knife-azure 1.8.0 → 1.8.6

data/lib/chef/knife/azure_ag_list.rb

@@ -23,8 +23,6 @@ class Chef
     class AzureAgList < Knife
       include Knife::AzureBase
 
-      deps { require 'highline' }
-
       banner 'knife azure ag list (options)'
 
       def run

data/lib/chef/knife/azure_base.rb

@@ -124,7 +124,77 @@ class Chef
       end
 
       # validate command pre-requisites (cli options)
+      # (locate_config_value(:winrm_password).length <= 6 && locate_config_value(:winrm_password).length >= 72)
       def validate_params!
+        if locate_config_value(:winrm_password) && !locate_config_value(:winrm_password).strip.size.between?(6, 72)
+          ui.error("The supplied password must be 6-72 characters long and meet password complexity requirements")
+          exit 1
+        end
+
+        if locate_config_value(:ssh_password) && !locate_config_value(:ssh_password).empty? && !locate_config_value(:ssh_password).strip.size.between?(6, 72)
+          ui.error("The supplied ssh password must be 6-72 characters long and meet password complexity requirements")
+          exit 1
+        end
+
+        if locate_config_value(:azure_connect_to_existing_dns) && locate_config_value(:azure_vm_name).nil?
+          ui.error("Specify the VM name using --azure-vm-name option, since you are connecting to existing dns")
+          exit 1
+        end
+
+        if locate_config_value(:azure_service_location) && locate_config_value(:azure_affinity_group)
+          ui.error("Cannot specify both --azure-service-location and --azure-affinity-group, use one or the other.")
+          exit 1
+        elsif locate_config_value(:azure_service_location).nil? && locate_config_value(:azure_affinity_group).nil?
+          ui.error("Must specify either --azure-service-location or --azure-affinity-group.")
+          exit 1
+        end
+
+        if locate_config_value(:winrm_authentication_protocol) && ! %w{basic negotiate kerberos}.include?(locate_config_value(:winrm_authentication_protocol).downcase)
+          ui.error("Invalid value for --winrm-authentication-protocol option. Use valid protocol values i.e [basic, negotiate, kerberos]")
+          exit 1
+        end
+
+        if !(service.valid_image?(locate_config_value(:azure_source_image)))
+          ui.error("Image '#{locate_config_value(:azure_source_image)}' is invalid")
+          exit 1
+        end
+
+        # Validate join domain requirements.
+        if locate_config_value(:azure_domain_name) || locate_config_value(:azure_domain_user)
+          if locate_config_value(:azure_domain_user).nil? || locate_config_value(:azure_domain_passwd).nil?
+            ui.error("Must specify both --azure-domain-user and --azure-domain-passwd.")
+            exit 1
+          end
+        end
+
+        if locate_config_value(:winrm_transport) == "ssl" && locate_config_value(:thumbprint).nil? && ( locate_config_value(:winrm_ssl_verify_mode).nil? || locate_config_value(:winrm_ssl_verify_mode) == :verify_peer )
+          ui.error("The SSL transport was specified without the --thumbprint option. Specify a thumbprint, or alternatively set the --winrm-ssl-verify-mode option to 'verify_none' to skip verification.")
+          exit 1
+        end
+
+        if locate_config_value(:extended_logs) && locate_config_value(:bootstrap_protocol) != 'cloud-api'
+          ui.error("--extended-logs option only works with --bootstrap-protocol cloud-api")
+          exit 1
+        end
+
+        if locate_config_value(:bootstrap_protocol) == 'cloud-api' && locate_config_value(:azure_vm_name).nil? && locate_config_value(:azure_dns_name).nil?
+          ui.error("Specifying the DNS name using --azure-dns-name or VM name using --azure-vm-name option is required with --bootstrap-protocol cloud-api")
+          exit 1
+        end
+
+        if locate_config_value(:daemon)
+          unless is_image_windows?
+            raise ArgumentError, "The daemon option is only supported for Windows nodes."
+          end
+
+          unless  locate_config_value(:bootstrap_protocol) == 'cloud-api'
+            raise ArgumentError, "The --daemon option requires the use of --bootstrap-protocol cloud-api"
+          end
+
+          unless %w{none service task}.include?(locate_config_value(:daemon).downcase)
+            raise ArgumentError, "Invalid value for --daemon option. Valid values are 'none', 'service' and 'task'."
+          end
+        end
       end
 
       # validates keys

data/lib/chef/knife/azure_internal-lb_list.rb

@@ -23,8 +23,6 @@ class Chef
     class AzureInternalLbList < Knife
       include Knife::AzureBase
 
-      deps { require 'highline' }
-
       banner 'knife azure internal lb list (options)'
 
       def run

data/lib/chef/knife/azure_server_create.rb

@@ -232,7 +232,6 @@ class Chef
 
       def wait_until_virtual_machine_ready(retry_interval_in_seconds = 30)
         vm_status = nil
-
         begin
           azure_vm_startup_timeout = locate_config_value(:azure_vm_startup_timeout).to_i
           azure_vm_ready_timeout = locate_config_value(:azure_vm_ready_timeout).to_i
@@ -355,12 +354,9 @@ class Chef
             if role.at_css("RoleName").text == locate_config_value(:azure_vm_name)
               lnx_waagent_fail_msg = "Failed to deserialize the status reported by the Guest Agent"
               waagent_status_msg = role.at_css("GuestAgentStatus FormattedMessage Message").text
-
               if role.at_css("GuestAgentStatus Status").text == "Ready"
                 extn_status = role.at_css("ResourceExtensionStatusList Status").text
-
                 Chef::Log.debug("Resource extension status is #{extn_status}")
-
                 if extn_status == "Installing"
                   extension_status[:status] = :extension_installing
                   extension_status[:message] = role.at_css("ResourceExtensionStatusList FormattedMessage Message").text
@@ -387,30 +383,20 @@ class Chef
         else
           extension_status[:status] = :extension_status_not_detected
         end
-
         return extension_status
       end
 
       def run
         $stdout.sync = true
-
         storage = nil
-
         Chef::Log.info("validating...")
         validate_asm_keys!(:azure_source_image)
-
         validate_params!
-
         ssh_override_winrm if !is_image_windows?
-
         Chef::Log.info("creating...")
-
         config[:azure_dns_name] = get_dns_name(locate_config_value(:azure_dns_name))
-
-        if not locate_config_value(:azure_vm_name)
-          config[:azure_vm_name] = locate_config_value(:azure_dns_name)
-        end
-
+        config[:azure_vm_name] = locate_config_value(:azure_dns_name) unless locate_config_value(:azure_vm_name)
+        config[:chef_node_name] = locate_config_value(:azure_vm_name) unless locate_config_value(:chef_node_name)
         service.create_server(create_server_def)
         wait_until_virtual_machine_ready()
         if locate_config_value(:bootstrap_protocol) == 'cloud-api' && locate_config_value(:extended_logs)
@@ -423,73 +409,6 @@ class Chef
         bootstrap_exec(server) unless locate_config_value(:bootstrap_protocol) == 'cloud-api'
       end
 
-      def validate_params!
-        if locate_config_value(:winrm_password) && (locate_config_value(:winrm_password).length <= 6 && locate_config_value(:winrm_password).length >= 72)
-          ui.error("The supplied password must be 6-72 characters long and meet password complexity requirements")
-          exit 1
-        end
-
-        if locate_config_value(:ssh_password) && (locate_config_value(:ssh_password).length <= 6 && locate_config_value(:ssh_password).length >= 72)
-          ui.error("The supplied password must be 6-72 characters long and meet password complexity requirements")
-          exit 1
-        end
-
-        if locate_config_value(:azure_connect_to_existing_dns) && locate_config_value(:azure_vm_name).nil?
-          ui.error("Specify the VM name using --azure-vm-name option, since you are connecting to existing dns")
-          exit 1
-        end
-
-        if locate_config_value(:azure_service_location) && locate_config_value(:azure_affinity_group)
-          ui.error("Cannot specify both --azure-service-location and --azure-affinity-group, use one or the other.")
-          exit 1
-        elsif locate_config_value(:azure_service_location).nil? && locate_config_value(:azure_affinity_group).nil?
-          ui.error("Must specify either --azure-service-location or --azure-affinity-group.")
-          exit 1
-        end
-
-        if locate_config_value(:winrm_authentication_protocol) && ! %w{basic negotiate kerberos}.include?(locate_config_value(:winrm_authentication_protocol))
-          ui.error("Invalid value for --winrm-authentication-protocol option. Use valid protocol values i.e [basic, negotiate, kerberos]")
-          exit 1
-        end
-
-        if !(service.valid_image?(locate_config_value(:azure_source_image)))
-          ui.error("Image provided is invalid")
-          exit 1
-        end
-
-        # Validate join domain requirements.
-        if locate_config_value(:azure_domain_name) || locate_config_value(:azure_domain_user)
-          if locate_config_value(:azure_domain_user).nil? || locate_config_value(:azure_domain_passwd).nil?
-            ui.error("Must specify both --azure-domain-user and --azure-domain-passwd.")
-            exit 1
-          end
-        end
-
-        if locate_config_value(:winrm_transport) == "ssl" && locate_config_value(:thumbprint).nil? && ( locate_config_value(:winrm_ssl_verify_mode).nil? || locate_config_value(:winrm_ssl_verify_mode) == :verify_peer )
-          ui.error("The SSL transport was specified without the --thumbprint option. Specify a thumbprint, or alternatively set the --winrm-ssl-verify-mode option to 'verify_none' to skip verification.")
-          exit 1
-        end
-
-        if locate_config_value(:extended_logs) && locate_config_value(:bootstrap_protocol) != 'cloud-api'
-          ui.error("--extended-logs option works with --bootstrap-protocol cloud-api")
-          exit 1
-        end
-
-        if locate_config_value(:daemon)
-          unless is_image_windows?
-            raise ArgumentError, "The daemon option is only support for Windows nodes."
-          end
-
-          unless  locate_config_value(:bootstrap_protocol) == 'cloud-api'
-            raise ArgumentError, "--daemon option works with --bootstrap-protocol cloud-api"
-          end
-
-          unless %w{none service task}.include?(locate_config_value(:daemon))
-            raise ArgumentError, "Invalid value for --daemon option. Use valid daemon values i.e 'none', 'service' and 'task'."
-          end
-        end
-      end
-
       def create_server_def
         server_def = {
           :azure_storage_account => locate_config_value(:azure_storage_account),

data/lib/chef/knife/azure_vnet_list.rb

@@ -23,8 +23,6 @@ class Chef
     class AzureVnetList < Knife
       include Knife::AzureBase
 
-      deps { require 'highline' }
-
       banner 'knife azure vnet list (options)'
 
       def run

data/lib/chef/knife/azurerm_base.rb

@@ -1,7 +1,7 @@
 
 # Author:: Aliasgar Batterywala (aliasgar.batterywala@clogeny.com)
 #
-# Copyright:: Copyright (c) 2016 Opscode, Inc.
+# Copyright:: Copyright 2009-2018, Chef Software Inc.
 # License:: Apache License, Version 2.0
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -40,7 +40,6 @@ class Chef
 
       def self.included(includer)
         includer.class_eval do
-
           deps do
             require 'readline'
             require 'chef/json_compat'
@@ -50,7 +49,6 @@ class Chef
             :short => "-r RESOURCE_GROUP_NAME",
             :long => "--azure-resource-group-name RESOURCE_GROUP_NAME",
             :description => "The Resource Group name."
-
         end
       end
 
@@ -71,13 +69,13 @@ class Chef
 
       # validates ARM mandatory keys
       def validate_arm_keys!(*keys)
-        parse_publish_settings_file(locate_config_value(:azure_publish_settings_file)) if(locate_config_value(:azure_publish_settings_file) != nil)
+        parse_publish_settings_file(locate_config_value(:azure_publish_settings_file)) unless locate_config_value(:azure_publish_settings_file).nil?
         keys.push(:azure_subscription_id)
 
-        if(locate_config_value(:azure_tenant_id).nil? || locate_config_value(:azure_client_id).nil? || locate_config_value(:azure_client_secret).nil?)
+        if azure_cred?
           validate_azure_login
         else
-           keys.concat([:azure_tenant_id, :azure_client_id, :azure_client_secret])
+          keys.concat([:azure_tenant_id, :azure_client_id, :azure_client_secret])
         end
 
         errors = []
@@ -92,7 +90,7 @@ class Chef
       end
 
       def authentication_details
-        if(locate_config_value(:azure_tenant_id) && locate_config_value(:azure_client_id) && locate_config_value(:azure_client_secret))
+        if is_azure_cred?
           return {:azure_tenant_id => locate_config_value(:azure_tenant_id), :azure_client_id => locate_config_value(:azure_client_id), :azure_client_secret => locate_config_value(:azure_client_secret)}
         elsif Chef::Platform.windows?
           token_details = token_details_for_windows()
@@ -103,16 +101,13 @@ class Chef
         token_details
       end
 
-      def current_xplat_cli_version
-        shell_out!("azure -v", { returns: [0] }).stdout
-      end
-
-      def is_old_xplat?
-        Gem::Version.new(current_xplat_cli_version) < Gem::Version.new(XPLAT_VERSION_WITH_WCM_DEPRECATED)
-      end
-
-      def is_WCM_env_var_set?
-        ENV['AZURE_USE_SECURE_TOKEN_STORAGE'].nil? ? false : true
+      def get_azure_cli_version
+        if @azure_version  != ""
+          get_version = shell_out!("azure -v || az -v | grep azure-cli", { returns: [0] }).stdout
+          @azure_version = get_version.gsub(/[^0-9.]/, '')
+        end
+        @azure_prefix = @azure_version.to_i < 2 ? "azure" : "az"
+        @azure_version
       end
 
       def token_details_for_windows
@@ -141,56 +136,49 @@ class Chef
           return false
         elsif time_difference <= 600 # 600sec = 10min
           # This is required otherwise a long running command may fail inbetween if the token gets expired.
-          raise "Token will expire within 10 minutes. Please run 'azure login' command"
+          raise "Token will expire within 10 minutes. Please run '#{@azure_prefix} login' command"
         else
           return true
         end
       end
 
       def refresh_token
+        azure_authentication
+        token_details = Chef::Platform.windows? ? token_details_for_windows() : token_details_for_linux()
+      end
+
+      def azure_authentication
         begin
           ui.log("Authenticating...")
-          Mixlib::ShellOut.new("azure vm show 'knifetest@resourcegroup' testvm", :timeout => 30).run_command
+          Mixlib::ShellOut.new("#{@azure_prefix} vm show 'knifetest@resourcegroup' testvm", :timeout => 30).run_command
         rescue Mixlib::ShellOut::CommandTimeout
         rescue Exception
-          raise "Token has expired. Please run 'azure login' command"
+          raise_azure_status
         end
-        if Chef::Platform.windows?
-          token_details = token_details_for_windows()
-        else
-          token_details = token_details_for_linux()
-        end
-        token_details
       end
 
       def check_token_validity(token_details)
-        if !is_token_valid?(token_details)
-          token_details = refresh_token()
-          if !is_token_valid?(token_details)
-            raise "Token has expired. Please run 'azure login' command"
+        unless is_token_valid?(token_details)
+          token_details = refresh_token
+          unless is_token_valid?(token_details)
+            raise_azure_status
           end
         end
         token_details
       end
 
       def validate_azure_login
-        err_string = "Please run XPLAT's 'azure login' command OR specify azure_tenant_id, azure_subscription_id, azure_client_id, azure_client_secret in your knife.rb"
-
-        ## Older versions of the Azure CLI on Windows stored credentials in a unique way
-        ## in Windows Credentails Manager (WCM).
-        ## Newer versions use the same pattern across platforms where credentials gets
-        ## stored in ~/.azure/accessTokens.json file.
         if Chef::Platform.windows? && (is_old_xplat? || is_WCM_env_var_set?)
           # cmdkey command is used for accessing windows credential manager
           xplat_creds_cmd = Mixlib::ShellOut.new("cmdkey /list | findstr AzureXplatCli")
           result = xplat_creds_cmd.run_command
           if result.stdout.nil? || result.stdout.empty?
-            raise err_string
+            raise login_message
           end
         else
           home_dir = File.expand_path('~')
           if !File.exists?(home_dir + "/.azure/accessTokens.json") || File.size?(home_dir + '/.azure/accessTokens.json') <= 2
-            raise err_string
+            raise login_message
           end
         end
       end
@@ -238,20 +226,6 @@ class Chef
         file
       end
 
-      def pretty_key(key)
-        key.to_s.gsub(/_/, ' ').gsub(/\w+/){ |w| (w =~ /(ssh)|(aws)/i) ? w.upcase  : w.capitalize }
-      end
-
-      def is_image_windows?
-        locate_config_value(:azure_image_reference_offer) =~ /WindowsServer.*/
-      end
-
-      def msg_pair(label, value, color=:cyan)
-        if value && !value.to_s.empty?
-          puts "#{ui.color(label, color)}: #{value}"
-        end
-      end
-
       def msg_server_summary(server)
         puts "\n\n"
         if server.provisioningstate == 'Succeeded'
@@ -335,6 +309,51 @@ class Chef
         config[:ohai_hints] = format_ohai_hints(locate_config_value(:ohai_hints))
         validate_ohai_hints if ! locate_config_value(:ohai_hints).casecmp('default').zero?
       end
+
+  private
+
+      def msg_pair(label, value, color=:cyan)
+        if value && !value.to_s.empty?
+          puts "#{ui.color(label, color)}: #{value}"
+        end
+      end
+
+      def pretty_key(key)
+        key.to_s.gsub(/_/, ' ').gsub(/\w+/){ |w| (w =~ /(ssh)|(aws)/i) ? w.upcase  : w.capitalize }
+      end
+
+      def is_image_windows?
+        locate_config_value(:azure_image_reference_offer) =~ /WindowsServer.*/
+      end
+
+      def is_azure_cred?
+        locate_config_value(:azure_tenant_id) && locate_config_value(:azure_client_id) && locate_config_value(:azure_client_secret)
+      end
+
+      def azure_cred?
+        locate_config_value(:azure_tenant_id).nil? || locate_config_value(:azure_client_id).nil? || locate_config_value(:azure_client_secret).nil?
+      end
+
+      def is_old_xplat?
+        return true unless @azure_version
+        Gem::Version.new(@azure_version) < Gem::Version.new(XPLAT_VERSION_WITH_WCM_DEPRECATED)
+      end
+
+      def is_WCM_env_var_set?
+        ENV['AZURE_USE_SECURE_TOKEN_STORAGE'].nil? ? false : true
+      end
+
+      def raise_azure_status
+        raise "Token has expired. Please run '#{@azure_prefix} login' command"
+      end
+
+      def login_message
+        ## Older versions of the Azure CLI on Windows stored credentials in a unique way
+        ## in Windows Credentails Manager (WCM).
+        ## Newer versions use the same pattern across platforms where credentials gets
+        ## stored in ~/.azure/accessTokens.json file.
+        "Please run XPLAT's '#{@azure_prefix} login' command OR specify azure_tenant_id, azure_subscription_id, azure_client_id, azure_client_secret in your knife.rb"
+      end
     end
   end
 end