in cmd/armCmd.go [91:171]
func getMPFARM(cmd *cobra.Command, args []string) {
setLogLevel()
log.Info("Executing MPF for ARM")
log.Debugf("ResourceGroupNamePfx: %s\n", flgResourceGroupNamePfx)
log.Debugf("DeploymentNamePfx: %s\n", flgDeploymentNamePfx)
log.Infof("TemplateFilePath: %s\n", flgTemplateFilePath)
log.Infof("ParametersFilePath: %s\n", flgParametersFilePath)
log.Infof("Location: %s\n", flgLocation)
log.Infof("SubscriptionScoped: %t\n", flgSubscriptionScoped)
// validate if template and parameters files exists
if _, err := os.Stat(flgTemplateFilePath); os.IsNotExist(err) {
log.Fatal("Template File does not exist")
}
flgTemplateFilePath, err := getAbsolutePath(flgTemplateFilePath)
if err != nil {
log.Errorf("Error getting absolute path for ARM template file: %v\n", err)
}
if _, err := os.Stat(flgParametersFilePath); os.IsNotExist(err) {
log.Fatal("Parameters File does not exist")
}
flgParametersFilePath, err := getAbsolutePath(flgParametersFilePath)
if err != nil {
log.Errorf("Error getting absolute path for ARM template parameters file: %v\n", err)
}
ctx := context.Background()
mpfConfig := getRootMPFConfig()
mpfRG := domain.ResourceGroup{}
mpfRG.ResourceGroupName = fmt.Sprintf("%s-%s", flgResourceGroupNamePfx, mpfSharedUtils.GenerateRandomString(7))
mpfRG.ResourceGroupResourceID = fmt.Sprintf("/subscriptions/%s/resourceGroups/%s", flgSubscriptionID, mpfRG.ResourceGroupName)
mpfRG.Location = flgLocation
mpfConfig.ResourceGroup = mpfRG
deploymentName := fmt.Sprintf("%s-%s", flgDeploymentNamePfx, mpfSharedUtils.GenerateRandomString(7))
armConfig := &ARMTemplateShared.ArmTemplateAdditionalConfig{
TemplateFilePath: flgTemplateFilePath,
ParametersFilePath: flgParametersFilePath,
DeploymentName: deploymentName,
SubscriptionScoped: flgSubscriptionScoped,
Location: flgLocation,
}
var rgManager usecase.ResourceGroupManager
var spRoleAssignmentManager usecase.ServicePrincipalRolemAssignmentManager
rgManager = resourceGroupManager.NewResourceGroupManager(flgSubscriptionID)
spRoleAssignmentManager = sproleassignmentmanager.NewSPRoleAssignmentManager(flgSubscriptionID)
var deploymentAuthorizationCheckerCleaner usecase.DeploymentAuthorizationCheckerCleaner
var mpfService *usecase.MPFService
var initialPermissionsToAdd []string
var permissionsToAddToResult []string
deploymentAuthorizationCheckerCleaner = ARMTemplateWhatIf.NewARMTemplateWhatIfAuthorizationChecker(flgSubscriptionID, *armConfig)
initialPermissionsToAdd = []string{"Microsoft.Resources/deployments/*", "Microsoft.Resources/subscriptions/operationresults/read"}
permissionsToAddToResult = []string{"Microsoft.Resources/deployments/read", "Microsoft.Resources/deployments/write"}
mpfService = usecase.NewMPFService(ctx, rgManager, spRoleAssignmentManager, deploymentAuthorizationCheckerCleaner, mpfConfig, initialPermissionsToAdd, permissionsToAddToResult, true, false, true)
log.Infof("Show Detailed Output: %t\n", flgShowDetailedOutput)
log.Infof("JSON Output: %t\n", flgJSONOutput)
log.Infof("Subscription Resource ID: %s\n", mpfConfig.SubscriptionID)
displayOptions := getDislayOptions(flgShowDetailedOutput, flgJSONOutput, mpfConfig.SubscriptionID)
mpfResult, err := mpfService.GetMinimumPermissionsRequired()
if err != nil {
if len(mpfResult.RequiredPermissions) > 0 {
fmt.Println("Error occurred while getting minimum permissions required. However, some permissions were identified prior to the error.")
displayResult(mpfResult, displayOptions)
}
log.Fatal(err)
}
displayResult(mpfResult, displayOptions)
}