knife-azure 1.6.0 → 1.7.0

data/lib/azure/service_management/ASM_interface.rb

@@ -39,7 +39,7 @@ module Azure
 
       def list_servers
         servers = connection.roles.all
-        cols = ['DNS Name', 'VM Name', 'Status', 'IP Address', 'SSH Port', 'WinRM Port' ]
+        cols = ['DNS Name', 'VM Name', 'Status', 'IP Address', 'SSH Port', 'WinRM Port', 'RDP Port']
         rows = []
         servers.each do |server|
           rows << server.hostedservicename.to_s+".cloudapp.net"  # Info about the DNS name at http://msdn.microsoft.com/en-us/library/ee460806.aspx
@@ -58,10 +58,26 @@ module Azure
           rows << server.publicipaddress.to_s
           rows << server.sshport.to_s
           rows << server.winrmport.to_s
+          ports = server.tcpports
+          rows << rdp_port(ports)
         end
         display_list(ui, cols, rows)
       end
 
+      def rdp_port(arr_ports)
+        if !arr_ports
+          return ''
+        end
+        if arr_ports.length > 0
+          arr_ports.each do |port|
+            if port['Name'] == "Remote Desktop"
+              return port['PublicPort']
+            end
+          end
+        end
+        return ''
+      end
+
       def find_server(params = {})
         server = connection.roles.find(params[:name], params = { :azure_dns_name => params[:azure_dns_name] })
       end

data/lib/azure/service_management/certificate.rb

@@ -21,10 +21,12 @@ module Azure
     def initialize(connection)
       @connection=connection
     end
+
     def create(params)
       certificate = Certificate.new(@connection)
       certificate.create(params)
     end
+
     def add(certificate_data, certificate_password, certificate_format, dns_name)
       certificate = Certificate.new(@connection)
       certificate.add_certificate certificate_data, certificate_password, certificate_format, dns_name
@@ -35,7 +37,12 @@ module Azure
                       azure_dns_name: azure_dns_name }
       certificate = Certificate.new(@connection)
       thumbprint = certificate.create_ssl_certificate(cert_params)
-     end
+    end
+
+    def get_certificate(dns_name, fingerprint)
+      certificate = Certificate.new(@connection)
+      certificate.get_certificate(dns_name, fingerprint)
+    end
   end
 end
 
@@ -47,12 +54,14 @@ module Azure
       @connection = connection
       @certificate_version = 2 # cf. RFC 5280 - to make it a "v3" certificate
     end
+
     def create(params)
       # If RSA private key has been specified, then generate an x 509 certificate from the
       # public part of the key
       @cert_data = generate_public_key_certificate_data({:ssh_key => params[:identity_file],
                                              :ssh_key_passphrase => params[:identity_file_passphrase]})
       add_certificate @cert_data, 'knifeazure', 'pfx', params[:azure_dns_name]
+
       # Return the fingerprint to be used while adding role
       @fingerprint
     end
@@ -86,21 +95,36 @@ module Azure
     end
 
     def add_certificate certificate_data, certificate_password, certificate_format, dns_name
-       # Generate XML to call the API
-       # Add certificate to the hosted service
-       builder = Nokogiri::XML::Builder.new do |xml|
-         xml.CertificateFile('xmlns'=>'http://schemas.microsoft.com/windowsazure') {
-         xml.Data certificate_data
-         xml.CertificateFormat certificate_format
-         xml.Password certificate_password
-         }
-       end
-       # Windows Azure API call
-       @connection.query_azure("hostedservices/#{dns_name}/certificates", "post", builder.to_xml)
+      # Generate XML to call the API
+      # Add certificate to the hosted service
+      builder = Nokogiri::XML::Builder.new do |xml|
+       xml.CertificateFile('xmlns'=>'http://schemas.microsoft.com/windowsazure') {
+       xml.Data certificate_data
+       xml.CertificateFormat certificate_format
+       xml.Password certificate_password
+       }
+      end
+      # Windows Azure API call
+      @connection.query_azure("hostedservices/#{dns_name}/certificates", "post", builder.to_xml)
+
+      # Check if certificate is available else raise error
+      for attempt in 0..4
+        Chef::Log.info "Waiting to get certificate ..."
+        res = get_certificate(dns_name, @fingerprint)
+        break if !res.empty?
+        if attempt == 4
+          raise "The certificate with thumbprint #{fingerprint} was not found."
+        else
+          sleep 5
+        end
+      end
     end
 
-    ########   SSL certificate generation for knife-azure ssl bootstrap ######
+    def get_certificate(dns_name, fingerprint)
+      @connection.query_azure("hostedservices/#{dns_name}/certificates/sha1-#{fingerprint}", "get").search("Certificate")
+    end
 
+    ########   SSL certificate generation for knife-azure ssl bootstrap ######
     def create_ssl_certificate cert_params
       file_path = cert_params[:output_file].sub(/\.(\w+)$/,'')
       path = prompt_for_file_path

data/lib/chef/knife/azure_base.rb

@@ -231,6 +231,7 @@ class Chef
       end
 
       def find_file(name)
+        name = ::File.expand_path(name)
         config_dir = Chef::Knife.chef_config_dir
         if File.exist? name
           file = name
@@ -244,6 +245,105 @@ class Chef
         end
         file
       end
+
+      def fetch_deployment
+        deployment_name = service.deployment_name(locate_config_value(:azure_dns_name))
+        deployment = service.deployment("hostedservices/#{locate_config_value(:azure_dns_name)}/deployments/#{deployment_name}")
+
+        deployment
+      end
+
+      def fetch_role
+        deployment = fetch_deployment
+
+        if deployment.at_css('Deployment Name') != nil
+          role_list_xml =  deployment.css('RoleInstanceList RoleInstance')
+          role_list_xml.each do |role|
+            if role.at_css("RoleName").text == (locate_config_value(:azure_vm_name) || @name_args[0])
+              return role
+            end
+          end
+        end
+        return nil
+      end
+
+      def fetch_extension(role)
+        ext_list_xml = role.css("ResourceExtensionStatusList ResourceExtensionStatus")
+        return nil if ext_list_xml.nil?
+
+        ext_list_xml.each do |ext|
+          if ext.at_css("HandlerName").text == "Chef.Bootstrap.WindowsAzure.LinuxChefClient" || ext.at_css("HandlerName").text == "Chef.Bootstrap.WindowsAzure.ChefClient"
+            return ext
+          end
+        end
+        return nil
+      end
+
+      def fetch_substatus(extension)
+        return nil if extension.at_css("ExtensionSettingStatus SubStatusList SubStatus").nil?
+        substatus_list_xml = extension.css("ExtensionSettingStatus SubStatusList SubStatus")
+        substatus_list_xml.each do |substatus|
+          if substatus.at_css("Name").text == "Chef Client run logs"
+            return substatus
+          end
+        end
+        return nil
+      end
+
+      def fetch_chef_client_logs(fetch_process_start_time, fetch_process_wait_timeout)
+        ## fetch server details ##
+        role = fetch_role
+        if role != nil
+          ## fetch Chef Extension details deployed on the server ##
+          ext = fetch_extension(role)
+          if ext != nil
+            ## fetch substatus field which contains the chef-client run logs ##
+            substatus = fetch_substatus(ext)
+            if substatus != nil
+              ## chef-client run logs becomes available ##
+              name = substatus.at_css("Name").text
+              status = substatus.at_css("Status").text
+              message = substatus.at_css("Message").text
+
+              ## printing the logs ##
+              puts "\n\n******** Please find the chef-client run details below ********\n\n"
+              print "----> chef-client run status: "
+              case status
+              when "Success"
+                ## chef-client run succeeded ##
+                color = :green
+              when "Error"
+                ## chef-client run failed ##
+                color = :red
+              when "Transitioning"
+                ## chef-client run did not complete within maximum timeout of 30 minutes ##
+                ## fetch whatever logs available under the chef-client.log file ##
+                color = :yellow
+              end
+              puts "#{ui.color(status, color, :bold)}"
+              puts "----> chef-client run logs: "
+              puts "\n#{message}\n"  ## message field of substatus contains the chef-client run logs ##
+            else
+              ## unavailability of the substatus field indicates that chef-client run is not completed yet on the server ##
+              fetch_process_wait_time = ((Time.now - fetch_process_start_time) / 60).round
+              if fetch_process_wait_time <= fetch_process_wait_timeout  ## wait for maximum 30 minutes until chef-client run logs becomes available ##
+                print "#{ui.color('.', :bold)}"
+                sleep 30
+                fetch_chef_client_logs(fetch_process_start_time, fetch_process_wait_timeout)
+              else
+                ## wait time exceeded maximum threshold set for the wait timeout ##
+                ui.error "\nchef-client run logs could not be fetched since fetch process exceeded wait timeout of #{fetch_process_wait_timeout} minutes.\n"
+              end
+            end
+          else
+            ## Chef Extension could not be found ##
+            ui.error("Unable to find Chef extension under role #{locate_config_value(:azure_vm_name) || @name_args[0]}.")
+          end
+        else
+          ## server could not be found ##
+          ui.error("chef-client run logs could not be fetched since role #{locate_config_value(:azure_vm_name) || @name_args[0]} could not be found.")
+        end
+      end
     end
   end
 end

data/lib/chef/knife/azure_server_create.rb

@@ -391,97 +391,6 @@ class Chef
         return extension_status
       end
 
-      def fetch_role
-        deployment_name = service.deployment_name(locate_config_value(:azure_dns_name))
-        deployment = service.deployment("hostedservices/#{locate_config_value(:azure_dns_name)}/deployments/#{deployment_name}")
-
-        if deployment.at_css('Deployment Name') != nil
-          role_list_xml =  deployment.css('RoleInstanceList RoleInstance')
-          role_list_xml.each do |role|
-            if role.at_css("RoleName").text == locate_config_value(:azure_vm_name)
-              return role
-            end
-          end
-        end
-        return nil
-      end
-
-      def fetch_extension(role)
-        ext_list_xml = role.css("ResourceExtensionStatusList ResourceExtensionStatus")
-        ext_list_xml.each do |ext|
-          if ext.at_css("HandlerName").text == "Chef.Bootstrap.WindowsAzure.LinuxChefClient" || ext.at_css("HandlerName").text == "Chef.Bootstrap.WindowsAzure.ChefClient"
-            return ext
-          end
-        end
-        return nil
-      end
-
-      def fetch_substatus(extension)
-        return nil if extension.at_css("ExtensionSettingStatus SubStatusList SubStatus").nil?
-        substatus_list_xml = extension.css("ExtensionSettingStatus SubStatusList SubStatus")
-        substatus_list_xml.each do |substatus|
-          if substatus.at_css("Name").text == "Chef Client run logs"
-            return substatus
-          end
-        end
-        return nil
-      end
-
-      def fetch_chef_client_logs(fetch_process_start_time, fetch_process_wait_timeout)
-        ## fetch server details ##
-        role = fetch_role
-        if role != nil
-          ## fetch Chef Extension details deployed on the server ##
-          ext = fetch_extension(role)
-          if ext != nil
-            ## fetch substatus field which contains the chef-client run logs ##
-            substatus = fetch_substatus(ext)
-            if substatus != nil
-              ## chef-client run logs becomes available ##
-              name = substatus.at_css("Name").text
-              status = substatus.at_css("Status").text
-              message = substatus.at_css("Message").text
-
-              ## printing the logs ##
-              puts "\n\n******** Please find the chef-client run details below ********\n\n"
-              print "----> chef-client run status: "
-              case status
-              when "Success"
-                ## chef-client run succeeded ##
-                color = :green
-              when "Error"
-                ## chef-client run failed ##
-                color = :red
-              when "Transitioning"
-                ## chef-client run did not complete within maximum timeout of 30 minutes ##
-                ## fetch whatever logs available under the chef-client.log file ##
-                color = :yellow
-              end
-              puts "#{ui.color(status, color, :bold)}"
-              puts "----> chef-client run logs: "
-              puts "\n#{message}\n"  ## message field of substatus contains the chef-client run logs ##
-            else
-              ## unavailability of the substatus field indicates that chef-client run is not completed yet on the server ##
-              fetch_process_wait_time = ((Time.now - fetch_process_start_time) / 60).round
-              if fetch_process_wait_time <= fetch_process_wait_timeout  ## wait for maximum 30 minutes until chef-client run logs becomes available ##
-                print "#{ui.color('.', :bold)}"
-                sleep 30
-                fetch_chef_client_logs(fetch_process_start_time, fetch_process_wait_timeout)
-              else
-                ## wait time exceeded 30 minutes timeout ##
-                ui.error "\nchef-client run logs could not be fetched since fetch process exceeded wait timeout of #{fetch_process_wait_timeout} minutes.\n"
-              end
-            end
-          else
-            ## Chef Extension could not be found ##
-            ui.error("Unable to find Chef extension under role #{locate_config_value(:azure_vm_name)}.")
-          end
-        else
-          ## server could not be found ##
-          ui.error("chef-client run logs could not be fetched since role #{locate_config_value(:azure_vm_name)} could not be found.")
-        end
-      end
-
       def run
         $stdout.sync = true
 
@@ -561,13 +470,6 @@ class Chef
           exit 1
         end
 
-        if (locate_config_value(:auto_update_client) ||  locate_config_value(:delete_chef_extension_config) || locate_config_value(:uninstall_chef_client))  &&  (locate_config_value(:bootstrap_protocol) != 'cloud-api')
-          ui.error("--auto-update-client option works with --bootstrap-protocol cloud-api") if locate_config_value(:auto_update_client)
-          ui.error("--delete-chef-extension-config option works with --bootstrap-protocol cloud-api") if locate_config_value(:delete_chef_extension_config)
-          ui.error("--uninstall-chef-client option works with --bootstrap-protocol cloud-api") if locate_config_value(:uninstall_chef_client)
-          exit 1
-        end
-
         if locate_config_value(:extended_logs) && locate_config_value(:bootstrap_protocol) != 'cloud-api'
           ui.error("--extended-logs option works with --bootstrap-protocol cloud-api")
           exit 1

data/lib/chef/knife/azurerm_base.rb

@@ -21,6 +21,7 @@ require 'chef/knife'
 require 'azure/resource_management/ARM_interface'
 require 'mixlib/shellout'
 require 'time'
+require 'json'
 
 class Chef
   class Knife
@@ -48,7 +49,7 @@ class Chef
       end
 
       def service
-        details = authentication_details()
+        details = authentication_details
         details.update(:azure_subscription_id => locate_config_value(:azure_subscription_id))
         @service ||= begin
                       service = Azure::ResourceManagement::ARMInterface.new(details)
@@ -86,30 +87,61 @@ class Chef
       end
 
       def authentication_details
-        if(!locate_config_value(:azure_tenant_id).nil? && !locate_config_value(:azure_client_id).nil? && !locate_config_value(:azure_client_secret).nil?)
+        if(locate_config_value(:azure_tenant_id) && locate_config_value(:azure_client_id) && locate_config_value(:azure_client_secret))
           return {:azure_tenant_id => locate_config_value(:azure_tenant_id), :azure_client_id => locate_config_value(:azure_client_id), :azure_client_secret => locate_config_value(:azure_client_secret)}
         elsif Chef::Platform.windows?
           token_details = token_details_for_windows()
         else
           token_details = token_details_for_linux()
         end
-        check_token_validity(token_details)
-        return token_details
+        token_details = check_token_validity(token_details)
+        token_details
       end
 
       def token_details_for_linux
         home_dir = File.expand_path('~')
         file = File.read(home_dir + '/.azure/accessTokens.json')
-        file = eval(file)
-        token_details = {:tokentype => file[-1][:tokenType], :user => file[-1][:userId], :token => file[-1][:accessToken], :clientid => file[-1][:_clientId], :expiry_time => file[-1][:expiresOn], :refreshtoken => file[-1][:refreshToken]}
-        return token_details
+        file = JSON.parse(file)
+        token_details = {:tokentype => file[-1]["tokenType"], :user => file[-1]["userId"], :token => file[-1]["accessToken"], :clientid => file[-1]["_clientId"], :expiry_time => file[-1]["expiresOn"], :refreshtoken => file[-1]["refreshToken"]}
+        token_details
       end
 
-      def check_token_validity(token_details)
+      def is_token_valid?(token_details)
         time_difference = Time.parse(token_details[:expiry_time]) - Time.now.utc
         if time_difference <= 0
-          raise "Token has expired, please run any azure command like azure vm list to get new token from refresh token else run azure login command"
+          return false
+        elsif time_difference <= 600 # 600sec = 10min
+          # This is required otherwise a long running command may fail inbetween if the token gets expired.
+          raise "Token will expire within 10 minutes. Please run 'azure login' command"
+        else
+          return true
+        end
+      end
+
+      def refresh_token
+        begin
+          ui.log("Authenticating...")
+          Mixlib::ShellOut.new("azure vm show 'knifetest@resourcegroup' testvm", :timeout => 30).run_command
+        rescue Mixlib::ShellOut::CommandTimeout
+        rescue Exception
+          raise "Token has expired. Please run 'azure login' command"
+        end
+        if Chef::Platform.windows?
+          token_details = token_details_for_windows()
+        else
+          token_details = token_details_for_linux()
+        end
+        token_details
+      end
+
+      def check_token_validity(token_details)
+        if !is_token_valid?(token_details)
+          token_details = refresh_token()
+          if !is_token_valid?(token_details)
+            raise "Token has expired. Please run 'azure login' command"
+          end
         end
+        token_details
       end
 
       def validate_azure_login
@@ -157,6 +189,7 @@ class Chef
       end
 
       def find_file(name)
+        name = ::File.expand_path(name)
         config_dir = Chef::Knife.chef_config_dir
         if File.exist? name
           file = name