Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

VM/VMSS: incorporate credentials validation logic used by portal #2537

Merged
merged 4 commits into from Mar 17, 2017
Merged

VM/VMSS: incorporate credentials validation logic used by portal #2537

merged 4 commits into from Mar 17, 2017

Conversation

yugangw-msft
Copy link
Contributor

Fix #2010. Fix #1943

@codecov-io
Copy link

codecov-io commented Mar 17, 2017
edited

Codecov Report

Merging #2537 into master will increase coverage by 0.07%.
The diff coverage is 91.66%.

@@            Coverage Diff            @@
##           master   #2537      +/-   ##
=========================================
+ Coverage   72.02%   72.1%   +0.07%     
=========================================
  Files         362     362              
  Lines       19766   19790      +24     
  Branches     2913    2920       +7     
=========================================
+ Hits        14236   14269      +33     
+ Misses       4612    4600      -12     
- Partials      918     921       +3
Impacted Files Coverage Δ
...cli-vm/azure/cli/command_modules/vm/_validators.py 72.17% <91.66%> (+3.32%)
src/azure-cli-core/azure/cli/core/_util.py 66.66% <0%> (ø)
...-cli-role/azure/cli/command_modules/role/custom.py 17.89% <0%> (ø)
...dback/azure/cli/command_modules/feedback/custom.py 34.69% <0%> (ø)

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update ac03b51...6972924. Read the comment docs.

tjprescott
tjprescott suggested changes Mar 17, 2017
View reviewed changes
Copy link
Member

@tjprescott tjprescott left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some small requests, but overall LGTM!

src/command_modules/azure-cli-vm/azure/cli/command_modules/vm/_validators.py Outdated
@@ -571,6 +566,52 @@ def _validate_vm_create_auth(namespace):
'/home/{}/.ssh/authorized_keys'.format(namespace.admin_username)


def _validate_admin_username(username, is_linux):
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Instead of taking an "is_linux" bool, just accept the os_type and do the check in this method. Otherwise you run the risk of introducing bugs in the future if one invocation is changed and the other is not.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done

src/command_modules/azure-cli-vm/azure/cli/command_modules/vm/_validators.py Outdated
@@ -571,6 +566,52 @@ def _validate_vm_create_auth(namespace):
'/home/{}/.ssh/authorized_keys'.format(namespace.admin_username)


def _validate_admin_username(username, is_linux):
if not username:
return "admin user name can not be empty"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is the point of this return statement? Shouldn't it raise an exception?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch. I missed this one when converted 'returning error strings' to throw. I also added a test for this

src/command_modules/azure-cli-vm/azure/cli/command_modules/vm/_validators.py Outdated
"owner", "root", "server", "sql", "support", "support_388945a0",
"sys", "test2", "test3", "user4", "user5"]
if username.lower() in disallowed_user_names:
raise CLIError('The specified admin user name is not allowed, as it uses reserved words. Try again with a different value')
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reserved words sounds like programming keywords like int, char, etc. Plus it's hard to say that "support_388945a0" is reserved. 😁 I would recommend something like "This user name "foo" meets the general requirements, but is specifically disallowed for this image. Please try a different value."

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

src/command_modules/azure-cli-vm/azure/cli/command_modules/vm/_validators.py Outdated
"pass@word1", "Password!", "Password1", "Password22", "iloveyou!"
]
if password.lower() in disallowed_passwords:
raise CLIError('The specified password is not allowed')
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd recommend a similar error as above: that the password meets the general requirements, but it specifically disallowed.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

On a second thought, let me just remove this whole section. Those old banned passwords would not meet the length requirement anyway

src/command_modules/azure-cli-vm/tests/test_vm_actions.py
@@ -65,3 +67,64 @@ def test_figure_out_storage_source(self):
self.assertFalse(src_disk)
self.assertFalse(src_snapshot)
self.assertEqual(src_blob_uri, test_data)

def test_validate_admin_username_linux(self):
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 for unit tests!

@yugangw-msft yugangw-msft merged commit 9a31807 into Azure:master Mar 17, 2017
@yugangw-msft yugangw-msft deleted the short branch March 17, 2017 20:08
thegalah pushed a commit to thegalah/azure-cli that referenced this pull request Mar 21, 2017
Merge remote-tracking branch 'Azure/master'
184224f 
* Azure/master: (478 commits)
  vm live test: allow more valid power states on vmss test verifications (Azure#2564)
  rbac:catch more graph error (Azure#2567)
  appservice: support to create plan when create a webapp (Azure#2550)
  Update storage tests (Azure#2556)
  Change PEP8 check filter from whitelist to blacklist (Azure#2557)
  Add scenario tests documentation (Azure#2555)
  [ACS] Adding support for configuring a default ACS cluster (Azure#2554)
  [ACS] Provide a short name alias for the orchestrator type flag (Azure#2553)
  Sql Import/Export CLI commands and test (Azure#2538)
  Fix format bug. (Azure#2549)
  [VM/VMSS] Improved disk caching support (Azure#2522)
  VM/VMSS: incorporate credentials validation logic used by portal (Azure#2537)
  Script that creates packaged releases package archive (Azure#2508)
  Adding alias for defaults flag (Azure#2540)
  Add wait commands and --no-wait support (Azure#2524)
  choice list outside of named arguments (Azure#2521)
  Fixed test failure in test_sql_db_mgmt. (Azure#2530)
  core: support login using service principal with a cert (Azure#2457)
  Add note about being in preview (Azure#2512)
  vm:fix distro check mechanism used by disk encryption (Azure#2511)
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tjprescott tjprescott tjprescott approved these changes

Assignees
No one assigned
Labels
cla-already-signed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@yugangw-msft @codecov-io @tjprescott @msftclas @haroldrandom