From e7cf08d4766e40e403752ac9b362e7c51a3ce3fe Mon Sep 17 00:00:00 2001 From: "veo.chen" Date: Tue, 14 Nov 2023 15:05:32 +1300 Subject: [PATCH] more --- pkg/accounts/account_resource.go | 4 +++ pkg/accounts/account_service_test.go | 4 +++ pkg/accounts/account_utilities.go | 25 +++++++++++++++++ pkg/accounts/accounts.go | 14 +++++----- pkg/accounts/azure/azurewebapp.go | 7 +++-- pkg/accounts/azure_oidc_account.go | 2 +- pkg/accounts/is_nil.go | 2 ++ test/e2e/account_service_test.go | 41 ++++++++++++++++++++++++++++ 8 files changed, 88 insertions(+), 11 deletions(-) diff --git a/pkg/accounts/account_resource.go b/pkg/accounts/account_resource.go index c7d81f12..6f251776 100644 --- a/pkg/accounts/account_resource.go +++ b/pkg/accounts/account_resource.go @@ -38,6 +38,10 @@ type AccountResource struct { TenantTags []string `json:"TenantTags,omitempty"` Token *core.SensitiveValue `json:"Token,omitempty"` Username string `json:"Username,omitempty"` + Audience string `json:"Audience,omitempty"` + DeploymentSubjectKeys []string `json:"DeploymentSubjectKeys,omitempty"` + HealthCheckSubjectKeys []string `json:"HealthCheckSubjectKeys,omitempty"` + AccountTestSubjectKeys []string `json:"AccountTestSubjectKeys,omitempty"` resources.Resource } diff --git a/pkg/accounts/account_service_test.go b/pkg/accounts/account_service_test.go index 5fae5525..35ab0860 100644 --- a/pkg/accounts/account_service_test.go +++ b/pkg/accounts/account_service_test.go @@ -121,6 +121,10 @@ func TestAccountServiceUpdateWithEmptyAccount(t *testing.T) { require.Error(t, err) require.Nil(t, account) + account, err = service.Update(&AzureOIDCAccount{}) + require.Error(t, err) + require.Nil(t, account) + account, err = service.Update(&AzureSubscriptionAccount{}) require.Error(t, err) require.Nil(t, account) diff --git a/pkg/accounts/account_utilities.go b/pkg/accounts/account_utilities.go index 39cfeaf2..2512e5fd 100644 --- a/pkg/accounts/account_utilities.go +++ b/pkg/accounts/account_utilities.go @@ -33,6 +33,19 @@ func ToAccount(accountResource *AccountResource) (IAccount, error) { azureServicePrincipalAccount.AzureEnvironment = accountResource.AzureEnvironment azureServicePrincipalAccount.ResourceManagerEndpoint = accountResource.ResourceManagerEndpoint account = azureServicePrincipalAccount + case AccountTypeAzureOIDC: + azureOIDCAccount, err := NewAzureOIDCAccount(accountResource.GetName(), *accountResource.SubscriptionID, *accountResource.TenantID, *accountResource.ApplicationID) + if err != nil { + return nil, err + } + azureOIDCAccount.AuthenticationEndpoint = accountResource.AuthenticationEndpoint + azureOIDCAccount.AzureEnvironment = accountResource.AzureEnvironment + azureOIDCAccount.ResourceManagerEndpoint = accountResource.ResourceManagerEndpoint + azureOIDCAccount.Audience = accountResource.Audience + azureOIDCAccount.DeploymentSubjectKeys = accountResource.DeploymentSubjectKeys + azureOIDCAccount.AccountTestSubjectKeys = accountResource.AccountTestSubjectKeys + azureOIDCAccount.HealthCheckSubjectKeys = accountResource.HealthCheckSubjectKeys + account = azureOIDCAccount case AccountTypeAzureSubscription: azureSubscriptionAccount, err := NewAzureSubscriptionAccount(accountResource.GetName(), *accountResource.SubscriptionID) if err != nil { @@ -122,6 +135,18 @@ func ToAccountResource(account IAccount) (*AccountResource, error) { accountResource.ResourceManagerEndpoint = azureServicePrincipalAccount.ResourceManagerEndpoint accountResource.SubscriptionID = azureServicePrincipalAccount.SubscriptionID accountResource.TenantID = azureServicePrincipalAccount.TenantID + case AccountTypeAzureOIDC: + azureOIDCAccount := account.(*AzureOIDCAccount) + accountResource.ApplicationID = azureOIDCAccount.ApplicationID + accountResource.AuthenticationEndpoint = azureOIDCAccount.AuthenticationEndpoint + accountResource.AzureEnvironment = azureOIDCAccount.AzureEnvironment + accountResource.ResourceManagerEndpoint = azureOIDCAccount.ResourceManagerEndpoint + accountResource.SubscriptionID = azureOIDCAccount.SubscriptionID + accountResource.TenantID = azureOIDCAccount.TenantID + accountResource.Audience = azureOIDCAccount.Audience + accountResource.DeploymentSubjectKeys = azureOIDCAccount.DeploymentSubjectKeys + accountResource.AccountTestSubjectKeys = azureOIDCAccount.AccountTestSubjectKeys + accountResource.HealthCheckSubjectKeys = azureOIDCAccount.HealthCheckSubjectKeys case AccountTypeAzureSubscription: azureSubscriptionAccount := account.(*AzureSubscriptionAccount) accountResource.AzureEnvironment = azureSubscriptionAccount.AzureEnvironment diff --git a/pkg/accounts/accounts.go b/pkg/accounts/accounts.go index 072b4246..3df01626 100644 --- a/pkg/accounts/accounts.go +++ b/pkg/accounts/accounts.go @@ -85,13 +85,6 @@ func (a *Accounts) UnmarshalJSON(b []byte) error { return err } a.Items = append(a.Items, azureServicePrincipalAccount) - case AccountTypeAzureSubscription: - var azureSubscriptionAccount *AzureSubscriptionAccount - err := json.Unmarshal(*account, &azureSubscriptionAccount) - if err != nil { - return err - } - a.Items = append(a.Items, azureSubscriptionAccount) case AccountTypeAzureOIDC: var azureOIDCAccount *AzureOIDCAccount err := json.Unmarshal(*account, &azureOIDCAccount) @@ -99,6 +92,13 @@ func (a *Accounts) UnmarshalJSON(b []byte) error { return err } a.Items = append(a.Items, azureOIDCAccount) + case AccountTypeAzureSubscription: + var azureSubscriptionAccount *AzureSubscriptionAccount + err := json.Unmarshal(*account, &azureSubscriptionAccount) + if err != nil { + return err + } + a.Items = append(a.Items, azureSubscriptionAccount) case AccountTypeGoogleCloudPlatformAccount: var googleCloudAccount *GoogleCloudPlatformAccount err := json.Unmarshal(*account, &googleCloudAccount) diff --git a/pkg/accounts/azure/azurewebapp.go b/pkg/accounts/azure/azurewebapp.go index f3d24c19..f800fc4f 100644 --- a/pkg/accounts/azure/azurewebapp.go +++ b/pkg/accounts/azure/azurewebapp.go @@ -2,11 +2,12 @@ package azure import ( "fmt" + "strings" + "github.com/OctopusDeploy/go-octopusdeploy/v2/pkg/accounts" "github.com/OctopusDeploy/go-octopusdeploy/v2/pkg/client" "github.com/OctopusDeploy/go-octopusdeploy/v2/pkg/constants" "github.com/OctopusDeploy/go-octopusdeploy/v2/pkg/services/api" - "strings" ) type AzureWebApp struct { @@ -22,7 +23,7 @@ type AzureWebAppSlot struct { ResourceGroup string `json:"ResourceGroup,omitempty"` } -func GetWebSites(client client.Client, account *accounts.AzureServicePrincipalAccount) ([]*AzureWebApp, error) { +func GetWebSites(client client.Client, account accounts.IAccount) ([]*AzureWebApp, error) { path := account.GetLinks()[constants.LinkWebSites] if path == "" { return nil, fmt.Errorf("cannot get websites for account '%s' (%s)", account.GetName(), account.GetID()) @@ -38,7 +39,7 @@ func GetWebSites(client client.Client, account *accounts.AzureServicePrincipalAc return items, nil } -func GetWebSiteSlots(client client.Client, spAccount *accounts.AzureServicePrincipalAccount, app *AzureWebApp) ([]*AzureWebAppSlot, error) { +func GetWebSiteSlots(client client.Client, spAccount accounts.IAccount, app *AzureWebApp) ([]*AzureWebAppSlot, error) { path := spAccount.GetLinks()[constants.LinkWebSiteSlots] if path == "" { return nil, fmt.Errorf("cannot get websites for account '%s' (%s)", spAccount.GetName(), spAccount.GetID()) diff --git a/pkg/accounts/azure_oidc_account.go b/pkg/accounts/azure_oidc_account.go index 76c85266..3add2903 100644 --- a/pkg/accounts/azure_oidc_account.go +++ b/pkg/accounts/azure_oidc_account.go @@ -24,7 +24,7 @@ type AzureOIDCAccount struct { account } -// NewAzureOIDCAccount creates and initializes an Azure service principal account. +// NewAzureOIDCAccount creates and initializes an Azure OIDC account. func NewAzureOIDCAccount(name string, subscriptionID uuid.UUID, tenantID uuid.UUID, applicationID uuid.UUID) (*AzureOIDCAccount, error) { if internal.IsEmpty(name) { return nil, internal.CreateRequiredParameterIsEmptyOrNilError("name") diff --git a/pkg/accounts/is_nil.go b/pkg/accounts/is_nil.go index d7a0d4d9..694e1084 100644 --- a/pkg/accounts/is_nil.go +++ b/pkg/accounts/is_nil.go @@ -8,6 +8,8 @@ func IsNil(i interface{}) bool { return v == nil case *AzureServicePrincipalAccount: return v == nil + case *AzureOIDCAccount: + return v == nil case *AzureSubscriptionAccount: return v == nil case *GoogleCloudPlatformAccount: diff --git a/test/e2e/account_service_test.go b/test/e2e/account_service_test.go index 3b4ef639..00db693a 100644 --- a/test/e2e/account_service_test.go +++ b/test/e2e/account_service_test.go @@ -75,6 +75,43 @@ func CreateTestAzureServicePrincipalAccount(t *testing.T, client *client.Client) return createdAccount } +func CreateTestAzureOIDCAccount(t *testing.T, client *client.Client) accounts.IAccount { + if client == nil { + client = getOctopusClient() + } + require.NotNil(t, client) + + applicationID := uuid.New() + azureEnvironment := getRandomAzureEnvironment() + name := internal.GetRandomName() + subscriptionID := uuid.New() + tenantID := uuid.New() + + account, err := accounts.NewAzureOIDCAccount(name, subscriptionID, tenantID, applicationID) + + require.NotNil(t, account) + require.NoError(t, err) + require.NoError(t, account.Validate()) + + // set Azure environment fields + if !internal.IsEmpty(azureEnvironment.Name) { + account.AzureEnvironment = azureEnvironment.Name + account.AuthenticationEndpoint = azureEnvironment.AuthenticationEndpoint + account.ResourceManagerEndpoint = azureEnvironment.ResourceManagerEndpoint + } + + require.NoError(t, account.Validate()) + + createdAccount, err := client.Accounts.Add(account) + require.NoError(t, err) + require.NotNil(t, createdAccount) + require.NotEmpty(t, createdAccount.GetID()) + require.Equal(t, accounts.AccountTypeAzureServicePrincipal, createdAccount.GetAccountType()) + require.Equal(t, name, createdAccount.GetName()) + + return createdAccount +} + func CreateTestAzureSubscriptionAccount(t *testing.T, client *client.Client) accounts.IAccount { if client == nil { client = getOctopusClient() @@ -316,6 +353,10 @@ func TestAccountServiceAddGetDelete(t *testing.T) { ValidateAccount(t, azureServicePrincipalAccount) defer DeleteTestAccount(t, client, azureServicePrincipalAccount) + azureOIDCAccount := CreateTestAzureOIDCAccount(t, client) + ValidateAccount(t, azureOIDCAccount) + defer DeleteTestAccount(t, client, azureOIDCAccount) + azureSubscriptionAccount := CreateTestAzureSubscriptionAccount(t, client) ValidateAccount(t, azureSubscriptionAccount) defer DeleteTestAccount(t, client, azureSubscriptionAccount)