private Azure(RestClient restClient, string subscriptionId, string tenantId, IAuthenticated authenticated)
{
resourceManager = ResourceManager.Fluent.ResourceManager.Authenticate(restClient).WithSubscription(subscriptionId);
storageManager = StorageManager.Authenticate(restClient, subscriptionId);
computeManager = ComputeManager.Authenticate(restClient, subscriptionId);
networkManager = NetworkManager.Authenticate(restClient, subscriptionId);
batchManager = BatchManager.Authenticate(restClient, subscriptionId);
keyVaultManager = KeyVaultManager.Authenticate(restClient, subscriptionId, tenantId);
trafficManager = TrafficManager.Fluent.TrafficManager.Authenticate(restClient, subscriptionId);
dnsZoneManager = DnsZoneManager.Authenticate(restClient, subscriptionId);
sqlManager = SqlManager.Authenticate(restClient, subscriptionId);
redisManager = RedisManager.Authenticate(restClient, subscriptionId);
cdnManager = CdnManager.Authenticate(restClient, subscriptionId);
appServiceManager = AppServiceManager.Authenticate(restClient, subscriptionId, tenantId);
searchManager = SearchManager.Authenticate(restClient, subscriptionId);
serviceBusManager = ServiceBusManager.Authenticate(restClient, subscriptionId);
containerInstanceManager = ContainerInstanceManager.Authenticate(restClient, subscriptionId);
registryManager = RegistryManager.Authenticate(restClient, subscriptionId);
containerServiceManager = ContainerServiceManager.Authenticate(restClient, subscriptionId);
cosmosDBManager = CosmosDBManager.Authenticate(restClient, subscriptionId);
authorizationManager = AuthorizationManager.Authenticate(restClient, subscriptionId);
msiManager = MsiManager.Authenticate(restClient, subscriptionId);
batchAIManager = BatchAIManager.Authenticate(restClient, subscriptionId);
monitorManager = MonitorManager.Authenticate(restClient, subscriptionId);
eventHubManager = EventHubManager.Authenticate(restClient, subscriptionId);
SubscriptionId = subscriptionId;
this.authenticated = authenticated;
}
///GENMHASH:B22FA99F4432342EBBDB2AB426A8D2A2:DB92CE96AE133E965FE6DE31D475D7ED
internal AppServiceBaseImpl(
string name,
SiteInner innerObject,
SiteConfigResourceInner configObject,
IAppServiceManager manager)
: base(name, innerObject, configObject, manager)
{
}
public RestartCommandHandler(IInstallDirectoryManager installDirectory,
IAppServiceManager appService,
ILog log)
{
_installDirectory = installDirectory;
_appService = appService;
_log = log;
}
///GENMHASH:B22FA99F4432342EBBDB2AB426A8D2A2:DB92CE96AE133E965FE6DE31D475D7ED
internal WebAppImpl(
string name,
SiteInner innerObject,
SiteConfigResourceInner configObject,
IAppServiceManager manager)
: base(name, innerObject, configObject, manager)
{
kuduClient = new KuduClient(this);
}
private void RemoveCertificate(IAppServiceManager webSiteClient, IAppServiceCertificate s, AzureWebAppSettings setting)
{
try
{
webSiteClient.AppServiceCertificates.DeleteByResourceGroup(setting.ServicePlanResourceGroupName ?? setting.ResourceGroupName, s.Name);
}
catch
{
}
}
public InstallCommandHandler(IPackageRepositoryManagerFactory packageRepositoryFactory,
IInstallDirectoryManager installDirectory,
IAppServiceManager appService,
ILog log)
{
_packageRepositoryFactory = packageRepositoryFactory;
_installDirectory = installDirectory;
_appService = appService;
_log = log;
}
public StatusCommandHandler(IInstallDirectoryManager installDirectory,
IAppServiceManager appService,
ILog log)
{
_installDirectory = installDirectory;
_appService = appService;
_log = log;
_serializer = new JsonSerializer {
NullValueHandling = NullValueHandling.Ignore
};
}
///GENMHASH:7165E4A72787EF020E1C59029B4D2D13:A0244A057D0D2A3944D2A1B6B5FC52D6
internal DeploymentSlotImpl(
string name,
SiteInner innerObject,
SiteConfigResourceInner configObject,
WebAppImpl parent,
IAppServiceManager manager)
: base(Regex.Replace(name, ".*/", ""), innerObject, configObject, manager)
{
this.name = Regex.Replace(name, ".*/", "");
this.parent = parent;
Inner.ServerFarmId = parent.AppServicePlanId();
}
internal FunctionAppImpl(string name, SiteInner innerObject, SiteConfigResourceInner configObject, IAppServiceManager manager)
: base(name, innerObject, configObject, manager)
{
kuduCredentials = new KuduCredentials(this);
}
public FunctionDeploymentSlotImpl(string name, SiteInner innerObject, SiteConfigResourceInner configObject,
SiteLogsConfigInner logConfig, FunctionAppImpl parent, IAppServiceManager manager)
: base(name, innerObject, configObject, logConfig, parent, manager)
{
}
private async Task <int> OnExecuteAsync(CommandLineApplication app, CancellationToken cancellationToken = default)
{
var authenticationOptions = AuthenticationOptions.BuildFrom(this.UseAzCliDevAuth, this.TenantId);
IAppServiceManager appServiceManager = AppServiceManagerSource.Get(
authenticationOptions, this.SubscriptionId);
IWebAppAuthentication webAppAuthConfig;
ManagedServiceIdentity managedIdentity;
IFunctionApp function = null;
try
{
function = appServiceManager.FunctionApps.GetByResourceGroup(this.ResourceGroupName, this.AppName);
}
catch (NullReferenceException)
{
// Unhelpfully, we seem to get a null reference exception if the app isn't found
}
if (function != null)
{
managedIdentity = function.Inner.Identity;
webAppAuthConfig = await function.GetAuthenticationConfigAsync(cancellationToken).ConfigureAwait(false);
}
else
{
IWebApp webApp = appServiceManager.WebApps.GetByResourceGroup(this.ResourceGroupName, this.AppName);
if (webApp == null)
{
app.Error.WriteLine($"Unable to find either a Function or Web App in resource group '{this.ResourceGroupName}' called '{this.AppName}'");
return(-1);
}
managedIdentity = webApp.Inner.Identity;
webAppAuthConfig = await webApp.GetAuthenticationConfigAsync(cancellationToken).ConfigureAwait(false);
}
if (webAppAuthConfig.Inner.Enabled == true)
{
app.Out.WriteLine($"Default Easy Auth: {webAppAuthConfig.Inner.DefaultProvider}");
app.Out.WriteLine($" Client ID: {webAppAuthConfig.Inner.ClientId}");
}
else
{
app.Out.WriteLine("Easy Auth not enabled");
}
if (managedIdentity == null)
{
app.Out.WriteLine("No managed identity");
}
else
{
app.Out.WriteLine("Managed identity:");
app.Out.WriteLine($" Type: {managedIdentity.Type}");
app.Out.WriteLine($" TenantId: {managedIdentity.TenantId}");
app.Out.WriteLine($" PrincipalId: {managedIdentity.PrincipalId}");
if (managedIdentity.UserAssignedIdentities != null)
{
foreach ((string id, ManagedServiceIdentityUserAssignedIdentitiesValue value) in managedIdentity.UserAssignedIdentities)
{
app.Out.WriteLine($" UserAssignedIdentity: Id = {id}, ClientId = {value.ClientId}, PrincipalId = {value.PrincipalId}");
}
}
}
return(0);
}
public async Task Install(ICertificateInstallModel model)
{
logger.LogInformation("Starting installation of certificate {Thumbprint} for {Host}", model.CertificateInfo.Certificate.Thumbprint, model.Host);
var cert = model.CertificateInfo;
foreach (var setting in this.settings)
{
logger.LogInformation("Installing certificate for web app {WebApp}", setting.WebAppName);
try
{
IAppServiceManager appServiceManager = GetAppServiceManager(setting);
var s = appServiceManager.WebApps.GetByResourceGroup(setting.ResourceGroupName, setting.WebAppName);
IWebAppBase siteOrSlot = s;
if (!string.IsNullOrEmpty(setting.SiteSlotName))
{
var slot = s.DeploymentSlots.GetByName(setting.SiteSlotName);
siteOrSlot = slot;
}
var existingCerts = await appServiceManager.AppServiceCertificates.ListByResourceGroupAsync(setting.ServicePlanResourceGroupName ?? setting.ResourceGroupName);
if (existingCerts.Where(_ => _.RegionName == s.RegionName).All(_ => _.Thumbprint != cert.Certificate.Thumbprint))
{
await appServiceManager.AppServiceCertificates.Define($"{cert.Certificate.Thumbprint}-{model.Host}-{s.RegionName}").WithRegion(s.RegionName).WithExistingResourceGroup(setting.ServicePlanResourceGroupName ?? setting.ResourceGroupName).WithPfxByteArray(model.CertificateInfo.PfxCertificate).WithPfxPassword(model.CertificateInfo.Password).CreateAsync();
}
var sslStates = siteOrSlot.HostNameSslStates;
var domainSslMappings = new List <KeyValuePair <string, HostNameSslState> >(sslStates.Where(_ => _.Key.Contains($"{model.Host}")));
if (domainSslMappings.Any())
{
foreach (var domainMapping in domainSslMappings)
{
string hostName = domainMapping.Value.Name;
if (domainMapping.Value.Thumbprint == cert.Certificate.Thumbprint)
{
continue;
}
logger.LogInformation("Binding certificate {Thumbprint} to {Host}", model.CertificateInfo.Certificate.Thumbprint, hostName);
var binding = new HostNameBindingInner()
{
SslState = setting.UseIPBasedSSL ? SslState.IpBasedEnabled : SslState.SniEnabled,
Thumbprint = model.CertificateInfo.Certificate.Thumbprint
};
if (!string.IsNullOrEmpty(setting.SiteSlotName))
{
await appServiceManager.Inner.WebApps.CreateOrUpdateHostNameBindingSlotAsync(setting.ResourceGroupName, setting.WebAppName, hostName, binding, setting.SiteSlotName);
}
else
{
await appServiceManager.Inner.WebApps.CreateOrUpdateHostNameBindingAsync(setting.ResourceGroupName, setting.WebAppName, hostName, binding);
}
}
}
}
catch (Exception e)
{
logger.LogCritical(e, "Unable to install certificate for '{WebApp}'", setting.WebAppName);
throw;
}
}
}
internal FunctionAppImpl(string name, SiteInner innerObject, SiteConfigResourceInner configObject,
SiteLogsConfigInner logConfig, IAppServiceManager manager)
: base(name, innerObject, configObject, logConfig, manager)
{
functionCredentials = new FunctionCredentials(this);
}
public DeploymentSlotImpl(string name, SiteInner innerObject, SiteConfigResourceInner configObject,
SiteLogsConfigInner logConfig, WebAppImpl parent, IAppServiceManager manager)
: base(name, innerObject, configObject, logConfig, parent, manager)
{
kuduClient = new KuduClient(this);
}
private async Task RemoveCertificate(IAppServiceManager webSiteClient, IAppServiceCertificate s, AzureWebAppSettings setting)
{
await webSiteClient.AppServiceCertificates.DeleteByResourceGroupAsync(setting.ServicePlanResourceGroupName ?? setting.ResourceGroupName, s.Name);
}
public DeploymentSlotImpl(string name, SiteInner innerObject, SiteConfigResourceInner configObject, WebAppImpl parent, IAppServiceManager manager)
: base(name, innerObject, configObject, parent, manager)
{
}
