diff --git a/deploy/rp-production-parameters.json b/deploy/rp-production-parameters.json index a8cd783eb..02ae6b370 100644 --- a/deploy/rp-production-parameters.json +++ b/deploy/rp-production-parameters.json @@ -35,9 +35,6 @@ "rpImageAuth": { "value": "" }, - "rpMdmCertificateVaultId": { - "value": "" - }, "rpMdmFrontendUrl": { "value": "" }, @@ -50,9 +47,6 @@ "rpMdsdAccount": { "value": "" }, - "rpMdsdCertificateVaultId": { - "value": "" - }, "rpMdsdConfigVersion": { "value": "" }, diff --git a/deploy/rp-production.json b/deploy/rp-production.json index daec70fc6..c016d8fed 100644 --- a/deploy/rp-production.json +++ b/deploy/rp-production.json @@ -66,9 +66,6 @@ "rpImageAuth": { "type": "securestring" }, - "rpMdmCertificateVaultId": { - "type": "string" - }, "rpMdmFrontendUrl": { "type": "string" }, @@ -81,9 +78,6 @@ "rpMdsdAccount": { "type": "string" }, - "rpMdsdCertificateVaultId": { - "type": "string" - }, "rpMdsdConfigVersion": { "type": "string" }, @@ -276,7 +270,7 @@ "autoUpgradeMinorVersion": true, "settings": {}, "protectedSettings": { - "script": "[base64(concat(base64ToString('c2V0IC1leAoK'),'CLUSTERMDMMETRICNAMESPACE=$(base64 -d \u003c\u003c\u003c''',base64(parameters('clusterMdmMetricNamespace')),''')\n','CLUSTERMDMMONITORINGACCOUNT=$(base64 -d \u003c\u003c\u003c''',base64(parameters('clusterMdmMonitoringAccount')),''')\n','PULLSECRET=$(base64 -d \u003c\u003c\u003c''',base64(parameters('pullSecret')),''')\n','RPIMAGE=$(base64 -d \u003c\u003c\u003c''',base64(parameters('rpImage')),''')\n','RPIMAGEAUTH=$(base64 -d \u003c\u003c\u003c''',base64(parameters('rpImageAuth')),''')\n','RPMDMCERTIFICATEVAULTID=$(base64 -d \u003c\u003c\u003c''',base64(parameters('rpMdmCertificateVaultId')),''')\n','RPMDMFRONTENDURL=$(base64 -d \u003c\u003c\u003c''',base64(parameters('rpMdmFrontendUrl')),''')\n','RPMDMMETRICNAMESPACE=$(base64 -d \u003c\u003c\u003c''',base64(parameters('rpMdmMetricNamespace')),''')\n','RPMDMMONITORINGACCOUNT=$(base64 -d \u003c\u003c\u003c''',base64(parameters('rpMdmMonitoringAccount')),''')\n','RPMDSDACCOUNT=$(base64 -d \u003c\u003c\u003c''',base64(parameters('rpMdsdAccount')),''')\n','RPMDSDCERTIFICATEVAULTID=$(base64 -d \u003c\u003c\u003c''',base64(parameters('rpMdsdCertificateVaultId')),''')\n','RPMDSDCONFIGVERSION=$(base64 -d \u003c\u003c\u003c''',base64(parameters('rpMdsdConfigVersion')),''')\n','RPMDSDENVIRONMENT=$(base64 -d \u003c\u003c\u003c''',base64(parameters('rpMdsdEnvironment')),''')\n','RPMDSDNAMESPACE=$(base64 -d \u003c\u003c\u003c''',base64(parameters('rpMdsdNamespace')),''')\n','RPMODE=$(base64 -d \u003c\u003c\u003c''',base64(parameters('rpMode')),''')\n','LOCATION=$(base64 -d \u003c\u003c\u003c''',base64(resourceGroup().location),''')\n','\n',base64ToString('eXVtIC15IHVwZGF0ZSAteCBXQUxpbnV4QWdlbnQKCiMgYXZvaWQgImVycm9yOiBkYjUgZXJyb3IoLTMwOTY5KSBmcm9tIGRiZW52LT5vcGVuOiBCREIwMDkxIERCX1ZFUlNJT05fTUlTTUFUQ0g6IERhdGFiYXNlIGVudmlyb25tZW50IHZlcnNpb24gbWlzbWF0Y2giCnJtIC1mIC92YXIvbGliL3JwbS9fX2RiKgoKcnBtIC0taW1wb3J0IGh0dHBzOi8vZGwuZmVkb3JhcHJvamVjdC5vcmcvcHViL2VwZWwvUlBNLUdQRy1LRVktRVBFTC04CnJwbSAtLWltcG9ydCBodHRwczovL3BhY2thZ2VzLm1pY3Jvc29mdC5jb20va2V5cy9taWNyb3NvZnQuYXNjCnJwbSAtLWltcG9ydCBodHRwczovL3BhY2thZ2VzLmZsdWVudGJpdC5pby9mbHVlbnRiaXQua2V5Cgp5dW0gLXkgaW5zdGFsbCBodHRwczovL2RsLmZlZG9yYXByb2plY3Qub3JnL3B1Yi9lcGVsL2VwZWwtcmVsZWFzZS1sYXRlc3QtOC5ub2FyY2gucnBtCgpjYXQgPi9ldGMveXVtLnJlcG9zLmQvYXp1cmUucmVwbyA8PCdFT0YnClthenVyZS1jbGldCm5hbWU9YXp1cmUtY2xpCmJhc2V1cmw9aHR0cHM6Ly9wYWNrYWdlcy5taWNyb3NvZnQuY29tL3l1bXJlcG9zL2F6dXJlLWNsaQplbmFibGVkPXllcwpncGdjaGVjaz15ZXMKClthenVyZWNvcmVdCm5hbWU9YXp1cmVjb3JlCmJhc2V1cmw9aHR0cHM6Ly9wYWNrYWdlcy5taWNyb3NvZnQuY29tL3l1bXJlcG9zL2F6dXJlY29yZQplbmFibGVkPXllcwpncGdjaGVjaz1ubwpFT0YKCmNhdCA+L2V0Yy95dW0ucmVwb3MuZC90ZC1hZ2VudC1iaXQucmVwbyA8PCdFT0YnClt0ZC1hZ2VudC1iaXRdCm5hbWU9dGQtYWdlbnQtYml0CmJhc2V1cmw9aHR0cHM6Ly9wYWNrYWdlcy5mbHVlbnRiaXQuaW8vY2VudG9zLzcKZW5hYmxlZD15ZXMKZ3BnY2hlY2s9eWVzCkVPRgoKeXVtIC15IGluc3RhbGwgYXpzZWMtY2xhbWF2IGF6c2VjLW1vbml0b3IgYXp1cmUtY2xpIGF6dXJlLW1kc2QgYXp1cmUtc2VjdXJpdHkgcG9kbWFuLWRvY2tlciB0ZC1hZ2VudC1iaXQKCmZpcmV3YWxsLWNtZCAtLWFkZC1wb3J0PTQ0My90Y3AgLS1wZXJtYW5lbnQKCiMgaHR0cHM6Ly9idWd6aWxsYS5yZWRoYXQuY29tL3Nob3dfYnVnLmNnaT9pZD0xODA1MjEyCnNlZCAtaSAtZSAncy9pcHRhYmxlcy9maXJld2FsbGQvJyAvZXRjL2NuaS9uZXQuZC84Ny1wb2RtYW4tYnJpZGdlLmNvbmZsaXN0Cgpta2RpciAvcm9vdC8uZG9ja2VyCmNhdCA+L3Jvb3QvLmRvY2tlci9jb25maWcuanNvbiA8PEVPRgp7CgkiYXV0aHMiOiB7CgkJIiR7UlBJTUFHRSUlLyp9IjogewoJCQkiYXV0aCI6ICIkUlBJTUFHRUFVVEgiCgkJfQoJfQp9CkVPRgoKY2F0ID4vZXRjL3RkLWFnZW50LWJpdC90ZC1hZ2VudC1iaXQuY29uZiA8PCdFT0YnCltJTlBVVF0KICAgIE5hbWUgc3lzdGVtZAogICAgVGFnIGpvdXJuYWxkCgpbT1VUUFVUXQogICAgTmFtZSBmb3J3YXJkCiAgICBQb3J0IDI5MjMwCkVPRgoKYXogbG9naW4gLWkgLS1hbGxvdy1uby1zdWJzY3JpcHRpb25zCgpheiBrZXl2YXVsdCBzZWNyZXQgZG93bmxvYWQgLS1maWxlIC9ldGMvbWRtLnBlbSAtLWlkICIkUlBNRE1DRVJUSUZJQ0FURVZBVUxUSUQiCmNobW9kIDA2MDAgL2V0Yy9tZG0ucGVtCgpheiBrZXl2YXVsdCBzZWNyZXQgZG93bmxvYWQgLS1maWxlIC9ldGMvbWRzZC5wZW0gLS1pZCAiJFJQTURTRENFUlRJRklDQVRFVkFVTFRJRCIKY2hvd24gc3lzbG9nOnN5c2xvZyAvZXRjL21kc2QucGVtCmNobW9kIDA2MDAgL2V0Yy9tZHNkLnBlbQoKYXogbG9nb3V0CgpjYXQgPi9ldGMvZGVmYXVsdC9tZHNkIDw8RU9GCk1EU0RfUk9MRV9QUkVGSVg9L3Zhci9ydW4vbWRzZC9kZWZhdWx0Ck1EU0RfT1BUSU9OUz0iLUEgLWQgLXIgXCRNRFNEX1JPTEVfUFJFRklYIgoKZXhwb3J0IFNTTF9DRVJUX0ZJTEU9L2V0Yy9wa2kvdGxzL2NlcnRzL2NhLWJ1bmRsZS5jcnQKCmV4cG9ydCBNT05JVE9SSU5HX0dDU19FTlZJUk9OTUVOVD0nJFJQTURTREVOVklST05NRU5UJwpleHBvcnQgTU9OSVRPUklOR19HQ1NfQUNDT1VOVD0nJFJQTURTREFDQ09VTlQnCmV4cG9ydCBNT05JVE9SSU5HX0dDU19SRUdJT049JyRMT0NBVElPTicKZXhwb3J0IE1PTklUT1JJTkdfR0NTX0NFUlRfQ0VSVEZJTEU9L2V0Yy9tZHNkLnBlbQpleHBvcnQgTU9OSVRPUklOR19HQ1NfQ0VSVF9LRVlGSUxFPS9ldGMvbWRzZC5wZW0KZXhwb3J0IE1PTklUT1JJTkdfR0NTX05BTUVTUEFDRT0nJFJQTURTRE5BTUVTUEFDRScKZXhwb3J0IE1PTklUT1JJTkdfQ09ORklHX1ZFUlNJT049JyRSUE1EU0RDT05GSUdWRVJTSU9OJwpleHBvcnQgTU9OSVRPUklOR19VU0VfR0VORVZBX0NPTkZJR19TRVJWSUNFPXRydWUKCmV4cG9ydCBNT05JVE9SSU5HX1RFTkFOVD0nJExPQ0FUSU9OJwpleHBvcnQgTU9OSVRPUklOR19ST0xFPXJwCmV4cG9ydCBNT05JVE9SSU5HX1JPTEVfSU5TVEFOQ0U9JyQoaG9zdG5hbWUpJwpFT0YKCmNhdCA+L2V0Yy9zeXNjb25maWcvbWRtIDw8RU9GClJQTURNRlJPTlRFTkRVUkw9JyRSUE1ETUZST05URU5EVVJMJwpSUE1ETUlNQUdFPWFyb3N2Yy5henVyZWNyLmlvL2dlbmV2YW1kbTptYXN0ZXJfMzEKUlBNRE1TT1VSQ0VFTlZJUk9OTUVOVD0nJExPQ0FUSU9OJwpSUE1ETVNPVVJDRVJPTEU9cnAKUlBNRE1TT1VSQ0VST0xFSU5TVEFOQ0U9JyQoaG9zdG5hbWUpJwpFT0YKCm1rZGlyIC92YXIvZXR3CmNhdCA+L2V0Yy9zeXN0ZW1kL3N5c3RlbS9tZG0uc2VydmljZSA8PCdFT0YnCltVbml0XQpBZnRlcj1uZXR3b3JrLW9ubGluZS50YXJnZXQKCltTZXJ2aWNlXQpFbnZpcm9ubWVudEZpbGU9L2V0Yy9zeXNjb25maWcvbWRtCkV4ZWNTdGFydFByZT0tL3Vzci9iaW4vZG9ja2VyIHJtIC1mICVOCkV4ZWNTdGFydFByZT0vdXNyL2Jpbi9kb2NrZXIgcHVsbCAkUlBNRE1JTUFHRQpFeGVjU3RhcnQ9L3Vzci9iaW4vZG9ja2VyIHJ1biBcCiAgLS1lbnRyeXBvaW50IC91c3Ivc2Jpbi9NZXRyaWNzRXh0ZW5zaW9uIFwKICAtLWhvc3RuYW1lICVIIFwKICAtLW5hbWUgJU4gXAogIC0tcm0gXAogIC12IC9ldGMvbWRtLnBlbTovZXRjL21kbS5wZW0gXAogIC12IC92YXIvZXR3Oi92YXIvZXR3OnogXAogICRSUE1ETUlNQUdFIFwKICAtQ2VydEZpbGUgL2V0Yy9tZG0ucGVtIFwKICAtRnJvbnRFbmRVcmwgJFJQTURNRlJPTlRFTkRVUkwgXAogIC1Mb2dnZXIgQ29uc29sZSBcCiAgLVByaXZhdGVLZXlGaWxlIC9ldGMvbWRtLnBlbSBcCiAgLVNvdXJjZUVudmlyb25tZW50ICRSUE1ETVNPVVJDRUVOVklST05NRU5UIFwKICAtU291cmNlUm9sZSAkUlBNRE1TT1VSQ0VST0xFIFwKICAtU291cmNlUm9sZUluc3RhbmNlICRSUE1ETVNPVVJDRVJPTEVJTlNUQU5DRQpFeGVjU3RvcD0vdXNyL2Jpbi9kb2NrZXIgc3RvcCAlTgpSZXN0YXJ0PWFsd2F5cwoKW0luc3RhbGxdCldhbnRlZEJ5PW11bHRpLXVzZXIudGFyZ2V0CkVPRgoKY2F0ID4vZXRjL3N5c2NvbmZpZy9hcm8tcnAgPDxFT0YKTURNX0FDQ09VTlQ9JyRSUE1ETU1PTklUT1JJTkdBQ0NPVU5UJwpNRE1fTkFNRVNQQUNFPSckUlBNRE1NRVRSSUNOQU1FU1BBQ0UnClBVTExfU0VDUkVUPSckUFVMTFNFQ1JFVCcKUlBJTUFHRT0nJFJQSU1BR0UnClJQX01PREU9JyRSUE1PREUnCkVPRgoKY2F0ID4vZXRjL3N5c3RlbWQvc3lzdGVtL2Fyby1ycC5zZXJ2aWNlIDw8J0VPRicKW1VuaXRdCkFmdGVyPW5ldHdvcmstb25saW5lLnRhcmdldAoKW1NlcnZpY2VdCkVudmlyb25tZW50RmlsZT0vZXRjL3N5c2NvbmZpZy9hcm8tcnAKRXhlY1N0YXJ0UHJlPS0vdXNyL2Jpbi9kb2NrZXIgcm0gLWYgJU4KRXhlY1N0YXJ0UHJlPS91c3IvYmluL2RvY2tlciBwdWxsICRSUElNQUdFCkV4ZWNTdGFydD0vdXNyL2Jpbi9kb2NrZXIgcnVuIFwKICAtLWhvc3RuYW1lICVIIFwKICAtLW5hbWUgJU4gXAogIC0tcm0gXAogIC1lIE1ETV9BQ0NPVU5UIFwKICAtZSBNRE1fTkFNRVNQQUNFIFwKICAtZSBQVUxMX1NFQ1JFVCBcCiAgLWUgUlBfTU9ERSBcCiAgLXAgNDQzOjg0NDMgXAogIC12IC9ydW4vc3lzdGVtZC9qb3VybmFsOi9ydW4vc3lzdGVtZC9qb3VybmFsIFwKICAtdiAvdmFyL2V0dzovdmFyL2V0dzp6IFwKICAkUlBJTUFHRSBcCiAgcnAKRXhlY1N0b3A9L3Vzci9iaW4vZG9ja2VyIHN0b3AgLXQgMzYwMCAlTgpSZXN0YXJ0PWFsd2F5cwoKW0luc3RhbGxdCldhbnRlZEJ5PW11bHRpLXVzZXIudGFyZ2V0CkVPRgoKY2F0ID4vZXRjL3N5c2NvbmZpZy9hcm8tbW9uaXRvciA8PEVPRgpNRE1fQUNDT1VOVD0nJFJQTURNTU9OSVRPUklOR0FDQ09VTlQnCk1ETV9OQU1FU1BBQ0U9JyRSUE1ETU1FVFJJQ05BTUVTUEFDRScKQ0xVU1RFUl9NRE1fQUNDT1VOVD0nJENMVVNURVJNRE1NT05JVE9SSU5HQUNDT1VOVCcKQ0xVU1RFUl9NRE1fTkFNRVNQQUNFPSckQ0xVU1RFUk1ETU1FVFJJQ05BTUVTUEFDRScKUlBJTUFHRT0nJFJQSU1BR0UnClJQX01PREU9JyRSUE1PREUnCkVPRgoKY2F0ID4vZXRjL3N5c3RlbWQvc3lzdGVtL2Fyby1tb25pdG9yLnNlcnZpY2UgPDwnRU9GJwpbVW5pdF0KQWZ0ZXI9bmV0d29yay1vbmxpbmUudGFyZ2V0CgpbU2VydmljZV0KRW52aXJvbm1lbnRGaWxlPS9ldGMvc3lzY29uZmlnL2Fyby1tb25pdG9yCkV4ZWNTdGFydFByZT0tL3Vzci9iaW4vZG9ja2VyIHJtIC1mICVOCkV4ZWNTdGFydFByZT0vdXNyL2Jpbi9kb2NrZXIgcHVsbCAkUlBJTUFHRQpFeGVjU3RhcnQ9L3Vzci9iaW4vZG9ja2VyIHJ1biBcCiAgLS1ob3N0bmFtZSAlSCBcCiAgLS1uYW1lICVOIFwKICAtLXJtIFwKICAtZSBNRE1fQUNDT1VOVCBcCiAgLWUgTURNX05BTUVTUEFDRSBcCiAgLWUgUlBfTU9ERSBcCiAgLXYgL3J1bi9zeXN0ZW1kL2pvdXJuYWw6L3J1bi9zeXN0ZW1kL2pvdXJuYWwgXAogIC12IC92YXIvZXR3Oi92YXIvZXR3OnogXAogICRSUElNQUdFIFwKICBtb25pdG9yClJlc3RhcnQ9YWx3YXlzCgpbSW5zdGFsbF0KV2FudGVkQnk9bXVsdGktdXNlci50YXJnZXQKRU9GCgpjaGNvbiAtUiBzeXN0ZW1fdTpvYmplY3Rfcjp2YXJfbG9nX3Q6czAgL3Zhci9vcHQvbWljcm9zb2Z0L2xpbnV4bW9uYWdlbnQKCmZvciBzZXJ2aWNlIGluIGFyby1tb25pdG9yIGFyby1ycCBhdW9tcyBhenNlY2QgYXpzZWNtb25kIG1kc2QgbWRtIGNocm9ueWQgdGQtYWdlbnQtYml0OyBkbwogIHN5c3RlbWN0bCBlbmFibGUgJHNlcnZpY2Uuc2VydmljZQpkb25lCgpybSAvZXRjL21vdGQuZC8qCj4vZXRjL2NvbnRhaW5lcnMvbm9kb2NrZXIKCihzbGVlcCAzMDsgcmVib290KSAmCg==')))]" + "script": "[base64(concat(base64ToString('c2V0IC1leAoK'),'CLUSTERMDMMETRICNAMESPACE=$(base64 -d \u003c\u003c\u003c''',base64(parameters('clusterMdmMetricNamespace')),''')\n','CLUSTERMDMMONITORINGACCOUNT=$(base64 -d \u003c\u003c\u003c''',base64(parameters('clusterMdmMonitoringAccount')),''')\n','PULLSECRET=$(base64 -d \u003c\u003c\u003c''',base64(parameters('pullSecret')),''')\n','RPIMAGE=$(base64 -d \u003c\u003c\u003c''',base64(parameters('rpImage')),''')\n','RPIMAGEAUTH=$(base64 -d \u003c\u003c\u003c''',base64(parameters('rpImageAuth')),''')\n','RPMDMFRONTENDURL=$(base64 -d \u003c\u003c\u003c''',base64(parameters('rpMdmFrontendUrl')),''')\n','RPMDMMETRICNAMESPACE=$(base64 -d \u003c\u003c\u003c''',base64(parameters('rpMdmMetricNamespace')),''')\n','RPMDMMONITORINGACCOUNT=$(base64 -d \u003c\u003c\u003c''',base64(parameters('rpMdmMonitoringAccount')),''')\n','RPMDSDACCOUNT=$(base64 -d \u003c\u003c\u003c''',base64(parameters('rpMdsdAccount')),''')\n','RPMDSDCONFIGVERSION=$(base64 -d \u003c\u003c\u003c''',base64(parameters('rpMdsdConfigVersion')),''')\n','RPMDSDENVIRONMENT=$(base64 -d \u003c\u003c\u003c''',base64(parameters('rpMdsdEnvironment')),''')\n','RPMDSDNAMESPACE=$(base64 -d \u003c\u003c\u003c''',base64(parameters('rpMdsdNamespace')),''')\n','RPMODE=$(base64 -d \u003c\u003c\u003c''',base64(parameters('rpMode')),''')\n','LOCATION=$(base64 -d \u003c\u003c\u003c''',base64(resourceGroup().location),''')\n','RESOURCEGROUPNAME=$(base64 -d \u003c\u003c\u003c''',base64(resourceGroup().name),''')\n','\n',base64ToString('eXVtIC15IHVwZGF0ZSAteCBXQUxpbnV4QWdlbnQKCiMgYXZvaWQgImVycm9yOiBkYjUgZXJyb3IoLTMwOTY5KSBmcm9tIGRiZW52LT5vcGVuOiBCREIwMDkxIERCX1ZFUlNJT05fTUlTTUFUQ0g6IERhdGFiYXNlIGVudmlyb25tZW50IHZlcnNpb24gbWlzbWF0Y2giCnJtIC1mIC92YXIvbGliL3JwbS9fX2RiKgoKcnBtIC0taW1wb3J0IGh0dHBzOi8vZGwuZmVkb3JhcHJvamVjdC5vcmcvcHViL2VwZWwvUlBNLUdQRy1LRVktRVBFTC04CnJwbSAtLWltcG9ydCBodHRwczovL3BhY2thZ2VzLm1pY3Jvc29mdC5jb20va2V5cy9taWNyb3NvZnQuYXNjCnJwbSAtLWltcG9ydCBodHRwczovL3BhY2thZ2VzLmZsdWVudGJpdC5pby9mbHVlbnRiaXQua2V5Cgp5dW0gLXkgaW5zdGFsbCBodHRwczovL2RsLmZlZG9yYXByb2plY3Qub3JnL3B1Yi9lcGVsL2VwZWwtcmVsZWFzZS1sYXRlc3QtOC5ub2FyY2gucnBtCgpjYXQgPi9ldGMveXVtLnJlcG9zLmQvYXp1cmUucmVwbyA8PCdFT0YnClthenVyZS1jbGldCm5hbWU9YXp1cmUtY2xpCmJhc2V1cmw9aHR0cHM6Ly9wYWNrYWdlcy5taWNyb3NvZnQuY29tL3l1bXJlcG9zL2F6dXJlLWNsaQplbmFibGVkPXllcwpncGdjaGVjaz15ZXMKClthenVyZWNvcmVdCm5hbWU9YXp1cmVjb3JlCmJhc2V1cmw9aHR0cHM6Ly9wYWNrYWdlcy5taWNyb3NvZnQuY29tL3l1bXJlcG9zL2F6dXJlY29yZQplbmFibGVkPXllcwpncGdjaGVjaz1ubwpFT0YKCmNhdCA+L2V0Yy95dW0ucmVwb3MuZC90ZC1hZ2VudC1iaXQucmVwbyA8PCdFT0YnClt0ZC1hZ2VudC1iaXRdCm5hbWU9dGQtYWdlbnQtYml0CmJhc2V1cmw9aHR0cHM6Ly9wYWNrYWdlcy5mbHVlbnRiaXQuaW8vY2VudG9zLzcKZW5hYmxlZD15ZXMKZ3BnY2hlY2s9eWVzCkVPRgoKeXVtIC15IGluc3RhbGwgYXpzZWMtY2xhbWF2IGF6c2VjLW1vbml0b3IgYXp1cmUtY2xpIGF6dXJlLW1kc2QgYXp1cmUtc2VjdXJpdHkgcG9kbWFuLWRvY2tlciB0ZC1hZ2VudC1iaXQKCmZpcmV3YWxsLWNtZCAtLWFkZC1wb3J0PTQ0My90Y3AgLS1wZXJtYW5lbnQKCiMgaHR0cHM6Ly9idWd6aWxsYS5yZWRoYXQuY29tL3Nob3dfYnVnLmNnaT9pZD0xODA1MjEyCnNlZCAtaSAtZSAncy9pcHRhYmxlcy9maXJld2FsbGQvJyAvZXRjL2NuaS9uZXQuZC84Ny1wb2RtYW4tYnJpZGdlLmNvbmZsaXN0Cgpta2RpciAvcm9vdC8uZG9ja2VyCmNhdCA+L3Jvb3QvLmRvY2tlci9jb25maWcuanNvbiA8PEVPRgp7CgkiYXV0aHMiOiB7CgkJIiR7UlBJTUFHRSUlLyp9IjogewoJCQkiYXV0aCI6ICIkUlBJTUFHRUFVVEgiCgkJfQoJfQp9CkVPRgoKY2F0ID4vZXRjL3RkLWFnZW50LWJpdC90ZC1hZ2VudC1iaXQuY29uZiA8PCdFT0YnCltJTlBVVF0KICAgIE5hbWUgc3lzdGVtZAogICAgVGFnIGpvdXJuYWxkCgpbT1VUUFVUXQogICAgTmFtZSBmb3J3YXJkCiAgICBQb3J0IDI5MjMwCkVPRgoKYXogbG9naW4gLWkgLS1hbGxvdy1uby1zdWJzY3JpcHRpb25zCgpTVkNWQVVMVFVSST0iJChheiBrZXl2YXVsdCBsaXN0IC1nICIkUkVTT1VSQ0VHUk9VUE5BTUUiIC0tcXVlcnkgIls/dGFncy52YXVsdD09J3NlcnZpY2UnXS5wcm9wZXJ0aWVzLnZhdWx0VXJpIiAtbyB0c3YpIgpheiBrZXl2YXVsdCBzZWNyZXQgZG93bmxvYWQgLS1maWxlIC9ldGMvbWRtLnBlbSAtLWlkICIke1NWQ1ZBVUxUVVJJfXNlY3JldHMvcnAtbWRtIgpjaG1vZCAwNjAwIC9ldGMvbWRtLnBlbQoKYXoga2V5dmF1bHQgc2VjcmV0IGRvd25sb2FkIC0tZmlsZSAvZXRjL21kc2QucGVtIC0taWQgIiR7U1ZDVkFVTFRVUkl9c2VjcmV0cy9ycC1tZHNkIgpjaG93biBzeXNsb2c6c3lzbG9nIC9ldGMvbWRzZC5wZW0KY2htb2QgMDYwMCAvZXRjL21kc2QucGVtCgpheiBsb2dvdXQKCmNhdCA+L2V0Yy9kZWZhdWx0L21kc2QgPDxFT0YKTURTRF9ST0xFX1BSRUZJWD0vdmFyL3J1bi9tZHNkL2RlZmF1bHQKTURTRF9PUFRJT05TPSItQSAtZCAtciBcJE1EU0RfUk9MRV9QUkVGSVgiCgpleHBvcnQgU1NMX0NFUlRfRklMRT0vZXRjL3BraS90bHMvY2VydHMvY2EtYnVuZGxlLmNydAoKZXhwb3J0IE1PTklUT1JJTkdfR0NTX0VOVklST05NRU5UPSckUlBNRFNERU5WSVJPTk1FTlQnCmV4cG9ydCBNT05JVE9SSU5HX0dDU19BQ0NPVU5UPSckUlBNRFNEQUNDT1VOVCcKZXhwb3J0IE1PTklUT1JJTkdfR0NTX1JFR0lPTj0nJExPQ0FUSU9OJwpleHBvcnQgTU9OSVRPUklOR19HQ1NfQ0VSVF9DRVJURklMRT0vZXRjL21kc2QucGVtCmV4cG9ydCBNT05JVE9SSU5HX0dDU19DRVJUX0tFWUZJTEU9L2V0Yy9tZHNkLnBlbQpleHBvcnQgTU9OSVRPUklOR19HQ1NfTkFNRVNQQUNFPSckUlBNRFNETkFNRVNQQUNFJwpleHBvcnQgTU9OSVRPUklOR19DT05GSUdfVkVSU0lPTj0nJFJQTURTRENPTkZJR1ZFUlNJT04nCmV4cG9ydCBNT05JVE9SSU5HX1VTRV9HRU5FVkFfQ09ORklHX1NFUlZJQ0U9dHJ1ZQoKZXhwb3J0IE1PTklUT1JJTkdfVEVOQU5UPSckTE9DQVRJT04nCmV4cG9ydCBNT05JVE9SSU5HX1JPTEU9cnAKZXhwb3J0IE1PTklUT1JJTkdfUk9MRV9JTlNUQU5DRT0nJChob3N0bmFtZSknCkVPRgoKY2F0ID4vZXRjL3N5c2NvbmZpZy9tZG0gPDxFT0YKUlBNRE1GUk9OVEVORFVSTD0nJFJQTURNRlJPTlRFTkRVUkwnClJQTURNSU1BR0U9YXJvc3ZjLmF6dXJlY3IuaW8vZ2VuZXZhbWRtOm1hc3Rlcl8zMQpSUE1ETVNPVVJDRUVOVklST05NRU5UPSckTE9DQVRJT04nClJQTURNU09VUkNFUk9MRT1ycApSUE1ETVNPVVJDRVJPTEVJTlNUQU5DRT0nJChob3N0bmFtZSknCkVPRgoKbWtkaXIgL3Zhci9ldHcKY2F0ID4vZXRjL3N5c3RlbWQvc3lzdGVtL21kbS5zZXJ2aWNlIDw8J0VPRicKW1VuaXRdCkFmdGVyPW5ldHdvcmstb25saW5lLnRhcmdldAoKW1NlcnZpY2VdCkVudmlyb25tZW50RmlsZT0vZXRjL3N5c2NvbmZpZy9tZG0KRXhlY1N0YXJ0UHJlPS0vdXNyL2Jpbi9kb2NrZXIgcm0gLWYgJU4KRXhlY1N0YXJ0UHJlPS91c3IvYmluL2RvY2tlciBwdWxsICRSUE1ETUlNQUdFCkV4ZWNTdGFydD0vdXNyL2Jpbi9kb2NrZXIgcnVuIFwKICAtLWVudHJ5cG9pbnQgL3Vzci9zYmluL01ldHJpY3NFeHRlbnNpb24gXAogIC0taG9zdG5hbWUgJUggXAogIC0tbmFtZSAlTiBcCiAgLS1ybSBcCiAgLXYgL2V0Yy9tZG0ucGVtOi9ldGMvbWRtLnBlbSBcCiAgLXYgL3Zhci9ldHc6L3Zhci9ldHc6eiBcCiAgJFJQTURNSU1BR0UgXAogIC1DZXJ0RmlsZSAvZXRjL21kbS5wZW0gXAogIC1Gcm9udEVuZFVybCAkUlBNRE1GUk9OVEVORFVSTCBcCiAgLUxvZ2dlciBDb25zb2xlIFwKICAtUHJpdmF0ZUtleUZpbGUgL2V0Yy9tZG0ucGVtIFwKICAtU291cmNlRW52aXJvbm1lbnQgJFJQTURNU09VUkNFRU5WSVJPTk1FTlQgXAogIC1Tb3VyY2VSb2xlICRSUE1ETVNPVVJDRVJPTEUgXAogIC1Tb3VyY2VSb2xlSW5zdGFuY2UgJFJQTURNU09VUkNFUk9MRUlOU1RBTkNFCkV4ZWNTdG9wPS91c3IvYmluL2RvY2tlciBzdG9wICVOClJlc3RhcnQ9YWx3YXlzCgpbSW5zdGFsbF0KV2FudGVkQnk9bXVsdGktdXNlci50YXJnZXQKRU9GCgpjYXQgPi9ldGMvc3lzY29uZmlnL2Fyby1ycCA8PEVPRgpNRE1fQUNDT1VOVD0nJFJQTURNTU9OSVRPUklOR0FDQ09VTlQnCk1ETV9OQU1FU1BBQ0U9JyRSUE1ETU1FVFJJQ05BTUVTUEFDRScKUFVMTF9TRUNSRVQ9JyRQVUxMU0VDUkVUJwpSUElNQUdFPSckUlBJTUFHRScKUlBfTU9ERT0nJFJQTU9ERScKRU9GCgpjYXQgPi9ldGMvc3lzdGVtZC9zeXN0ZW0vYXJvLXJwLnNlcnZpY2UgPDwnRU9GJwpbVW5pdF0KQWZ0ZXI9bmV0d29yay1vbmxpbmUudGFyZ2V0CgpbU2VydmljZV0KRW52aXJvbm1lbnRGaWxlPS9ldGMvc3lzY29uZmlnL2Fyby1ycApFeGVjU3RhcnRQcmU9LS91c3IvYmluL2RvY2tlciBybSAtZiAlTgpFeGVjU3RhcnRQcmU9L3Vzci9iaW4vZG9ja2VyIHB1bGwgJFJQSU1BR0UKRXhlY1N0YXJ0PS91c3IvYmluL2RvY2tlciBydW4gXAogIC0taG9zdG5hbWUgJUggXAogIC0tbmFtZSAlTiBcCiAgLS1ybSBcCiAgLWUgTURNX0FDQ09VTlQgXAogIC1lIE1ETV9OQU1FU1BBQ0UgXAogIC1lIFBVTExfU0VDUkVUIFwKICAtZSBSUF9NT0RFIFwKICAtcCA0NDM6ODQ0MyBcCiAgLXYgL3J1bi9zeXN0ZW1kL2pvdXJuYWw6L3J1bi9zeXN0ZW1kL2pvdXJuYWwgXAogIC12IC92YXIvZXR3Oi92YXIvZXR3OnogXAogICRSUElNQUdFIFwKICBycApFeGVjU3RvcD0vdXNyL2Jpbi9kb2NrZXIgc3RvcCAtdCAzNjAwICVOClJlc3RhcnQ9YWx3YXlzCgpbSW5zdGFsbF0KV2FudGVkQnk9bXVsdGktdXNlci50YXJnZXQKRU9GCgpjYXQgPi9ldGMvc3lzY29uZmlnL2Fyby1tb25pdG9yIDw8RU9GCk1ETV9BQ0NPVU5UPSckUlBNRE1NT05JVE9SSU5HQUNDT1VOVCcKTURNX05BTUVTUEFDRT0nJFJQTURNTUVUUklDTkFNRVNQQUNFJwpDTFVTVEVSX01ETV9BQ0NPVU5UPSckQ0xVU1RFUk1ETU1PTklUT1JJTkdBQ0NPVU5UJwpDTFVTVEVSX01ETV9OQU1FU1BBQ0U9JyRDTFVTVEVSTURNTUVUUklDTkFNRVNQQUNFJwpSUElNQUdFPSckUlBJTUFHRScKUlBfTU9ERT0nJFJQTU9ERScKRU9GCgpjYXQgPi9ldGMvc3lzdGVtZC9zeXN0ZW0vYXJvLW1vbml0b3Iuc2VydmljZSA8PCdFT0YnCltVbml0XQpBZnRlcj1uZXR3b3JrLW9ubGluZS50YXJnZXQKCltTZXJ2aWNlXQpFbnZpcm9ubWVudEZpbGU9L2V0Yy9zeXNjb25maWcvYXJvLW1vbml0b3IKRXhlY1N0YXJ0UHJlPS0vdXNyL2Jpbi9kb2NrZXIgcm0gLWYgJU4KRXhlY1N0YXJ0UHJlPS91c3IvYmluL2RvY2tlciBwdWxsICRSUElNQUdFCkV4ZWNTdGFydD0vdXNyL2Jpbi9kb2NrZXIgcnVuIFwKICAtLWhvc3RuYW1lICVIIFwKICAtLW5hbWUgJU4gXAogIC0tcm0gXAogIC1lIE1ETV9BQ0NPVU5UIFwKICAtZSBNRE1fTkFNRVNQQUNFIFwKICAtZSBSUF9NT0RFIFwKICAtdiAvcnVuL3N5c3RlbWQvam91cm5hbDovcnVuL3N5c3RlbWQvam91cm5hbCBcCiAgLXYgL3Zhci9ldHc6L3Zhci9ldHc6eiBcCiAgJFJQSU1BR0UgXAogIG1vbml0b3IKUmVzdGFydD1hbHdheXMKCltJbnN0YWxsXQpXYW50ZWRCeT1tdWx0aS11c2VyLnRhcmdldApFT0YKCmNoY29uIC1SIHN5c3RlbV91Om9iamVjdF9yOnZhcl9sb2dfdDpzMCAvdmFyL29wdC9taWNyb3NvZnQvbGludXhtb25hZ2VudAoKZm9yIHNlcnZpY2UgaW4gYXJvLW1vbml0b3IgYXJvLXJwIGF1b21zIGF6c2VjZCBhenNlY21vbmQgbWRzZCBtZG0gY2hyb255ZCB0ZC1hZ2VudC1iaXQ7IGRvCiAgc3lzdGVtY3RsIGVuYWJsZSAkc2VydmljZS5zZXJ2aWNlCmRvbmUKCnJtIC9ldGMvbW90ZC5kLyoKPi9ldGMvY29udGFpbmVycy9ub2RvY2tlcgoKKHNsZWVwIDMwOyByZWJvb3QpICYK')))]" } } } diff --git a/docs/prepare-a-shared-rp-development-environment.md b/docs/prepare-a-shared-rp-development-environment.md index ee77b4697..3ef17a62e 100644 --- a/docs/prepare-a-shared-rp-development-environment.md +++ b/docs/prepare-a-shared-rp-development-environment.md @@ -334,6 +334,10 @@ If you encounter "VirtualNetworkGatewayCannotUseStandardPublicIP" error when dep >/dev/null ``` + Note: in production, two additional keys/certificates (rp-mdm and rp-mdsd) + are also required in the $KEYVAULT_PREFIX-svc key vault. These are client + certificates for metric and log forwarding (respectively) to Geneva. + 1. Create nameserver records in the parent DNS zone: ``` diff --git a/pkg/deploy/rp.go b/pkg/deploy/rp.go index 741f26ada..319172656 100644 --- a/pkg/deploy/rp.go +++ b/pkg/deploy/rp.go @@ -327,12 +327,10 @@ func (g *generator) vmss() *arm.Resource { "pullSecret", "rpImage", "rpImageAuth", - "rpMdmCertificateVaultId", "rpMdmFrontendUrl", "rpMdmMetricNamespace", "rpMdmMonitoringAccount", "rpMdsdAccount", - "rpMdsdCertificateVaultId", "rpMdsdConfigVersion", "rpMdsdEnvironment", "rpMdsdNamespace", @@ -351,6 +349,12 @@ func (g *generator) vmss() *arm.Resource { "''')\n'", ) + parts = append(parts, + fmt.Sprintf("'RESOURCEGROUPNAME=$(base64 -d <<<'''"), + fmt.Sprintf("base64(resourceGroup().name)"), + "''')\n'", + ) + trailer := base64.StdEncoding.EncodeToString([]byte(`yum -y update -x WALinuxAgent # avoid "error: db5 error(-30969) from dbenv->open: BDB0091 DB_VERSION_MISMATCH: Database environment version mismatch" @@ -414,10 +418,11 @@ EOF az login -i --allow-no-subscriptions -az keyvault secret download --file /etc/mdm.pem --id "$RPMDMCERTIFICATEVAULTID" +SVCVAULTURI="$(az keyvault list -g "$RESOURCEGROUPNAME" --query "[?tags.vault=='service'].properties.vaultUri" -o tsv)" +az keyvault secret download --file /etc/mdm.pem --id "${SVCVAULTURI}secrets/rp-mdm" chmod 0600 /etc/mdm.pem -az keyvault secret download --file /etc/mdsd.pem --id "$RPMDSDCERTIFICATEVAULTID" +az keyvault secret download --file /etc/mdsd.pem --id "${SVCVAULTURI}secrets/rp-mdsd" chown syslog:syslog /etc/mdsd.pem chmod 0600 /etc/mdsd.pem @@ -1102,12 +1107,10 @@ func (g *generator) template() *arm.Template { "pullSecret", "rpImage", "rpImageAuth", - "rpMdmCertificateVaultId", "rpMdmFrontendUrl", "rpMdmMetricNamespace", "rpMdmMonitoringAccount", "rpMdsdAccount", - "rpMdsdCertificateVaultId", "rpMdsdConfigVersion", "rpMdsdEnvironment", "rpMdsdNamespace",