From 3886877eb3181ed593788111da7aa36d9534f694 Mon Sep 17 00:00:00 2001 From: Simona Saitta Date: Mon, 11 Jul 2022 14:02:26 +0200 Subject: [PATCH] AzureKeyVault task - Fix keyvault name format (#16523) (#16570) * Add error message in case of invalid key vault name * bump version Co-authored-by: Simona Saitta Co-authored-by: Pavlo Andriiesh --- .../resources.resjson/en-US/resources.resjson | 3 +- .../models/KeyVaultTaskParameters.ts | 3 + Tasks/AzureKeyVaultV2/npm-shrinkwrap.json | 345 +----------------- Tasks/AzureKeyVaultV2/task.json | 5 +- Tasks/AzureKeyVaultV2/task.loc.json | 11 +- 5 files changed, 15 insertions(+), 352 deletions(-) diff --git a/Tasks/AzureKeyVaultV2/Strings/resources.resjson/en-US/resources.resjson b/Tasks/AzureKeyVaultV2/Strings/resources.resjson/en-US/resources.resjson index fa027a488f86..d1d852279274 100644 --- a/Tasks/AzureKeyVaultV2/Strings/resources.resjson/en-US/resources.resjson +++ b/Tasks/AzureKeyVaultV2/Strings/resources.resjson/en-US/resources.resjson @@ -46,5 +46,6 @@ "loc.messages.CouldNotFetchAccessTokenforMSIDueToMSINotConfiguredProperlyStatusCode": "Could not fetch access token for Managed Service Principal. Please configure Managed Service Identity (MSI) for virtual machine 'https://aka.ms/azure-msi-docs'. Status code: %s, status message: %s", "loc.messages.CouldNotFetchAccessTokenforMSIStatusCode": "Could not fetch access token for Managed Service Principal. Status code: %s, status message: %s", "loc.messages.RetryingWithVaultResourceIdFromResponse": "Retrying with vault resource Id reterieved from response : %s", - "loc.messages.ExpiredServicePrincipal": "Could not fetch access token for Azure. Verify if the Service Principal used is valid and not expired." + "loc.messages.ExpiredServicePrincipal": "Could not fetch access token for Azure. Verify if the Service Principal used is valid and not expired.", + "loc.messages.InvalidKeyVaultName": "%s is an invalid KeyVault name." } \ No newline at end of file diff --git a/Tasks/AzureKeyVaultV2/models/KeyVaultTaskParameters.ts b/Tasks/AzureKeyVaultV2/models/KeyVaultTaskParameters.ts index ecccb7dd2f42..a7a58e7e7253 100644 --- a/Tasks/AzureKeyVaultV2/models/KeyVaultTaskParameters.ts +++ b/Tasks/AzureKeyVaultV2/models/KeyVaultTaskParameters.ts @@ -23,6 +23,9 @@ export class KeyVaultTaskParameters { var connectedService = tl.getInput("ConnectedServiceName", true); this.subscriptionId = tl.getEndpointDataParameter(connectedService, "SubscriptionId", true); this.keyVaultName = tl.getInput("KeyVaultName", true); + if (this.keyVaultName != encodeURIComponent(this.keyVaultName)){ + throw new Error(tl.loc("InvalidKeyVaultName", this.keyVaultName)); + } this.secretsFilter = tl.getDelimitedInput("SecretsFilter", ",", true); var azureKeyVaultDnsSuffix = tl.getEndpointDataParameter(connectedService, "AzureKeyVaultDnsSuffix", true); if (!azureKeyVaultDnsSuffix) { diff --git a/Tasks/AzureKeyVaultV2/npm-shrinkwrap.json b/Tasks/AzureKeyVaultV2/npm-shrinkwrap.json index 45e6112a79d7..e1b69c46d106 100644 --- a/Tasks/AzureKeyVaultV2/npm-shrinkwrap.json +++ b/Tasks/AzureKeyVaultV2/npm-shrinkwrap.json @@ -1,350 +1,7 @@ { "name": "AzureKeyVault", - "lockfileVersion": 2, "requires": true, - "packages": { - "": { - "name": "AzureKeyVault", - "dependencies": { - "@types/mocha": "^5.2.7", - "@types/node": "^10.17.0", - "@types/q": "^1.5.0", - "@types/uuid": "^8.3.0", - "azure-pipelines-task-lib": "2.8.0", - "azure-pipelines-tasks-azure-arm-rest-v2": "1.0.4", - "moment": "2.21.0", - "vso-node-api": "6.0.1-preview" - }, - "devDependencies": { - "typescript": "4.0.2" - } - }, - "node_modules/@types/mocha": { - "version": "5.2.7", - "resolved": "https://registry.npmjs.org/@types/mocha/-/mocha-5.2.7.tgz", - "integrity": "sha512-NYrtPht0wGzhwe9+/idPaBB+TqkY9AhTvOLMkThm0IoEfLaiVQZwBwyJ5puCkO3AUCWrmcoePjp2mbFocKy4SQ==" - }, - "node_modules/@types/node": { - "version": "10.17.48", - "resolved": "https://registry.npmjs.org/@types/node/-/node-10.17.48.tgz", - "integrity": "sha512-Agl6xbYP6FOMDeAsr3QVZ+g7Yzg0uhPHWx0j5g4LFdUBHVtqtU+gH660k/lCEe506jJLOGbEzsnqPDTZGJQLag==" - }, - "node_modules/@types/q": { - "version": "1.5.4", - "resolved": "https://registry.npmjs.org/@types/q/-/q-1.5.4.tgz", - "integrity": "sha512-1HcDas8SEj4z1Wc696tH56G8OlRaH/sqZOynNNB+HF0WOeXPaxTtbYzJY2oEfiUxjSKjhCKr+MvR7dCHcEelug==" - }, - "node_modules/@types/uuid": { - "version": "8.3.0", - "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-8.3.0.tgz", - "integrity": "sha512-eQ9qFW/fhfGJF8WKHGEHZEyVWfZxrT+6CLIJGBcZPfxUh/+BnEj+UCGYMlr9qZuX/2AltsvwrGqp0LhEW8D0zQ==" - }, - "node_modules/azure-pipelines-task-lib": { - "version": "2.8.0", - "resolved": "https://registry.npmjs.org/azure-pipelines-task-lib/-/azure-pipelines-task-lib-2.8.0.tgz", - "integrity": "sha512-PR8oap9z2j+o455W3PwAfB4SX1p4GdJc9OHQaQV0V+iQS1IBY6dVgcNSQMkHAXb0V1bbuLOFBLanXPe5eSgGTQ==", - "dependencies": { - "minimatch": "3.0.4", - "mockery": "^1.7.0", - "q": "^1.1.2", - "semver": "^5.1.0", - "shelljs": "^0.3.0", - "uuid": "^3.0.1" - } - }, - "node_modules/azure-pipelines-tasks-azure-arm-rest-v2": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/azure-pipelines-tasks-azure-arm-rest-v2/-/azure-pipelines-tasks-azure-arm-rest-v2-1.0.4.tgz", - "integrity": "sha512-aEo1zwRZ5sYSh6AzZEWP+nFrD9TcnqoNlNy+7ItLEPKr266ToAM97vEj8vFqgtoAapMHawlErN173Uwq6TnRIA==", - "dependencies": { - "@types/mocha": "2.2.48", - "@types/node": "6.0.68", - "@types/q": "1.0.7", - "azure-pipelines-task-lib": "2.8.0", - "jsonwebtoken": "7.3.0", - "q": "1.4.1", - "typed-rest-client": "1.7.3" - } - }, - "node_modules/azure-pipelines-tasks-azure-arm-rest-v2/node_modules/@types/mocha": { - "version": "2.2.48", - "resolved": "https://registry.npmjs.org/@types/mocha/-/mocha-2.2.48.tgz", - "integrity": "sha512-nlK/iyETgafGli8Zh9zJVCTicvU3iajSkRwOh3Hhiva598CMqNJ4NcVCGMTGKpGpTYj/9R8RLzS9NAykSSCqGw==" - }, - "node_modules/azure-pipelines-tasks-azure-arm-rest-v2/node_modules/@types/node": { - "version": "6.0.68", - "resolved": "https://registry.npmjs.org/@types/node/-/node-6.0.68.tgz", - "integrity": "sha1-DEO2uLlEX+uGoPvTRX4/S8WR5m0=" - }, - "node_modules/azure-pipelines-tasks-azure-arm-rest-v2/node_modules/@types/q": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/@types/q/-/q-1.0.7.tgz", - "integrity": "sha512-0WS7XU7sXzQ7J1nbnMKKYdjrrFoO3YtZYgUzeV8JFXffPnHfvSJQleR70I8BOAsOm14i4dyaAZ3YzqIl1YhkXQ==" - }, - "node_modules/azure-pipelines-tasks-azure-arm-rest-v2/node_modules/q": { - "version": "1.4.1", - "resolved": "https://registry.npmjs.org/q/-/q-1.4.1.tgz", - "integrity": "sha1-VXBbzZPF82c1MMLCy8DCs63cKG4=", - "engines": { - "node": ">=0.6.0", - "teleport": ">=0.2.0" - } - }, - "node_modules/balanced-match": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" - }, - "node_modules/brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "dependencies": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "node_modules/buffer-equal-constant-time": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/buffer-equal-constant-time/-/buffer-equal-constant-time-1.0.1.tgz", - "integrity": "sha1-+OcRMvf/5uAaXJaXpMbz5I1cyBk=" - }, - "node_modules/concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=" - }, - "node_modules/ecdsa-sig-formatter": { - "version": "1.0.11", - "resolved": "https://registry.npmjs.org/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.11.tgz", - "integrity": "sha512-nagl3RYrbNv6kQkeJIpt6NJZy8twLB/2vtz6yN9Z4vRKHN4/QZJIEbqohALSgwKdnksuY3k5Addp5lg8sVoVcQ==", - "dependencies": { - "safe-buffer": "^5.0.1" - } - }, - "node_modules/hoek": { - "version": "2.16.3", - "resolved": "https://registry.npmjs.org/hoek/-/hoek-2.16.3.tgz", - "integrity": "sha1-ILt0A9POo5jpHcRxCo/xuCdKJe0=", - "engines": { - "node": ">=0.10.40" - } - }, - "node_modules/isemail": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/isemail/-/isemail-1.2.0.tgz", - "integrity": "sha1-vgPfjMPineTSxd9lASY/H6RZXpo=", - "engines": { - "node": ">=0.10" - } - }, - "node_modules/joi": { - "version": "6.10.1", - "resolved": "https://registry.npmjs.org/joi/-/joi-6.10.1.tgz", - "integrity": "sha1-TVDDGAeRIgAP5fFq8f+OGRe3fgY=", - "dependencies": { - "hoek": "2.x.x", - "isemail": "1.x.x", - "moment": "2.x.x", - "topo": "1.x.x" - }, - "engines": { - "node": ">=0.10.40", - "npm": ">=2.0.0" - } - }, - "node_modules/jsonwebtoken": { - "version": "7.3.0", - "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-7.3.0.tgz", - "integrity": "sha1-hRGNanDj/M3xQ4n056HD+cip+7o=", - "dependencies": { - "joi": "^6.10.1", - "jws": "^3.1.4", - "lodash.once": "^4.0.0", - "ms": "^0.7.1", - "xtend": "^4.0.1" - }, - "engines": { - "node": ">=0.12", - "npm": ">=1.4.28" - } - }, - "node_modules/jwa": { - "version": "1.4.1", - "resolved": "https://registry.npmjs.org/jwa/-/jwa-1.4.1.tgz", - "integrity": "sha512-qiLX/xhEEFKUAJ6FiBMbes3w9ATzyk5W7Hvzpa/SLYdxNtng+gcurvrI7TbACjIXlsJyr05/S1oUhZrc63evQA==", - "dependencies": { - "buffer-equal-constant-time": "1.0.1", - "ecdsa-sig-formatter": "1.0.11", - "safe-buffer": "^5.0.1" - } - }, - "node_modules/jws": { - "version": "3.2.2", - "resolved": "https://registry.npmjs.org/jws/-/jws-3.2.2.tgz", - "integrity": "sha512-YHlZCB6lMTllWDtSPHz/ZXTsi8S00usEV6v1tjq8tOUZzw7DpSDWVXjXDre6ed1w/pd495ODpHZYSdkRTsa0HA==", - "dependencies": { - "jwa": "^1.4.1", - "safe-buffer": "^5.0.1" - } - }, - "node_modules/lodash.once": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/lodash.once/-/lodash.once-4.1.1.tgz", - "integrity": "sha1-DdOXEhPHxW34gJd9UEyI+0cal6w=" - }, - "node_modules/minimatch": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz", - "integrity": "sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA==", - "dependencies": { - "brace-expansion": "^1.1.7" - }, - "engines": { - "node": "*" - } - }, - "node_modules/mockery": { - "version": "1.7.0", - "resolved": "https://registry.npmjs.org/mockery/-/mockery-1.7.0.tgz", - "integrity": "sha1-9O3g2HUMHJcnwnLqLGBiniyaHE8=" - }, - "node_modules/moment": { - "version": "2.21.0", - "resolved": "https://registry.npmjs.org/moment/-/moment-2.21.0.tgz", - "integrity": "sha512-TCZ36BjURTeFTM/CwRcViQlfkMvL1/vFISuNLO5GkcVm1+QHfbSiNqZuWeMFjj1/3+uAjXswgRk30j1kkLYJBQ==", - "engines": { - "node": "*" - } - }, - "node_modules/ms": { - "version": "0.7.3", - "resolved": "https://registry.npmjs.org/ms/-/ms-0.7.3.tgz", - "integrity": "sha1-cIFVpeROM/X9D8U+gdDUCpG+H/8=" - }, - "node_modules/q": { - "version": "1.5.1", - "resolved": "https://registry.npmjs.org/q/-/q-1.5.1.tgz", - "integrity": "sha1-fjL3W0E4EpHQRhHxvxQQmsAGUdc=", - "engines": { - "node": ">=0.6.0", - "teleport": ">=0.2.0" - } - }, - "node_modules/qs": { - "version": "6.9.6", - "resolved": "https://registry.npmjs.org/qs/-/qs-6.9.6.tgz", - "integrity": "sha512-TIRk4aqYLNoJUbd+g2lEdz5kLWIuTMRagAXxl78Q0RiVjAOugHmeKNGdd3cwo/ktpf9aL9epCfFqWDEKysUlLQ==", - "engines": { - "node": ">=0.6" - } - }, - "node_modules/safe-buffer": { - "version": "5.2.1", - "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz", - "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==" - }, - "node_modules/semver": { - "version": "5.7.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz", - "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==", - "bin": { - "semver": "bin/semver" - } - }, - "node_modules/shelljs": { - "version": "0.3.0", - "resolved": "https://registry.npmjs.org/shelljs/-/shelljs-0.3.0.tgz", - "integrity": "sha1-NZbmMHp4FUT1kfN9phg2DzHbV7E=", - "bin": { - "shjs": "bin/shjs" - }, - "engines": { - "node": ">=0.8.0" - } - }, - "node_modules/topo": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/topo/-/topo-1.1.0.tgz", - "integrity": "sha1-6ddRYV0buH3IZdsYL6HKCl71NtU=", - "dependencies": { - "hoek": "2.x.x" - }, - "engines": { - "node": ">=0.10.40" - } - }, - "node_modules/tunnel": { - "version": "0.0.4", - "resolved": "https://registry.npmjs.org/tunnel/-/tunnel-0.0.4.tgz", - "integrity": "sha1-LTeFoVjBdMmhbcLARuxfxfF0IhM=", - "engines": { - "node": ">=0.6.11 <=0.7.0 || >=0.7.3" - } - }, - "node_modules/typed-rest-client": { - "version": "1.7.3", - "resolved": "https://registry.npmjs.org/typed-rest-client/-/typed-rest-client-1.7.3.tgz", - "integrity": "sha512-CwTpx/TkRHGZoHkJhBcp4X8K3/WtlzSHVQR0OIFnt10j4tgy4ypgq/SrrgVpA1s6tAL49Q6J3R5C0Cgfh2ddqA==", - "dependencies": { - "qs": "^6.9.1", - "tunnel": "0.0.6", - "underscore": "1.8.3" - } - }, - "node_modules/typed-rest-client/node_modules/tunnel": { - "version": "0.0.6", - "resolved": "https://registry.npmjs.org/tunnel/-/tunnel-0.0.6.tgz", - "integrity": "sha512-1h/Lnq9yajKY2PEbBadPXj3VxsDDu844OnaAo52UVmIzIvwwtBPIuNvkjuzBlTWpfJyUbG3ez0KSBibQkj4ojg==", - "engines": { - "node": ">=0.6.11 <=0.7.0 || >=0.7.3" - } - }, - "node_modules/typescript": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-4.0.2.tgz", - "integrity": "sha512-e4ERvRV2wb+rRZ/IQeb3jm2VxBsirQLpQhdxplZ2MEzGvDkkMmPglecnNDfSUBivMjP93vRbngYYDQqQ/78bcQ==", - "dev": true, - "bin": { - "tsc": "bin/tsc", - "tsserver": "bin/tsserver" - }, - "engines": { - "node": ">=4.2.0" - } - }, - "node_modules/underscore": { - "version": "1.8.3", - "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.8.3.tgz", - "integrity": "sha1-Tz+1OxBuYJf8+ctBCfKl6b36UCI=" - }, - "node_modules/uuid": { - "version": "3.4.0", - "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", - "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==", - "bin": { - "uuid": "bin/uuid" - } - }, - "node_modules/vso-node-api": { - "version": "6.0.1-preview", - "resolved": "https://registry.npmjs.org/vso-node-api/-/vso-node-api-6.0.1-preview.tgz", - "integrity": "sha1-RBprv5s8aNpiTbAeo1y6jwpMLKs=", - "dependencies": { - "q": "^1.0.1", - "tunnel": "0.0.4", - "underscore": "^1.8.3" - } - }, - "node_modules/xtend": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/xtend/-/xtend-4.0.2.tgz", - "integrity": "sha512-LKYU1iAXJXUgAXn9URjiu+MWhyUXHsvfp7mcuYm9dSUKK0/CjtrUwFAxD82/mCWbtLsGjFIad0wIsod4zrTAEQ==", - "engines": { - "node": ">=0.4" - } - } - }, + "lockfileVersion": 1, "dependencies": { "@types/mocha": { "version": "5.2.7", diff --git a/Tasks/AzureKeyVaultV2/task.json b/Tasks/AzureKeyVaultV2/task.json index 8d74dea3ab34..281c1d997cae 100644 --- a/Tasks/AzureKeyVaultV2/task.json +++ b/Tasks/AzureKeyVaultV2/task.json @@ -14,7 +14,7 @@ "author": "Microsoft Corporation", "version": { "Major": 2, - "Minor": 200, + "Minor": 207, "Patch": 0 }, "demands": [], @@ -118,6 +118,7 @@ "CouldNotFetchAccessTokenforMSIDueToMSINotConfiguredProperlyStatusCode": "Could not fetch access token for Managed Service Principal. Please configure Managed Service Identity (MSI) for virtual machine 'https://aka.ms/azure-msi-docs'. Status code: %s, status message: %s", "CouldNotFetchAccessTokenforMSIStatusCode": "Could not fetch access token for Managed Service Principal. Status code: %s, status message: %s", "RetryingWithVaultResourceIdFromResponse": "Retrying with vault resource Id reterieved from response : %s", - "ExpiredServicePrincipal": "Could not fetch access token for Azure. Verify if the Service Principal used is valid and not expired." + "ExpiredServicePrincipal": "Could not fetch access token for Azure. Verify if the Service Principal used is valid and not expired.", + "InvalidKeyVaultName": "%s is an invalid KeyVault name." } } diff --git a/Tasks/AzureKeyVaultV2/task.loc.json b/Tasks/AzureKeyVaultV2/task.loc.json index db816589df81..ceb189bbdc0a 100644 --- a/Tasks/AzureKeyVaultV2/task.loc.json +++ b/Tasks/AzureKeyVaultV2/task.loc.json @@ -14,7 +14,7 @@ "author": "Microsoft Corporation", "version": { "Major": 2, - "Minor": 200, + "Minor": 207, "Patch": 0 }, "demands": [], @@ -48,7 +48,7 @@ "defaultValue": "*", "required": true, "helpMarkDown": "ms-resource:loc.input.help.SecretsFilter", - "options": { + "properties": { "EditableOptions": "True" } }, @@ -59,7 +59,7 @@ "defaultValue": false, "required": true, "helpMarkDown": "ms-resource:loc.input.help.RunAsPreJob", - "options": { + "properties": { "EditableOptions": "True" } } @@ -118,6 +118,7 @@ "CouldNotFetchAccessTokenforMSIDueToMSINotConfiguredProperlyStatusCode": "ms-resource:loc.messages.CouldNotFetchAccessTokenforMSIDueToMSINotConfiguredProperlyStatusCode", "CouldNotFetchAccessTokenforMSIStatusCode": "ms-resource:loc.messages.CouldNotFetchAccessTokenforMSIStatusCode", "RetryingWithVaultResourceIdFromResponse": "ms-resource:loc.messages.RetryingWithVaultResourceIdFromResponse", - "ExpiredServicePrincipal": "ms-resource:loc.messages.ExpiredServicePrincipal" + "ExpiredServicePrincipal": "ms-resource:loc.messages.ExpiredServicePrincipal", + "InvalidKeyVaultName": "ms-resource:loc.messages.InvalidKeyVaultName" } -} +} \ No newline at end of file