Update functions

Author: craigthackerx

PowerShellModules/AzureCliLogin.psm1

@@ -97,71 +97,70 @@ function Connect-ToAzureCliOidc
     _LogMessage -Level 'INFO' -Message 'OIDC login OK.' -InvocationName $MyInvocation.MyCommand.Name
 }
 
-function Connect-ToAzureCliDeviceCode
-{
+function Connect-ToAzureCliDeviceCode {
     param(
         [string]$TenantId,
         [string]$SubscriptionId
     )
 
-    # ── 1. Is the CLI already logged in? ────────────────────────────────────
-    $currentId = az account show --query id -o tsv 2> $null
-    if ($LASTEXITCODE -eq 0 -and $currentId)
-    {
-        _LogMessage -Level 'INFO' -Message "Azure CLI already authenticated (subscription id: $currentId) – skipping device-code login." -InvocationName $MyInvocation.MyCommand.Name
+    $invocation = $MyInvocation.MyCommand.Name
 
-        # caller may still want to switch subscription
-        if ($SubscriptionId)
-        {
-            az account set --subscription $SubscriptionId
-            _LogMessage -Level 'DEBUG' -Message "az account set exit-code: $LASTEXITCODE" -InvocationName $MyInvocation.MyCommand.Name
-            if ($LASTEXITCODE -ne 0)
-            {
-                _LogMessage -Level 'WARN' -Message "Unable to switch to subscription $SubscriptionId." -InvocationName $MyInvocation.MyCommand.Name
+    try {
+        # ── Check if already logged in and with correct tenant/sub ──
+        $accountInfo = az account show --output json | ConvertFrom-Json
+
+        if ($accountInfo -and $accountInfo.id) {
+            $currentSubId = $accountInfo.id
+            $currentTenant = $accountInfo.tenantId
+
+            $isSubMatch = -not $SubscriptionId -or ($SubscriptionId -eq $currentSubId)
+            $isTenantMatch = -not $TenantId -or ($TenantId -eq $currentTenant)
+
+            if ($isSubMatch -and $isTenantMatch) {
+                _LogMessage -Level 'INFO' -Message "Azure CLI already authenticated with correct subscription and tenant (sub: $currentSubId, tenant: $currentTenant) – skipping login." -InvocationName $invocation
+                return
+            }
+
+            if (-not $isSubMatch -and $SubscriptionId) {
+                _LogMessage -Level 'INFO' -Message "Switching subscription to $SubscriptionId..." -InvocationName $invocation
+                az account set --subscription $SubscriptionId
+                if ($LASTEXITCODE -ne 0) {
+                    _LogMessage -Level 'WARN' -Message "Unable to switch to subscription $SubscriptionId." -InvocationName $invocation
+                }
+                return
             }
         }
-        return
-    }
 
-    # ── 2. Perform interactive login ───────────────────────────────────────
-    try
-    {
-        _LogMessage -Level 'INFO' -Message 'Azure CLI device-code login…' -InvocationName $MyInvocation.MyCommand.Name
+        # ── Perform interactive login ──
+        _LogMessage -Level 'INFO' -Message 'Azure CLI device-code login…' -InvocationName $invocation
 
-        if ($TenantId)
-        {
+        if ($TenantId) {
             az login --use-device-code --tenant $TenantId --allow-no-subscriptions
-        }
-        else
-        {
+        } else {
             az login --use-device-code --allow-no-subscriptions
         }
-        _LogMessage -Level 'DEBUG' -Message "az login exit-code: $LASTEXITCODE" -InvocationName $MyInvocation.MyCommand.Name
-        if ($LASTEXITCODE -ne 0)
-        {
+
+        if ($LASTEXITCODE -ne 0) {
             throw 'az login failed (device-code).'
         }
 
-        if ($SubscriptionId)
-        {
+        if ($SubscriptionId) {
             az account set --subscription $SubscriptionId
-            _LogMessage -Level 'DEBUG' -Message "az account set exit-code: $LASTEXITCODE" -InvocationName $MyInvocation.MyCommand.Name
-            if ($LASTEXITCODE -ne 0)
-            {
+            if ($LASTEXITCODE -ne 0) {
                 throw "Unable to set subscription $SubscriptionId."
             }
         }
 
-        _LogMessage -Level 'INFO' -Message 'Device-code login OK.' -InvocationName $MyInvocation.MyCommand.Name
+        _LogMessage -Level 'INFO' -Message 'Device-code login OK.' -InvocationName $invocation
     }
-    catch
-    {
-        _LogMessage -Level 'ERROR' -Message "Device-code login failed: $( $_.Exception.Message )" -InvocationName $MyInvocation.MyCommand.Name
+    catch {
+        _LogMessage -Level 'ERROR' -Message "Device-code login failed: $($_.Exception.Message)" -InvocationName $invocation
         throw
     }
 }
 
 
+
 function Test-AzureCliConnection
 {
     try

PowerShellModules/Homebrew.psm1

@@ -1,24 +1,34 @@
-function Assert-HomebrewPath
-{
-    _LogMessage -Level "INFO" -Message "Ensuring Homebrew is available in the PATH..." -InvocationName "$( $MyInvocation.MyCommand.Name )"
+function Assert-HomebrewPath {
+    _LogMessage -Level "INFO" -Message "Ensuring Homebrew is available in the PATH..." -InvocationName $MyInvocation.MyCommand.Name
+
+    # Check if 'brew' is already available in the current session
+    if (Get-Command brew -ErrorAction SilentlyContinue) {
+        _LogMessage -Level "INFO" -Message "Homebrew is already available in the PATH. Skipping shellenv import." -InvocationName $MyInvocation.MyCommand.Name
+        return
+    }
 
     # Get the output of the shellenv command from Homebrew
     $brewShellEnv = & /home/linuxbrew/.linuxbrew/bin/brew shellenv
-    $brewShellEnvString = $brewShellEnv -join "`n"
+    if (-not $brewShellEnv) {
+        _LogMessage -Level "ERROR" -Message "brew shellenv returned no output. Cannot update environment." -InvocationName $MyInvocation.MyCommand.Name
+        exit 1
+    }
 
     # Apply the environment changes using Invoke-Expression
+    $brewShellEnvString = $brewShellEnv -join "`n"
     Invoke-Expression $brewShellEnvString
 
-    # Test if brew is now available in the session
-    if (Get-Command brew -ErrorAction SilentlyContinue)
-    {
-        _LogMessage -Level "INFO" -Message  "Homebrew is now available in the PATH." -InvocationName "$( $MyInvocation.MyCommand.Name )"
+    # Re-check if brew is now available
+    if (Get-Command brew -ErrorAction SilentlyContinue) {
+        _LogMessage -Level "INFO" -Message "Homebrew is now available in the PATH." -InvocationName $MyInvocation.MyCommand.Name
     }
-    else
-    {
-        _LogMessage -Level "ERROR" -Message "Homebrew is not available. Something went wrong." -InvocationName "$( $MyInvocation.MyCommand.Name )"
+    else {
+        _LogMessage -Level "ERROR" -Message "Homebrew is still not available after applying shellenv." -InvocationName $MyInvocation.MyCommand.Name
         exit 1
     }
 }
 
 Export-ModuleMember -Function Assert-HomebrewPath
+
+
+Export-ModuleMember -Function Assert-HomebrewPath

Run-AzTerraform.ps1

@@ -19,14 +19,14 @@ param (
     [string]$TerraformPlanFileName = "tfplan.plan",
     [string]$TerraformDestroyPlanFileName = "tfplan-destroy.plan",
     [string]$TerraformCodeLocation = "terraform",
-    [string[]]$TerraformStackToRun = @('all'),
+    [string[]]$TerraformStackToRun = @('rg'),
     [string]$CreateTerraformWorkspace = "true",
     [string]$TerraformWorkspace = "dev",
     [string]$InstallAzureCli = "false",
     [string]$AttemptAzureLogin = "true",
-    [string]$UseAzureClientSecretLogin = "true",
+    [string]$UseAzureClientSecretLogin = "false",
     [string]$UseAzureOidcLogin = "false",
-    [string]$UseAzureUserLogin = "false",
+    [string]$UseAzureUserLogin = "true",
     [string]$UseAzureManagedIdentityLogin = "false"
 )
 
@@ -235,7 +235,7 @@ try
             # ── INIT ──────────────────────────────────────────────────────────────
             if ($convertedRunTerraformInit)
             {
-                Invoke-TerraformInit -CodePath $folder -InitArgs '-input=false','-upgrade=true'
+                Invoke-TerraformInit -CodePath $folder -InitArgs $TerraformInitExtraArgs
             }
 
             # workspace (needs an init first)