Beispiel #1
0
// cancelDeployment cancels a template deployment.
func (env *azureEnviron) cancelDeployment(name string) error {
	deploymentsClient := resources.DeploymentsClient{env.resources}
	logger.Debugf("- canceling deployment %q", name)
	var cancelResult autorest.Response
	if err := env.callAPI(func() (autorest.Response, error) {
		var err error
		cancelResult, err = deploymentsClient.Cancel(env.resourceGroup, name)
		return cancelResult, err
	}); err != nil {
		if cancelResult.Response != nil {
			switch cancelResult.StatusCode {
			case http.StatusNotFound:
				return errors.NewNotFound(err, fmt.Sprintf("deployment %q not found", name))
			case http.StatusConflict:
				if err, ok := errorutils.ServiceError(err); ok {
					if err.Code == serviceErrorCodeDeploymentCannotBeCancelled {
						// Deployments can only canceled while they're running.
						return nil
					}
				}
			}
		}
		return errors.Annotatef(err, "canceling deployment %q", name)
	}
	return nil
}
Beispiel #2
0
func createRoleAssignment(
	authorizationClient authorization.ManagementClient,
	subscriptionId string,
	servicePrincipalObjectId string,
	newUUID func() (utils.UUID, error),
) error {
	// Find the role definition with the name "Owner".
	roleScope := path.Join("subscriptions", subscriptionId)
	roleDefinitionsClient := authorization.RoleDefinitionsClient{authorizationClient}
	result, err := roleDefinitionsClient.List(roleScope, "roleName eq 'Owner'")
	if err != nil {
		return errors.Annotate(err, "listing role definitions")
	}
	if result.Value == nil || len(*result.Value) == 0 {
		return errors.NotFoundf("Owner role definition")
	}
	roleDefinitionId := (*result.Value)[0].ID

	// The UUID value for the role assignment name is unimportant. Azure
	// will prevent multiple role assignments for the same role definition
	// and principal pair.
	roleAssignmentUUID, err := newUUID()
	if err != nil {
		return errors.Annotate(err, "generating role assignment ID")
	}
	roleAssignmentsClient := authorization.RoleAssignmentsClient{authorizationClient}
	roleAssignmentName := roleAssignmentUUID.String()
	if _, err := roleAssignmentsClient.Create(roleScope, roleAssignmentName, authorization.RoleAssignmentCreateParameters{
		Properties: &authorization.RoleAssignmentProperties{
			RoleDefinitionID: roleDefinitionId,
			PrincipalID:      to.StringPtr(servicePrincipalObjectId),
		},
	}); err != nil {
		if err, ok := errorutils.ServiceError(err); ok {
			const serviceErrorCodeRoleAssignmentExists = "RoleAssignmentExists"
			if err.Code == serviceErrorCodeRoleAssignmentExists {
				return nil
			}
		}
		return errors.Annotate(err, "creating role assignment")
	}
	return nil
}
Beispiel #3
0
func isMultipleObjectsWithSameKeyValueErr(err error) bool {
	if err, ok := errorutils.ServiceError(err); ok {
		return err.Code == "Request_MultipleObjectsWithSameKeyValue"
	}
	return false
}