-
Notifications
You must be signed in to change notification settings - Fork 2
/
.bash_azure
115 lines (98 loc) · 3.01 KB
/
.bash_azure
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
# vi: set ft=sh:
AZURE_PROFILES_LOCATION="$HOME/.azure/azureProfile.json"
AZURE_DIRECTORY=$HOME/.azure
AZURE_CONFIG_FILE=$AZURE_DIRECTORY/config
AZURE_SP_TENANT_FILE=$HOME/.ssh/azure_tenant
AZURE_SP_PASSWORD_FILE=$HOME/.ssh/azure_sp_password
AZURE_SP_USERNAME_FILE=$HOME/.ssh/azure_sp_username
alias az_vpn="HTTPS_PROXY=localhost:8888 HTTP_PROXY=localhost:8888 az"
_check_file() {
if ! test -f "$1"
then
log_error "$2"
return 1
fi
}
_az_current_user() {
jq -r '.subscriptions[] | select(.isDefault == true) | .user.name' "$AZURE_PROFILES_LOCATION"
}
verify_sp_url_file_is_present() {
_check_file "$AZURE_SP_USERNAME_FILE" "Please create a file at $AZURE_SP_USERNAME_FILE \
and append your service principal's URL to it."
}
verify_sp_cert_is_present() {
_check_file "$AZURE_SP_PASSWORD_FILE" "Service principal cert not found at \
$AZURE_SP_PASSWORD_FILE. Please create one and bind it to the \
service principal at $AZURE_SP_USERNAME_FILE"
}
verify_sp_tenant_file_is_present() {
_check_file "$AZURE_SP_TENANT_FILE" "Tenant file not found at \
$AZURE_SP_TENANT_FILE."
}
create_az_login_alias() {
alias az_login="az login --service-principal \
-u '$(cat $AZURE_SP_USERNAME_FILE)' \
-p '$(cat $AZURE_SP_PASSWORD_FILE)' \
-t '$(cat $AZURE_SP_TENANT_FILE)'"
log_info "Azure has been set up. Run 'az_login' to login."
}
export_az_creds_to_shell() {
export AZURE_CLIENT_ID=$(cat $AZURE_SP_USERNAME_FILE)
export AZURE_CLIENT_PASSWORD=$(cat $AZURE_SP_PASSWORD_FILE)
export AZURE_TENANT=$(cat $AZURE_SP_TENANT_FILE)
export ARM_CLIENT_ID=$(cat $AZURE_SP_USERNAME_FILE)
export ARM_CLIENT_PASSWORD=$(cat $AZURE_SP_PASSWORD_FILE)
export ARM_TENANT=$(cat $AZURE_SP_TENANT_FILE)
}
export_new_azure_rest_api_token() {
access_token=$(generate_azure_rest_api_token)
export AZURE_REST_API_TOKEN=$access_token
}
generate_azure_rest_api_token() {
curl -Ls -X POST \
-d "grant_type=client_credentials&client_id=$AZURE_CLIENT_ID&\
client_secret=$AZURE_CLIENT_PASSWORD&\
resource=https%3A%2F%2Fmanagement.azure.com%2F" \
https://login.microsoftonline.com/$AZURE_TENANT/oauth2/token | \
jq -r .access_token
}
create_config_folder_if_not_present() {
mkdir -p "$AZURE_DIRECTORY"
}
write_azure_config() {
if ! test -f "$AZURE_CONFIG_FILE"
then
cat >"$AZURE_CONFIG_FILE" <<-INI
# This is generated automatically by your Bash profile.
# See $0 for more information.
[core]
output = json
disable_confirm_prompt = true
collect_telemetry = false
only_show_errors = true
no_color = false
[logging]
enable_log_file = false
INI
fi
}
azure_ps1_hook_enabled() {
test -f "$AZURE_PROFILES_LOCATION"
}
azure_ps1_hook() {
if test -f "$AZURE_PROFILES_LOCATION"
then
current_user=$(_az_current_user)
if test -n "$current_user"
then printf '%s' "$current_user" && return 0
fi
printf "not logged in"
fi
}
verify_sp_url_file_is_present &&
verify_sp_cert_is_present &&
verify_sp_tenant_file_is_present &&
write_azure_config &&
create_az_login_alias &&
export_new_azure_rest_api_token &&
export_az_creds_to_shell