Azure · tariq1890 · Sep 19, 2018 · Sep 19, 2018 · Sep 19, 2018 · Sep 19, 2018
diff --git a/cmd/deploy.go b/cmd/deploy.go
@@ -365,10 +365,11 @@ func autofillApimodel(dc *deployCmd) error {
 					},
 				}
 			}
-			applicationID, servicePrincipalObjectID, secret, err := dc.client.CreateApp(ctx, appName, appURL, replyURLs, requiredResourceAccess)
+			applicationResp, servicePrincipalObjectID, secret, err := dc.client.CreateApp(ctx, appName, appURL, replyURLs, requiredResourceAccess)
 			if err != nil {
 				return errors.Wrap(err, "apimodel invalid: ServicePrincipalProfile was empty, and we failed to create valid credentials")
 			}
+			applicationID := to.String(applicationResp.AppID)
 			log.Warnf("created application with applicationID (%s) and servicePrincipalObjectID (%s).", applicationID, servicePrincipalObjectID)
 
 			log.Warnln("apimodel: ServicePrincipalProfile was empty, assigning role to application...")

diff --git a/pkg/armhelpers/graph.go b/pkg/armhelpers/graph.go
@@ -8,6 +8,7 @@ import (
 
 	"github.com/Azure/azure-sdk-for-go/services/authorization/mgmt/2015-07-01/authorization"
 	"github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac"
+	"github.com/Azure/go-autorest/autorest"
 	"github.com/Azure/go-autorest/autorest/date"
 	"github.com/Azure/go-autorest/autorest/to"
 	"github.com/satori/go.uuid"
@@ -28,6 +29,11 @@ func (az *AzureClient) CreateGraphApplication(ctx context.Context, applicationCr
 	return az.applicationsClient.Create(ctx, applicationCreateParameters)
 }
 
+// DeleteGraphApplication deletes an application via the graphrbac client
+func (az *AzureClient) DeleteGraphApplication(ctx context.Context, applicationObjectID string) (result autorest.Response, err error) {
+	return az.applicationsClient.Delete(ctx, applicationObjectID)
+}
+
 // CreateGraphPrincipal creates a service principal via the graphrbac client
 func (az *AzureClient) CreateGraphPrincipal(ctx context.Context, servicePrincipalCreateParameters graphrbac.ServicePrincipalCreateParameters) (graphrbac.ServicePrincipal, error) {
 	return az.servicePrincipalsClient.Create(ctx, servicePrincipalCreateParameters)
@@ -50,7 +56,7 @@ func (az *AzureClient) ListRoleAssignmentsForPrincipal(ctx context.Context, scop
 }
 
 // CreateApp is a simpler method for creating an application
-func (az *AzureClient) CreateApp(ctx context.Context, appName, appURL string, replyURLs *[]string, requiredResourceAccess *[]graphrbac.RequiredResourceAccess) (applicationID, servicePrincipalObjectID, servicePrincipalClientSecret string, err error) {
+func (az *AzureClient) CreateApp(ctx context.Context, appName, appURL string, replyURLs *[]string, requiredResourceAccess *[]graphrbac.RequiredResourceAccess) (applicationResp graphrbac.Application, servicePrincipalObjectID, servicePrincipalClientSecret string, err error) {
 	notBefore := time.Now()
 	notAfter := time.Now().Add(10000 * 24 * time.Hour)
 
@@ -76,11 +82,11 @@ func (az *AzureClient) CreateApp(ctx context.Context, appName, appURL string, re
 		},
 		RequiredResourceAccess: requiredResourceAccess,
 	}
-	applicationResp, err := az.CreateGraphApplication(ctx, applicationReq)
+	applicationResp, err = az.CreateGraphApplication(ctx, applicationReq)
 	if err != nil {
-		return "", "", "", err
+		return applicationResp, "", "", err
 	}
-	applicationID = to.String(applicationResp.AppID)
+	applicationID := to.String(applicationResp.AppID)
 
 	log.Debugf("ad: creating servicePrincipal for applicationID: %q", applicationID)
 
@@ -90,12 +96,22 @@ func (az *AzureClient) CreateApp(ctx context.Context, appName, appURL string, re
 	}
 	servicePrincipalResp, err := az.servicePrincipalsClient.Create(ctx, servicePrincipalReq)
 	if err != nil {
-		return "", "", "", err
+		return applicationResp, "", "", err
 	}
 
 	servicePrincipalObjectID = to.String(servicePrincipalResp.ObjectID)
 
-	return applicationID, servicePrincipalObjectID, servicePrincipalClientSecret, nil
+	return applicationResp, servicePrincipalObjectID, servicePrincipalClientSecret, nil
+}
+
+// DeleteApp is a simpler method for deleting an application and the associated spn
+func (az *AzureClient) DeleteApp(ctx context.Context, applicationName, applicationObjectID string) (autorest.Response, error) {
+	log.Debugf("ad: deleting application with name=%q", applicationName)
+	applicationResp, err := az.DeleteGraphApplication(ctx, applicationObjectID)
+	if err != nil {
+		return applicationResp, err
+	}
+	return applicationResp, nil
 }
 
 // CreateRoleAssignmentSimple is a wrapper around RoleAssignmentsClient.Create

diff --git a/pkg/armhelpers/interfaces.go b/pkg/armhelpers/interfaces.go
@@ -10,6 +10,7 @@ import (
 	"github.com/Azure/azure-sdk-for-go/services/preview/msi/mgmt/2015-08-31-preview/msi"
 	"github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/resources"
 	azStorage "github.com/Azure/azure-sdk-for-go/storage"
+	"github.com/Azure/go-autorest/autorest"
 	log "github.com/sirupsen/logrus"
 	"k8s.io/api/core/v1"
 )
@@ -102,7 +103,8 @@ type ACSEngineClient interface {
 
 	// CreateGraphPrincipal creates a service principal via the graphrbac client
 	CreateGraphPrincipal(ctx context.Context, servicePrincipalCreateParameters graphrbac.ServicePrincipalCreateParameters) (graphrbac.ServicePrincipal, error)
-	CreateApp(ctx context.Context, applicationName, applicationURL string, replyURLs *[]string, requiredResourceAccess *[]graphrbac.RequiredResourceAccess) (applicationID, servicePrincipalObjectID, secret string, err error)
+	CreateApp(ctx context.Context, applicationName, applicationURL string, replyURLs *[]string, requiredResourceAccess *[]graphrbac.RequiredResourceAccess) (result graphrbac.Application, servicePrincipalObjectID, secret string, err error)
+	DeleteApp(ctx context.Context, applicationName, applicationObjectID string) (autorest.Response, error)
 
 	// User Assigned MSI
 	//CreateUserAssignedID - Creates a user assigned msi.

diff --git a/pkg/armhelpers/mockclients.go b/pkg/armhelpers/mockclients.go
@@ -9,6 +9,8 @@ import (
 	"net/http"
 	"time"
 
+	"github.com/Azure/acs-engine/pkg/helpers"
+
 	"github.com/Azure/azure-sdk-for-go/services/authorization/mgmt/2015-07-01/authorization"
 	"github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2018-04-01/compute"
 	"github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac"
@@ -550,8 +552,15 @@ func (mc *MockACSEngineClient) CreateGraphPrincipal(ctx context.Context, service
 }
 
 // CreateApp is a simpler method for creating an application
-func (mc *MockACSEngineClient) CreateApp(ctx context.Context, applicationName, applicationURL string, replyURLs *[]string, requiredResourceAccess *[]graphrbac.RequiredResourceAccess) (applicationID, servicePrincipalObjectID, secret string, err error) {
-	return "app-id", "client-id", "client-secret", nil
+func (mc *MockACSEngineClient) CreateApp(ctx context.Context, applicationName, applicationURL string, replyURLs *[]string, requiredResourceAccess *[]graphrbac.RequiredResourceAccess) (result graphrbac.Application, servicePrincipalObjectID, secret string, err error) {
+	return graphrbac.Application{
+		AppID: helpers.PointerToString("app-id"),
+	}, "client-id", "client-secret", nil
+}
+
+// DeleteApp is a simpler method for deleting an application
+func (mc *MockACSEngineClient) DeleteApp(ctx context.Context, appName, applicationObjectID string) (response autorest.Response, err error) {
+	return response, nil
 }
 
 // User Assigned MSI

diff --git a/pkg/helpers/helpers.go b/pkg/helpers/helpers.go
@@ -73,6 +73,12 @@ func PointerToBool(b bool) *bool {
 	return &p
 }
 
+// PointerToString returns a pointer to a string
+func PointerToString(s string) *string {
+	p := s
+	return &p
+}
+
 // PointerToInt returns a pointer to a int
 func PointerToInt(i int) *int {
 	p := i