Azure
/
ARO-RP
зеркало из https://github.com/Azure/ARO-RP.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

add functions and related assets to deploy shared e2e environment to new tenant

This commit is contained in:
Tony Schneider 2024-06-03 10:59:47 -05:00
Родитель a42f1acad3
Коммит b3d3140659
3 изменённых файлов: 227 добавлений и 0 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

32
hack/devtools/deploy-shared-env.sh
Просмотреть файл

@ -60,6 +60,14 @@ deploy_oic_dev() {
"storageAccountDomain=$(echo ${RESOURCEGROUP//-})" >/dev/null
}
deploy_rp_managed_identity() {
echo "########## Deploying RP Managed Identity (for hive/aks) in RG $RESOURCEGROUP ##########"
az deployment group create \
-g "$RESOURCEGROUP" \
-n rp-managed-identity \
--template-file pkg/deploy/assets/rp-production-managed-identity.json
}
deploy_aks_dev() {
echo "########## Deploying aks-development in RG $RESOURCEGROUP ##########"
az deployment group create \
@ -240,6 +248,30 @@ clean_env() {
done
}
deploy_e2e_secret_storage() {
az deployment group create \
--name e2esecretstorage \
--resource-group global-infra \
--parameters storageAccounts_e2earosecrets_name=$SECRET_SA_ACCOUNT_NAME \
--template-file pkg/deploy/assets/e2e-secret-storage.json
}
deploy_aro_spn_keyvault() {
az deployment group create \
--name aroe2eprincipals \
--resource-group global-infra \
--parameters \
"vaults_aro_e2e_principals_name=$VAULTS_ARO_E2E_PRINCIPALS_NAME" \
"tenant_id=$AZURE_TENANT_ID" \
--template-file pkg/deploy/assets/e2e-aro-spn-keyvault.json
}
deploy_aro_spns() {
# Create ARO cluster service principals
}
echo "##########################################"
echo "##### ARO V4 Dev Env helper sourced ######"
echo "##########################################"

40
pkg/deploy/assets/e2e-aro-spn-keyvault.json Normal file
Просмотреть файл

@ -0,0 +1,40 @@
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"vaults_aro_e2e_principals_name": {
"defaultValue": "aro-classic-e2e-principals",
"type": "String"
},
"tenant_id":{
"defaultValue": "93b21e64-4824-439a-b893-46c9b2a51082",
"type": "String"
}
},
"variables": {},
"resources": [
{
"type": "Microsoft.KeyVault/vaults",
"apiVersion": "2023-07-01",
"name": "[parameters('vaults_aro_e2e_principals_name')]",
"location": "eastus",
"properties": {
"sku": {
"family": "A",
"name": "Standard"
},
"tenantId": "[parameters('tenant_id')]",
"accessPolicies": [],
"enabledForDeployment": false,
"enabledForDiskEncryption": false,
"enabledForTemplateDeployment": false,
"enableSoftDelete": true,
"softDeleteRetentionInDays": 90,
"enableRbacAuthorization": true,
"vaultUri": "[concat('https://', parameters('vaults_aro_e2e_principals_name'), '.vault.azure.net/')]",
"provisioningState": "Succeeded",
"publicNetworkAccess": "Enabled"
}
}
]
}

155
pkg/deploy/assets/e2e-secret-storage.json Normal file
Просмотреть файл

@ -0,0 +1,155 @@
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"storageAccounts_e2earosecrets_name": {
"defaultValue": "e2earoclassicsecrets",
"type": "String"
}
},
"variables": {},
"resources": [
{
"type": "Microsoft.Storage/storageAccounts",
"apiVersion": "2023-04-01",
"name": "[parameters('storageAccounts_e2earosecrets_name')]",
"location": "eastus",
"sku": {
"name": "Standard_RAGRS",
"tier": "Standard"
},
"kind": "StorageV2",
"properties": {
"dnsEndpointType": "Standard",
"defaultToOAuthAuthentication": false,
"publicNetworkAccess": "Enabled",
"allowCrossTenantReplication": true,
"minimumTlsVersion": "TLS1_2",
"allowBlobPublicAccess": true,
"allowSharedKeyAccess": true,
"networkAcls": {
"bypass": "AzureServices",
"virtualNetworkRules": [],
"ipRules": [],
"defaultAction": "Allow"
},
"supportsHttpsTrafficOnly": true,
"encryption": {
"requireInfrastructureEncryption": false,
"services": {
"file": {
"keyType": "Account",
"enabled": true
},
"blob": {
"keyType": "Account",
"enabled": true
}
},
"keySource": "Microsoft.Storage"
},
"accessTier": "Hot"
}
},
{
"type": "Microsoft.Storage/storageAccounts/blobServices",
"apiVersion": "2023-04-01",
"name": "[concat(parameters('storageAccounts_e2earosecrets_name'), '/default')]",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccounts_e2earosecrets_name'))]"
],
"sku": {
"name": "Standard_RAGRS",
"tier": "Standard"
},
"properties": {
"changeFeed": {
"enabled": false
},
"restorePolicy": {
"enabled": false
},
"containerDeleteRetentionPolicy": {
"enabled": true,
"days": 7
},
"cors": {
"corsRules": []
},
"deleteRetentionPolicy": {
"allowPermanentDelete": false,
"enabled": true,
"days": 7
},
"isVersioningEnabled": true
}
},
{
"type": "Microsoft.Storage/storageAccounts/fileServices",
"apiVersion": "2023-04-01",
"name": "[concat(parameters('storageAccounts_e2earosecrets_name'), '/default')]",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccounts_e2earosecrets_name'))]"
],
"sku": {
"name": "Standard_RAGRS",
"tier": "Standard"
},
"properties": {
"protocolSettings": {
"smb": {}
},
"cors": {
"corsRules": []
},
"shareDeleteRetentionPolicy": {
"enabled": true,
"days": 7
}
}
},
{
"type": "Microsoft.Storage/storageAccounts/queueServices",
"apiVersion": "2023-04-01",
"name": "[concat(parameters('storageAccounts_e2earosecrets_name'), '/default')]",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccounts_e2earosecrets_name'))]"
],
"properties": {
"cors": {
"corsRules": []
}
}
},
{
"type": "Microsoft.Storage/storageAccounts/tableServices",
"apiVersion": "2023-04-01",
"name": "[concat(parameters('storageAccounts_e2earosecrets_name'), '/default')]",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccounts_e2earosecrets_name'))]"
],
"properties": {
"cors": {
"corsRules": []
}
}
},
{
"type": "Microsoft.Storage/storageAccounts/blobServices/containers",
"apiVersion": "2023-04-01",
"name": "[concat(parameters('storageAccounts_e2earosecrets_name'), '/default/secrets')]",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts/blobServices', parameters('storageAccounts_e2earosecrets_name'), 'default')]",
"[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccounts_e2earosecrets_name'))]"
],
"properties": {
"immutableStorageWithVersioning": {
"enabled": false
},
"defaultEncryptionScope": "$account-encryption-key",
"denyEncryptionScopeOverride": false,
"publicAccess": "None"
}
}
]
}