From e7137ff63c7184d9f707040aa833e5a93198386c Mon Sep 17 00:00:00 2001 From: Haroon Feisal Date: Thu, 19 May 2022 19:29:38 -0400 Subject: [PATCH] Updated util. Fixed style issues. --- src/containerapp/azext_containerapp/_help.py | 4 ++-- .../azext_containerapp/_params.py | 8 ++++--- src/containerapp/azext_containerapp/_utils.py | 10 +++----- .../azext_containerapp/commands.py | 10 ++++---- src/containerapp/azext_containerapp/custom.py | 23 +++++++++---------- 5 files changed, 26 insertions(+), 29 deletions(-) diff --git a/src/containerapp/azext_containerapp/_help.py b/src/containerapp/azext_containerapp/_help.py index b254033e21b..bbe07960a82 100644 --- a/src/containerapp/azext_containerapp/_help.py +++ b/src/containerapp/azext_containerapp/_help.py @@ -981,7 +981,7 @@ text: | az containerapp auth openid-connect add -g myResourceGroup --name MyContainerapp \\ --provider-name myOpenIdConnectProvider --client-id my-client-id \\ - --client-secret-setting-name MY_SECRET_APP_SETTING \\ + --client-secret-name MY_SECRET_APP_SETTING \\ --openid-configuration https://myopenidprovider.net/.well-known/openid-configuration """ @@ -993,7 +993,7 @@ text: | az containerapp auth openid-connect update -g myResourceGroup --name MyContainerapp \\ --provider-name myOpenIdConnectProvider --client-id my-client-id \\ - --client-secret-setting-name MY_SECRET_APP_SETTING + --client-secret-name MY_SECRET_APP_SETTING """ helps['containerapp auth openid-connect remove'] = """ diff --git a/src/containerapp/azext_containerapp/_params.py b/src/containerapp/azext_containerapp/_params.py index 32248e4cfd5..adcfaddf145 100644 --- a/src/containerapp/azext_containerapp/_params.py +++ b/src/containerapp/azext_containerapp/_params.py @@ -278,7 +278,7 @@ def load_arguments(self, _): # subgroup update c.argument('client_id', options_list=['--client-id'], help='The Client ID of the app used for login.') c.argument('client_secret', options_list=['--client-secret'], help='The client secret.') - c.argument('client_secret_setting_name', options_list=['--client-secret-name'], help='The app setting name that contains the client secret of the relying party application.') + c.argument('client_secret_setting_name', options_list=['--client-secret-name'], help='The app secret name that contains the client secret of the relying party application.') c.argument('issuer', options_list=['--issuer'], help='The OpenID Connect Issuer URI that represents the entity which issues access tokens for this application.') c.argument('allowed_token_audiences', options_list=['--allowed-token-audiences', '--allowed-audiences'], help='The configuration settings of the allowed list of audiences from which to validate the JWT token.') c.argument('client_secret_certificate_thumbprint', options_list=['--thumbprint', '--client-secret-certificate-thumbprint'], help='Alternative to AAD Client Secret, thumbprint of a certificate used for signing purposes') @@ -288,15 +288,16 @@ def load_arguments(self, _): c.argument('tenant_id', options_list=['--tenant-id'], help='The tenant id of the application.') c.argument('app_id', options_list=['--app-id'], help='The App ID of the app used for login.') c.argument('app_secret', options_list=['--app-secret'], help='The app secret.') - c.argument('app_secret_setting_name', options_list=['--app-secret-setting-name', '--secret-setting'], help='The app setting name that contains the app secret.') + c.argument('app_secret_setting_name', options_list=['--app-secret-name', '--secret-name'], help='The app secret name that contains the app secret.') c.argument('graph_api_version', options_list=['--graph-api-version'], help='The version of the Facebook api to be used while logging in.') c.argument('scopes', options_list=['--scopes'], help='A list of the scopes that should be requested while authenticating.') c.argument('consumer_key', options_list=['--consumer-key'], help='The OAuth 1.0a consumer key of the Twitter application used for sign-in.') c.argument('consumer_secret', options_list=['--consumer-secret'], help='The consumer secret.') + c.argument('consumer_secret_setting_name', options_list=['--consumer-secret-name', '--secret-name'], help='The consumer secret name that contains the app secret.') c.argument('provider_name', options_list=['--provider-name'], required=True, help='The name of the custom OpenID Connect provider.') c.argument('openid_configuration', options_list=['--openid-configuration'], help='The endpoint that contains all the configuration endpoints for the provider.') # auth update - c.argument('set_string', options_list=['--set'], help='Value of a specific field within the configuration settings for the Azure App Service Authentication / Authorization V2 feature.') + c.argument('set_string', options_list=['--set'], help='Value of a specific field within the configuration settings for the Azure App Service Authentication / Authorization feature.') c.argument('config_file_path', options_list=['--config-file-path'], help='The path of the config file containing auth settings if they come from a file.') c.argument('unauthenticated_client_action', options_list=['--unauthenticated-client-action', '--action'], arg_type=get_enum_type(UNAUTHENTICATED_CLIENT_ACTION), help='The action to take when an unauthenticated client attempts to access the app.') c.argument('redirect_provider', options_list=['--redirect-provider'], help='The default authentication provider to use when multiple providers are configured.') @@ -307,6 +308,7 @@ def load_arguments(self, _): c.argument('proxy_custom_proto_header', options_list=['--proxy-custom-proto-header', '--custom-proto-header'], help='The name of the header containing the scheme of the request.') c.argument('excluded_paths', options_list=['--excluded-paths'], help='The list of paths that should be excluded from authentication rules.') c.argument('enabled', options_list=['--enabled'], arg_type=get_three_state_flag(return_label=True), help='true if the Authentication / Authorization feature is enabled for the current app; otherwise, false.') + c.argument('runtime_version', options_list=['--runtime-version'], help='The RuntimeVersion of the Authentication / Authorization feature in use for the current app.') with self.argument_context('containerapp ssl upload') as c: c.argument('hostname', help='The custom domain name.') diff --git a/src/containerapp/azext_containerapp/_utils.py b/src/containerapp/azext_containerapp/_utils.py index e49cec4dba2..5b27d3581c4 100644 --- a/src/containerapp/azext_containerapp/_utils.py +++ b/src/containerapp/azext_containerapp/_utils.py @@ -1253,12 +1253,8 @@ def update_http_settings_in_auth_settings(auth_settings, require_https, proxy_co def get_oidc_client_setting_app_setting_name(provider_name): - provider_name_prefix = provider_name.upper() - - # an appsetting name can be up to 64 characters, and the suffix _PROVIDER_AUTHENTICATION_SECRET is 31 characters so limitting this to 32 - if len(provider_name_prefix) > 32: - provider_name_prefix = provider_name_prefix[0:31] - return provider_name_prefix + "_PROVIDER_AUTHENTICATION_SECRET" + provider_name_prefix = provider_name.lower() + return provider_name_prefix + "-provider-authentication-secret" # only accept .pfx or .pem file @@ -1292,7 +1288,7 @@ def load_cert_file(file_path, cert_password=None): else: raise FileOperationError('Not a valid file type. Only .PFX and .PEM files are supported.') except Exception as e: - raise CLIInternalError(e) + raise CLIInternalError(e) from e return blob, thumbprint diff --git a/src/containerapp/azext_containerapp/commands.py b/src/containerapp/azext_containerapp/commands.py index c9e6a44bfe1..c1c355cdd5f 100644 --- a/src/containerapp/azext_containerapp/commands.py +++ b/src/containerapp/azext_containerapp/commands.py @@ -63,11 +63,11 @@ def load_command_table(self, _): g.custom_command('up', 'containerapp_up', supports_no_wait=False, exception_handler=ex_handler_factory()) g.custom_command('browse', 'open_containerapp_in_browser') - with self.command_group('containerapp replica', is_preview=True) as g: + with self.command_group('containerapp replica') as g: g.custom_show_command('show', 'get_replica') # TODO implement the table transformer g.custom_command('list', 'list_replicas') - with self.command_group('containerapp logs', is_preview=True) as g: + with self.command_group('containerapp logs') as g: g.custom_show_command('show', 'stream_containerapp_logs', validator=validate_ssh) with self.command_group('containerapp env') as g: @@ -87,7 +87,7 @@ def load_command_table(self, _): g.custom_command('upload', 'upload_certificate') g.custom_command('delete', 'delete_certificate', confirmation=True, exception_handler=ex_handler_factory()) - with self.command_group('containerapp env storage') as g: + with self.command_group('containerapp env storage', is_preview=True) as g: g.custom_show_command('show', 'show_storage') g.custom_command('list', 'list_storage') g.custom_command('set', 'create_or_update_storage', supports_no_wait=True, exception_handler=ex_handler_factory()) @@ -142,11 +142,11 @@ def load_command_table(self, _): g.custom_command('disable', 'disable_dapr', exception_handler=ex_handler_factory()) with self.command_group('containerapp auth', client_factory=auth_config_client_factory) as g: - g.custom_command('show', 'show_auth_config', exception_handler=ex_handler_factory()) + g.custom_show_command('show', 'show_auth_config', exception_handler=ex_handler_factory()) g.custom_command('update', 'update_auth_config', exception_handler=ex_handler_factory()) with self.command_group('containerapp auth microsoft', client_factory=auth_config_client_factory) as g: - g.custom_command('show', 'get_aad_settings') + g.custom_show_command('show', 'get_aad_settings') g.custom_command('update', 'update_aad_settings', exception_handler=ex_handler_factory()) with self.command_group('containerapp auth facebook', client_factory=auth_config_client_factory) as g: diff --git a/src/containerapp/azext_containerapp/custom.py b/src/containerapp/azext_containerapp/custom.py index 3e479b5b52f..c71570e4230 100644 --- a/src/containerapp/azext_containerapp/custom.py +++ b/src/containerapp/azext_containerapp/custom.py @@ -2378,7 +2378,6 @@ def upload_certificate(cmd, name, resource_group_name, certificate_file, certifi cert_name = None if certificate_name: if not check_cert_name_availability(cmd, resource_group_name, name, certificate_name): - from knack.prompting import prompt_y_n msg = 'A certificate with the name {} already exists in {}. If continue with this name, it will be overwritten by the new certificate file.\nOverwrite?' overwrite = prompt_y_n(msg.format(certificate_name, name)) if overwrite: @@ -2573,7 +2572,7 @@ def update_aad_settings(cmd, client, resource_group_name, name, client_secret_certificate_thumbprint=None, client_secret_certificate_san=None, client_secret_certificate_issuer=None, - yes=False, tenant_id=None): + yes=False, tenant_id=None): try: show_ingress(cmd, name, resource_group_name) @@ -2738,7 +2737,7 @@ def get_facebook_settings(client, resource_group_name, name): def update_facebook_settings(cmd, client, resource_group_name, name, app_id=None, app_secret_setting_name=None, - graph_api_version=None, scopes=None, app_secret=None, yes=False): + graph_api_version=None, scopes=None, app_secret=None, yes=False): try: show_ingress(cmd, name, resource_group_name) except Exception as e: @@ -2810,7 +2809,7 @@ def get_github_settings(client, resource_group_name, name): def update_github_settings(cmd, client, resource_group_name, name, client_id=None, client_secret_setting_name=None, - scopes=None, client_secret=None, yes=False): + scopes=None, client_secret=None, yes=False): try: show_ingress(cmd, name, resource_group_name) except Exception as e: @@ -2880,7 +2879,7 @@ def get_google_settings(client, resource_group_name, name): def update_google_settings(cmd, client, resource_group_name, name, client_id=None, client_secret_setting_name=None, - scopes=None, allowed_token_audiences=None, client_secret=None, yes=False): + scopes=None, allowed_token_audiences=None, client_secret=None, yes=False): try: show_ingress(cmd, name, resource_group_name) except Exception as e: @@ -2956,8 +2955,8 @@ def get_twitter_settings(client, resource_group_name, name): def update_twitter_settings(cmd, client, resource_group_name, name, - consumer_key=None, consumer_secret_setting_name=None, - consumer_secret=None, yes=False): + consumer_key=None, consumer_secret_setting_name=None, + consumer_secret=None, yes=False): try: show_ingress(cmd, name, resource_group_name) except Exception as e: @@ -3021,7 +3020,7 @@ def get_apple_settings(client, resource_group_name, name): def update_apple_settings(cmd, client, resource_group_name, name, client_id=None, client_secret_setting_name=None, - scopes=None, client_secret=None, yes=False): + scopes=None, client_secret=None, yes=False): try: show_ingress(cmd, name, resource_group_name) except Exception as e: @@ -3096,8 +3095,8 @@ def get_openid_connect_provider_settings(client, resource_group_name, name, prov def add_openid_connect_provider_settings(cmd, client, resource_group_name, name, provider_name, client_id=None, client_secret_setting_name=None, - openid_configuration=None, scopes=None, - client_secret=None, yes=False): + openid_configuration=None, scopes=None, + client_secret=None, yes=False): from ._utils import get_oidc_client_setting_app_setting_name try: show_ingress(cmd, name, resource_group_name) @@ -3160,7 +3159,7 @@ def add_openid_connect_provider_settings(cmd, client, resource_group_name, name, def update_openid_connect_provider_settings(cmd, client, resource_group_name, name, provider_name, client_id=None, client_secret_setting_name=None, openid_configuration=None, scopes=None, - client_secret=None, yes=False): + client_secret=None, yes=False): from ._utils import get_oidc_client_setting_app_setting_name try: show_ingress(cmd, name, resource_group_name) @@ -3256,7 +3255,7 @@ def update_auth_config(client, resource_group_name, name, set_string=None, enabl runtime_version=None, config_file_path=None, unauthenticated_client_action=None, redirect_provider=None, enable_token_store=None, require_https=None, proxy_convention=None, proxy_custom_host_header=None, - proxy_custom_proto_header=None, excluded_paths=None, slot=None): + proxy_custom_proto_header=None, excluded_paths=None): from ._utils import set_field_in_auth_settings, update_http_settings_in_auth_settings existing_auth = {} try: