Merge pull request #1455 from johannes-engler-mw/feat/azure-private-dns-check

feat(Azure): add new check for private DNS zones

Author: james03160927

modules/azure/client_factory.go

@@ -18,6 +18,7 @@ import (
 
 	"github.com/Azure/azure-sdk-for-go/profiles/latest/frontdoor/mgmt/frontdoor"
 	"github.com/Azure/azure-sdk-for-go/profiles/latest/mysql/mgmt/mysql"
+	"github.com/Azure/azure-sdk-for-go/profiles/latest/privatedns/mgmt/privatedns"
 	"github.com/Azure/azure-sdk-for-go/profiles/latest/resources/mgmt/resources"
 	"github.com/Azure/azure-sdk-for-go/profiles/latest/sql/mgmt/sql"
 	"github.com/Azure/azure-sdk-for-go/profiles/preview/cosmos-db/mgmt/documentdb"
@@ -176,7 +177,7 @@ func CreateKeyVaultManagementClientE(subscriptionID string) (*kvmng.VaultsClient
 		return nil, err
 	}
 
-	//create keyvault management clinet
+	// create keyvault management clinet
 	vaultClient := kvmng.NewVaultsClientWithBaseURI(baseURI, subscriptionID)
 
 	return &vaultClient, nil
@@ -220,7 +221,6 @@ func CreateStorageBlobContainerClientE(subscriptionID string) (*storage.BlobCont
 
 	blobContainerClient := storage.NewBlobContainersClientWithBaseURI(baseURI, subscriptionID)
 	authorizer, err := NewAuthorizer()
-
 	if err != nil {
 		return nil, err
 	}
@@ -243,7 +243,6 @@ func CreateStorageFileSharesClientE(subscriptionID string) (*storage.FileSharesC
 
 	fileShareClient := storage.NewFileSharesClientWithBaseURI(baseURI, subscriptionID)
 	authorizer, err := NewAuthorizer()
-
 	if err != nil {
 		return nil, err
 	}
@@ -693,7 +692,7 @@ func CreateLoadBalancerClientE(subscriptionID string) (*network.LoadBalancersCli
 		return nil, err
 	}
 
-	//create LB client
+	// create LB client
 	client := network.NewLoadBalancersClientWithBaseURI(baseURI, subscriptionID)
 	return &client, nil
 }
@@ -741,7 +740,6 @@ func CreateNewVirtualNetworkClientE(subscriptionID string) (*network.VirtualNetw
 // CreateAppServiceClientE returns an App service client instance configured with the
 // correct BaseURI depending on the Azure environment that is currently setup (or "Public", if none is setup).
 func CreateAppServiceClientE(subscriptionID string) (*web.AppsClient, error) {
-
 	// Validate Azure subscription ID
 	subscriptionID, err := getTargetAzureSubscription(subscriptionID)
 	if err != nil {
@@ -762,7 +760,6 @@ func CreateAppServiceClientE(subscriptionID string) (*web.AppsClient, error) {
 // CreateContainerRegistryClientE returns an ACR client instance configured with the
 // correct BaseURI depending on the Azure environment that is currently setup (or "Public", if none is setup).
 func CreateContainerRegistryClientE(subscriptionID string) (*containerregistry.RegistriesClient, error) {
-
 	// Validate Azure subscription ID
 	subscriptionID, err := getTargetAzureSubscription(subscriptionID)
 	if err != nil {
@@ -927,6 +924,35 @@ func CreateDataFactoriesClientE(subscriptionID string) (*datafactory.FactoriesCl
 	return &dataFactoryClient, nil
 }
 
+// CreatePrivateDnsZonesClientE is a helper function that will setup a private DNS zone client.
+func CreatePrivateDnsZonesClientE(subscriptionID string) (*privatedns.PrivateZonesClient, error) {
+	// Validate Azure subscription ID
+	subID, err := getTargetAzureSubscription(subscriptionID)
+	if err != nil {
+		return nil, err
+	}
+
+	// Lookup environment URI
+	baseURI, err := getBaseURI()
+	if err != nil {
+		return nil, err
+	}
+
+	// Create a private DNS zone client
+	privateZonesClient := privatedns.NewPrivateZonesClientWithBaseURI(baseURI, subID)
+
+	// Create an authorizer
+	authorizer, err := NewAuthorizer()
+	if err != nil {
+		return nil, err
+	}
+
+	// Attach authorizer to the client
+	privateZonesClient.Authorizer = *authorizer
+
+	return &privateZonesClient, nil
+}
+
 func CreateManagedEnvironmentsClientE(subscriptionID string) (*armappcontainers.ManagedEnvironmentsClient, error) {
 	clientFactory, err := getArmAppContainersClientFactory(subscriptionID)
 	if err != nil {

modules/azure/privatednszone.go

@@ -0,0 +1,39 @@
+package azure
+
+import (
+	"context"
+
+	"github.com/Azure/azure-sdk-for-go/profiles/latest/privatedns/mgmt/privatedns"
+)
+
+// PrivateDNSZoneExistsE indicates whether the specified private DNS zone exists.
+func PrivateDNSZoneExistsE(zoneName string, resourceGroupName string, subscriptionID string) (bool, error) {
+	_, err := GetPrivateDNSZoneE(zoneName, resourceGroupName, subscriptionID)
+	if err != nil {
+		if ResourceNotFoundErrorExists(err) {
+			return false, nil
+		}
+		return false, err
+	}
+	return true, nil
+}
+
+// GetPrivateDNSZoneE gets the private DNS zone object
+func GetPrivateDNSZoneE(zoneName string, resGroupName string, subscriptionID string) (*privatedns.PrivateZone, error) {
+	rgName, err := getTargetAzureResourceGroupName(resGroupName)
+	if err != nil {
+		return nil, err
+	}
+
+	client, err := CreatePrivateDnsZonesClientE(subscriptionID)
+	if err != nil {
+		return nil, err
+	}
+
+	zone, err := client.Get(context.Background(), rgName, zoneName)
+	if err != nil {
+		return nil, err
+	}
+
+	return &zone, nil
+}

modules/azure/privatednszone_test.go

@@ -0,0 +1,35 @@
+package azure
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/require"
+)
+
+/*
+The below tests are currently stubbed out, with the expectation that they will throw errors.
+If/when CRUD methods are introduced for Azure Synapse, these tests can be extended
+*/
+func TestPrivateDNSZoneExists(t *testing.T) {
+	t.Parallel()
+
+	zoneName := ""
+	resourceGroupName := ""
+	subscriptionID := ""
+
+	exists, err := PrivateDNSZoneExistsE(zoneName, resourceGroupName, subscriptionID)
+
+	require.False(t, exists)
+	require.Error(t, err)
+}
+
+func TestPrivateDNSZoneExistsE(t *testing.T) {
+	t.Parallel()
+
+	resGroupName := ""
+	subscriptionID := ""
+	zoneName := ""
+
+	_, err := GetPrivateDNSZoneE(subscriptionID, resGroupName, zoneName)
+	require.Error(t, err)
+}