tjh.dev
1From c12adfdefd8a091e1fa870305a3cc61de6426914 Mon Sep 17 00:00:00 2001
2From: Paul Meyer <49727155+katexochen@users.noreply.github.com>
3Date: Thu, 14 Dec 2023 21:16:20 +0100
4Subject: [PATCH] optional immutable configuration dir
5
6Adding the possibility to configure an immutable configuration dir via
7env variable `AZURE_IMMUTABLE_DIR`. This path is used for the files
8that configure the dynamic behavior of the CLI code.
9An immutable session is used for these files to ensure we don't try to
10write to them.
11
12Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
13---
14 azure/cli/core/__init__.py | 5 +++--
15 azure/cli/core/_session.py | 19 ++++++++++++++++---
16 .../cli/core/extension/dynamic_install.py | 3 ++-
17 3 files changed, 21 insertions(+), 6 deletions(-)
18
19diff --git a/azure/cli/core/__init__.py b/azure/cli/core/__init__.py
20index d112633ec..20b6d045b 100644
21--- a/azure/cli/core/__init__.py
22+++ b/azure/cli/core/__init__.py
23@@ -75,12 +75,13 @@ class AzCli(CLI):
24 self.data['query_active'] = False
25
26 azure_folder = self.config.config_dir
27+ azure_immutable_folder = os.environ.get('AZURE_IMMUTABLE_DIR', azure_folder)
28 ensure_dir(azure_folder)
29 ACCOUNT.load(os.path.join(azure_folder, 'azureProfile.json'))
30 CONFIG.load(os.path.join(azure_folder, 'az.json'))
31 SESSION.load(os.path.join(azure_folder, 'az.sess'), max_age=3600)
32- INDEX.load(os.path.join(azure_folder, 'commandIndex.json'))
33- VERSIONS.load(os.path.join(azure_folder, 'versionCheck.json'))
34+ INDEX.load(os.path.join(azure_immutable_folder, 'commandIndex.json'))
35+ VERSIONS.load(os.path.join(azure_immutable_folder, 'versionCheck.json'))
36 handle_version_update()
37
38 self.cloud = get_active_cloud(self)
39diff --git a/azure/cli/core/_session.py b/azure/cli/core/_session.py
40index 471a0344c..acaef6fb8 100644
41--- a/azure/cli/core/_session.py
42+++ b/azure/cli/core/_session.py
43@@ -85,6 +85,19 @@ class Session(MutableMapping):
44 return len(self.data)
45
46
47+class ImmutableSession(Session):
48+ """
49+ A session that is backed by an immutable JSON file. This session is read-only.
50+ """
51+ def save(self):
52+ if os.getenv('AZURE_IMMUTABLE_DIR'):
53+ get_logger(__name__).log(logging.DEBUG,
54+ "Skipping update of file %s due to immutable directory.",
55+ self.filename)
56+ return
57+ super().save()
58+
59+
60 # ACCOUNT contains subscriptions information
61 ACCOUNT = Session()
62
63@@ -95,16 +108,16 @@ CONFIG = Session()
64 SESSION = Session()
65
66 # INDEX contains {top-level command: [command_modules and extensions]} mapping index
67-INDEX = Session()
68+INDEX = ImmutableSession()
69
70 # VERSIONS provides local versions and pypi versions.
71 # DO NOT USE it to get the current version of azure-cli,
72 # it could be lagged behind and can be used to check whether
73 # an upgrade of azure-cli happens
74-VERSIONS = Session()
75+VERSIONS = ImmutableSession()
76
77 # EXT_CMD_TREE provides command to extension name mapping
78-EXT_CMD_TREE = Session()
79+EXT_CMD_TREE = ImmutableSession()
80
81 # CLOUD_ENDPOINTS provides endpoints/suffixes of clouds
82 CLOUD_ENDPOINTS = Session()
83diff --git a/azure/cli/core/extension/dynamic_install.py b/azure/cli/core/extension/dynamic_install.py
84index cb03980a0..29279be2b 100644
85--- a/azure/cli/core/extension/dynamic_install.py
86+++ b/azure/cli/core/extension/dynamic_install.py
87@@ -17,7 +17,8 @@ def _get_extension_command_tree(cli_ctx):
88 VALID_SECOND = 3600 * 24 * 10
89 if not cli_ctx:
90 return None
91- EXT_CMD_TREE.load(os.path.join(cli_ctx.config.config_dir, 'extensionCommandTree.json'), VALID_SECOND)
92+ azure_immutable_folder = os.environ.get('AZURE_IMMUTABLE_DIR', cli_ctx.config.config_dir)
93+ EXT_CMD_TREE.load(os.path.join(azure_immutable_folder, 'extensionCommandTree.json'), VALID_SECOND)
94 if not EXT_CMD_TREE.data:
95 import posixpath
96 import requests
97--
982.42.0