✨: extends AzureRM Credentials

Added ARM_SUBSCRIPTION_ID, ARM_TENANT_ID, ARM_ACCESS_KEY and ARM_ENVIRONMENT as part of the Azure Credentials details

resolves #667

src/main/client/app/pages/credentials/providers/credentials-azurerm.vue

@@ -22,6 +22,46 @@
       />
       <b-form-invalid-feedback>This field is mandatory</b-form-invalid-feedback>
     </b-form-group>
+    <b-form-group
+      label="Subcription Id"
+      description="Your Azure Subscription Id (ARM_SUBSCRIPTION_ID)"
+    >
+      <b-input
+        id="credentials.name"
+        v-model="credentials.subscriptionId"
+        :state="notEmpty(credentials.subscriptionId)"
+      />
+      <b-form-invalid-feedback>This field is mandatory</b-form-invalid-feedback>
+    </b-form-group>
+    <b-form-group
+      label="Tenant Id"
+      description="Your Azure Tenant Id (ARM_TENANT_ID)"
+    >
+      <b-input
+        id="credentials.name"
+        v-model="credentials.tenantId"
+        :state="notEmpty(credentials.tenantId)"
+      />
+      <b-form-invalid-feedback>This field is mandatory</b-form-invalid-feedback>
+    </b-form-group>
+    <b-form-group
+      label="Backend Access Key"
+      description="Your Azure backend access key (ARM_ACCESS_KEY)"
+    >
+      <b-input
+        id="credentials.name"
+        v-model="credentials.backendAccessKey"
+      />
+    </b-form-group>
+    <b-form-group
+      label="Environment"
+      description="Your Azure Environment (ARM_ENVIRONMENT). Defaults to public."
+    >
+      <b-input
+        id="credentials.name"
+        v-model="credentials.environment"
+      />
+    </b-form-group>
   </div>
 </template>
 

src/main/java/io/gaia_app/credentials/Credentials.kt

@@ -48,8 +48,8 @@ data class GoogleCredentials(var serviceAccountJSONContents:String, var projectI
 }
 
 @Document
-data class AzureRMCredentials(var clientId:String, var clientSecret:String):Credentials("azurerm") {
-    override fun toEnv() = listOf("ARM_CLIENT_ID=$clientId", "ARM_CLIENT_SECRET=$clientSecret")
+data class AzureRMCredentials(var clientId:String, var clientSecret:String, var subscriptionId:String, var tenantId:String, var environment:String? = "public", var backendAccessKey:String? = null):Credentials("azurerm") {
+    override fun toEnv() = listOf("ARM_CLIENT_ID=$clientId", "ARM_CLIENT_SECRET=$clientSecret", "ARM_SUBSCRIPTION_ID=$subscriptionId", "ARM_TENANT_ID=$tenantId", "ARM_ACCESS_KEY=$backendAccessKey", "ARM_ENVIRONMENT=$environment")
 }
 
 @Document

src/main/java/io/gaia_app/vault/VaultCredentialsService.kt

@@ -97,11 +97,27 @@ fun EncryptionService.decryptGoogleCredentials(googleCredentials: GoogleCredenti
 fun EncryptionService.encryptAzurermCredentials(azureRMCredentials: AzureRMCredentials): Credentials {
     azureRMCredentials.clientId = this.encrypt(azureRMCredentials.clientId)
     azureRMCredentials.clientSecret = this.encrypt(azureRMCredentials.clientSecret)
+    azureRMCredentials.subscriptionId = this.encrypt(azureRMCredentials.subscriptionId)
+    azureRMCredentials.tenantId = this.encrypt(azureRMCredentials.tenantId)
+    if (azureRMCredentials.environment != null){
+        azureRMCredentials.environment = this.encrypt(azureRMCredentials.environment!!)
+    }
+    if (azureRMCredentials.backendAccessKey != null){
+        azureRMCredentials.backendAccessKey = this.encrypt(azureRMCredentials.backendAccessKey!!)
+    }
     return azureRMCredentials
 }
 
 fun EncryptionService.decryptAzurermCredentials(azureRMCredentials: AzureRMCredentials): Credentials {
     azureRMCredentials.clientId = this.decrypt(azureRMCredentials.clientId)
     azureRMCredentials.clientSecret = this.decrypt(azureRMCredentials.clientSecret)
+    azureRMCredentials.subscriptionId = this.decrypt(azureRMCredentials.subscriptionId)
+    azureRMCredentials.tenantId = this.decrypt(azureRMCredentials.tenantId)
+    if (azureRMCredentials.environment != null){
+        azureRMCredentials.environment = this.decrypt(azureRMCredentials.environment!!)
+    }
+    if (azureRMCredentials.backendAccessKey != null){
+        azureRMCredentials.backendAccessKey = this.decrypt(azureRMCredentials.backendAccessKey!!)
+    }
     return azureRMCredentials
 }

src/test/java/io/gaia_app/credentials/CredentialsRestControllerIT.java

@@ -1,4 +1,5 @@
 package io.gaia_app.credentials;
+//src/test/java/io/gaia_app/credentials/CredentialsRestControllerIT.java
 
 import io.gaia_app.test.SharedMongoContainerTest;
 import org.junit.jupiter.api.BeforeEach;
@@ -154,13 +155,21 @@ void users_shouldBeAbleToCreate_newAzurermCredentials() throws Exception {
                     "    \"provider\": \"azurerm\",\n" +
                     "    \"name\": \"Holocron\",\n" +
                     "    \"clientId\": \"DEATH_STAR_KEY\",\n" +
+                    "    \"subscriptionId\": \"DEATH_STAR_SUBSCRIPTION\",\n" +
+                    "    \"tenantId\": \"DEATH_STAR_TENANT\",\n" +
+                    "    \"environment\": \"DEATH_STAR_ENVIRONMENT\",\n" +
+                    "    \"backendAccessKey\": \"DEATH_STAR_BACKEND\",\n" +
                     "    \"clientSecret\": \"DEATH_STAR_SECRET\"\n" +
                     "  }"))
             .andExpect(status().isOk())
             .andExpect(jsonPath("name", is("Holocron")))
             .andExpect(jsonPath("provider", is("azurerm")))
             .andExpect(jsonPath("clientId", is("DEATH_STAR_KEY")))
             .andExpect(jsonPath("clientSecret", is("DEATH_STAR_SECRET")))
+            .andExpect(jsonPath("subscriptionId", is("DEATH_STAR_SUBSCRIPTION")))
+            .andExpect(jsonPath("tenantId", is("DEATH_STAR_TENANT")))
+            .andExpect(jsonPath("environment", is("DEATH_STAR_ENVIRONMENT")))
+            .andExpect(jsonPath("backendAccessKey", is("DEATH_STAR_BACKEND")))
             .andExpect(jsonPath("createdBy.username", is("Darth Vader")))
             .andExpect(jsonPath("id").exists());
     }

src/test/java/io/gaia_app/credentials/CredentialsTest.kt

@@ -14,9 +14,9 @@ internal class CredentialsTest {
     }
 
     @Test
-    fun `toEnv() for AzureRMCredentials should return ARM_CLIENT_ID and ARM_CLIENT_SECRET`() {
-        assertThat(AzureRMCredentials("clientId", "secret").toEnv())
-            .containsExactly("ARM_CLIENT_ID=clientId", "ARM_CLIENT_SECRET=secret")
+    fun `toEnv() for AzureRMCredentials should return ARM_CLIENT_ID, ARM_CLIENT_SECRET, ARM_SUBSCRIPTION_ID, ARM_TENANT_ID, ARM_ACCESS_KEY, ARM_ENVIRONMENT`() {
+        assertThat(AzureRMCredentials("clientId", "secret", "subscriptionId", "tenantId", "environment", "backendAccessKey").toEnv())
+            .containsExactly("ARM_CLIENT_ID=clientId", "ARM_CLIENT_SECRET=secret", "ARM_SUBSCRIPTION_ID=subscriptionId", "ARM_TENANT_ID=tenantId", "ARM_ACCESS_KEY=backendAccessKey", "ARM_ENVIRONMENT=environment")
     }
 
     @Test

src/test/java/io/gaia_app/vault/VaultCredentialsServiceTest.kt

@@ -65,11 +65,15 @@ class VaultCredentialsServiceTest {
 
     @Test
     fun findAzureRMCredentials_shouldReturnDecryptedCredentials() {
-        val encryptedAzureRMCredentials = AzureRMCredentials("encryptedClientId", "encryptedSecret")
-        val plainAzureRMCredentials = AzureRMCredentials("clientId", "secret")
+        val encryptedAzureRMCredentials = AzureRMCredentials("encryptedClientId", "encryptedSecret", "encryptedSubscriptionId", "encryptedTenantId", "encryptedEnvironment", "encryptedBackendAccessKey")
+        val plainAzureRMCredentials = AzureRMCredentials("clientId", "secret", "subscriptionId", "tenantId", "environment", "backendAccessKey")
 
         `when`(encryptionService.decrypt("encryptedClientId")).thenReturn("clientId")
         `when`(encryptionService.decrypt("encryptedSecret")).thenReturn("secret")
+        `when`(encryptionService.decrypt("encryptedSubscriptionId")).thenReturn("subscriptionId")
+        `when`(encryptionService.decrypt("encryptedTenantId")).thenReturn("tenantId")
+        `when`(encryptionService.decrypt("encryptedBackendAccessKey")).thenReturn("backendAccessKey")
+        `when`(encryptionService.decrypt("encryptedEnvironment")).thenReturn("environment")
         `when`(credentialsRepository.findById("AzureRM")).thenReturn(Optional.of(encryptedAzureRMCredentials))
 
         val credentials = credentialsService.findById("AzureRM").get()
@@ -78,11 +82,15 @@ class VaultCredentialsServiceTest {
 
     @Test
     fun saveAzureRMCredentials_shouldReturnEncryptCredentials() {
-        val plainAzureRMCredentials = AzureRMCredentials("clientId", "secret")
-        val encryptedAzureRMCredentials = AzureRMCredentials("encryptedClientId", "encryptedSecret")
+        val plainAzureRMCredentials = AzureRMCredentials("clientId", "secret", "subscriptionId", "tenantId", "environment", "backendAccessKey")
+        val encryptedAzureRMCredentials = AzureRMCredentials("encryptedClientId", "encryptedSecret", "encryptedSubscriptionId", "encryptedTenantId", "encryptedEnvironment", "encryptedBackendAccessKey")
 
         `when`(encryptionService.encrypt("clientId")).thenReturn("encryptedClientId")
         `when`(encryptionService.encrypt("secret")).thenReturn("encryptedSecret")
+        `when`(encryptionService.encrypt("subscriptionId")).thenReturn("encryptedSubscriptionId")
+        `when`(encryptionService.encrypt("tenantId")).thenReturn("encryptedTenantId")
+        `when`(encryptionService.encrypt("backendAccessKey")).thenReturn("encryptedBackendAccessKey")
+        `when`(encryptionService.encrypt("environment")).thenReturn("encryptedEnvironment")
 
         val credentials = credentialsService.save(plainAzureRMCredentials)
         assertThat(credentials).isEqualTo(encryptedAzureRMCredentials)