From b39331243ddb2ef941282621989f2f5b3ec30bdc Mon Sep 17 00:00:00 2001 From: shiyingchen Date: Wed, 31 May 2023 14:26:06 +0800 Subject: [PATCH 1/3] Add alias `--json-auth` for `--sdk-auth` of `az ad sp create-for-rbac` --- src/azure-cli-core/azure/cli/core/_profile.py | 4 ++-- src/azure-cli/azure/cli/command_modules/role/_params.py | 6 ++++-- src/azure-cli/azure/cli/command_modules/role/custom.py | 4 ++-- 3 files changed, 8 insertions(+), 6 deletions(-) diff --git a/src/azure-cli-core/azure/cli/core/_profile.py b/src/azure-cli-core/azure/cli/core/_profile.py index 58aa33340b4..69cee2da36d 100644 --- a/src/azure-cli-core/azure/cli/core/_profile.py +++ b/src/azure-cli-core/azure/cli/core/_profile.py @@ -640,8 +640,8 @@ def refresh_accounts(self): self._set_subscriptions(result, merge=False) def get_sp_auth_info(self, subscription_id=None, name=None, password=None, cert_file=None): - """Generate a JSON for --sdk-auth argument when used in: - - az ad sp create-for-rbac --sdk-auth + """Generate a JSON for --json-auth argument when used in: + - az ad sp create-for-rbac --json-auth """ from collections import OrderedDict account = self.get_subscription(subscription_id) diff --git a/src/azure-cli/azure/cli/command_modules/role/_params.py b/src/azure-cli/azure/cli/command_modules/role/_params.py index 101fc5219c2..0c2a52f19fd 100644 --- a/src/azure-cli/azure/cli/command_modules/role/_params.py +++ b/src/azure-cli/azure/cli/command_modules/role/_params.py @@ -179,8 +179,10 @@ def load_arguments(self, _): help='Role of the service principal.') c.argument('skip_assignment', arg_type=get_three_state_flag(), deprecate_info=c.deprecate(target='--skip-assignment', hide=True), help='No-op.') - c.argument('show_auth_for_sdk', options_list='--sdk-auth', deprecate_info=c.deprecate(target='--sdk-auth'), - help='output result in compatible with Azure SDK auth file', arg_type=get_three_state_flag()) + c.argument('show_auth_in_json', options_list=['--sdk-auth', '--json-auth'], + deprecate_info=c.deprecate(target='--sdk-auth'), + help='Output result in the format compatible with some authentication scenarios requiring reading ' + 'from a JSON dictionary.', arg_type=get_three_state_flag()) with self.argument_context('ad sp owner list') as c: c.argument('identifier', options_list=['--id'], help='service principal name, or object id or the service principal') diff --git a/src/azure-cli/azure/cli/command_modules/role/custom.py b/src/azure-cli/azure/cli/command_modules/role/custom.py index fe1fa3bc347..9f52c478517 100644 --- a/src/azure-cli/azure/cli/command_modules/role/custom.py +++ b/src/azure-cli/azure/cli/command_modules/role/custom.py @@ -1157,7 +1157,7 @@ def list_service_principal_owners(client, identifier): def create_service_principal_for_rbac( # pylint:disable=too-many-statements,too-many-locals, too-many-branches, unused-argument cmd, display_name=None, years=None, create_cert=False, cert=None, scopes=None, role=None, - show_auth_for_sdk=None, skip_assignment=False, keyvault=None): + show_auth_in_json=None, skip_assignment=False, keyvault=None): import time if role and not scopes or not role and scopes: @@ -1272,7 +1272,7 @@ def create_service_principal_for_rbac( logger.warning(CREDENTIAL_WARNING) - if show_auth_for_sdk: + if show_auth_in_json: from azure.cli.core._profile import Profile profile = Profile(cli_ctx=cmd.cli_ctx) result = profile.get_sp_auth_info(scopes[0].split('/')[2] if scopes else None, From 96bdb72dfad93aa9f5540687a4b07b664e415d21 Mon Sep 17 00:00:00 2001 From: shiyingchen Date: Thu, 1 Jun 2023 16:27:41 +0800 Subject: [PATCH 2/3] update help information --- src/azure-cli/azure/cli/command_modules/role/_params.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/azure-cli/azure/cli/command_modules/role/_params.py b/src/azure-cli/azure/cli/command_modules/role/_params.py index 0c2a52f19fd..ea3874f286c 100644 --- a/src/azure-cli/azure/cli/command_modules/role/_params.py +++ b/src/azure-cli/azure/cli/command_modules/role/_params.py @@ -181,8 +181,9 @@ def load_arguments(self, _): deprecate_info=c.deprecate(target='--skip-assignment', hide=True), help='No-op.') c.argument('show_auth_in_json', options_list=['--sdk-auth', '--json-auth'], deprecate_info=c.deprecate(target='--sdk-auth'), - help='Output result in the format compatible with some authentication scenarios requiring reading ' - 'from a JSON dictionary.', arg_type=get_three_state_flag()) + help='Output service principal credential along with cloud endpoints in JSON format. ' + 'See https://learn.microsoft.com/en-us/cli/azure/create-an-azure-service-principal-azure-cli.', + arg_type=get_three_state_flag()) with self.argument_context('ad sp owner list') as c: c.argument('identifier', options_list=['--id'], help='service principal name, or object id or the service principal') From eb0d427d6662de3fb1eddfb58bc17ac2e67a53b9 Mon Sep 17 00:00:00 2001 From: Shiying Chen Date: Fri, 30 Jun 2023 13:21:16 +0800 Subject: [PATCH 3/3] remove the url --- src/azure-cli/azure/cli/command_modules/role/_params.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/azure-cli/azure/cli/command_modules/role/_params.py b/src/azure-cli/azure/cli/command_modules/role/_params.py index ea3874f286c..8ca8ff36242 100644 --- a/src/azure-cli/azure/cli/command_modules/role/_params.py +++ b/src/azure-cli/azure/cli/command_modules/role/_params.py @@ -181,8 +181,7 @@ def load_arguments(self, _): deprecate_info=c.deprecate(target='--skip-assignment', hide=True), help='No-op.') c.argument('show_auth_in_json', options_list=['--sdk-auth', '--json-auth'], deprecate_info=c.deprecate(target='--sdk-auth'), - help='Output service principal credential along with cloud endpoints in JSON format. ' - 'See https://learn.microsoft.com/en-us/cli/azure/create-an-azure-service-principal-azure-cli.', + help='Output service principal credential along with cloud endpoints in JSON format. ', arg_type=get_three_state_flag()) with self.argument_context('ad sp owner list') as c: