-
Notifications
You must be signed in to change notification settings - Fork 4.6k
/
config.go
146 lines (117 loc) · 3.85 KB
/
config.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
package authentication
import (
"fmt"
"log"
"github.com/Azure/go-autorest/autorest/adal"
"github.com/Azure/go-autorest/autorest/azure/cli"
)
// Config is the configuration structure used to instantiate a
// new Azure management client.
type Config struct {
ManagementURL string
// Core
ClientID string
SubscriptionID string
TenantID string
Environment string
SkipCredentialsValidation bool
SkipProviderRegistration bool
// Service Principal Auth
ClientSecret string
// Bearer Auth
AccessToken *adal.Token
IsCloudShell bool
}
func (c *Config) LoadTokensFromAzureCLI() error {
profilePath, err := cli.ProfilePath()
if err != nil {
return fmt.Errorf("Error loading the Profile Path from the Azure CLI: %+v", err)
}
profile, err := cli.LoadProfile(profilePath)
if err != nil {
return fmt.Errorf("Azure CLI Authorization Profile was not found. Please ensure the Azure CLI is installed and then log-in with `az login`.")
}
cliProfile := AzureCLIProfile{
Profile: profile,
}
// find the Subscription ID if it's not specified
if c.SubscriptionID == "" {
// we want to expose a more friendly error to the user, but this is useful for debug purposes
err := c.populateSubscriptionFromCLIProfile(cliProfile)
if err != nil {
log.Printf("Error Populating the Subscription from the CLI Profile: %s", err)
}
}
// find the Tenant ID for that subscription if they're not specified
if c.TenantID == "" {
err := c.populateTenantFromCLIProfile(cliProfile)
if err != nil {
// we want to expose a more friendly error to the user, but this is useful for debug purposes
log.Printf("Error Populating the Tenant from the CLI Profile: %s", err)
}
}
foundToken := false
if c.TenantID != "" {
// pull out the ClientID and the AccessToken from the Azure Access Token
tokensPath, err := cli.AccessTokensPath()
if err != nil {
return fmt.Errorf("Error loading the Tokens Path from the Azure CLI: %+v", err)
}
tokens, err := cli.LoadTokens(tokensPath)
if err != nil {
return fmt.Errorf("Azure CLI Authorization Tokens were not found. Please ensure the Azure CLI is installed and then log-in with `az login`.")
}
validToken, _ := findValidAccessTokenForTenant(tokens, c.TenantID)
if validToken != nil {
foundToken, err = c.populateFromAccessToken(validToken)
if err != nil {
return err
}
}
}
if !foundToken {
return fmt.Errorf("No valid (unexpired) Azure CLI Auth Tokens found. Please run `az login`.")
}
// always pull the Environment from the CLI
err = c.populateEnvironmentFromCLIProfile(cliProfile)
if err != nil {
// we want to expose a more friendly error to the user, but this is useful for debug purposes
log.Printf("Error Populating the Environment from the CLI Profile: %s", err)
}
return nil
}
func (c *Config) populateSubscriptionFromCLIProfile(cliProfile AzureCLIProfile) error {
subscriptionId, err := cliProfile.FindDefaultSubscriptionId()
if err != nil {
return err
}
c.SubscriptionID = subscriptionId
return nil
}
func (c *Config) populateTenantFromCLIProfile(cliProfile AzureCLIProfile) error {
subscription, err := cliProfile.FindSubscription(c.SubscriptionID)
if err != nil {
return err
}
if c.TenantID == "" {
c.TenantID = subscription.TenantID
}
return nil
}
func (c *Config) populateEnvironmentFromCLIProfile(cliProfile AzureCLIProfile) error {
subscription, err := cliProfile.FindSubscription(c.SubscriptionID)
if err != nil {
return err
}
c.Environment = normalizeEnvironmentName(subscription.EnvironmentName)
return nil
}
func (c *Config) populateFromAccessToken(token *AccessToken) (bool, error) {
if token == nil {
return false, fmt.Errorf("No valid access token was found to populate from")
}
c.ClientID = token.ClientID
c.AccessToken = token.AccessToken
c.IsCloudShell = token.IsCloudShell
return true, nil
}