From a38dbdebbf2080f21570cd7c63c893a3ed847b83 Mon Sep 17 00:00:00 2001 From: Nitin ISsac Joy Date: Fri, 20 Dec 2019 10:52:53 +0530 Subject: [PATCH 1/5] Revert "ARG Task Review comments from release PR to master (#11916)" This reverts commit e585a5f7fc5745ed3bbd04d3118c1cd37be84166. --- .../operations/ResourceGroup.ts | 34 +++++--------- .../operations/DeploymentScopeBase.ts | 45 ++++++++----------- 2 files changed, 29 insertions(+), 50 deletions(-) diff --git a/Tasks/AzureResourceGroupDeploymentV2/operations/ResourceGroup.ts b/Tasks/AzureResourceGroupDeploymentV2/operations/ResourceGroup.ts index 3f8a5b8d2dba..7b8f958dcd66 100644 --- a/Tasks/AzureResourceGroupDeploymentV2/operations/ResourceGroup.ts +++ b/Tasks/AzureResourceGroupDeploymentV2/operations/ResourceGroup.ts @@ -119,14 +119,12 @@ export class ResourceGroup { private winRMExtensionHelper: winRM.WinRMExtensionHelper; private deploymentGroupExtensionHelper: dgExtensionHelper.DeploymentGroupExtensionHelper; private environmentHelper: env.EnvironmentHelper; - private _spnName: string; constructor(taskParameters: deployAzureRG.AzureRGTaskParameters) { this.taskParameters = taskParameters; this.winRMExtensionHelper = new winRM.WinRMExtensionHelper(this.taskParameters); this.deploymentGroupExtensionHelper = new dgExtensionHelper.DeploymentGroupExtensionHelper(this.taskParameters); this.environmentHelper = new env.EnvironmentHelper(this.taskParameters); - this._spnName = null; } public async createOrUpdateResourceGroup(): Promise { @@ -526,11 +524,7 @@ export class ResourceGroup { }); } - private async performAzureDeployment(armClient: armResource.ResourceManagementClient, deployment: Deployment, retryCount = 0): Promise { - if(!this._spnName) { - this._spnName = await this.getServicePrincipalName(); - } - + private async performAzureDeployment(armClient: armResource.ResourceManagementClient, deployment: Deployment, retryCount = 0, spnName: string): Promise { if (deployment.properties["mode"] === "Validation") { return this.validateDeployment(armClient, deployment); } else { @@ -541,11 +535,13 @@ export class ResourceGroup { armClient.deployments.createOrUpdate(this.taskParameters.deploymentName, deployment, (error, result, request, response) => { if (error) { if(error.code == "ResourceGroupNotFound" && retryCount > 0){ - return this.waitAndPerformAzureDeployment(armClient, deployment, retryCount); + return this.waitAndPerformAzureDeployment(armClient, deployment, retryCount, spnName); } this.writeDeploymentErrors(error); - this.printServicePrincipalRoleAssignmentError(error); - this.checkAndPrintPortalDeploymentURL(error); + if(error.statusCode == 403) { + tl.error(tl.loc("ServicePrincipalRoleAssignmentDetails", spnName, this.taskParameters.resourceGroupName)); + } + this.checkAndPrintPortalDeploymentURL(); return reject(tl.loc("CreateTemplateDeploymentFailed")); } if (result && result["properties"] && result["properties"]["outputs"] && utils.isNonEmpty(this.taskParameters.deploymentOutputs)) { @@ -560,21 +556,13 @@ export class ResourceGroup { } } - private printServicePrincipalRoleAssignmentError(error: any) { - if(!!error && error.statusCode == 403) { - tl.error(tl.loc("ServicePrincipalRoleAssignmentDetails", this._spnName, this.taskParameters.resourceGroupName)); - } - } - - protected checkAndPrintPortalDeploymentURL(error: any) { - if(!!error && (error.statusCode < 400 || error.statusCode >= 500)) { - tl.error(tl.loc("FindMoreDeploymentDetailsAzurePortal", this.getAzurePortalDeploymentURL())); - } + protected checkAndPrintPortalDeploymentURL() { + tl.error(tl.loc("FindMoreDeploymentDetailsAzurePortal", this.getAzurePortalDeploymentURL())); } - private async waitAndPerformAzureDeployment(armClient: armResource.ResourceManagementClient, deployment: Deployment, retryCount): Promise { + private async waitAndPerformAzureDeployment(armClient: armResource.ResourceManagementClient, deployment: Deployment, retryCount, spnName: string): Promise { await sleepFor(3); - return this.performAzureDeployment(armClient, deployment, retryCount - 1); + return this.performAzureDeployment(armClient, deployment, retryCount - 1, spnName); } private async createTemplateDeployment(armClient: armResource.ResourceManagementClient) { @@ -587,7 +575,7 @@ export class ResourceGroup { } else { throw new Error(tl.loc("InvalidTemplateLocation")); } - await this.performAzureDeployment(armClient, deployment, 3); + await this.performAzureDeployment(armClient, deployment, 3, await this.getServicePrincipalName()); } protected async getServicePrincipalName(): Promise { diff --git a/Tasks/AzureResourceManagerTemplateDeploymentV3/operations/DeploymentScopeBase.ts b/Tasks/AzureResourceManagerTemplateDeploymentV3/operations/DeploymentScopeBase.ts index b5f27d3b4ac5..5af8c36a4c00 100644 --- a/Tasks/AzureResourceManagerTemplateDeploymentV3/operations/DeploymentScopeBase.ts +++ b/Tasks/AzureResourceManagerTemplateDeploymentV3/operations/DeploymentScopeBase.ts @@ -11,7 +11,6 @@ export class DeploymentScopeBase { protected deploymentParameters: DeploymentParameters; protected taskParameters: armDeployTaskParameters.TaskParameters; protected armClient: armResource.AzureServiceClientBase; - private _spnName: string = null; constructor(armClient: armResource.AzureServiceClientBase, taskParameters: armDeployTaskParameters.TaskParameters, deploymentParameters?: DeploymentParameters) { this.taskParameters = taskParameters; @@ -50,15 +49,10 @@ export class DeploymentScopeBase { } this.deploymentParameters = params; - await this.performAzureDeployment(3); + await this.performAzureDeployment(3, await this.getServicePrincipalName()); } - protected async performAzureDeployment(retryCount = 0): Promise { - - if(!this._spnName) { - this._spnName = await this.getServicePrincipalName(); - } - + protected async performAzureDeployment(retryCount = 0, spnName: string): Promise { if (this.deploymentParameters.properties["mode"] === "Validation") { return this.validateDeployment(); } else { @@ -69,11 +63,20 @@ export class DeploymentScopeBase { this.armClient.deployments.createOrUpdate(this.taskParameters.deploymentName, this.deploymentParameters, (error, result, request, response) => { if (error) { if(this.taskParameters.deploymentScope === "Resource Group" && error.code == "ResourceGroupNotFound" && retryCount > 0){ - return this.waitAndPerformAzureDeployment(retryCount); + return this.waitAndPerformAzureDeployment(retryCount, spnName); } utils.writeDeploymentErrors(this.taskParameters, error); - this.checkAndPrintPortalDeploymentURL(error); - this.printServicePrincipalRoleAssignmentError(error); + this.checkAndPrintPortalDeploymentURL(); + if(error.statusCode == 403) { + if(this.taskParameters.deploymentScope == "Resource Group") { + tl.error(tl.loc("ServicePrincipalRoleAssignmentDetails", spnName, this.taskParameters.resourceGroupName)); + } else if(this.taskParameters.deploymentScope == "Subscription") { + tl.error(tl.loc("ServicePrincipalRoleAssignmentDetails", spnName, this.taskParameters.subscriptionId)); + } else if(this.taskParameters.deploymentScope == "Management Group") { + tl.error(tl.loc("ServicePrincipalRoleAssignmentDetails", spnName, this.taskParameters.managementGroupId)); + } + } + return reject(tl.loc("CreateTemplateDeploymentFailed")); } if (result && result["properties"] && result["properties"]["outputs"] && utils.isNonEmpty(this.taskParameters.deploymentOutputs)) { @@ -88,20 +91,8 @@ export class DeploymentScopeBase { } } - private printServicePrincipalRoleAssignmentError(error: any) { - if(!!error && error.statusCode == 403) { - if(this.taskParameters.deploymentScope == "Resource Group") { - tl.error(tl.loc("ServicePrincipalRoleAssignmentDetails", this._spnName, this.taskParameters.resourceGroupName)); - } else if(this.taskParameters.deploymentScope == "Subscription") { - tl.error(tl.loc("ServicePrincipalRoleAssignmentDetails", this._spnName, this.taskParameters.subscriptionId)); - } else if(this.taskParameters.deploymentScope == "Management Group") { - tl.error(tl.loc("ServicePrincipalRoleAssignmentDetails", this._spnName, this.taskParameters.managementGroupId)); - } - } - } - - protected checkAndPrintPortalDeploymentURL(error: any) { - if((this.taskParameters.deploymentScope == "Resource Group" || this.taskParameters.deploymentScope == "Subscription") && (!!error && (error.statusCode < 400 || error.statusCode >= 500))) { + protected checkAndPrintPortalDeploymentURL() { + if(this.taskParameters.deploymentScope == "Resource Group") { tl.error(tl.loc("FindMoreDeploymentDetailsAzurePortal", this.getAzurePortalDeploymentURL())); } } @@ -146,8 +137,8 @@ export class DeploymentScopeBase { }); } - private async waitAndPerformAzureDeployment(retryCount): Promise { + private async waitAndPerformAzureDeployment(retryCount, spnName: string): Promise { await sleepFor(3); - return this.performAzureDeployment(retryCount - 1); + return this.performAzureDeployment(retryCount - 1, spnName); } } \ No newline at end of file From 128a987f1416738efd49c4988bfd01935d1d9101 Mon Sep 17 00:00:00 2001 From: Nitin ISsac Joy Date: Fri, 20 Dec 2019 10:54:41 +0530 Subject: [PATCH 2/5] Revert "AzureResourceGroupDeployment: Improve docs/error logs to surface SPN details to user (#11860)" This reverts commit 2f363fc6d07297aeeef43310e62f429c8ab5f04a. --- .../resources.resjson/en-US/resources.resjson | 2 - .../Tests/EnablePrereq.ts | 2 - .../Tests/VMOperations.ts | 2 - .../Tests/addVSTSExtension.ts | 2 - .../Tests/createOrUpdate.ts | 2 - .../Tests/deleteResourceGroup.ts | 2 - .../Tests/deleteVSTSExtension.ts | 2 - .../azure-graph/azure-graph.js | 42 ------------------- .../Tests/selectResourceGroup.ts | 2 - .../models/DeployAzureRG.ts | 14 ------- .../operations/ResourceGroup.ts | 26 +++--------- .../AzureResourceGroupDeploymentV2/task.json | 2 - .../task.loc.json | 2 - .../resources.resjson/en-US/resources.resjson | 2 - .../Tests/createOrUpdate.ts | 2 - .../Tests/deleteResourceGroup.ts | 2 - .../azure-graph/azure-graph.js | 42 ------------------- .../models/TaskParameters.ts | 16 +------ .../operations/DeploymentScopeBase.ts | 31 +++----------- .../task.json | 4 +- .../task.loc.json | 4 +- 21 files changed, 14 insertions(+), 191 deletions(-) delete mode 100644 Tasks/AzureResourceGroupDeploymentV2/Tests/mock_node_modules/azure-graph/azure-graph.js delete mode 100644 Tasks/AzureResourceManagerTemplateDeploymentV3/Tests/mock_node_modules/azure-graph/azure-graph.js diff --git a/Tasks/AzureResourceGroupDeploymentV2/Strings/resources.resjson/en-US/resources.resjson b/Tasks/AzureResourceGroupDeploymentV2/Strings/resources.resjson/en-US/resources.resjson index 4a30c67df548..e827d5b0bb23 100644 --- a/Tasks/AzureResourceGroupDeploymentV2/Strings/resources.resjson/en-US/resources.resjson +++ b/Tasks/AzureResourceGroupDeploymentV2/Strings/resources.resjson/en-US/resources.resjson @@ -192,7 +192,5 @@ "loc.messages.ExpiredServicePrincipal": "Could not fetch access token for Azure. Verify if the Service Principal used is valid and not expired.", "loc.messages.DeploymentGroupConfigurationNotSucceeded": "Deployment group configuration did not succeed on one or more Virtual Machine(s): %s", "loc.messages.DeploymentGroupConfigurationFailedOnVM": "Failure for Virtual Machine '%s': %s", - "loc.messages.ServicePrincipalRoleAssignmentDetails": "Please make sure the Service Principal with name %s is assigned the right roles for the Resource Group %s. Follow the link for more details: https://docs.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal", - "loc.messages.ServicePrincipalFetchFailed": "Error while fetching Service Principal details: %s", "loc.messages.FindMoreDeploymentDetailsAzurePortal": "Task successfully created an Azure Resource Manager deployment, but the deployment failed. Please see more detailed Azure resource manager deployment logs at: (Please Copy-Paste the link) %s" } \ No newline at end of file diff --git a/Tasks/AzureResourceGroupDeploymentV2/Tests/EnablePrereq.ts b/Tasks/AzureResourceGroupDeploymentV2/Tests/EnablePrereq.ts index dffba8476fdc..30a58c99053c 100644 --- a/Tasks/AzureResourceGroupDeploymentV2/Tests/EnablePrereq.ts +++ b/Tasks/AzureResourceGroupDeploymentV2/Tests/EnablePrereq.ts @@ -22,7 +22,6 @@ process.env["ENDPOINT_AUTH_PARAMETER_AzureRM_SERVICEPRINCIPALKEY"] = "key"; process.env["ENDPOINT_AUTH_PARAMETER_AzureRM_TENANTID"] = "tenant"; process.env["ENDPOINT_DATA_AzureRM_SUBSCRIPTIONID"] = "sId"; process.env["ENDPOINT_DATA_AzureRM_SUBSCRIPTIONNAME"] = "sName"; -process.env["ENDPOINT_DATA_AzureRM_GRAPHURL"] = "https://graph.windows.net/"; process.env["ENDPOINT_URL_AzureRM"] = "https://management.azure.com/"; process.env["ENDPOINT_DATA_AzureRM_ENVIRONMENTAUTHORITYURL"] = "https://login.windows.net/"; @@ -48,5 +47,4 @@ tr.registerMock('azure-arm-rest-v2/webRequestUtility', require('./mock_node_modu tr.registerMock('azure-arm-rest-v2/azure-arm-compute', require('./mock_node_modules/azure-arm-compute')); tr.registerMock('azure-arm-rest-v2/azure-arm-network', require('./mock_node_modules/azure-arm-network')); tr.registerMock('azure-arm-rest-v2/azure-arm-resource', require('./mock_node_modules/azure-arm-resource')); -tr.registerMock('azure-arm-rest-v2/azure-graph', require('./mock_node_modules/azure-graph/azure-graph')); tr.run(); \ No newline at end of file diff --git a/Tasks/AzureResourceGroupDeploymentV2/Tests/VMOperations.ts b/Tasks/AzureResourceGroupDeploymentV2/Tests/VMOperations.ts index 247d7370b37e..10c200b13aed 100644 --- a/Tasks/AzureResourceGroupDeploymentV2/Tests/VMOperations.ts +++ b/Tasks/AzureResourceGroupDeploymentV2/Tests/VMOperations.ts @@ -15,12 +15,10 @@ process.env["ENDPOINT_AUTH_PARAMETER_AzureRM_SERVICEPRINCIPALKEY"] = "key"; process.env["ENDPOINT_AUTH_PARAMETER_AzureRM_TENANTID"] = "tenant"; process.env["ENDPOINT_DATA_AzureRM_SUBSCRIPTIONID"] = "sId"; process.env["ENDPOINT_DATA_AzureRM_SUBSCRIPTIONNAME"] = "sName"; -process.env["ENDPOINT_DATA_AzureRM_GRAPHURL"] = "https://graph.windows.net/"; process.env["ENDPOINT_URL_AzureRM"] = "https://management.azure.com/"; process.env["ENDPOINT_DATA_AzureRM_ENVIRONMENTAUTHORITYURL"] = "https://login.windows.net/"; process.env["ENDPOINT_DATA_AzureRM_ACTIVEDIRECTORYSERVICEENDPOINTRESOURCEID"] = "https://management.azure.com"; tr.registerMock('azure-pipelines-task-lib/toolrunner', require('azure-pipelines-task-lib/mock-toolrunner')); tr.registerMock('azure-arm-rest-v2/azure-arm-compute', require('./mock_node_modules/azure-arm-compute')); -tr.registerMock('azure-arm-rest-v2/azure-graph', require('./mock_node_modules/azure-graph/azure-graph')); tr.run(); \ No newline at end of file diff --git a/Tasks/AzureResourceGroupDeploymentV2/Tests/addVSTSExtension.ts b/Tasks/AzureResourceGroupDeploymentV2/Tests/addVSTSExtension.ts index 8870ce4adc5a..9fe7bc453741 100644 --- a/Tasks/AzureResourceGroupDeploymentV2/Tests/addVSTSExtension.ts +++ b/Tasks/AzureResourceGroupDeploymentV2/Tests/addVSTSExtension.ts @@ -27,7 +27,6 @@ process.env["ENDPOINT_AUTH_PARAMETER_AzureRM_SERVICEPRINCIPALKEY"] = "key"; process.env["ENDPOINT_AUTH_PARAMETER_AzureRM_TENANTID"] = "tenant"; process.env["ENDPOINT_DATA_AzureRM_SUBSCRIPTIONID"] = "sId"; process.env["ENDPOINT_DATA_AzureRM_SUBSCRIPTIONNAME"] = "sName"; -process.env["ENDPOINT_DATA_AzureRM_GRAPHURL"] = "https://graph.windows.net/";; process.env["ENDPOINT_URL_AzureRM"] = "https://management.azure.com/"; process.env["ENDPOINT_DATA_AzureRM_ENVIRONMENTAUTHORITYURL"] = "https://login.windows.net/"; process.env["ENDPOINT_URL_PatEndpoint"] = "https://testking123.visualstudio.com"; @@ -56,7 +55,6 @@ tr.registerMock('azure-arm-rest-v2/webRequestUtility', require('./mock_node_modu tr.registerMock('azure-arm-rest-v2/azure-arm-network', require('./mock_node_modules/azure-arm-network')); tr.registerMock('azure-arm-rest-v2/azure-arm-resource', require('./mock_node_modules/azure-arm-resource')); tr.registerMock('azure-arm-rest-v2/azure-arm-compute', require('./mock_node_modules/azure-arm-compute')); -tr.registerMock('azure-arm-rest-v2/azure-graph', require('./mock_node_modules/azure-graph/azure-graph')); tr.run(); \ No newline at end of file diff --git a/Tasks/AzureResourceGroupDeploymentV2/Tests/createOrUpdate.ts b/Tasks/AzureResourceGroupDeploymentV2/Tests/createOrUpdate.ts index b7b8ca9c6699..b3c5a38a2038 100644 --- a/Tasks/AzureResourceGroupDeploymentV2/Tests/createOrUpdate.ts +++ b/Tasks/AzureResourceGroupDeploymentV2/Tests/createOrUpdate.ts @@ -23,7 +23,6 @@ process.env["ENDPOINT_AUTH_PARAMETER_AzureRM_SERVICEPRINCIPALKEY"] = "key"; process.env["ENDPOINT_AUTH_PARAMETER_AzureRM_TENANTID"] = "tenant"; process.env["ENDPOINT_DATA_AzureRM_SUBSCRIPTIONID"] = "sId"; process.env["ENDPOINT_DATA_AzureRM_SUBSCRIPTIONNAME"] = "sName"; -process.env["ENDPOINT_DATA_AzureRM_GRAPHURL"] = "https://graph.windows.net/"; process.env["ENDPOINT_URL_AzureRM"] = "https://management.azure.com/"; process.env["ENDPOINT_DATA_AzureRM_ENVIRONMENTAUTHORITYURL"] = "https://login.windows.net/"; process.env["ENDPOINT_DATA_AzureRM_ACTIVEDIRECTORYSERVICEENDPOINTRESOURCEID"] = "https://management.azure.com"; @@ -50,5 +49,4 @@ tr.setAnswers(a); tr.registerMock('azure-pipelines-task-lib/toolrunner', require('azure-pipelines-task-lib/mock-toolrunner')); tr.registerMock('azure-arm-rest-v2/azure-arm-resource', require('./mock_node_modules/azure-arm-resource')); -tr.registerMock('azure-arm-rest-v2/azure-graph', require('./mock_node_modules/azure-graph/azure-graph')); tr.run(); \ No newline at end of file diff --git a/Tasks/AzureResourceGroupDeploymentV2/Tests/deleteResourceGroup.ts b/Tasks/AzureResourceGroupDeploymentV2/Tests/deleteResourceGroup.ts index c70d48c7ad30..ffe869ac8547 100644 --- a/Tasks/AzureResourceGroupDeploymentV2/Tests/deleteResourceGroup.ts +++ b/Tasks/AzureResourceGroupDeploymentV2/Tests/deleteResourceGroup.ts @@ -15,12 +15,10 @@ process.env["ENDPOINT_AUTH_PARAMETER_AzureRM_SERVICEPRINCIPALKEY"] = "key"; process.env["ENDPOINT_AUTH_PARAMETER_AzureRM_TENANTID"] = "tenant"; process.env["ENDPOINT_DATA_AzureRM_SUBSCRIPTIONID"] = "sId"; process.env["ENDPOINT_DATA_AzureRM_SUBSCRIPTIONNAME"] = "sName"; -process.env["ENDPOINT_DATA_AzureRM_GRAPHURL"] = "https://graph.windows.net/"; process.env["ENDPOINT_URL_AzureRM"] = "https://management.azure.com/"; process.env["ENDPOINT_DATA_AzureRM_ENVIRONMENTAUTHORITYURL"] = "https://login.windows.net/"; process.env["ENDPOINT_DATA_AzureRM_ACTIVEDIRECTORYSERVICEENDPOINTRESOURCEID"] = "https://management.azure.com"; tr.registerMock('azure-pipelines-task-lib/toolrunner', require('azure-pipelines-task-lib/mock-toolrunner')); tr.registerMock('azure-arm-rest-v2/azure-arm-resource', require('./mock_node_modules/azure-arm-resource')); -tr.registerMock('azure-arm-rest-v2/azure-graph', require('./mock_node_modules/azure-graph/azure-graph')); tr.run(); \ No newline at end of file diff --git a/Tasks/AzureResourceGroupDeploymentV2/Tests/deleteVSTSExtension.ts b/Tasks/AzureResourceGroupDeploymentV2/Tests/deleteVSTSExtension.ts index 5addf8369a46..9698ca961ed0 100644 --- a/Tasks/AzureResourceGroupDeploymentV2/Tests/deleteVSTSExtension.ts +++ b/Tasks/AzureResourceGroupDeploymentV2/Tests/deleteVSTSExtension.ts @@ -16,7 +16,6 @@ process.env["ENDPOINT_AUTH_PARAMETER_AzureRM_SERVICEPRINCIPALKEY"] = "key"; process.env["ENDPOINT_AUTH_PARAMETER_AzureRM_TENANTID"] = "tenant"; process.env["ENDPOINT_DATA_AzureRM_SUBSCRIPTIONID"] = "sId"; process.env["ENDPOINT_DATA_AzureRM_SUBSCRIPTIONNAME"] = "sName"; -process.env["ENDPOINT_DATA_AzureRM_GRAPHURL"] = "https://graph.windows.net/"; process.env["ENDPOINT_URL_AzureRM"] = "https://management.azure.com/"; process.env["ENDPOINT_DATA_AzureRM_ENVIRONMENTAUTHORITYURL"] = "https://login.windows.net/"; process.env["ENDPOINT_DATA_AzureRM_ACTIVEDIRECTORYSERVICEENDPOINTRESOURCEID"] = "https://management.azure.com"; @@ -26,5 +25,4 @@ tr.registerMock('azure-pipelines-task-lib/toolrunner', require('azure-pipelines- tr.registerMock('azure-arm-rest-v2/azure-arm-resource', require('./mock_node_modules/azure-arm-resource')); tr.registerMock('azure-arm-rest-v2/azure-arm-compute', require('./mock_node_modules/azure-arm-compute')); tr.registerMock('azure-arm-rest-v2/azure-arm-network', require('./mock_node_modules/azure-arm-network')); -tr.registerMock('azure-arm-rest-v2/azure-graph', require('./mock_node_modules/azure-graph/azure-graph')); tr.run(); \ No newline at end of file diff --git a/Tasks/AzureResourceGroupDeploymentV2/Tests/mock_node_modules/azure-graph/azure-graph.js b/Tasks/AzureResourceGroupDeploymentV2/Tests/mock_node_modules/azure-graph/azure-graph.js deleted file mode 100644 index bb6ffc772565..000000000000 --- a/Tasks/AzureResourceGroupDeploymentV2/Tests/mock_node_modules/azure-graph/azure-graph.js +++ /dev/null @@ -1,42 +0,0 @@ -'use strict'; - -class GraphManagementClient { - constructor(credentials, subscriptionId, baseUri, options) { - this.credentials = credentials; - this.apiVersion = '1.6'; - this.acceptLanguage = 'en-US'; - this.generateClientRequestId = true; - if (!options) - options = {}; - if (baseUri) { - this.baseUri = baseUri; - } - if (options.acceptLanguage) { - this.acceptLanguage = options.acceptLanguage; - } - if (options.longRunningOperationRetryTimeout) { - this.longRunningOperationRetryTimeout = options.longRunningOperationRetryTimeout; - } - if (options.generateClientRequestId) { - this.generateClientRequestId = options.generateClientRequestId; - } - this.servicePrincipals = new ServicePrincipals(this); - } - - getCredentials() { - return this.credentials; - } -} -exports.GraphManagementClient = GraphManagementClient; -class ServicePrincipals { - constructor(graphClient) { - this.client = graphClient; - } - GetServicePrincipal(options) { - return { - "objectId": "oId", - "appDisplayName": "someDisplayName" - } - } -} -exports.ServicePrincipals = ServicePrincipals; diff --git a/Tasks/AzureResourceGroupDeploymentV2/Tests/selectResourceGroup.ts b/Tasks/AzureResourceGroupDeploymentV2/Tests/selectResourceGroup.ts index 810ed914cc2f..08168543a1aa 100644 --- a/Tasks/AzureResourceGroupDeploymentV2/Tests/selectResourceGroup.ts +++ b/Tasks/AzureResourceGroupDeploymentV2/Tests/selectResourceGroup.ts @@ -17,7 +17,6 @@ process.env["ENDPOINT_AUTH_PARAMETER_AzureRM_SERVICEPRINCIPALKEY"] = "key"; process.env["ENDPOINT_AUTH_PARAMETER_AzureRM_TENANTID"] = "tenant"; process.env["ENDPOINT_DATA_AzureRM_SUBSCRIPTIONID"] = "sId"; process.env["ENDPOINT_DATA_AzureRM_SUBSCRIPTIONNAME"] = "sName"; -process.env["ENDPOINT_DATA_AzureRM_GRAPHURL"] = "https://graph.windows.net/"; process.env["ENDPOINT_URL_AzureRM"] = "https://management.azure.com/"; process.env["ENDPOINT_DATA_AzureRM_ENVIRONMENTAUTHORITYURL"] = "https://login.windows.net/"; process.env["ENDPOINT_DATA_AzureRM_ACTIVEDIRECTORYSERVICEENDPOINTRESOURCEID"] = "https://management.azure.com"; @@ -26,5 +25,4 @@ tr.registerMock('azure-pipelines-task-lib/toolrunner', require('azure-pipelines- tr.registerMock('azure-arm-rest-v2/azure-arm-resource', require('./mock_node_modules/azure-arm-resource')); tr.registerMock('azure-arm-rest-v2/azure-arm-compute', require('./mock_node_modules/azure-arm-compute')); tr.registerMock('azure-arm-rest-v2/azure-arm-network', require('./mock_node_modules/azure-arm-network')); -tr.registerMock('azure-arm-rest-v2/azure-graph', require('./mock_node_modules/azure-graph/azure-graph')); tr.run(); \ No newline at end of file diff --git a/Tasks/AzureResourceGroupDeploymentV2/models/DeployAzureRG.ts b/Tasks/AzureResourceGroupDeploymentV2/models/DeployAzureRG.ts index 8493640d7550..78122bb28e37 100644 --- a/Tasks/AzureResourceGroupDeploymentV2/models/DeployAzureRG.ts +++ b/Tasks/AzureResourceGroupDeploymentV2/models/DeployAzureRG.ts @@ -66,7 +66,6 @@ export class AzureRGTaskParameters { public deploymentName: string; public deploymentMode: string; public credentials: msRestAzure.ApplicationTokenCredentials; - public graphCredentials: msRestAzure.ApplicationTokenCredentials; public deploymentGroupProjectName = ""; public tokenCredentials: TokenCredentials; public deploymentOutputs: string; @@ -96,18 +95,6 @@ export class AzureRGTaskParameters { throw (msg); } } - - private _getAzureADGraphCredentials(connectedService: string): msRestAzure.ApplicationTokenCredentials { - var servicePrincipalId: string = tl.getEndpointAuthorizationParameter(connectedService, "serviceprincipalid", false); - var servicePrincipalKey: string = tl.getEndpointAuthorizationParameter(connectedService, "serviceprincipalkey", false); - var tenantId: string = tl.getEndpointAuthorizationParameter(connectedService, "tenantid", false); - var envAuthorityUrl: string = tl.getEndpointDataParameter(connectedService, 'environmentauthorityurl', false); - envAuthorityUrl = (envAuthorityUrl != null) ? envAuthorityUrl : "https://login.windows.net/"; - var activeDirectoryResourceId: string = tl.getEndpointDataParameter(connectedService, 'graphUrl', false); - activeDirectoryResourceId = (activeDirectoryResourceId != null) ? activeDirectoryResourceId : "https://graph.windows.net/"; - var credentials = new msRestAzure.ApplicationTokenCredentials(servicePrincipalId, tenantId, servicePrincipalKey, activeDirectoryResourceId, envAuthorityUrl, activeDirectoryResourceId, false); - return credentials; - } private async getARMCredentials(connectedService: string): Promise { var azureEndpoint = await new AzureRMEndpoint(connectedService).getEndpoint(); @@ -153,7 +140,6 @@ export class AzureRGTaskParameters { this.deploymentName = tl.getInput("deploymentName"); this.deploymentMode = tl.getInput("deploymentMode"); this.credentials = await this.getARMCredentials(this.connectedService); - this.graphCredentials = this._getAzureADGraphCredentials(this.connectedService); this.deploymentGroupProjectName = tl.getInput("project"); this.deploymentOutputs = tl.getInput("deploymentOutputs"); this.addSpnToEnvironment = tl.getBoolInput("addSpnToEnvironment", false); diff --git a/Tasks/AzureResourceGroupDeploymentV2/operations/ResourceGroup.ts b/Tasks/AzureResourceGroupDeploymentV2/operations/ResourceGroup.ts index 7b8f958dcd66..5f389febe162 100644 --- a/Tasks/AzureResourceGroupDeploymentV2/operations/ResourceGroup.ts +++ b/Tasks/AzureResourceGroupDeploymentV2/operations/ResourceGroup.ts @@ -2,7 +2,7 @@ import path = require("path"); import tl = require("azure-pipelines-task-lib/task"); import fs = require("fs"); import util = require("util"); -import azureGraph = require("azure-arm-rest-v2/azure-graph"); + import env = require("./Environment"); import deployAzureRG = require("../models/DeployAzureRG"); import armResource = require("azure-arm-rest-v2/azure-arm-resource"); @@ -524,7 +524,7 @@ export class ResourceGroup { }); } - private async performAzureDeployment(armClient: armResource.ResourceManagementClient, deployment: Deployment, retryCount = 0, spnName: string): Promise { + private async performAzureDeployment(armClient: armResource.ResourceManagementClient, deployment: Deployment, retryCount = 0): Promise { if (deployment.properties["mode"] === "Validation") { return this.validateDeployment(armClient, deployment); } else { @@ -535,12 +535,9 @@ export class ResourceGroup { armClient.deployments.createOrUpdate(this.taskParameters.deploymentName, deployment, (error, result, request, response) => { if (error) { if(error.code == "ResourceGroupNotFound" && retryCount > 0){ - return this.waitAndPerformAzureDeployment(armClient, deployment, retryCount, spnName); + return this.waitAndPerformAzureDeployment(armClient, deployment, retryCount); } this.writeDeploymentErrors(error); - if(error.statusCode == 403) { - tl.error(tl.loc("ServicePrincipalRoleAssignmentDetails", spnName, this.taskParameters.resourceGroupName)); - } this.checkAndPrintPortalDeploymentURL(); return reject(tl.loc("CreateTemplateDeploymentFailed")); } @@ -560,9 +557,9 @@ export class ResourceGroup { tl.error(tl.loc("FindMoreDeploymentDetailsAzurePortal", this.getAzurePortalDeploymentURL())); } - private async waitAndPerformAzureDeployment(armClient: armResource.ResourceManagementClient, deployment: Deployment, retryCount, spnName: string): Promise { + private async waitAndPerformAzureDeployment(armClient: armResource.ResourceManagementClient, deployment: Deployment, retryCount): Promise { await sleepFor(3); - return this.performAzureDeployment(armClient, deployment, retryCount - 1, spnName); + return this.performAzureDeployment(armClient, deployment, retryCount - 1); } private async createTemplateDeployment(armClient: armResource.ResourceManagementClient) { @@ -575,20 +572,9 @@ export class ResourceGroup { } else { throw new Error(tl.loc("InvalidTemplateLocation")); } - await this.performAzureDeployment(armClient, deployment, 3, await this.getServicePrincipalName()); + await this.performAzureDeployment(armClient, deployment, 3); } - protected async getServicePrincipalName(): Promise { - try { - var graphClient: azureGraph.GraphManagementClient = new azureGraph.GraphManagementClient(this.taskParameters.graphCredentials); - var servicePrincipalObject = await graphClient.servicePrincipals.GetServicePrincipal(null); - return !!servicePrincipalObject ? servicePrincipalObject.appDisplayName : ""; - } catch (error) { - tl.debug(tl.loc("ServicePrincipalFetchFailed", error)); - return ""; - } - } - private getAzurePortalDeploymentURL() { try { let portalUrl = this.taskParameters.endpointPortalUrl ? this.taskParameters.endpointPortalUrl : "https://portal.azure.com"; diff --git a/Tasks/AzureResourceGroupDeploymentV2/task.json b/Tasks/AzureResourceGroupDeploymentV2/task.json index 923f55fed76a..0b2ea7a7e4bb 100644 --- a/Tasks/AzureResourceGroupDeploymentV2/task.json +++ b/Tasks/AzureResourceGroupDeploymentV2/task.json @@ -481,8 +481,6 @@ "ExpiredServicePrincipal": "Could not fetch access token for Azure. Verify if the Service Principal used is valid and not expired.", "DeploymentGroupConfigurationNotSucceeded": "Deployment group configuration did not succeed on one or more Virtual Machine(s): %s", "DeploymentGroupConfigurationFailedOnVM": "Failure for Virtual Machine '%s': %s", - "ServicePrincipalRoleAssignmentDetails": "Please make sure the Service Principal with name %s is assigned the right roles for the Resource Group %s. Follow the link for more details: https://docs.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal", - "ServicePrincipalFetchFailed": "Error while fetching Service Principal details: %s", "FindMoreDeploymentDetailsAzurePortal": "Task successfully created an Azure Resource Manager deployment, but the deployment failed. Please see more detailed Azure resource manager deployment logs at: (Please Copy-Paste the link) %s" } } \ No newline at end of file diff --git a/Tasks/AzureResourceGroupDeploymentV2/task.loc.json b/Tasks/AzureResourceGroupDeploymentV2/task.loc.json index 42e5fd5b8f97..6906426bb535 100644 --- a/Tasks/AzureResourceGroupDeploymentV2/task.loc.json +++ b/Tasks/AzureResourceGroupDeploymentV2/task.loc.json @@ -481,8 +481,6 @@ "ExpiredServicePrincipal": "ms-resource:loc.messages.ExpiredServicePrincipal", "DeploymentGroupConfigurationNotSucceeded": "ms-resource:loc.messages.DeploymentGroupConfigurationNotSucceeded", "DeploymentGroupConfigurationFailedOnVM": "ms-resource:loc.messages.DeploymentGroupConfigurationFailedOnVM", - "ServicePrincipalRoleAssignmentDetails": "ms-resource:loc.messages.ServicePrincipalRoleAssignmentDetails", - "ServicePrincipalFetchFailed": "ms-resource:loc.messages.ServicePrincipalFetchFailed", "FindMoreDeploymentDetailsAzurePortal": "ms-resource:loc.messages.FindMoreDeploymentDetailsAzurePortal" } } \ No newline at end of file diff --git a/Tasks/AzureResourceManagerTemplateDeploymentV3/Strings/resources.resjson/en-US/resources.resjson b/Tasks/AzureResourceManagerTemplateDeploymentV3/Strings/resources.resjson/en-US/resources.resjson index 97c2f31885e8..c0a6996c5eed 100644 --- a/Tasks/AzureResourceManagerTemplateDeploymentV3/Strings/resources.resjson/en-US/resources.resjson +++ b/Tasks/AzureResourceManagerTemplateDeploymentV3/Strings/resources.resjson/en-US/resources.resjson @@ -83,7 +83,5 @@ "loc.messages.LocationNotProvided": "Location is required for deployment", "loc.messages.ARMServiceConnectionScope": "ARM Service Conection deployment scope - %s", "loc.messages.CompleteDeploymentModeNotSupported": "Deployment mode 'Complete' is not supported for deployment at '%s' scope", - "loc.messages.ServicePrincipalRoleAssignmentDetails": "Please make sure the Service Principal with name %s is assigned the right roles for the entity %s. Follow the link for more details: https://docs.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal", - "loc.messages.ServicePrincipalFetchFailed": "Error while fetching Service Principal details: %s", "loc.messages.FindMoreDeploymentDetailsAzurePortal": "Task successfully created an Azure Resource Manager deployment, but the deployment failed. Please see more detailed Azure resource manager deployment logs at: (Please Copy-Paste the link) %s" } \ No newline at end of file diff --git a/Tasks/AzureResourceManagerTemplateDeploymentV3/Tests/createOrUpdate.ts b/Tasks/AzureResourceManagerTemplateDeploymentV3/Tests/createOrUpdate.ts index b7b8ca9c6699..b3c5a38a2038 100644 --- a/Tasks/AzureResourceManagerTemplateDeploymentV3/Tests/createOrUpdate.ts +++ b/Tasks/AzureResourceManagerTemplateDeploymentV3/Tests/createOrUpdate.ts @@ -23,7 +23,6 @@ process.env["ENDPOINT_AUTH_PARAMETER_AzureRM_SERVICEPRINCIPALKEY"] = "key"; process.env["ENDPOINT_AUTH_PARAMETER_AzureRM_TENANTID"] = "tenant"; process.env["ENDPOINT_DATA_AzureRM_SUBSCRIPTIONID"] = "sId"; process.env["ENDPOINT_DATA_AzureRM_SUBSCRIPTIONNAME"] = "sName"; -process.env["ENDPOINT_DATA_AzureRM_GRAPHURL"] = "https://graph.windows.net/"; process.env["ENDPOINT_URL_AzureRM"] = "https://management.azure.com/"; process.env["ENDPOINT_DATA_AzureRM_ENVIRONMENTAUTHORITYURL"] = "https://login.windows.net/"; process.env["ENDPOINT_DATA_AzureRM_ACTIVEDIRECTORYSERVICEENDPOINTRESOURCEID"] = "https://management.azure.com"; @@ -50,5 +49,4 @@ tr.setAnswers(a); tr.registerMock('azure-pipelines-task-lib/toolrunner', require('azure-pipelines-task-lib/mock-toolrunner')); tr.registerMock('azure-arm-rest-v2/azure-arm-resource', require('./mock_node_modules/azure-arm-resource')); -tr.registerMock('azure-arm-rest-v2/azure-graph', require('./mock_node_modules/azure-graph/azure-graph')); tr.run(); \ No newline at end of file diff --git a/Tasks/AzureResourceManagerTemplateDeploymentV3/Tests/deleteResourceGroup.ts b/Tasks/AzureResourceManagerTemplateDeploymentV3/Tests/deleteResourceGroup.ts index c70d48c7ad30..ffe869ac8547 100644 --- a/Tasks/AzureResourceManagerTemplateDeploymentV3/Tests/deleteResourceGroup.ts +++ b/Tasks/AzureResourceManagerTemplateDeploymentV3/Tests/deleteResourceGroup.ts @@ -15,12 +15,10 @@ process.env["ENDPOINT_AUTH_PARAMETER_AzureRM_SERVICEPRINCIPALKEY"] = "key"; process.env["ENDPOINT_AUTH_PARAMETER_AzureRM_TENANTID"] = "tenant"; process.env["ENDPOINT_DATA_AzureRM_SUBSCRIPTIONID"] = "sId"; process.env["ENDPOINT_DATA_AzureRM_SUBSCRIPTIONNAME"] = "sName"; -process.env["ENDPOINT_DATA_AzureRM_GRAPHURL"] = "https://graph.windows.net/"; process.env["ENDPOINT_URL_AzureRM"] = "https://management.azure.com/"; process.env["ENDPOINT_DATA_AzureRM_ENVIRONMENTAUTHORITYURL"] = "https://login.windows.net/"; process.env["ENDPOINT_DATA_AzureRM_ACTIVEDIRECTORYSERVICEENDPOINTRESOURCEID"] = "https://management.azure.com"; tr.registerMock('azure-pipelines-task-lib/toolrunner', require('azure-pipelines-task-lib/mock-toolrunner')); tr.registerMock('azure-arm-rest-v2/azure-arm-resource', require('./mock_node_modules/azure-arm-resource')); -tr.registerMock('azure-arm-rest-v2/azure-graph', require('./mock_node_modules/azure-graph/azure-graph')); tr.run(); \ No newline at end of file diff --git a/Tasks/AzureResourceManagerTemplateDeploymentV3/Tests/mock_node_modules/azure-graph/azure-graph.js b/Tasks/AzureResourceManagerTemplateDeploymentV3/Tests/mock_node_modules/azure-graph/azure-graph.js deleted file mode 100644 index bb6ffc772565..000000000000 --- a/Tasks/AzureResourceManagerTemplateDeploymentV3/Tests/mock_node_modules/azure-graph/azure-graph.js +++ /dev/null @@ -1,42 +0,0 @@ -'use strict'; - -class GraphManagementClient { - constructor(credentials, subscriptionId, baseUri, options) { - this.credentials = credentials; - this.apiVersion = '1.6'; - this.acceptLanguage = 'en-US'; - this.generateClientRequestId = true; - if (!options) - options = {}; - if (baseUri) { - this.baseUri = baseUri; - } - if (options.acceptLanguage) { - this.acceptLanguage = options.acceptLanguage; - } - if (options.longRunningOperationRetryTimeout) { - this.longRunningOperationRetryTimeout = options.longRunningOperationRetryTimeout; - } - if (options.generateClientRequestId) { - this.generateClientRequestId = options.generateClientRequestId; - } - this.servicePrincipals = new ServicePrincipals(this); - } - - getCredentials() { - return this.credentials; - } -} -exports.GraphManagementClient = GraphManagementClient; -class ServicePrincipals { - constructor(graphClient) { - this.client = graphClient; - } - GetServicePrincipal(options) { - return { - "objectId": "oId", - "appDisplayName": "someDisplayName" - } - } -} -exports.ServicePrincipals = ServicePrincipals; diff --git a/Tasks/AzureResourceManagerTemplateDeploymentV3/models/TaskParameters.ts b/Tasks/AzureResourceManagerTemplateDeploymentV3/models/TaskParameters.ts index f740650c6b61..536f70070f3e 100644 --- a/Tasks/AzureResourceManagerTemplateDeploymentV3/models/TaskParameters.ts +++ b/Tasks/AzureResourceManagerTemplateDeploymentV3/models/TaskParameters.ts @@ -19,30 +19,17 @@ export class TaskParameters { public deploymentName: string; public deploymentMode: string; public credentials: msRestAzure.ApplicationTokenCredentials; - public graphCredentials: msRestAzure.ApplicationTokenCredentials; public deploymentOutputs: string; public addSpnToEnvironment: boolean; public connectedService: string; public deploymentScope: string; public managementGroupId: string; - + private async getARMCredentials(connectedService: string): Promise { var azureEndpoint = await new AzureRMEndpoint(connectedService).getEndpoint(); return azureEndpoint.applicationTokenCredentials; } - private _getAzureADGraphCredentials(connectedService: string): msRestAzure.ApplicationTokenCredentials { - var servicePrincipalId: string = tl.getEndpointAuthorizationParameter(connectedService, "serviceprincipalid", false); - var servicePrincipalKey: string = tl.getEndpointAuthorizationParameter(connectedService, "serviceprincipalkey", false); - var tenantId: string = tl.getEndpointAuthorizationParameter(connectedService, "tenantid", false); - var envAuthorityUrl: string = tl.getEndpointDataParameter(connectedService, 'environmentauthorityurl', false); - envAuthorityUrl = (envAuthorityUrl != null) ? envAuthorityUrl : "https://login.windows.net/"; - var activeDirectoryResourceId: string = tl.getEndpointDataParameter(connectedService, 'graphUrl', false); - activeDirectoryResourceId = (activeDirectoryResourceId != null) ? activeDirectoryResourceId : "https://graph.windows.net/"; - var credentials = new msRestAzure.ApplicationTokenCredentials(servicePrincipalId, tenantId, servicePrincipalKey, activeDirectoryResourceId, envAuthorityUrl, activeDirectoryResourceId, false); - return credentials; - } - public async getTaskParameters() : Promise { try { @@ -117,7 +104,6 @@ export class TaskParameters { this.outputVariable = tl.getInput("outputVariable"); this.deploymentName = tl.getInput("deploymentName"); this.credentials = await this.getARMCredentials(this.connectedService); - this.graphCredentials = this._getAzureADGraphCredentials(this.connectedService); this.deploymentOutputs = tl.getInput("deploymentOutputs"); this.addSpnToEnvironment = tl.getBoolInput("addSpnToEnvironment", false); this.action = tl.getInput("action"); diff --git a/Tasks/AzureResourceManagerTemplateDeploymentV3/operations/DeploymentScopeBase.ts b/Tasks/AzureResourceManagerTemplateDeploymentV3/operations/DeploymentScopeBase.ts index 5af8c36a4c00..6cb42e13f1e5 100644 --- a/Tasks/AzureResourceManagerTemplateDeploymentV3/operations/DeploymentScopeBase.ts +++ b/Tasks/AzureResourceManagerTemplateDeploymentV3/operations/DeploymentScopeBase.ts @@ -5,7 +5,6 @@ import armResource = require("azure-arm-rest-v2/AzureServiceClientBase"); import utils = require("./Utils"); import { sleepFor } from 'azure-arm-rest-v2/webClient'; import { DeploymentParameters } from "./DeploymentParameters"; -import azureGraph = require("azure-arm-rest-v2/azure-graph"); export class DeploymentScopeBase { protected deploymentParameters: DeploymentParameters; @@ -22,17 +21,6 @@ export class DeploymentScopeBase { await this.createTemplateDeployment(); } - protected async getServicePrincipalName(): Promise { - try { - var graphClient: azureGraph.GraphManagementClient = new azureGraph.GraphManagementClient(this.taskParameters.graphCredentials); - var servicePrincipalObject = await graphClient.servicePrincipals.GetServicePrincipal(null); - return !!servicePrincipalObject ? servicePrincipalObject.appDisplayName : ""; - } catch (error) { - tl.debug(tl.loc("ServicePrincipalFetchFailed", error)); - return ""; - } - } - protected async createTemplateDeployment() { console.log(tl.loc("CreatingTemplateDeployment")); var params: DeploymentParameters; @@ -49,10 +37,10 @@ export class DeploymentScopeBase { } this.deploymentParameters = params; - await this.performAzureDeployment(3, await this.getServicePrincipalName()); + await this.performAzureDeployment(3); } - protected async performAzureDeployment(retryCount = 0, spnName: string): Promise { + protected async performAzureDeployment(retryCount = 0): Promise { if (this.deploymentParameters.properties["mode"] === "Validation") { return this.validateDeployment(); } else { @@ -63,19 +51,10 @@ export class DeploymentScopeBase { this.armClient.deployments.createOrUpdate(this.taskParameters.deploymentName, this.deploymentParameters, (error, result, request, response) => { if (error) { if(this.taskParameters.deploymentScope === "Resource Group" && error.code == "ResourceGroupNotFound" && retryCount > 0){ - return this.waitAndPerformAzureDeployment(retryCount, spnName); + return this.waitAndPerformAzureDeployment(retryCount); } utils.writeDeploymentErrors(this.taskParameters, error); this.checkAndPrintPortalDeploymentURL(); - if(error.statusCode == 403) { - if(this.taskParameters.deploymentScope == "Resource Group") { - tl.error(tl.loc("ServicePrincipalRoleAssignmentDetails", spnName, this.taskParameters.resourceGroupName)); - } else if(this.taskParameters.deploymentScope == "Subscription") { - tl.error(tl.loc("ServicePrincipalRoleAssignmentDetails", spnName, this.taskParameters.subscriptionId)); - } else if(this.taskParameters.deploymentScope == "Management Group") { - tl.error(tl.loc("ServicePrincipalRoleAssignmentDetails", spnName, this.taskParameters.managementGroupId)); - } - } return reject(tl.loc("CreateTemplateDeploymentFailed")); } @@ -137,8 +116,8 @@ export class DeploymentScopeBase { }); } - private async waitAndPerformAzureDeployment(retryCount, spnName: string): Promise { + private async waitAndPerformAzureDeployment(retryCount): Promise { await sleepFor(3); - return this.performAzureDeployment(retryCount - 1, spnName); + return this.performAzureDeployment(retryCount - 1); } } \ No newline at end of file diff --git a/Tasks/AzureResourceManagerTemplateDeploymentV3/task.json b/Tasks/AzureResourceManagerTemplateDeploymentV3/task.json index e2a54b85bf33..7f5f3a6a92b7 100644 --- a/Tasks/AzureResourceManagerTemplateDeploymentV3/task.json +++ b/Tasks/AzureResourceManagerTemplateDeploymentV3/task.json @@ -15,7 +15,7 @@ "version": { "Major": 3, "Minor": 1, - "Patch": 9 + "Patch": 8 }, "preview": "true", "demands": [], @@ -302,8 +302,6 @@ "LocationNotProvided": "Location is required for deployment", "ARMServiceConnectionScope": "ARM Service Conection deployment scope - %s", "CompleteDeploymentModeNotSupported": "Deployment mode 'Complete' is not supported for deployment at '%s' scope", - "ServicePrincipalRoleAssignmentDetails": "Please make sure the Service Principal with name %s is assigned the right roles for the entity %s. Follow the link for more details: https://docs.microsoft.com/en-us/azure/role-based-access-control/role-assignments-portal", - "ServicePrincipalFetchFailed": "Error while fetching Service Principal details: %s", "FindMoreDeploymentDetailsAzurePortal": "Task successfully created an Azure Resource Manager deployment, but the deployment failed. Please see more detailed Azure resource manager deployment logs at: (Please Copy-Paste the link) %s" } } diff --git a/Tasks/AzureResourceManagerTemplateDeploymentV3/task.loc.json b/Tasks/AzureResourceManagerTemplateDeploymentV3/task.loc.json index 9fb62ef44fb3..8a008097233c 100644 --- a/Tasks/AzureResourceManagerTemplateDeploymentV3/task.loc.json +++ b/Tasks/AzureResourceManagerTemplateDeploymentV3/task.loc.json @@ -15,7 +15,7 @@ "version": { "Major": 3, "Minor": 1, - "Patch": 9 + "Patch": 8 }, "preview": "true", "demands": [], @@ -302,8 +302,6 @@ "LocationNotProvided": "ms-resource:loc.messages.LocationNotProvided", "ARMServiceConnectionScope": "ms-resource:loc.messages.ARMServiceConnectionScope", "CompleteDeploymentModeNotSupported": "ms-resource:loc.messages.CompleteDeploymentModeNotSupported", - "ServicePrincipalRoleAssignmentDetails": "ms-resource:loc.messages.ServicePrincipalRoleAssignmentDetails", - "ServicePrincipalFetchFailed": "ms-resource:loc.messages.ServicePrincipalFetchFailed", "FindMoreDeploymentDetailsAzurePortal": "ms-resource:loc.messages.FindMoreDeploymentDetailsAzurePortal" } } \ No newline at end of file From 90b9976cf34ce701155ea420758469ec129df00a Mon Sep 17 00:00:00 2001 From: Nitin ISsac Joy Date: Fri, 20 Dec 2019 10:57:22 +0530 Subject: [PATCH 3/5] Revert "AzureResourceGroupDeploymentTask: Improving error log to point to Deployment logs in Ibiza Portal (#11853)" This reverts commit 8f02a1ca236450d5c766fbf5754984e8cdf215ef. --- .../resources.resjson/en-US/resources.resjson | 3 +-- .../operations/ResourceGroup.ts | 18 ------------- .../AzureResourceGroupDeploymentV2/task.json | 5 ++-- .../task.loc.json | 5 ++-- .../resources.resjson/en-US/resources.resjson | 3 +-- .../operations/DeploymentScopeBase.ts | 27 ------------------- .../task.json | 5 ++-- .../task.loc.json | 5 ++-- 8 files changed, 10 insertions(+), 61 deletions(-) diff --git a/Tasks/AzureResourceGroupDeploymentV2/Strings/resources.resjson/en-US/resources.resjson b/Tasks/AzureResourceGroupDeploymentV2/Strings/resources.resjson/en-US/resources.resjson index e827d5b0bb23..4235150a614f 100644 --- a/Tasks/AzureResourceGroupDeploymentV2/Strings/resources.resjson/en-US/resources.resjson +++ b/Tasks/AzureResourceGroupDeploymentV2/Strings/resources.resjson/en-US/resources.resjson @@ -191,6 +191,5 @@ "loc.messages.LogDeploymentName": "Deployment name is %s", "loc.messages.ExpiredServicePrincipal": "Could not fetch access token for Azure. Verify if the Service Principal used is valid and not expired.", "loc.messages.DeploymentGroupConfigurationNotSucceeded": "Deployment group configuration did not succeed on one or more Virtual Machine(s): %s", - "loc.messages.DeploymentGroupConfigurationFailedOnVM": "Failure for Virtual Machine '%s': %s", - "loc.messages.FindMoreDeploymentDetailsAzurePortal": "Task successfully created an Azure Resource Manager deployment, but the deployment failed. Please see more detailed Azure resource manager deployment logs at: (Please Copy-Paste the link) %s" + "loc.messages.DeploymentGroupConfigurationFailedOnVM": "Failure for Virtual Machine '%s': %s" } \ No newline at end of file diff --git a/Tasks/AzureResourceGroupDeploymentV2/operations/ResourceGroup.ts b/Tasks/AzureResourceGroupDeploymentV2/operations/ResourceGroup.ts index 5f389febe162..f4456c7455a3 100644 --- a/Tasks/AzureResourceGroupDeploymentV2/operations/ResourceGroup.ts +++ b/Tasks/AzureResourceGroupDeploymentV2/operations/ResourceGroup.ts @@ -514,7 +514,6 @@ export class ResourceGroup { } if (result.error) { this.writeDeploymentErrors(result.error); - tl.error(tl.loc("FindMoreDeploymentDetailsAzurePortal", this.getAzurePortalDeploymentURL())); return reject(tl.loc("CreateTemplateDeploymentFailed")); } else { console.log(tl.loc("ValidDeployment")); @@ -538,7 +537,6 @@ export class ResourceGroup { return this.waitAndPerformAzureDeployment(armClient, deployment, retryCount); } this.writeDeploymentErrors(error); - this.checkAndPrintPortalDeploymentURL(); return reject(tl.loc("CreateTemplateDeploymentFailed")); } if (result && result["properties"] && result["properties"]["outputs"] && utils.isNonEmpty(this.taskParameters.deploymentOutputs)) { @@ -553,10 +551,6 @@ export class ResourceGroup { } } - protected checkAndPrintPortalDeploymentURL() { - tl.error(tl.loc("FindMoreDeploymentDetailsAzurePortal", this.getAzurePortalDeploymentURL())); - } - private async waitAndPerformAzureDeployment(armClient: armResource.ResourceManagementClient, deployment: Deployment, retryCount): Promise { await sleepFor(3); return this.performAzureDeployment(armClient, deployment, retryCount - 1); @@ -575,18 +569,6 @@ export class ResourceGroup { await this.performAzureDeployment(armClient, deployment, 3); } - private getAzurePortalDeploymentURL() { - try { - let portalUrl = this.taskParameters.endpointPortalUrl ? this.taskParameters.endpointPortalUrl : "https://portal.azure.com"; - portalUrl += "/#blade/HubsExtension/DeploymentDetailsBlade/overview/id/"; - let subscriptionSpecificURL = "/subscriptions/" + this.taskParameters.subscriptionId + "/resourceGroups/" + this.taskParameters.resourceGroupName + "/providers/Microsoft.Resources/deployments/" + this.taskParameters.deploymentName; - return portalUrl + subscriptionSpecificURL.replace(/\//g, '%2F'); - } catch (error) { - tl.error(error); - return error; - } - } - private escapeBlockCharacters(str: string): string { return str.replace(/[\[]/g, '$&[]'); } diff --git a/Tasks/AzureResourceGroupDeploymentV2/task.json b/Tasks/AzureResourceGroupDeploymentV2/task.json index 0b2ea7a7e4bb..f716dca95f73 100644 --- a/Tasks/AzureResourceGroupDeploymentV2/task.json +++ b/Tasks/AzureResourceGroupDeploymentV2/task.json @@ -15,7 +15,7 @@ "version": { "Major": 2, "Minor": 162, - "Patch": 1 + "Patch": 3 }, "demands": [], "minimumAgentVersion": "2.119.1", @@ -480,7 +480,6 @@ "LogDeploymentName": "Deployment name is %s", "ExpiredServicePrincipal": "Could not fetch access token for Azure. Verify if the Service Principal used is valid and not expired.", "DeploymentGroupConfigurationNotSucceeded": "Deployment group configuration did not succeed on one or more Virtual Machine(s): %s", - "DeploymentGroupConfigurationFailedOnVM": "Failure for Virtual Machine '%s': %s", - "FindMoreDeploymentDetailsAzurePortal": "Task successfully created an Azure Resource Manager deployment, but the deployment failed. Please see more detailed Azure resource manager deployment logs at: (Please Copy-Paste the link) %s" + "DeploymentGroupConfigurationFailedOnVM": "Failure for Virtual Machine '%s': %s" } } \ No newline at end of file diff --git a/Tasks/AzureResourceGroupDeploymentV2/task.loc.json b/Tasks/AzureResourceGroupDeploymentV2/task.loc.json index 6906426bb535..14d9ed03edca 100644 --- a/Tasks/AzureResourceGroupDeploymentV2/task.loc.json +++ b/Tasks/AzureResourceGroupDeploymentV2/task.loc.json @@ -15,7 +15,7 @@ "version": { "Major": 2, "Minor": 162, - "Patch": 1 + "Patch": 3 }, "demands": [], "minimumAgentVersion": "2.119.1", @@ -480,7 +480,6 @@ "LogDeploymentName": "ms-resource:loc.messages.LogDeploymentName", "ExpiredServicePrincipal": "ms-resource:loc.messages.ExpiredServicePrincipal", "DeploymentGroupConfigurationNotSucceeded": "ms-resource:loc.messages.DeploymentGroupConfigurationNotSucceeded", - "DeploymentGroupConfigurationFailedOnVM": "ms-resource:loc.messages.DeploymentGroupConfigurationFailedOnVM", - "FindMoreDeploymentDetailsAzurePortal": "ms-resource:loc.messages.FindMoreDeploymentDetailsAzurePortal" + "DeploymentGroupConfigurationFailedOnVM": "ms-resource:loc.messages.DeploymentGroupConfigurationFailedOnVM" } } \ No newline at end of file diff --git a/Tasks/AzureResourceManagerTemplateDeploymentV3/Strings/resources.resjson/en-US/resources.resjson b/Tasks/AzureResourceManagerTemplateDeploymentV3/Strings/resources.resjson/en-US/resources.resjson index c0a6996c5eed..bb4449642c71 100644 --- a/Tasks/AzureResourceManagerTemplateDeploymentV3/Strings/resources.resjson/en-US/resources.resjson +++ b/Tasks/AzureResourceManagerTemplateDeploymentV3/Strings/resources.resjson/en-US/resources.resjson @@ -82,6 +82,5 @@ "loc.messages.ResourceGroupNameNotProvided": "Resource Group name should be provided", "loc.messages.LocationNotProvided": "Location is required for deployment", "loc.messages.ARMServiceConnectionScope": "ARM Service Conection deployment scope - %s", - "loc.messages.CompleteDeploymentModeNotSupported": "Deployment mode 'Complete' is not supported for deployment at '%s' scope", - "loc.messages.FindMoreDeploymentDetailsAzurePortal": "Task successfully created an Azure Resource Manager deployment, but the deployment failed. Please see more detailed Azure resource manager deployment logs at: (Please Copy-Paste the link) %s" + "loc.messages.CompleteDeploymentModeNotSupported": "Deployment mode 'Complete' is not supported for deployment at '%s' scope" } \ No newline at end of file diff --git a/Tasks/AzureResourceManagerTemplateDeploymentV3/operations/DeploymentScopeBase.ts b/Tasks/AzureResourceManagerTemplateDeploymentV3/operations/DeploymentScopeBase.ts index 6cb42e13f1e5..cea703730fec 100644 --- a/Tasks/AzureResourceManagerTemplateDeploymentV3/operations/DeploymentScopeBase.ts +++ b/Tasks/AzureResourceManagerTemplateDeploymentV3/operations/DeploymentScopeBase.ts @@ -54,8 +54,6 @@ export class DeploymentScopeBase { return this.waitAndPerformAzureDeployment(retryCount); } utils.writeDeploymentErrors(this.taskParameters, error); - this.checkAndPrintPortalDeploymentURL(); - return reject(tl.loc("CreateTemplateDeploymentFailed")); } if (result && result["properties"] && result["properties"]["outputs"] && utils.isNonEmpty(this.taskParameters.deploymentOutputs)) { @@ -70,31 +68,6 @@ export class DeploymentScopeBase { } } - protected checkAndPrintPortalDeploymentURL() { - if(this.taskParameters.deploymentScope == "Resource Group") { - tl.error(tl.loc("FindMoreDeploymentDetailsAzurePortal", this.getAzurePortalDeploymentURL())); - } - } - - private getAzurePortalDeploymentURL() { - try { - let portalUrl = this.taskParameters.endpointPortalUrl ? this.taskParameters.endpointPortalUrl : "https://portal.azure.com"; - portalUrl += "/#blade/HubsExtension/DeploymentDetailsBlade/overview/id/"; - - let subscriptionSpecificURL = "/subscriptions/" + this.taskParameters.subscriptionId; - if(this.taskParameters.deploymentScope == "Resource Group") { - subscriptionSpecificURL += "/resourceGroups/" + this.taskParameters.resourceGroupName; - } - - subscriptionSpecificURL += "/providers/Microsoft.Resources/deployments/" + this.taskParameters.deploymentName; - - return portalUrl + subscriptionSpecificURL.replace(/\//g, '%2F'); - } catch (error) { - tl.error(error); - return error; - } - } - protected validateDeployment(): Promise { return new Promise((resolve, reject) => { console.log(tl.loc("StartingValidation")); diff --git a/Tasks/AzureResourceManagerTemplateDeploymentV3/task.json b/Tasks/AzureResourceManagerTemplateDeploymentV3/task.json index 7f5f3a6a92b7..c8459a7be301 100644 --- a/Tasks/AzureResourceManagerTemplateDeploymentV3/task.json +++ b/Tasks/AzureResourceManagerTemplateDeploymentV3/task.json @@ -15,7 +15,7 @@ "version": { "Major": 3, "Minor": 1, - "Patch": 8 + "Patch": 10 }, "preview": "true", "demands": [], @@ -301,7 +301,6 @@ "ResourceGroupNameNotProvided": "Resource Group name should be provided", "LocationNotProvided": "Location is required for deployment", "ARMServiceConnectionScope": "ARM Service Conection deployment scope - %s", - "CompleteDeploymentModeNotSupported": "Deployment mode 'Complete' is not supported for deployment at '%s' scope", - "FindMoreDeploymentDetailsAzurePortal": "Task successfully created an Azure Resource Manager deployment, but the deployment failed. Please see more detailed Azure resource manager deployment logs at: (Please Copy-Paste the link) %s" + "CompleteDeploymentModeNotSupported": "Deployment mode 'Complete' is not supported for deployment at '%s' scope" } } diff --git a/Tasks/AzureResourceManagerTemplateDeploymentV3/task.loc.json b/Tasks/AzureResourceManagerTemplateDeploymentV3/task.loc.json index 8a008097233c..c24c55f5e2a6 100644 --- a/Tasks/AzureResourceManagerTemplateDeploymentV3/task.loc.json +++ b/Tasks/AzureResourceManagerTemplateDeploymentV3/task.loc.json @@ -15,7 +15,7 @@ "version": { "Major": 3, "Minor": 1, - "Patch": 8 + "Patch": 10 }, "preview": "true", "demands": [], @@ -301,7 +301,6 @@ "ResourceGroupNameNotProvided": "ms-resource:loc.messages.ResourceGroupNameNotProvided", "LocationNotProvided": "ms-resource:loc.messages.LocationNotProvided", "ARMServiceConnectionScope": "ms-resource:loc.messages.ARMServiceConnectionScope", - "CompleteDeploymentModeNotSupported": "ms-resource:loc.messages.CompleteDeploymentModeNotSupported", - "FindMoreDeploymentDetailsAzurePortal": "ms-resource:loc.messages.FindMoreDeploymentDetailsAzurePortal" + "CompleteDeploymentModeNotSupported": "ms-resource:loc.messages.CompleteDeploymentModeNotSupported" } } \ No newline at end of file From 2b5d5607ea435a9d3511268b033b9fa9cdad65a0 Mon Sep 17 00:00:00 2001 From: Nitin Issac Joy Date: Fri, 20 Dec 2019 15:59:19 +0530 Subject: [PATCH 4/5] Updating task version for ARGV3 --- Tasks/AzureResourceManagerTemplateDeploymentV3/task.json | 2 +- Tasks/AzureResourceManagerTemplateDeploymentV3/task.loc.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Tasks/AzureResourceManagerTemplateDeploymentV3/task.json b/Tasks/AzureResourceManagerTemplateDeploymentV3/task.json index c8459a7be301..60c92032b588 100644 --- a/Tasks/AzureResourceManagerTemplateDeploymentV3/task.json +++ b/Tasks/AzureResourceManagerTemplateDeploymentV3/task.json @@ -15,7 +15,7 @@ "version": { "Major": 3, "Minor": 1, - "Patch": 10 + "Patch": 11 }, "preview": "true", "demands": [], diff --git a/Tasks/AzureResourceManagerTemplateDeploymentV3/task.loc.json b/Tasks/AzureResourceManagerTemplateDeploymentV3/task.loc.json index c24c55f5e2a6..479d262a463a 100644 --- a/Tasks/AzureResourceManagerTemplateDeploymentV3/task.loc.json +++ b/Tasks/AzureResourceManagerTemplateDeploymentV3/task.loc.json @@ -15,7 +15,7 @@ "version": { "Major": 3, "Minor": 1, - "Patch": 10 + "Patch": 11 }, "preview": "true", "demands": [], From 4e44ab6da8442d45350c77eb84435a473dae4873 Mon Sep 17 00:00:00 2001 From: Nitin Issac Joy Date: Thu, 2 Jan 2020 11:00:16 +0530 Subject: [PATCH 5/5] Updating ARG-v3 task version --- Tasks/AzureResourceManagerTemplateDeploymentV3/task.json | 2 +- Tasks/AzureResourceManagerTemplateDeploymentV3/task.loc.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Tasks/AzureResourceManagerTemplateDeploymentV3/task.json b/Tasks/AzureResourceManagerTemplateDeploymentV3/task.json index 60c92032b588..266e40e864f7 100644 --- a/Tasks/AzureResourceManagerTemplateDeploymentV3/task.json +++ b/Tasks/AzureResourceManagerTemplateDeploymentV3/task.json @@ -15,7 +15,7 @@ "version": { "Major": 3, "Minor": 1, - "Patch": 11 + "Patch": 12 }, "preview": "true", "demands": [], diff --git a/Tasks/AzureResourceManagerTemplateDeploymentV3/task.loc.json b/Tasks/AzureResourceManagerTemplateDeploymentV3/task.loc.json index 479d262a463a..594d4eac4cfc 100644 --- a/Tasks/AzureResourceManagerTemplateDeploymentV3/task.loc.json +++ b/Tasks/AzureResourceManagerTemplateDeploymentV3/task.loc.json @@ -15,7 +15,7 @@ "version": { "Major": 3, "Minor": 1, - "Patch": 11 + "Patch": 12 }, "preview": "true", "demands": [],