From 687fa7d522ec27b9106a89a90e928477803f8b16 Mon Sep 17 00:00:00 2001 From: Marc Greisen Date: Wed, 1 Sep 2021 13:51:49 -0700 Subject: [PATCH] Login if passed a secret on the command line. (#238) Use exit codes to propagate failure to the shell. --- cli/raft.py | 3 +++ cli/raft_sdk/raft_deploy.py | 8 ++++++++ docs/how-to-use-raft-local.md | 4 +++- 3 files changed, 14 insertions(+), 1 deletion(-) diff --git a/cli/raft.py b/cli/raft.py index 30c6a94..d254d7f 100644 --- a/cli/raft.py +++ b/cli/raft.py @@ -5,6 +5,7 @@ import json import os import uuid import textwrap +import sys import raft_sdk.raft_common from raft_sdk.raft_service import RaftCLI, RaftJobConfig @@ -574,5 +575,7 @@ Identifies the webhook hook event, for example JobStatus or BugFound''')) if __name__ == "__main__": try: main() + sys.exit(0) except Exception as ex: print(ex) + sys.exit(1) diff --git a/cli/raft_sdk/raft_deploy.py b/cli/raft_sdk/raft_deploy.py index 920d337..bded028 100644 --- a/cli/raft_sdk/raft_deploy.py +++ b/cli/raft_sdk/raft_deploy.py @@ -75,10 +75,18 @@ class RaftServiceCLI(): if not secret: self.is_logged_in() + else: + # If we are given a secret on the command line, then we assume that + # we are running in some automation context and need + # to login this way. + az(f'login --service-principal -u {self.context["clientId"]} -p {secret} --tenant {self.context["tenantId"]}') az(f'account set --subscription {self.definitions.subscription}') def is_logged_in(self): + # If your not logged in this command will throw + # an exception and say in the error message + # that you need to login. az('ad signed-in-user show') def hash(self, txt): diff --git a/docs/how-to-use-raft-local.md b/docs/how-to-use-raft-local.md index e0255e0..4f0f15a 100644 --- a/docs/how-to-use-raft-local.md +++ b/docs/how-to-use-raft-local.md @@ -35,7 +35,9 @@ CLI //root folder where you downloaded the CLI * The `storage` folder will contain all of the data produced by RAFT job runs. * The `secrets` folder is a user maintained folder.
The files in this folder are the names of the secret used in the job definition file. - These files should not have an extension. + These files should not have an extension.
+ **Note:** The contents of the secret file must not contain line breaks. This data is passed + on the docker command line. Line breaks will cause the docker command to fail. For example if my RAFT job configuration requires a text token. I can store the token in file `MyToken` under `CLI/local/secrets/MyToken` and use `MyToken`