Merge pull request Azure#3387 from MsysTechnologiesllc/ali/add_daemon_and_databag_secret_key_options_in_chef_extension

Added daemon and databag secret-key options in ChefExtension for ASM and ARM commands.

Author: markcowl

src/ResourceManager/Compute/ChangeLog.md

@@ -18,6 +18,10 @@
         - Additional information about change #1
 -->
 ## Current Release
+* Updated Set-AzureRmVMChefExtension cmdlet to add following new options :
+  - Daemon: Configures the chef-client service for unattended execution. e.g. -Daemon 'none' or e.g. -Daemon 'service'."
+  - Secret: The encryption key used to encrypt and decrypt the data bag item values.
+  - SecretFile: The path to the file that contains the encryption key used to encrypt and decrypt the data bag item values.
 
 ## Version 2.5.0
 * Fix Get-AzureRmVM with -Status issue: Get-AzureRmVM throws an exception when Get-AzureRmVM lists multiple VMs and some of the VMs are deleted during Get-AzureRmVM is performed.

src/ResourceManager/Compute/Commands.Compute/Extension/Chef/SetAzureVMChefExtension.cs

@@ -48,6 +48,8 @@ public class SetAzureVMChefExtensionCommand : VirtualMachineExtensionBaseCmdlet
         private string JsonAttributeTemplate = "custom_json_attr";
         private string ChefServiceIntervalTemplate = "chef_service_interval";
         private string RunListTemplate = "runlist";
+        private string DaemonTemplate = "daemon";
+        private string SecretTemplate = "encrypted_data_bag_secret";
 
         [Parameter(
             Mandatory = true,
@@ -114,6 +116,27 @@ public string TypeHandlerVersion
         [ValidateNotNullOrEmpty]
         public string ChefServiceInterval { get; set; }
 
+        [Parameter(
+            ValueFromPipelineByPropertyName = true,
+            HelpMessage = "Configures the chef-client service for unattended execution. The node platform should be Windows." +
+                          "Options: 'none' or 'service'." +
+                          "none - Currently prevents the chef-client service from being configured as a service." +
+                          "service - Configures the chef-client to run automatically in the background as a service.")]
+        [ValidateNotNullOrEmpty]
+        public string Daemon { get; set; }
+
+        [Parameter(
+            ValueFromPipelineByPropertyName = true,
+            HelpMessage = "The encryption key used to encrypt and decrypt the data bag item values.")]
+        [ValidateNotNullOrEmpty]
+        public string Secret { get; set; }
+
+        [Parameter(
+            ValueFromPipelineByPropertyName = true,
+            HelpMessage = "The path to the file that contains the encryption key used to encrypt and decrypt the data bag item values.")]
+        [ValidateNotNullOrEmpty]
+        public string SecretFile { get; set; }
+
         [Parameter(
             ValueFromPipelineByPropertyName = true,
             HelpMessage = "The Chef Server Node Runlist.")]
@@ -228,6 +251,7 @@ private Hashtable PublicConfiguration
                     bool IsJsonAttributeEmpty = string.IsNullOrEmpty(this.JsonAttribute);
                     bool IsChefServiceIntervalEmpty = string.IsNullOrEmpty(this.ChefServiceInterval);
                     string BootstrapVersion = string.IsNullOrEmpty(this.BootstrapVersion) ? "" : this.BootstrapVersion;
+                    bool IsDaemonEmpty = string.IsNullOrEmpty(this.Daemon);
 
                     //Cases handled:
                     // 1. When clientRb given by user and:
@@ -300,6 +324,11 @@ private Hashtable PublicConfiguration
                         hashTable.Add(ChefServiceIntervalTemplate, ChefServiceInterval);
                     }
 
+                    if (this.Windows.IsPresent && !IsDaemonEmpty)
+                    {
+                        hashTable.Add(DaemonTemplate, this.Daemon);
+                    }
+
                     this.publicConfiguration = hashTable;
                 }
 
@@ -314,6 +343,12 @@ private Hashtable PrivateConfiguration
                 if (this.privateConfiguration == null)
                 {
                     var hashTable = new Hashtable();
+
+                    if (!string.IsNullOrEmpty(this.SecretFile))
+                        hashTable.Add(SecretTemplate, File.ReadAllText(this.SecretFile).TrimEnd('\r', '\n'));
+                    else if (!string.IsNullOrEmpty(this.Secret))
+                        hashTable.Add(SecretTemplate, this.Secret);
+
                     hashTable.Add(PrivateConfigurationTemplate, File.ReadAllText(this.ValidationPem).TrimEnd('\r', '\n'));
                     this.privateConfiguration = hashTable;
                 }
@@ -398,12 +433,30 @@ private void ValidateParameters()
             bool IsClientRbEmpty = string.IsNullOrEmpty(this.ClientRb);
             bool IsChefServerUrlEmpty = string.IsNullOrEmpty(this.ChefServerUrl);
             bool IsValidationClientNameEmpty = string.IsNullOrEmpty(this.ValidationClientName);
+            bool IsDaemonEmpty = string.IsNullOrEmpty(this.Daemon);
             // Validate ClientRb or ChefServerUrl and ValidationClientName should exist.
             if (IsClientRbEmpty && (IsChefServerUrlEmpty || IsValidationClientNameEmpty))
             {
                 throw new ArgumentException(
                     "Required -ClientRb or -ChefServerUrl and -ValidationClientName options.");
             }
+
+            if (!IsDaemonEmpty)
+            {
+                bool IsDaemonValueInvalid = Array.IndexOf(new String[2] {"none", "service"}, this.Daemon) == -1;
+                // Validation against the invalid use of Daemon option.
+                if (IsDaemonValueInvalid || this.Linux.IsPresent)
+                {
+                    throw new ArgumentException(
+                        "Invalid use of -Daemon option.");
+                }
+            }
+
+            if (!string.IsNullOrEmpty(this.SecretFile) && !File.Exists(this.SecretFile))
+            {
+                throw new FileNotFoundException(
+                    "File specified in -SecretFile option does not exist.");
+            }
         }
 
         public override void ExecuteCmdlet()

src/ResourceManager/Compute/Commands.Compute/Microsoft.Azure.Commands.Compute.dll-Help.xml

@@ -13015,6 +13015,24 @@ PS C:\> Set-AzureRmVMBootDiagnostics -VM $VM -Enable -ResourceGroupName "Reso
 <maml:uri /></dev:type>
 <dev:defaultValue>None</dev:defaultValue>
 </command:parameter>
+<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"><maml:name>Secret</maml:name>
+<maml:Description><maml:para>The encryption key used to encrypt and decrypt the data bag item values.
+</maml:para>
+</maml:Description>
+<command:parameterValue required="true" variableLength="false">String</command:parameterValue>
+<dev:type><maml:name>String</maml:name>
+<maml:uri /></dev:type>
+<dev:defaultValue>None</dev:defaultValue>
+</command:parameter>
+<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"><maml:name>SecretFile</maml:name>
+<maml:Description><maml:para>The path to the file that contains the encryption key used to encrypt and decrypt the data bag item values.
+</maml:para>
+</maml:Description>
+<command:parameterValue required="true" variableLength="false">String</command:parameterValue>
+<dev:type><maml:name>String</maml:name>
+<maml:uri /></dev:type>
+<dev:defaultValue>None</dev:defaultValue>
+</command:parameter>
 <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"><maml:name>ClientRb</maml:name>
 <maml:Description><maml:para>Specifies the full path of the Chef client.rb.
 </maml:para>
@@ -13185,6 +13203,36 @@ PS C:\&gt; Set-AzureRmVMBootDiagnostics -VM $VM -Enable -ResourceGroupName "Reso
 <maml:uri /></dev:type>
 <dev:defaultValue>None</dev:defaultValue>
 </command:parameter>
+<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"><maml:name>Daemon</maml:name>
+<maml:Description><maml:para>Configures the chef-client service for unattended execution. The node platform should be Windows.
+  Options: 'none' or 'service'
+  none - Currently prevents the chef-client service from being configured as a service.
+  service - Configures the chef-client to run automatically in the background as a service.
+</maml:para>
+</maml:Description>
+<command:parameterValue required="true" variableLength="false">String</command:parameterValue>
+<dev:type><maml:name>String</maml:name>
+<maml:uri /></dev:type>
+<dev:defaultValue>None</dev:defaultValue>
+</command:parameter>
+<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"><maml:name>Secret</maml:name>
+<maml:Description><maml:para>The encryption key used to encrypt and decrypt the data bag item values.
+</maml:para>
+</maml:Description>
+<command:parameterValue required="true" variableLength="false">String</command:parameterValue>
+<dev:type><maml:name>String</maml:name>
+<maml:uri /></dev:type>
+<dev:defaultValue>None</dev:defaultValue>
+</command:parameter>
+<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"><maml:name>SecretFile</maml:name>
+<maml:Description><maml:para>The path to the file that contains the encryption key used to encrypt and decrypt the data bag item values.
+</maml:para>
+</maml:Description>
+<command:parameterValue required="true" variableLength="false">String</command:parameterValue>
+<dev:type><maml:name>String</maml:name>
+<maml:uri /></dev:type>
+<dev:defaultValue>None</dev:defaultValue>
+</command:parameter>
 <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"><maml:name>ClientRb</maml:name>
 <maml:Description><maml:para>Specifies the full path of the Chef client.rb.
 </maml:para>
@@ -13310,6 +13358,36 @@ PS C:\&gt; Set-AzureRmVMBootDiagnostics -VM $VM -Enable -ResourceGroupName "Reso
 <maml:uri /></dev:type>
 <dev:defaultValue>None</dev:defaultValue>
 </command:parameter>
+<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"><maml:name>Daemon</maml:name>
+<maml:Description><maml:para>Configures the chef-client service for unattended execution. The node platform should be Windows.
+  Options: 'none' or 'service'
+  none - Currently prevents the chef-client service from being configured as a service.
+  service - Configures the chef-client to run automatically in the background as a service.
+</maml:para>
+</maml:Description>
+<command:parameterValue required="true" variableLength="false">String</command:parameterValue>
+<dev:type><maml:name>String</maml:name>
+<maml:uri /></dev:type>
+<dev:defaultValue>None</dev:defaultValue>
+</command:parameter>
+<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"><maml:name>Secret</maml:name>
+<maml:Description><maml:para>The encryption key used to encrypt and decrypt the data bag item values.
+</maml:para>
+</maml:Description>
+<command:parameterValue required="true" variableLength="false">String</command:parameterValue>
+<dev:type><maml:name>String</maml:name>
+<maml:uri /></dev:type>
+<dev:defaultValue>None</dev:defaultValue>
+</command:parameter>
+<command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"><maml:name>SecretFile</maml:name>
+<maml:Description><maml:para>The path to the file that contains the encryption key used to encrypt and decrypt the data bag item values.
+</maml:para>
+</maml:Description>
+<command:parameterValue required="true" variableLength="false">String</command:parameterValue>
+<dev:type><maml:name>String</maml:name>
+<maml:uri /></dev:type>
+<dev:defaultValue>None</dev:defaultValue>
+</command:parameter>
 <command:parameter required="false" variableLength="true" globbing="false" pipelineInput="True (ByPropertyName)" position="named" aliases="none"><maml:name>ClientRb</maml:name>
 <maml:Description><maml:para>Specifies the full path of the Chef client.rb.
 </maml:para>

src/ResourceManager/Compute/Commands.Compute/help/Set-AzureRmVMChefExtension.md

@@ -19,6 +19,7 @@ Set-AzureRmVMChefExtension [-ResourceGroupName] <String> [-VMName] <String> [[-T
  [-ChefServerUrl <String>] [-ValidationClientName <String>] [-OrganizationName <String>]
  [-BootstrapVersion <String>] [-Linux] [[-Location] <String>] [[-Name] <String>]
  [[-AutoUpgradeMinorVersion] <Boolean>] [-WhatIf] [-Confirm] [<CommonParameters>]
+ [-Secret <String>]
 ```
 
 ### Windows
@@ -28,6 +29,7 @@ Set-AzureRmVMChefExtension [-ResourceGroupName] <String> [-VMName] <String> [[-T
  [-ChefServerUrl <String>] [-ValidationClientName <String>] [-OrganizationName <String>]
  [-BootstrapVersion <String>] [-Windows] [[-Location] <String>] [[-Name] <String>]
  [[-AutoUpgradeMinorVersion] <Boolean>] [-WhatIf] [-Confirm] [<CommonParameters>]
+ [-Daemon <String>] [-SecretFile <String>]
 ```
 
 ## DESCRIPTION
@@ -37,15 +39,15 @@ The **Set-AzureVMChefExtension** cmdlet adds the Chef extension to the virtual m
 
 ### Example 1: Add a Chef extension to a Windows virtual machine
 ```
-PS C:\>Set-AzureRmVMChefExtension -ResourceGroupName "ResourceGroup001" -VMName "WindowsVM001" -ValidationPem "C:\my-org-validator.pem" -ClientRb "C:\client.rb" -RunList "Apache" -Windows
+PS C:\>Set-AzureRmVMChefExtension -ResourceGroupName "ResourceGroup001" -VMName "WindowsVM001" -ValidationPem "C:\my-org-validator.pem" -ClientRb "C:\client.rb" -RunList "Apache" -Daemon "service" -SecretFile "C:\my_encrypted_data_bag_secret" -Windows
 ```
 
 This command adds a Chef extension to a Windows virtual machine named WindowsVM001.
 When the virtual machine starts, Chef bootstraps the virtual machine to run Apache.
 
 ### Example 2: Add a Chef extension to a Linux virtual machine
 ```
-PS C:\>Set-AzureRmVMChefExtension -ResourceGroupName "ResourceGroup002" -VMName "LinuxVM001" -ValidationPem "C:\my-org-validator.pem" -ClientRb "C:\client.rb" -RunList "Apache" -Linux
+PS C:\>Set-AzureRmVMChefExtension -ResourceGroupName "ResourceGroup002" -VMName "LinuxVM001" -ValidationPem "C:\my-org-validator.pem" -ClientRb "C:\client.rb" -RunList "Apache" -Secret "my_secret" -Linux
 ```
 
 This command adds a Chef extension to a Linux virtual machine named LinuxVM001.
@@ -284,6 +286,54 @@ Accept pipeline input: True (ByPropertyName)
 Accept wildcard characters: False
 ```
 
+### -Daemon
+Configures the chef-client service for unattended execution. The node platform should be Windows.
+Options: 'none' or 'service'
+none - Currently prevents the chef-client service from being configured as a service.
+service - Configures the chef-client to run automatically in the background as a service.
+
+```yaml
+Type: String
+Parameter Sets: Windows
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: True (ByPropertyName)
+Accept wildcard characters: False
+```
+
+### -Secret
+The encryption key used to encrypt and decrypt the data bag item values.
+
+```yaml
+Type: String
+Parameter Sets: (All)
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: True (ByPropertyName)
+Accept wildcard characters: False
+```
+
+### -SecretFile
+The path to the file that contains the encryption key used to encrypt and decrypt the data bag item values.
+
+```yaml
+Type: String
+Parameter Sets: (All)
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: True (ByPropertyName)
+Accept wildcard characters: False
+```
+
 ### -Windows
 Indicates that this cmdlet creates a Windows virtual machine.
 

src/ServiceManagement/Common/Commands.ScenarioTest/ChefExtension/ChefExtensionTests.cs

@@ -15,7 +15,7 @@
 
 
 namespace Microsoft.WindowsAzure.Commands.ScenarioTest
-{    
+{
     public class ChefExtensionTests
     {
         private EnvironmentSetupHelper helper = new EnvironmentSetupHelper();
@@ -33,6 +33,13 @@ public void TestSetAzureVMChefExtension()
             this.RunPowerShellTest("Test-SetAzureVMChefExtension");
         }
 
+        [Fact]
+        [Trait(Category.AcceptanceType, Category.CheckIn)]
+        public void TestSetAzureVMChefExtensionAdvancedOptions()
+        {
+            this.RunPowerShellTest("Test-SetAzureVMChefExtensionAdvancedOptions");
+        }
+
         protected void SetupManagementClients()
         {
             var rdfeTestFactory = new RDFETestEnvironmentFactory();
@@ -53,7 +60,7 @@ protected void RunPowerShellTest(params string[] scripts)
             using (UndoContext context = UndoContext.Current)
             {
                 context.Start(TestUtilities.GetCallingClass(1), TestUtilities.GetCurrentMethodName(2));
-                
+
                 SetupManagementClients();
 
                 var modules = new List<string>
@@ -76,6 +83,6 @@ protected void RunPowerShellTest(params string[] scripts)
 
                 helper.RunPowerShellTest(scriptEnvPath, scripts);
             }
-        }                
+        }
     }
 }

src/ServiceManagement/Common/Commands.ScenarioTest/Commands.ScenarioTest.csproj

@@ -220,6 +220,9 @@
     <None Include="Resources\ChefExtension\tstorgnztn-validator.pem">
       <CopyToOutputDirectory>Always</CopyToOutputDirectory>
     </None>
+    <None Include="Resources\ChefExtension\encrypted_data_bag_secret">
+      <CopyToOutputDirectory>Always</CopyToOutputDirectory>
+    </None>
     <None Include="Resources\DiagnosticsExtension\DiagnosticsExtensionTests.ps1">
       <CopyToOutputDirectory>Always</CopyToOutputDirectory>
     </None>
@@ -283,6 +286,9 @@
     <None Include="SessionRecords\Microsoft.WindowsAzure.Commands.ScenarioTest.ChefExtensionTests\TestSetAzureVMChefExtension.json">
       <CopyToOutputDirectory>Always</CopyToOutputDirectory>
     </None>
+    <None Include="SessionRecords\Microsoft.WindowsAzure.Commands.ScenarioTest.ChefExtensionTests\TestSetAzureVMChefExtensionAdvancedOptions.json">
+      <CopyToOutputDirectory>Always</CopyToOutputDirectory>
+    </None>
     <None Include="SessionRecords\Microsoft.WindowsAzure.Commands.ScenarioTest.DscExtensionTests\TestGetAzureVMDscExtension.json">
       <CopyToOutputDirectory>Always</CopyToOutputDirectory>
     </None>