From 9b6f59113e066ec584bb6c026dd22f2de2f408e5 Mon Sep 17 00:00:00 2001
From: Xiaofan Zhou <81600993+xfz11@users.noreply.github.com>
Date: Tue, 10 Oct 2023 11:53:07 +0800
Subject: [PATCH] {Service Connector} support webapp slot and rollback get
 identity operation (#6841)

* rollback az identity list

* fix

* Revert "fix"

This reverts commit a2730806a0d4ea2cfa5bd55eec0d3d99954b1f0b.

* support slot

* update history.rst

* lint
---
 src/serviceconnector-passwordless/HISTORY.rst |  4 +++
 .../_credential_free.py                       | 34 +++++++++++++------
 .../azext_metadata.json                       |  2 +-
 .../config.py                                 |  2 +-
 .../custom.py                                 |  4 +--
 src/serviceconnector-passwordless/setup.py    |  2 +-
 6 files changed, 32 insertions(+), 16 deletions(-)

diff --git a/src/serviceconnector-passwordless/HISTORY.rst b/src/serviceconnector-passwordless/HISTORY.rst
index 63f08cf86e4..170350a557b 100644
--- a/src/serviceconnector-passwordless/HISTORY.rst
+++ b/src/serviceconnector-passwordless/HISTORY.rst
@@ -2,6 +2,10 @@
 
 Release History
 ===============
+0.3.12
+++++++
+* make some improvements and support slot.
+
 0.3.11
 ++++++
 * make some improvements.
diff --git a/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/_credential_free.py b/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/_credential_free.py
index 9f29d0aeba3..d373c6c9ec5 100644
--- a/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/_credential_free.py
+++ b/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/_credential_free.py
@@ -104,9 +104,8 @@ def enable_mi_for_db_linker(cmd, source_id, target_id, auth_info, client_type, c
         elif auth_info['auth_type'] == AUTHTYPES[AUTH_TYPE.UserIdentity]:
             mi_client_id = auth_info.get('client_id')
             mi_sub_id = auth_info.get('subscription_id')
-            umi_info_list = run_cli_cmd(
-                f'az rest -u /subscriptions/{mi_sub_id}/providers/Microsoft.ManagedIdentity/userAssignedIdentities?api-version=2023-01-31')
-            umi_info = [umi for umi in umi_info_list.get('value', []) if umi.get('properties', {}).get('clientId') == mi_client_id]
+            umi_info = run_cli_cmd(
+                f'az identity list --subscription {mi_sub_id} --query "[?clientId==\'{mi_client_id}\']"')
             if umi_info is None or len(umi_info) == 0:
                 e = ResourceNotFoundError(
                     "No identity found for client id {}".format(mi_client_id))
@@ -993,23 +992,36 @@ def get_identity_pid(self):
 
 
 class WebappHandler(SourceHandler):
-    def get_identity_name(self):
+    def __init__(self, source_id, source_type: RESOURCE):
+        super().__init__(source_id, source_type)
         segments = parse_resource_id(self.source_id)
-        app_name = segments.get('name')
-        return app_name
+        self.app_name = segments.get('name')
+        self.slot_name = segments.get('child_name_1', None)
+
+    def get_identity_name(self):
+        if self.slot_name is not None:
+            return self.app_name + '/slots/' + self.slot_name
+        return self.app_name
 
     def get_identity_pid(self):
         logger.warning('Checking if WebApp enables System Identity...')
         identity = run_cli_cmd(
-            'az webapp identity show --ids {}'.format(self.source_id))
+            'az webapp identity show --ids {}'.format(self.source_id)) if self.slot_name is None else run_cli_cmd(
+            'az webapp identity show --ids {} --slot {}'.format(self.source_id, self.slot_name))
         if (identity is None or "SystemAssigned" not in identity.get('type')):
             # assign system identity for spring-cloud
             logger.warning('Enabling WebApp System Identity...')
-            run_cli_cmd(
-                'az webapp identity assign --ids {}'.format(self.source_id))
+            if self.slot_name is None:
+                run_cli_cmd(
+                    'az webapp identity assign --ids {}'.format(self.source_id))
 
-            identity = run_cli_cmd(
-                'az webapp identity show --ids {}'.format(self.source_id), 15, 5, output_is_none)
+                identity = run_cli_cmd(
+                    'az webapp identity show --ids {}'.format(self.source_id), 15, 5, output_is_none)
+            else:
+                run_cli_cmd(
+                    'az webapp identity assign --ids {} --slot {}'.format(self.source_id, self.slot_name))
+                identity = run_cli_cmd(
+                    'az webapp identity show --ids {} --slot {}'.format(self.source_id, self.slot_name), 15, 5, output_is_none)
 
         if identity is None:
             ex = CLIInternalError(
diff --git a/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/azext_metadata.json b/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/azext_metadata.json
index 130902e08af..956d5f5e51b 100644
--- a/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/azext_metadata.json
+++ b/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/azext_metadata.json
@@ -1,4 +1,4 @@
 {
     "azext.isPreview": true,
-    "azext.minCliCoreVersion": "2.46.0"
+    "azext.minCliCoreVersion": "2.53.0"
 }
\ No newline at end of file
diff --git a/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/config.py b/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/config.py
index c1a3f25267a..6e80e0a3f0c 100644
--- a/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/config.py
+++ b/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/config.py
@@ -4,5 +4,5 @@
 # --------------------------------------------------------------------------------------------
 
 
-VERSION = '0.3.11'
+VERSION = '0.3.12'
 NAME = 'serviceconnector-passwordless'
diff --git a/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/custom.py b/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/custom.py
index a7bdda521e3..d32e5759310 100644
--- a/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/custom.py
+++ b/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/custom.py
@@ -20,7 +20,7 @@ def connection_create_ext(cmd, client,  # pylint: disable=too-many-locals,too-ma
                           # Resource.KubernetesCluster
                           cluster=None, scope=None, enable_csi=False,
                           customized_keys=None,
-                          site=None,                                             # Resource.WebApp
+                          site=None, slot=None,                                  # Resource.WebApp
                           spring=None, app=None, deployment='default',           # Resource.SpringCloud
                           # Resource.*Postgres, Resource.*Sql*
                           server=None, database=None,
@@ -41,7 +41,7 @@ def connection_create_ext(cmd, client,  # pylint: disable=too-many-locals,too-ma
                                   new_addon, no_wait,
                                   # Resource.KubernetesCluster
                                   cluster, scope, enable_csi,
-                                  site,
+                                  site, slot,
                                   spring, app, deployment,
                                   server, database,
                                   enable_mi_for_db_linker=get_enable_mi_for_db_linker_func(yes),
diff --git a/src/serviceconnector-passwordless/setup.py b/src/serviceconnector-passwordless/setup.py
index f1ebe5fb5da..69f2db947ce 100644
--- a/src/serviceconnector-passwordless/setup.py
+++ b/src/serviceconnector-passwordless/setup.py
@@ -15,7 +15,7 @@
     logger.warn("Wheel is not available, disabling bdist_wheel hook")
 
 
-VERSION = '0.3.11'
+VERSION = '0.3.12'
 try:
     from azext_serviceconnector_passwordless.config import VERSION
 except ImportError: