Hello community, here is the log from the commit of package azure-cli-keyvault for openSUSE:Factory checked in at 2019-05-22 11:00:35 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/azure-cli-keyvault (Old) and /work/SRC/openSUSE:Factory/.azure-cli-keyvault.new.5148 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "azure-cli-keyvault" Wed May 22 11:00:35 2019 rev:5 rq:696843 version:2.2.11 Changes: -------- --- /work/SRC/openSUSE:Factory/azure-cli-keyvault/azure-cli-keyvault.changes 2018-10-15 10:45:30.151258022 +0200 +++ /work/SRC/openSUSE:Factory/.azure-cli-keyvault.new.5148/azure-cli-keyvault.changes 2019-05-22 11:00:37.274722886 +0200 @@ -1,0 +2,16 @@ +Tue Apr 16 15:05:33 UTC 2019 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com> + +- New upstream release + + Version 2.2.11 + + For detailed information about changes see the + HISTORY.txt file provided with this package +- Bump minimum version for Python Azure SDK namespace + packages to 3.0.0 in BuildRequires and Requires +- Remove python3-devel package from BuildRequires +- Remove unzip package from BuildRequires +- Run fdupes to hardlink duplicate files + + Add fdupes to BuildRequires + + Add %fdupes invocation to %install +- Update Requires from setup.py + +------------------------------------------------------------------- Old: ---- azure-cli-keyvault-2.2.2.tar.gz New: ---- azure-cli-keyvault-2.2.11.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ azure-cli-keyvault.spec ++++++ --- /var/tmp/diff_new_pack.h1D9gW/_old 2019-05-22 11:00:38.118722151 +0200 +++ /var/tmp/diff_new_pack.h1D9gW/_new 2019-05-22 11:00:38.118722151 +0200 @@ -1,7 +1,7 @@ # # spec file for package azure-cli-keyvault # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: azure-cli-keyvault -Version: 2.2.2 +Version: 2.2.11 Release: 0 Summary: Microsoft Azure CLI 'keyvault' Command Module License: MIT @@ -27,17 +27,16 @@ Source1: LICENSE.txt BuildRequires: azure-cli-command-modules-nspkg BuildRequires: azure-cli-nspkg -BuildRequires: python3-azure-nspkg -BuildRequires: python3-devel +BuildRequires: fdupes +BuildRequires: python3-azure-nspkg >= 3.0.0 BuildRequires: python3-setuptools -BuildRequires: unzip Requires: azure-cli-command-modules-nspkg Requires: azure-cli-core Requires: azure-cli-nspkg -Requires: python3-azure-graphrbac >= 0.40.0 +Requires: python3-azure-graphrbac >= 0.53.0 Requires: python3-azure-keyvault >= 1.1.0 Requires: python3-azure-mgmt-keyvault >= 1.1.0 -Requires: python3-azure-nspkg +Requires: python3-azure-nspkg >= 3.0.0 Requires: python3-pyOpenSSL Conflicts: azure-cli < 2.0.0 @@ -58,6 +57,7 @@ %install python3 setup.py install --root=%{buildroot} --prefix=%{_prefix} --install-lib=%{python3_sitelib} +%python_expand %fdupes %{buildroot}%{$python_sitelib} rm -rf %{buildroot}%{python3_sitelib}/azure/cli/command_modules/__init__.* rm -rf %{buildroot}%{python3_sitelib}/azure/cli/command_modules/__pycache__ rm -rf %{buildroot}%{python3_sitelib}/azure/cli/__init__.* ++++++ azure-cli-keyvault-2.2.2.tar.gz -> azure-cli-keyvault-2.2.11.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/azure-cli-keyvault-2.2.2/HISTORY.rst new/azure-cli-keyvault-2.2.11/HISTORY.rst --- old/azure-cli-keyvault-2.2.2/HISTORY.rst 2018-08-09 08:34:43.000000000 +0200 +++ new/azure-cli-keyvault-2.2.11/HISTORY.rst 2019-02-12 03:05:13.000000000 +0100 @@ -2,6 +2,41 @@ Release History =============== +2.2.11 +++++++ +* keyvault secret backup: Fixes issue where some users received an 'unexpected_keyword' error when using --id. + +2.2.10 +++++++ +* Minor fixes + +2.2.9 ++++++ +* Minor fixes + +2.2.8 ++++++ +* Minor fixes + +2.2.7 ++++++ +* bug fix: do not drop legit exceptions + +2.2.6 ++++++ +* Minor changes + +2.2.5 ++++++ +* Minor changes + +2.2.4 ++++++ +* Restrict keyvault storage commmands to the latest API profile + +2.2.3 ++++++ +* Fixed Key Vault key import for RSA keys 2.2.2 +++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/azure-cli-keyvault-2.2.2/PKG-INFO new/azure-cli-keyvault-2.2.11/PKG-INFO --- old/azure-cli-keyvault-2.2.2/PKG-INFO 2018-08-09 08:36:46.000000000 +0200 +++ new/azure-cli-keyvault-2.2.11/PKG-INFO 2019-02-12 03:05:39.000000000 +0100 @@ -1,6 +1,6 @@ Metadata-Version: 1.1 Name: azure-cli-keyvault -Version: 2.2.2 +Version: 2.2.11 Summary: Microsoft Azure Command-Line Tools Keyvault Command Module Home-page: https://github.com/Azure/azure-cli Author: Microsoft Corporation @@ -19,6 +19,41 @@ Release History =============== + 2.2.11 + ++++++ + * keyvault secret backup: Fixes issue where some users received an 'unexpected_keyword' error when using --id. + + 2.2.10 + ++++++ + * Minor fixes + + 2.2.9 + +++++ + * Minor fixes + + 2.2.8 + +++++ + * Minor fixes + + 2.2.7 + +++++ + * bug fix: do not drop legit exceptions + + 2.2.6 + +++++ + * Minor changes + + 2.2.5 + +++++ + * Minor changes + + 2.2.4 + +++++ + * Restrict keyvault storage commmands to the latest API profile + + 2.2.3 + +++++ + * Fixed Key Vault key import for RSA keys 2.2.2 +++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/azure-cli-keyvault-2.2.2/azure/cli/command_modules/keyvault/_command_type.py new/azure-cli-keyvault-2.2.11/azure/cli/command_modules/keyvault/_command_type.py --- old/azure-cli-keyvault-2.2.2/azure/cli/command_modules/keyvault/_command_type.py 2018-08-09 08:34:43.000000000 +0200 +++ new/azure-cli-keyvault-2.2.11/azure/cli/command_modules/keyvault/_command_type.py 2019-02-12 03:05:13.000000000 +0100 @@ -44,6 +44,8 @@ 'The vault may not exist or you may need to flush your DNS cache ' 'and try again later.') raise CLIError(ex) + else: + raise CLIError(ex) class KeyVaultCommandGroup(AzCommandGroup): @@ -93,6 +95,8 @@ if client_arg_name in op_args: client = client_factory(self.command_loader.cli_ctx, command_args) command_args[client_arg_name] = client + if 'cmd' not in op_args: + command_args.pop('cmd') try: result = op(**command_args) # apply results transform if specified diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/azure-cli-keyvault-2.2.2/azure/cli/command_modules/keyvault/_help.py new/azure-cli-keyvault-2.2.11/azure/cli/command_modules/keyvault/_help.py --- old/azure-cli-keyvault-2.2.2/azure/cli/command_modules/keyvault/_help.py 2018-08-09 08:34:43.000000000 +0200 +++ new/azure-cli-keyvault-2.2.11/azure/cli/command_modules/keyvault/_help.py 2019-02-12 03:05:13.000000000 +0100 @@ -5,204 +5,210 @@ # -------------------------------------------------------------------------------------------- from knack.help_files import helps - +# pylint: disable=line-too-long, too-many-lines helps['keyvault'] = """ - type: group - short-summary: Manage KeyVault keys, secrets, and certificates. +type: group +short-summary: Manage KeyVault keys, secrets, and certificates. """ -helps['keyvault create'] = """ - type: command - short-summary: Create a key vault. - long-summary: Default permissions are created for the current user or service principal unless the `--no-self-perms` flag is specified. +helps['keyvault certificate'] = """ +type: group +short-summary: Manage certificates. """ -helps['keyvault delete'] = """ - type: command - short-summary: Delete a key vault. +helps['keyvault certificate contact'] = """ +type: group +short-summary: Manage contacts for certificate management. """ -helps['keyvault list'] = """ - type: command - short-summary: List key vaults. -""" +helps['keyvault certificate create'] = """ +type: command +short-summary: Create a Key Vault certificate. +long-summary: Certificates can be used as a secrets for provisioned virtual machines. +examples: + - name: Create a self-signed certificate with the default policy and add it to a virtual machine. + text: | + az keyvault certificate create --vault-name vaultname -n cert1 \\ + -p "$(az keyvault certificate get-default-policy)" -helps['keyvault show'] = """ - type: command - short-summary: Show details of a key vault. -""" + secrets=$(az keyvault secret list-versions --vault-name vaultname \\ + -n cert1 --query "[?attributes.enabled].id" -o tsv) -helps['keyvault update'] = """ - type: command - short-summary: Update the properties of a key vault. -""" + vm_secrets=$(az vm secret format -s "$secrets") -helps['keyvault recover'] = """ - type: command - short-summary: Recover a key vault. - long-summary: Recovers a previously deleted key vault for which soft delete was enabled. + az vm create -g group-name -n vm-name --admin-username deploy \\ + --image debian --secrets "$vm_secrets" """ -helps['keyvault key'] = """ - type: group - short-summary: Manage keys. +helps['keyvault certificate download'] = """ +type: command +short-summary: Download the public portion of a Key Vault certificate. +long-summary: The certificate formatted as either PEM or DER. PEM is the default. +examples: + - name: Download a certificate as PEM and check its fingerprint in openssl. + text: | + az keyvault certificate download --vault-name vault -n cert-name -f cert.pem && \\ + openssl x509 -in cert.pem -inform PEM -noout -sha1 -fingerprint + - name: Download a certificate as DER and check its fingerprint in openssl. + text: | + az keyvault certificate download --vault-name vault -n cert-name -f cert.crt -e DER && \\ + openssl x509 -in cert.crt -inform DER -noout -sha1 -fingerprint """ -helps['keyvault secret'] = """ - type: group - short-summary: Manage secrets. +helps['keyvault certificate get-default-policy'] = """ +type: command +short-summary: Get the default policy for self-signed certificates. +long-summary: | + This default policy can be used in conjunction with `az keyvault create` to create a self-signed certificate. + The default policy can also be used as a starting point to create derivative policies. + + For more details, see: https://docs.microsoft.com/en-us/rest/api/keyvault/certificates-and-policies +examples: + - name: Create a self-signed certificate with the default policy + text: | + az keyvault certificate create --vault-name vaultname -n cert1 \\ + -p "$(az keyvault certificate get-default-policy)" """ -helps['keyvault certificate'] = """ - type: group - short-summary: Manage certificates. -""" +helps['keyvault certificate import'] = """ +type: command +short-summary: Import a certificate into KeyVault. +long-summary: Certificates can also be used as a secrets in provisioned virtual machines. +examples: + - name: Create a service principal with a certificate, add the certificate to Key Vault and provision a VM with that certificate. + text: | + service_principal=$(az ad sp create-for-rbac --create-cert) -helps['keyvault storage'] = """ - type: group - short-summary: Manage storage accounts. -""" + cert_file=$(echo $service_principal | jq .fileWithCertAndPrivateKey -r) -helps['keyvault storage add'] = """ - type: command - examples: - - name: Create a storage account and setup a vault to manage its keys - text: | - $id = az storage account create -g resourcegroup -n storageacct --query id - - # assign the Azure Key Vault service the "Storage Account Key Operator Service Role" role. - az role assignment create --role "Storage Account Key Operator Service Role" --scope $id \\ - --assignee cfa8b339-82a2-471a-a3c9-0fc0be7a4093 + az keyvault create -g my-group -n vaultname - az keyvault storage add --vault-name vault -n storageacct --active-key-name key1 \\ - --auto-regenerate-key --regeneration-period P90D --resource-id $id -""" + az keyvault certificate import --vault-name vaultname -n cert_name -f cert_file -helps['keyvault storage sas-definition'] = """ - type: group - short-summary: Manage storage account SAS definitions. -""" + secrets=$(az keyvault secret list-versions --vault-name vaultname \\ + -n cert1 --query "[?attributes.enabled].id" -o tsv) -helps['keyvault storage sas-definition create'] = """ - type: command - examples: - - name: Add a sas-definition for an account sas-token - text: | + vm_secrets=$(az vm secret format -s "$secrets") - $sastoken = az storage account generate-sas --expiry 2020-01-01 --permissions rw \\ - --resource-types sco --services bfqt --https-only --account-name storageacct \\ - --account-key 00000000 + az vm create -g group-name -n vm-name --admin-username deploy \\ + --image debian --secrets "$vm_secrets" +""" - az keyvault storage sas-definition create --vault-name vault --account-name storageacct \\ - -n rwallserviceaccess --validity-period P2D --sas-type account --template-uri $sastoken - - name: Add a sas-definition for a blob sas-token - text: > +helps['keyvault certificate issuer'] = """ +type: group +short-summary: Manage certificate issuer information. +""" - $sastoken = az storage blob generate-sas --account-name storageacct --account-key 00000000 \\ - -c container1 -n blob1 --https-only --permissions rw +helps['keyvault certificate issuer admin'] = """ +type: group +short-summary: Manage admin information for certificate issuers. +""" - $url = az storage blob url --account-name storageacct -c container1 -n blob1 +helps['keyvault certificate pending'] = """ +type: group +short-summary: Manage pending certificate creation operations. +""" +helps['keyvault create'] = """ +type: command +short-summary: Create a key vault. +long-summary: Default permissions are created for the current user or service principal unless the `--no-self-perms` flag is specified. +examples: + - name: Create a key vault. (autogenerated) + text: az keyvault create --name MyKeyVault --resource-group MyResourceGroup + crafted: true +""" - az keyvault storage sas-definition create --vault-name vault --account-name storageacct \\ - -n rwblobaccess --validity-period P2D --sas-type service --template-uri $url?$sastoken +helps['keyvault delete'] = """ +type: command +short-summary: Delete a key vault. """ -helps['keyvault network-rule'] = """ - type: group - short-summary: Manage vault network ACLs. +helps['keyvault key'] = """ +type: group +short-summary: Manage keys. """ -helps['keyvault certificate download'] = """ - type: command - short-summary: Download the public portion of a Key Vault certificate. - long-summary: The certificate formatted as either PEM or DER. PEM is the default. - examples: - - name: Download a certificate as PEM and check its fingerprint in openssl. - text: | - az keyvault certificate download --vault-name vault -n cert-name -f cert.pem && \\ - openssl x509 -in cert.pem -inform PEM -noout -sha1 -fingerprint - - name: Download a certificate as DER and check its fingerprint in openssl. - text: | - az keyvault certificate download --vault-name vault -n cert-name -f cert.crt -e DER && \\ - openssl x509 -in cert.crt -inform DER -noout -sha1 -fingerprint +helps['keyvault list'] = """ +type: command +short-summary: List key vaults. """ -helps['keyvault certificate get-default-policy'] = """ - type: command - short-summary: Get the default policy for self-signed certificates. - long-summary: | - This default policy can be used in conjunction with `az keyvault create` to create a self-signed certificate. - The default policy can also be used as a starting point to create derivative policies. - - For more details, see: https://docs.microsoft.com/en-us/rest/api/keyvault/certificates-and-policies - examples: - - name: Create a self-signed certificate with the default policy - text: | - az keyvault certificate create --vault-name vaultname -n cert1 \\ - -p "$(az keyvault certificate get-default-policy)" +helps['keyvault network-rule'] = """ +type: group +short-summary: Manage vault network ACLs. """ -helps['keyvault certificate create'] = """ - type: command - short-summary: Create a Key Vault certificate. - long-summary: Certificates can be used as a secrets for provisioned virtual machines. - examples: - - name: Create a self-signed certificate with the default policy and add it to a virtual machine. - text: | - az keyvault certificate create --vault-name vaultname -n cert1 \\ - -p "$(az keyvault certificate get-default-policy)" +helps['keyvault recover'] = """ +type: command +short-summary: Recover a key vault. +long-summary: Recovers a previously deleted key vault for which soft delete was enabled. +""" - secrets=$(az keyvault secret list-versions --vault-name vaultname \\ - -n cert1 --query "[?attributes.enabled].id" -o tsv) +helps['keyvault secret'] = """ +type: group +short-summary: Manage secrets. +""" - vm_secrets=$(az vm secret format -s "$secrets") +helps['keyvault show'] = """ +type: command +short-summary: Show details of a key vault. +examples: + - name: Show details of a key vault. (autogenerated) + text: az keyvault show --name MyKeyVault + crafted: true +""" - az vm create -g group-name -n vm-name --admin-username deploy \\ - --image debian --secrets "$vm_secrets" +helps['keyvault storage'] = """ +type: group +short-summary: Manage storage accounts. """ -helps['keyvault certificate import'] = """ - type: command - short-summary: Import a certificate into KeyVault. - long-summary: Certificates can also be used as a secrets in provisioned virtual machines. - examples: - - name: Create a service principal with a certificate, add the certificate to Key Vault and provision a VM with that certificate. - text: | - service_principal=$(az ad sp create-for-rbac --create-cert) +helps['keyvault storage add'] = """ +type: command +examples: + - name: Create a storage account and setup a vault to manage its keys + text: | + $id = az storage account create -g resourcegroup -n storageacct --query id + + # assign the Azure Key Vault service the "Storage Account Key Operator Service Role" role. + az role assignment create --role "Storage Account Key Operator Service Role" --scope $id \\ + --assignee cfa8b339-82a2-471a-a3c9-0fc0be7a4093 - cert_file=$(echo $service_principal | jq .fileWithCertAndPrivateKey -r) + az keyvault storage add --vault-name vault -n storageacct --active-key-name key1 \\ + --auto-regenerate-key --regeneration-period P90D --resource-id $id +""" - az keyvault create -g my-group -n vaultname +helps['keyvault storage sas-definition'] = """ +type: group +short-summary: Manage storage account SAS definitions. +""" - az keyvault certificate import --vault-name vaultname -n cert_file +helps['keyvault storage sas-definition create'] = """ +type: command +examples: + - name: Add a sas-definition for an account sas-token + text: |4 - secrets=$(az keyvault secret list-versions --vault-name vaultname \\ - -n cert1 --query "[?attributes.enabled].id" -o tsv) + $sastoken = az storage account generate-sas --expiry 2020-01-01 --permissions rw \\ + --resource-types sco --services bfqt --https-only --account-name storageacct \\ + --account-key 00000000 - vm_secrets=$(az vm secret format -s "$secrets") + az keyvault storage sas-definition create --vault-name vault --account-name storageacct \\ + -n rwallserviceaccess --validity-period P2D --sas-type account --template-uri $sastoken + - name: Add a sas-definition for a blob sas-token + text: >4 - az vm create -g group-name -n vm-name --admin-username deploy \\ - --image debian --secrets "$vm_secrets" -""" + $sastoken = az storage blob generate-sas --account-name storageacct --account-key 00000000 \\ -c container1 -n blob1 --https-only --permissions rw -helps['keyvault certificate pending'] = """ - type: group - short-summary: Manage pending certificate creation operations. -""" + $url = az storage blob url --account-name storageacct -c container1 -n blob1 -helps['keyvault certificate contact'] = """ - type: group - short-summary: Manage contacts for certificate management. -""" -helps['keyvault certificate issuer'] = """ - type: group - short-summary: Manage certificate issuer information. + az keyvault storage sas-definition create --vault-name vault --account-name storageacct \\ -n rwblobaccess --validity-period P2D --sas-type service --template-uri $url?$sastoken """ -helps['keyvault certificate issuer admin'] = """ - type: group - short-summary: Manage admin information for certificate issuers. +helps['keyvault update'] = """ +type: command +short-summary: Update the properties of a key vault. """ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/azure-cli-keyvault-2.2.2/azure/cli/command_modules/keyvault/_params.py new/azure-cli-keyvault-2.2.11/azure/cli/command_modules/keyvault/_params.py --- old/azure-cli-keyvault-2.2.2/azure/cli/command_modules/keyvault/_params.py 2018-08-09 08:34:43.000000000 +0200 +++ new/azure-cli-keyvault-2.2.11/azure/cli/command_modules/keyvault/_params.py 2019-02-12 03:05:13.000000000 +0100 @@ -13,7 +13,7 @@ get_resource_name_completion_list, resource_group_name_type, tags_type, file_type, get_three_state_flag, get_enum_type) from azure.cli.core.util import get_json_object -from azure.cli.core.profiles import ResourceType, get_sdk +from azure.cli.core.profiles import ResourceType from ._completers import ( get_keyvault_name_completion_list, get_keyvault_version_completion_list) @@ -34,22 +34,17 @@ # pylint: disable=too-many-locals, too-many-branches, too-many-statements, line-too-long def load_arguments(self, _): - JsonWebKeyOperation = get_sdk(self.cli_ctx, ResourceType.DATA_KEYVAULT, 'models.key_vault_client_enums#JsonWebKeyOperation') - KeyAttributes = get_sdk(self.cli_ctx, ResourceType.DATA_KEYVAULT, 'models.key_attributes#KeyAttributes') - JsonWebKeyType = get_sdk(self.cli_ctx, ResourceType.DATA_KEYVAULT, 'models.key_vault_client_enums#JsonWebKeyType') - JsonWebKeyCurveName = get_sdk(self.cli_ctx, ResourceType.DATA_KEYVAULT, 'models.key_vault_client_enums#JsonWebKeyCurveName') - SasTokenType = get_sdk(self.cli_ctx, ResourceType.DATA_KEYVAULT, 'models.key_vault_client_enums#SasTokenType') - SasDefinitionAttributes = get_sdk(self.cli_ctx, ResourceType.DATA_KEYVAULT, 'models.sas_definition_attributes#SasDefinitionAttributes') - SecretAttributes = get_sdk(self.cli_ctx, ResourceType.DATA_KEYVAULT, 'models.secret_attributes#SecretAttributes') - CertificateAttributes = get_sdk(self.cli_ctx, ResourceType.DATA_KEYVAULT, 'models.certificate_attributes#CertificateAttributes') - StorageAccountAttributes = get_sdk(self.cli_ctx, ResourceType.DATA_KEYVAULT, 'models.storage_account_attributes#StorageAccountAttributes') - SkuName = get_sdk(self.cli_ctx, ResourceType.MGMT_KEYVAULT, 'models.key_vault_management_client_enums#SkuName') - KeyPermissions = get_sdk(self.cli_ctx, ResourceType.MGMT_KEYVAULT, 'models.key_vault_management_client_enums#KeyPermissions') - SecretPermissions = get_sdk(self.cli_ctx, ResourceType.MGMT_KEYVAULT, 'models.key_vault_management_client_enums#SecretPermissions') - CertificatePermissions = get_sdk(self.cli_ctx, ResourceType.MGMT_KEYVAULT, 'models.key_vault_management_client_enums#CertificatePermissions') - StoragePermissions = get_sdk(self.cli_ctx, ResourceType.MGMT_KEYVAULT, 'models.key_vault_management_client_enums#StoragePermissions') - NetworkRuleBypassOptions = get_sdk(self.cli_ctx, ResourceType.MGMT_KEYVAULT, 'models.key_vault_management_client_enums#NetworkRuleBypassOptions') - NetworkRuleAction = get_sdk(self.cli_ctx, ResourceType.MGMT_KEYVAULT, 'models.key_vault_management_client_enums#NetworkRuleAction') + (JsonWebKeyOperation, KeyAttributes, JsonWebKeyType, JsonWebKeyCurveName, SasTokenType, + SasDefinitionAttributes, SecretAttributes, CertificateAttributes, StorageAccountAttributes) = self.get_models( + 'JsonWebKeyOperation', 'KeyAttributes', 'JsonWebKeyType', 'JsonWebKeyCurveName', 'SasTokenType', + 'SasDefinitionAttributes', 'SecretAttributes', 'CertificateAttributes', 'StorageAccountAttributes', + resource_type=ResourceType.DATA_KEYVAULT) + + (SkuName, KeyPermissions, SecretPermissions, CertificatePermissions, StoragePermissions, + NetworkRuleBypassOptions, NetworkRuleAction) = self.get_models( + 'SkuName', 'KeyPermissions', 'SecretPermissions', 'CertificatePermissions', 'StoragePermissions', + 'NetworkRuleBypassOptions', 'NetworkRuleAction') + # ARGUMENT DEFINITIONS vault_name_type = CLIArgumentType( help='Name of the key vault.', options_list=['--vault-name'], metavar='NAME', id_part=None, @@ -107,7 +102,10 @@ for cmd in ['backup', 'delete', 'download', 'set-attributes', 'show']: with self.argument_context('keyvault {} {}'.format(item, cmd), arg_group='Id') as c: - c.extra('identifier', options_list=['--id'], help='Id of the {}. If specified all other \'Id\' arguments should be omitted.'.format(item), validator=validate_vault_id(item)) + try: + c.extra('identifier', options_list=['--id'], help='Id of the {}. If specified all other \'Id\' arguments should be omitted.'.format(item), validator=validate_vault_id(item)) + except ValueError: + pass c.argument(item + '_name', help='Name of the {}. Required if --id is not specified.'.format(item), required=False) c.argument('vault_base_url', help='Name of the key vault. Required if --id is not specified.', required=False) c.argument(item + '_version', required=False) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/azure-cli-keyvault-2.2.2/azure/cli/command_modules/keyvault/_validators.py new/azure-cli-keyvault-2.2.11/azure/cli/command_modules/keyvault/_validators.py --- old/azure-cli-keyvault-2.2.2/azure/cli/command_modules/keyvault/_validators.py 2018-08-09 08:34:43.000000000 +0200 +++ new/azure-cli-keyvault-2.2.11/azure/cli/command_modules/keyvault/_validators.py 2019-02-12 03:05:13.000000000 +0100 @@ -257,7 +257,8 @@ ident = KeyVaultIdentifier(uri=identifier, collection=entity_type + 's') setattr(ns, entity_type + '_name', ident.name) setattr(ns, 'vault_base_url', ident.vault) - setattr(ns, entity_type + '_version', ident.version) + if hasattr(ns, entity_type + '_version'): + setattr(ns, entity_type + '_version', ident.version) elif not (name and vault): raise CLIError('incorrect usage: --id ID | --vault-name VAULT --name NAME [--version VERSION]') diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/azure-cli-keyvault-2.2.2/azure/cli/command_modules/keyvault/commands.py new/azure-cli-keyvault-2.2.11/azure/cli/command_modules/keyvault/commands.py --- old/azure-cli-keyvault-2.2.2/azure/cli/command_modules/keyvault/commands.py 2018-08-09 08:34:43.000000000 +0200 +++ new/azure-cli-keyvault-2.2.11/azure/cli/command_modules/keyvault/commands.py 2019-02-12 03:05:13.000000000 +0100 @@ -134,14 +134,14 @@ g.keyvault_custom('add', 'add_certificate_issuer_admin') g.keyvault_custom('delete', 'delete_certificate_issuer_admin') - with self.command_group('keyvault storage', kv_data_sdk) as g: - g.keyvault_command('add', 'set_storage_account') - g.keyvault_command('list', 'get_storage_accounts') - g.keyvault_command('show', 'get_storage_account') - g.keyvault_command('update', 'update_storage_account') - g.keyvault_command('remove', 'delete_storage_account') - g.keyvault_command('regenerate-key', 'regenerate_storage_account_key') - if data_api_version != '2016_10_01': + if data_api_version != '2016_10_01': + with self.command_group('keyvault storage', kv_data_sdk) as g: + g.keyvault_command('add', 'set_storage_account') + g.keyvault_command('list', 'get_storage_accounts') + g.keyvault_command('show', 'get_storage_account') + g.keyvault_command('update', 'update_storage_account') + g.keyvault_command('remove', 'delete_storage_account') + g.keyvault_command('regenerate-key', 'regenerate_storage_account_key') g.keyvault_command('list-deleted', 'get_deleted_storage_accounts') g.keyvault_command('show-deleted', 'get_deleted_storage_account') g.keyvault_command('purge', 'purge_deleted_storage_account') @@ -153,17 +153,17 @@ 'restore_storage_account', doc_string_source=data_doc_string.format('restore_storage_account')) - with self.command_group('keyvault storage sas-definition', kv_data_sdk) as g: - g.keyvault_command('create', - 'set_sas_definition', - doc_string_source=data_doc_string.format('set_sas_definition')) - g.keyvault_command('list', 'get_sas_definitions') - g.keyvault_command('show', 'get_sas_definition') - g.keyvault_command('update', - 'update_sas_definition', - doc_string_source=data_doc_string.format('update_sas_definition')) - g.keyvault_command('delete', 'delete_sas_definition') - if data_api_version != '2016_10_01': + if data_api_version != '2016_10_01': + with self.command_group('keyvault storage sas-definition', kv_data_sdk) as g: + g.keyvault_command('create', + 'set_sas_definition', + doc_string_source=data_doc_string.format('set_sas_definition')) + g.keyvault_command('list', 'get_sas_definitions') + g.keyvault_command('show', 'get_sas_definition') + g.keyvault_command('update', + 'update_sas_definition', + doc_string_source=data_doc_string.format('update_sas_definition')) + g.keyvault_command('delete', 'delete_sas_definition') g.keyvault_command('list-deleted', 'get_deleted_sas_definitions') g.keyvault_command('show-deleted', 'get_deleted_sas_definition') g.keyvault_command('recover', 'recover_deleted_sas_definition') diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/azure-cli-keyvault-2.2.2/azure/cli/command_modules/keyvault/custom.py new/azure-cli-keyvault-2.2.11/azure/cli/command_modules/keyvault/custom.py --- old/azure-cli-keyvault-2.2.2/azure/cli/command_modules/keyvault/custom.py 2018-08-09 08:34:43.000000000 +0200 +++ new/azure-cli-keyvault-2.2.11/azure/cli/command_modules/keyvault/custom.py 2019-02-12 03:05:13.000000000 +0100 @@ -161,7 +161,7 @@ def _get_current_user_object_id(graph_client): from msrestazure.azure_exceptions import CloudError try: - current_user = graph_client.objects.get_current_user() + current_user = graph_client.signed_in_user.get() if current_user and current_user.object_id: # pylint:disable=no-member return current_user.object_id # pylint:disable=no-member except CloudError: @@ -621,14 +621,15 @@ return codecs.decode(h, 'hex') def _private_rsa_key_to_jwk(rsa_key, jwk): - jwk.n = _int_to_bytes(rsa_key.private_numbers().public_numbers.n) - jwk.e = _int_to_bytes(rsa_key.private_numbers().public_numbers.e) - jwk.q = _int_to_bytes(rsa_key.private_numbers().q) - jwk.p = _int_to_bytes(rsa_key.private_numbers().p) - jwk.d = _int_to_bytes(rsa_key.private_numbers().d) - jwk.dq = _int_to_bytes(rsa_key.private_numbers().dmql) - jwk.dp = _int_to_bytes(rsa_key.private_numbers().dmpl) - jwk.qi = _int_to_bytes(rsa_key.private_numbers().iqmp) + priv = rsa_key.private_numbers() + jwk.n = _int_to_bytes(priv.public_numbers.n) + jwk.e = _int_to_bytes(priv.public_numbers.e) + jwk.q = _int_to_bytes(priv.q) + jwk.p = _int_to_bytes(priv.p) + jwk.d = _int_to_bytes(priv.d) + jwk.dq = _int_to_bytes(priv.dmq1) + jwk.dp = _int_to_bytes(priv.dmp1) + jwk.qi = _int_to_bytes(priv.iqmp) def _private_ec_key_to_jwk(ec_key, jwk): supported_curves = { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/azure-cli-keyvault-2.2.2/azure_cli_keyvault.egg-info/PKG-INFO new/azure-cli-keyvault-2.2.11/azure_cli_keyvault.egg-info/PKG-INFO --- old/azure-cli-keyvault-2.2.2/azure_cli_keyvault.egg-info/PKG-INFO 2018-08-09 08:36:46.000000000 +0200 +++ new/azure-cli-keyvault-2.2.11/azure_cli_keyvault.egg-info/PKG-INFO 2019-02-12 03:05:39.000000000 +0100 @@ -1,6 +1,6 @@ Metadata-Version: 1.1 Name: azure-cli-keyvault -Version: 2.2.2 +Version: 2.2.11 Summary: Microsoft Azure Command-Line Tools Keyvault Command Module Home-page: https://github.com/Azure/azure-cli Author: Microsoft Corporation @@ -19,6 +19,41 @@ Release History =============== + 2.2.11 + ++++++ + * keyvault secret backup: Fixes issue where some users received an 'unexpected_keyword' error when using --id. + + 2.2.10 + ++++++ + * Minor fixes + + 2.2.9 + +++++ + * Minor fixes + + 2.2.8 + +++++ + * Minor fixes + + 2.2.7 + +++++ + * bug fix: do not drop legit exceptions + + 2.2.6 + +++++ + * Minor changes + + 2.2.5 + +++++ + * Minor changes + + 2.2.4 + +++++ + * Restrict keyvault storage commmands to the latest API profile + + 2.2.3 + +++++ + * Fixed Key Vault key import for RSA keys 2.2.2 +++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/azure-cli-keyvault-2.2.2/azure_cli_keyvault.egg-info/requires.txt new/azure-cli-keyvault-2.2.11/azure_cli_keyvault.egg-info/requires.txt --- old/azure-cli-keyvault-2.2.2/azure_cli_keyvault.egg-info/requires.txt 2018-08-09 08:36:46.000000000 +0200 +++ new/azure-cli-keyvault-2.2.11/azure_cli_keyvault.egg-info/requires.txt 2019-02-12 03:05:39.000000000 +0100 @@ -1,5 +1,5 @@ azure-mgmt-keyvault==1.1.0 azure-keyvault==1.1.0 -azure-graphrbac==0.40.0 +azure-graphrbac==0.53.0 azure-cli-core pyOpenSSL diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/azure-cli-keyvault-2.2.2/setup.py new/azure-cli-keyvault-2.2.11/setup.py --- old/azure-cli-keyvault-2.2.2/setup.py 2018-08-09 08:34:43.000000000 +0200 +++ new/azure-cli-keyvault-2.2.11/setup.py 2019-02-12 03:05:13.000000000 +0100 @@ -15,7 +15,7 @@ logger.warn("Wheel is not available, disabling bdist_wheel hook") cmdclass = {} -VERSION = "2.2.2" +VERSION = "2.2.11" # The full list of classifiers is available at # https://pypi.python.org/pypi?%3Aaction=list_classifiers @@ -36,7 +36,7 @@ DEPENDENCIES = [ 'azure-mgmt-keyvault==1.1.0', 'azure-keyvault==1.1.0', - 'azure-graphrbac==0.40.0', + 'azure-graphrbac==0.53.0', 'azure-cli-core', 'pyOpenSSL' ]