knife-azure 1.6.0.rc.0 → 1.6.0

data/lib/azure/resource_management/windows_credentials.rb

@@ -0,0 +1,136 @@
+#
+# Author:: Nimisha Sharad (nimisha.sharad@clogeny.com)
+# Copyright:: Copyright (c) 2015-2016 Opscode, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+# XPLAT stores the access token and other information in windows credential manager.
+# Using FFI to call CredRead function
+require 'chef'
+require 'mixlib/shellout'
+require 'ffi'
+
+module Azure::ARM
+
+    module ReadCred
+
+      extend FFI::Library
+
+      ffi_lib 'Advapi32'
+
+      CRED_TYPE_GENERIC = 1
+      CRED_TYPE_DOMAIN_PASSWORD = 2
+      CRED_TYPE_DOMAIN_CERTIFICATE = 3
+      CRED_TYPE_DOMAIN_VISIBLE_PASSWORD = 4
+
+      # Ref: https://msdn.microsoft.com/en-us/library/windows/desktop/ms724284(v=vs.85).aspx
+      class FILETIME < FFI::Struct
+        layout :dwLowDateTime, :uint32,
+               :dwHighDateTime, :uint32
+      end
+
+      # Ref: https://msdn.microsoft.com/en-us/library/windows/desktop/aa374790(v=vs.85).aspx
+      class CREDENTIAL_ATTRIBUTE < FFI::Struct
+        layout :Keyword, :pointer,
+               :Flags, :uint32,
+               :ValueSize, :uint32,
+               :Value, :pointer
+      end
+
+      # Ref: https://msdn.microsoft.com/en-us/library/windows/desktop/aa374788(v=vs.85).aspx
+      class CREDENTIAL_OBJECT < FFI::Struct
+          layout :Flags, :uint32,
+                 :Type, :uint32,
+                 :TargetName, :pointer,
+                 :Comment, :pointer,
+                 :LastWritten, FILETIME,
+                 :CredentialBlobSize, :uint32,
+                 :CredentialBlob, :pointer,
+                 :Persist, :uint32,
+                 :AttributeCount, :uint32,
+                 :Attributes, CREDENTIAL_ATTRIBUTE,
+                 :TargetAlias, :pointer,
+                 :UserName, :pointer
+        end
+
+      # Ref: https://msdn.microsoft.com/en-us/library/windows/desktop/aa374804(v=vs.85).aspx
+      attach_function :CredReadW, [:pointer, :uint32, :uint32, :pointer], :bool
+    end
+
+
+    module WindowsCredentials
+
+      include Chef::Mixin::WideString
+      include ReadCred
+
+      def token_details_for_windows
+        target = target_name
+
+        if target
+          target_pointer = wstring(target)
+          info_ptr = FFI::MemoryPointer.new(:pointer)
+          cred = CREDENTIAL_OBJECT.new info_ptr
+          cred_result = CredReadW(target_pointer, CRED_TYPE_GENERIC, 0, cred)
+          translated_cred = CREDENTIAL_OBJECT.new(info_ptr.read_pointer)
+
+          target_obj = translated_cred[:TargetName].read_wstring.split("::") if translated_cred[:TargetName].read_wstring
+          cred_blob = translated_cred[:CredentialBlob].get_bytes(0, translated_cred[:CredentialBlobSize]).split("::")
+
+          tokentype = target_obj.select { |obj| obj.include? "tokenType" }
+          user = target_obj.select { |obj| obj.include? "userId" }
+          clientid = target_obj.select { |obj| obj.include? "clientId" }
+          expiry_time = target_obj.select { |obj| obj.include? "expiresOn" }
+          access_token = cred_blob.select { |obj| obj.include? "a:" }
+          refresh_token = cred_blob.select { |obj| obj.include? "r:" }
+
+          credential = {}
+          credential[:tokentype] = tokentype[0].split(":")[1] if tokentype
+          credential[:user] = user[0].split(":")[1] if user
+          credential[:token] = access_token[0].split(":")[1] if access_token
+          credential[:refresh_token] = refresh_token[0].split(":")[1] if refresh_token
+          credential[:clientid] = clientid[0].split(":")[1] if clientid
+          credential[:expiry_time] = expiry_time[0].split("expiresOn:")[1].gsub("\\","") if expiry_time
+        else
+          raise "TargetName Not Found"
+        end
+        credential
+      end
+
+      def target_name
+        # cmdkey command is used for accessing windows credential manager
+        xplat_creds_cmd = Mixlib::ShellOut.new("cmdkey /list | findstr AzureXplatCli")
+        result = xplat_creds_cmd.run_command
+
+        target_name = ""
+        if result.stdout.empty?
+          raise "Azure Credentials not found. Please run xplat's 'azure login' command"
+        else
+          result.stdout.split("\n").each do |target|
+            # Three credentials get created in windows credential manager for xplat-cli
+            # One of them is for common tanent id, which can't be used
+            # Two of them end with --0-2 and --1-2. The one ending with --1-2 doesn't have
+            # accessToken and refreshToken in the credentialBlob.
+            # Selecting the one ending with --0-2
+            if !target.include?("common::") && target.include?("--0-2")
+              target_name = target.gsub("Target:","").strip
+              break
+            end
+          end
+        end
+
+        target_name
+      end
+    end
+end

data/lib/azure/service_management/ASM_interface.rb

@@ -0,0 +1,301 @@
+#
+# Author::
+# Copyright:: Copyright (c) 2016 Opscode, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'azure/azure_interface'
+require 'azure/service_management/rest'
+require 'azure/service_management/connection'
+
+module Azure
+  class ServiceManagement
+    class ASMInterface < AzureInterface
+      include AzureAPI
+
+      attr_accessor :connection
+
+      def initialize(params = {})
+        @rest = Rest.new(params)
+        @connection = Azure::ServiceManagement::Connection.new(@rest)
+        super
+      end
+
+      def list_images
+        connection.images.all
+      end
+
+      def list_servers
+        servers = connection.roles.all
+        cols = ['DNS Name', 'VM Name', 'Status', 'IP Address', 'SSH Port', 'WinRM Port' ]
+        rows = []
+        servers.each do |server|
+          rows << server.hostedservicename.to_s+".cloudapp.net"  # Info about the DNS name at http://msdn.microsoft.com/en-us/library/ee460806.aspx
+          rows << server.name.to_s
+          rows << begin
+                           state = server.status.to_s.downcase
+                           case state
+                           when 'shutting-down','terminated','stopping','stopped'
+                             ui.color(state, :red)
+                           when 'pending'
+                             ui.color(state, :yellow)
+                           else
+                             ui.color('ready', :green)
+                           end
+                         end
+          rows << server.publicipaddress.to_s
+          rows << server.sshport.to_s
+          rows << server.winrmport.to_s
+        end
+        display_list(ui, cols, rows)
+      end
+
+      def find_server(params = {})
+        server = connection.roles.find(params[:name], params = { :azure_dns_name => params[:azure_dns_name] })
+      end
+
+      def delete_server(params = {})
+        server = find_server({name: params[:name], azure_dns_name: params[:azure_dns_name]})
+
+        unless server
+          puts "\n"
+          ui.error("Server #{params[:name]} does not exist")
+          exit!
+        end
+
+        puts "\n"
+        msg_pair(ui, 'DNS Name', server.hostedservicename + ".cloudapp.net")
+        msg_pair(ui, 'VM Name', server.name)
+        msg_pair(ui, 'Size', server.size)
+        msg_pair(ui, 'Public Ip Address', server.publicipaddress)
+        puts "\n"
+
+        begin
+          ui.confirm('Do you really want to delete this server')
+        rescue SystemExit   # Need to handle this as confirming with N/n raises SystemExit exception
+          server = nil      # Cleanup is implicitly performed in other cloud plugins
+          exit!
+        end
+
+        params[:azure_dns_name] = server.hostedservicename
+
+        connection.roles.delete(params)
+
+        puts "\n"
+        ui.warn("Deleted server #{server.name}")
+      end
+
+      def show_server(name)
+        begin
+          role = connection.roles.find name
+
+          puts ''
+          if (role)
+            details = Array.new
+            details << ui.color('Role name', :bold, :cyan)
+            details << role.name
+            details << ui.color('Status', :bold, :cyan)
+            details << role.status
+            details << ui.color('Size', :bold, :cyan)
+            details << role.size
+            details << ui.color('Hosted service name', :bold, :cyan)
+            details << role.hostedservicename
+            details << ui.color('Deployment name', :bold, :cyan)
+            details << role.deployname
+            details << ui.color('Host name', :bold, :cyan)
+            details << role.hostname
+            unless role.sshport.nil?
+              details << ui.color('SSH port', :bold, :cyan)
+              details << role.sshport
+            end
+            unless role.winrmport.nil?
+              details << ui.color('WinRM port', :bold, :cyan)
+              details << role.winrmport
+            end
+            details << ui.color('Public IP', :bold, :cyan)
+            details << role.publicipaddress.to_s
+
+            unless role.thumbprint.empty?
+              details << ui.color('Thumbprint', :bold, :cyan)
+              details << role.thumbprint
+            end
+            puts ui.list(details, :columns_across, 2)
+            if role.tcpports.length > 0 || role.udpports.length > 0
+              details.clear
+              details << ui.color('Ports open', :bold, :cyan)
+              details << ui.color('Local port', :bold, :cyan)
+              details << ui.color('IP', :bold, :cyan)
+              details << ui.color('Public port', :bold, :cyan)
+              if role.tcpports.length > 0
+                role.tcpports.each do |port|
+                  details << 'tcp'
+                  details << port['LocalPort']
+                  details << port['Vip']
+                  details << port['PublicPort']
+                end
+              end
+              if role.udpports.length > 0
+                role.udpports.each do |port|
+                  details << 'udp'
+                  details << port['LocalPort']
+                  details << port['Vip']
+                  details << port['PublicPort']
+                end
+              end
+              puts ui.list(details, :columns_across, 4)
+            end
+          else
+            puts "No VM found"
+          end
+
+        rescue => error
+          puts "#{error.class} and #{error.message}"
+        end
+
+      end
+
+      def list_internal_lb
+        lbs = connection.lbs.all
+        cols = %w{Name Service Subnet VIP}
+        rows = []
+        lbs.each do |lb|
+          cols.each { |col| rows << lb.send(col.downcase).to_s }
+        end
+        display_list(ui, cols, rows)
+      end
+
+      def create_internal_lb(params = {})
+        connection.lbs.create(params)
+      end
+
+      def list_vnets
+        vnets = connection.vnets.all
+        cols = ['Name', 'Affinity Group', 'State']
+        rows = []
+        vnets.each do |vnet|
+          %w(name affinity_group state).each{ |col| rows << vnet.send(col).to_s }
+        end
+        display_list(ui, cols, rows)
+      end
+
+      def create_vnet(params = {})
+        connection.vnets.create(params)
+      end
+
+      def list_affinity_groups
+        affinity_groups = connection.ags.all
+        cols = %w{Name Location Description}
+        rows = []
+        affinity_groups.each do |affinity_group|
+          cols.each { |col| rows << affinity_group.send(col.downcase).to_s }
+        end
+        display_list(ui, cols, rows)
+      end
+
+      def create_affinity_group(params = {})
+        connection.ags.create(params)
+      end
+
+      def create_server(params = {})
+        remove_hosted_service_on_failure = params[:azure_dns_name]
+        if connection.hosts.exists?(params[:azure_dns_name])
+          remove_hosted_service_on_failure = nil
+        end
+
+        #If Storage Account is not specified, check if the geographic location has one to re-use
+        if not params[:azure_storage_account]
+          storage_accts = connection.storageaccounts.all
+          storage = storage_accts.find { |storage_acct| storage_acct.location.to_s == params[:azure_service_location] }
+          unless storage
+            params[:azure_storage_account] = [strip_non_ascii(params[:azure_vm_name]), random_string].join.downcase
+            remove_storage_service_on_failure = params[:azure_storage_account]
+          else
+            remove_storage_service_on_failure = nil
+            params[:azure_storage_account] = storage.name.to_s
+          end
+        else
+          if connection.storageaccounts.exists?(params[:azure_storage_account])
+            remove_storage_service_on_failure = nil
+          else
+            remove_storage_service_on_failure = params[:azure_storage_account]
+          end
+        end
+
+        begin
+          connection.deploys.create(params)
+        rescue Exception => e
+          Chef::Log.error("Failed to create the server -- exception being rescued: #{e.to_s}")
+          backtrace_message = "#{e.class}: #{e}\n#{e.backtrace.join("\n")}"
+          Chef::Log.debug("#{backtrace_message}")
+          cleanup_and_exit(remove_hosted_service_on_failure, remove_storage_service_on_failure)
+        end
+
+      end
+
+      def cleanup_and_exit(remove_hosted_service_on_failure, remove_storage_service_on_failure)
+        Chef::Log.warn("Cleaning up resources...")
+
+        if remove_hosted_service_on_failure
+          ret_val = connection.hosts.delete(remove_hosted_service_on_failure)
+          ret_val.content.empty? ? Chef::Log.warn("Deleted created DNS: #{remove_hosted_service_on_failure}.") : Chef::Log.warn("Deletion failed for created DNS:#{remove_hosted_service_on_failure}. " + ret_val.text)
+        end
+
+        if remove_storage_service_on_failure
+          ret_val = connection.storageaccounts.delete(remove_storage_service_on_failure)
+          ret_val.content.empty? ? Chef::Log.warn("Deleted created Storage Account: #{remove_storage_service_on_failure}.") : Chef::Log.warn("Deletion failed for created Storage Account: #{remove_storage_service_on_failure}. " + ret_val.text)
+        end
+        exit 1
+      end
+
+       def get_role_server(dns_name, vm_name)
+        deploy = connection.deploys.queryDeploy(dns_name)
+        deploy.find_role(vm_name)
+      end
+
+      def get_extension(name, publisher)
+        connection.query_azure("resourceextensions/#{publisher}/#{name}")
+      end
+
+      def deployment_name(dns_name)
+        connection.deploys.get_deploy_name_for_hostedservice(dns_name)
+      end
+
+      def deployment(path)
+        connection.query_azure(path)
+      end
+
+      def valid_image?(name)
+        connection.images.exists?(name)
+      end
+
+      def vm_image?(name)
+        connection.images.is_vm_image(name)
+      end
+
+      def add_extension(name, params = {})
+        begin
+          ui.info "Started with Chef Extension deployment on the server #{name}..."
+          connection.roles.update(name, params)
+          ui.info "\nSuccessfully deployed Chef Extension on the server #{name}."
+        rescue Exception => e
+          Chef::Log.error("Failed to add extension to the server -- exception being rescued: #{e.to_s}")
+          backtrace_message = "#{e.class}: #{e}\n#{e.backtrace.join("\n")}"
+          Chef::Log.debug("#{backtrace_message}")
+        end
+      end
+    end
+  end
+end
+

data/lib/azure/{ag.rb → service_management/ag.rb}

@@ -16,7 +16,7 @@
 # limitations under the License.
 #
 
-class Azure
+module Azure
   class AGs
     def initialize(connection)
       @connection = connection
@@ -58,7 +58,7 @@ class Azure
   end
 end
 
-class Azure
+module Azure
   class AG
     attr_accessor :name, :label, :description, :location