azure-cli: immutable command index
This commit is contained in:
parent
92682867ac
commit
b34ca295cb
|
@ -0,0 +1,98 @@
|
||||||
|
From c12adfdefd8a091e1fa870305a3cc61de6426914 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Paul Meyer <49727155+katexochen@users.noreply.github.com>
|
||||||
|
Date: Thu, 14 Dec 2023 21:16:20 +0100
|
||||||
|
Subject: [PATCH] optional immutable configuration dir
|
||||||
|
|
||||||
|
Adding the possibility to configure an immutable configuration dir via
|
||||||
|
env variable `AZURE_IMMUTABLE_DIR`. This path is used for the files
|
||||||
|
that configure the dynamic behavior of the CLI code.
|
||||||
|
An immutable session is used for these files to ensure we don't try to
|
||||||
|
write to them.
|
||||||
|
|
||||||
|
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
|
||||||
|
---
|
||||||
|
azure/cli/core/__init__.py | 5 +++--
|
||||||
|
azure/cli/core/_session.py | 19 ++++++++++++++++---
|
||||||
|
.../cli/core/extension/dynamic_install.py | 3 ++-
|
||||||
|
3 files changed, 21 insertions(+), 6 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/azure/cli/core/__init__.py b/azure/cli/core/__init__.py
|
||||||
|
index d112633ec..20b6d045b 100644
|
||||||
|
--- a/azure/cli/core/__init__.py
|
||||||
|
+++ b/azure/cli/core/__init__.py
|
||||||
|
@@ -75,12 +75,13 @@ class AzCli(CLI):
|
||||||
|
self.data['query_active'] = False
|
||||||
|
|
||||||
|
azure_folder = self.config.config_dir
|
||||||
|
+ azure_immutable_folder = os.environ.get('AZURE_IMMUTABLE_DIR', azure_folder)
|
||||||
|
ensure_dir(azure_folder)
|
||||||
|
ACCOUNT.load(os.path.join(azure_folder, 'azureProfile.json'))
|
||||||
|
CONFIG.load(os.path.join(azure_folder, 'az.json'))
|
||||||
|
SESSION.load(os.path.join(azure_folder, 'az.sess'), max_age=3600)
|
||||||
|
- INDEX.load(os.path.join(azure_folder, 'commandIndex.json'))
|
||||||
|
- VERSIONS.load(os.path.join(azure_folder, 'versionCheck.json'))
|
||||||
|
+ INDEX.load(os.path.join(azure_immutable_folder, 'commandIndex.json'))
|
||||||
|
+ VERSIONS.load(os.path.join(azure_immutable_folder, 'versionCheck.json'))
|
||||||
|
handle_version_update()
|
||||||
|
|
||||||
|
self.cloud = get_active_cloud(self)
|
||||||
|
diff --git a/azure/cli/core/_session.py b/azure/cli/core/_session.py
|
||||||
|
index 471a0344c..acaef6fb8 100644
|
||||||
|
--- a/azure/cli/core/_session.py
|
||||||
|
+++ b/azure/cli/core/_session.py
|
||||||
|
@@ -85,6 +85,19 @@ class Session(MutableMapping):
|
||||||
|
return len(self.data)
|
||||||
|
|
||||||
|
|
||||||
|
+class ImmutableSession(Session):
|
||||||
|
+ """
|
||||||
|
+ A session that is backed by an immutable JSON file. This session is read-only.
|
||||||
|
+ """
|
||||||
|
+ def save(self):
|
||||||
|
+ if os.getenv('AZURE_IMMUTABLE_DIR'):
|
||||||
|
+ get_logger(__name__).log(logging.DEBUG,
|
||||||
|
+ "Skipping update of file %s due to immutable directory.",
|
||||||
|
+ self.filename)
|
||||||
|
+ return
|
||||||
|
+ super().save()
|
||||||
|
+
|
||||||
|
+
|
||||||
|
# ACCOUNT contains subscriptions information
|
||||||
|
ACCOUNT = Session()
|
||||||
|
|
||||||
|
@@ -95,16 +108,16 @@ CONFIG = Session()
|
||||||
|
SESSION = Session()
|
||||||
|
|
||||||
|
# INDEX contains {top-level command: [command_modules and extensions]} mapping index
|
||||||
|
-INDEX = Session()
|
||||||
|
+INDEX = ImmutableSession()
|
||||||
|
|
||||||
|
# VERSIONS provides local versions and pypi versions.
|
||||||
|
# DO NOT USE it to get the current version of azure-cli,
|
||||||
|
# it could be lagged behind and can be used to check whether
|
||||||
|
# an upgrade of azure-cli happens
|
||||||
|
-VERSIONS = Session()
|
||||||
|
+VERSIONS = ImmutableSession()
|
||||||
|
|
||||||
|
# EXT_CMD_TREE provides command to extension name mapping
|
||||||
|
-EXT_CMD_TREE = Session()
|
||||||
|
+EXT_CMD_TREE = ImmutableSession()
|
||||||
|
|
||||||
|
# CLOUD_ENDPOINTS provides endpoints/suffixes of clouds
|
||||||
|
CLOUD_ENDPOINTS = Session()
|
||||||
|
diff --git a/azure/cli/core/extension/dynamic_install.py b/azure/cli/core/extension/dynamic_install.py
|
||||||
|
index cb03980a0..29279be2b 100644
|
||||||
|
--- a/azure/cli/core/extension/dynamic_install.py
|
||||||
|
+++ b/azure/cli/core/extension/dynamic_install.py
|
||||||
|
@@ -17,7 +17,8 @@ def _get_extension_command_tree(cli_ctx):
|
||||||
|
VALID_SECOND = 3600 * 24 * 10
|
||||||
|
if not cli_ctx:
|
||||||
|
return None
|
||||||
|
- EXT_CMD_TREE.load(os.path.join(cli_ctx.config.config_dir, 'extensionCommandTree.json'), VALID_SECOND)
|
||||||
|
+ azure_immutable_folder = os.environ.get('AZURE_IMMUTABLE_DIR', cli_ctx.config.config_dir)
|
||||||
|
+ EXT_CMD_TREE.load(os.path.join(azure_immutable_folder, 'extensionCommandTree.json'), VALID_SECOND)
|
||||||
|
if not EXT_CMD_TREE.data:
|
||||||
|
import posixpath
|
||||||
|
import requests
|
||||||
|
--
|
||||||
|
2.42.0
|
|
@ -2,6 +2,10 @@
|
||||||
, callPackage
|
, callPackage
|
||||||
, fetchFromGitHub
|
, fetchFromGitHub
|
||||||
, installShellFiles
|
, installShellFiles
|
||||||
|
|
||||||
|
# Whether to include patches that enable placing certain behavior-defining
|
||||||
|
# configuration files in the Nix store.
|
||||||
|
, withImmutableConfig ? true
|
||||||
}:
|
}:
|
||||||
|
|
||||||
let
|
let
|
||||||
|
@ -177,7 +181,13 @@ py.pkgs.toPythonApplication (py.pkgs.buildAzureCliPackage {
|
||||||
--replace register-python-argcomplete ${py.pkgs.argcomplete}/bin/register-python-argcomplete
|
--replace register-python-argcomplete ${py.pkgs.argcomplete}/bin/register-python-argcomplete
|
||||||
installShellCompletion --bash --name az.bash az.completion.sh
|
installShellCompletion --bash --name az.bash az.completion.sh
|
||||||
installShellCompletion --zsh --name _az az.completion.sh
|
installShellCompletion --zsh --name _az az.completion.sh
|
||||||
|
'' + lib.optionalString withImmutableConfig ''
|
||||||
|
export HOME=$TMPDIR
|
||||||
|
$out/bin/az --version
|
||||||
|
mkdir -p $out/etc/azure
|
||||||
|
mv $TMPDIR/.azure/commandIndex.json $out/etc/azure/commandIndex.json
|
||||||
|
mv $TMPDIR/.azure/versionCheck.json $out/etc/azure/versionCheck.json
|
||||||
|
'' + ''
|
||||||
# remove garbage
|
# remove garbage
|
||||||
rm $out/bin/az.bat
|
rm $out/bin/az.bat
|
||||||
rm $out/bin/az.completion.sh
|
rm $out/bin/az.completion.sh
|
||||||
|
@ -187,8 +197,12 @@ py.pkgs.toPythonApplication (py.pkgs.buildAzureCliPackage {
|
||||||
# it's just a shebang script which calls `python -m azure.cli "$@"`
|
# it's just a shebang script which calls `python -m azure.cli "$@"`
|
||||||
postFixup = ''
|
postFixup = ''
|
||||||
wrapProgram $out/bin/az \
|
wrapProgram $out/bin/az \
|
||||||
--set PYTHONPATH $PYTHONPATH
|
'' + lib.optionalString withImmutableConfig ''
|
||||||
'';
|
--set AZURE_IMMUTABLE_DIR $out/etc/azure \
|
||||||
|
'' + ''
|
||||||
|
--set PYTHONPATH $PYTHONPATH
|
||||||
|
''
|
||||||
|
;
|
||||||
|
|
||||||
doInstallCheck = true;
|
doInstallCheck = true;
|
||||||
installCheckPhase = ''
|
installCheckPhase = ''
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
{ stdenv
|
{ lib
|
||||||
|
, stdenv
|
||||||
, python3
|
, python3
|
||||||
, fetchPypi
|
, fetchPypi
|
||||||
, fetchpatch
|
, fetchpatch
|
||||||
|
@ -30,6 +31,16 @@ let
|
||||||
|
|
||||||
sourceRoot = "${src.name}/src/azure-cli-core";
|
sourceRoot = "${src.name}/src/azure-cli-core";
|
||||||
|
|
||||||
|
patches = [
|
||||||
|
# Adding the possibility to configure an immutable configuration dir via `AZURE_IMMUTABLE_DIR`.
|
||||||
|
# This enables us to place configuration files that alter the behavior of the CLI in the Nix store.
|
||||||
|
#
|
||||||
|
# This is a downstream patch without an commit or PR upstream.
|
||||||
|
# There is an issue to discuss possible solutions upstream:
|
||||||
|
# https://github.com/Azure/azure-cli/issues/28093
|
||||||
|
./0001-optional-immutable-configuration-dir.patch
|
||||||
|
];
|
||||||
|
|
||||||
propagatedBuildInputs = with self; [
|
propagatedBuildInputs = with self; [
|
||||||
argcomplete
|
argcomplete
|
||||||
azure-cli-telemetry
|
azure-cli-telemetry
|
||||||
|
|
Loading…
Reference in New Issue
Block a user