fix issue #10 and #11 plus other minor improvements

.vscode/settings.json

@@ -7,6 +7,9 @@
         "**/.DS_Store": true,
         "**/*.js.map": true,
         "**/*.taskkey": true,
-        "**/*.js": { "when": "$(basename).ts"}
-    }
+        "**/*.js": {
+            "when": "$(basename).ts"
+        }
+    },
+    "editor.formatOnSave": true
 }

README.md

@@ -1,12 +1,11 @@
 # Utkarsh Azure DevOps Tasks
 
-[![Twitter Follow](https://img.shields.io/twitter/follow/onlyutkarsh.svg?style=social&label=Follow)](https://twitter.com/onlyutkarsh)
-
 A set of utility build and release tasks to help you in your Azure Pipelines. The tasks in this extension are written in `node` and hence can be run in both Windows or Linux based agents.
 
-
+[![Twitter Follow](https://img.shields.io/twitter/follow/onlyutkarsh.svg?style=social&label=Follow)](https://twitter.com/onlyutkarsh)
 [![Visual Studio Marketplace](https://img.shields.io/vscode-marketplace/v/onlyutkarsh.utkarsh-utility-tasks.svg)](https://marketplace.visualstudio.com/items?itemName=onlyutkarsh.utkarsh-utility-tasks)
 [![Build status](https://dev.azure.com/utkarshshigihalli/opensource/_apis/build/status/utkarsh-utilities-tasks-CI)](https://dev.azure.com/utkarshshigihalli/opensource/_build/latest?definitionId=1) 
+[![Deployment status](https://vsrm.dev.azure.com/utkarshshigihalli/_apis/public/Release/badge/7dacb9d3-9bce-415a-a15a-1b3e415612c8/1/7)](https://vsrm.dev.azure.com/utkarshshigihalli/_apis/public/Release/badge/7dacb9d3-9bce-415a-a15a-1b3e415612c8/1/7)
 
 
 ## Tasks
@@ -55,16 +54,19 @@ This task generates a secure string based on the given criteria. The task will b
 
 > - v#{Release.ReleaseName}#
 >   - Fix [issue 10](https://github.com/onlyutkarsh/utkarsh-utility-tasks/issues/10)
-> - 1.0.*
+> - 1.0.16
 >   - Add Manage tags task
 >   - Add Lock/Unlock Azure task.
 >   - Fix issue in `Publish Secrets to Keyvault` task where some characters were getting trimmed from secrets. 
 > - 1.0.0 
 >   - Initial release.
 
+## Telemetry
+
+To monitor/improve the tasks I send some telemetry **only when task errors out**. The data I send include platform (Windows/Linux etc) and the stacktrace of the exception. This will never send data like your name, subscription/tenant details. The code is open source and you are free to take a look. If you have any concerns, please raise an issue and I am happy investigate.
+
 ## Feedback
 
 Please rate the extension and share/tweet to spread the word!!
 
 - Found a bug or need to make a feature request? - Raise it as an [issue](https://github.com/onlyutkarsh/utkarsh-utility-tasks/issues).
-- Have a question? - Raise it here in the Q and A section.

package.json

@@ -11,6 +11,7 @@
     "init": "npm run init:root && npm run init:tasks",
     "clean-dist": "rimraf dist",
     "compile": "tsc && tslint --project .",
+    "compile:prod": "tsc -p tsconfig.production.json && tslint --project .",
     "updatetasks": "node scripts/updatetasks",
     "beta": "npm run updatetasks -- --beta",
     "alpha": "npm run updatetasks",
@@ -44,4 +45,4 @@
     "typescript": "^3.3.3333",
     "yargs": "^13.2.2"
   }
-}
+}

tasks/azure-lock-unlock/azure-lock-unlockV1/index.ts

@@ -2,20 +2,28 @@ import * as tl from "azure-pipelines-task-lib";
 import * as msrestazure from "ms-rest-azure";
 import * as azrm from "azure-arm-resource";
 import * as sentry from "@sentry/node";
+import { ServiceClientCredentials } from "ms-rest";
 
-sentry.init({ dsn: "https://28b58a21d5b74a0bba0e56d937dd56f9@sentry.io/1285555" });
+let _rootdir = __dirname || process.cwd();
+sentry.init({
+    dsn: "https://28b58a21d5b74a0bba0e56d937dd56f9@sentry.io/1285555",
+    release: "utkarsh-utility-tasks@#{Release.ReleaseName}#",
+    environment: "#{Release.EnvironmentName}#",
+    integrations: [new sentry.Integrations.RewriteFrames({
+        root: _rootdir
+    })]
+});
 sentry.configureScope((scope) => {
     scope.setTag("task", "azure-lock-unlock");
+    scope.setTag("os", tl.osType());
 });
+
 async function main() {
     try {
-        let connectedService = tl.getInput("ConnectedServiceARM", true);
+        let connectedService = tl.getInput("ConnectedServiceName", true);
         let subscriptionId = tl.getEndpointDataParameter(connectedService, "subscriptionId", true);
-        let clientId = tl.getEndpointAuthorizationParameter(connectedService, "serviceprincipalid", true);
-        let clientSecret = tl.getEndpointAuthorizationParameter(connectedService, "serviceprincipalkey", true);
-        let tenantId: string = tl.getEndpointAuthorizationParameter(connectedService, "tenantId", false);
 
-        let credentials = await msrestazure.loginWithServicePrincipalSecret(clientId, clientSecret, tenantId);
+        let credentials = getCredentials(connectedService);
         let client = new azrm.ManagementLockClient.ManagementLockClient(credentials, subscriptionId);
 
         let applyTo = tl.getInput("applyTo", true);
@@ -68,6 +76,25 @@ async function main() {
     }
 }
 
+function getCredentials(connectedService: string): ServiceClientCredentials {
+
+    let authScheme = tl.getEndpointAuthorizationScheme(connectedService, true);
+    let subscriptionId = tl.getEndpointDataParameter(connectedService, "subscriptionId", true);
+    let clientId = tl.getEndpointAuthorizationParameter(connectedService, "serviceprincipalid", true);
+    let clientSecret = tl.getEndpointAuthorizationParameter(connectedService, "serviceprincipalkey", true);
+    let tenantId: string = tl.getEndpointAuthorizationParameter(connectedService, "tenantId", false);
+
+    if (authScheme === "ManagedServiceIdentity") {
+        console.log("Logging in using MSIVmTokenCredentials");
+        return new msrestazure.MSIVmTokenCredentials();
+    }
+    console.log(`Logging in using ApplicationTokenCredentials, authScheme is '${authScheme}'`);
+
+    let credentials = new msrestazure.ApplicationTokenCredentials(clientId, tenantId, clientSecret);
+
+    return credentials;
+}
+
 main()
     .then(() => { })
     .catch(reason => {

tasks/azure-lock-unlock/azure-lock-unlockV1/task.json

@@ -30,7 +30,7 @@
 			}
 		},
 		{
-			"name": "ConnectedServiceARM",
+			"name": "ConnectedServiceName",
 			"aliases": [
 				"azureSubscription"
 			],

tasks/azure-manage-tags/azure-manage-tagsV1/index.ts

@@ -3,20 +3,28 @@ import * as msrestazure from "ms-rest-azure";
 import * as azrm from "azure-arm-resource";
 import * as sentry from "@sentry/node";
 import * as xreg from "xregexp";
+import { ServiceClientCredentials } from "ms-rest";
 
-sentry.init({ dsn: "https://28b58a21d5b74a0bba0e56d937dd56f9@sentry.io/1285555" });
+let _rootdir = __dirname || process.cwd();
+sentry.init({
+    dsn: "https://28b58a21d5b74a0bba0e56d937dd56f9@sentry.io/1285555",
+    release: "utkarsh-utility-tasks@#{Release.ReleaseName}#",
+    environment: "#{Release.EnvironmentName}#",
+    integrations: [new sentry.Integrations.RewriteFrames({
+        root: _rootdir
+    })]
+});
 sentry.configureScope((scope) => {
-    scope.setTag("task", "azure-manage-tags");
+    scope.setTag("task", "azure-lock-unlock");
+    scope.setTag("os", tl.osType());
 });
+
 async function main() {
     try {
-        let connectedService = tl.getInput("ConnectedServiceNameARM", true);
+        let connectedService = tl.getInput("ConnectedServiceName", true);
         let subscriptionId = tl.getEndpointDataParameter(connectedService, "subscriptionId", true);
-        let clientId = tl.getEndpointAuthorizationParameter(connectedService, "serviceprincipalid", true);
-        let clientSecret = tl.getEndpointAuthorizationParameter(connectedService, "serviceprincipalkey", true);
-        let tenantId: string = tl.getEndpointAuthorizationParameter(connectedService, "tenantId", false);
 
-        let credentials = await msrestazure.loginWithServicePrincipalSecret(clientId, clientSecret, tenantId);
+        let credentials = getCredentials(connectedService);
         let rmClient = new azrm.ResourceManagementClient.ResourceManagementClient(credentials, subscriptionId);
         let resourceGroupName = tl.getInput("resourceGroupName", false);
 
@@ -63,6 +71,25 @@ async function main() {
     }
 }
 
+function getCredentials(connectedService: string): ServiceClientCredentials {
+
+    let authScheme = tl.getEndpointAuthorizationScheme(connectedService, true);
+    let subscriptionId = tl.getEndpointDataParameter(connectedService, "subscriptionId", true);
+    let clientId = tl.getEndpointAuthorizationParameter(connectedService, "serviceprincipalid", true);
+    let clientSecret = tl.getEndpointAuthorizationParameter(connectedService, "serviceprincipalkey", true);
+    let tenantId: string = tl.getEndpointAuthorizationParameter(connectedService, "tenantId", false);
+
+    if (authScheme === "ManagedServiceIdentity") {
+        console.log("Logging in using MSIVmTokenCredentials");
+        return new msrestazure.MSIVmTokenCredentials();
+    }
+    console.log(`Logging in using ApplicationTokenCredentials, authScheme is '${authScheme}'`);
+
+    let credentials = new msrestazure.ApplicationTokenCredentials(clientId, tenantId, clientSecret);
+
+    return credentials;
+}
+
 async function appendTags(newTags: any, resourceGroup: azrm.ResourceManagementClient.ResourceManagementModels.ResourceGroup, rmClient: azrm.ResourceManagementClient.ResourceManagementClient) {
     let existingTags = resourceGroup.tags || {};
     let updatedTags = { ...existingTags, ...newTags };

tasks/azure-manage-tags/azure-manage-tagsV1/task.json

@@ -18,7 +18,7 @@
 	"instanceNameFormat": "$(action) tags in $(resourceGroupName)",
 	"inputs": [
 		{
-			"name": "ConnectedServiceNameARM",
+			"name": "ConnectedServiceName",
 			"aliases": [
 				"azureSubscription"
 			],

tasks/publish-secrets-to-kv/publish-secrets-to-kvV1/index.ts

@@ -5,14 +5,24 @@ import * as sentry from "@sentry/node";
 import * as xreg from "xregexp";
 import { ServiceClientCredentials } from "ms-rest";
 
-sentry.init({ dsn: "https://28b58a21d5b74a0bba0e56d937dd56f9@sentry.io/1285555" });
+let _rootdir = __dirname || process.cwd();
+sentry.init({
+    dsn: "https://28b58a21d5b74a0bba0e56d937dd56f9@sentry.io/1285555",
+    release: "utkarsh-utility-tasks@#{Release.ReleaseName}#",
+    environment: "#{Release.EnvironmentName}#",
+    integrations: [new sentry.Integrations.RewriteFrames({
+        root: _rootdir
+    })]
+});
 sentry.configureScope((scope) => {
-    scope.setTag("task", "publish-secrets-to-kv");
+    scope.setTag("task", "azure-lock-unlock");
+    scope.setTag("os", tl.osType());
 });
+
 async function main() {
     try {
         // get the task vars
-        let connectedService: string = tl.getInput("ConnectedServiceARM", true);
+        let connectedService: string = tl.getInput("ConnectedServiceName", true);
         let azureKeyVaultDnsSuffix = tl.getEndpointDataParameter(connectedService, "AzureKeyVaultDnsSuffix", true);
         let credentials = getCredentials(connectedService);
 

tasks/publish-secrets-to-kv/publish-secrets-to-kvV1/task.json

@@ -18,7 +18,7 @@
 	"instanceNameFormat": "Publish secrets to Azure Key vault $(keyVaultName)",
 	"inputs": [
 		{
-			"name": "ConnectedServiceNameARM",
+			"name": "ConnectedServiceName",
 			"aliases": [
 				"azureSubscription"
 			],
@@ -70,8 +70,7 @@
 		{
 			"target": "keyVaultName",
 			"endpointId": "$(ConnectedServiceName)",
-			"dataSourceName": "AzureKeyVaultsList",
-			"resultTemplate": "{ \"Value\" : \"{{{name}}}\", \"DisplayValue\" : \"{{{name}}}\" }"
+			"dataSourceName": "AzureKeyVaults"
 		}
 	],
 	"execution": {

tasks/secrets-for-strings/secrets-for-stringsV1/index.ts

@@ -2,9 +2,18 @@ import * as tl from "azure-pipelines-task-lib";
 import * as generator from "generate-password";
 import * as sentry from "@sentry/node";
 
-sentry.init({ dsn: "https://28b58a21d5b74a0bba0e56d937dd56f9@sentry.io/1285555" });
+let _rootdir = __dirname || process.cwd();
+sentry.init({
+    dsn: "https://28b58a21d5b74a0bba0e56d937dd56f9@sentry.io/1285555",
+    release: "utkarsh-utility-tasks@#{Release.ReleaseName}#",
+    environment: "#{Release.EnvironmentName}#",
+    integrations: [new sentry.Integrations.RewriteFrames({
+        root: _rootdir
+    })]
+});
 sentry.configureScope((scope) => {
-    scope.setTag("task", "secrets-for-strings");
+    scope.setTag("task", "azure-lock-unlock");
+    scope.setTag("os", tl.osType());
 });
 
 async function main() {

tsconfig.production.json

@@ -0,0 +1,11 @@
+{
+    "extends": "./tsconfig",
+    "compilerOptions": {
+        "module": "commonjs",
+        "target": "es6",
+        "moduleResolution": "node",
+        "sourceMap": true,
+        "inlineSources": true,
+        "sourceRoot": "/"
+    }
+}