15:29:39] Retrieving tenant info
-INFO [2016-03-28 15:29:40] Retrieving subscriptions info
-INFO [2016-03-28 15:29:41] Creating application azure_6b3a_b6e7eee9-e4cd-41ae-8432-03ab624df016 in tenant 9c117323-1f20-444d-82a9-9ee430723ba3
-INFO [2016-03-28 15:29:41] Creating service principal for application
-INFO [2016-03-28 15:29:43] Waiting for service principal to be available in directory (retry 1)
-INFO [2016-03-28 15:29:45] Attempting to assign service principal to role
-INFO [2016-03-28 15:29:45] Waiting for service principal to be available in directory (retry 2)
-INFO [2016-03-28 15:29:47] Attempting to assign service principal to role
-INFO [2016-03-28 15:29:48] Waiting for service principal to be available in directory (retry 3)
-INFO [2016-03-28 15:29:50] Attempting to assign service principal to role
-INFO [2016-03-28 15:29:52] Assigned service principal to role Contributor in subscription b6e7eee9-e4cd-41ae-8432-03ab624df016
-INFO [2016-03-28 15:29:52] Creating application azure_6b3a_bcf669fc-98b4-4e51-8ab0-e2d1f9f4b1c3 in tenant 9c117323-1f20-444d-82a9-9ee430723ba3
-INFO [2016-03-28 15:29:53] Creating service principal for application
-INFO [2016-03-28 15:29:54] Waiting for service principal to be available in directory (retry 1)
-INFO [2016-03-28 15:29:56] Attempting to assign service principal to role
-INFO [2016-03-28 15:29:56] Waiting for service principal to be available in directory (retry 2)
-INFO [2016-03-28 15:29:58] Attempting to assign service principal to role
-INFO [2016-03-28 15:29:58] Waiting for service principal to be available in directory (retry 3)
-INFO [2016-03-28 15:30:00] Attempting to assign service principal to role
-INFO [2016-03-28 15:30:04] Assigned service principal to role Contributor in subscription bcf669fc-98b4-4e51-8ab0-e2d1f9f4b1c3
-INFO [2016-03-28 15:30:04] Creating credentials file at C:/Users/StuartPreston/azure-credentials/credentials
-INFO [2016-03-28 15:30:04] Done!
-```
-You'll be able to see the output in the created credentials file (don't worry you can change the location using the -o switch)
-```
-PS C:\Users\StuartPreston\azure-credentials> cat ./credentials
-[b6e7eee9-e4cd-41ae-8432-03ab624df016]
-client_id = "5a8758f2-a2b2-4eab-8203-28c0840ccd7f"
-client_secret = "ZSNdI5hQ9toavJNVgRjMjA=="
-tenant_id = "9c117323-1f20-444d-82a9-9ee430723ba3"
-[bcf669fc-98b4-4e51-8ab0-e2d1f9f4b1c3]
-client_id = "2205cbcd-84dc-4b4a-9fcf-4a27d773a56d"
-client_secret = "KboMQ86BvMGR6vO7_fUd1A=="
-tenant_id = "9c117323-1f20-444d-82a9-9ee430723ba3"
-```
-(don't worry these accounts don't exist any more!)
-If you look in the Azure Service Management portal and navigate to Active Directory > [directory name] > Applications (Show: Applications my company owns) you will see Applications created with the **azure_** prefix.  New identifiers are generated each time so there will be no overlap with existing accounts:
-![config](images/configuration_asm.png)
-You will also see the role assignment when looking in the Azure Resource Manager portal > Subscriptions, selecting one and viewing the users:
-![config](images/configuration_arm.png)
-## Some more advanced examples
-### Chef quick config!
-```azure-credentials -u username@domain.onmicrosoft.com -p "yourpassword" -o ~/.azure/credentials```
-### Puppet-style output (note ```-v``` displays the file on screen after creation)
-```azure-credentials -u username@domain.onmicrosoft.com -p "yourpassword" -o ./azure.conf -t puppet -v ```
-```
-PS C:\Users\StuartPreston\azure-credentials> chef exec azure-credentials -u stuart@pendrica.com -p "mypassword" -o ./azure.conf -t puppet -v
-INFO [2016-03-28 16:01:58] Authenticating to Azure Active Directory
-INFO [2016-03-28 16:02:00] Retrieving tenant info
-INFO [2016-03-28 16:02:01] Retrieving subscriptions info
-INFO [2016-03-28 16:02:01] Creating application azure_5291_b6e7eee9-e4cd-41ae-8432-03ab624df016 in tenant 9c117323-1f20-444d-82a9-9ee430723ba3
-INFO [2016-03-28 16:02:02] Creating service principal for application
-INFO [2016-03-28 16:02:03] Waiting for service principal to be available in directory (retry 1)
-INFO [2016-03-28 16:02:05] Attempting to assign service principal to role
-INFO [2016-03-28 16:02:05] Waiting for service principal to be available in directory (retry 2)
-INFO [2016-03-28 16:02:07] Attempting to assign service principal to role
-INFO [2016-03-28 16:02:08] Waiting for service principal to be available in directory (retry 3)
-INFO [2016-03-28 16:02:10] Attempting to assign service principal to role
-INFO [2016-03-28 16:02:10] Waiting for service principal to be available in directory (retry 4)
-INFO [2016-03-28 16:02:12] Attempting to assign service principal to role
-INFO [2016-03-28 16:02:16] Assigned service principal to role Contributor in subscription b6e7eee9-e4cd-41ae-8432-03ab624df016
-INFO [2016-03-28 16:02:16] Creating application azure_5291_bcf669fc-98b4-4e51-8ab0-e2d1f9f4b1c3 in tenant 9c117323-1f20-444d-82a9-9ee430723ba3
-INFO [2016-03-28 16:02:17] Creating service principal for application
-INFO [2016-03-28 16:02:17] Waiting for service principal to be available in directory (retry 1)
-INFO [2016-03-28 16:02:19] Attempting to assign service principal to role
-INFO [2016-03-28 16:02:20] Waiting for service principal to be available in directory (retry 2)
-INFO [2016-03-28 16:02:22] Attempting to assign service principal to role
-INFO [2016-03-28 16:02:22] Waiting for service principal to be available in directory (retry 3)
-INFO [2016-03-28 16:02:24] Attempting to assign service principal to role
-INFO [2016-03-28 16:02:26] Assigned service principal to role Contributor in subscription bcf669fc-98b4-4e51-8ab0-e2d1f9f4b1c3
-INFO [2016-03-28 16:02:26] Creating credentials file at C:/Users/StuartPreston/azure-credentials/azure.conf
-azure: {
- subscription_id: "b6e7eee9-e4cd-41ae-8432-03ab624df016"
- tenant_id: "9c117323-1f20-444d-82a9-9ee430723ba3"
- client_id: "8dfab0fc-65c5-46d0-be1d-d5d301b3cbc9"
- client_secret: "m_nh57rEZpGe5GFL8-Iceg=="
-}
-azure: {
- subscription_id: "bcf669fc-98b4-4e51-8ab0-e2d1f9f4b1c3"
- tenant_id: "9c117323-1f20-444d-82a9-9ee430723ba3"
- client_id: "951eab1c-7e77-4931-bb68-15ca2d05e69e"
- client_secret: "vzl0haDXU51OukanIiRwJQ=="
-}
-INFO [2016-03-28 16:02:26] Done!
-```
-### Terraform-style output (note ```-v``` displays the file on screen after creation)
-```azure-credentials -u username@domain.onmicrosoft.com -p "yourpassword" -o ./tf.creds -t terraform -v ```
-```
-PS C:\Users\StuartPreston\azure-credentials> chef exec azure-credentials -u stuart@pendrica.com -p "mypassword" -o ./tf.creds -t terraform -v
-INFO [2016-03-28 16:04:32] Authenticating to Azure Active Directory
-INFO [2016-03-28 16:04:34] Retrieving tenant info
-INFO [2016-03-28 16:04:34] Retrieving subscriptions info
-INFO [2016-03-28 16:04:34] Creating application azure_c346_b6e7eee9-e4cd-41ae-8432-03ab624df016 in tenant 9c117323-1f20-444d-82a9-9ee430723ba3
-INFO [2016-03-28 16:04:35] Creating service principal for application
-INFO [2016-03-28 16:04:36] Waiting for service principal to be available in directory (retry 1)
-INFO [2016-03-28 16:04:38] Attempting to assign service principal to role
-INFO [2016-03-28 16:04:42] Assigned service principal to role Contributor in subscription b6e7eee9-e4cd-41ae-8432-03ab624df016
-INFO [2016-03-28 16:04:42] Creating application azure_c346_bcf669fc-98b4-4e51-8ab0-e2d1f9f4b1c3 in tenant 9c117323-1f20-444d-82a9-9ee430723ba3
-INFO [2016-03-28 16:04:42] Creating service principal for application
-INFO [2016-03-28 16:04:43] Waiting for service principal to be available in directory (retry 1)
-INFO [2016-03-28 16:04:45] Attempting to assign service principal to role
-INFO [2016-03-28 16:04:45] Waiting for service principal to be available in directory (retry 2)
-INFO [2016-03-28 16:04:47] Attempting to assign service principal to role
-INFO [2016-03-28 16:04:52] Assigned service principal to role Contributor in subscription bcf669fc-98b4-4e51-8ab0-e2d1f9f4b1c3
-INFO [2016-03-28 16:04:52] Creating credentials file at C:/Users/StuartPreston/azure-credentials/tf.creds
-provider "azurerm" {
-  subscription_id = "b6e7eee9-e4cd-41ae-8432-03ab624df016"
-  client_id       = "8a5b76c7-721f-4710-b491-8d657c9a7497"
-  client_secret   = "rGRLfflNSFo7O4t2vBU7pg=="
-  tenant_id       = "9c117323-1f20-444d-82a9-9ee430723ba3"
-}
-provider "azurerm" {
-  subscription_id = "bcf669fc-98b4-4e51-8ab0-e2d1f9f4b1c3"
-  client_id       = "0af58eee-25ce-467a-8e7c-05a35783385f"
-  client_secret   = "UvB-HJPoiOpujufeJjp5Ag=="
-  tenant_id       = "9c117323-1f20-444d-82a9-9ee430723ba3"
-}
-INFO [2016-03-28 16:04:52] Done!
-```
-## Not supported
-1. Currently this tool does not support certificate-based authentication.
-2. This tool will not work if MFA (multi-factor authentication) is set to **required** for administration of the Azure Active Directory domain.
-3. This tool does not work if you sign in with an ADFS-federated account.
-## Contributing
-I'm sure many improvements can be made to this tool! Contributions to the project are welcome via submitting Pull Requests.
-1. Fork it ( https://github.com/pendrica/azure-credentials/fork )
-2. Create your feature branch (`git checkout -b my-new-feature`)
-3. Commit your changes (`git commit -am 'Add some feature'`)
-4. Push to the branch (`git push origin my-new-feature`)
-5. Create a new Pull Request
+# azure-credentials
+A tool to provide assistance for those struggling to create Applications, Service Principals and perform Role Assignments in Azure Resource Manager.
+Generate your credentials file/helper for Chef, Puppet, Terraform and others!
+## Background
+Automated access to Azure Resource Manager usually requires PowerShell or the Azure-CLI and to follow the (many) manual steps in [create and authenticate a service principal](https://azure.microsoft.com/en-us/documentation/articles/resource-group-authenticate-service-principal/#authenticate-service-principal-with-password---azure-cli) to allow you to eventually retrieve 4 pieces of information:
+1. **Subscription ID**
+2. **Client ID**
+3. **Client Secret/Password**
+4. **Tenant ID**
+... you then use this information to configure your provisioning system. This tool (created in Ruby) requires only the credentials of the user with global administrator privilege and does the rest of the work for you, making it easier and quicker to get started with the various provisioning and testing toolsets out there.
+## Installation
+The tool is distributed as a [Ruby Gem](https://rubygems.org/gems/azure-credentials).  To install it, run:
+```gem install azure-credentials```
+## Usage
+```
+Usage: azure-credentials (options)
+    -l, --log_level LEVEL            Set the log level (debug, info, warn, error, fatal)
+    -v, --verbose                    Display the credentials in STDOUT after creation? (warning: will contain secrets)
+    -o, --output FILENAME            Enter the filename to save the credentials to
+    -p, --password PASSWORD          Enter the password for the Azure AD user
+    -r, --role ROLENAME              Enter the built-in Azure role to add the service principal to on your subscription (default: Contributor)
+    -s, --subscription ID            Enter the Subscription ID to work against (default: process all subscriptions within the Azure tenant)
+    -t, --type OUTPUTTYPE            Set the output type (default: chef)
+    -u, --username USERNAME          Enter the username (must be an Azure AD user)
+    -h, --help                       Show this message
+```
+## Default behaviour
+By default (providing no options), the utility will prompt for your Azure AD username and password interactively, connect to Azure, retrieve details of all the subscriptions in your tenant, create an Application/Service Principal for each subscription then create you a credentials file with the relevant details that you can start to use with other tools immediately.
+### Example output *(nb: ```chef exec``` typically is only required on Windows systems with ChefDK and no Ruby in their system path)*
+```
+PS C:\Users\StuartPreston\azure-credentials> chef exec azure-credentials
+Enter your Azure AD username (user@domain.com): stuart@pendrica.com
+Enter your password:
+INFO [2016-03-28 15:29:37] Authenticating to Azure Active Directory
+INFO [2016-03-28 15:29:39] Retrieving tenant info
+INFO [2016-03-28 15:29:40] Retrieving subscriptions info
+INFO [2016-03-28 15:29:41] Creating application azure_6b3a_b6e7eee9-e4cd-41ae-8432-03ab624df016 in tenant 9c117323-1f20-444d-82a9-9ee430723ba3
+INFO [2016-03-28 15:29:41] Creating service principal for application
+INFO [2016-03-28 15:29:43] Waiting for service principal to be available in directory (retry 1)
+INFO [2016-03-28 15:29:45] Attempting to assign service principal to role
+INFO [2016-03-28 15:29:45] Waiting for service principal to be available in directory (retry 2)
+INFO [2016-03-28 15:29:47] Attempting to assign service principal to role
+INFO [2016-03-28 15:29:48] Waiting for service principal to be available in directory (retry 3)
+INFO [2016-03-28 15:29:50] Attempting to assign service principal to role
+INFO [2016-03-28 15:29:52] Assigned service principal to role Contributor in subscription b6e7eee9-e4cd-41ae-8432-03ab624df016
+INFO [2016-03-28 15:29:52] Creating application azure_6b3a_bcf669fc-98b4-4e51-8ab0-e2d1f9f4b1c3 in tenant 9c117323-1f20-444d-82a9-9ee430723ba3
+INFO [2016-03-28 15:29:53] Creating service principal for application
+INFO [2016-03-28 15:29:54] Waiting for service principal to be available in directory (retry 1)
+INFO [2016-03-28 15:29:56] Attempting to assign service principal to role
+INFO [2016-03-28 15:29:56] Waiting for service principal to be available in directory (retry 2)
+INFO [2016-03-28 15:29:58] Attempting to assign service principal to role
+INFO [2016-03-28 15:29:58] Waiting for service principal to be available in directory (retry 3)
+INFO [2016-03-28 15:30:00] Attempting to assign service principal to role
+INFO [2016-03-28 15:30:04] Assigned service principal to role Contributor in subscription bcf669fc-98b4-4e51-8ab0-e2d1f9f4b1c3
+INFO [2016-03-28 15:30:04] Creating credentials file at C:/Users/StuartPreston/azure-credentials/credentials
+INFO [2016-03-28 15:30:04] Done!
+```
+You'll be able to see the output in the created credentials file (don't worry you can change the location using the -o switch)
+```
+PS C:\Users\StuartPreston\azure-credentials> cat ./credentials
+[b6e7eee9-e4cd-41ae-8432-03ab624df016]
+client_id = "5a8758f2-a2b2-4eab-8203-28c0840ccd7f"
+client_secret = "ZSNdI5hQ9toavJNVgRjMjA=="
+tenant_id = "9c117323-1f20-444d-82a9-9ee430723ba3"
+[bcf669fc-98b4-4e51-8ab0-e2d1f9f4b1c3]
+client_id = "2205cbcd-84dc-4b4a-9fcf-4a27d773a56d"
+client_secret = "KboMQ86BvMGR6vO7_fUd1A=="
+tenant_id = "9c117323-1f20-444d-82a9-9ee430723ba3"
+```
+(don't worry these accounts don't exist any more!)
+If you look in the Azure Service Management portal and navigate to Active Directory > [directory name] > Applications (Show: Applications my company owns) you will see Applications created with the **azure_** prefix.  New identifiers are generated each time so there will be no overlap with existing accounts:
+![config](images/configuration_asm.png)
+You will also see the role assignment when looking in the Azure Resource Manager portal > Subscriptions, selecting one and viewing the users:
+![config](images/configuration_arm.png)
+## Some more advanced examples
+### Chef quick config!
+```azure-credentials -u username@domain.onmicrosoft.com -p "yourpassword" -o ~/.azure/credentials```
+### Puppet-style output (note ```-v``` displays the file on screen after creation)
+```azure-credentials -u username@domain.onmicrosoft.com -p "yourpassword" -o ./azure.conf -t puppet -v ```
+```
+PS C:\Users\StuartPreston\azure-credentials> chef exec azure-credentials -u stuart@pendrica.com -p "mypassword" -o ./azure.conf -t puppet -v
+INFO [2016-03-28 16:01:58] Authenticating to Azure Active Directory
+INFO [2016-03-28 16:02:00] Retrieving tenant info
+INFO [2016-03-28 16:02:01] Retrieving subscriptions info
+INFO [2016-03-28 16:02:01] Creating application azure_5291_b6e7eee9-e4cd-41ae-8432-03ab624df016 in tenant 9c117323-1f20-444d-82a9-9ee430723ba3
+INFO [2016-03-28 16:02:02] Creating service principal for application
+INFO [2016-03-28 16:02:03] Waiting for service principal to be available in directory (retry 1)
+INFO [2016-03-28 16:02:05] Attempting to assign service principal to role
+INFO [2016-03-28 16:02:05] Waiting for service principal to be available in directory (retry 2)
+INFO [2016-03-28 16:02:07] Attempting to assign service principal to role
+INFO [2016-03-28 16:02:08] Waiting for service principal to be available in directory (retry 3)
+INFO [2016-03-28 16:02:10] Attempting to assign service principal to role
+INFO [2016-03-28 16:02:10] Waiting for service principal to be available in directory (retry 4)
+INFO [2016-03-28 16:02:12] Attempting to assign service principal to role
+INFO [2016-03-28 16:02:16] Assigned service principal to role Contributor in subscription b6e7eee9-e4cd-41ae-8432-03ab624df016
+INFO [2016-03-28 16:02:16] Creating application azure_5291_bcf669fc-98b4-4e51-8ab0-e2d1f9f4b1c3 in tenant 9c117323-1f20-444d-82a9-9ee430723ba3
+INFO [2016-03-28 16:02:17] Creating service principal for application
+INFO [2016-03-28 16:02:17] Waiting for service principal to be available in directory (retry 1)
+INFO [2016-03-28 16:02:19] Attempting to assign service principal to role
+INFO [2016-03-28 16:02:20] Waiting for service principal to be available in directory (retry 2)
+INFO [2016-03-28 16:02:22] Attempting to assign service principal to role
+INFO [2016-03-28 16:02:22] Waiting for service principal to be available in directory (retry 3)
+INFO [2016-03-28 16:02:24] Attempting to assign service principal to role
+INFO [2016-03-28 16:02:26] Assigned service principal to role Contributor in subscription bcf669fc-98b4-4e51-8ab0-e2d1f9f4b1c3
+INFO [2016-03-28 16:02:26] Creating credentials file at C:/Users/StuartPreston/azure-credentials/azure.conf
+azure: {
+ subscription_id: "b6e7eee9-e4cd-41ae-8432-03ab624df016"
+ tenant_id: "9c117323-1f20-444d-82a9-9ee430723ba3"
+ client_id: "8dfab0fc-65c5-46d0-be1d-d5d301b3cbc9"
+ client_secret: "m_nh57rEZpGe5GFL8-Iceg=="
+}
+azure: {
+ subscription_id: "bcf669fc-98b4-4e51-8ab0-e2d1f9f4b1c3"
+ tenant_id: "9c117323-1f20-444d-82a9-9ee430723ba3"
+ client_id: "951eab1c-7e77-4931-bb68-15ca2d05e69e"
+ client_secret: "vzl0haDXU51OukanIiRwJQ=="
+}
+INFO [2016-03-28 16:02:26] Done!
+```
+### Terraform-style output (note ```-v``` displays the file on screen after creation)
+```azure-credentials -u username@domain.onmicrosoft.com -p "yourpassword" -o ./tf.creds -t terraform -v ```
+```
+PS C:\Users\StuartPreston\azure-credentials> chef exec azure-credentials -u stuart@pendrica.com -p "mypassword" -o ./tf.creds -t terraform -v
+INFO [2016-03-28 16:04:32] Authenticating to Azure Active Directory
+INFO [2016-03-28 16:04:34] Retrieving tenant info
+INFO [2016-03-28 16:04:34] Retrieving subscriptions info
+INFO [2016-03-28 16:04:34] Creating application azure_c346_b6e7eee9-e4cd-41ae-8432-03ab624df016 in tenant 9c117323-1f20-444d-82a9-9ee430723ba3
+INFO [2016-03-28 16:04:35] Creating service principal for application
+INFO [2016-03-28 16:04:36] Waiting for service principal to be available in directory (retry 1)
+INFO [2016-03-28 16:04:38] Attempting to assign service principal to role
+INFO [2016-03-28 16:04:42] Assigned service principal to role Contributor in subscription b6e7eee9-e4cd-41ae-8432-03ab624df016
+INFO [2016-03-28 16:04:42] Creating application azure_c346_bcf669fc-98b4-4e51-8ab0-e2d1f9f4b1c3 in tenant 9c117323-1f20-444d-82a9-9ee430723ba3
+INFO [2016-03-28 16:04:42] Creating service principal for application
+INFO [2016-03-28 16:04:43] Waiting for service principal to be available in directory (retry 1)
+INFO [2016-03-28 16:04:45] Attempting to assign service principal to role
+INFO [2016-03-28 16:04:45] Waiting for service principal to be available in directory (retry 2)
+INFO [2016-03-28 16:04:47] Attempting to assign service principal to role
+INFO [2016-03-28 16:04:52] Assigned service principal to role Contributor in subscription bcf669fc-98b4-4e51-8ab0-e2d1f9f4b1c3
+INFO [2016-03-28 16:04:52] Creating credentials file at C:/Users/StuartPreston/azure-credentials/tf.creds
+provider "azurerm" {
+  subscription_id = "b6e7eee9-e4cd-41ae-8432-03ab624df016"
+  client_id       = "8a5b76c7-721f-4710-b491-8d657c9a7497"
+  client_secret   = "rGRLfflNSFo7O4t2vBU7pg=="
+  tenant_id       = "9c117323-1f20-444d-82a9-9ee430723ba3"
+}
+provider "azurerm" {
+  subscription_id = "bcf669fc-98b4-4e51-8ab0-e2d1f9f4b1c3"
+  client_id       = "0af58eee-25ce-467a-8e7c-05a35783385f"
+  client_secret   = "UvB-HJPoiOpujufeJjp5Ag=="
+  tenant_id       = "9c117323-1f20-444d-82a9-9ee430723ba3"
+}
+INFO [2016-03-28 16:04:52] Done!
+```
+## Not supported
+1. Currently this tool does not support certificate-based authentication.
+2. This tool will not work if MFA (multi-factor authentication) is set to **required** for administration of the Azure Active Directory domain.
+3. This tool does not work if you sign in with an ADFS-federated account.
+## Contributing
+I'm sure many improvements can be made to this tool! Contributions to the project are welcome via submitting Pull Requests.
+1. Fork it ( https://github.com/pendrica/azure-credentials/fork )
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create a new Pull Request

data/bin/azure-credentials CHANGED

@@ -1,4 +1,5 @@
 #!/usr/bin/env ruby
+# frozen_string_literal: true
 require 'azure/utility/credentials'
 Azure::Utility::Credentials.new

data/lib/azure/utility/credentials.rb CHANGED

@@ -1,3 +1,6 @@
+# frozen_string_literal: true
+require 'io/console'
 require 'net/http'
 require 'uri'
 require 'json'
@@ -37,7 +40,7 @@ module Azure
              short: '-r',
              long: '--role ROLENAME',
              description: 'Enter the built-in Azure role to add the service principal to on your subscription (default: Contributor)',
-             in: %w(Contributor Owner),
+             in: %w[Contributor Owner],
              default: 'Contributor',
              required: false
@@ -45,7 +48,7 @@ module Azure
              short: '-t',
              long: '--type OUTPUTTYPE',
              description: 'Set the output type (default: chef)',
-             in: %w(chef puppet terraform generic),
+             in: %w[chef puppet terraform generic],
              required: false,
              default: 'chef'
@@ -55,7 +58,7 @@ module Azure
              description: 'Set the log level (debug, info, warn, error, fatal)',
              default: :info,
              required: false,
-             in: %w(debug info warn error fatal),
+             in: %w[debug info warn error fatal],
              proc: proc { |l| l.to_sym }
       option :output_file,
@@ -102,15 +105,15 @@ module Azure
       def self.logger_level_for(sym)
         case sym
         when :debug
-          return Logger::DEBUG
+          Logger::DEBUG
         when :info
-          return Logger::INFO
+          Logger::INFO
         when :warn
-          return Logger::WARN
+          Logger::WARN
         when :error
-          return Logger::ERROR
+          Logger::ERROR
         when :fatal
-          return Logger::FATAL
+          Logger::FATAL
         end
       end
     end
@@ -119,8 +122,8 @@ module Azure
     # Credentials
     #
     class Credentials
-      AZURE_SERVICE_PRINCIPAL = '1950a258-227b-4e31-a9cf-717495945fc2'.freeze
-      CONFIG_PATH = "#{ENV['HOME']}/.azure/credentials".freeze
+      AZURE_SERVICE_PRINCIPAL = '1950a258-227b-4e31-a9cf-717495945fc2'
+      CONFIG_PATH = "#{ENV['HOME']}/.azure/credentials"
       def initialize
         cli = Options.new
@@ -163,50 +166,50 @@ module Azure
         case style
         when 'chef' # ref: https://github.com/pendrica/chef-provisioning-azurerm#configuration
           created_credentials.each do |s|
-            subscription_template = <<-EOH
-[#{s[:subscription_id]}]
-client_id = "#{s[:client_id]}"
-client_secret = "#{s[:client_secret]}"
-tenant_id = "#{s[:tenant_id]}"
+            subscription_template = <<~CHEFEOH
+              [#{s[:subscription_id]}]
+              client_id = "#{s[:client_id]}"
+              client_secret = "#{s[:client_secret]}"
+              tenant_id = "#{s[:tenant_id]}"
-            EOH
+            CHEFEOH
             output += subscription_template
           end
         when 'terraform' # ref: https://www.terraform.io/docs/providers/azurerm/index.html
           created_credentials.each do |s|
-            subscription_template = <<-EOH
-provider "azurerm" {
-  subscription_id = "#{s[:subscription_id]}"
-  client_id       = "#{s[:client_id]}"
-  client_secret   = "#{s[:client_secret]}"
-  tenant_id       = "#{s[:tenant_id]}"
-}
-              EOH
+            subscription_template = <<~TFEOH
+              provider "azurerm" {
+                subscription_id = "#{s[:subscription_id]}"
+                client_id       = "#{s[:client_id]}"
+                client_secret   = "#{s[:client_secret]}"
+                tenant_id       = "#{s[:tenant_id]}"
+              }
+            TFEOH
             output += subscription_template
           end
         when 'puppet' # ref: https://github.com/puppetlabs/puppetlabs-azure#installing-the-azure-module
           created_credentials.each do |s|
-            subscription_template = <<-EOH
-azure: {
- subscription_id: "#{s[:subscription_id]}"
- tenant_id: "#{s[:tenant_id]}"
- client_id: "#{s[:client_id]}"
- client_secret: "#{s[:client_secret]}"
-}
-              EOH
+            subscription_template = <<~PPEOH
+              azure: {
+                subscription_id: "#{s[:subscription_id]}"
+                tenant_id: "#{s[:tenant_id]}"
+                client_id: "#{s[:client_id]}"
+                client_secret: "#{s[:client_secret]}"
+              }
+            PPEOH
             output += subscription_template
           end
         else # generic credentials output
           created_credentials.each do |s|
-            subscription_template = <<-EOH
-azure_subscription_id = "#{s[:subscription_id]}"
-azure_tenant_id = "#{s[:tenant_id]}"
-azure_client_id = "#{s[:client_id]}"
-azure_client_secret = "#{s[:client_secret]}"
+            subscription_template = <<~GENERICEOH
+              azure_subscription_id = "#{s[:subscription_id]}"
+              azure_tenant_id = "#{s[:tenant_id]}"
+              azure_client_id = "#{s[:client_id]}"
+              azure_client_secret = "#{s[:client_secret]}"
-              EOH
+            GENERICEOH
             output += subscription_template
           end
         end
@@ -270,7 +273,7 @@ azure_client_secret = "#{s[:client_secret]}"
       def create_application(tenant_id, token, new_application_name, new_client_secret)
         CustomLogger.log.info "Creating application #{new_application_name} in tenant #{tenant_id}"
         url = "https://graph.windows.net/#{tenant_id}/applications?api-version=1.42-previewInternal"
-        payload_json = <<-EOH
+        payload_json = <<-JSONEOH
         {
             "availableToOtherTenants": false,
             "displayName": "#{new_application_name}",
@@ -287,33 +290,33 @@ azure_client_secret = "#{s[:client_secret]}"
                 }
             ]
         }
-        EOH
+        JSONEOH
         azure_call(:post, url, payload_json, token)
       end
       def create_service_principal(tenant_id, token, application_id)
         CustomLogger.log.info 'Creating service principal for application'
         url = "https://graph.windows.net/#{tenant_id}/servicePrincipals?api-version=1.42-previewInternal"
-        payload_json = <<-EOH
+        payload_json = <<-PAYLOADEOH
         {
             "appId": "#{application_id}",
             "accountEnabled": true
         }
-        EOH
+        PAYLOADEOH
         azure_call(:post, url, payload_json, token)
       end
       def assign_service_principal_to_role_id(subscription_id, token, service_principal_object_id, role_definition_id)
         CustomLogger.log.info 'Attempting to assign service principal to role'
         url = "https://management.azure.com/subscriptions/#{subscription_id}/providers/Microsoft.Authorization/roleAssignments/#{service_principal_object_id}?api-version=2015-07-01"
-        payload_json = <<-EOH
+        payload_json = <<-PAYLOADEOH
         {
             "properties": {
                 "roleDefinitionId": "#{role_definition_id}",
                 "principalId": "#{service_principal_object_id}"
             }
         }
-        EOH
+        PAYLOADEOH
         azure_call(:put, url, payload_json, token)
       end

metadata CHANGED

@@ -1,55 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: azure-credentials
 version: !ruby/object:Gem::Version
-  version: 0.1.3
+  version: 0.1.4
 platform: ruby
 authors:
 - Stuart Preston
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2016-08-30 00:00:00.000000000 Z
+date: 2018-09-28 00:00:00.000000000 Z
 dependencies:
-- !ruby/object:Gem::Dependency
-  name: json
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.8'
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 1.8.3
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.8'
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 1.8.3
-- !ruby/object:Gem::Dependency
-  name: mixlib-cli
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1'
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 1.5.0
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1'
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 1.5.0
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -79,7 +39,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '10.0'
 - !ruby/object:Gem::Dependency
-  name: rubocop
+  name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
@@ -93,7 +53,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: rspec
+  name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
@@ -140,7 +100,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.6.6
+rubygems_version: 2.7.6
 signing_key:
 specification_version: 4
 summary: AzureRM credential generator