codespaces and devcontainer updates

2023-08-29 14:18:27 -04:00 · 2023-08-29 14:18:27 -04:00 · b280462725
--- a/.devcontainer/devcontainer.json
+++ b/.devcontainer/devcontainer.json
@ -24,7 +24,7 @@
    // "shutdownAction": "none",
    // Uncomment the next line to run commands after the container is created.
    //"postCreateCommand": "cp -R /tmp/.ssh-localhost/* ~/.ssh && sudo chmod 600 ~/.ssh/* && sudo chown -R $(whoami) /tf/caf && git config --global core.editor vim && pre-commit install && pre-commit autoupdate",
-    "postCreateCommand": "sudo cp -R /tmp/.ssh-localhost/* ~/.ssh && sudo chown -R $(whoami):$(whoami) /tf/caf ~/.ssh && sudo chmod 400 ~/.ssh/* && git config --global core.editor vi && pre-commit install && pre-commit autoupdate",
+    "postCreateCommand": "sudo cp -R /tmp/.ssh-localhost/* ~/.ssh && sudo chown -R $(whoami):$(whoami) /tf/caf ~/.ssh && sudo chmod 400 ~/.ssh/* && git config --global core.editor vi && pre-commit install && pre-commit autoupdate && sudo az aks install-cli",
    "postStartCommand": "sudo chmod 666 /var/run/docker.sock",
    // Add the IDs of extensions you want installed when the container is created in the array below.
    "extensions": [
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@ -40,4 +40,10 @@ This project may contain trademarks or logos for projects, products, or services
 trademarks or logos is subject to and must follow 
 [Microsoft's Trademark & Brand Guidelines](https://www.microsoft.com/en-us/legal/intellectualproperty/trademarks/usage/general).
 Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship.
-Any use of third-party trademarks or logos are subject to those third-party's policies.
+Any use of third-party trademarks or logos are subject to those third-party's policies.
+
+
+This repo uses pre-commit hooks to verify changes, to install locally run
+```bash
+pip3 install pre-commit
+```
--- a/README.md
+++ b/README.md
@ -62,5 +62,4 @@ Pick one of the scenarios below to get started on a reference implementation. Fo
 ### Or leverage one of the Landing Zone Accelerator implementations from our other repos

 :arrow_forward: [AKS Construction Helper](https://github.com/Azure/Aks-Construction#getting-started)
-<!-- :arrow_forward: [Baseline Automation Module](https://github.com/Azure/aks-baseline-automation) -->
-
+<!-- :arrow_forward: [Baseline Automation Module](https://github.com/Azure/aks-baseline-automation) -->
--- a/Scenarios/AKS-OpenAI-CogServe-Redis-Embeddings/README.md
+++ b/Scenarios/AKS-OpenAI-CogServe-Redis-Embeddings/README.md
@ -157,7 +157,7 @@ az keyvault secret set --name formrecognizerkey  --vault-name $KV_NAME --value $

 az keyvault secret set --name translatekey  --vault-name $KV_NAME --value $(az cognitiveservices account keys list -g $RGNAME -n $TRANSLATOR_ACCOUNT --query key1 -o tsv)

-az keyvault secret set --name blobaccountkey  --vault-name $KV_NAME --value $(az storage account keys list -g $RGNAME -n $BLOB_ACCOUNT_NAME --query [1].value -o tsv)
+az keyvault secret set --name blobaccountkey  --vault-name $KV_NAME --value $(az storage account keys list -g $RGNAME -n $BLOB_ACCOUNT_NAME --query \[1\].value -o tsv)
 ```


@ -165,11 +165,22 @@ az keyvault secret set --name blobaccountkey  --vault-name $KV_NAME --value $(az
 Create and record the required federation to allow the CSI Secret driver to use the AD Workload identity, and to update the manifest files.

 ```bash
-CSIIdentity=($(az aks show -g $RGNAME -n $AKSCLUSTER --query [addonProfiles.azureKeyvaultSecretsProvider.identity.resourceId,addonProfiles.azureKeyvaultSecretsProvider.identity.clientId] -o tsv |  cut -d '/' -f 5,9 --output-delimiter ' '))
+CSIIdentity=($(az aks show -g $RGNAME -n $AKSCLUSTER --query "[addonProfiles.azureKeyvaultSecretsProvider.identity.resourceId,addonProfiles.azureKeyvaultSecretsProvider.identity.clientId]" -o tsv |  cut -d '/' -f 5,9 --output-delimiter ' '))

-CLIENT_ID=${CSIIdentity[2]}
-IDNAME=${CSIIdentity[1]} 
-IDRG=${CSIIdentity[0]} 
+CLIENT_ID=${CSIIdentity[2]} && echo "CLIENT_ID is $CLIENT_ID"
+IDNAME=${CSIIdentity[1]} && echo "IDNAME is $IDNAME"
+IDRG=${CSIIdentity[0]} && echo "IDRG is $IDRG"
+
+az identity federated-credential create --name aksfederatedidentity --identity-name $IDNAME --resource-group $IDRG --issuer $OIDCISSUERURL --subject system:serviceaccount:default:serversa
+```
+
+Note: if running Federation in **zsh** or in codespaces, oreder of the variables is different
+```bash
+CSIIdentity=($(az aks show -g $RGNAME -n $AKSCLUSTER --query "[addonProfiles.azureKeyvaultSecretsProvider.identity.resourceId,addonProfiles.azureKeyvaultSecretsProvider.identity.clientId]" -o tsv |  cut -d '/' -f 5,9 --output-delimiter ' '))
+
+CLIENT_ID=${CSIIdentity[3]} && echo "CLIENT_ID is $CLIENT_ID"
+IDNAME=${CSIIdentity[2]} && echo "IDNAME is $IDNAME"
+IDRG=${CSIIdentity[1]} && echo "IDRG is $IDRG"

 az identity federated-credential create --name aksfederatedidentity --identity-name $IDNAME --resource-group $IDRG --issuer $OIDCISSUERURL --subject system:serviceaccount:default:serversa
 ```