From a09e0559a07ea5ca1157620ca5cbc67b2359fe9c Mon Sep 17 00:00:00 2001 From: v-schhabra <100183307+v-schhabra@users.noreply.github.com> Date: Tue, 20 Feb 2024 17:42:19 +0530 Subject: [PATCH] Authentication issue in AzurePowerShell task (#19550) * code fixes * bumped task version * updated file as per changes * updating AzurePowerShell.ts file --- Tasks/AzurePowerShellV5/AzurePowerShell.ps1 | 9 +++--- Tasks/AzurePowerShellV5/RemoveAzContext.ps1 | 5 ++++ Tasks/AzurePowerShellV5/azurepowershell.ts | 30 +++++++++++++++++-- Tasks/AzurePowerShellV5/task.json | 2 +- Tasks/AzurePowerShellV5/task.loc.json | 2 +- _generated/AzurePowerShellV5.versionmap.txt | 4 +-- .../AzurePowerShellV5/AzurePowerShell.ps1 | 9 +++--- .../AzurePowerShellV5/RemoveAzContext.ps1 | 5 ++++ .../AzurePowerShellV5/azurepowershell.ts | 30 +++++++++++++++++-- _generated/AzurePowerShellV5/task.json | 6 ++-- _generated/AzurePowerShellV5/task.loc.json | 6 ++-- .../AzurePowerShell.ps1 | 9 +++--- .../RemoveAzContext.ps1 | 5 ++++ .../azurepowershell.ts | 30 +++++++++++++++++-- _generated/AzurePowerShellV5_Node20/task.json | 6 ++-- .../AzurePowerShellV5_Node20/task.loc.json | 6 ++-- 16 files changed, 127 insertions(+), 37 deletions(-) create mode 100644 Tasks/AzurePowerShellV5/RemoveAzContext.ps1 create mode 100644 _generated/AzurePowerShellV5/RemoveAzContext.ps1 create mode 100644 _generated/AzurePowerShellV5_Node20/RemoveAzContext.ps1 diff --git a/Tasks/AzurePowerShellV5/AzurePowerShell.ps1 b/Tasks/AzurePowerShellV5/AzurePowerShell.ps1 index a2bcc5ffb40e..79a28a668ddc 100644 --- a/Tasks/AzurePowerShellV5/AzurePowerShell.ps1 +++ b/Tasks/AzurePowerShellV5/AzurePowerShell.ps1 @@ -192,8 +192,9 @@ finally { if ($__vstsAzPSInlineScriptPath -and (Test-Path -LiteralPath $__vstsAzPSInlineScriptPath) ) { Remove-Item -LiteralPath $__vstsAzPSInlineScriptPath -ErrorAction 'SilentlyContinue' } - - Import-Module $PSScriptRoot\ps_modules\VstsAzureHelpers_ + . "$PSScriptRoot\Utility.ps1" + Import-Module "$PSScriptRoot\ps_modules\VstsAzureHelpers_" Remove-EndpointSecrets - Disconnect-AzureAndClearContext -ErrorAction SilentlyContinue -} \ No newline at end of file + Update-PSModulePathForHostedAgent + Disconnect-AzureAndClearContext -restrictContext 'True' -ErrorAction SilentlyContinue +} diff --git a/Tasks/AzurePowerShellV5/RemoveAzContext.ps1 b/Tasks/AzurePowerShellV5/RemoveAzContext.ps1 new file mode 100644 index 000000000000..82f26444851d --- /dev/null +++ b/Tasks/AzurePowerShellV5/RemoveAzContext.ps1 @@ -0,0 +1,5 @@ +. "$PSScriptRoot/Utility.ps1" +. "$PSScriptRoot/ps_modules/VstsAzureHelpers_/Utility.ps1" + +Update-PSModulePathForHostedAgentLinux +Disconnect-AzureAndClearContext -restrictContext 'True' \ No newline at end of file diff --git a/Tasks/AzurePowerShellV5/azurepowershell.ts b/Tasks/AzurePowerShellV5/azurepowershell.ts index c5378d87d040..f8cea1590054 100644 --- a/Tasks/AzurePowerShellV5/azurepowershell.ts +++ b/Tasks/AzurePowerShellV5/azurepowershell.ts @@ -12,6 +12,9 @@ function convertToNullIfUndefined(arg: T): T|null { } async function run() { + let input_workingDirectory = tl.getPathInput('workingDirectory', /*required*/ true, /*check*/ true); + let tempDirectory = tl.getVariable('agent.tempDirectory'); + tl.checkPath(tempDirectory, `${tempDirectory} (agent.tempDirectory)`); try { tl.setResourcePath(path.join(__dirname, 'task.json')); @@ -35,7 +38,6 @@ async function run() { let customTargetAzurePs: string = convertToNullIfUndefined(tl.getInput('CustomTargetAzurePs', false)); let serviceName = tl.getInput('ConnectedServiceNameARM',/*required*/true); let endpointObject= await new AzureRMEndpoint(serviceName).getEndpoint(); - let input_workingDirectory = tl.getPathInput('workingDirectory', /*required*/ true, /*check*/ true); let isDebugEnabled = (process.env['SYSTEM_DEBUG'] || "").toLowerCase() === "true"; // string constants @@ -99,8 +101,6 @@ async function run() { // Write the script to disk. tl.assertAgent('2.115.0'); - let tempDirectory = tl.getVariable('agent.tempDirectory'); - tl.checkPath(tempDirectory, `${tempDirectory} (agent.tempDirectory)`); let filePath = path.join(tempDirectory, uuidV4() + '.ps1'); await fs.writeFile( @@ -160,6 +160,30 @@ async function run() { catch (err) { tl.setResult(tl.TaskResult.Failed, err.message || 'run() failed'); } + finally { + try { + const powershell = tl.tool(tl.which('pwsh') || tl.which('powershell') || tl.which('pwsh', true)) + .arg('-NoLogo') + .arg('-NoProfile') + .arg('-NonInteractive') + .arg('-ExecutionPolicy') + .arg('Unrestricted') + .arg('-Command') + .arg(`. '{path.join(path.resolve(__dirname),'RemoveAzContext.ps1')}'`); + + let options = { + cwd: input_workingDirectory, + failOnStdErr: false, + errStream: process.stdout, // Direct all output to STDOUT, otherwise the output may appear out + outStream: process.stdout, // of order since Node buffers it's own STDOUT but not STDERR. + ignoreReturnCode: true + }; + await powershell.exec(options); + } + catch (err) { + tl.debug("Az-clearContext not completed due to an error"); + } + } } run(); diff --git a/Tasks/AzurePowerShellV5/task.json b/Tasks/AzurePowerShellV5/task.json index b455caf9c233..b42883473249 100644 --- a/Tasks/AzurePowerShellV5/task.json +++ b/Tasks/AzurePowerShellV5/task.json @@ -17,7 +17,7 @@ "author": "Microsoft Corporation", "version": { "Major": 5, - "Minor": 234, + "Minor": 236, "Patch": 0 }, "releaseNotes": "Added support for Az Module and cross platform agents.", diff --git a/Tasks/AzurePowerShellV5/task.loc.json b/Tasks/AzurePowerShellV5/task.loc.json index 923af84c1915..a5c2c4ea2aef 100644 --- a/Tasks/AzurePowerShellV5/task.loc.json +++ b/Tasks/AzurePowerShellV5/task.loc.json @@ -17,7 +17,7 @@ "author": "Microsoft Corporation", "version": { "Major": 5, - "Minor": 234, + "Minor": 236, "Patch": 0 }, "releaseNotes": "ms-resource:loc.releaseNotes", diff --git a/_generated/AzurePowerShellV5.versionmap.txt b/_generated/AzurePowerShellV5.versionmap.txt index 093b5dc77f7a..5913fb4d63f5 100644 --- a/_generated/AzurePowerShellV5.versionmap.txt +++ b/_generated/AzurePowerShellV5.versionmap.txt @@ -1,2 +1,2 @@ -Default|5.234.0 -Node20_229_2|5.234.1 +Default|5.236.0 +Node20_229_2|5.236.1 diff --git a/_generated/AzurePowerShellV5/AzurePowerShell.ps1 b/_generated/AzurePowerShellV5/AzurePowerShell.ps1 index a2bcc5ffb40e..79a28a668ddc 100644 --- a/_generated/AzurePowerShellV5/AzurePowerShell.ps1 +++ b/_generated/AzurePowerShellV5/AzurePowerShell.ps1 @@ -192,8 +192,9 @@ finally { if ($__vstsAzPSInlineScriptPath -and (Test-Path -LiteralPath $__vstsAzPSInlineScriptPath) ) { Remove-Item -LiteralPath $__vstsAzPSInlineScriptPath -ErrorAction 'SilentlyContinue' } - - Import-Module $PSScriptRoot\ps_modules\VstsAzureHelpers_ + . "$PSScriptRoot\Utility.ps1" + Import-Module "$PSScriptRoot\ps_modules\VstsAzureHelpers_" Remove-EndpointSecrets - Disconnect-AzureAndClearContext -ErrorAction SilentlyContinue -} \ No newline at end of file + Update-PSModulePathForHostedAgent + Disconnect-AzureAndClearContext -restrictContext 'True' -ErrorAction SilentlyContinue +} diff --git a/_generated/AzurePowerShellV5/RemoveAzContext.ps1 b/_generated/AzurePowerShellV5/RemoveAzContext.ps1 new file mode 100644 index 000000000000..82f26444851d --- /dev/null +++ b/_generated/AzurePowerShellV5/RemoveAzContext.ps1 @@ -0,0 +1,5 @@ +. "$PSScriptRoot/Utility.ps1" +. "$PSScriptRoot/ps_modules/VstsAzureHelpers_/Utility.ps1" + +Update-PSModulePathForHostedAgentLinux +Disconnect-AzureAndClearContext -restrictContext 'True' \ No newline at end of file diff --git a/_generated/AzurePowerShellV5/azurepowershell.ts b/_generated/AzurePowerShellV5/azurepowershell.ts index c5378d87d040..f8cea1590054 100644 --- a/_generated/AzurePowerShellV5/azurepowershell.ts +++ b/_generated/AzurePowerShellV5/azurepowershell.ts @@ -12,6 +12,9 @@ function convertToNullIfUndefined(arg: T): T|null { } async function run() { + let input_workingDirectory = tl.getPathInput('workingDirectory', /*required*/ true, /*check*/ true); + let tempDirectory = tl.getVariable('agent.tempDirectory'); + tl.checkPath(tempDirectory, `${tempDirectory} (agent.tempDirectory)`); try { tl.setResourcePath(path.join(__dirname, 'task.json')); @@ -35,7 +38,6 @@ async function run() { let customTargetAzurePs: string = convertToNullIfUndefined(tl.getInput('CustomTargetAzurePs', false)); let serviceName = tl.getInput('ConnectedServiceNameARM',/*required*/true); let endpointObject= await new AzureRMEndpoint(serviceName).getEndpoint(); - let input_workingDirectory = tl.getPathInput('workingDirectory', /*required*/ true, /*check*/ true); let isDebugEnabled = (process.env['SYSTEM_DEBUG'] || "").toLowerCase() === "true"; // string constants @@ -99,8 +101,6 @@ async function run() { // Write the script to disk. tl.assertAgent('2.115.0'); - let tempDirectory = tl.getVariable('agent.tempDirectory'); - tl.checkPath(tempDirectory, `${tempDirectory} (agent.tempDirectory)`); let filePath = path.join(tempDirectory, uuidV4() + '.ps1'); await fs.writeFile( @@ -160,6 +160,30 @@ async function run() { catch (err) { tl.setResult(tl.TaskResult.Failed, err.message || 'run() failed'); } + finally { + try { + const powershell = tl.tool(tl.which('pwsh') || tl.which('powershell') || tl.which('pwsh', true)) + .arg('-NoLogo') + .arg('-NoProfile') + .arg('-NonInteractive') + .arg('-ExecutionPolicy') + .arg('Unrestricted') + .arg('-Command') + .arg(`. '{path.join(path.resolve(__dirname),'RemoveAzContext.ps1')}'`); + + let options = { + cwd: input_workingDirectory, + failOnStdErr: false, + errStream: process.stdout, // Direct all output to STDOUT, otherwise the output may appear out + outStream: process.stdout, // of order since Node buffers it's own STDOUT but not STDERR. + ignoreReturnCode: true + }; + await powershell.exec(options); + } + catch (err) { + tl.debug("Az-clearContext not completed due to an error"); + } + } } run(); diff --git a/_generated/AzurePowerShellV5/task.json b/_generated/AzurePowerShellV5/task.json index 1c64fbea9257..2d236f5c6b2c 100644 --- a/_generated/AzurePowerShellV5/task.json +++ b/_generated/AzurePowerShellV5/task.json @@ -17,7 +17,7 @@ "author": "Microsoft Corporation", "version": { "Major": 5, - "Minor": 234, + "Minor": 236, "Patch": 0 }, "releaseNotes": "Added support for Az Module and cross platform agents.", @@ -204,7 +204,7 @@ "PS_ExitCode": "PowerShell exited with code '{0}'." }, "_buildConfigMapping": { - "Default": "5.234.0", - "Node20_229_2": "5.234.1" + "Default": "5.236.0", + "Node20_229_2": "5.236.1" } } \ No newline at end of file diff --git a/_generated/AzurePowerShellV5/task.loc.json b/_generated/AzurePowerShellV5/task.loc.json index ba16ddbc27ad..5fe3bf3a11b8 100644 --- a/_generated/AzurePowerShellV5/task.loc.json +++ b/_generated/AzurePowerShellV5/task.loc.json @@ -17,7 +17,7 @@ "author": "Microsoft Corporation", "version": { "Major": 5, - "Minor": 234, + "Minor": 236, "Patch": 0 }, "releaseNotes": "ms-resource:loc.releaseNotes", @@ -204,7 +204,7 @@ "PS_ExitCode": "ms-resource:loc.messages.PS_ExitCode" }, "_buildConfigMapping": { - "Default": "5.234.0", - "Node20_229_2": "5.234.1" + "Default": "5.236.0", + "Node20_229_2": "5.236.1" } } \ No newline at end of file diff --git a/_generated/AzurePowerShellV5_Node20/AzurePowerShell.ps1 b/_generated/AzurePowerShellV5_Node20/AzurePowerShell.ps1 index a2bcc5ffb40e..79a28a668ddc 100644 --- a/_generated/AzurePowerShellV5_Node20/AzurePowerShell.ps1 +++ b/_generated/AzurePowerShellV5_Node20/AzurePowerShell.ps1 @@ -192,8 +192,9 @@ finally { if ($__vstsAzPSInlineScriptPath -and (Test-Path -LiteralPath $__vstsAzPSInlineScriptPath) ) { Remove-Item -LiteralPath $__vstsAzPSInlineScriptPath -ErrorAction 'SilentlyContinue' } - - Import-Module $PSScriptRoot\ps_modules\VstsAzureHelpers_ + . "$PSScriptRoot\Utility.ps1" + Import-Module "$PSScriptRoot\ps_modules\VstsAzureHelpers_" Remove-EndpointSecrets - Disconnect-AzureAndClearContext -ErrorAction SilentlyContinue -} \ No newline at end of file + Update-PSModulePathForHostedAgent + Disconnect-AzureAndClearContext -restrictContext 'True' -ErrorAction SilentlyContinue +} diff --git a/_generated/AzurePowerShellV5_Node20/RemoveAzContext.ps1 b/_generated/AzurePowerShellV5_Node20/RemoveAzContext.ps1 new file mode 100644 index 000000000000..82f26444851d --- /dev/null +++ b/_generated/AzurePowerShellV5_Node20/RemoveAzContext.ps1 @@ -0,0 +1,5 @@ +. "$PSScriptRoot/Utility.ps1" +. "$PSScriptRoot/ps_modules/VstsAzureHelpers_/Utility.ps1" + +Update-PSModulePathForHostedAgentLinux +Disconnect-AzureAndClearContext -restrictContext 'True' \ No newline at end of file diff --git a/_generated/AzurePowerShellV5_Node20/azurepowershell.ts b/_generated/AzurePowerShellV5_Node20/azurepowershell.ts index c5378d87d040..f8cea1590054 100644 --- a/_generated/AzurePowerShellV5_Node20/azurepowershell.ts +++ b/_generated/AzurePowerShellV5_Node20/azurepowershell.ts @@ -12,6 +12,9 @@ function convertToNullIfUndefined(arg: T): T|null { } async function run() { + let input_workingDirectory = tl.getPathInput('workingDirectory', /*required*/ true, /*check*/ true); + let tempDirectory = tl.getVariable('agent.tempDirectory'); + tl.checkPath(tempDirectory, `${tempDirectory} (agent.tempDirectory)`); try { tl.setResourcePath(path.join(__dirname, 'task.json')); @@ -35,7 +38,6 @@ async function run() { let customTargetAzurePs: string = convertToNullIfUndefined(tl.getInput('CustomTargetAzurePs', false)); let serviceName = tl.getInput('ConnectedServiceNameARM',/*required*/true); let endpointObject= await new AzureRMEndpoint(serviceName).getEndpoint(); - let input_workingDirectory = tl.getPathInput('workingDirectory', /*required*/ true, /*check*/ true); let isDebugEnabled = (process.env['SYSTEM_DEBUG'] || "").toLowerCase() === "true"; // string constants @@ -99,8 +101,6 @@ async function run() { // Write the script to disk. tl.assertAgent('2.115.0'); - let tempDirectory = tl.getVariable('agent.tempDirectory'); - tl.checkPath(tempDirectory, `${tempDirectory} (agent.tempDirectory)`); let filePath = path.join(tempDirectory, uuidV4() + '.ps1'); await fs.writeFile( @@ -160,6 +160,30 @@ async function run() { catch (err) { tl.setResult(tl.TaskResult.Failed, err.message || 'run() failed'); } + finally { + try { + const powershell = tl.tool(tl.which('pwsh') || tl.which('powershell') || tl.which('pwsh', true)) + .arg('-NoLogo') + .arg('-NoProfile') + .arg('-NonInteractive') + .arg('-ExecutionPolicy') + .arg('Unrestricted') + .arg('-Command') + .arg(`. '{path.join(path.resolve(__dirname),'RemoveAzContext.ps1')}'`); + + let options = { + cwd: input_workingDirectory, + failOnStdErr: false, + errStream: process.stdout, // Direct all output to STDOUT, otherwise the output may appear out + outStream: process.stdout, // of order since Node buffers it's own STDOUT but not STDERR. + ignoreReturnCode: true + }; + await powershell.exec(options); + } + catch (err) { + tl.debug("Az-clearContext not completed due to an error"); + } + } } run(); diff --git a/_generated/AzurePowerShellV5_Node20/task.json b/_generated/AzurePowerShellV5_Node20/task.json index 336a3f181f8c..2c0c88d400f2 100644 --- a/_generated/AzurePowerShellV5_Node20/task.json +++ b/_generated/AzurePowerShellV5_Node20/task.json @@ -17,7 +17,7 @@ "author": "Microsoft Corporation", "version": { "Major": 5, - "Minor": 234, + "Minor": 236, "Patch": 1 }, "releaseNotes": "Added support for Az Module and cross platform agents.", @@ -208,7 +208,7 @@ "PS_ExitCode": "PowerShell exited with code '{0}'." }, "_buildConfigMapping": { - "Default": "5.234.0", - "Node20_229_2": "5.234.1" + "Default": "5.236.0", + "Node20_229_2": "5.236.1" } } \ No newline at end of file diff --git a/_generated/AzurePowerShellV5_Node20/task.loc.json b/_generated/AzurePowerShellV5_Node20/task.loc.json index 0a53c9f811c6..8c4a13b9e1f5 100644 --- a/_generated/AzurePowerShellV5_Node20/task.loc.json +++ b/_generated/AzurePowerShellV5_Node20/task.loc.json @@ -17,7 +17,7 @@ "author": "Microsoft Corporation", "version": { "Major": 5, - "Minor": 234, + "Minor": 236, "Patch": 1 }, "releaseNotes": "ms-resource:loc.releaseNotes", @@ -208,7 +208,7 @@ "PS_ExitCode": "ms-resource:loc.messages.PS_ExitCode" }, "_buildConfigMapping": { - "Default": "5.234.0", - "Node20_229_2": "5.234.1" + "Default": "5.236.0", + "Node20_229_2": "5.236.1" } } \ No newline at end of file