feat: Adding azure relogin feature

dodevops · Jun 11, 2024 · a8e9b51 · a8e9b51
1 parent 08842d7
commit a8e9b51
Show file tree

Hide file tree

Showing 4 changed files with 26 additions and 6 deletions.
diff --git a/README.md b/README.md
@@ -307,7 +307,10 @@ To start a new session in the CloudControl context, run `createSession <token>`
 
 Can be used to connect to infrastructure in the Azure cloud. Because we're using a container,
 a device login will happen, requiring the user to go to a website, enter a code and login.
-This only happens once during initialization phase.
+
+The azure login tokens usually expire after some time. You can run the `azure-relogin` script
+(located in ~/bin, thus available without path) to re-execute the same login commands as the 
+initialization process does.
 
 #### Configuration
 
@@ -774,7 +777,3 @@ flowchart TD
     click F "https://github.com/dodevops/cloudcontrol/blob/develop/.github/workflows/test.yml" "Test workflow"
     click H "https://github.com/dodevops/cloudcontrol/blob/develop/.github/workflows/release.yml" "Release workflow"
 ```mermaid
-github.com/dodevops/cloudcontrol/blob/develop/.github/workflows/release.yml" "Release workflow"
-```mermaid
-maid
-
diff --git a/feature/kubernetes/install.sh b/feature/kubernetes/install.sh
@@ -21,6 +21,7 @@ EOF
   fi
 
   echo "#!/bin/sh" > ~/bin/k8s-relogin
+  echo "~/bin/azure-relogin" >> ~/bin/k8s-relogin
 
   AZ_DO_KUBELOGIN_CONVERT="${AZ_USE_ARM_SPI:-false}"
   for CLUSTER in $(echo "${AZ_K8S_CLUSTERS}" | tr "," "\n"); do

diff --git a/flavour/azure/flavour.yaml b/flavour/azure/flavour.yaml
@@ -2,7 +2,10 @@ title: "[Azure](https://github.com/dodevops/cloudcontrol/pkgs/container/cloudcon
 description: |
     Can be used to connect to infrastructure in the Azure cloud. Because we're using a container,
     a device login will happen, requiring the user to go to a website, enter a code and login.
-    This only happens once during initialization phase.
+    
+    The azure login tokens usually expire after some time. You can run the `azure-relogin` script
+    (located in ~/bin, thus available without path) to re-execute the same login commands as the 
+    initialization process does.
 configuration:
     - "Environment AZ_SUBSCRIPTION: The Azure subscription to use in this container"
     - "Environment AZ_TENANTID: The Azure tenant id to log into (optional)"

diff --git a/flavour/azure/flavourinit.sh b/flavour/azure/flavourinit.sh
@@ -19,6 +19,20 @@ then
   exit 1
 fi
 
+echo "#!/bin/sh" > ~/bin/azure-relogin
+cat <<EOF >>~/bin/azure-relogin
+AZ_ACCOUNT_SHOW_OUTPUT="$(az account show 2>&1)"
+if [ $? -eq 0 ]; then
+  echo "Azure login still valid, no relogin required"
+  exit 0
+else
+  echo "Azure login expired, relogin required, see following error:"
+  echo "${AZ_ACCOUNT_SHOW_OUTPUT}"
+  echo "Performing relogin now..."
+fi
+EOF
+echo az login "${tenantArg[@]}" >> ~/bin/azure-relogin
+
 if [ "X${AZ_SUBSCRIPTION}X" == "XX" ]
 then
   echo -n "* Subscription: "
@@ -32,6 +46,9 @@ then
   echo "Can not set subscription"
   exit 1
 fi
+echo az account set --subscription "${AZ_SUBSCRIPTION}" >> ~/bin/azure-relogin
+
+chmod +x ~/bin/azure-relogin
 
 echo "Preparing bashrc"
 cat <<EOF >>~/.bashrc