From 7f59af83f4714be0704815c6011f04983f246418 Mon Sep 17 00:00:00 2001 From: Danielkon96 Date: Wed, 27 Oct 2021 21:50:19 +0000 Subject: [PATCH 1/6] adjust scripts for e2e test --- AutomationScripts/3-registerAADApp.sh | 20 +++++++++++++++++++- main.sh | 22 +++++++++++++--------- test.sh | 26 +++++++++++--------------- 3 files changed, 43 insertions(+), 25 deletions(-) diff --git a/AutomationScripts/3-registerAADApp.sh b/AutomationScripts/3-registerAADApp.sh index dc29af5..4412786 100644 --- a/AutomationScripts/3-registerAADApp.sh +++ b/AutomationScripts/3-registerAADApp.sh @@ -5,8 +5,17 @@ echo "BEGIN @ $(date +"%T"): Register AAD Application..." if [ -n "$ALT_TENANT_ID" ]; then echo "SETTING ALT_TENANT_ID: " $ALT_TENANT_ID SUBSCRIPTION_ID=$(az account show | jq -r '.id') + ORIGINAL_TENANT=$(az account show | jq -r '.homeTenantId') echo "ORIGINAL SUBSCRIPTION_ID: " $SUBSCRIPTION_ID + echo "ORIGINAL TENANT_ID: " $ORIGINAL_TENANT + + if [ -z "$E2E_TEST_FLAG" ]; then + echo "USING AZ ACCOUNT SET" az account set -s $ALT_TENANT_ID + else + echo "USING AZ LOGIN" + az login --service-principal -u $SP -p $SP_SECRET --tenant $ALT_TENANT_ID --allow-no-subscriptions + fi fi CLIENT_ID=$(az ad app create --display-name $AD_APP_NAME --homepage $HOMEPAGE --reply-urls $REPLY_URLS --required-resource-accesses @./TemplateFiles/manifest.json -o json | jq -r '.appId') @@ -51,8 +60,17 @@ AZURE_TENANT_ID=$(az account show -o json | jq '.tenantId' -r) echo "AZURE_TENANT_ID: " $AZURE_TENANT_ID if [ -n "$ALT_TENANT_ID" ]; then - echo "SETTING TENANT BACK TO ORIGINAL: " $SUBSCRIPTION_ID + echo "SETTING TENANT BACK TO ORIGINAL." + echo "ORIGINAL SUBSCRIPTION_ID: " $SUBSCRIPTION_ID + echo "ORIGINAL TENANT_ID: " $ORIGINAL_TENANT + + if [ -z "$E2E_TEST_FLAG" ]; then + echo "USING AZ ACCOUNT SET" az account set -s $SUBSCRIPTION_ID + else + echo "USING AZ LOGIN" + az login --service-principal -u $SP -p $SP_SECRET --tenant $ORIGINAL_TENANT + fi fi echo "COMPLETE @ $(date +"%T"): Register AAD Application" \ No newline at end of file diff --git a/main.sh b/main.sh index f1ff273..b6cd71e 100644 --- a/main.sh +++ b/main.sh @@ -43,34 +43,35 @@ LOCATION='' INPUTIMAGE='' ALT_TENANT_ID='' SKIP_CLUSTER_CREATION='' +E2E_TEST_FLAG='' +SP='' +SP_SECRET='' -while getopts "a:c:r:e:l:i:t:ph" OPTION +while getopts "a:c:r:e:l:i:t:s:z:pgh" OPTION do case $OPTION in a) - # echo "The value of -a is ${OPTARG} - AD_APP_NAME" AD_APP_NAME=$OPTARG ;; c) - # echo "The value of -c is ${OPTARG} - CLUSTER_NAME" CLUSTER_NAME=$OPTARG ;; r) - # echo "The value of -r is ${OPTARG} - CLUSTER_RG" CLUSTER_RG=$OPTARG ;; e) - # echo "The value of -e is ${OPTARG} - EMAIL" EMAIL=$OPTARG ;; l) - # echo "The value of -l is ${OPTARG} - LOCATION" LOCATION=$OPTARG ;; i) - # echo "The value of -i is ${OPTARG} - INPUTIMAGE" INPUTIMAGE=$OPTARG ;; t) - # echo "The value of -i is ${OPTARG} - INPUTIMAGE" ALT_TENANT_ID=$OPTARG ;; + s) + SP=$OPTARG ;; + z) + SP_SECRET=$OPTARG ;; p) - # echo "The value of -p is ${OPTARG} - SKIP_CLUSTER_CREATION" SKIP_CLUSTER_CREATION="True" ;; + g) + E2E_TEST_FLAG="True" ;; h) # Change to how others show it like az echo "HELP: Here are the flags and their variables" @@ -105,7 +106,10 @@ echo "The value of -e is $EMAIL - EMAIL" echo "The value of -l is $LOCATION - LOCATION" echo "The value of -i is $INPUTIMAGE - INPUTIMAGE" echo "The value of -t is $ALT_TENANT_ID - ALT_TENANT_ID" +echo "The value of -s is $SP - SP" +echo "The value of -z is $SP_SECRET - SP_SECRET" echo "The value of -p is $SKIP_CLUSTER_CREATION - SKIP_CLUSTER_CREATION" +echo "The value of -g is $E2E_TEST_FLAG - E2E_TEST_FLAG" echo "COMPLETE @ $(date +"%T"): Setting variables" echo "****BEGIN @ $(date +"%T"): Call AKS Cluster Creation script...****" diff --git a/test.sh b/test.sh index 00a4565..b31819d 100644 --- a/test.sh +++ b/test.sh @@ -9,8 +9,10 @@ L='' I='' T='' P='' +S='' +Z='' -while getopts "a:c:r:e:l:i:t:ph" OPTION +while getopts "a:c:r:e:l:i:t:s:z:p" OPTION do case $OPTION in a) @@ -33,28 +35,22 @@ do I=$OPTARG ;; t) # echo "The value of -i is ${OPTARG} - INPUTIMAGE" - T=$OPTARG ;; + T=$OPTARG ;; + s) + # echo "The value of -s is ${OPTARG} - SP" + S=$OPTARG ;; + z) + # echo "The value of -z is ${OPTARG} - SP_SECRET" + Z=$OPTARG ;; p) # echo "The value of -p is ${OPTARG} - SKIP_CLUSTER_CREATION" P=$OPTARG ;; - h) - # Change to how others show it like az - echo "HELP: Here are the flags and their variables" - echo "REQUIRED: -a is for AD_APP_NAME" - echo "REQUIRED: -c is for CLUSTER_NAME *Note: Cluster Name must be unique*" - echo "REQUIRED: -r is for CLUSTER_RG" - echo "REQUIRED: -e is for EMAIL" - echo "REQUIRED: -l is for LOCATION" - echo "OPTOINAL: -i is for INPUTIMAGE" - echo "OPTOINAL: -t is for ALT_TENANT_ID" - echo "OPTOINAL: -p is for SKIP_CLUSTER_CREATION" - exit ;; esac done echo "" echo "BEGIN @ $(date +"%T"): START OF END-TO-END TEST" -bash ./main.sh -a $A -c $C -r $R -e $E -l $L -t $T +bash ./main.sh -a $A -c $C -r $R -e $E -l $L -t $T -s $S -z $Z -g APP_NAME="$A.$L.cloudapp.azure.com" WEBPAGE=https://$APP_NAME From ae3627acc2f7be522680404b0c3ece8303b2e062 Mon Sep 17 00:00:00 2001 From: Daniel Kondrashevich <31390640+danielkon96@users.noreply.github.com> Date: Wed, 27 Oct 2021 14:56:28 -0700 Subject: [PATCH 2/6] Change shell script flags on e2e test --- .github/workflows/e2e-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/e2e-test.yml b/.github/workflows/e2e-test.yml index 71c699c..92c30a9 100644 --- a/.github/workflows/e2e-test.yml +++ b/.github/workflows/e2e-test.yml @@ -29,6 +29,6 @@ jobs: - uses: actions/checkout@v2 - name: Call the script - run: bash test.sh -a auth-proxy-dakondra$iteration -c auth-proxy-dakondra$iteration -r auth-proxy-dakondra$iteration -e dakondra@microsoft.com -l eastus -t bb53b7c1-2c98-4065-96a1-fb4593088505 + run: bash test.sh -a auth-proxy-dakondra$iteration -c auth-proxy-dakondra$iteration -r auth-proxy-dakondra$iteration -e dakondra@microsoft.com -l eastus -t ${{ secrets.E2E_ALT_TENANT_ID }} -s ${{ secrets.E2E_SP_ID }} -t ${{ secrets.E2E_SP_SECRET }} From c9f860e2c3c89f1de65b472e2e8395473e3d8773 Mon Sep 17 00:00:00 2001 From: Daniel Kondrashevich <31390640+danielkon96@users.noreply.github.com> Date: Wed, 27 Oct 2021 15:01:30 -0700 Subject: [PATCH 3/6] fix bug in flags --- .github/workflows/e2e-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/e2e-test.yml b/.github/workflows/e2e-test.yml index 92c30a9..5ddabcb 100644 --- a/.github/workflows/e2e-test.yml +++ b/.github/workflows/e2e-test.yml @@ -29,6 +29,6 @@ jobs: - uses: actions/checkout@v2 - name: Call the script - run: bash test.sh -a auth-proxy-dakondra$iteration -c auth-proxy-dakondra$iteration -r auth-proxy-dakondra$iteration -e dakondra@microsoft.com -l eastus -t ${{ secrets.E2E_ALT_TENANT_ID }} -s ${{ secrets.E2E_SP_ID }} -t ${{ secrets.E2E_SP_SECRET }} + run: bash test.sh -a auth-proxy-dakondra$iteration -c auth-proxy-dakondra$iteration -r auth-proxy-dakondra$iteration -e dakondra@microsoft.com -l eastus -t ${{ secrets.E2E_ALT_TENANT_ID }} -s ${{ secrets.E2E_SP_ID }} -z ${{ secrets.E2E_SP_SECRET }} From 6474f9aa2b9a5bfde348d09a31a7254a0e352034 Mon Sep 17 00:00:00 2001 From: Danielkon96 Date: Thu, 28 Oct 2021 20:09:22 +0000 Subject: [PATCH 4/6] remove sensitive subscription and tenant information from test --- AutomationScripts/3-registerAADApp.sh | 8 ++++---- main.sh | 14 +++++++------- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/AutomationScripts/3-registerAADApp.sh b/AutomationScripts/3-registerAADApp.sh index 4412786..07b042e 100644 --- a/AutomationScripts/3-registerAADApp.sh +++ b/AutomationScripts/3-registerAADApp.sh @@ -6,10 +6,10 @@ if [ -n "$ALT_TENANT_ID" ]; then echo "SETTING ALT_TENANT_ID: " $ALT_TENANT_ID SUBSCRIPTION_ID=$(az account show | jq -r '.id') ORIGINAL_TENANT=$(az account show | jq -r '.homeTenantId') - echo "ORIGINAL SUBSCRIPTION_ID: " $SUBSCRIPTION_ID - echo "ORIGINAL TENANT_ID: " $ORIGINAL_TENANT if [ -z "$E2E_TEST_FLAG" ]; then + echo "ORIGINAL SUBSCRIPTION_ID: " $SUBSCRIPTION_ID + echo "ORIGINAL TENANT_ID: " $ORIGINAL_TENANT echo "USING AZ ACCOUNT SET" az account set -s $ALT_TENANT_ID else @@ -61,10 +61,10 @@ echo "AZURE_TENANT_ID: " $AZURE_TENANT_ID if [ -n "$ALT_TENANT_ID" ]; then echo "SETTING TENANT BACK TO ORIGINAL." - echo "ORIGINAL SUBSCRIPTION_ID: " $SUBSCRIPTION_ID - echo "ORIGINAL TENANT_ID: " $ORIGINAL_TENANT if [ -z "$E2E_TEST_FLAG" ]; then + echo "ORIGINAL SUBSCRIPTION_ID: " $SUBSCRIPTION_ID + echo "ORIGINAL TENANT_ID: " $ORIGINAL_TENANT echo "USING AZ ACCOUNT SET" az account set -s $SUBSCRIPTION_ID else diff --git a/main.sh b/main.sh index b6cd71e..6513181 100644 --- a/main.sh +++ b/main.sh @@ -25,12 +25,6 @@ if ! [ -x "$(command -v az)" ]; then exit fi -echo "" -# Show the subscription we will be deploying to. -echo "******We will be deploying to this subscription******" -az account show -az account list - echo "" echo "BEGIN @ $(date +"%T"): Set variables..." @@ -87,13 +81,19 @@ do esac done - # Force required flags. if [ -z "$AD_APP_NAME" ] || [ -z "$CLUSTER_NAME" ] || [ -z "$CLUSTER_RG" ] || [ -z "$EMAIL" ] || [ -z "$LOCATION" ]; then echo "*****ERROR. Please enter all required flags.*****" exit fi +echo "" +# Show the subscription we will be deploying to. +if [ -z "$E2E_TEST_FLAG" ]; then + echo "******We will be deploying to this subscription******" + az account show +fi + APP_HOSTNAME="$AD_APP_NAME.$LOCATION.cloudapp.azure.com" HOMEPAGE=https://$APP_HOSTNAME IDENTIFIER_URIS=$HOMEPAGE From 7329759b15f4a71aa80bfc7c09f0f77fc1d2769a Mon Sep 17 00:00:00 2001 From: Danielkon96 Date: Thu, 28 Oct 2021 20:23:45 +0000 Subject: [PATCH 5/6] add extra help instructions for another az login --- main.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/main.sh b/main.sh index 6513181..31d7832 100644 --- a/main.sh +++ b/main.sh @@ -76,6 +76,8 @@ do echo "REQUIRED: -l is for LOCATION" echo "OPTOINAL: -i is for INPUTIMAGE" echo "OPTOINAL: -t is for ALT_TENANT_ID" + echo "OPTOINAL: -s is for SERVICE_PRICIPAL" + echo "OPTOINAL: -z is for SP_SECRET" echo "OPTOINAL: -p is for SKIP_CLUSTER_CREATION" exit ;; esac @@ -106,7 +108,7 @@ echo "The value of -e is $EMAIL - EMAIL" echo "The value of -l is $LOCATION - LOCATION" echo "The value of -i is $INPUTIMAGE - INPUTIMAGE" echo "The value of -t is $ALT_TENANT_ID - ALT_TENANT_ID" -echo "The value of -s is $SP - SP" +echo "The value of -s is $SP - SERVICE_PRICIPAL" echo "The value of -z is $SP_SECRET - SP_SECRET" echo "The value of -p is $SKIP_CLUSTER_CREATION - SKIP_CLUSTER_CREATION" echo "The value of -g is $E2E_TEST_FLAG - E2E_TEST_FLAG" From 98f45cddfbb1a178a46bfea4f334799defd411c1 Mon Sep 17 00:00:00 2001 From: Danielkon96 Date: Wed, 3 Nov 2021 21:21:29 +0000 Subject: [PATCH 6/6] change helm chart to point to new container --- charts/msal-proxy/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/msal-proxy/values.yaml b/charts/msal-proxy/values.yaml index a80232d..af97b2a 100644 --- a/charts/msal-proxy/values.yaml +++ b/charts/msal-proxy/values.yaml @@ -5,7 +5,7 @@ replicaCount: 1 image: - repository: richtercloud/msal-net-proxy-opt + repository: easyauthfork8s/msal-net-proxy-opt pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. tag: latest