public async Task CopyStringToSshFile(string input, string dest) { var path = Path.GetTempFileName(); try { var sshHost = await sshHostLookup.Value; File.WriteAllText(path, input); var sshState = await sshStateLoad.Value; var finalDest = $"{sshState.vmUser}@{sshHost}:{dest}"; await shellRunner.RunProcessVoidAsync($"scp -i {sshState.privateKeyFile} {path} {finalDest}", invalidExitCodeMessage : $"Error running command scp for '{path}' to '{dest}'."); } finally { try { File.Delete(path); } catch (Exception ex) { logger.LogError($"{ex.GetType().Name} deleting temp secret file '{path}'."); } } }
/// <summary> /// Unlock get, list, set and delete for secrets and certificates. /// </summary> /// <param name="keyVaultName"></param> /// <param name="userId"></param> /// <returns></returns> public Task UnlockSecrets(String keyVaultName, Guid userId) { var pwsh = shellRunner.CreateCommandBuilder(); pwsh.SetUnrestrictedExecution(); pwsh.AddCommand($"Import-Module Az.KeyVault"); pwsh.AddResultCommand($"Set-AzKeyVaultAccessPolicy -ObjectId {userId} -VaultName {keyVaultName} -PermissionsToSecrets set,delete,get,list -PermissionsToCertificates import,delete,get,list | ConvertTo-Json -Depth 10"); return(shellRunner.RunProcessVoidAsync(pwsh, invalidExitCodeMessage: $"Error unlocking secrets in Key Vault '{keyVaultName}'.")); }
public Task Create(String name, String resourceGroupName, String location, String adminUser, String adminPass) { var pwsh = shellRunner.CreateCommandBuilder(); pwsh.SetUnrestrictedExecution(); pwsh.AddCommand($"Import-Module Az.Sql"); pwsh.AddCommand($"$secStringPassword = ConvertTo-SecureString {adminPass} -AsPlainText"); pwsh.AddCommand($"$credObject = New-Object System.Management.Automation.PSCredential ({adminUser}, $secStringPassword)"); pwsh.AddResultCommand($"New-AzSqlServer -ServerName {name} -SqlAdministratorCredentials $credObject -Location {location} -ResourceGroupName {resourceGroupName} | ConvertTo-Json -Depth 10"); return(shellRunner.RunProcessVoidAsync(pwsh, invalidExitCodeMessage: $"Error creating Sql Server '{name}' in Resource Group '{resourceGroupName}' at '{location}'.")); }
public Task ResourceGroupDeployment(String resourceGroupName, String templateFile, String?templateParameterFile, Object args) { var pwsh = shellRunner.CreateCommandBuilder(); pwsh.SetUnrestrictedExecution(); pwsh.AddCommand($"Import-Module Az.Resources"); var commands = new FormattableString[] { $"New-AzResourceGroupDeployment -Name {Guid.NewGuid()} -ResourceGroupName {resourceGroupName}" }.Concat(SetupArgs(ref templateFile, ref templateParameterFile, args)); pwsh.AddResultCommand(commands); return(shellRunner.RunProcessVoidAsync(pwsh, invalidExitCodeMessage: $"Error creating Arm Template '{templateFile}' in Resource Group '{resourceGroupName}'.")); }
public Task SetContext(Guid subscriptionId) { var pwsh = shellRunner.CreateCommandBuilder(); pwsh.SetUnrestrictedExecution(); pwsh.AddCommand($"Import-Module Az.Accounts"); pwsh.AddResultCommand($"Set-AzContext -SubscriptionId {subscriptionId} | ConvertTo-Json -Depth 10"); return(shellRunner.RunProcessVoidAsync(pwsh, invalidExitCodeMessage: $"Error setting context to '{subscriptionId}'.")); }
public Task Create(String Name, String ResourceGroupName, string Location, String Sku) { var pwsh = shellRunner.CreateCommandBuilder(); pwsh.SetUnrestrictedExecution(); pwsh.AddCommand($"Import-Module Az.ContainerRegistry"); pwsh.AddResultCommand($"New-AzContainerRegistry -EnableAdminUser -Name {Name} -ResourceGroupName {ResourceGroupName} -Location {Location} -Sku {Sku} | ConvertTo-Json -Depth 10"); return(shellRunner.RunProcessVoidAsync(pwsh, invalidExitCodeMessage: $"Error creating Azure Container Registry '{Name}' in Resource Group '{ResourceGroupName}' in '{Location}' with sku '{Sku}'.")); }
public Task Remove(String DisplayName) { var pwsh = shellRunner.CreateCommandBuilder(); pwsh.SetUnrestrictedExecution(); pwsh.AddCommand($"Import-Module Az.Resources"); pwsh.AddCommand($"Remove-AzADServicePrincipal -Force -DisplayName {DisplayName}"); pwsh.AddResultCommand($"Remove-AzADApplication -Force -DisplayName {DisplayName} | ConvertTo-Json -Depth 10"); return(shellRunner.RunProcessVoidAsync(pwsh, invalidExitCodeMessage: $"Error getting service principal '{DisplayName}'.")); }
public Task SetSecurityRuleAccess(String NetworkSecurityGroup, String ResourceGroup, String Name, String Access, String SourceAddressPrefix) { { var pwsh = shellRunner.CreateCommandBuilder(); //Workaround from spaelling https://github.com/Azure/azure-powershell/issues/8371#issuecomment-512549409 pwsh.SetUnrestrictedExecution(); pwsh.AddCommand($"Import-Module Az.Network"); pwsh.AddCommand($"$sourceAddrs = New-Object System.Collections.Generic.List[string]"); pwsh.AddCommand($"$sourceAddrs.Add({SourceAddressPrefix})"); pwsh.AddCommand($"$nsg = Get-AzNetworkSecurityGroup -Name {NetworkSecurityGroup} -ResourceGroup {ResourceGroup}"); pwsh.AddCommand($"($nsg.SecurityRules | Where-Object {{$_.Name -eq {Name}}}).Access = {Access}"); pwsh.AddCommand($"($nsg.SecurityRules | Where-Object {{$_.Name -eq {Name}}}).SourceAddressPrefix = $sourceAddrs"); pwsh.AddResultCommand($"$nsg | Set-AzNetworkSecurityGroup | ConvertTo-Json -Depth 10"); return(shellRunner.RunProcessVoidAsync(pwsh, invalidExitCodeMessage: $"Error modifying NSG '{NetworkSecurityGroup}' from '{ResourceGroup}'.")); } }