Skip to content
This repository has been archived by the owner on Nov 1, 2023. It is now read-only.

Commit

Permalink
bump azure-cli and azure-cli-core to 2.31.0 (#1557)
Browse files Browse the repository at this point in the history
* bump azure-cli and azure-cli-core to 2.31.0

and all required dependencies

* Update src/cli/onefuzz/cred_wrapper.py

Co-authored-by: Joe Ranweiler <joe@lemma.co>

* updating credential wrapper

* Update src/cli/onefuzz/azure_identity_credential_adapter.py

Co-authored-by: Joe Ranweiler <joe@lemma.co>

* updating credential wrapper

* .

Co-authored-by: stas <statis@microsoft.com>
Co-authored-by: Joe Ranweiler <joe@lemma.co>
  • Loading branch information
3 people authored Jan 5, 2022
1 parent 5515aa1 commit c542189
Show file tree
Hide file tree
Showing 10 changed files with 115 additions and 34 deletions.
66 changes: 66 additions & 0 deletions src/cli/onefuzz/azure_identity_credential_adapter.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,66 @@
# ------------------------------------
# Copyright (c) Microsoft Corporation.
# Licensed under the MIT License.
# ------------------------------------

# Adapt credentials from azure-identity to be compatible with SDK that needs msrestazure or azure.common.credentials
# Need msrest >= 0.6.0
# See also https://pypi.org/project/azure-identity/

# Source: https://github.com/jongio/azidext/blob/8374293bd80648f764237ddfc5f5223e7e98472b/python/azure_identity_credential_adapter.py

from typing import Any

from azure.core.pipeline import PipelineContext, PipelineRequest
from azure.core.pipeline.policies import BearerTokenCredentialPolicy
from azure.core.pipeline.transport import HttpRequest
from azure.identity import DefaultAzureCredential
from msrest.authentication import BasicTokenAuthentication


class AzureIdentityCredentialAdapter(BasicTokenAuthentication):
def __init__(
self,
credential: Any = None,
resource_id: Any = "https://management.azure.com/.default",
**kwargs: Any
):
"""Adapt any azure-identity credential to work with SDK that needs azure.common.credentials or msrestazure.
Default resource is ARM (syntax of endpoint v2)
:param credential: Any azure-identity credential (DefaultAzureCredential by default)
:param str resource_id: The scope to use to get the token (default ARM)
"""
super(AzureIdentityCredentialAdapter, self).__init__({})
if credential is None:
credential = DefaultAzureCredential()
self._policy = BearerTokenCredentialPolicy(credential, resource_id, **kwargs)

def _make_request(self) -> Any:
return PipelineRequest(
HttpRequest(
"AzureIdentityCredentialAdapter",
# This URL is not actually used. We just create a phony request to get credentials using only public APIs.
# Use a standard Microsoft-controlled example URL anyway.
"https://contoso.com",
),
PipelineContext(None),
)

def set_token(self) -> Any:
"""Ask the azure-core BearerTokenCredentialPolicy policy to get a token.
Using the policy gives us for free the caching system of azure-core.
We could make this code simpler by using private method, but by definition
I can't assure they will be there forever, so mocking a fake call to the policy
to extract the token, using 100% public API."""
request = self._make_request()
self._policy.on_request(request)
# Read Authorization, and get the second part after Bearer
token = request.http_request.headers["Authorization"].split(" ", 1)[1]
self.token = {"access_token": token}

def signed_session(self, session: Any = None) -> Any:
self.set_token()
return super(AzureIdentityCredentialAdapter, self).signed_session(session)
7 changes: 4 additions & 3 deletions src/cli/onefuzz/debug.py
Original file line number Diff line number Diff line change
Expand Up @@ -15,13 +15,14 @@
import jmespath
from azure.applicationinsights import ApplicationInsightsDataClient
from azure.applicationinsights.models import QueryBody
from azure.common.client_factory import get_azure_cli_credentials
from azure.identity import AzureCliCredential
from onefuzztypes.enums import ContainerType, TaskType
from onefuzztypes.models import BlobRef, Job, NodeAssignment, Report, Task, TaskConfig
from onefuzztypes.primitives import Container, Directory, PoolName

from onefuzz.api import UUID_EXPANSION, Command, Onefuzz

from .azure_identity_credential_adapter import AzureIdentityCredentialAdapter
from .backend import wait
from .rdp import rdp_connect
from .ssh import ssh_connect
Expand Down Expand Up @@ -455,8 +456,8 @@ def query(
raise Exception("instance does not have an insights_appid")
if self._client is None:

creds, _ = get_azure_cli_credentials(
resource="https://api.applicationinsights.io"
creds = AzureIdentityCredentialAdapter(
AzureCliCredential(), resource_id="https://api.applicationinsights.io"
)
self._client = ApplicationInsightsDataClient(creds)

Expand Down
5 changes: 3 additions & 2 deletions src/cli/requirements.txt
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
msal~=1.14.0
msal~=1.16.0
requests~=2.25.1
jmespath~=0.10.0
semver~=2.13.0
Expand All @@ -11,7 +11,8 @@ azure-storage-blob~=12.8
azure-applicationinsights==0.1.0
tenacity==8.0.1
docstring_parser==0.8.1
azure-cli-core==2.27.2
azure-identity==1.7.1
azure-cli-core==2.31.0
# packaging is required but not specified by azure-cli-core
packaging==20.9
# urllib3[secure] needs to be specifically stated for azure-cli-core
Expand Down
32 changes: 19 additions & 13 deletions src/deployment/deploy.py
Original file line number Diff line number Diff line change
Expand Up @@ -19,9 +19,9 @@
from typing import Dict, List, Optional, Tuple, Union, cast
from uuid import UUID

from azure.common.client_factory import get_client_from_cli_profile
from azure.common.credentials import get_cli_profile
from azure.cosmosdb.table.tableservice import TableService
from azure.identity import AzureCliCredential
from azure.mgmt.applicationinsights import ApplicationInsightsManagementClient
from azure.mgmt.applicationinsights.models import (
ApplicationInsightsComponentExportRequest,
Expand Down Expand Up @@ -190,8 +190,9 @@ def get_subscription_id(self) -> str:
return self.subscription_id

def get_location_display_name(self) -> str:
location_client = get_client_from_cli_profile(
SubscriptionClient, subscription_id=self.get_subscription_id()
credential = AzureCliCredential()
location_client = SubscriptionClient(
credential, subscription_id=self.get_subscription_id()
)
locations = location_client.subscriptions.list_locations(
self.get_subscription_id()
Expand All @@ -211,8 +212,9 @@ def check_region(self) -> None:
with open(self.arm_template, "r") as handle:
arm = json.load(handle)

client = get_client_from_cli_profile(
ResourceManagementClient, subscription_id=self.get_subscription_id()
credential = AzureCliCredential()
client = ResourceManagementClient(
credential, subscription_id=self.get_subscription_id()
)
providers = {x.namespace: x for x in client.providers.list()}

Expand Down Expand Up @@ -524,8 +526,9 @@ def deploy_template(self) -> None:
with open(self.arm_template, "r") as template_handle:
template = json.load(template_handle)

client = get_client_from_cli_profile(
ResourceManagementClient, subscription_id=self.get_subscription_id()
credential = AzureCliCredential()
client = ResourceManagementClient(
credential, subscription_id=self.get_subscription_id()
)
client.resource_groups.create_or_update(
self.resource_group, {"location": self.location}
Expand Down Expand Up @@ -695,8 +698,10 @@ def create_eventgrid(self) -> None:
logger.info("creating eventgrid subscription")
src_resource_id = self.results["deploy"]["fuzz-storage"]["value"]
dst_resource_id = self.results["deploy"]["func-storage"]["value"]
client = get_client_from_cli_profile(
StorageManagementClient, subscription_id=self.get_subscription_id()

credential = AzureCliCredential()
client = StorageManagementClient(
credential, subscription_id=self.get_subscription_id()
)
event_subscription_info = EventSubscription(
destination=StorageQueueEventSubscriptionDestination(
Expand All @@ -714,8 +719,8 @@ def create_eventgrid(self) -> None:
),
)

client = get_client_from_cli_profile(
EventGridManagementClient, subscription_id=self.get_subscription_id()
client = EventGridManagementClient(
credential, subscription_id=self.get_subscription_id()
)
result = client.event_subscriptions.begin_create_or_update(
src_resource_id, "onefuzz1", event_subscription_info
Expand Down Expand Up @@ -789,8 +794,9 @@ def add_log_export(self) -> None:
destination_address=url,
)

app_insight_client = get_client_from_cli_profile(
ApplicationInsightsManagementClient,
credential = AzureCliCredential()
app_insight_client = ApplicationInsightsManagementClient(
credential,
subscription_id=self.get_subscription_id(),
)

Expand Down
6 changes: 4 additions & 2 deletions src/deployment/deploylib/data_migration.py
Original file line number Diff line number Diff line change
Expand Up @@ -8,9 +8,10 @@
from typing import Callable, Dict, List
from uuid import UUID

from azure.common.client_factory import get_client_from_cli_profile
from azure.cosmosdb.table.tablebatch import TableBatch
from azure.cosmosdb.table.tableservice import TableService
from azure.identity import AzureCliCredential
from azure.mgmt.resource import SubscriptionClient
from azure.mgmt.storage import StorageManagementClient


Expand Down Expand Up @@ -91,7 +92,8 @@ def main() -> None:
parser.add_argument("migration", choices=migrations.keys(), nargs="+")
args = parser.parse_args()

client = get_client_from_cli_profile(StorageManagementClient)
credential = AzureCliCredential()
client = StorageManagementClient(credential)
storage_keys = client.storage_accounts.list_keys(
args.resource_group, args.storage_account
)
Expand Down
6 changes: 4 additions & 2 deletions src/deployment/deploylib/set_admins.py
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,9 @@
import argparse
from uuid import UUID

from azure.common.client_factory import get_client_from_cli_profile
from azure.cosmosdb.table.tableservice import TableService
from azure.identity import AzureCliCredential
from azure.mgmt.resource import SubscriptionClient
from azure.mgmt.storage import StorageManagementClient

from deploylib.configuration import (
Expand All @@ -26,7 +27,8 @@ def main() -> None:
parser.add_argument("--allowed_aad_tenants", type=UUID, nargs="*")
args = parser.parse_args()

client = get_client_from_cli_profile(StorageManagementClient)
credential = AzureCliCredential()
client = StorageManagementClient(credential)
storage_keys = client.storage_accounts.list_keys(
args.resource_group, args.storage_account
)
Expand Down
10 changes: 5 additions & 5 deletions src/deployment/requirements.txt
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
azure-cli-core==2.27.2
azure-cli==2.27.2
azure-cli-core==2.31.0
azure-cli==2.31.0
azure-cosmosdb-table==1.0.6
azure-mgmt-eventgrid==9.0.0
azure-mgmt-resource==18.0.0
azure-mgmt-storage==18.0.0
azure-storage-blob==12.8.1
azure-mgmt-resource==20.0.0
azure-mgmt-storage==19.0.0
azure-storage-blob==12.9.0
pyfunctional==1.4.3
pyopenssl==19.1.0
adal~=1.2.5
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,10 @@
import json
import uuid

from azure.common.client_factory import get_client_from_cli_profile
from azure.identity import AzureCliCredential
from azure.mgmt.eventgrid import EventGridManagementClient
from azure.mgmt.eventgrid.models import EventSubscription
from azure.mgmt.resource import SubscriptionClient
from azure.mgmt.storage import StorageManagementClient
from azure.mgmt.storage.models import (
AccessTier,
Expand Down Expand Up @@ -42,7 +43,8 @@ def get_base_event(


def add_event_grid(src_account_id: str, resource_group: str, location: str) -> None:
client = get_client_from_cli_profile(EventGridManagementClient)
credential = AzureCliCredential()
client = EventGridManagementClient(credential)
base = get_base_event(client, resource_group, location)

event_subscription_info = EventSubscription(
Expand Down Expand Up @@ -74,7 +76,8 @@ def create_storage(resource_group: str, account_name: str, location: str) -> str
minimum_tls_version="TLS1_2",
)

client = get_client_from_cli_profile(StorageManagementClient)
credential = AzureCliCredential()
client = StorageManagementClient(credential)
account = client.storage_accounts.begin_create(
resource_group, account_name, params
).result()
Expand Down
4 changes: 2 additions & 2 deletions src/utils/add-corpus-storage-accounts/requirements.txt
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
azure-mgmt-storage~=18.0.0
azure-cli-core==2.27.2
azure-mgmt-storage~=19.0.0
azure-cli-core==2.31.0
azure-mgmt-eventgrid==3.0.0rc9
4 changes: 2 additions & 2 deletions src/utils/check-pr/requirements.txt
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
azure-common~=1.1.25
azure-identity==1.7.0
azure-identity==1.7.1
PyGithub==1.55
azure-cli-core==2.27.2
azure-cli-core==2.31.0
msgraph-core==0.2.2

0 comments on commit c542189

Please sign in to comment.