[datamigration]: Add support for blob to Sql MI identity migrations (Azure#8748)

* feat(datamigration): add support for managed identity auth in Blob to SqlMi migrations

* docs(datamigration): update package versioning

* fix(datamigration): fix azdev style issues

* fix(datamigration): make os checking more robust

* fix(datamigration): add pylint exceptions to fix az styledev

* docs(datamigration): add examples

---------

Co-authored-by: gansach <gasachdeva@microsoft.com>

Author: 2 people

src/datamigration/HISTORY.rst

@@ -3,6 +3,11 @@
 Release History
 ===============
 
+=======
+1.0.0b5
+++++++
+* [PARAMETER UPDATE] `az datamigration sql-managed-instance create`: `--source-location` now supports Managed Identity for accessing Azure Blob.
+
 =======
 1.0.0b4
 ++++++

src/datamigration/azext_datamigration/generated/_help.py

@@ -194,6 +194,28 @@
 ceGroups/testrg/providers/Microsoft.Sql/managedInstances/instance" --source-database-name "aaa" \
 --source-sql-connection authentication="WindowsAuthentication" data-source="aaa" encrypt-connection=true \
 password="placeholder" trust-server-certificate=true user-name="bbb" --resource-group "testrg" --target-db-name "db1"
+      - name: Create or update a Database Migration resource using Azure Blob storage (via System-Assigned Managed Identity) as the backup source.
+        text: |-
+               az datamigration sql-managed-instance create --managed-instance-name "managedInstance1" \
+--source-location '{\\"AzureBlob\\":{\\"storageAccountResourceId\\":\\"/subscriptions/1111-2222-3333-4444/resourceGroups/RG/prooviders\
+/Microsoft.Storage/storageAccounts/MyStorage\\",\\"authType\\":\\"ManagedIdentity\\",\\"identity\\":{\\"type\\":\\"SystemAssigned\\"},\\"blobContainerName\\":\\"ContainerName\
+-X\\"}}' --migration-service "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/testrg/providers/Micr\
+osoft.DataMigration/sqlMigrationServices/testagent" --offline-configuration last-backup-name="last_backup_file_name" \
+offline=true --scope "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/testrg/providers/Microsoft.Sql\
+/managedInstances/instance" --source-database-name "aaa" --source-sql-connection authentication="WindowsAuthentication"\
+ data-source="aaa" encrypt-connection=true password="placeholder" trust-server-certificate=true user-name="bbb" \
+--resource-group "testrg" --target-db-name "db1"
+      - name: Create or update a Database Migration resource using Azure Blob storage (via User-Assigned Managed Identity) as the backup source.
+        text: |-
+               az datamigration sql-managed-instance create --managed-instance-name "managedInstance1" \
+--source-location '{\\"AzureBlob\\":{\\"storageAccountResourceId\\":\\"/subscriptions/1111-2222-3333-4444/resourceGroups/RG/prooviders\
+/Microsoft.Storage/storageAccounts/MyStorage\\",\\"authType\\":\\"ManagedIdentity\\",\\"identity\\":{\\"type\\":\\"UserAssigned\\",\\"userAssignedIdentities\\":{\\"/subscriptions/00000000-1111-2222-3333-444444444444/resourcegroups/testrg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/test-uami\":{}}},\\"blobContainerName\\":\\"ContainerName\
+-X\\"}}' --migration-service "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/testrg/providers/Micr\
+osoft.DataMigration/sqlMigrationServices/testagent" --offline-configuration last-backup-name="last_backup_file_name" \
+offline=true --scope "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/testrg/providers/Microsoft.Sql\
+/managedInstances/instance" --source-database-name "aaa" --source-sql-connection authentication="WindowsAuthentication"\
+ data-source="aaa" encrypt-connection=true password="placeholder" trust-server-certificate=true user-name="bbb" \
+--resource-group "testrg" --target-db-name "db1"
 """
 
 helps['datamigration sql-managed-instance cancel'] = """

src/datamigration/azext_datamigration/manual/_help.py

@@ -163,6 +163,28 @@
 -X\\"}}' --migration-service "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/testrg/providers/Micr\
 osoft.DataMigration/sqlMigrationServices/testagent" --offline-configuration last-backup-name="last_backup_file_name" \
 offline=true --scope "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/testrg/providers/Microsoft.Sql\
+/managedInstances/instance" --source-database-name "aaa" --source-sql-connection authentication="WindowsAuthentication"\
+ data-source="aaa" encrypt-connection=true password="placeholder" trust-server-certificate=true user-name="bbb" \
+--resource-group "testrg" --target-db-name "db1"
+      - name: Create or update a Database Migration resource using Azure Blob storage (via System-Assigned Managed Identity) as the backup source.
+        text: |-
+               az datamigration sql-managed-instance create --managed-instance-name "managedInstance1" \
+--source-location '{\\"AzureBlob\\":{\\"storageAccountResourceId\\":\\"/subscriptions/1111-2222-3333-4444/resourceGroups/RG/prooviders\
+/Microsoft.Storage/storageAccounts/MyStorage\\",\\"authType\\":\\"ManagedIdentity\\",\\"identity\\":{\\"type\\":\\"SystemAssigned\\"},\\"blobContainerName\\":\\"ContainerName\
+-X\\"}}' --migration-service "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/testrg/providers/Micr\
+osoft.DataMigration/sqlMigrationServices/testagent" --offline-configuration last-backup-name="last_backup_file_name" \
+offline=true --scope "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/testrg/providers/Microsoft.Sql\
+/managedInstances/instance" --source-database-name "aaa" --source-sql-connection authentication="WindowsAuthentication"\
+ data-source="aaa" encrypt-connection=true password="placeholder" trust-server-certificate=true user-name="bbb" \
+--resource-group "testrg" --target-db-name "db1"
+      - name: Create or update a Database Migration resource using Azure Blob storage (via User-Assigned Managed Identity) as the backup source.
+        text: |-
+               az datamigration sql-managed-instance create --managed-instance-name "managedInstance1" \
+--source-location '{\\"AzureBlob\\":{\\"storageAccountResourceId\\":\\"/subscriptions/1111-2222-3333-4444/resourceGroups/RG/prooviders\
+/Microsoft.Storage/storageAccounts/MyStorage\\",\\"authType\\":\\"ManagedIdentity\\",\\"identity\\":{\\"type\\":\\"UserAssigned\\",\\"userAssignedIdentities\\":{\\"/subscriptions/00000000-1111-2222-3333-444444444444/resourcegroups/testrg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/test-uami\":{}}},\\"blobContainerName\\":\\"ContainerName\
+-X\\"}}' --migration-service "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/testrg/providers/Micr\
+osoft.DataMigration/sqlMigrationServices/testagent" --offline-configuration last-backup-name="last_backup_file_name" \
+offline=true --scope "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/testrg/providers/Microsoft.Sql\
 /managedInstances/instance" --source-database-name "aaa" --source-sql-connection authentication="WindowsAuthentication"\
  data-source="aaa" encrypt-connection=true password="placeholder" trust-server-certificate=true user-name="bbb" \
 --resource-group "testrg" --target-db-name "db1"

src/datamigration/azext_datamigration/manual/helper.py

@@ -70,7 +70,7 @@ def is_valid_guid(guid):
 def is_base64(s):
     try:
         return base64.b64encode(base64.b64decode(s)).decode() == s
-    except Exception:
+    except Exception:  # pylint: disable=broad-except
         return False
 
 
@@ -372,7 +372,7 @@ def get_latest_nuget_org_version(package_id):
     service_index_response = None
     try:
         service_index_response = requests.get("https://api.nuget.org/v3/index.json")
-    except Exception:
+    except Exception:  # pylint: disable=broad-except
         print("Unable to connect to NuGet.org to check for updates.")
 
     if (service_index_response is None or
@@ -530,7 +530,7 @@ def is_valid_ir_key_format(key):
         if not is_valid_guid(key_parts[1]) or not is_base64(key_parts[-1]):
             return False
         return True
-    except Exception:
+    except Exception:  # pylint: disable=broad-except
         return False
 
 
@@ -539,7 +539,7 @@ def is_valid_ir_key_format(key):
 # -----------------------------------------------------------------------------------------------------------------
 def check_whether_gateway_installed(name):
 
-    import winreg
+    import winreg  # pylint: disable=import-error
     # Connecting to key in registry
     accessRegistry = winreg.ConnectRegistry(None, winreg.HKEY_LOCAL_MACHINE)
 
@@ -626,7 +626,7 @@ def register_ir(key, installed_ir_path=None):
 # -----------------------------------------------------------------------------------------------------------------
 def get_cmd_file_path():
 
-    import winreg
+    import winreg  # pylint: disable=import-error
     try:
         # Connecting to key in registry
         accessRegistry = winreg.ConnectRegistry(None, winreg.HKEY_LOCAL_MACHINE)

src/datamigration/azext_datamigration/vendored_sdks/datamigration/models/_models.py

@@ -193,12 +193,18 @@ class AzureBlob(msrest.serialization.Model):
     :type account_key: str
     :param blob_container_name: Blob container name where backups are stored.
     :type blob_container_name: str
+    :param auth_type: Authentication type for accessing Azure Blob.
+    :type auth_type: str
+    :param identity: Identity details for authentication.
+    :type identity: object
     """
 
     _attribute_map = {
         'storage_account_resource_id': {'key': 'storageAccountResourceId', 'type': 'str'},
         'account_key': {'key': 'accountKey', 'type': 'str'},
         'blob_container_name': {'key': 'blobContainerName', 'type': 'str'},
+        'auth_type': {'key': 'authType', 'type': 'str'},
+        'identity': {'key': 'identity', 'type': 'object'},
     }
 
     def __init__(
@@ -209,6 +215,8 @@ def __init__(
         self.storage_account_resource_id = kwargs.get('storage_account_resource_id', None)
         self.account_key = kwargs.get('account_key', None)
         self.blob_container_name = kwargs.get('blob_container_name', None)
+        self.auth_type = kwargs.get('auth_type', None)
+        self.identity = kwargs.get('identity', None)
 
 
 class BackupConfiguration(msrest.serialization.Model):

src/datamigration/azext_datamigration/vendored_sdks/datamigration/models/_models_py3.py

@@ -222,12 +222,18 @@ class AzureBlob(msrest.serialization.Model):
     :type account_key: str
     :param blob_container_name: Blob container name where backups are stored.
     :type blob_container_name: str
+    :param auth_type: Authentication type for accessing Azure Blob.
+    :type auth_type: str
+    :param identity: Identity details for authentication.
+    :type identity: object
     """
 
     _attribute_map = {
         'storage_account_resource_id': {'key': 'storageAccountResourceId', 'type': 'str'},
         'account_key': {'key': 'accountKey', 'type': 'str'},
         'blob_container_name': {'key': 'blobContainerName', 'type': 'str'},
+        'auth_type': {'key': 'authType', 'type': 'str'},
+        'identity': {'key': 'identity', 'type': 'object'},
     }
 
     def __init__(
@@ -236,12 +242,16 @@ def __init__(
         storage_account_resource_id: Optional[str] = None,
         account_key: Optional[str] = None,
         blob_container_name: Optional[str] = None,
+        auth_type: Optional[str] = None,
+        identity: Optional[Dict[str, Dict[str, dict]]] = None,
         **kwargs
     ):
         super(AzureBlob, self).__init__(**kwargs)
         self.storage_account_resource_id = storage_account_resource_id
         self.account_key = account_key
         self.blob_container_name = blob_container_name
+        self.auth_type = auth_type
+        self.identity = identity
 
 
 class BackupConfiguration(msrest.serialization.Model):

src/datamigration/setup.py

@@ -10,7 +10,7 @@
 from setuptools import setup, find_packages
 
 # HISTORY.rst entry.
-VERSION = '1.0.0b4'
+VERSION = '1.0.0b5'
 
 # The full list of classifiers is available at
 # https://pypi.python.org/pypi?%3Aaction=list_classifiers