Merge pull request #873 from TylerLeonhardt/add-azure-powershell

ahmelsayed · web-flow · commit 1f1f77a71c55 · 2018-11-15T12:58:23.000-08:00
Inital Azure Powershell support
diff --git a/build.ps1 b/build.ps1
@@ -3,7 +3,7 @@ dotnet build Azure.Functions.Cli.sln
 
 $outDir = "$([System.IO.Path]::GetTempPath())cli"
 
-Remove-Item -Recurse -Force $outDir
+Remove-Item -Recurse -Force -ErrorAction SilentlyContinue $outDir
 
 if ($IsMacOS) { $runtime = 'osx-x64' }
 elseif ($IsLinux) { $runtime = 'linux-x64' }
diff --git a/src/Azure.Functions.Cli/Actions/AzureActions/BaseAzureAction.cs b/src/Azure.Functions.Cli/Actions/AzureActions/BaseAzureAction.cs
@@ -5,7 +5,9 @@
 using System.Threading.Tasks;
 using Azure.Functions.Cli.Arm;
 using Azure.Functions.Cli.Common;
+using static Azure.Functions.Cli.Common.OutputTheme;
 using Azure.Functions.Cli.Interfaces;
+using Colors.Net;
 using Fclp;
 using Newtonsoft.Json;
 using Newtonsoft.Json.Linq;
@@ -14,6 +16,18 @@ namespace Azure.Functions.Cli.Actions.AzureActions
 {
     abstract class BaseAzureAction : BaseAction, IInitializableAction
     {
+        // Az is the Azure PowerShell module that works in both PowerShell Core and Windows PowerShell
+        private const string _azProfileModuleName = "Az.Profile";
+
+        // AzureRm is the Azure PowerShell module that only works on Windows PowerShell
+        private const string _azureRmProfileModuleName = "AzureRM.Profile";
+
+        // PowerShell Core is version 6.0 and higher that is cross-platform
+        private const string _powerShellCoreExecutable = "pwsh";
+
+        // Windows PowerShell is PowerShell version 5.1 and lower that only works on Windows
+        private const string _windowsPowerShellExecutable = "powershell";
+
         public string AccessToken { get; set; }
         public bool ReadStdin { get; set; }
 
@@ -66,10 +80,16 @@ public async Task Initialize()
 
         private async Task<string> GetAccessToken()
         {
-            return await AzureCliGetToken();
+            (bool cliSucceeded, string cliToken) = await TryGetAzCliToken();
+            if (cliSucceeded) return cliToken;
+
+            (bool powershellSucceeded, string psToken) = await TryGetAzPowerShellToken();
+            if (powershellSucceeded) return psToken;
+            
+            throw new CliException("Unable to connect to Azure. Make sure you have the `az` CLI or Azure PowerShell installed and logged in and try again");
         }
 
-        private async Task<string> AzureCliGetToken()
+        private async Task<(bool succeeded, string token)> TryGetAzCliToken()
         {
             if (CommandChecker.CommandExists("az"))
             {
@@ -80,19 +100,115 @@ private async Task<string> AzureCliGetToken()
                 var stdout = new StringBuilder();
                 var stderr = new StringBuilder();
                 var exitCode = await az.RunAsync(o => stdout.AppendLine(o), e => stderr.AppendLine(e));
-                if (exitCode != 0)
+                if (exitCode == 0)
+                {
+                    return (true, stdout.ToString().Trim(' ', '\n', '\r', '"'));
+                }
+                else
+                {
+                    if (StaticSettings.IsDebug)
+                    {
+                        ColoredConsole.WriteLine(VerboseColor($"Unable to fetch access token from az cli. Error: {stderr.ToString().Trim(' ', '\n', '\r')}"));
+                    }
+                }
+            }
+            return (false, null);
+        }
+
+        private async Task<(bool succeeded, string token)> TryGetAzPowerShellToken()
+        {
+            // PowerShell Core can only use Az so we can check that it exists and that the Az module exists
+            if (CommandChecker.CommandExists(_powerShellCoreExecutable) &&
+                await CommandChecker.PowerShellModuleExistsAsync(_powerShellCoreExecutable, _azProfileModuleName))
+            {
+                var az = new Executable(_powerShellCoreExecutable,
+                    $"-NonInteractive -o Text -NoProfile -c {GetPowerShellAccessTokenScript(_azProfileModuleName)}");
+
+                var stdout = new StringBuilder();
+                var stderr = new StringBuilder();
+                var exitCode = await az.RunAsync(o => stdout.AppendLine(o), e => stderr.AppendLine(e));
+                if (exitCode == 0)
+                {
+                    return (true, stdout.ToString().Trim(' ', '\n', '\r', '"'));
+                }
+                else
+                {
+                    if (StaticSettings.IsDebug)
+                    {
+                        ColoredConsole.WriteLine(VerboseColor($"Unable to fetch access token from Az.Profile in PowerShell Core. Error: {stderr.ToString().Trim(' ', '\n', '\r')}"));
+                    }
+                }
+            }
+
+            // Windows PowerShell can use Az or AzureRM so first we check if powershell.exe is available
+            if (CommandChecker.CommandExists(_windowsPowerShellExecutable))
+            {
+                string moduleToUse;
+
+                // depending on if Az.Profile or AzureRM.Profile is available, we need to change the prefix
+                if (await CommandChecker.PowerShellModuleExistsAsync(_windowsPowerShellExecutable, _azProfileModuleName))
+                {
+                    moduleToUse = _azProfileModuleName;
+                }
+                else if (await CommandChecker.PowerShellModuleExistsAsync(_windowsPowerShellExecutable, _azureRmProfileModuleName))
+                {
+                    moduleToUse = _azureRmProfileModuleName;
+                }
+                else
+                {
+                    // User doesn't have either Az.Profile or AzureRM.Profile
+                    if (StaticSettings.IsDebug)
+                    {
+                        ColoredConsole.WriteLine(VerboseColor("Unable to find Az.Profile or AzureRM.Profile."));
+                    }
+                    return (false, null);
+                }
+
+                var az = new Executable("powershell", $"-NonInteractive -o Text -NoProfile -c {GetPowerShellAccessTokenScript(moduleToUse)}");
+
+                var stdout = new StringBuilder();
+                var stderr = new StringBuilder();
+                var exitCode = await az.RunAsync(o => stdout.AppendLine(o), e => stderr.AppendLine(e));
+                if (exitCode == 0)
                 {
-                    throw new CliException(stderr.ToString().Trim(' ', '\n', '\r') + $"{Environment.NewLine}" + "Make sure to run \"az login\" to log in to Azure and retry this command.");
+                    return (true, stdout.ToString().Trim(' ', '\n', '\r', '"'));
                 }
                 else
                 {
-                    return stdout.ToString().Trim(' ', '\n', '\r', '"');
+                    if (StaticSettings.IsDebug)
+                    {
+                        ColoredConsole.WriteLine(VerboseColor($"Unable to fetch access token from '{moduleToUse}'. Error: {stderr.ToString().Trim(' ', '\n', '\r')}"));
+                    }
                 }
             }
+            return (false, null);
+        }
+
+        // Sets the prefix of the script in case they have Az.Profile or AzureRM.Profile
+        private static string GetPowerShellAccessTokenScript (string module)
+        {
+            string prefix;
+            if (module == _azProfileModuleName)
+            {
+                prefix = "Az";
+            }
+            else if (module == _azureRmProfileModuleName)
+            {
+                prefix = "AzureRM";
+            }
             else
             {
-                throw new FileNotFoundException("Cannot find az cli. Please make sure to install az cli.");
+                throw new ArgumentException($"Expected module to be '{_azProfileModuleName}' or '{_azureRmProfileModuleName}'");
             }
+
+            // This PowerShell script first grabs the Azure context, fetches the profile client and requests an accesstoken.
+            // This entirely done using the Az.Profile module or AzureRM.Profile
+            return $@"
+$currentAzureContext = Get-{prefix}Context;
+$azureRmProfile = [Microsoft.Azure.Commands.Common.Authentication.Abstractions.AzureRmProfileProvider]::Instance.Profile;
+$profileClient = New-Object Microsoft.Azure.Commands.ResourceManager.Common.RMProfileClient $azureRmProfile;
+$profileClient.AcquireAccessToken($currentAzureContext.Subscription.TenantId).AccessToken;
+";
         }
     }
 }
diff --git a/src/Azure.Functions.Cli/Common/CommandChecker.cs b/src/Azure.Functions.Cli/Common/CommandChecker.cs
@@ -1,5 +1,7 @@
 ﻿using System.Diagnostics;
 using System.Runtime.InteropServices;
+using System.Text;
+using System.Threading.Tasks;
 
 namespace Azure.Functions.Cli.Common
 {
@@ -13,6 +15,18 @@ public static bool CommandExists(string command)
             ? CheckExitCode("where", command)
             : CheckExitCode("bash", $"-c \"command -v {command}\"");
 
+        public async static Task<bool> PowerShellModuleExistsAsync(string powershellExecutable, string module)
+        {
+            // Attempt to get the specified module. If it cannot be found, throw.
+            var exe = new Executable(powershellExecutable,
+                $"-NonInteractive -o Text -NoProfile -c if(!(Get-Module -ListAvailable {module})) {{ throw '{module} module not found' }}");
+
+            var stdout = new StringBuilder();
+            var stderr = new StringBuilder();
+            var exitCode = await exe.RunAsync(o => stdout.AppendLine(o), e => stderr.AppendLine(e));
+            return exitCode == 0;
+        }
+
         private static bool CheckExitCode(string fileName, string args, int expectedExitCode = 0)
         {
             var processStartInfo = new ProcessStartInfo
