pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Azure cloud method to get a url to the calculator

Browse Source
This commit is contained in:
graham-dds 2020-02-17 16:12:46 -05:00
parent e3397390d3
commit 237848c2c9
6 changed files with 47 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.secrets.baseline
View File

@ -3,7 +3,7 @@
"files": "^.secrets.baseline$|^.*pgsslrootcert.yml$", "files": "^.secrets.baseline$|^.*pgsslrootcert.yml$",
"lines": null "lines": null
}, },
"generated_at": "2020-02-12T18:51:01Z", "generated_at": "2020-02-17T20:49:33Z",
"plugins_used": [ "plugins_used": [
{ {
"base64_limit": 4.5, "base64_limit": 4.5,
@ -82,7 +82,7 @@
"hashed_secret": "afc848c316af1a89d49826c5ae9d00ed769415f3", "hashed_secret": "afc848c316af1a89d49826c5ae9d00ed769415f3",
"is_secret": false, "is_secret": false,
"is_verified": false, "is_verified": false,
"line_number": 44, "line_number": 48,
"type": "Secret Keyword" "type": "Secret Keyword"
} }
], ],

4
README.md
View File

@ -219,6 +219,10 @@ To generate coverage reports for the Javascript tests:
- `ASSETS_URL`: URL to host which serves static assets (such as a CDN). - `ASSETS_URL`: URL to host which serves static assets (such as a CDN).
- `AZURE_ACCOUNT_NAME`: The name for the Azure blob storage account - `AZURE_ACCOUNT_NAME`: The name for the Azure blob storage account
- `AZURE_CALC_CLIENT_ID`: The client id used to generate a token for the Azure pricing calculator
- `AZURE_CALC_RESOURCE`: The resource URL used to generate a token for the Azure pricing calculator
- `AZURE_CALC_SECRET`: The secret key used to generate a token for the Azure pricing calculator
- `AZURE_CALC_URL`: The redirect URL for the Azure pricing calculator
- `AZURE_LOGIN_URL`: The URL used to login for an Azure instance. - `AZURE_LOGIN_URL`: The URL used to login for an Azure instance.
- `AZURE_STORAGE_KEY`: A valid secret key for the Azure blob storage account - `AZURE_STORAGE_KEY`: A valid secret key for the Azure blob storage account
- `AZURE_TO_BUCKET_NAME`: The Azure blob storage container name for task order uploads - `AZURE_TO_BUCKET_NAME`: The Azure blob storage container name for task order uploads

15
atst/domain/csp/cloud/azure_cloud_provider.py
View File

@ -1738,7 +1738,6 @@ class AzureCloudProvider(CloudProviderInterface):
cost_mgmt_url = ( cost_mgmt_url = (
f"/providers/Microsoft.CostManagement/query?api-version=2019-11-01" f"/providers/Microsoft.CostManagement/query?api-version=2019-11-01"
) )
try: try:
result = self.sdk.requests.post( result = self.sdk.requests.post(
f"{self.sdk.cloud.endpoints.resource_manager}{payload.invoice_section_id}{cost_mgmt_url}", f"{self.sdk.cloud.endpoints.resource_manager}{payload.invoice_section_id}{cost_mgmt_url}",
@ -1770,3 +1769,17 @@ class AzureCloudProvider(CloudProviderInterface):
result.status_code, result.status_code,
f"azure application error getting reporting data. {str(exc)}", f"azure application error getting reporting data. {str(exc)}",
) )
def _get_calculator_creds(self):
authority = f"{self.sdk.cloud.endpoints.active_directory}/{self.tenant_id}"
context = self.sdk.adal.AuthenticationContext(authority=authority)
response = context.acquire_token_with_client_credentials(
self.config.get("AZURE_CALC_RESOURCE"),
self.config.get("AZURE_CALC_CLIENT_ID"),
self.config.get("AZURE_CALC_SECRET"),
)
return response.get("accessToken")
def get_calculator_url(self):
calc_access_token = self._get_calculator_creds()
return f"{self.config.get('AZURE_CALC_URL')}?access_token={calc_access_token}"

4
config/base.ini
View File

@ -3,6 +3,10 @@ ASSETS_URL
AZURE_AADP_QTY=5 AZURE_AADP_QTY=5
AZURE_ACCOUNT_NAME AZURE_ACCOUNT_NAME
AZURE_CLIENT_ID AZURE_CLIENT_ID
AZURE_CALC_CLIENT_ID
AZURE_CALC_RESOURCE="http://azurecom.onmicrosoft.com/acom-prod/"
AZURE_CALC_SECRET
AZURE_CALC_URL="https://azure.microsoft.com/en-us/pricing/calculator/"
AZURE_GRAPH_RESOURCE="https://graph.microsoft.com/" AZURE_GRAPH_RESOURCE="https://graph.microsoft.com/"
AZURE_LOGIN_URL="https://portal.azure.com/" AZURE_LOGIN_URL="https://portal.azure.com/"
AZURE_POLICY_LOCATION=policies AZURE_POLICY_LOCATION=policies

20
tests/domain/cloud/test_azure_csp.py
View File

@ -1523,3 +1523,23 @@ def test_update_tenant_creds(mock_azure: AzureCloudProvider):
assert updated_secret == KeyVaultCredentials( assert updated_secret == KeyVaultCredentials(
**{**existing_secrets, **MOCK_CREDS} **{**existing_secrets, **MOCK_CREDS}
) )
def test_get_calculator_creds(mock_azure: AzureCloudProvider):
mock_azure.sdk.adal.AuthenticationContext.return_value.acquire_token_with_client_credentials.return_value = {
"accessToken": "TOKEN"
}
assert mock_azure._get_calculator_creds() == "TOKEN"
def test_get_calculator_url(mock_azure: AzureCloudProvider):
with patch.object(
AzureCloudProvider,
"_get_calculator_creds",
wraps=mock_azure._get_calculator_creds,
) as _get_calculator_creds:
_get_calculator_creds.return_value = "TOKEN"
assert (
mock_azure.get_calculator_url()
== f"{mock_azure.config.get('AZURE_CALC_URL')}?access_token=TOKEN"
)

3
tests/mock_azure.py
View File

@ -4,6 +4,9 @@ from unittest.mock import Mock
from atst.domain.csp.cloud import AzureCloudProvider from atst.domain.csp.cloud import AzureCloudProvider
AZURE_CONFIG = { AZURE_CONFIG = {
"AZURE_CALC_CLIENT_ID": "MOCK",
"AZURE_CALC_SECRET": "MOCK", # pragma: allowlist secret
"AZURE_CALC_RESOURCE": "http://calc",
"AZURE_CLIENT_ID": "MOCK", "AZURE_CLIENT_ID": "MOCK",
"AZURE_SECRET_KEY": "MOCK", "AZURE_SECRET_KEY": "MOCK",
"AZURE_TENANT_ID": "MOCK", "AZURE_TENANT_ID": "MOCK",