Migrate Gallery.CredentialExpiration to JsonConfig (#517)

Author: Christy Henriksson

src/ArchivePackages/ArchivePackages.Job.cs

@@ -11,6 +11,7 @@
 using Dapper;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.Options;
 using Microsoft.WindowsAzure.Storage;
 using Microsoft.WindowsAzure.Storage.Blob;
 using Newtonsoft.Json.Linq;
@@ -76,7 +77,7 @@ public override void Init(IServiceContainer serviceContainer, IDictionary<string
         {
             base.Init(serviceContainer, jobArgsDictionary);
 
-            Configuration = _serviceProvider.GetRequiredService<InitializationConfiguration>();
+            Configuration = _serviceProvider.GetRequiredService<IOptionsSnapshot<InitializationConfiguration>>().Value;
 
             GalleryDatabase = GetDatabaseRegistration<GalleryDbConfiguration>();
 

src/Gallery.CredentialExpiration/Configuration/InitializationConfiguration.cs

@@ -0,0 +1,26 @@
+// Copyright (c) .NET Foundation. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
+
+namespace Gallery.CredentialExpiration
+{
+    public class InitializationConfiguration
+    {
+        public int AllowEmailResendAfterDays { get; set; }
+
+        public string ContainerName { get; set; }
+
+        public string DataStorageAccount { get; set; }
+
+        public string GalleryAccountUrl { get; set; }
+
+        public string GalleryBrand { get; set; }
+
+        public string MailFrom { get; set; }
+
+        public string SmtpUri { get; set; }
+
+        public int WarnDaysBeforeExpiration { get; set; }
+
+        public bool WhatIf { get; set; }
+    }
+}

src/Gallery.CredentialExpiration/Gallery.CredentialExpiration.csproj

@@ -41,6 +41,7 @@
     <Reference Include="System.Data" />
   </ItemGroup>
   <ItemGroup>
+    <Compile Include="Configuration\InitializationConfiguration.cs" />
     <Compile Include="GalleryCredentialExpiration.cs" />
     <Compile Include="ICredentialExpirationExporter.cs" />
     <Compile Include="JobRunTimeCursor.cs" />
@@ -65,6 +66,9 @@
       <SubType>Designer</SubType>
     </None>
     <None Include="Scripts\*" />
+    <None Include="Settings\dev.json" />
+    <None Include="Settings\int.json" />
+    <None Include="Settings\prod.json" />
   </ItemGroup>
   <ItemGroup>
     <ProjectReference Include="..\NuGet.Jobs.Common\NuGet.Jobs.Common.csproj">
@@ -92,9 +96,6 @@
     <PackageReference Include="Newtonsoft.Json">
       <Version>9.0.1</Version>
     </PackageReference>
-    <PackageReference Include="NuGet.Services.Sql">
-      <Version>2.27.0</Version>
-    </PackageReference>
     <PackageReference Include="NuGet.Services.Storage">
       <Version>2.1.3</Version>
     </PackageReference>

src/Gallery.CredentialExpiration/Gallery.CredentialExpiration.nuspec

@@ -18,5 +18,7 @@
     <file src="Scripts\PreDeploy.ps1" />
     <file src="Scripts\PostDeploy.ps1" />
     <file src="Scripts\nssm.exe" />
+
+    <file src="Settings\*.json" target="bin" />
   </files>
 </package>

src/Gallery.CredentialExpiration/GalleryCredentialExpiration.cs

@@ -6,20 +6,20 @@
 using System.Data.SqlClient;
 using System.Linq;
 using System.Threading.Tasks;
-using NuGet.Services.Sql;
 using Gallery.CredentialExpiration.Models;
+using NuGet.Jobs.Configuration;
 
 namespace Gallery.CredentialExpiration
 {
     public class GalleryCredentialExpiration : ICredentialExpirationExporter
     {
+        private readonly Job _job;
         private readonly CredentialExpirationJobMetadata _jobMetadata;
-        private readonly ISqlConnectionFactory _galleryDatabase;
 
-        public GalleryCredentialExpiration(CredentialExpirationJobMetadata jobMetadata, ISqlConnectionFactory galleryDatabase)
+        public GalleryCredentialExpiration(Job job, CredentialExpirationJobMetadata jobMetadata)
         {
+            _job = job;
             _jobMetadata = jobMetadata;
-            _galleryDatabase = galleryDatabase;
         }
 
         /// <summary>
@@ -51,7 +51,7 @@ public async Task<List<ExpiredCredentialData>> GetCredentialsAsync(TimeSpan time
             var minNotificationDate = ConvertToString(GetMinNotificationDate());
 
             // Connect to database
-            using (var galleryConnection = await _galleryDatabase.CreateAsync())
+            using (var galleryConnection = await _job.OpenSqlConnectionAsync<GalleryDbConfiguration>())
             {
                 // Fetch credentials that expire in _warnDaysBeforeExpiration days 
                 // + the user's e-mail address
@@ -84,7 +84,10 @@ public List<ExpiredCredentialData> GetExpiringCredentials(List<ExpiredCredential
         {
             // Send email to the accounts that will have credentials expiring in the next _warnDaysBeforeExpiration days and did not have any warning email sent yet.
             // Avoid cases when the cursor is out of date and MaxProcessedCredentialsTime < JobRuntime
-            var sendEmailsDateLeftBoundary = (_jobMetadata.JobCursor.MaxProcessedCredentialsTime > _jobMetadata.JobRunTime) ? _jobMetadata.JobCursor.MaxProcessedCredentialsTime : _jobMetadata.JobRunTime;
+            var sendEmailsDateLeftBoundary = (_jobMetadata.JobCursor.MaxProcessedCredentialsTime > _jobMetadata.JobRunTime)
+                ? _jobMetadata.JobCursor.MaxProcessedCredentialsTime
+                : _jobMetadata.JobRunTime;
+
             return credentialSet.Where( x => x.Expires > sendEmailsDateLeftBoundary).ToList();
         }
 

src/Gallery.CredentialExpiration/Job.cs

@@ -2,94 +2,75 @@
 // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
 
 using System;
-using System.Collections.Concurrent;
 using System.Collections.Generic;
 using System.ComponentModel.Design;
-using System.Data.SqlClient;
 using System.Linq;
 using System.Net;
 using System.Net.Mail;
 using System.Threading;
 using System.Threading.Tasks;
+using Autofac;
 using Gallery.CredentialExpiration.Models;
+using Microsoft.Extensions.Configuration;
+using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
 using Microsoft.WindowsAzure.Storage;
 using Newtonsoft.Json;
-using Newtonsoft.Json.Linq;
 using NuGet.Jobs;
-using NuGet.Services.KeyVault;
-using NuGet.Services.Sql;
 using NuGet.Services.Storage;
 
 namespace Gallery.CredentialExpiration
 {
-    public class Job : JobBase
+    public class Job : JsonConfigurationJob
     {
         private readonly TimeSpan _defaultCommandTimeout = TimeSpan.FromMinutes(30);
 
         private readonly string _cursorFile = "cursorv2.json";
 
-        private bool _whatIf = false;
+        private InitializationConfiguration Configuration { get; set; }
 
-        private string _galleryBrand;
-        private string _galleryAccountUrl;
+        private Storage Storage { get; set; }
 
-        private ISqlConnectionFactory _galleryDatabase;
-
-        private string _mailFrom;
-        private SmtpClient _smtpClient;
-
-        private int _warnDaysBeforeExpiration = 10;
-
-        private Storage _storage;
+        private SmtpClient SmtpClient { get; set; }
 
         public override void Init(IServiceContainer serviceContainer, IDictionary<string, string> jobArgsDictionary)
         {
-            _whatIf = JobConfigurationManager.TryGetBoolArgument(jobArgsDictionary, JobArgumentNames.WhatIf);
-
-            var secretInjector = (ISecretInjector)serviceContainer.GetService(typeof(ISecretInjector));
-            var databaseConnectionString = JobConfigurationManager.GetArgument(jobArgsDictionary, JobArgumentNames.GalleryDatabase);
-            _galleryDatabase = new AzureSqlConnectionFactory(databaseConnectionString, secretInjector);
-
-            _galleryBrand = JobConfigurationManager.GetArgument(jobArgsDictionary, MyJobArgumentNames.GalleryBrand);
-            _galleryAccountUrl = JobConfigurationManager.GetArgument(jobArgsDictionary, MyJobArgumentNames.GalleryAccountUrl);
+            base.Init(serviceContainer, jobArgsDictionary);
 
-            _mailFrom = JobConfigurationManager.GetArgument(jobArgsDictionary, JobArgumentNames.MailFrom);
+            Configuration = _serviceProvider.GetRequiredService<IOptionsSnapshot<InitializationConfiguration>>().Value;
 
-            var smtpConnectionString = JobConfigurationManager.GetArgument(jobArgsDictionary, JobArgumentNames.SmtpUri);
-            var smtpUri = new SmtpUri(new Uri(smtpConnectionString));
-            _smtpClient = CreateSmtpClient(smtpUri);
-
-            _warnDaysBeforeExpiration = JobConfigurationManager.TryGetIntArgument(jobArgsDictionary, MyJobArgumentNames.WarnDaysBeforeExpiration)
-                ?? _warnDaysBeforeExpiration;
-
-            var storageConnectionString = JobConfigurationManager.GetArgument(jobArgsDictionary, JobArgumentNames.DataStorageAccount);
-            var storageContainerName = JobConfigurationManager.GetArgument(jobArgsDictionary, JobArgumentNames.ContainerName);
-
-            var storageAccount = CloudStorageAccount.Parse(storageConnectionString);
-            var storageFactory = new AzureStorageFactory(storageAccount, storageContainerName, LoggerFactory);
-            _storage = storageFactory.Create();
+            SmtpClient = CreateSmtpClient(Configuration.SmtpUri);
+            
+            var storageAccount = CloudStorageAccount.Parse(Configuration.DataStorageAccount);
+            var storageFactory = new AzureStorageFactory(storageAccount, Configuration.ContainerName, LoggerFactory);
+            Storage = storageFactory.Create();
         }
 
         public override async Task Run()
         {
             var jobRunTime = DateTimeOffset.UtcNow;
             // Default values
             var jobCursor = new JobRunTimeCursor( jobCursorTime: jobRunTime, maxProcessedCredentialsTime: jobRunTime );
-            var galleryCredentialExpiration = new GalleryCredentialExpiration(new CredentialExpirationJobMetadata(jobRunTime, _warnDaysBeforeExpiration, jobCursor), _galleryDatabase);
+            var galleryCredentialExpiration = new GalleryCredentialExpiration(this,
+                new CredentialExpirationJobMetadata(jobRunTime, Configuration.WarnDaysBeforeExpiration, jobCursor));
 
             try
             {
                 List<ExpiredCredentialData> credentialsInRange = null;
 
                 // Get the most recent date for the emails being sent 
-                if (_storage.Exists(_cursorFile))
+                if (Storage.Exists(_cursorFile))
                 {
-                    string content = await _storage.LoadString(_storage.ResolveUri(_cursorFile), CancellationToken.None);
+                    string content = await Storage.LoadString(Storage.ResolveUri(_cursorFile), CancellationToken.None);
                     // Load from cursor
                     // Throw if the schema is not correct to ensure that not-intended emails are sent.
-                    jobCursor = JsonConvert.DeserializeObject<JobRunTimeCursor>(content, new JsonSerializerSettings() { MissingMemberHandling = MissingMemberHandling.Error });
-                    galleryCredentialExpiration = new GalleryCredentialExpiration(new CredentialExpirationJobMetadata(jobRunTime, _warnDaysBeforeExpiration, jobCursor), _galleryDatabase);
+                    jobCursor = JsonConvert.DeserializeObject<JobRunTimeCursor>(
+                        content,
+                        new JsonSerializerSettings() { MissingMemberHandling = MissingMemberHandling.Error });
+
+                    galleryCredentialExpiration = new GalleryCredentialExpiration(this,
+                        new CredentialExpirationJobMetadata(jobRunTime, Configuration.WarnDaysBeforeExpiration, jobCursor));
                 }
 
                 // Connect to database
@@ -126,10 +107,13 @@ public override async Task Run()
             }
             finally
             {
-                JobRunTimeCursor newCursor = new JobRunTimeCursor( jobCursorTime: jobRunTime, maxProcessedCredentialsTime: galleryCredentialExpiration.GetMaxNotificationDate());
+                JobRunTimeCursor newCursor = new JobRunTimeCursor(
+                    jobCursorTime: jobRunTime,
+                    maxProcessedCredentialsTime: galleryCredentialExpiration.GetMaxNotificationDate());
+
                 string json = JsonConvert.SerializeObject(newCursor);
                 var content = new StringStorageContent(json, "application/json");
-                await _storage.Save(_storage.ResolveUri(_cursorFile), content, CancellationToken.None);
+                await Storage.Save(Storage.ResolveUri(_cursorFile), content, CancellationToken.None);
             }
         }
 
@@ -146,7 +130,7 @@ private async Task HandleExpiredCredentialEmail(string username, List<ExpiredCre
 
             // Build message
             var userEmail = credentialList.FirstOrDefault().EmailAddress;
-            var mailMessage = new MailMessage(_mailFrom, userEmail);
+            var mailMessage = new MailMessage(Configuration.MailFrom, userEmail);
 
             var apiKeyExpiryMessageList = credentialList
                 .Select(x => BuildApiKeyExpiryMessage(x.Description, x.Expires, jobRunTime))
@@ -156,21 +140,21 @@ private async Task HandleExpiredCredentialEmail(string username, List<ExpiredCre
             // Build email body
             if (expired)
             {
-                mailMessage.Subject = string.Format(Strings.ExpiredEmailSubject, _galleryBrand);
-                mailMessage.Body = string.Format(Strings.ExpiredEmailBody, username, _galleryBrand, apiKeyExpiryMessage, _galleryAccountUrl);
+                mailMessage.Subject = string.Format(Strings.ExpiredEmailSubject, Configuration.GalleryBrand);
+                mailMessage.Body = string.Format(Strings.ExpiredEmailBody, username, Configuration.GalleryBrand, apiKeyExpiryMessage, Configuration.GalleryAccountUrl);
             }
             else
             {
-                mailMessage.Subject = string.Format(Strings.ExpiringEmailSubject, _galleryBrand);
-                mailMessage.Body = string.Format(Strings.ExpiringEmailBody, username, _galleryBrand, apiKeyExpiryMessage, _galleryAccountUrl);
+                mailMessage.Subject = string.Format(Strings.ExpiringEmailSubject, Configuration.GalleryBrand);
+                mailMessage.Body = string.Format(Strings.ExpiringEmailBody, username, Configuration.GalleryBrand, apiKeyExpiryMessage, Configuration.GalleryAccountUrl);
             }
 
             // Send email
             try
             {
-                if (!_whatIf) // if WhatIf is passed, we will not send e-mails (e.g. dev/int don't have to annoy users)
+                if (!Configuration.WhatIf) // if WhatIf is passed, we will not send e-mails (e.g. dev/int don't have to annoy users)
                 {
-                    await _smtpClient.SendMailAsync(mailMessage);
+                    await SmtpClient.SendMailAsync(mailMessage);
                 }
 
                 Logger.LogInformation("Handled {Expired} credential .",
@@ -200,9 +184,10 @@ private static string BuildApiKeyExpiryMessage(string description, DateTimeOffse
             // \u2022 - Unicode for bullet point.
             return "\u2022 " + message + Environment.NewLine;
         }
-
-        private SmtpClient CreateSmtpClient(SmtpUri smtpUri)
+        
+        private SmtpClient CreateSmtpClient(string smtpUriString)
         {
+            var smtpUri = new SmtpUri(new Uri(smtpUriString));
             var smtpClient = new SmtpClient(smtpUri.Host, smtpUri.Port)
             {
                 EnableSsl = smtpUri.Secure
@@ -218,5 +203,14 @@ private SmtpClient CreateSmtpClient(SmtpUri smtpUri)
 
             return smtpClient;
         }
+
+        protected override void ConfigureAutofacServices(ContainerBuilder containerBuilder)
+        {
+        }
+
+        protected override void ConfigureJobServices(IServiceCollection services, IConfigurationRoot configurationRoot)
+        {
+            ConfigureInitializationSection<InitializationConfiguration>(services, configurationRoot);
+        }
     }
 }

src/Gallery.CredentialExpiration/Scripts/Gallery.CredentialExpiration.cmd

@@ -9,7 +9,7 @@ cd bin
 
 	REM SmtpUri is expected to be of the format: smtps://username:password@host:port. Note that if username contains an "@", you need to URI encode it!
 
-	start /w gallery.credentialexpiration.exe -VaultName "#{Deployment.Azure.KeyVault.VaultName}" -ClientId "#{Deployment.Azure.KeyVault.ClientId}" -CertificateThumbprint "#{Deployment.Azure.KeyVault.CertificateThumbprint}"  -WhatIf #{Jobs.gallery.credentialexpiration.WhatIf} -WarnDaysBeforeExpiration #{Jobs.gallery.credentialexpiration.WarnDaysBeforeExpiration} -MailFrom "#{Jobs.gallery.credentialexpiration.MailFrom}" -GalleryBrand "#{Jobs.gallery.credentialexpiration.GalleryBrand}" -GalleryAccountUrl "#{Jobs.gallery.credentialexpiration.GalleryAccountUrl}" -SmtpUri "#{Jobs.gallery.credentialexpiration.SmtpUri}" -GalleryDatabase "#{Jobs.gallery.credentialexpiration.GalleryDatabase}" -InstrumentationKey "#{Jobs.gallery.credentialexpiration.InstrumentationKey}" -verbose true -Interval #{Jobs.gallery.credentialexpiration.Interval} -DataStorageAccount "#{Jobs.gallery.credentialexpiration.Storage.Primary}" -ContainerName "#{Jobs.gallery.credentialexpiration.ContainerName}"
+	start /w gallery.credentialexpiration.exe -Configuration "#{Jobs.gallery.credentialexpiration.Configuration}" -InstrumentationKey "#{Jobs.gallery.credentialexpiration.InstrumentationKey}" -verbose true -Interval #{Jobs.gallery.credentialexpiration.Interval}
 
 	echo "Finished #{Jobs.gallery.credentialexpiration.Title}"
 

src/Gallery.CredentialExpiration/Settings/dev.json

@@ -0,0 +1,24 @@
+{
+  "Initialization": {
+    "AllowEmailResendAfterDays": 7,
+    "ContainerName": "credentialexpiration",
+    "DataStorageAccount": "DefaultEndpointsProtocol=https;AccountName=nugetdevuse2gallery;AccountKey=$$Dev-NuGetDevUse2Gallery-StorageKey$$",
+    "GalleryAccountUrl": "https://dev.nugettest.org/account/ApiKeys",
+    "GalleryBrand": "NuGet Gallery",
+    "MailFrom": "[email protected]",
+    "SmtpUri": "#{Jobs.gallery.credentialexpiration.SmtpUri}",
+    "WarnDaysBeforeExpiration": 7,
+    "WhatIf": true
+  },
+
+  "GalleryDb": {
+    "ConnectionString": "Data Source=tcp:#{Deployment.Azure.Sql.GalleryDatabaseAddress};Initial Catalog=nuget-dev-0-v2gallery;User ID=$$Dev-GalleryDBReadOnly-UserName$$;Password=$$Dev-GalleryDBReadOnly-Password$$;Encrypt=True;TrustServerCertificate=False;Connection Timeout=30;"
+  },
+
+  "KeyVault_VaultName": "#{Deployment.Azure.KeyVault.VaultName}",
+  "KeyVault_ClientId": "#{Deployment.Azure.KeyVault.ClientId}",
+  "KeyVault_CertificateThumbprint": "#{Deployment.Azure.KeyVault.CertificateThumbprint}",
+  "KeyVault_ValidateCertificate": true,
+  "KeyVault_StoreName": "My",
+  "KeyVault_StoreLocation": "LocalMachine"
+}

src/Gallery.CredentialExpiration/Settings/int.json

@@ -0,0 +1,24 @@
+{
+  "Initialization": {
+    "AllowEmailResendAfterDays": 7,
+    "ContainerName": "credentialexpiration",
+    "DataStorageAccount": "DefaultEndpointsProtocol=https;AccountName=nugetintusncgallery;AccountKey=$$Int-NuGetIntUsncGallery-StorageKey$$",
+    "GalleryAccountUrl": "https://int.nugettest.org/account/ApiKeys",
+    "GalleryBrand": "NuGet Gallery",
+    "MailFrom": "[email protected]",
+    "SmtpUri": "#{Jobs.gallery.credentialexpiration.SmtpUri}",
+    "WarnDaysBeforeExpiration": 7,
+    "WhatIf": true
+  },
+
+  "GalleryDb": {
+    "ConnectionString": "Data Source=tcp:#{Deployment.Azure.Sql.GalleryDatabaseAddress};Initial Catalog=nuget-int-0-v2gallery;User ID=$$Int-GalleryDBReadOnly-UserName$$;Password=$$Int-GalleryDBReadOnly-Password$$;Encrypt=True;TrustServerCertificate=False;Connection Timeout=30;"
+  },
+
+  "KeyVault_VaultName": "#{Deployment.Azure.KeyVault.VaultName}",
+  "KeyVault_ClientId": "#{Deployment.Azure.KeyVault.ClientId}",
+  "KeyVault_CertificateThumbprint": "#{Deployment.Azure.KeyVault.CertificateThumbprint}",
+  "KeyVault_ValidateCertificate": true,
+  "KeyVault_StoreName": "My",
+  "KeyVault_StoreLocation": "LocalMachine"
+}