From dfe36be9d2cb49b2d0f63b01bf6f464aa35f33a4 Mon Sep 17 00:00:00 2001 From: Jiri Formacek Date: Fri, 5 Jun 2020 16:33:55 +0200 Subject: [PATCH 1/2] Autodetect RG and Automation account name When running from runbook, no params needed. In such case, runbook just updates modules in own automation account --- LICENSE | 42 ++++---- README.md | 106 ++++++++++---------- Update-AutomationAzureModulesForAccount.ps1 | 41 +++++++- azure-pipelines.yml | 40 ++++---- 4 files changed, 134 insertions(+), 95 deletions(-) diff --git a/LICENSE b/LICENSE index 2107107..4b1ad51 100644 --- a/LICENSE +++ b/LICENSE @@ -1,21 +1,21 @@ - MIT License - - Copyright (c) Microsoft Corporation. All rights reserved. - - Permission is hereby granted, free of charge, to any person obtaining a copy - of this software and associated documentation files (the "Software"), to deal - in the Software without restriction, including without limitation the rights - to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - copies of the Software, and to permit persons to whom the Software is - furnished to do so, subject to the following conditions: - - The above copyright notice and this permission notice shall be included in all - copies or substantial portions of the Software. - - THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE - SOFTWARE + MIT License + + Copyright (c) Microsoft Corporation. All rights reserved. + + Permission is hereby granted, free of charge, to any person obtaining a copy + of this software and associated documentation files (the "Software"), to deal + in the Software without restriction, including without limitation the rights + to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + copies of the Software, and to permit persons to whom the Software is + furnished to do so, subject to the following conditions: + + The above copyright notice and this permission notice shall be included in all + copies or substantial portions of the Software. + + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + SOFTWARE diff --git a/README.md b/README.md index 14534f4..8fea685 100644 --- a/README.md +++ b/README.md @@ -1,52 +1,54 @@ -# Updating Azure PowerShell modules in Azure Automation accounts - -[![Build Status](https://dev.azure.com/AzureAutomation-Account-Modules-Update/AzureAutomation-Account-Modules-Update/_apis/build/status/microsoft.AzureAutomation-Account-Modules-Update?branchName=master)](https://dev.azure.com/AzureAutomation-Account-Modules-Update/AzureAutomation-Account-Modules-Update/_build/latest?definitionId=1&branchName=master) - -## Purpose - -This Azure Automation runbook updates Azure PowerShell modules imported into an Azure Automation -account with the module versions published to the PowerShell Gallery. See -[How to update Azure PowerShell modules in Azure Automation](https://docs.microsoft.com/azure/automation/automation-update-azure-modules) -for more details. - -## Usage - -Import this runbook into your Automation account, and [start](https://docs.microsoft.com/azure/automation/automation-starting-a-runbook) it as a regular Automation runbook. - -## Notes - -* If you import this runbook with the original name (**Update-AutomationAzureModulesForAccount**), - it will override the internal runbook with this name. As a result, the imported runbook will - run when the **Update Azure Modules** button is pushed or when this runbook is invoked directly - via ARM API for this Automation account. If this is not what you want, specify a different name - when importing this runbook. -* **Azure** and **AzureRM.\*** modules are currently supported by default. -* The new [Azure PowerShell Az modules](https://docs.microsoft.com/powershell/azure/new-azureps-module-az) - are also supported. You **must** supply the `AzureModuleClass` runbook parameter with `Az` if - your runbooks use only Az modules to avoid conflicts. More information can be found in the - [Microsoft Docs](https://docs.microsoft.com/azure/automation/az-modules) and - issue [#5](https://github.com/microsoft/AzureAutomation-Account-Modules-Update/issues/5). -* Before starting this runbook, make sure your Automation account has an [Azure Run As account credential](https://docs.microsoft.com/azure/automation/manage-runas-account) created. -* You can use this code as a regular PowerShell script instead of a runbook: just login to Azure - using the [Connect-AzureRmAccount](https://docs.microsoft.com/powershell/module/azurerm.profile/connect-azurermaccount) - command first, then pass `-Login $false` to the script. -* To use this runbook on the sovereign clouds, provide the appropriate value to the `AzureEnvironment` - parameter. Please also make sure you read the - [compatibility notes](https://docs.microsoft.com/azure/automation/automation-update-azure-modules#alternative-ways-to-update-your-modules). -* When facing compatibility issues, you may want to use specific older module versions instead of - the latest available on the PowerShell Gallery. In this case, provide the required versions in - the `ModuleVersionOverrides` parameter. - -## Contributing - -This project welcomes contributions and suggestions. Most contributions require you to agree to a -Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us -the rights to use your contribution. For details, visit https://cla.microsoft.com. - -When you submit a pull request, a CLA-bot will automatically determine whether you need to provide -a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions -provided by the bot. You will only need to do this once across all repos using our CLA. - -This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/). -For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or -contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments. +# Updating Azure PowerShell modules in Azure Automation accounts + +[![Build Status](https://dev.azure.com/AzureAutomation-Account-Modules-Update/AzureAutomation-Account-Modules-Update/_apis/build/status/microsoft.AzureAutomation-Account-Modules-Update?branchName=master)](https://dev.azure.com/AzureAutomation-Account-Modules-Update/AzureAutomation-Account-Modules-Update/_build/latest?definitionId=1&branchName=master) + +## Purpose + +This Azure Automation runbook updates Azure PowerShell modules imported into an Azure Automation +account with the module versions published to the PowerShell Gallery. See +[How to update Azure PowerShell modules in Azure Automation](https://docs.microsoft.com/azure/automation/automation-update-azure-modules) +for more details. + +## Usage + +Import this runbook into your Automation account, and [start](https://docs.microsoft.com/azure/automation/automation-starting-a-runbook) it as a regular Automation runbook. + +## Notes + +* If you import this runbook with the original name (**Update-AutomationAzureModulesForAccount**), + it will override the internal runbook with this name. As a result, the imported runbook will + run when the **Update Azure Modules** button is pushed or when this runbook is invoked directly + via ARM API for this Automation account. If this is not what you want, specify a different name + when importing this runbook. +* When you do not specify ResourceGroupName and AutomationAccountName parameters and run the code as runbook, it automatically detects automation account it's running in, and updates modules just in that automation account + * For this to happen, Lofin parameter must be set to True (default) +* **Azure** and **AzureRM.\*** modules are currently supported by default. +* The new [Azure PowerShell Az modules](https://docs.microsoft.com/powershell/azure/new-azureps-module-az) + are also supported. You **must** supply the `AzureModuleClass` runbook parameter with `Az` if + your runbooks use only Az modules to avoid conflicts. More information can be found in the + [Microsoft Docs](https://docs.microsoft.com/azure/automation/az-modules) and + issue [#5](https://github.com/microsoft/AzureAutomation-Account-Modules-Update/issues/5). +* Before starting this runbook, make sure your Automation account has an [Azure Run As account credential](https://docs.microsoft.com/azure/automation/manage-runas-account) created. +* You can use this code as a regular PowerShell script instead of a runbook: just login to Azure + using the [Connect-AzureRmAccount](https://docs.microsoft.com/powershell/module/azurerm.profile/connect-azurermaccount) + command first, then pass `-Login $false` to the script. +* To use this runbook on the sovereign clouds, provide the appropriate value to the `AzureEnvironment` + parameter. Please also make sure you read the + [compatibility notes](https://docs.microsoft.com/azure/automation/automation-update-azure-modules#alternative-ways-to-update-your-modules). +* When facing compatibility issues, you may want to use specific older module versions instead of + the latest available on the PowerShell Gallery. In this case, provide the required versions in + the `ModuleVersionOverrides` parameter. + +## Contributing + +This project welcomes contributions and suggestions. Most contributions require you to agree to a +Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us +the rights to use your contribution. For details, visit https://cla.microsoft.com. + +When you submit a pull request, a CLA-bot will automatically determine whether you need to provide +a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions +provided by the bot. You will only need to do this once across all repos using our CLA. + +This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/). +For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or +contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments. diff --git a/Update-AutomationAzureModulesForAccount.ps1 b/Update-AutomationAzureModulesForAccount.ps1 index fe93005..7907308 100644 --- a/Update-AutomationAzureModulesForAccount.ps1 +++ b/Update-AutomationAzureModulesForAccount.ps1 @@ -50,10 +50,10 @@ https://docs.microsoft.com/en-us/azure/automation/automation-update-azure-module [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSUseApprovedVerbs", "")] param( - [Parameter(Mandatory = $true)] + [Parameter(Mandatory = $false)] [string] $ResourceGroupName, - [Parameter(Mandatory = $true)] + [Parameter(Mandatory = $false)] [string] $AutomationAccountName, [int] $SimultaneousModuleImportJobCount = 10, @@ -104,6 +104,28 @@ function ConvertJsonDictTo-HashTable($JsonString) { $Result } +#Gets information abou automation account we're running in +Function Get-Self([bool] $AzModuleOnly) +{ + $job = $null + if($AzModuleOnly) { + $accounts = @(Get-AzAutomationAccount -ErrorAction SilentlyContinue) + foreach($acct in $accounts) + { + $job = Get-AzAutomationJob -ResourceGroupName $acct.ResourceGroupName -AutomationAccountName $acct.AutomationAccountName -Id $PSPrivateMetadata.JobId.Guid -ErrorAction SilentlyContinue + if ($null -ne $job) { Break; } + } + } else { + $accounts = @(Get-AzureRmAutomationAccount -ErrorAction SilentlyContinue) + foreach($account in $accounts) + { + $job = Get-AzureRmAutomationJob -ResourceGroupName $acct.ResourceGroupName -AutomationAccountName $acct.AutomationAccountName -Id $PSPrivateMetadata.JobId.Guid -ErrorAction SilentlyContinue + if ($null -ne $job) { Break; } + } + } + $job +} + # Use the Run As connection to login to Azure function Login-AzureAutomation([bool] $AzModuleOnly) { try { @@ -506,6 +528,21 @@ if ($Login) { Login-AzureAutomation $UseAzModule } +if([string]::IsNullOrEmpty($ResourceGroupName) -or [string]::IsNullOrEmpty($AutomationAccountName)) { + if($Login) { + $job = Get-Self -AzModuleOnly $UseAzModule + if ($null -ne $job) { + $ResourceGroupName = $job.ResourceGroupName + $AutomationAccountName = $job.AutomationAccountName + } else { + throw "Unable to automatically get RG and Automation account name" + } + } + else { + throw "You must specify RG name and automation account name when you do no want to login" + } +} + $ModuleImportMapOrder = Create-ModuleImportMapOrder $UseAzModule Import-ModulesInAutomationAccordingToDependency $ModuleImportMapOrder $UseAzModule diff --git a/azure-pipelines.yml b/azure-pipelines.yml index d9202c6..844379c 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -1,21 +1,21 @@ -# Starter pipeline -# Start with a minimal pipeline that you can customize to build and deploy your code. -# Add steps that build, run tests, deploy, and more: -# https://aka.ms/yaml - -trigger: -- master - -pool: - vmImage: 'windows-2019' - -steps: -- task: PowerShell@2 - inputs: - filePath: 'azure-pipelines.ps1' - pwsh: false - -- task: PublishTestResults@2 - inputs: - testResultsFormat: 'NUnit' +# Starter pipeline +# Start with a minimal pipeline that you can customize to build and deploy your code. +# Add steps that build, run tests, deploy, and more: +# https://aka.ms/yaml + +trigger: +- master + +pool: + vmImage: 'windows-2019' + +steps: +- task: PowerShell@2 + inputs: + filePath: 'azure-pipelines.ps1' + pwsh: false + +- task: PublishTestResults@2 + inputs: + testResultsFormat: 'NUnit' testResultsFiles: '**/TEST-*.xml' \ No newline at end of file From b82c6d0cb05861e8efe534c1d5c315ee2ee14757 Mon Sep 17 00:00:00 2001 From: Jiri Formacek Date: Fri, 5 Jun 2020 16:38:31 +0200 Subject: [PATCH 2/2] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 8fea685..0d2fdc2 100644 --- a/README.md +++ b/README.md @@ -21,7 +21,7 @@ Import this runbook into your Automation account, and [start](https://docs.micro via ARM API for this Automation account. If this is not what you want, specify a different name when importing this runbook. * When you do not specify ResourceGroupName and AutomationAccountName parameters and run the code as runbook, it automatically detects automation account it's running in, and updates modules just in that automation account - * For this to happen, Lofin parameter must be set to True (default) + * For this to happen, Login parameter must be set to True (default) * **Azure** and **AzureRM.\*** modules are currently supported by default. * The new [Azure PowerShell Az modules](https://docs.microsoft.com/powershell/azure/new-azureps-module-az) are also supported. You **must** supply the `AzureModuleClass` runbook parameter with `Az` if