#51 Convert some calls and suppress python syntax warning

SCEPman/Private/app-service.ps1

@@ -5,7 +5,7 @@ function GetCertMasterAppServiceName ($CertMasterResourceGroup, $SCEPmanAppServi
 
   $strangeCertMasterFound = $false
 
-  $rgwebapps =  Convert-LinesToObject -lines $(az graph query -q "Resources | where type == 'microsoft.web/sites' and resourceGroup == '$CertMasterResourceGroup' and name !~ '$SCEPmanAppServiceName' | project name")
+  $rgwebapps = Invoke-Az -azCommand @("graph", "query", "-q", "Resources | where type == 'microsoft.web/sites' and resourceGroup == '$CertMasterResourceGroup' and name !~ '$SCEPmanAppServiceName' | project name") | Convert-LinesToObject
   Write-Information "$($rgwebapps.count) web apps found in the resource group $CertMasterResourceGroup (excluding SCEPman). We are finding if the CertMaster app is already created"
   if($rgwebapps.count -gt 0) {
     ForEach($potentialcmwebapp in $rgwebapps.data) {
@@ -66,11 +66,11 @@ function New-CertMasterAppService {
     $ShallCreateCertMasterAppService = [String]::IsNullOrWhiteSpace($CertMasterAppServiceName)
   } else {
     # Check whether a cert master app service with the passed in name exists
-    $CertMasterWebApps = Convert-LinesToObject -lines $(az graph query -q "Resources | where type == 'microsoft.web/sites' and resourceGroup == '$CertMasterResourceGroup' and name =~ '$CertMasterAppServiceName' | project name")
+    $CertMasterWebApps = Invoke-Az -azCommand @("graph", "query", "-q", "Resources | where type == 'microsoft.web/sites' and resourceGroup == '$CertMasterResourceGroup' and name =~ '$CertMasterAppServiceName' | project name") | Convert-LinesToObject
     $ShallCreateCertMasterAppService = 0 -eq $CertMasterWebApps.count
   }
 
-  $scwebapp = Convert-LinesToObject -lines $(az graph query -q "Resources | where type == 'microsoft.web/sites' and resourceGroup == '$SCEPmanResourceGroup' and name =~ '$SCEPmanAppServiceName'")
+  $scwebapp = Invoke-Az -azCommand @("graph", "query", "-q", "Resources | where type == 'microsoft.web/sites' and resourceGroup == '$SCEPmanResourceGroup' and name =~ '$SCEPmanAppServiceName'") | Convert-LinesToObject
 
   if([String]::IsNullOrWhiteSpace($CertMasterAppServiceName)) {
     $CertMasterAppServiceName = $scwebapp.data.name
@@ -100,8 +100,8 @@ function New-CertMasterAppService {
       # Do all the configuration that the ARM template does normally
       $SCEPmanHostname = $scwebapp.data.properties.defaultHostName
       if (-not [String]::IsNullOrWhiteSpace($DeploymentSlotName)) {
-          $selectedSlot = Convert-LinesToObject -lines $(az graph query -q "Resources | where type == 'microsoft.web/sites/slots' and resourceGroup == '$SCEPmanResourceGroup' and name =~ '$SCEPmanAppServiceName/$DeploymentSlotName'")
-          $SCEPmanHostname = $selectedSlot.data.properties.defaultHostName
+        $selectedSlot = Invoke-Az -azCommand @("graph", "query", "-q", "Resources | where type == 'microsoft.web/sites/slots' and resourceGroup == '$SCEPmanResourceGroup' and name =~ '$SCEPmanAppServiceName/$DeploymentSlotName'") | Convert-LinesToObject
+        $SCEPmanHostname = $selectedSlot.data.properties.defaultHostName
       }
       $CertmasterAppSettingsTable = @{
         WEBSITE_RUN_FROM_PACKAGE = $Artifacts_Certmaster[$UpdateChannel];

SCEPman/Private/az-commands.ps1

@@ -64,6 +64,15 @@ function CheckAzOutput($azOutput, $fThrowOnError, $noSecretLeakageWarning = $fal
                     # Ignore, this is the next line of the previous issue
                     Write-Debug "Ignoring algorithm line for crypto warning: $outputElement"
                     $expectAlgorithmToBeIgnored = $false
+                } elseif ($outputElement.ToString().Contains("SyntaxWarning: invalid escape sequence '\ '")) {
+                    # Ignore, this is a harmless issue of az graph extension 2.10 with more recent python versions (?)
+                    # See https://github.com/Azure/azure-cli-extensions/issues/8369
+                    Write-Debug "Ignoring expected warning about wrong escape seqences: $outputElement"
+                    $expectIntervalWarning = $true
+                } elseif ($expectIntervalWarning -and ($outputElement.ToString().Trim(' ').StartsWith('"""'))) {
+                    # Ignore, this is the next line of the previous issue
+                    Write-Debug "Ignoring line for syntax warning: $outputElement"
+                    $expectIntervalWarning = $false
                 } elseif ($outputElement.ToString().StartsWith("WARNING") -or $outputElement.ToString().Contains("UserWarning: ")) {
                     if ($outputElement.ToString().StartsWith("WARNING: The underlying Active Directory Graph API will be replaced by Microsoft Graph API") `
                     -or $outputElement.ToString().StartsWith("WARNING: This command or command group has been migrated to Microsoft Graph API.")) {

SCEPman/Private/key-vault.ps1

@@ -21,8 +21,7 @@ function AddSCEPmanPermissionsToKeyVault ($KeyVault, $PrincipalId) {
 function FindConfiguredKeyVault ($SCEPmanResourceGroup, $SCEPmanAppServiceName) {
   [uri]$configuredKeyVaultURL = FindConfiguredKeyVaultUrl -SCEPmanResourceGroup $SCEPmanResourceGroup -SCEPmanAppServiceName $SCEPmanAppServiceName
 
-  # TODO: Use Invoke-az
-  $keyVault = Convert-LinesToObject -lines $(az graph query -q "Resources | where type == 'microsoft.keyvault/vaults' and properties.vaultUri startswith '$configuredKeyVaultURL' | project name,subscriptionId,properties.enableRbacAuthorization,id")
+  $keyVault = Invoke-az -azCommand @("graph", "query", "-q", "Resources | where type == 'microsoft.keyvault/vaults' and properties.vaultUri startswith '$configuredKeyVaultURL' | project name,subscriptionId,properties.enableRbacAuthorization,id") | Convert-LinesToObject
 
   if($keyVault.count -eq 1) {
     return $keyVault.data

SCEPman/Private/storage-account.ps1

@@ -1,13 +1,13 @@
 
 function VerifyStorageAccountDoesNotExist ($ResourceGroup) {
-    $storageaccounts = Convert-LinesToObject -lines $(az graph query -q "Resources | where type == 'microsoft.storage/storageaccounts' and resourceGroup == '$ResourceGroup' | project name, resourceGroup, primaryEndpoints = properties.primaryEndpoints, subscriptionId, location")
-    if($storageaccounts.count -gt 0) {
+    $storageAccounts = Invoke-Az -azCommand @("graph", "query", "-q", "Resources | where type == 'microsoft.storage/storageaccounts' and resourceGroup == '$ResourceGroup' | project name, resourceGroup, primaryEndpoints = properties.primaryEndpoints, subscriptionId, location") | Convert-LinesToObject
+    if($storageAccounts.count -gt 0) {
         $potentialStorageAccountName = Read-Host "We have found one or more existing storage accounts in the resource group $ResourceGroup. Please hit enter now if you still want to create a new storage account or enter the name of the storage account you would like to use, and then hit enter"
         if(!$potentialStorageAccountName) {
             Write-Information "User selected to create a new storage account"
             return $null
         } else {
-            $potentialStorageAccount = $storageaccounts.data | Where-Object { $_.name -eq $potentialStorageAccountName }
+            $potentialStorageAccount = $storageAccounts.data | Where-Object { $_.name -eq $potentialStorageAccountName }
             if($null -eq $potentialStorageAccount) {
                 Write-Error "We couldn't find a storage account with name $potentialStorageAccountName in resource group $ResourceGroup. Please try to re-run the script"
                 throw "We couldn't find a storage account with name $potentialStorageAccountName in resource group $ResourceGroup. Please try to re-run the script"
@@ -23,7 +23,7 @@ function VerifyStorageAccountDoesNotExist ($ResourceGroup) {
 }
 
 function GetExistingStorageAccount ($dataTableEndpoint) {
-    $storageAccounts = Convert-LinesToObject -lines $(az graph query -q "Resources | where type == 'microsoft.storage/storageaccounts' and properties.primaryEndpoints.table startswith '$($dataTableEndpoint.TrimEnd('/'))' | project name, resourceGroup, primaryEndpoints = properties.primaryEndpoints, subscriptionId, location")
+    $storageAccounts = Invoke-Az -azCommand @("graph", "query", "-q", "Resources | where type == 'microsoft.storage/storageaccounts' and properties.primaryEndpoints.table startswith '$($dataTableEndpoint.TrimEnd('/'))' | project name, resourceGroup, primaryEndpoints = properties.primaryEndpoints, subscriptionId, location") | Convert-LinesToObject
     Write-Debug "When searching for Storage Account $dataTableEndpoint, $($storageAccounts.count) accounts look like the searched one"
     $storageAccounts = $storageAccounts.data | Where-Object { $_.primaryEndpoints.table.TrimEnd('/') -eq $dataTableEndpoint.TrimEnd('/')}
     if ($null -ne $storageAccounts.count) { # In PS 7 (?), $storageAccounts is an array; In PS 5, $null has a count property with value 0

SCEPman/Private/subscriptions.ps1

@@ -22,7 +22,7 @@ function Get-SubscriptionDetailsUsingAppName($AppServiceName, $subscriptions) {
 
 function Get-SubscriptionDetailsUsingPlanName($AppServicePlanName, $subscriptions) {
     Write-Information "Finding correct subscription for App Service Plan $AppServicePlanName among the $($subscriptions.count) selected subscriptions"
-    $scPlansAcrossAllAccessibleSubscriptions = Convert-LinesToObject -lines $(az graph query -q "Resources | where type == 'microsoft.web/serverfarms' and name =~ '$AppServicePlanName' | project name, subscriptionId")
+    $scPlansAcrossAllAccessibleSubscriptions = Invoke-Az -azCommand @('graph', 'query', '-q', "Resources | where type == 'microsoft.web/serverfarms' and name =~ '$AppServicePlanName' | project name, subscriptionId") | Convert-LinesToObject
     if($scPlansAcrossAllAccessibleSubscriptions.count -eq 1) {
         Write-Verbose "App Service Plan $AppServicePlanName is in subscription $($scPlansAcrossAllAccessibleSubscriptions.data[0].subscriptionId)"
         $fittingSubscription = $subscriptions | Where-Object { $_.id -eq $scPlansAcrossAllAccessibleSubscriptions.data[0].subscriptionId }
@@ -90,7 +90,7 @@ function GetSubscriptionDetails ([bool]$SearchAllSubscriptions, $SubscriptionId,
 }
 
 function GetResourceGroup ($SCEPmanAppServiceName) {
-    $scWebAppsInTheSubscription = Convert-LinesToObject -lines $(az graph query -q "Resources | where type == 'microsoft.web/sites' and name =~ '$SCEPmanAppServiceName' | project name, resourceGroup")
+    $scWebAppsInTheSubscription = Invoke-Az -azCommand ('graph', 'query', '-q', "Resources | where type == 'microsoft.web/sites' and name =~ '$SCEPmanAppServiceName' | project name, resourceGroup") | Convert-LinesToObject
     if($null -ne $scWebAppsInTheSubscription -and $($scWebAppsInTheSubscription.count) -eq 1) {
         return $scWebAppsInTheSubscription.data[0].resourceGroup
     }
@@ -99,7 +99,7 @@ function GetResourceGroup ($SCEPmanAppServiceName) {
 }
 
 function GetResourceGroupFromPlanName ($AppServicePlanName) {
-    $asplansInTheSubscription = Convert-LinesToObject -lines $(az graph query -q "Resources | where type == 'microsoft.web/serverfarms' and name =~ '$AppServicePlanName' | project name, resourceGroup")
+    $asplansInTheSubscription = Invoke-Az -azCommand ('graph', 'query', '-q', "Resources | where type == 'microsoft.web/serverfarms' and name =~ '$AppServicePlanName' | project name, resourceGroup") | Convert-LinesToObject
     if($null -ne $asplansInTheSubscription -and $($asplansInTheSubscription.count) -eq 1) {
         return $asplansInTheSubscription.data[0].resourceGroup
     }