[PackerBuildV0] fix PackerBuildV0 e2e tests

Dmitrii Bobreshev (Akvelon INC) · Dmitrii Bobreshev (Akvelon INC) · commit 88e0c981f335 · 2024-07-18T15:14:44.000+02:00
- transffered WIF implementation ref: #19835
diff --git a/Tasks/PackerBuildV0/DefaultTemplates/custom.linux.template.json b/Tasks/PackerBuildV0/DefaultTemplates/custom.linux.template.json
@@ -2,6 +2,7 @@
   "variables": {
     "client_id": "{{env `client_id`}}",
     "client_secret": "{{env `client_secret`}}",
+    "client_jwt": "{{env `client_jwt`}}",
     "subscription_id": "{{env `subscription_id`}}",
     "tenant_id": "{{env `tenant_id`}}",
     "object_id": "{{env `object_id`}}",
@@ -20,6 +21,7 @@
         "type": "azure-arm",
         "client_id": "{{user `client_id`}}",
         "client_secret": "{{user `client_secret`}}",
+        "client_jwt": "{{user `client_jwt`}}",
         "resource_group_name": "{{user `resource_group`}}",
         "storage_account": "{{user `storage_account`}}",
         "subscription_id": "{{user `subscription_id`}}",
diff --git a/Tasks/PackerBuildV0/DefaultTemplates/custom.windows.template.json b/Tasks/PackerBuildV0/DefaultTemplates/custom.windows.template.json
@@ -2,6 +2,7 @@
   "variables": {
     "client_id": "{{env `client_id`}}",
     "client_secret": "{{env `client_secret`}}",
+    "client_jwt": "{{env `client_jwt`}}",
     "subscription_id": "{{env `subscription_id`}}",
     "tenant_id": "{{env `tenant_id`}}",
     "object_id": "{{env `object_id`}}",
@@ -19,6 +20,7 @@
         "type": "azure-arm",
         "client_id": "{{user `client_id`}}",
         "client_secret": "{{user `client_secret`}}",
+        "client_jwt": "{{env `client_jwt`}}",
         "resource_group_name": "{{user `resource_group`}}",
         "storage_account": "{{user `storage_account`}}",
         "subscription_id": "{{user `subscription_id`}}",
diff --git a/Tasks/PackerBuildV0/DefaultTemplates/default.linux.template.json b/Tasks/PackerBuildV0/DefaultTemplates/default.linux.template.json
@@ -2,6 +2,7 @@
   "variables": {
     "client_id": "",
     "client_secret": "",
+    "client_jwt": "",
     "subscription_id": "",
     "tenant_id": "",
     "object_id": "",
@@ -22,6 +23,7 @@
         "type": "azure-arm",
         "client_id": "{{user `client_id`}}",
         "client_secret": "{{user `client_secret`}}",
+        "client_jwt": "{{user `client_jwt`}}",
         "resource_group_name": "{{user `resource_group`}}",
         "storage_account": "{{user `storage_account`}}",
         "subscription_id": "{{user `subscription_id`}}",
diff --git a/Tasks/PackerBuildV0/DefaultTemplates/default.windows.template.json b/Tasks/PackerBuildV0/DefaultTemplates/default.windows.template.json
@@ -2,6 +2,7 @@
   "variables": {
     "client_id": "",
     "client_secret": "",
+    "client_jwt": "",
     "subscription_id": "",
     "tenant_id": "",
     "object_id": "",
@@ -21,6 +22,7 @@
         "type": "azure-arm",
         "client_id": "{{user `client_id`}}",
         "client_secret": "{{user `client_secret`}}",
+        "client_jwt": "{{user `client_jwt`}}",
         "resource_group_name": "{{user `resource_group`}}",
         "storage_account": "{{user `storage_account`}}",
         "subscription_id": "{{user `subscription_id`}}",
diff --git a/Tasks/PackerBuildV0/src/azureSpnTemplateVariablesProvider.ts b/Tasks/PackerBuildV0/src/azureSpnTemplateVariablesProvider.ts
@@ -31,10 +31,18 @@ export default class AzureSpnTemplateVariablesProvider implements definitions.IT
 
         this._spnVariables = new Map<string, string>();
         var connectedService = taskParameters.serviceEndpoint;
+        let endpointObject = await taskParameters.getEndpoint(connectedService);
         var subscriptionId: string = tl.getEndpointDataParameter(connectedService, "SubscriptionId", true)
         this._spnVariables.set(constants.TemplateVariableSubscriptionIdName, subscriptionId);
         this._spnVariables.set(constants.TemplateVariableClientIdName, tl.getEndpointAuthorizationParameter(connectedService, 'serviceprincipalid', false));
-        this._spnVariables.set(constants.TemplateVariableClientSecretName, tl.getEndpointAuthorizationParameter(connectedService, 'serviceprincipalkey', false));
+        if (endpointObject?.scheme === 'WorkloadIdentityFederation') {
+            const oidc_token = await endpointObject.applicationTokenCredentials.getFederatedToken();
+            tl.setSecret(oidc_token);
+            this._spnVariables.set(constants.TemplateVariableClientjwtName, oidc_token);
+        }
+        else  {
+            this._spnVariables.set(constants.TemplateVariableClientSecretName, tl.getEndpointAuthorizationParameter(connectedService, 'serviceprincipalkey', false));
+        }
         this._spnVariables.set(constants.TemplateVariableTenantIdName, tl.getEndpointAuthorizationParameter(connectedService, 'tenantid', false));
 
 
diff --git a/Tasks/PackerBuildV0/src/constants.ts b/Tasks/PackerBuildV0/src/constants.ts
@@ -55,4 +55,6 @@ export var BaseImageSourceDefault = "default";
 export var BuiltinWindowsDefaultImageTemplateKey = BuiltInTemplateOSTypeWindows + '-' + BaseImageSourceDefault;
 export var BuiltinWindowsCustomImageTemplateKey = BuiltInTemplateOSTypeWindows + '-' + BaseImageSourceCustomVhd;
 export var BuiltinLinuxDefaultImageTemplateKey = BuiltInTemplateOSTypeLinux + '-' + BaseImageSourceDefault;
-export var BuiltinLinuxCustomImageTemplateKey = BuiltInTemplateOSTypeLinux + '-' + BaseImageSourceCustomVhd;
+export var BuiltinLinuxCustomImageTemplateKey = BuiltInTemplateOSTypeLinux + '-' + BaseImageSourceCustomVhd;
+
+export var TemplateVariableClientjwtName = "client_jwt";
diff --git a/Tasks/PackerBuildV0/src/taskParameters.ts b/Tasks/PackerBuildV0/src/taskParameters.ts
@@ -118,4 +118,9 @@ export default class TaskParameters {
         var azureEndpoint = await new AzureRMEndpoint.AzureRMEndpoint(connectedService).getEndpoint(true);
         return azureEndpoint.applicationTokenCredentials;
     }
+
+    public async getEndpoint(connectedService: string) {
+        const endpoint =  await new AzureRMEndpoint.AzureRMEndpoint(connectedService).getEndpoint();
+        return endpoint;
+    }
 }
diff --git a/_generated/PackerBuildV0/DefaultTemplates/custom.linux.template.json b/_generated/PackerBuildV0/DefaultTemplates/custom.linux.template.json
@@ -2,6 +2,7 @@
   "variables": {
     "client_id": "{{env `client_id`}}",
     "client_secret": "{{env `client_secret`}}",
+    "client_jwt": "{{env `client_jwt`}}",
     "subscription_id": "{{env `subscription_id`}}",
     "tenant_id": "{{env `tenant_id`}}",
     "object_id": "{{env `object_id`}}",
@@ -20,6 +21,7 @@
         "type": "azure-arm",
         "client_id": "{{user `client_id`}}",
         "client_secret": "{{user `client_secret`}}",
+        "client_jwt": "{{user `client_jwt`}}",
         "resource_group_name": "{{user `resource_group`}}",
         "storage_account": "{{user `storage_account`}}",
         "subscription_id": "{{user `subscription_id`}}",
diff --git a/_generated/PackerBuildV0/DefaultTemplates/custom.windows.template.json b/_generated/PackerBuildV0/DefaultTemplates/custom.windows.template.json
@@ -2,6 +2,7 @@
   "variables": {
     "client_id": "{{env `client_id`}}",
     "client_secret": "{{env `client_secret`}}",
+    "client_jwt": "{{env `client_jwt`}}",
     "subscription_id": "{{env `subscription_id`}}",
     "tenant_id": "{{env `tenant_id`}}",
     "object_id": "{{env `object_id`}}",
@@ -19,6 +20,7 @@
         "type": "azure-arm",
         "client_id": "{{user `client_id`}}",
         "client_secret": "{{user `client_secret`}}",
+        "client_jwt": "{{env `client_jwt`}}",
         "resource_group_name": "{{user `resource_group`}}",
         "storage_account": "{{user `storage_account`}}",
         "subscription_id": "{{user `subscription_id`}}",
diff --git a/_generated/PackerBuildV0/DefaultTemplates/default.linux.template.json b/_generated/PackerBuildV0/DefaultTemplates/default.linux.template.json
@@ -2,6 +2,7 @@
   "variables": {
     "client_id": "",
     "client_secret": "",
+    "client_jwt": "",
     "subscription_id": "",
     "tenant_id": "",
     "object_id": "",
@@ -22,6 +23,7 @@
         "type": "azure-arm",
         "client_id": "{{user `client_id`}}",
         "client_secret": "{{user `client_secret`}}",
+        "client_jwt": "{{user `client_jwt`}}",
         "resource_group_name": "{{user `resource_group`}}",
         "storage_account": "{{user `storage_account`}}",
         "subscription_id": "{{user `subscription_id`}}",
diff --git a/_generated/PackerBuildV0/DefaultTemplates/default.windows.template.json b/_generated/PackerBuildV0/DefaultTemplates/default.windows.template.json
@@ -2,6 +2,7 @@
   "variables": {
     "client_id": "",
     "client_secret": "",
+    "client_jwt": "",
     "subscription_id": "",
     "tenant_id": "",
     "object_id": "",
@@ -21,6 +22,7 @@
         "type": "azure-arm",
         "client_id": "{{user `client_id`}}",
         "client_secret": "{{user `client_secret`}}",
+        "client_jwt": "{{user `client_jwt`}}",
         "resource_group_name": "{{user `resource_group`}}",
         "storage_account": "{{user `storage_account`}}",
         "subscription_id": "{{user `subscription_id`}}",
diff --git a/_generated/PackerBuildV0/src/azureSpnTemplateVariablesProvider.ts b/_generated/PackerBuildV0/src/azureSpnTemplateVariablesProvider.ts
@@ -31,10 +31,18 @@ export default class AzureSpnTemplateVariablesProvider implements definitions.IT
 
         this._spnVariables = new Map<string, string>();
         var connectedService = taskParameters.serviceEndpoint;
+        let endpointObject = await taskParameters.getEndpoint(connectedService);
         var subscriptionId: string = tl.getEndpointDataParameter(connectedService, "SubscriptionId", true)
         this._spnVariables.set(constants.TemplateVariableSubscriptionIdName, subscriptionId);
         this._spnVariables.set(constants.TemplateVariableClientIdName, tl.getEndpointAuthorizationParameter(connectedService, 'serviceprincipalid', false));
-        this._spnVariables.set(constants.TemplateVariableClientSecretName, tl.getEndpointAuthorizationParameter(connectedService, 'serviceprincipalkey', false));
+        if (endpointObject?.scheme === 'WorkloadIdentityFederation') {
+            const oidc_token = await endpointObject.applicationTokenCredentials.getFederatedToken();
+            tl.setSecret(oidc_token);
+            this._spnVariables.set(constants.TemplateVariableClientjwtName, oidc_token);
+        }
+        else  {
+            this._spnVariables.set(constants.TemplateVariableClientSecretName, tl.getEndpointAuthorizationParameter(connectedService, 'serviceprincipalkey', false));
+        }
         this._spnVariables.set(constants.TemplateVariableTenantIdName, tl.getEndpointAuthorizationParameter(connectedService, 'tenantid', false));
 
 
diff --git a/_generated/PackerBuildV0/src/constants.ts b/_generated/PackerBuildV0/src/constants.ts
@@ -55,4 +55,6 @@ export var BaseImageSourceDefault = "default";
 export var BuiltinWindowsDefaultImageTemplateKey = BuiltInTemplateOSTypeWindows + '-' + BaseImageSourceDefault;
 export var BuiltinWindowsCustomImageTemplateKey = BuiltInTemplateOSTypeWindows + '-' + BaseImageSourceCustomVhd;
 export var BuiltinLinuxDefaultImageTemplateKey = BuiltInTemplateOSTypeLinux + '-' + BaseImageSourceDefault;
-export var BuiltinLinuxCustomImageTemplateKey = BuiltInTemplateOSTypeLinux + '-' + BaseImageSourceCustomVhd;
+export var BuiltinLinuxCustomImageTemplateKey = BuiltInTemplateOSTypeLinux + '-' + BaseImageSourceCustomVhd;
+
+export var TemplateVariableClientjwtName = "client_jwt";
diff --git a/_generated/PackerBuildV0/src/taskParameters.ts b/_generated/PackerBuildV0/src/taskParameters.ts
@@ -118,4 +118,9 @@ export default class TaskParameters {
         var azureEndpoint = await new AzureRMEndpoint.AzureRMEndpoint(connectedService).getEndpoint(true);
         return azureEndpoint.applicationTokenCredentials;
     }
+
+    public async getEndpoint(connectedService: string) {
+        const endpoint =  await new AzureRMEndpoint.AzureRMEndpoint(connectedService).getEndpoint();
+        return endpoint;
+    }
 }
diff --git a/_generated/PackerBuildV0_Node20/DefaultTemplates/custom.linux.template.json b/_generated/PackerBuildV0_Node20/DefaultTemplates/custom.linux.template.json
@@ -2,6 +2,7 @@
   "variables": {
     "client_id": "{{env `client_id`}}",
     "client_secret": "{{env `client_secret`}}",
+    "client_jwt": "{{env `client_jwt`}}",
     "subscription_id": "{{env `subscription_id`}}",
     "tenant_id": "{{env `tenant_id`}}",
     "object_id": "{{env `object_id`}}",
@@ -20,6 +21,7 @@
         "type": "azure-arm",
         "client_id": "{{user `client_id`}}",
         "client_secret": "{{user `client_secret`}}",
+        "client_jwt": "{{user `client_jwt`}}",
         "resource_group_name": "{{user `resource_group`}}",
         "storage_account": "{{user `storage_account`}}",
         "subscription_id": "{{user `subscription_id`}}",
diff --git a/_generated/PackerBuildV0_Node20/DefaultTemplates/custom.windows.template.json b/_generated/PackerBuildV0_Node20/DefaultTemplates/custom.windows.template.json
@@ -2,6 +2,7 @@
   "variables": {
     "client_id": "{{env `client_id`}}",
     "client_secret": "{{env `client_secret`}}",
+    "client_jwt": "{{env `client_jwt`}}",
     "subscription_id": "{{env `subscription_id`}}",
     "tenant_id": "{{env `tenant_id`}}",
     "object_id": "{{env `object_id`}}",
@@ -19,6 +20,7 @@
         "type": "azure-arm",
         "client_id": "{{user `client_id`}}",
         "client_secret": "{{user `client_secret`}}",
+        "client_jwt": "{{env `client_jwt`}}",
         "resource_group_name": "{{user `resource_group`}}",
         "storage_account": "{{user `storage_account`}}",
         "subscription_id": "{{user `subscription_id`}}",
diff --git a/_generated/PackerBuildV0_Node20/DefaultTemplates/default.linux.template.json b/_generated/PackerBuildV0_Node20/DefaultTemplates/default.linux.template.json
@@ -2,6 +2,7 @@
   "variables": {
     "client_id": "",
     "client_secret": "",
+    "client_jwt": "",
     "subscription_id": "",
     "tenant_id": "",
     "object_id": "",
@@ -22,6 +23,7 @@
         "type": "azure-arm",
         "client_id": "{{user `client_id`}}",
         "client_secret": "{{user `client_secret`}}",
+        "client_jwt": "{{user `client_jwt`}}",
         "resource_group_name": "{{user `resource_group`}}",
         "storage_account": "{{user `storage_account`}}",
         "subscription_id": "{{user `subscription_id`}}",
diff --git a/_generated/PackerBuildV0_Node20/DefaultTemplates/default.windows.template.json b/_generated/PackerBuildV0_Node20/DefaultTemplates/default.windows.template.json
@@ -2,6 +2,7 @@
   "variables": {
     "client_id": "",
     "client_secret": "",
+    "client_jwt": "",
     "subscription_id": "",
     "tenant_id": "",
     "object_id": "",
@@ -21,6 +22,7 @@
         "type": "azure-arm",
         "client_id": "{{user `client_id`}}",
         "client_secret": "{{user `client_secret`}}",
+        "client_jwt": "{{user `client_jwt`}}",
         "resource_group_name": "{{user `resource_group`}}",
         "storage_account": "{{user `storage_account`}}",
         "subscription_id": "{{user `subscription_id`}}",
diff --git a/_generated/PackerBuildV0_Node20/src/azureSpnTemplateVariablesProvider.ts b/_generated/PackerBuildV0_Node20/src/azureSpnTemplateVariablesProvider.ts
@@ -31,10 +31,18 @@ export default class AzureSpnTemplateVariablesProvider implements definitions.IT
 
         this._spnVariables = new Map<string, string>();
         var connectedService = taskParameters.serviceEndpoint;
+        let endpointObject = await taskParameters.getEndpoint(connectedService);
         var subscriptionId: string = tl.getEndpointDataParameter(connectedService, "SubscriptionId", true)
         this._spnVariables.set(constants.TemplateVariableSubscriptionIdName, subscriptionId);
         this._spnVariables.set(constants.TemplateVariableClientIdName, tl.getEndpointAuthorizationParameter(connectedService, 'serviceprincipalid', false));
-        this._spnVariables.set(constants.TemplateVariableClientSecretName, tl.getEndpointAuthorizationParameter(connectedService, 'serviceprincipalkey', false));
+        if (endpointObject?.scheme === 'WorkloadIdentityFederation') {
+            const oidc_token = await endpointObject.applicationTokenCredentials.getFederatedToken();
+            tl.setSecret(oidc_token);
+            this._spnVariables.set(constants.TemplateVariableClientjwtName, oidc_token);
+        }
+        else  {
+            this._spnVariables.set(constants.TemplateVariableClientSecretName, tl.getEndpointAuthorizationParameter(connectedService, 'serviceprincipalkey', false));
+        }
         this._spnVariables.set(constants.TemplateVariableTenantIdName, tl.getEndpointAuthorizationParameter(connectedService, 'tenantid', false));
 
 
diff --git a/_generated/PackerBuildV0_Node20/src/constants.ts b/_generated/PackerBuildV0_Node20/src/constants.ts
@@ -55,4 +55,6 @@ export var BaseImageSourceDefault = "default";
 export var BuiltinWindowsDefaultImageTemplateKey = BuiltInTemplateOSTypeWindows + '-' + BaseImageSourceDefault;
 export var BuiltinWindowsCustomImageTemplateKey = BuiltInTemplateOSTypeWindows + '-' + BaseImageSourceCustomVhd;
 export var BuiltinLinuxDefaultImageTemplateKey = BuiltInTemplateOSTypeLinux + '-' + BaseImageSourceDefault;
-export var BuiltinLinuxCustomImageTemplateKey = BuiltInTemplateOSTypeLinux + '-' + BaseImageSourceCustomVhd;
+export var BuiltinLinuxCustomImageTemplateKey = BuiltInTemplateOSTypeLinux + '-' + BaseImageSourceCustomVhd;
+
+export var TemplateVariableClientjwtName = "client_jwt";
diff --git a/_generated/PackerBuildV0_Node20/src/taskParameters.ts b/_generated/PackerBuildV0_Node20/src/taskParameters.ts
@@ -118,4 +118,9 @@ export default class TaskParameters {
         var azureEndpoint = await new AzureRMEndpoint.AzureRMEndpoint(connectedService).getEndpoint(true);
         return azureEndpoint.applicationTokenCredentials;
     }
+
+    public async getEndpoint(connectedService: string) {
+        const endpoint =  await new AzureRMEndpoint.AzureRMEndpoint(connectedService).getEndpoint();
+        return endpoint;
+    }
 }

Original file line number	Diff line number	Diff line change
`@@ -118,4 +118,9 @@ export default class TaskParameters {`
`118`	`118`	`var azureEndpoint = await new AzureRMEndpoint.AzureRMEndpoint(connectedService).getEndpoint(true);`
`119`	`119`	`return azureEndpoint.applicationTokenCredentials;`
`120`	`120`	`}`
	`121`	`+`
	`122`	`+ public async getEndpoint(connectedService: string) {`
	`123`	`+ const endpoint = await new AzureRMEndpoint.AzureRMEndpoint(connectedService).getEndpoint();`
	`124`	`+ return endpoint;`
	`125`	`+ }`
`121`	`126`	`}`