mirror of
https://github.com/azure/login.git
synced 2026-03-15 09:20:56 -04:00
Compare commits
1 Commits
ganeshrock
...
users/aksm
| Author | SHA1 | Date | |
|---|---|---|---|
|
673e01b856 |
@@ -9,10 +9,6 @@ inputs:
|
||||
description: 'Set this value to true to enable Azure PowerShell Login in addition to Az CLI login'
|
||||
required: false
|
||||
default: false
|
||||
allow-no-subscriptions:
|
||||
description: 'Set this value to true to enable support for accessing tenants without subscriptions'
|
||||
required: false
|
||||
default: false
|
||||
branding:
|
||||
icon: 'login.svg'
|
||||
color: 'blue'
|
||||
|
||||
@@ -25,12 +25,11 @@ const PowerShellToolRunner_1 = __importDefault(require("./Utilities/PowerShellTo
|
||||
const ScriptBuilder_1 = __importDefault(require("./Utilities/ScriptBuilder"));
|
||||
const Constants_1 = __importDefault(require("./Constants"));
|
||||
class ServicePrincipalLogin {
|
||||
constructor(servicePrincipalId, servicePrincipalKey, tenantId, subscriptionId, allowNoSubscriptionsLogin) {
|
||||
constructor(servicePrincipalId, servicePrincipalKey, tenantId, subscriptionId) {
|
||||
this.servicePrincipalId = servicePrincipalId;
|
||||
this.servicePrincipalKey = servicePrincipalKey;
|
||||
this.tenantId = tenantId;
|
||||
this.subscriptionId = subscriptionId;
|
||||
this.allowNoSubscriptionsLogin = allowNoSubscriptionsLogin;
|
||||
}
|
||||
initialize() {
|
||||
return __awaiter(this, void 0, void 0, function* () {
|
||||
@@ -55,8 +54,7 @@ class ServicePrincipalLogin {
|
||||
servicePrincipalKey: this.servicePrincipalKey,
|
||||
subscriptionId: this.subscriptionId,
|
||||
environment: ServicePrincipalLogin.environment,
|
||||
scopeLevel: ServicePrincipalLogin.scopeLevel,
|
||||
allowNoSubscriptionsLogin: this.allowNoSubscriptionsLogin
|
||||
scopeLevel: ServicePrincipalLogin.scopeLevel
|
||||
};
|
||||
const script = new ScriptBuilder_1.default().getAzPSLoginScript(ServicePrincipalLogin.scheme, this.tenantId, args);
|
||||
yield PowerShellToolRunner_1.default.init();
|
||||
|
||||
@@ -23,7 +23,7 @@ class ScriptBuilder {
|
||||
command += `Connect-AzAccount -ServicePrincipal -Tenant '${tenantId}' -Credential \
|
||||
(New-Object System.Management.Automation.PSCredential('${args.servicePrincipalId}',(ConvertTo-SecureString '${args.servicePrincipalKey.replace("'", "''")}' -AsPlainText -Force))) \
|
||||
-Environment '${args.environment}' | out-null;`;
|
||||
if (args.scopeLevel === Constants_1.default.Subscription && !args.allowNoSubscriptionsLogin) {
|
||||
if (args.scopeLevel === Constants_1.default.Subscription) {
|
||||
command += `Set-AzContext -SubscriptionId '${args.subscriptionId}' -TenantId '${tenantId}' | out-null;`;
|
||||
}
|
||||
}
|
||||
|
||||
32
lib/main.js
32
lib/main.js
@@ -36,7 +36,16 @@ function main() {
|
||||
core.exportVariable('AZURE_HTTP_USER_AGENT', userAgentString);
|
||||
core.exportVariable('AZUREPS_HOST_ENVIRONMENT', azurePSHostEnv);
|
||||
azPath = yield io.which("az", true);
|
||||
yield executeAzCliCommand("--version");
|
||||
let output = "";
|
||||
const options = {
|
||||
listeners: {
|
||||
stdout: (data) => {
|
||||
output += data.toString();
|
||||
}
|
||||
}
|
||||
};
|
||||
yield executeAzCliCommand("--version", true, options);
|
||||
core.debug(`az cli version used:\n${output}`);
|
||||
let creds = core.getInput('creds', { required: true });
|
||||
let secrets = new actions_secret_parser_1.SecretParser(creds, actions_secret_parser_1.FormatType.JSON);
|
||||
let servicePrincipalId = secrets.getSecret("$.clientId", false);
|
||||
@@ -44,27 +53,17 @@ function main() {
|
||||
let tenantId = secrets.getSecret("$.tenantId", false);
|
||||
let subscriptionId = secrets.getSecret("$.subscriptionId", false);
|
||||
const enableAzPSSession = core.getInput('enable-AzPSSession').toLowerCase() === "true";
|
||||
const allowNoSubscriptionsLogin = core.getInput('allow-no-subscriptions').toLowerCase() === "true";
|
||||
console.log(allowNoSubscriptionsLogin);
|
||||
if (!servicePrincipalId || !servicePrincipalKey || !tenantId) {
|
||||
throw new Error("Not all values are present in the creds object. Ensure clientId, clientSecret and tenantId are supplied.");
|
||||
}
|
||||
if (!subscriptionId && !allowNoSubscriptionsLogin) {
|
||||
throw new Error("Not all values are present in the creds object. Ensure subscriptionId is supplied.");
|
||||
if (!servicePrincipalId || !servicePrincipalKey || !tenantId || !subscriptionId) {
|
||||
throw new Error("Not all values are present in the creds object. Ensure clientId, clientSecret, tenantId and subscriptionId are supplied.");
|
||||
}
|
||||
// Attempting Az cli login
|
||||
if (allowNoSubscriptionsLogin) {
|
||||
yield executeAzCliCommand(`login --allow-no-subscriptions --service-principal -u "${servicePrincipalId}" -p "${servicePrincipalKey}" --tenant "${tenantId}"`, true);
|
||||
}
|
||||
else {
|
||||
yield executeAzCliCommand(`login --service-principal -u "${servicePrincipalId}" -p "${servicePrincipalKey}" --tenant "${tenantId}"`, true);
|
||||
yield executeAzCliCommand(`account set --subscription "${subscriptionId}"`, true);
|
||||
}
|
||||
isAzCLISuccess = true;
|
||||
if (enableAzPSSession) {
|
||||
// Attempting Az PS login
|
||||
console.log(`Running Azure PS Login`);
|
||||
const spnlogin = new ServicePrincipalLogin_1.ServicePrincipalLogin(servicePrincipalId, servicePrincipalKey, tenantId, subscriptionId, allowNoSubscriptionsLogin);
|
||||
const spnlogin = new ServicePrincipalLogin_1.ServicePrincipalLogin(servicePrincipalId, servicePrincipalKey, tenantId, subscriptionId);
|
||||
yield spnlogin.initialize();
|
||||
yield spnlogin.login();
|
||||
}
|
||||
@@ -86,10 +85,11 @@ function main() {
|
||||
}
|
||||
});
|
||||
}
|
||||
function executeAzCliCommand(command, silent) {
|
||||
function executeAzCliCommand(command, silent, options = {}) {
|
||||
return __awaiter(this, void 0, void 0, function* () {
|
||||
options.silent = !!silent;
|
||||
try {
|
||||
yield exec.exec(`"${azPath}" ${command}`, [], { silent: !!silent });
|
||||
yield exec.exec(`"${azPath}" ${command}`, [], options);
|
||||
}
|
||||
catch (error) {
|
||||
throw new Error(error);
|
||||
|
||||
@@ -13,18 +13,12 @@ export class ServicePrincipalLogin implements IAzurePowerShellSession {
|
||||
servicePrincipalKey: string;
|
||||
tenantId: string;
|
||||
subscriptionId: string;
|
||||
allowNoSubscriptionsLogin: boolean;
|
||||
|
||||
constructor(servicePrincipalId: string,
|
||||
servicePrincipalKey: string,
|
||||
tenantId: string,
|
||||
subscriptionId: string,
|
||||
allowNoSubscriptionsLogin: boolean) {
|
||||
constructor(servicePrincipalId: string, servicePrincipalKey: string, tenantId: string, subscriptionId: string) {
|
||||
this.servicePrincipalId = servicePrincipalId;
|
||||
this.servicePrincipalKey = servicePrincipalKey;
|
||||
this.tenantId = tenantId;
|
||||
this.subscriptionId = subscriptionId;
|
||||
this.allowNoSubscriptionsLogin = allowNoSubscriptionsLogin;
|
||||
}
|
||||
|
||||
async initialize() {
|
||||
@@ -48,8 +42,7 @@ export class ServicePrincipalLogin implements IAzurePowerShellSession {
|
||||
servicePrincipalKey: this.servicePrincipalKey,
|
||||
subscriptionId: this.subscriptionId,
|
||||
environment: ServicePrincipalLogin.environment,
|
||||
scopeLevel: ServicePrincipalLogin.scopeLevel,
|
||||
allowNoSubscriptionsLogin: this.allowNoSubscriptionsLogin
|
||||
scopeLevel: ServicePrincipalLogin.scopeLevel
|
||||
}
|
||||
const script: string = new ScriptBuilder().getAzPSLoginScript(ServicePrincipalLogin.scheme, this.tenantId, args);
|
||||
await PowerShellToolRunner.init();
|
||||
|
||||
@@ -12,7 +12,7 @@ export default class ScriptBuilder {
|
||||
command += `Connect-AzAccount -ServicePrincipal -Tenant '${tenantId}' -Credential \
|
||||
(New-Object System.Management.Automation.PSCredential('${args.servicePrincipalId}',(ConvertTo-SecureString '${args.servicePrincipalKey.replace("'", "''")}' -AsPlainText -Force))) \
|
||||
-Environment '${args.environment}' | out-null;`;
|
||||
if (args.scopeLevel === Constants.Subscription && !args.allowNoSubscriptionsLogin) {
|
||||
if (args.scopeLevel === Constants.Subscription) {
|
||||
command += `Set-AzContext -SubscriptionId '${args.subscriptionId}' -TenantId '${tenantId}' | out-null;`;
|
||||
}
|
||||
}
|
||||
|
||||
34
src/main.ts
34
src/main.ts
@@ -21,7 +21,16 @@ async function main() {
|
||||
core.exportVariable('AZUREPS_HOST_ENVIRONMENT', azurePSHostEnv);
|
||||
|
||||
azPath = await io.which("az", true);
|
||||
await executeAzCliCommand("--version");
|
||||
let output: string = "";
|
||||
const options: any = {
|
||||
listeners: {
|
||||
stdout: (data: Buffer) => {
|
||||
output += data.toString();
|
||||
}
|
||||
}
|
||||
};
|
||||
await executeAzCliCommand("--version", true, options);
|
||||
core.debug(`az cli version used:\n${output}`);
|
||||
|
||||
let creds = core.getInput('creds', { required: true });
|
||||
let secrets = new SecretParser(creds, FormatType.JSON);
|
||||
@@ -30,29 +39,17 @@ async function main() {
|
||||
let tenantId = secrets.getSecret("$.tenantId", false);
|
||||
let subscriptionId = secrets.getSecret("$.subscriptionId", false);
|
||||
const enableAzPSSession = core.getInput('enable-AzPSSession').toLowerCase() === "true";
|
||||
const allowNoSubscriptionsLogin = core.getInput('allow-no-subscriptions').toLowerCase() === "true";
|
||||
console.log(allowNoSubscriptionsLogin);
|
||||
if (!servicePrincipalId || !servicePrincipalKey || !tenantId) {
|
||||
throw new Error("Not all values are present in the creds object. Ensure clientId, clientSecret and tenantId are supplied.");
|
||||
if (!servicePrincipalId || !servicePrincipalKey || !tenantId || !subscriptionId) {
|
||||
throw new Error("Not all values are present in the creds object. Ensure clientId, clientSecret, tenantId and subscriptionId are supplied.");
|
||||
}
|
||||
|
||||
if (!subscriptionId && !allowNoSubscriptionsLogin) {
|
||||
throw new Error("Not all values are present in the creds object. Ensure subscriptionId is supplied.");
|
||||
}
|
||||
|
||||
// Attempting Az cli login
|
||||
if (allowNoSubscriptionsLogin) {
|
||||
await executeAzCliCommand(`login --allow-no-subscriptions --service-principal -u "${servicePrincipalId}" -p "${servicePrincipalKey}" --tenant "${tenantId}"`, true);
|
||||
}
|
||||
else {
|
||||
await executeAzCliCommand(`login --service-principal -u "${servicePrincipalId}" -p "${servicePrincipalKey}" --tenant "${tenantId}"`, true);
|
||||
await executeAzCliCommand(`account set --subscription "${subscriptionId}"`, true);
|
||||
}
|
||||
isAzCLISuccess = true;
|
||||
if (enableAzPSSession) {
|
||||
// Attempting Az PS login
|
||||
console.log(`Running Azure PS Login`);
|
||||
const spnlogin: ServicePrincipalLogin = new ServicePrincipalLogin(servicePrincipalId, servicePrincipalKey, tenantId, subscriptionId, allowNoSubscriptionsLogin);
|
||||
const spnlogin: ServicePrincipalLogin = new ServicePrincipalLogin(servicePrincipalId, servicePrincipalKey, tenantId, subscriptionId);
|
||||
await spnlogin.initialize();
|
||||
await spnlogin.login();
|
||||
}
|
||||
@@ -71,9 +68,10 @@ async function main() {
|
||||
}
|
||||
}
|
||||
|
||||
async function executeAzCliCommand(command: string, silent?: boolean) {
|
||||
async function executeAzCliCommand(command: string, silent?: boolean, options: any = {}) {
|
||||
options.silent = !!silent;
|
||||
try {
|
||||
await exec.exec(`"${azPath}" ${command}`, [], {silent: !!silent});
|
||||
await exec.exec(`"${azPath}" ${command}`, [], options);
|
||||
}
|
||||
catch(error) {
|
||||
throw new Error(error);
|
||||
|
||||
Reference in New Issue
Block a user