Azure
/
vdc
зеркало из https://github.com/Azure/vdc.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Jcotillo/ntier iaas fixes (#110) 

* initial commit

* updated ntier-iaas azure devops pipeline

* updated azdo service connection

* updated service connection

* updated variable group name

* added spn environment keys

* removed artifacts storage validation

* updated simulated onprem pipeline

* updated depedency

* removed invalid dependency

* parameter updates

* updated ntier iaas pipeline

* added pipeline variables

* fixed dependencies

* fixed module definition name

* fixed reference output retrieval

* updated module definition name

* updated dependencies
This commit is contained in:
Jorge Cotillo 2019-08-26 01:06:06 -07:00 коммит произвёл GitHub
Родитель 9a2823a151
Коммит 7843f0dfc8
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: 4AEE18F83AFDEB23
29 изменённых файлов: 2669 добавлений и 1408 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

2
Environments/AKS/Archetype/parameters.json
Просмотреть файл

@ -1,5 +1,5 @@
{
"Organization": "file(../../_Common/organizationName.txt)",
"Organization": "env(ORGANIZATION_NAME)",
"DeploymentName": "aks",
"InstanceName": "${Parameters.Organization}-${Parameters.DeploymentName}",
"Subscription": "AKS",

2
Environments/AKS/Archetype/pipeline.yml
Просмотреть файл

@ -4,7 +4,7 @@
# https://aka.ms/yaml
# Set variables once
variables:
- group: VDC_SECRETS_Copy
- group: VDC_SECRETS
- group: VDC_AKS_SECRETS
trigger:
- master

2
Environments/AKS/LandingZone/parameters.json
Просмотреть файл

@ -1,5 +1,5 @@
{
"Organization": "file(../../_Common/organizationName.txt)",
"Organization": "env(ORGANIZATION_NAME)",
"DeploymentName": "aks",
"InstanceName": "${Parameters.Organization}-${Parameters.DeploymentName}",
"Subscription": "AKS",

412
Environments/AKS/LandingZone/pipeline.yml
Просмотреть файл

@ -4,7 +4,7 @@
# https://aka.ms/yaml
# Set variables once
variables:
- group: VDC_SECRETS_Copy
- group: VDC_SECRETS
- group: VDC_AKS_SECRETS
trigger:
- master
@ -18,7 +18,7 @@ stages:
- task: AzurePowerShell@4
displayName: "Setup Validation Resource Group"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ValidationResourceGroupSetup.ps1'
ScriptArguments: '-ResourceGroupName vdc-validation-rg -SetupResourceGroup'
@ -41,33 +41,41 @@ stages:
- task: AzurePowerShell@4
displayName: "ARM Validation - Diagnostic Storage Account"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/AKS/LandingZone/definition.json" -ModuleConfigurationName "DiagnosticStorageAccount" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- task: AzurePowerShell@4
displayName: "ARM Validation - Enable Service EndPoint On Diagnostic Storage Account"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/AKS/LandingZone/definition.json" -ModuleConfigurationName "EnableServiceEndPointOnDiagnosticStorageAccount" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: LogAnalytics
pool:
name: 'vdc-self-hosted'
@ -88,18 +96,22 @@ stages:
- task: AzurePowerShell@4
displayName: "ARM Validation - Log Analytics"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/AKS/LandingZone/definition.json" -ModuleConfigurationName "LogAnalytics" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: SecurityCenter
pool:
name: 'vdc-self-hosted'
@ -120,18 +132,22 @@ stages:
- task: AzurePowerShell@4
displayName: "ARM Validation - Security Center"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/AKS/LandingZone/definition.json" -ModuleConfigurationName "AzureSecurityCenter" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: EventHub
pool:
name: 'vdc-self-hosted'
@ -152,18 +168,22 @@ stages:
- task: AzurePowerShell@4
displayName: "ARM Validation - EventHub"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/AKS/LandingZone/definition.json" -ModuleConfigurationName "EventHub" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: NetworkSecurityGroup
pool:
name: 'vdc-self-hosted'
@ -184,18 +204,22 @@ stages:
- task: AzurePowerShell@4
displayName: "ARM Validation - Network Security Groups"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/AKS/LandingZone/definition.json" -ModuleConfigurationName "DefaultNSG" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: RouteTable
pool:
name: 'vdc-self-hosted'
@ -216,18 +240,22 @@ stages:
- task: AzurePowerShell@4
displayName: "ARM Validation - RouteTables"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/AKS/LandingZone/definition.json" -ModuleConfigurationName "DefaultRouteTable" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: VirtualNetwork
pool:
name: 'vdc-self-hosted'
@ -248,18 +276,22 @@ stages:
- task: AzurePowerShell@4
displayName: "ARM Validation - Virtual Network"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/AKS/LandingZone/definition.json" -ModuleConfigurationName "VirtualNetwork" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- task: PowerShell@2
displayName: "Pester Tests for Module - Virtual Network Peering"
inputs:
@ -273,33 +305,41 @@ stages:
- task: AzurePowerShell@4
displayName: "ARM Validation - VirtualNetwork Peering To AKS"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/AKS/LandingZone/definition.json" -ModuleConfigurationName "LocalVirtualNetworkPeering" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- task: AzurePowerShell@4
displayName: "ARM Validation - VirtualNetwork Peering From AKS"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/AKS/LandingZone/definition.json" -ModuleConfigurationName "RemoteVirtualNetworkPeering" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: KeyVault
pool:
name: 'vdc-self-hosted'
@ -320,33 +360,41 @@ stages:
- task: AzurePowerShell@4
displayName: "ARM Validation - KeyVault"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/AKS/LandingZone/definition.json" -ModuleConfigurationName "KeyVault" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- task: AzurePowerShell@4
displayName: "ARM Validation - Enable Service Endpoint on Key Vault"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/AKS/LandingZone/definition.json" -ModuleConfigurationName "EnableServiceEndpointOnKeyVault" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: UpdateAzureFirewall
pool:
name: 'vdc-self-hosted'
@ -367,18 +415,22 @@ stages:
- task: AzurePowerShell@4
displayName: "ARM Validation - Update Azure Firewall"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/AKS/LandingZone/definition.json" -ModuleConfigurationName "UpdateAzureFirewall" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: TearDownValidationResourceGroup
pool:
name: 'vdc-self-hosted'
@ -389,7 +441,7 @@ stages:
- task: AzurePowerShell@4
displayName: "Teardown Validation Resource Group"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ValidationResourceGroupSetup.ps1'
ScriptArguments: '-TearDownResourceGroup'
@ -404,18 +456,22 @@ stages:
- task: AzurePowerShell@4
displayName: "Diagnostics Storage Account"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/AKS/LandingZone/definition.json" -ModuleConfigurationName "DiagnosticStorageAccount"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: LogAnalytics
timeoutInMinutes: 0
pool:
@ -427,18 +483,22 @@ stages:
- task: AzurePowerShell@4
displayName: "Log Analytics"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/AKS/LandingZone/definition.json" -ModuleConfigurationName "LogAnalytics"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: SecurityCenter
timeoutInMinutes: 0
pool:
@ -450,18 +510,22 @@ stages:
- task: AzurePowerShell@4
displayName: "Security Center"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/AKS/LandingZone/definition.json" -ModuleConfigurationName "AzureSecurityCenter"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: EventHub
timeoutInMinutes: 0
pool:
@ -473,18 +537,22 @@ stages:
- task: AzurePowerShell@4
displayName: "Event Hub"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/AKS/LandingZone/definition.json" -ModuleConfigurationName "EventHub"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: DefaultNSG
timeoutInMinutes: 0
pool:
@ -496,18 +564,22 @@ stages:
- task: AzurePowerShell@4
displayName: "Network Security Groups"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/AKS/LandingZone/definition.json" -ModuleConfigurationName "DefaultNSG"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: DefaultRouteTable
timeoutInMinutes: 0
pool:
@ -519,18 +591,22 @@ stages:
- task: AzurePowerShell@4
displayName: "Route Tables"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/AKS/LandingZone/definition.json" -ModuleConfigurationName "DefaultRouteTable"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: VirtualNetwork
timeoutInMinutes: 0
pool:
@ -542,48 +618,60 @@ stages:
- task: AzurePowerShell@4
displayName: "Virtual Network"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/AKS/LandingZone/definition.json" -ModuleConfigurationName "VirtualNetwork"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- task: AzurePowerShell@4
displayName: "Local Virtual Network Peering"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/AKS/LandingZone/definition.json" -ModuleConfigurationName "LocalVirtualNetworkPeering"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- task: AzurePowerShell@4
displayName: "Remote Virtual Network Peering"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/AKS/LandingZone/definition.json" -ModuleConfigurationName "RemoteVirtualNetworkPeering"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: EnableServiceEndPointOnDiagnosticStorageAccount
timeoutInMinutes: 0
pool:
@ -595,18 +683,22 @@ stages:
- task: AzurePowerShell@4
displayName: "Enable Service Endpoint On Diagnostic Storage Account"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/AKS/LandingZone/definition.json" -ModuleConfigurationName "EnableServiceEndpointOnDiagnosticStorageAccount"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: KeyVault
timeoutInMinutes: 0
pool:
@ -618,18 +710,22 @@ stages:
- task: AzurePowerShell@4
displayName: "Key Vault"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/AKS/LandingZone/definition.json" -ModuleConfigurationName "KeyVault"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: PrepareRuleCollectionForUpdate
timeoutInMinutes: 0
pool:
@ -641,33 +737,41 @@ stages:
- task: AzurePowerShell@4
displayName: "Consolidate Application Rules"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/AKS/LandingZone/definition.json" -ModuleConfigurationName "ConsolidateApplicationRules"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- task: AzurePowerShell@4
displayName: "Consolidate Network Rules"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/AKS/LandingZone/definition.json" -ModuleConfigurationName "ConsolidateNetworkRules"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: UpdateAzureFirewall
timeoutInMinutes: 0
pool:
@ -679,18 +783,22 @@ stages:
- task: AzurePowerShell@4
displayName: "Add Rules To Azure Firewall"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/AKS/LandingZone/definition.json" -ModuleConfigurationName "UpdateAzureFirewall" -Debug'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: CreateCACertificate
timeoutInMinutes: 0
pool:
@ -702,18 +810,22 @@ stages:
- task: AzurePowerShell@4
displayName: "Create CA Certificate"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/AKS/LandingZone/definition.json" -ModuleConfigurationName "CreateCACertificate"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: EnableServiceEndpointOnKeyVault
timeoutInMinutes: 0
pool:
@ -725,15 +837,19 @@ stages:
- task: AzurePowerShell@4
displayName: "Enable Service Endpoint On Key Vault"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/AKS/LandingZone/definition.json" -ModuleConfigurationName "EnableServiceEndpointOnKeyVault"'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)

12
Environments/ASE-SQLDB/Archetype/orchestration.json
Просмотреть файл

@ -5,6 +5,7 @@
"Name": "KeyVault",
"ResourceGroupName": "${Parameters.ModuleConfigurationParameters.KeyVault.ResourceGroup}",
"ModuleDefinitionName": "KeyVault",
"DependsOn": [],
"Deployment": {
"OverrideParameters": {
"keyVaultName": {
@ -49,6 +50,7 @@
"Name": "AppServiceEnvironments",
"ResourceGroupName": "${Parameters.ModuleConfigurationParameters.AppServiceEnvironments.ResourceGroup}",
"ModuleDefinitionName": "AppServiceEnvironments",
"DependsOn": [],
"Deployment": {
"OverrideParameters": {
"dnsSuffix": {
@ -76,6 +78,9 @@
"Name": "AppServicePlan",
"ModuleDefinitionName": "AppServicePlan",
"ResourceGroupName": "${Parameters.ModuleConfigurationParameters.AppServicePlan.ResourceGroup}",
"DependsOn": [
"AppServiceEnvironments"
],
"Deployment": {
"OverrideParameters": {
"appServicePlanName": {
@ -94,6 +99,9 @@
"Name": "AppServiceWebApp",
"ResourceGroupName": "${Parameters.ModuleConfigurationParameters.AppServiceWebApp.ResourceGroup}",
"ModuleDefinitionName": "AppServiceWebApp",
"DependsOn": [
"AppServicePlan"
],
"Deployment": {
"OverrideParameters": {
"appServicePlanId": {
@ -112,6 +120,7 @@
"Name": "SQLDBServer",
"ModuleDefinitionName": "SQLDBServer",
"ResourceGroupName": "${Parameters.ModuleConfigurationParameters.SQLDB.ResourceGroup}",
"DependsOn": [],
"Deployment": {
"OverrideParameters": {
"administratorLogin": {
@ -144,6 +153,9 @@
"Name": "SQLDatabase",
"ModuleDefinitionName": "SQLDatabase",
"ResourceGroupName": "${Parameters.ModuleConfigurationParameters.SQLDB.ResourceGroup}",
"DependsOn": [
"SQLDBServer"
],
"Deployment": {
"OverrideParameters": {
"databaseName": {

4
Environments/ASE-SQLDB/Archetype/parameters.json
Просмотреть файл

@ -1,5 +1,5 @@
{
"Organization": "file(../../_Common/organizationName.txt)",
"Organization": "env(ORGANIZATION_NAME)",
"DeploymentName": "ase-sqldb",
"InstanceName": "${Parameters.Organization}-${Parameters.DeploymentName}",
"Subscription": "ASE_SQLDB",
@ -104,6 +104,6 @@
"Name": "default"
}
}
},
}
}
}

215
Environments/ASE-SQLDB/Archetype/pipeline.yml
Просмотреть файл

@ -38,19 +38,35 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "KeyVault" -Validate'
ScriptArguments: '-DefinitionPath "Environments/ASE-SQLDB/Archetype/definition.json" -ModuleConfigurationName "KeyVault" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- task: PowerShell@2
displayName: "Sets multi-job variable"
name: "bootstratInitializedOutput"
inputs:
targetType: 'inline'
script: '
$bootstrapInitialized = $ENV:BOOTSTRAP_INITIALIZED;
Write-Host "##vso[task.setvariable variable=BOOTSTRAP_INITIALIZED;isOutput=true]$bootstrapInitialized";'
pwsh: true
- job: AppServiceEnvironments
pool:
name: 'vdc-self-hosted'
dependsOn: SetupValidationResourceGroup
dependsOn: [ SetupValidationResourceGroup, KeyVault ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.KeyVault.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: PowerShell@2
displayName: "Pester Tests for Module - App Service Environments"
@ -68,19 +84,25 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "AppServiceEnvironments" -Validate'
ScriptArguments: '-DefinitionPath "Environments/ASE-SQLDB/Archetype/definition.json" -ModuleConfigurationName "AppServiceEnvironments" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: AppServicePlan
pool:
name: 'vdc-self-hosted'
dependsOn: SetupValidationResourceGroup
dependsOn: [ SetupValidationResourceGroup, KeyVault ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.KeyVault.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: PowerShell@2
displayName: "Pester Tests for Module - App Service Plan"
@ -98,19 +120,25 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "AppServicePlan" -Validate'
ScriptArguments: '-DefinitionPath "Environments/ASE-SQLDB/Archetype/definition.json" -ModuleConfigurationName "AppServicePlan" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: AppServiceWebApp
pool:
name: 'vdc-self-hosted'
dependsOn: SetupValidationResourceGroup
dependsOn: [ SetupValidationResourceGroup, KeyVault ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.KeyVault.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: PowerShell@2
displayName: "Pester Tests for Module - App Service WebApp"
@ -128,19 +156,25 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "AppServiceWebApp" -Validate'
ScriptArguments: '-DefinitionPath "Environments/ASE-SQLDB/Archetype/definition.json" -ModuleConfigurationName "AppServiceWebApp" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: SQLDBServer
pool:
name: 'vdc-self-hosted'
dependsOn: SetupValidationResourceGroup
dependsOn: [ SetupValidationResourceGroup, KeyVault ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.KeyVault.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: PowerShell@2
displayName: "Pester Tests for Module - SQLDB Server"
@ -158,19 +192,25 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "SQLDBServer" -Validate'
ScriptArguments: '-DefinitionPath "Environments/ASE-SQLDB/Archetype/definition.json" -ModuleConfigurationName "SQLDBServer" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: SQLDatabase
pool:
name: 'vdc-self-hosted'
dependsOn: SetupValidationResourceGroup
dependsOn: [ SetupValidationResourceGroup, KeyVault ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.KeyVault.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: PowerShell@2
displayName: "Pester Tests for Module - SQL Database"
@ -188,15 +228,19 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "SQLDatabase" -Validate'
ScriptArguments: '-DefinitionPath "Environments/ASE-SQLDB/Archetype/definition.json" -ModuleConfigurationName "SQLDatabase" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: TearDownValidationResourceGroup
pool:
name: 'vdc-self-hosted'
@ -222,19 +266,36 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "KeyVault"'
ScriptArguments: '-DefinitionPath "Environments/ASE-SQLDB/Archetype/definition.json" -ModuleConfigurationName "KeyVault"'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_SUBSCRIPTIONS:VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- task: PowerShell@2
displayName: "Sets multi-job variable"
name: "bootstratInitializedOutput"
inputs:
targetType: 'inline'
script: '
$bootstrapInitialized = $ENV:BOOTSTRAP_INITIALIZED;
Write-Host "##vso[task.setvariable variable=BOOTSTRAP_INITIALIZED;isOutput=true]$bootstrapInitialized";'
pwsh: true
- job: AppServiceEnvironments
timeoutInMinutes: 0
pool:
name: 'vdc-self-hosted'
dependsOn: KeyVault
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.KeyVault.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: AzurePowerShell@4
displayName: "App Service Environments"
@ -242,20 +303,26 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "AppServiceEnvironments"'
ScriptArguments: '-DefinitionPath "Environments/ASE-SQLDB/Archetype/definition.json" -ModuleConfigurationName "AppServiceEnvironments"'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_SUBSCRIPTIONS:VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- job: AppServicePlan
timeoutInMinutes: 0
pool:
name: 'vdc-self-hosted'
dependsOn: AppServiceEnvironments
dependsOn: [ AppServiceEnvironments, KeyVault ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.KeyVault.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: AzurePowerShell@4
displayName: "App Service Plan"
@ -263,19 +330,25 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "AppServicePlan"'
ScriptArguments: '-DefinitionPath "Environments/ASE-SQLDB/Archetype/definition.json" -ModuleConfigurationName "AppServicePlan"'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_SUBSCRIPTIONS:VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- job: AppServiceWebApp
pool:
name: 'vdc-self-hosted'
dependsOn: AppServicePlan
dependsOn: [ AppServicePlan, KeyVault ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.KeyVault.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: AzurePowerShell@4
displayName: "App Service WebApp"
@ -283,20 +356,26 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "AppServiceWebApp"'
ScriptArguments: '-DefinitionPath "Environments/ASE-SQLDB/Archetype/definition.json" -ModuleConfigurationName "AppServiceWebApp"'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_SUBSCRIPTIONS:VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- job: SQLDBServer
timeoutInMinutes: 0
pool:
name: 'vdc-self-hosted'
dependsOn: KeyVault
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.KeyVault.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: AzurePowerShell@4
displayName: "SQLDB Server"
@ -304,20 +383,26 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "SQLDBServer"'
ScriptArguments: '-DefinitionPath "Environments/ASE-SQLDB/Archetype/definition.json" -ModuleConfigurationName "SQLDBServer"'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_SUBSCRIPTIONS:VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- job: SQLDatabase
timeoutInMinutes: 0
pool:
name: 'vdc-self-hosted'
dependsOn: SQLDBServer
dependsOn: [ SQLDBServer, KeyVault ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.KeyVault.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: AzurePowerShell@4
displayName: "SQLDatabase"
@ -325,12 +410,16 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "SQLDatabase"'
ScriptArguments: '-DefinitionPath "Environments/ASE-SQLDB/Archetype/definition.json" -ModuleConfigurationName "SQLDatabase"'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_SUBSCRIPTIONS:VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)

2
Environments/ASE-SQLDB/LandingZone/parameters.json
Просмотреть файл

@ -1,5 +1,5 @@
{
"Organization": "file(../../_Common/organizationName.txt)",
"Organization": "env(ORGANIZATION_NAME)",
"DeploymentName": "ase-sqldb",
"InstanceName": "${Parameters.Organization}-${Parameters.DeploymentName}",
"Subscription": "ASE_SQLDB",

315
Environments/ASE-SQLDB/LandingZone/pipeline.yml
Просмотреть файл

@ -38,19 +38,35 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "DiagnosticStorageAccount" -Validate'
ScriptArguments: '-DefinitionPath "Environments/ASE-SQLDB/LandingZone/definition.json" -ModuleConfigurationName "DiagnosticStorageAccount" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- task: PowerShell@2
displayName: "Sets multi-job variable"
name: "bootstratInitializedOutput"
inputs:
targetType: 'inline'
script: '
$bootstrapInitialized = $ENV:BOOTSTRAP_INITIALIZED;
Write-Host "##vso[task.setvariable variable=BOOTSTRAP_INITIALIZED;isOutput=true]$bootstrapInitialized";'
pwsh: true
- job: LogAnalytics
pool:
name: 'vdc-self-hosted'
dependsOn: SetupValidationResourceGroup
dependsOn: [ SetupValidationResourceGroup, StorageAccounts ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.StorageAccounts.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: PowerShell@2
displayName: "Pester Tests for Module - Log Analytics"
@ -68,19 +84,25 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "LogAnalytics" -Validate'
ScriptArguments: '-DefinitionPath "Environments/ASE-SQLDB/LandingZone/definition.json" -ModuleConfigurationName "LogAnalytics" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: AzureSecurityCenter
pool:
name: 'vdc-self-hosted'
dependsOn: SetupValidationResourceGroup
dependsOn: [ SetupValidationResourceGroup, StorageAccounts ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.StorageAccounts.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: PowerShell@2
displayName: "Pester Tests for Module - Azure Security Center"
@ -98,19 +120,25 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "AzureSecurityCenter" -Validate'
ScriptArguments: '-DefinitionPath "Environments/ASE-SQLDB/LandingZone/definition.json" -ModuleConfigurationName "AzureSecurityCenter" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: NISTControls
pool:
name: 'vdc-self-hosted'
dependsOn: SetupValidationResourceGroup
dependsOn: [ SetupValidationResourceGroup, StorageAccounts ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.StorageAccounts.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: PowerShell@2
displayName: "Pester Tests for Module - NIST Controls"
@ -128,19 +156,25 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "NISTControls" -Validate'
ScriptArguments: '-DefinitionPath "Environments/ASE-SQLDB/LandingZone/definition.json" -ModuleConfigurationName "NISTControls" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: NetworkSecurityGroups
pool:
name: 'vdc-self-hosted'
dependsOn: SetupValidationResourceGroup
dependsOn: [ SetupValidationResourceGroup, StorageAccounts ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.StorageAccounts.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: PowerShell@2
displayName: "Pester Tests for Module - Network Security Groups"
@ -158,19 +192,25 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "DefaultNSG" -Validate'
ScriptArguments: '-DefinitionPath "Environments/ASE-SQLDB/LandingZone/definition.json" -ModuleConfigurationName "DefaultNSG" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: RouteTables
pool:
name: 'vdc-self-hosted'
dependsOn: SetupValidationResourceGroup
dependsOn: [ SetupValidationResourceGroup, StorageAccounts ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.StorageAccounts.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: PowerShell@2
displayName: "Pester Tests for Module - Route Tables"
@ -188,27 +228,33 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "DefaultRouteTable" -Validate'
ScriptArguments: '-DefinitionPath "Environments/ASE-SQLDB/LandingZone/definition.json" -ModuleConfigurationName "RouteTables" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: vNet
- job: VirtualNetwork
pool:
name: 'vdc-self-hosted'
dependsOn: SetupValidationResourceGroup
dependsOn: [ SetupValidationResourceGroup, StorageAccounts ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.StorageAccounts.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: PowerShell@2
displayName: "Pester Tests for Module - vNet"
displayName: "Pester Tests for Module - VirtualNetwork"
inputs:
targetType: 'inline'
script: '# Write your powershell commands here.
Invoke-Pester -Script "./Modules/vNet/2.0/Tests";
Invoke-Pester -Script "./Modules/VirtualNetwork/2.0/Tests";
# Use the environment variables input below to pass secret variables to this script.'
pwsh: true
@ -218,27 +264,33 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "VirtualNetwork" -Validate'
ScriptArguments: '-DefinitionPath "Environments/ASE-SQLDB/LandingZone/definition.json" -ModuleConfigurationName "VirtualNetwork" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: VirtualNetworkPeering
pool:
name: 'vdc-self-hosted'
dependsOn: SetupValidationResourceGroup
dependsOn: [ SetupValidationResourceGroup, StorageAccounts ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.StorageAccounts.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: PowerShell@2
displayName: "Pester Tests for Module - vNet Peering"
displayName: "Pester Tests for Module - VirtualNetwork Peering"
inputs:
targetType: 'inline'
script: '# Write your powershell commands here.
Invoke-Pester -Script "./Modules/vNetPeering/2.0/Tests";
Invoke-Pester -Script "./Modules/VirtualNetworkPeering/2.0/Tests";
# Use the environment variables input below to pass secret variables to this script.'
pwsh: true
@ -248,19 +300,23 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "LocalVirtualNetworkPeering" -Validate'
ScriptArguments: '-DefinitionPath "Environments/ASE-SQLDB/LandingZone/definition.json" -ModuleConfigurationName "LocalVirtualNetworkPeering" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: TearDownValidationResourceGroup
pool:
name: 'vdc-self-hosted'
dependsOn: [ StorageAccounts, LogAnalytics, AzureSecurityCenter, NISTControls, NetworkSecurityGroups, RouteTables, vNet, VirtualNetworkPeering ]
dependsOn: [ StorageAccounts, LogAnalytics, AzureSecurityCenter, NISTControls, NetworkSecurityGroups, RouteTables, VirtualNetwork, VirtualNetworkPeering ]
steps:
- task: AzurePowerShell@4
displayName: "Teardown Validation Resource Group"
@ -282,19 +338,35 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "DiagnosticStorageAccount"'
ScriptArguments: '-DefinitionPath "Environments/ASE-SQLDB/LandingZone/definition.json" -ModuleConfigurationName "DiagnosticStorageAccount"'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_SUBSCRIPTIONS:VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- task: PowerShell@2
displayName: "Sets multi-job variable"
name: "bootstratInitializedOutput"
inputs:
targetType: 'inline'
script: '
$bootstrapInitialized = $ENV:BOOTSTRAP_INITIALIZED;
Write-Host "##vso[task.setvariable variable=BOOTSTRAP_INITIALIZED;isOutput=true]$bootstrapInitialized";'
pwsh: true
- job: LogAnalytics
pool:
name: 'vdc-self-hosted'
dependsOn: DiagnosticStorageAccount
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.DiagnosticStorageAccount.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: AzurePowerShell@4
displayName: "Log Analytics"
@ -302,19 +374,25 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "LogAnalytics"'
ScriptArguments: '-DefinitionPath "Environments/ASE-SQLDB/LandingZone/definition.json" -ModuleConfigurationName "LogAnalytics"'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_SUBSCRIPTIONS:VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- job: AzureSecurityCenter
pool:
name: 'vdc-self-hosted'
dependsOn: LogAnalytics
dependsOn: [ LogAnalytics, DiagnosticStorageAccount ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.DiagnosticStorageAccount.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: AzurePowerShell@4
displayName: "Azure Security Center"
@ -322,19 +400,25 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "AzureSecurityCenter"'
ScriptArguments: '-DefinitionPath "Environments/ASE-SQLDB/LandingZone/definition.json" -ModuleConfigurationName "AzureSecurityCenter"'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_SUBSCRIPTIONS:VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- job: NISTControls
pool:
name: 'vdc-self-hosted'
dependsOn: LogAnalytics
dependsOn: [ LogAnalytics, DiagnosticStorageAccount ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.DiagnosticStorageAccount.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: AzurePowerShell@4
displayName: "NIST Controls"
@ -342,19 +426,25 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "NISTControls"'
ScriptArguments: '-DefinitionPath "Environments/ASE-SQLDB/LandingZone/definition.json" -ModuleConfigurationName "NISTControls"'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_SUBSCRIPTIONS:VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
- job: DefaultNetworkSecurityGroup
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- job: NetworkSecurityGroups
pool:
name: 'vdc-self-hosted'
dependsOn: [ DiagnosticStorageAccount, LogAnalytics ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.DiagnosticStorageAccount.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: AzurePowerShell@4
displayName: "Default Network Security Group"
@ -362,18 +452,25 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "DefaultNSG"'
ScriptArguments: '-DefinitionPath "Environments/ASE-SQLDB/LandingZone/definition.json" -ModuleConfigurationName "DefaultNSG"'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_SUBSCRIPTIONS:VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
- job: DefaultRouteTable
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- job: RouteTables
pool:
name: 'vdc-self-hosted'
dependsOn: DiagnosticStorageAccount
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.DiagnosticStorageAccount.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: AzurePowerShell@4
displayName: "Default Route Table"
@ -381,19 +478,25 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "DefaultRouteTable"'
ScriptArguments: '-DefinitionPath "Environments/ASE-SQLDB/LandingZone/definition.json" -ModuleConfigurationName "RouteTables"'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_SUBSCRIPTIONS:VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- job: VirtualNetwork
pool:
name: 'vdc-self-hosted'
dependsOn: [ DefaultNetworkSecurityGroup, DefaultRouteTable ]
dependsOn: [ NetworkSecurityGroups, RouteTables, DiagnosticStorageAccount ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.DiagnosticStorageAccount.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: AzurePowerShell@4
displayName: "Virtual Network"
@ -401,52 +504,54 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "VirtualNetwork"'
ScriptArguments: '-DefinitionPath "Environments/ASE-SQLDB/LandingZone/definition.json" -ModuleConfigurationName "VirtualNetwork"'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_SUBSCRIPTIONS:VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
- job: WorkloadPeeringToSharedServices
pool:
name: 'vdc-self-hosted'
dependsOn: 'VirtualNetwork'
steps:
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- task: AzurePowerShell@4
displayName: "Workload Virtual Network Peering to Shared Services"
inputs:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "LocalVirtualNetworkPeering"'
ScriptArguments: '-DefinitionPath "Environments/ASE-SQLDB/LandingZone/definition.json" -ModuleConfigurationName "LocalVirtualNetworkPeering"'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_SUBSCRIPTIONS:VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
- job: SharedServicesPeeringToWorkload
pool:
name: 'vdc-self-hosted'
dependsOn: 'VirtualNetwork'
steps:
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- task: AzurePowerShell@4
displayName: "Shared Services Virtual Network Peering to Workload"
inputs:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "RemoteVirtualNetworkPeering"'
ScriptArguments: '-DefinitionPath "Environments/ASE-SQLDB/LandingZone/definition.json" -ModuleConfigurationName "RemoteVirtualNetworkPeering"'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_SUBSCRIPTIONS:VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)

75
Environments/NTier-IaaS/Archetype/orchestration.json
Просмотреть файл

@ -92,11 +92,14 @@
"virtualMachineScaleSetsOSType": {
"value": "${Parameters.ModuleConfigurationParameters.WebApp.OSType}"
},
"virtualMachineScaleSetsDataDisks": {
"value": "${Parameters.ModuleConfigurationParameters.WebApp.DataDisks}"
"virtualMachineScaleSetsUpgradePolicy": {
"value": "${Parameters.ModuleConfigurationParameters.WebApp.UpgradePolicy.Mode}"
},
"virtualMachineScaleSetsRollingUpgradePolicy": {
"value": "${Parameters.ModuleConfigurationParameters.WebApp.UpgradePolicy.RollingUpgradePolicy}"
},
"loadBalancerBackendPoolId": {
"value": "reference(WebLoadBalancer.loadBalancerResourceBackendPoolId)"
"value": "reference(WebAppLoadBalancer.loadBalancerResourceBackendPoolId)"
},
"workspaceId": {
"value": "reference(LogAnalytics.logAnalyticsWorkspaceId)"
@ -122,9 +125,6 @@
"subnetName": {
"value": "${Parameters.ModuleConfigurationParameters.WebApp.SubnetName}"
},
"vmIPAddress": {
"value": "${Parameters.ModuleConfigurationParameters.WebApp.AddsIPAddressStart}"
},
"applicationSecurityGroupId": {
"value": "reference(WebASG.applicationSecurityGroupResourceId)"
},
@ -214,11 +214,14 @@
"virtualMachineScaleSetsOSType": {
"value": "${Parameters.ModuleConfigurationParameters.BusinessApp.OSType}"
},
"virtualMachineScaleSetsDataDisks": {
"value": "${Parameters.ModuleConfigurationParameters.BusinessApp.DataDisks}"
"virtualMachineScaleSetsUpgradePolicy": {
"value": "${Parameters.ModuleConfigurationParameters.BusinessApp.UpgradePolicy.Mode}"
},
"virtualMachineScaleSetsRollingUpgradePolicy": {
"value": "${Parameters.ModuleConfigurationParameters.BusinessApp.UpgradePolicy.RollingUpgradePolicy}"
},
"loadBalancerBackendPoolId": {
"value": "reference(WebLoadBalancer.loadBalancerResourceBackendPoolId)"
"value": "reference(BusinessAppLoadBalancer.loadBalancerResourceBackendPoolId)"
},
"workspaceId": {
"value": "reference(LogAnalytics.logAnalyticsWorkspaceId)"
@ -244,9 +247,6 @@
"subnetName": {
"value": "${Parameters.ModuleConfigurationParameters.BusinessApp.SubnetName}"
},
"vmIPAddress": {
"value": "${Parameters.ModuleConfigurationParameters.BusinessApp.AddsIPAddressStart}"
},
"applicationSecurityGroupId": {
"value": "reference(BusinessASG.applicationSecurityGroupResourceId)"
},
@ -345,6 +345,9 @@
"virtualMachineDataDisks": {
"value": "${Parameters.ModuleConfigurationParameters.SQLServerAlwaysOn.DataDisks}"
},
"loadBalancerBackendPoolId": {
"value": "reference(SQLServerAlwaysOnLoadBalancer.loadBalancerResourceBackendPoolId)"
},
"workspaceId": {
"value": "reference(LogAnalytics.logAnalyticsWorkspaceId)"
},
@ -407,6 +410,20 @@
"ModuleDefinitionName": "StorageAccounts",
"ResourceGroupName": "${Parameters.ModuleConfigurationParameters.SQLServerAlwaysOnCloudWitness.ResourceGroup}",
"Comments": "Storage Account that is used as a Cloud Witness",
"Policies": {
"Comments": "Policies is Optional - If no object is specified, no Policies deployment will occur",
"OverrideParameters": {
"effect": {
"value": "${Parameters.ModuleConfigurationParameters.SQLServerAlwaysOnCloudWitness.Policies.Effect}"
},
"resourceGroup": {
"value": "${Parameters.ModuleConfigurationParameters.SQLServerAlwaysOnCloudWitness.ResourceGroup}"
},
"resourceGroupLocation": {
"value": "${Parameters.Location}"
}
}
},
"Deployment": {
"Comments": "We need the 'update' module instance to lock this resource after the Virtual Network got created",
"OverrideParameters": {
@ -427,11 +444,10 @@
},
{
"Name": "InstallSQLServerAlwaysOn",
"ModuleDefinitionName": "VirtualMachines",
"ModuleDefinitionName": "SQLServerAlwaysOn",
"ResourceGroupName": "${Parameters.ModuleConfigurationParameters.SQLServerAlwaysOn.ResourceGroup}",
"DependsOn": [
"KeyVault",
"SQLServerAlwaysOnLoadBalancer",
"SQLServerAlwaysOnVMs",
"CloudWitnessStorageAccount"
],
"Comments": "Creates Active Directory Domain Services VMs",
@ -440,14 +456,26 @@
"virtualMachineName": {
"value": "${Parameters.ModuleConfigurationParameters.SQLServerAlwaysOn.Name}"
},
"virtualMachineCount": {
"value": "${Parameters.ModuleConfigurationParameters.SQLServerAlwaysOn.VMCount}"
},
"adminUsername": {
"value": "${Parameters.ModuleConfigurationParameters.SQLServerAlwaysOn.Name}"
"value": "${Parameters.ModuleConfigurationParameters.SQLServerAlwaysOn.AdminUsername}"
},
"adminPassword": {
"value": "${Parameters.ModuleConfigurationParameters.SQLServerAlwaysOn.Name}"
"reference": "${Parameters.ModuleConfigurationParameters.SQLServerAlwaysOn.AdminPassword}"
},
"domainAdminUsername": {
"value": "${Parameters.ModuleConfigurationParameters.SQLServerAlwaysOn.DomainAdminUsername}"
},
"domainAdminPassword": {
"value": "${Parameters.ModuleConfigurationParameters.SQLServerAlwaysOn.DomainAdminPassword}"
},
"domainName": {
"value": "${Parameters.ModuleConfigurationParameters.SQLServerAlwaysOn.DomainName}"
},
"clusterName": {
"value": "${Parameters.ModuleConfigurationParameters.SQLServerAlwaysOn.Name}"
"value": "${Parameters.ModuleConfigurationParameters.SQLServerAlwaysOn.ClusterName}"
},
"artifactsStorageAccountName": {
"value": "reference(${Parameters.Organization}-shrdsvcs.ArtifactsStorageAccount.storageAccountName)"
@ -465,16 +493,7 @@
"value": "reference(CloudWitnessStorageAccount.storageAccountName)"
},
"sqlServerILB_IPAddress": {
"value": "${Parameters.ModuleConfigurationParameters.SQLServerAlwaysOn.Name}"
},
"domainName": {
"value": "${Parameters.ModuleConfigurationParameters.SQLServerAlwaysOn.Name}"
},
"domainAdminUsername": {
"value": "${Parameters.ModuleConfigurationParameters.SQLServerAlwaysOn.Name}"
},
"domainAdminPassword": {
"value": "${Parameters.ModuleConfigurationParameters.SQLServerAlwaysOn.Name}"
"value": "${Parameters.ModuleConfigurationParameters.SQLServerAlwaysOnLoadBalancer.IPAddressStart}"
}
}
}

142
Environments/NTier-IaaS/Archetype/parameters.json
Просмотреть файл

@ -5,21 +5,8 @@
"Subscription": "NTier_IaaS",
"ModuleConfigurationParameters": {
"DeploymentUserId": "env(DEPLOYMENT_USER_ID)",
"OnPremisesInformation": {
"ActiveDirectory": {
"PrimaryDomainControllerIP": "192.168.1.4",
"DomainName": "fontoso.com",
"ADSitename": "Cloud-Site",
"DomainAdminUserName": "fontoso"
},
"Network": {
"AddressPrefix": "192.168.1.0/28"
}
},
"DeploymentAppId": "env(DEPLOYMENT_APP_ID)",
"Comments": "Adding VirtualNetwork property, because KeyVault references a VirtualNetwork property references NetworkSecurityGroups and RouteTable, this is why these two properties are also included",
"RouteTables": "file(../LandingZone/NetworkParameters/routeTables.json)",
"NetworkSecurityGroups": "file(../LandingZone/NetworkParameters/networkSecurityGroups.json)",
"VirtualNetwork": "file(../LandingZone/NetworkParameters/virtualNetwork.json)",
"KeyVault": {
"Name": "${Parameters.InstanceName}-kv",
"ResourceGroup": "${Parameters.InstanceName}-keyvault-rg",
@ -42,6 +29,21 @@
"All"
]
}
},
{
"tenantId": "${Parameters.TenantId}",
"objectId": "${Parameters.ModuleConfigurationParameters.DeploymentAppId}",
"permissions": {
"certificates": [
"All"
],
"keys": [
"All"
],
"secrets": [
"All"
]
}
}
],
"SecretsObject": {
@ -58,20 +60,29 @@
"defaultAction": "Deny",
"virtualNetworkRules": [
{
"subnet": "${Parameters.ModuleConfigurationParameters.VirtualNetwork.Subnets[0].Name}"
"subnet": "reference(VirtualNetwork.subnetNames)"
}
],
"ipRules": []
}
},
"WebApp": {
"Name": "web-vmss",
"Name": "webvmss",
"ResourceGroup": "${Parameters.InstanceName}-webapp-rg",
"VMSKU": {
"name": "Standard_DS3_v2",
"tier": "Standard",
"capacity": 5
},
"UpgradePolicy": {
"Mode": "Automatic",
"RollingUpgradePolicy": {
"maxBatchInstancePercent": 20,
"maxUnhealthyInstancePercent": 20,
"maxUnhealthyUpgradedInstancePercent": 20,
"pauseTimeBetweenBatches": "PT10S"
}
},
"OSImage": {
"offer": "WindowsServer",
"publisher": "MicrosoftWindowsServer",
@ -83,7 +94,7 @@
"Comments": "Destination can be HSM or Software. Use HSM to create Production keys.",
"Destination": "HSM"
},
"DomainName": "${Parameters.ModuleConfigurationParameters.ActiveDirectory.DomainName}",
"DomainName": "reference(${Parameters.Organization}-shrdsvcs.InstallActiveDirectoryDomainServices.domainName)",
"DomainAdminUsername": "env(DOMAIN_ADMIN_USERNAME)",
"DomainAdminPassword": "env(DOMAIN_ADMIN_USER_PWD)",
"AdminUsername": "${Parameters.ModuleConfigurationParameters.KeyVault.SecretsObject.Secrets[0].secretName}",
@ -93,7 +104,7 @@
},
"secretName": "${Parameters.ModuleConfigurationParameters.KeyVault.SecretsObject.Secrets[0].secretName}"
},
"SubnetName": "${Parameters.ModuleConfigurationParameters.VirtualNetwork.Subnets[0].name}"
"SubnetName": "reference(VirtualNetwork.subnetNames)"
},
"WebAppLoadBalancer": {
"Name": "web-lb",
@ -105,37 +116,43 @@
"frontendPort": 80,
"backendPort": 80,
"enableFloatingIP": false,
"idleTimeoutInMinutes": 3,
"protocol": "TCP",
"enableTcpReset": false,
"loadDistribution": false,
"disableOutboundSnat": false,
"idleTimeoutInMinutes": 5,
"protocol": "Tcp",
"probeName": "tcpProbe"
}
}
],
"Probes": [
{
"name": "probe",
"name": "tcpProbe",
"properties": {
"protocol": "TCP",
"protocol": "Tcp",
"port": 80,
"requestPath": "/",
"intervalInSeconds": 10,
"numberOfProbes": 5
"requestPath": "",
"intervalInSeconds": 5,
"numberOfProbes": 2
}
}
],
"SubnetName": "${Parameters.ModuleConfigurationParameters.VirtualNetwork.Subnets[0].name}"
"SubnetName": "reference(VirtualNetwork.subnetNames)"
},
"BusinessApp": {
"Name": "biz-vmss",
"ResourceGroup": "${Parameters.InstanceName}-biz-rg",
"Name": "bizvmss",
"ResourceGroup": "${Parameters.InstanceName}-bizapp-rg",
"VMSKU": {
"name": "Standard_DS3_v2",
"tier": "Standard",
"capacity": 5
},
"UpgradePolicy": {
"Mode": "Automatic",
"RollingUpgradePolicy": {
"maxBatchInstancePercent": 20,
"maxUnhealthyInstancePercent": 20,
"maxUnhealthyUpgradedInstancePercent": 20,
"pauseTimeBetweenBatches": "PT10S"
}
},
"OSImage": {
"offer": "WindowsServer",
"publisher": "MicrosoftWindowsServer",
@ -143,11 +160,21 @@
},
"OSType": "Windows",
"Kek": {
"Name": "WebAppKey",
"Name": "BusinessAppKey",
"Comments": "Destination can be HSM or Software. Use HSM to create Production keys.",
"Destination": "HSM"
},
"SubnetName": "${Parameters.ModuleConfigurationParameters.VirtualNetwork.Subnets[0].name}"
"DomainName": "reference(${Parameters.Organization}-shrdsvcs.InstallActiveDirectoryDomainServices.domainName)",
"DomainAdminUsername": "env(DOMAIN_ADMIN_USERNAME)",
"DomainAdminPassword": "env(DOMAIN_ADMIN_USER_PWD)",
"AdminUsername": "${Parameters.ModuleConfigurationParameters.KeyVault.SecretsObject.Secrets[0].secretName}",
"AdminPassword": {
"keyVault": {
"id": "reference(KeyVault.keyVaultResourceId)"
},
"secretName": "${Parameters.ModuleConfigurationParameters.KeyVault.SecretsObject.Secrets[0].secretName}"
},
"SubnetName": "reference(VirtualNetwork.subnetNames)"
},
"BusinessAppLoadBalancer": {
"Name": "${Parameters.InstanceName}-biz-lb",
@ -159,28 +186,25 @@
"frontendPort": 80,
"backendPort": 80,
"enableFloatingIP": false,
"idleTimeoutInMinutes": 3,
"protocol": "TCP",
"enableTcpReset": false,
"loadDistribution": false,
"disableOutboundSnat": false,
"idleTimeoutInMinutes": 5,
"protocol": "Tcp",
"probeName": "tcpProbe"
}
}
],
"Probes": [
{
"name": "probe",
"name": "tcpProbe",
"properties": {
"protocol": "TCP",
"protocol": "Tcp",
"requestPath": "",
"port": 80,
"requestPath": "/",
"intervalInSeconds": 10,
"numberOfProbes": 5
"intervalInSeconds": 5,
"numberOfProbes": 2
}
}
],
"SubnetName": "${Parameters.ModuleConfigurationParameters.VirtualNetwork.Subnets[0].name}"
"SubnetName": "reference(VirtualNetwork.subnetNames)"
},
"SQLServerAlwaysOn": {
"Name": "sql-vm",
@ -194,7 +218,7 @@
"sku": "Enterprise"
},
"IPAddressStart": "172.2.0.20",
"DomainName": "${Parameters.ModuleConfigurationParameters.ActiveDirectory.DomainName}",
"DomainName": "reference(${Parameters.Organization}-shrdsvcs.InstallActiveDirectoryDomainServices.domainName)",
"DomainAdminUsername": "env(DOMAIN_ADMIN_USERNAME)",
"DomainAdminPassword": "env(DOMAIN_ADMIN_USER_PWD)",
"AdminUsername": "${Parameters.ModuleConfigurationParameters.KeyVault.SecretsObject.Secrets[0].secretName}",
@ -204,17 +228,23 @@
},
"secretName": "${Parameters.ModuleConfigurationParameters.KeyVault.SecretsObject.Secrets[0].secretName}"
},
"ClusterName": "AOCluster",
"DataDisks": [
{
"size": 1023
"size": 1023,
"driveLetter": "F",
"diskId": 2
},
{
"size": 1023
"size": 1023,
"driveLetter": "G",
"diskId": 3
}
]
],
"SubnetName": "reference(VirtualNetwork.subnetNames)"
},
"SQLServerAlwaysOnCloudWitness": {
"Name": "${Parameters.InstanceName}cwntierstrg",
"Name": "${Parameters.InstanceName}ntierstrg",
"ResourceGroup": "${Parameters.ModuleConfigurationParameters.SQLServerAlwaysOn.ResourceGroup}",
"Sku": "Standard_GRS",
"NetworkAcls": {
@ -222,7 +252,7 @@
"defaultAction": "Deny",
"virtualNetworkRules": [
{
"subnet": "${Parameters.ModuleConfigurationParameters.VirtualNetwork.Subnets[0].Name}"
"subnet": "reference(VirtualNetwork.subnetNames)"
}
],
"ipRules": []
@ -243,26 +273,24 @@
"backendPort": 1433,
"enableFloatingIP": false,
"idleTimeoutInMinutes": 5,
"protocol": "TCP",
"enableTcpReset": false,
"loadDistribution": false,
"disableOutboundSnat": false,
"protocol": "Tcp",
"probeName": "tcpProbe"
}
}
],
"Probes": [
{
"name": "probe",
"name": "tcpProbe",
"properties": {
"protocol": "TCP",
"protocol": "Tcp",
"requestPath": "",
"port": 1433,
"intervalInSeconds": 5,
"numberOfProbes": 2
}
}
],
"SubnetName": "${Parameters.ModuleConfigurationParameters.VirtualNetwork.Subnets[0].name}"
"SubnetName": "reference(VirtualNetwork.subnetNames)"
}
}
}

546
Environments/NTier-IaaS/Archetype/pipeline.yml
Просмотреть файл

@ -38,169 +38,325 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "KeyVault" -Validate'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/Archetype/definition.json" -ModuleConfigurationName "KeyVault" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: AppServiceEnvironments
- task: PowerShell@2
displayName: "Sets multi-job variable"
name: "bootstratInitializedOutput"
inputs:
targetType: 'inline'
script: '
$bootstrapInitialized = $ENV:BOOTSTRAP_INITIALIZED;
Write-Host "##vso[task.setvariable variable=BOOTSTRAP_INITIALIZED;isOutput=true]$bootstrapInitialized";'
pwsh: true
- job: VirtualMachines
pool:
name: 'vdc-self-hosted'
dependsOn: SetupValidationResourceGroup
dependsOn: [SetupValidationResourceGroup, KeyVault]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.KeyVault.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: PowerShell@2
displayName: "Pester Tests for Module - App Service Environments"
displayName: "Pester Tests for Module - Virtual Machine Scale Sets"
inputs:
targetType: 'inline'
script: '# Write your powershell commands here.
Invoke-Pester -Script "./Modules/AppServiceEnvironments/2.0/Tests";
Invoke-Pester -Script "./Modules/VirtualMachines/2.0/Tests";
# Use the environment variables input below to pass secret variables to this script.'
pwsh: true
- task: AzurePowerShell@4
displayName: "ARM Validation - App Service Environments"
displayName: "ARM Validation - SQL Server AlwaysOn Virtual Machines"
inputs:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "AppServiceEnvironments" -Validate'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/Archetype/definition.json" -ModuleConfigurationName "SQLServerAlwaysOnVMs" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: AppServicePlan
- job: VirtualMachineScaleSets
pool:
name: 'vdc-self-hosted'
dependsOn: SetupValidationResourceGroup
dependsOn: [SetupValidationResourceGroup, KeyVault]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.KeyVault.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: PowerShell@2
displayName: "Pester Tests for Module - App Service Plan"
displayName: "Pester Tests for Module - Virtual Machine Scale Sets"
inputs:
targetType: 'inline'
script: '# Write your powershell commands here.
Invoke-Pester -Script "./Modules/AppServicePlan/2.0/Tests";
Invoke-Pester -Script "./Modules/VirtualMachineScaleSets/2.0/Tests";
# Use the environment variables input below to pass secret variables to this script.'
pwsh: true
- task: AzurePowerShell@4
displayName: "ARM Validation - App Service Plan"
displayName: "ARM Validation - Web VMSS"
inputs:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "AppServicePlan" -Validate'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/Archetype/definition.json" -ModuleConfigurationName "WebAppVMSS" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
- task: AzurePowerShell@4
displayName: "ARM Validation - Business VMSS"
inputs:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/Archetype/definition.json" -ModuleConfigurationName "BusinessAppVMSS" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
- job: AppServiceWebApp
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- job: LoadBalancers
pool:
name: 'vdc-self-hosted'
dependsOn: SetupValidationResourceGroup
dependsOn: [SetupValidationResourceGroup, KeyVault]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.KeyVault.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: PowerShell@2
displayName: "Pester Tests for Module - App Service WebApp"
displayName: "Pester Tests for Module - Load Balancers"
inputs:
targetType: 'inline'
script: '# Write your powershell commands here.
Invoke-Pester -Script "./Modules/AppServiceWebApp/2.0/Tests";
Invoke-Pester -Script "./Modules/LoadBalancers/2.0/Tests";
# Use the environment variables input below to pass secret variables to this script.'
pwsh: true
- task: AzurePowerShell@4
displayName: "ARM Validation - App Service WebApp"
displayName: "ARM Validation - Web Load Balancer"
inputs:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "AppServiceWebApp" -Validate'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/Archetype/definition.json" -ModuleConfigurationName "WebAppLoadBalancer" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
- task: AzurePowerShell@4
displayName: "ARM Validation - Business Load Balancer"
inputs:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/Archetype/definition.json" -ModuleConfigurationName "BusinessAppLoadBalancer" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
- job: SQLDBServer
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- task: AzurePowerShell@4
displayName: "ARM Validation - SQL Server Load Balancer"
inputs:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/Archetype/definition.json" -ModuleConfigurationName "SQLServerAlwaysOnLoadBalancer" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- job: StorageAccounts
pool:
name: 'vdc-self-hosted'
dependsOn: SetupValidationResourceGroup
dependsOn: [SetupValidationResourceGroup, KeyVault]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.KeyVault.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: PowerShell@2
displayName: "Pester Tests for Module - SQLDB Server"
displayName: "Pester Tests for Module - SQL Server Cloud Witness"
inputs:
targetType: 'inline'
script: '# Write your powershell commands here.
Invoke-Pester -Script "./Modules/SQLDBServer/2.0/Tests";
Invoke-Pester -Script "./Modules/StorageAccounts/2.0/Tests";
# Use the environment variables input below to pass secret variables to this script.'
pwsh: true
- task: AzurePowerShell@4
displayName: "ARM Validation - SQLDB Server"
displayName: "ARM Validation - SQL Server Cloud Witness"
inputs:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "SQLDBServer" -Validate'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/Archetype/definition.json" -ModuleConfigurationName "CloudWitnessStorageAccount" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: SQLDatabase
- job: InternetInformationServices
pool:
name: 'vdc-self-hosted'
dependsOn: SetupValidationResourceGroup
dependsOn: [SetupValidationResourceGroup, KeyVault]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.KeyVault.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: PowerShell@2
displayName: "Pester Tests for Module - SQL Database"
displayName: "Pester Tests for Module - Internet Information Services"
inputs:
targetType: 'inline'
script: '# Write your powershell commands here.
Invoke-Pester -Script "./Modules/SQLDatabase/2.0/Tests";
Invoke-Pester -Script "./Modules/InternetInformationServices/2.0/Tests";
# Use the environment variables input below to pass secret variables to this script.'
pwsh: true
- task: AzurePowerShell@4
displayName: "ARM Validation - SQL Database"
displayName: "ARM Validation - Web IIS"
inputs:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "SQLDatabase" -Validate'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/Archetype/definition.json" -ModuleConfigurationName "IISOnWebVMSS" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
- task: AzurePowerShell@4
displayName: "ARM Validation - Business IIS"
inputs:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/Archetype/definition.json" -ModuleConfigurationName "IISOnBusinessVMSS" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- job: SQLServerAlwaysOn
pool:
name: 'vdc-self-hosted'
dependsOn: [SetupValidationResourceGroup, KeyVault]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.KeyVault.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: PowerShell@2
displayName: "Pester Tests for Module - SQL Server AlwaysOn installation"
inputs:
targetType: 'inline'
script: '# Write your powershell commands here.
Invoke-Pester -Script "./Modules/SQLServerAlwaysOn/2.0/Tests";
# Use the environment variables input below to pass secret variables to this script.'
pwsh: true
- task: AzurePowerShell@4
displayName: "ARM Validation - SQL Server AlwaysOn installation"
inputs:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/Archetype/definition.json" -ModuleConfigurationName "InstallSQLServerAlwaysOn" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- job: TearDownValidationResourceGroup
pool:
name: 'vdc-self-hosted'
dependsOn: [ KeyVault, AppServiceEnvironments, AppServicePlan, AppServiceWebApp, SQLDBServer, SQLDatabase ]
dependsOn: [ StorageAccounts, KeyVault, VirtualMachineScaleSets, LoadBalancers, InternetInformationServices, SQLServerAlwaysOn ]
steps:
- task: AzurePowerShell@4
displayName: "Teardown Validation Resource Group"
@ -222,115 +378,255 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "KeyVault"'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/Archetype/definition.json" -ModuleConfigurationName "KeyVault"'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_SUBSCRIPTIONS:VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
- job: AppServiceEnvironments
timeoutInMinutes: 0
pool:
name: 'vdc-self-hosted'
steps:
- task: AzurePowerShell@4
displayName: "App Service Environments"
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- task: PowerShell@2
displayName: "Sets multi-job variable"
name: "bootstratInitializedOutput"
inputs:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "AppServiceEnvironments"'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_SUBSCRIPTIONS:VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: AppServicePlan
timeoutInMinutes: 0
pool:
name: 'vdc-self-hosted'
dependsOn: AppServiceEnvironments
steps:
- task: AzurePowerShell@4
displayName: "App Service Plan"
inputs:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "AppServicePlan"'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_SUBSCRIPTIONS:VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: AppServiceWebApp
pool:
name: 'vdc-self-hosted'
dependsOn: AppServicePlan
steps:
- task: AzurePowerShell@4
displayName: "App Service WebApp"
inputs:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "AppServiceWebApp"'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_SUBSCRIPTIONS:VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: SQLDBServer
targetType: 'inline'
script: '
$bootstrapInitialized = $ENV:BOOTSTRAP_INITIALIZED;
Write-Host "##vso[task.setvariable variable=BOOTSTRAP_INITIALIZED;isOutput=true]$bootstrapInitialized";'
pwsh: true
- job: LoadBalancers
timeoutInMinutes: 0
pool:
name: 'vdc-self-hosted'
dependsOn: KeyVault
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.KeyVault.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: AzurePowerShell@4
displayName: "SQLDB Server"
displayName: "Web Load Balancer"
inputs:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "SQLDBServer"'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/Archetype/definition.json" -ModuleConfigurationName "WebAppLoadBalancer"'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_SUBSCRIPTIONS:VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
- job: SQLDatabase
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- task: AzurePowerShell@4
displayName: "Business Load Balancer"
inputs:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/Archetype/definition.json" -ModuleConfigurationName "BusinessAppLoadBalancer"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- task: AzurePowerShell@4
displayName: "SQL Server Load Balancer"
inputs:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/Archetype/definition.json" -ModuleConfigurationName "SQLServerAlwaysOnLoadBalancer"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- job: VirtualMachines
pool:
name: 'vdc-self-hosted'
dependsOn: [KeyVault, LoadBalancers]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.KeyVault.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: AzurePowerShell@4
displayName: "SQL Server AlwaysOn Virtual Machines"
inputs:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/Archetype/definition.json" -ModuleConfigurationName "SQLServerAlwaysOnVMs"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- job: VirtualMachineScaleSets
timeoutInMinutes: 0
pool:
name: 'vdc-self-hosted'
dependsOn: SQLDBServer
dependsOn: [KeyVault, LoadBalancers]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.KeyVault.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: AzurePowerShell@4
displayName: "SQLDatabase"
displayName: "Web VMSS"
inputs:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "SQLDatabase"'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/Archetype/definition.json" -ModuleConfigurationName "WebAppVMSS"'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_SUBSCRIPTIONS:VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- task: AzurePowerShell@4
displayName: "Business VMSS"
inputs:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/Archetype/definition.json" -ModuleConfigurationName "BusinessAppVMSS"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- job: InternetInformationServices
timeoutInMinutes: 0
pool:
name: 'vdc-self-hosted'
dependsOn: [KeyVault, VirtualMachineScaleSets]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.KeyVault.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: AzurePowerShell@4
displayName: "Web IIS"
inputs:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/Archetype/definition.json" -ModuleConfigurationName "IISOnWebVMSS"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- task: AzurePowerShell@4
displayName: "Business IIS"
inputs:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/Archetype/definition.json" -ModuleConfigurationName "IISOnBusinessVMSS"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- job: SQLServerAlwaysOn
timeoutInMinutes: 0
pool:
name: 'vdc-self-hosted'
dependsOn: [KeyVault, VirtualMachines]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.KeyVault.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: AzurePowerShell@4
displayName: "SQL Server Cloud Witness"
inputs:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/Archetype/definition.json" -ModuleConfigurationName "CloudWitnessStorageAccount"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- task: AzurePowerShell@4
displayName: "SQL Server AlwaysOn installation"
inputs:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/Archetype/definition.json" -ModuleConfigurationName "InstallSQLServerAlwaysOn"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)

381
Environments/NTier-IaaS/LandingZone/pipeline.yml
Просмотреть файл

@ -38,19 +38,35 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "DiagnosticStorageAccount" -Validate'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/LandingZone/definition.json" -ModuleConfigurationName "DiagnosticStorageAccount" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- task: PowerShell@2
displayName: "Sets multi-job variable"
name: "bootstratInitializedOutput"
inputs:
targetType: 'inline'
script: '
$bootstrapInitialized = $ENV:BOOTSTRAP_INITIALIZED;
Write-Host "##vso[task.setvariable variable=BOOTSTRAP_INITIALIZED;isOutput=true]$bootstrapInitialized";'
pwsh: true
- job: LogAnalytics
pool:
name: 'vdc-self-hosted'
dependsOn: SetupValidationResourceGroup
dependsOn: [ SetupValidationResourceGroup, StorageAccounts ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.StorageAccounts.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: PowerShell@2
displayName: "Pester Tests for Module - Log Analytics"
@ -68,19 +84,25 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "LogAnalytics" -Validate'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/LandingZone/definition.json" -ModuleConfigurationName "LogAnalytics" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: AzureSecurityCenter
pool:
name: 'vdc-self-hosted'
dependsOn: SetupValidationResourceGroup
dependsOn: [ SetupValidationResourceGroup, StorageAccounts ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.StorageAccounts.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: PowerShell@2
displayName: "Pester Tests for Module - Azure Security Center"
@ -98,19 +120,25 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "AzureSecurityCenter" -Validate'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/LandingZone/definition.json" -ModuleConfigurationName "AzureSecurityCenter" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: NISTControls
pool:
name: 'vdc-self-hosted'
dependsOn: SetupValidationResourceGroup
dependsOn: [ SetupValidationResourceGroup, StorageAccounts ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.StorageAccounts.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: PowerShell@2
displayName: "Pester Tests for Module - NIST Controls"
@ -128,19 +156,25 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "NISTControls" -Validate'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/LandingZone/definition.json" -ModuleConfigurationName "NISTControls" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: NetworkSecurityGroups
pool:
name: 'vdc-self-hosted'
dependsOn: SetupValidationResourceGroup
dependsOn: [ SetupValidationResourceGroup, StorageAccounts ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.StorageAccounts.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: PowerShell@2
displayName: "Pester Tests for Module - Network Security Groups"
@ -158,19 +192,25 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "DefaultNSG" -Validate'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/LandingZone/definition.json" -ModuleConfigurationName "DefaultNSG" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: RouteTables
pool:
name: 'vdc-self-hosted'
dependsOn: SetupValidationResourceGroup
dependsOn: [ SetupValidationResourceGroup, StorageAccounts ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.StorageAccounts.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: PowerShell@2
displayName: "Pester Tests for Module - Route Tables"
@ -188,27 +228,33 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "DefaultRouteTable" -Validate'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/LandingZone/definition.json" -ModuleConfigurationName "DefaultRouteTable" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: vNet
- job: VirtualNetwork
pool:
name: 'vdc-self-hosted'
dependsOn: SetupValidationResourceGroup
dependsOn: [ SetupValidationResourceGroup, StorageAccounts ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.StorageAccounts.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: PowerShell@2
displayName: "Pester Tests for Module - vNet"
displayName: "Pester Tests for Module - VirtualNetwork"
inputs:
targetType: 'inline'
script: '# Write your powershell commands here.
Invoke-Pester -Script "./Modules/vNet/2.0/Tests";
Invoke-Pester -Script "./Modules/VirtualNetwork/2.0/Tests";
# Use the environment variables input below to pass secret variables to this script.'
pwsh: true
@ -218,27 +264,33 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "VirtualNetwork" -Validate'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/LandingZone/definition.json" -ModuleConfigurationName "VirtualNetwork" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: VirtualNetworkPeering
pool:
name: 'vdc-self-hosted'
dependsOn: SetupValidationResourceGroup
dependsOn: [ SetupValidationResourceGroup, StorageAccounts ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.StorageAccounts.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: PowerShell@2
displayName: "Pester Tests for Module - vNet Peering"
displayName: "Pester Tests for Module - VirtualNetwork Peering"
inputs:
targetType: 'inline'
script: '# Write your powershell commands here.
Invoke-Pester -Script "./Modules/vNetPeering/2.0/Tests";
Invoke-Pester -Script "./Modules/VirtualNetworkPeering/2.0/Tests";
# Use the environment variables input below to pass secret variables to this script.'
pwsh: true
@ -248,19 +300,23 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "LocalVirtualNetworkPeering" -Validate'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/LandingZone/definition.json" -ModuleConfigurationName "LocalVirtualNetworkPeering" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: TearDownValidationResourceGroup
pool:
name: 'vdc-self-hosted'
dependsOn: [ StorageAccounts, LogAnalytics, AzureSecurityCenter, NISTControls, NetworkSecurityGroups, RouteTables, vNet, VirtualNetworkPeering ]
dependsOn: [ StorageAccounts, LogAnalytics, AzureSecurityCenter, NISTControls, NetworkSecurityGroups, RouteTables, VirtualNetwork, VirtualNetworkPeering ]
steps:
- task: AzurePowerShell@4
displayName: "Teardown Validation Resource Group"
@ -282,19 +338,35 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "DiagnosticStorageAccount"'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/LandingZone/definition.json" -ModuleConfigurationName "DiagnosticStorageAccount"'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_SUBSCRIPTIONS:VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- task: PowerShell@2
displayName: "Sets multi-job variable"
name: "bootstratInitializedOutput"
inputs:
targetType: 'inline'
script: '
$bootstrapInitialized = $ENV:BOOTSTRAP_INITIALIZED;
Write-Host "##vso[task.setvariable variable=BOOTSTRAP_INITIALIZED;isOutput=true]$bootstrapInitialized";'
pwsh: true
- job: LogAnalytics
pool:
name: 'vdc-self-hosted'
dependsOn: DiagnosticStorageAccount
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.DiagnosticStorageAccount.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: AzurePowerShell@4
displayName: "Log Analytics"
@ -302,19 +374,25 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "LogAnalytics"'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/LandingZone/definition.json" -ModuleConfigurationName "LogAnalytics"'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_SUBSCRIPTIONS:VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- job: AzureSecurityCenter
pool:
name: 'vdc-self-hosted'
dependsOn: LogAnalytics
dependsOn: [ LogAnalytics, DiagnosticStorageAccount ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.DiagnosticStorageAccount.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: AzurePowerShell@4
displayName: "Azure Security Center"
@ -322,19 +400,25 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "AzureSecurityCenter"'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/LandingZone/definition.json" -ModuleConfigurationName "AzureSecurityCenter"'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_SUBSCRIPTIONS:VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- job: NISTControls
pool:
name: 'vdc-self-hosted'
dependsOn: LogAnalytics
dependsOn: [ LogAnalytics, DiagnosticStorageAccount ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.DiagnosticStorageAccount.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: AzurePowerShell@4
displayName: "NIST Controls"
@ -342,19 +426,89 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "NISTControls"'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/LandingZone/definition.json" -ModuleConfigurationName "NISTControls"'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_SUBSCRIPTIONS:VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
- job: DefaultNetworkSecurityGroup
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- job: ApplicationSecurityGroups
pool:
name: 'vdc-self-hosted'
dependsOn: [ DiagnosticStorageAccount, LogAnalytics ]
dependsOn: DiagnosticStorageAccount
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.DiagnosticStorageAccount.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: AzurePowerShell@4
displayName: "Web Application Security Group"
inputs:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/LandingZone/definition.json" -ModuleConfigurationName "WebASG"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- task: AzurePowerShell@4
displayName: "Business Application Security Group"
inputs:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/LandingZone/definition.json" -ModuleConfigurationName "BusinessASG"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- task: AzurePowerShell@4
displayName: "Data Application Security Group"
inputs:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/LandingZone/definition.json" -ModuleConfigurationName "DataASG"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- job: NetworkSecurityGroups
pool:
name: 'vdc-self-hosted'
dependsOn: [ DiagnosticStorageAccount, LogAnalytics, ApplicationSecurityGroups ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.DiagnosticStorageAccount.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: AzurePowerShell@4
displayName: "Default Network Security Group"
@ -362,18 +516,25 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "DefaultNSG"'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/LandingZone/definition.json" -ModuleConfigurationName "DefaultNSG"'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_SUBSCRIPTIONS:VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
- job: DefaultRouteTable
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- job: RouteTables
pool:
name: 'vdc-self-hosted'
dependsOn: DiagnosticStorageAccount
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.DiagnosticStorageAccount.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: AzurePowerShell@4
displayName: "Default Route Table"
@ -381,19 +542,25 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "DefaultRouteTable"'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/LandingZone/definition.json" -ModuleConfigurationName "DefaultRouteTable"'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_SUBSCRIPTIONS:VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- job: VirtualNetwork
pool:
name: 'vdc-self-hosted'
dependsOn: [ DefaultNetworkSecurityGroup, DefaultRouteTable ]
dependsOn: [ NetworkSecurityGroups, RouteTables, DiagnosticStorageAccount ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.DiagnosticStorageAccount.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: AzurePowerShell@4
displayName: "Virtual Network"
@ -401,52 +568,54 @@ stages:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "VirtualNetwork"'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/LandingZone/definition.json" -ModuleConfigurationName "VirtualNetwork"'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_SUBSCRIPTIONS:VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
- job: WorkloadPeeringToSharedServices
pool:
name: 'vdc-self-hosted'
dependsOn: 'VirtualNetwork'
steps:
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- task: AzurePowerShell@4
displayName: "Workload Virtual Network Peering to Shared Services"
inputs:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "LocalVirtualNetworkPeering"'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/LandingZone/definition.json" -ModuleConfigurationName "LocalVirtualNetworkPeering"'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_SUBSCRIPTIONS:VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
- job: SharedServicesPeeringToWorkload
pool:
name: 'vdc-self-hosted'
dependsOn: 'VirtualNetwork'
steps:
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
- task: AzurePowerShell@4
displayName: "Shared Services Virtual Network Peering to Workload"
inputs:
azureSubscription: 'vdc2-spoke1'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "RemoteVirtualNetworkPeering"'
ScriptArguments: '-DefinitionPath "Environments/NTier-IaaS/LandingZone/definition.json" -ModuleConfigurationName "RemoteVirtualNetworkPeering"'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_SUBSCRIPTIONS:VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)

19
Environments/On-Premise/orchestration.json
Просмотреть файл

@ -88,19 +88,6 @@
}
}
},
{
"Name": "DomainControllerASG",
"ModuleDefinitionName": "ApplicationSecurityGroups",
"ResourceGroupName": "${Parameters.ModuleConfigurationParameters.ApplicationSecurityGroups.ResourceGroup}",
"DependsOn": [],
"Deployment": {
"OverrideParameters": {
"applicationSecurityGroupName": {
"value": "${Parameters.ModuleConfigurationParameters.ApplicationSecurityGroups.DomainController.Name}"
}
}
}
},
{
"Name": "VirtualNetwork",
"ModuleDefinitionName": "VirtualNetwork",
@ -271,6 +258,9 @@
},
"resourceGroupLocation": {
"value": "${Parameters.ModuleConfigurationParameters.ArtifactsStorageAccount.Location}"
},
"blobContainers": {
"value": "${Parameters.ModuleConfigurationParameters.ArtifactsStorageAccount.Containers}"
}
}
},
@ -359,9 +349,6 @@
"vmIPAddress": {
"value": "${Parameters.ModuleConfigurationParameters.ActiveDirectory.PrimaryDomainControllerIP}"
},
"applicationSecurityGroupId": {
"value": "reference(DomainControllerASG.applicationSecurityGroupResourceId)"
},
"adminUsername": {
"value": "${Parameters.ModuleConfigurationParameters.ActiveDirectory.DomainAdminUsername}"
},

2
Environments/On-Premise/parameters.json
Просмотреть файл

@ -223,7 +223,7 @@
"serviceEndpoints": ""
}
],
"EnableDdosProtection": true,
"EnableDdosProtection": false,
"EnableVmProtection": false,
"DnsServers": [
"${Parameters.ModuleConfigurationParameters.ActiveDirectory.PrimaryDomainControllerIP}",

490
Environments/On-Premise/pipeline.yml
Просмотреть файл

@ -4,7 +4,7 @@
# https://aka.ms/yaml
# Set variables once
variables:
- group: VDC_SECRETS_Copy
- group: VDC_SECRETS
trigger:
- master
stages:
@ -17,7 +17,7 @@ stages:
- task: AzurePowerShell@4
displayName: "Setup Validation Resource Group"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-onprem'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ValidationResourceGroupSetup.ps1'
ScriptArguments: '-ResourceGroupName vdc-validation-rg -SetupResourceGroup'
@ -40,33 +40,34 @@ stages:
- task: AzurePowerShell@4
displayName: "ARM Validation - Diagnostic Storage Account"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-onprem'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/On-Premise/definition.json" -ModuleConfigurationName "DiagnosticStorageAccount" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- task: AzurePowerShell@4
displayName: "ARM Validation - Artifacts Storage Account"
SCRIPT_EXECUTION_SP_ID: $(SCRIPT_EXECUTION_SP_ID)
SCRIPT_EXECUTION_SP_KEY: $(SCRIPT_EXECUTION_SP_KEY)
- task: PowerShell@2
displayName: "Sets multi-job variable"
name: "bootstratInitializedOutput"
inputs:
azureSubscription: 'Kunachim Azure SC'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/On-Premise/definition.json" -ModuleConfigurationName "ArtifactsStorageAccount" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
targetType: 'inline'
script: '
$bootstrapInitialized = $ENV:BOOTSTRAP_INITIALIZED;
Write-Host "##vso[task.setvariable variable=BOOTSTRAP_INITIALIZED;isOutput=true]$bootstrapInitialized";'
pwsh: true
- job: LogAnalytics
pool:
name: 'vdc-self-hosted'
@ -87,18 +88,24 @@ stages:
- task: AzurePowerShell@4
displayName: "ARM Validation - Log Analytics"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-onprem'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/On-Premise/definition.json" -ModuleConfigurationName "LogAnalytics" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
SCRIPT_EXECUTION_SP_ID: $(SCRIPT_EXECUTION_SP_ID)
SCRIPT_EXECUTION_SP_KEY: $(SCRIPT_EXECUTION_SP_KEY)
- job: NetworkSecurityGroups
pool:
name: 'vdc-self-hosted'
@ -119,50 +126,24 @@ stages:
- task: AzurePowerShell@4
displayName: "ARM Validation - On-Premises NSG"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-onprem'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/On-Premise/definition.json" -ModuleConfigurationName "OnPremisesNSG" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: ApplicationSecurityGroups
pool:
name: 'vdc-self-hosted'
dependsOn: [ SetupValidationResourceGroup, StorageAccounts ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.StorageAccounts.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: PowerShell@2
displayName: "Pester Tests for Module - Application Security Groups"
inputs:
targetType: 'inline'
script: '# Write your powershell commands here.
Invoke-Pester -Script "./Modules/ApplicationSecurityGroups/2.0/Tests";
# Use the environment variables input below to pass secret variables to this script.'
pwsh: true
- task: AzurePowerShell@4
displayName: "ARM Validation - Domain Controller ASG"
inputs:
azureSubscription: 'Kunachim Azure SC'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/On-Premise/definition.json" -ModuleConfigurationName "DomainControllerASG" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
SCRIPT_EXECUTION_SP_ID: $(SCRIPT_EXECUTION_SP_ID)
SCRIPT_EXECUTION_SP_KEY: $(SCRIPT_EXECUTION_SP_KEY)
- job: VirtualNetwork
pool:
name: 'vdc-self-hosted'
@ -183,18 +164,24 @@ stages:
- task: AzurePowerShell@4
displayName: "ARM Validation - Virtual Network"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-onprem'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/On-Premise/definition.json" -ModuleConfigurationName "VirtualNetwork" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
SCRIPT_EXECUTION_SP_ID: $(SCRIPT_EXECUTION_SP_ID)
SCRIPT_EXECUTION_SP_KEY: $(SCRIPT_EXECUTION_SP_KEY)
- job: VirtualNetworkGateway
pool:
name: 'vdc-self-hosted'
@ -215,18 +202,24 @@ stages:
- task: AzurePowerShell@4
displayName: "ARM Validation - Virtual Network Gateway"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-onprem'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/On-Premise/definition.json" -ModuleConfigurationName "VirtualNetworkGateway" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
SCRIPT_EXECUTION_SP_ID: $(SCRIPT_EXECUTION_SP_ID)
SCRIPT_EXECUTION_SP_KEY: $(SCRIPT_EXECUTION_SP_KEY)
- job: KeyVault
pool:
name: 'vdc-self-hosted'
@ -247,33 +240,45 @@ stages:
- task: AzurePowerShell@4
displayName: "ARM Validation - Key Vault"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-onprem'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/On-Premise/definition.json" -ModuleConfigurationName "KeyVault" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
SCRIPT_EXECUTION_SP_ID: $(SCRIPT_EXECUTION_SP_ID)
SCRIPT_EXECUTION_SP_KEY: $(SCRIPT_EXECUTION_SP_KEY)
- task: AzurePowerShell@4
displayName: "ARM Validation - Enable Service Endpoint On Key Vault"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-onprem'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/On-Premise/definition.json" -ModuleConfigurationName "EnableServiceEndpointOnKeyVault" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
SCRIPT_EXECUTION_SP_ID: $(SCRIPT_EXECUTION_SP_ID)
SCRIPT_EXECUTION_SP_KEY: $(SCRIPT_EXECUTION_SP_KEY)
- job: ActiveDirectory
pool:
name: 'vdc-self-hosted'
@ -294,42 +299,54 @@ stages:
- task: AzurePowerShell@4
displayName: "ARM Validation - Active Directory VM"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-onprem'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/On-Premise/definition.json" -ModuleConfigurationName "ActiveDirectoryVM" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
SCRIPT_EXECUTION_SP_ID: $(SCRIPT_EXECUTION_SP_ID)
SCRIPT_EXECUTION_SP_KEY: $(SCRIPT_EXECUTION_SP_KEY)
- task: AzurePowerShell@4
displayName: "ARM Validation - Install Active Directory"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-onprem'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/On-Premise/definition.json" -ModuleConfigurationName "InstallActiveDirectory" -Validate'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
SCRIPT_EXECUTION_SP_ID: $(SCRIPT_EXECUTION_SP_ID)
SCRIPT_EXECUTION_SP_KEY: $(SCRIPT_EXECUTION_SP_KEY)
- job: TearDownValidationResourceGroup
pool:
name: 'vdc-self-hosted'
dependsOn: [ StorageAccounts, LogAnalytics, NetworkSecurityGroups, ApplicationSecurityGroups, VirtualNetwork, VirtualNetworkGateway, ActiveDirectory ]
dependsOn: [ StorageAccounts, LogAnalytics, NetworkSecurityGroups, VirtualNetwork, VirtualNetworkGateway, ActiveDirectory ]
steps:
- task: AzurePowerShell@4
displayName: "Teardown Validation Resource Group"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-onprem'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ValidationResourceGroupSetup.ps1'
ScriptArguments: '-TearDownResourceGroup'
@ -344,18 +361,34 @@ stages:
- task: AzurePowerShell@4
displayName: "Diagnostic Storage Account"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-onprem'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/On-Premise/definition.json" -ModuleConfigurationName "DiagnosticStorageAccount"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
SCRIPT_EXECUTION_SP_ID: $(SCRIPT_EXECUTION_SP_ID)
SCRIPT_EXECUTION_SP_KEY: $(SCRIPT_EXECUTION_SP_KEY)
- task: PowerShell@2
displayName: "Sets multi-job variable"
name: "bootstratInitializedOutput"
inputs:
targetType: 'inline'
script: '
$bootstrapInitialized = $ENV:BOOTSTRAP_INITIALIZED;
Write-Host "##vso[task.setvariable variable=BOOTSTRAP_INITIALIZED;isOutput=true]$bootstrapInitialized";'
pwsh: true
- job: LogAnalytics
timeoutInMinutes: 0
pool:
@ -367,19 +400,25 @@ stages:
- task: AzurePowerShell@4
displayName: "Log Analytics"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-onprem'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/On-Premise/definition.json" -ModuleConfigurationName "LogAnalytics"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: OnPremisesNSG
SCRIPT_EXECUTION_SP_ID: $(SCRIPT_EXECUTION_SP_ID)
SCRIPT_EXECUTION_SP_KEY: $(SCRIPT_EXECUTION_SP_KEY)
- job: NetworkSecurityGroups
timeoutInMinutes: 0
pool:
name: 'vdc-self-hosted'
@ -388,158 +427,155 @@ stages:
BOOTSTRAP_INITIALIZED: $[dependencies.DiagnosticStorageAccount.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: AzurePowerShell@4
displayName: "Network Security Group"
displayName: "On-premises Network Security Group"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-onprem'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/On-Premise/definition.json" -ModuleConfigurationName "OnPremisesNSG"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: DomainControllerASG
timeoutInMinutes: 0
pool:
name: 'vdc-self-hosted'
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.DiagnosticStorageAccount.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
dependsOn: DiagnosticStorageAccount
steps:
- task: AzurePowerShell@4
displayName: "Application Security Group"
inputs:
azureSubscription: 'Kunachim Azure SC'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/On-Premise/definition.json" -ModuleConfigurationName "DomainControllerASG"'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
SCRIPT_EXECUTION_SP_ID: $(SCRIPT_EXECUTION_SP_ID)
SCRIPT_EXECUTION_SP_KEY: $(SCRIPT_EXECUTION_SP_KEY)
- job: VirtualNetwork
timeoutInMinutes: 0
pool:
name: 'vdc-self-hosted'
dependsOn: [ OnPremisesNSG, DiagnosticStorageAccount ]
dependsOn: [ NetworkSecurityGroups, DiagnosticStorageAccount ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.DiagnosticStorageAccount.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: AzurePowerShell@4
displayName: "Virtual Network"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-onprem'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/On-Premise/definition.json" -ModuleConfigurationName "VirtualNetwork"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
SCRIPT_EXECUTION_SP_ID: $(SCRIPT_EXECUTION_SP_ID)
SCRIPT_EXECUTION_SP_KEY: $(SCRIPT_EXECUTION_SP_KEY)
- job: KeyVault
timeoutInMinutes: 0
pool:
name: 'vdc-self-hosted'
dependsOn: [ DiagnosticStorageAccount, LogAnalytics, DiagnosticStorageAccount ]
dependsOn: [ DiagnosticStorageAccount, LogAnalytics, VirtualNetwork ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.DiagnosticStorageAccount.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: AzurePowerShell@4
displayName: "Key Vault"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-onprem'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/On-Premise/definition.json" -ModuleConfigurationName "KeyVault"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: CreateRootCertificate
timeoutInMinutes: 0
pool:
name: 'vdc-self-hosted'
dependsOn: [ KeyVault, DiagnosticStorageAccount ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.DiagnosticStorageAccount.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
SCRIPT_EXECUTION_SP_ID: $(SCRIPT_EXECUTION_SP_ID)
SCRIPT_EXECUTION_SP_KEY: $(SCRIPT_EXECUTION_SP_KEY)
- task: AzurePowerShell@4
displayName: "Create Root Certificate"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-onprem'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/On-Premise/definition.json" -ModuleConfigurationName "CreateRootCertificate"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
SCRIPT_EXECUTION_SP_ID: $(SCRIPT_EXECUTION_SP_ID)
SCRIPT_EXECUTION_SP_KEY: $(SCRIPT_EXECUTION_SP_KEY)
- task: AzurePowerShell@4
displayName: "Enable Service Endpoint on Key Vault"
inputs:
azureSubscription: 'vdc2-onprem'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/On-Premise/definition.json" -ModuleConfigurationName "EnableServiceEndpointOnKeyVault"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
SCRIPT_EXECUTION_SP_ID: $(SCRIPT_EXECUTION_SP_ID)
SCRIPT_EXECUTION_SP_KEY: $(SCRIPT_EXECUTION_SP_KEY)
- job: VirtualNetworkGateway
timeoutInMinutes: 0
pool:
name: 'vdc-self-hosted'
dependsOn: [ VirtualNetwork, CreateRootCertificate, DiagnosticStorageAccount ]
dependsOn: [ VirtualNetwork, KeyVault, DiagnosticStorageAccount ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.DiagnosticStorageAccount.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: AzurePowerShell@4
displayName: "Virtual Network Gateway"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-onprem'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/On-Premise/definition.json" -ModuleConfigurationName "VirtualNetworkGateway"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: EnableServiceEndpointOnKeyVault
timeoutInMinutes: 0
pool:
name: 'vdc-self-hosted'
dependsOn: [ VirtualNetworkGateway, DiagnosticStorageAccount ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.DiagnosticStorageAccount.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
- task: AzurePowerShell@4
displayName: "Key Vault"
inputs:
azureSubscription: 'Kunachim Azure SC'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/On-Premise/definition.json" -ModuleConfigurationName "EnableServiceEndpointOnKeyVault"'
azurePowerShellVersion: 'LatestVersion'
env:
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
SCRIPT_EXECUTION_SP_ID: $(SCRIPT_EXECUTION_SP_ID)
SCRIPT_EXECUTION_SP_KEY: $(SCRIPT_EXECUTION_SP_KEY)
- job: ArtifactsStorageAccount
timeoutInMinutes: 0
pool:
@ -551,42 +587,46 @@ stages:
- task: AzurePowerShell@4
displayName: "Artifacts Storage Account"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-onprem'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/On-Premise/definition.json" -ModuleConfigurationName "ArtifactsStorageAccount"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: UploadScriptsToArtifactsStorage
timeoutInMinutes: 0
pool:
name: 'vdc-self-hosted'
dependsOn: [ ArtifactsStorageAccount, DiagnosticStorageAccount ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.DiagnosticStorageAccount.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
SCRIPT_EXECUTION_SP_ID: $(SCRIPT_EXECUTION_SP_ID)
SCRIPT_EXECUTION_SP_KEY: $(SCRIPT_EXECUTION_SP_KEY)
- task: AzurePowerShell@4
displayName: "Upload Scripts To Artifacts Storage"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-onprem'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/On-Premise/definition.json" -ModuleConfigurationName "UploadScriptsToArtifactsStorage"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: ActiveDirectoryVM
SCRIPT_EXECUTION_SP_ID: $(SCRIPT_EXECUTION_SP_ID)
SCRIPT_EXECUTION_SP_KEY: $(SCRIPT_EXECUTION_SP_KEY)
- job: ActiveDirectory
timeoutInMinutes: 0
pool:
name: 'vdc-self-hosted'
@ -597,38 +637,42 @@ stages:
- task: AzurePowerShell@4
displayName: "Active Directory VM"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-onprem'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/On-Premise/definition.json" -ModuleConfigurationName "ActiveDirectoryVM"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
- job: InstallActiveDirectory
timeoutInMinutes: 0
pool:
name: 'vdc-self-hosted'
dependsOn: [ ActiveDirectoryVM, DiagnosticStorageAccount ]
variables:
BOOTSTRAP_INITIALIZED: $[dependencies.DiagnosticStorageAccount.outputs['bootstratInitializedOutput.BOOTSTRAP_INITIALIZED']]
steps:
SCRIPT_EXECUTION_SP_ID: $(SCRIPT_EXECUTION_SP_ID)
SCRIPT_EXECUTION_SP_KEY: $(SCRIPT_EXECUTION_SP_KEY)
- task: AzurePowerShell@4
displayName: "Install Active Directory"
inputs:
azureSubscription: 'Kunachim Azure SC'
azureSubscription: 'vdc2-onprem'
ScriptType: 'FilePath'
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
ScriptArguments: '-DefinitionPath "Environments/On-Premise/definition.json" -ModuleConfigurationName "InstallActiveDirectory"'
azurePowerShellVersion: 'LatestVersion'
env:
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
ADMIN_USER_SSH: $(ADMIN_USER_SSH)
DEPLOYMENT_APP_ID: $(DEPLOYMENT_APP_ID)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
DOMAIN_ADMIN_USERNAME: $(DOMAIN_ADMIN_USERNAME)
TENANT_ID: $(TENANT_ID)
ORGANIZATION_NAME: $(ORGANIZATION_NAME)
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
TENANT_ID: $(TENANT_ID)
SCRIPT_EXECUTION_SP_ID: $(SCRIPT_EXECUTION_SP_ID)
SCRIPT_EXECUTION_SP_KEY: $(SCRIPT_EXECUTION_SP_KEY)

710
Environments/SharedServices/pipeline.yml
Просмотреть файл

Разница между файлами не показана из-за своего большого размера Загрузить разницу

656
Environments/SharedServices_OnpremExtension/pipeline.yml
Просмотреть файл

Разница между файлами не показана из-за своего большого размера Загрузить разницу

9
Environments/_Common/artifactsStorageAccount.json
Просмотреть файл

@ -1,9 +1,14 @@
{
"Name": "${Parameters.Organization}cstmartfcts11",
"ResourceGroup": "${Parameters.InstanceName}-artifacts-rg",
"ResourceGroup": "${Parameters.Organization}-artifacts-rg",
"Sku": "Standard_GRS",
"Location": "${Parameters.Location}",
"Policies": {
"Effect": "Audit"
}
},
"Containers": [
{
"name": "scripts"
}
]
}

2
Environments/_Common/organizationName.txt
Просмотреть файл

@ -1 +1 @@
knvdc
contoso

4
Modules/ActiveDirectory/2.0/deploy.json
Просмотреть файл

@ -230,6 +230,10 @@
"metadata": {
"description": "Static IP of the primary domain controller."
}
},
"domainName": {
"type": "string",
"value": "[parameters('domainName')]"
}
}
}

4
Modules/ActiveDirectoryDomainServices/2.0/deploy.json
Просмотреть файл

@ -227,6 +227,10 @@
"metadata": {
"description": "List of ADDS IPs that will serve as DNS Server List on a Virtual Network"
}
},
"domainName": {
"type": "string",
"value": "[parameters('domainName')]"
}
}
}

7
Modules/KeyVault/2.0/deploy.json
Просмотреть файл

@ -18,9 +18,9 @@
},
"secretsObject": {
"type": "secureObject",
"defaultValue": "{}",
"defaultValue": [],
"metadata": {
"description": "Optional. All secrets {\"secretName\":\"\",\"secretValue\":\"\"} wrapped in a secure object"
"description": "Optional. All secrets [{\"secretName\":\"\",\"secretValue\":\"\"} wrapped in a secure object]"
}
},
"enableVaultForDeployment": {
@ -194,7 +194,8 @@
{
"type": "Microsoft.KeyVault/vaults/secrets",
"apiVersion": "2015-06-01",
"name": "[if(equals(copyIndex(),0), concat(parameters('keyVaultName'), '/', 'dummy'), concat(parameters('keyVaultName'), '/', parameters('secretsObject').secrets[copyIndex()].secretName))]",
"condition": "[not(empty(parameters('secretsObject').secrets))]",
"name": "[if(empty(parameters('secretsObject').secrets), concat(parameters('keyVaultName'), '/', 'dummy'), concat(parameters('keyVaultName'), '/', parameters('secretsObject').secrets[copyIndex()].secretName))]",
"properties": {
"value": "[parameters('secretsObject').secrets[copyIndex()].secretValue]"
},

7
Modules/LoadBalancers/2.0/deploy.json
Просмотреть файл

@ -72,11 +72,8 @@
"enableFloatingIP": "[parameters('loadBalancingRules')[copyIndex('loadBalancingRules')].properties.enableFloatingIP]",
"idleTimeoutInMinutes": "[parameters('loadBalancingRules')[copyIndex('loadBalancingRules')].properties.idleTimeoutInMinutes]",
"protocol": "[parameters('loadBalancingRules')[copyIndex('loadBalancingRules')].properties.protocol]",
"enableTcpReset": "[parameters('loadBalancingRules')[copyIndex('loadBalancingRules')].properties.enableTcpReset]",
"loadDistribution": "[parameters('loadBalancingRules')[copyIndex('loadBalancingRules')].properties.loadDistribution]",
"disableOutboundSnat": "[parameters('loadBalancingRules')[copyIndex('loadBalancingRules')].properties.disableOutboundSnat]",
"probe": {
"id": "[resourceId('Microsoft.Network/loadBalancers/probes', parameters('loadBalancerName'), parameters('loadBalancingRules')[copyIndex('loadBalancingRules')].properties.probeName)]"
"id": "[concat(resourceId('Microsoft.Network/loadBalancers', parameters('loadBalancerName')), '/probes/', parameters('loadBalancingRules')[copyIndex('loadBalancingRules')].properties.probeName)]"
}
}
}
@ -92,8 +89,8 @@
"name": "[parameters('probes')[copyIndex('probes')].name]",
"properties": {
"protocol": "[parameters('probes')[copyIndex('probes')].properties.protocol]",
"requestPath": "[if(equals(tolower(parameters('probes')[copyIndex('probes')].properties.protocol), 'tcp'), json('null'), parameters('probes')[copyIndex('probes')].properties.requestPath)]",
"port": "[parameters('probes')[copyIndex('probes')].properties.port]",
"requestPath": "[parameters('probes')[copyIndex('probes')].properties.requestPath]",
"intervalInSeconds": "[parameters('probes')[copyIndex('probes')].properties.intervalInSeconds]",
"numberOfProbes": "[parameters('probes')[copyIndex('probes')].properties.numberOfProbes]"
}

12
Modules/SQLServerAlwaysOn/2.0/deploy.json
Просмотреть файл

@ -141,7 +141,7 @@
"protectedSettings": {
"storageAccountName": "[parameters('artifactsStorageAccountName')]",
"storageAccountKey": "[parameters('artifactsStorageAccountKey')]",
"commandToExecute": "powershell -ExecutionPolicy Unrestricted -File ./windows/PrepareSQLServer_Install_Modules.ps1"
"commandToExecute": "powershell -ExecutionPolicy Unrestricted -File ./Windows/PrepareSQLServer_Install_Modules.ps1"
}
}
}
@ -182,7 +182,7 @@
"autoUpgradeMinorVersion": true,
"settings": {
"configuration": {
"url": "[concat('https://', parameters('artifactsStorageAccountName'), '.blob.core.windows.net/scripts/windows/PrepareSQLServer.ps1.zip')]",
"url": "[concat('https://', parameters('artifactsStorageAccountName'), '.blob.core.windows.net/scripts/Windows/PrepareSQLServer.ps1.zip')]",
"script": "PrepareSqlServer.ps1",
"function": "SqlServerPrepareDsc"
},
@ -192,7 +192,7 @@
"ClusterOwnerNode": "[concat(parameters('virtualMachineName'), '1')]",
"ClusterIP": "[parameters('sqlServerILB_IPAddress')]",
"witnessStorageBlobEndPoint": "[concat('https://', parameters('cloudWitnessStorageAccountName'), '.blob.core.windows.net')]",
"witnessStorageAccountKey": "[parameters('cloudWitnessStorageAccountKey')]"
"witnessStorageAccountKey": "[listkeys(resourceId('Microsoft.Storage/storageAccounts', parameters('cloudWitnessStorageAccountKey')), '2016-12-01').keys[0].value]"
}
},
"protectedSettings": {
@ -258,7 +258,7 @@
"protectedSettings": {
"storageAccountName": "[parameters('artifactsStorageAccountName')]",
"storageAccountKey": "[parameters('artifactsStorageAccountKey')]",
"commandToExecute": "powershell -ExecutionPolicy Unrestricted -File ./windows/sleep.ps1 -Sleep 600"
"commandToExecute": "powershell -ExecutionPolicy Unrestricted -File ./Windows/sleep.ps1 -Sleep 600"
}
}
}
@ -314,7 +314,7 @@
"ClusterOwnerNode": "[concat(parameters('virtualMachineName'), '1')]",
"ClusterIP": "[parameters('sqlServerILB_IPAddress')]",
"witnessStorageBlobEndPoint": "[concat('https://', parameters('cloudWitnessStorageAccountName'), '.blob.core.windows.net')]",
"witnessStorageAccountKey": "[parameters('cloudWitnessStorageAccountKey')]"
"witnessStorageAccountKey": "[listkeys(resourceId('Microsoft.Storage/storageAccounts', parameters('cloudWitnessStorageAccountKey')), '2016-12-01').keys[0].value]"
}
},
"protectedSettings": {
@ -384,7 +384,7 @@
"ClusterOwnerNode": "[concat(parameters('virtualMachineName'), '1')]",
"ClusterIP": "[parameters('sqlServerILB_IPAddress')]",
"witnessStorageBlobEndPoint": "[concat('https://', parameters('cloudWitnessStorageAccountName'), '.blob.core.windows.net')]",
"witnessStorageAccountKey": "[parameters('cloudWitnessStorageAccountKey')]"
"witnessStorageAccountKey": "[listkeys(resourceId('Microsoft.Storage/storageAccounts', parameters('cloudWitnessStorageAccountKey')), '2016-12-01').keys[0].value]"
}
},
"protectedSettings": {

2
Modules/StorageAccounts/2.0/deploy.json
Просмотреть файл

@ -4,7 +4,7 @@
"parameters": {
"storageAccountName": {
"type": "string",
"defaultValue": "vdcstorageawus018",
"maxLength": 24,
"metadata": {
"description": "Required. Name of the Storage Account."
}

9
Modules/VirtualMachineScaleSets/2.0/deploy.json
Просмотреть файл

@ -234,7 +234,8 @@
"tagPatching": "3rdSat7pm",
"DSCExtensionName": "DSCExtension",
"joinToDomainExtensionName": "JoinToDomainExtension",
"domainAndUsername": "[concat(parameters('domainName'), '\\', parameters('domainAdminUsername'))]"
"domainAndUsername": "[concat(parameters('domainName'), '\\', parameters('domainAdminUsername'))]",
"artifactsStorageAccountSasToken": "[concat('?', parameters('artifactsStorageAccountSasKey'))]"
},
"resources": [
{
@ -689,6 +690,9 @@
"name": "[concat(parameters('virtualMachineScaleSetsName'), '/', variables('joinToDomainExtensionName'))]",
"condition": "[variables('joinToDomain')]",
"location": "[parameters('location')]",
"dependsOn": [
"[concat('Microsoft.Compute/virtualMachineScaleSets/', parameters('virtualMachineScaleSetsName'))]"
],
"properties": {
"publisher": "Microsoft.Compute",
"type": "JsonADDomainExtension",
@ -711,7 +715,8 @@
"name": "[concat(parameters('virtualMachineScaleSetsName'), '-cpuautoscale')]",
"location": "[resourceGroup().location]",
"dependsOn": [
"[concat('Microsoft.Compute/virtualMachineScaleSets/', parameters('virtualMachineScaleSetsName'))]"
"[concat('Microsoft.Compute/virtualMachineScaleSets/', parameters('virtualMachineScaleSetsName'))]",
"[concat(resourceId('Microsoft.Compute/virtualMachineScaleSets', parameters('virtualMachineScaleSetsName')), '/extensions/', variables('joinToDomainExtensionName'))]"
],
"properties": {
"name": "[concat(parameters('virtualMachineScaleSetsName'), '-cpuautoscale')]",

18
Modules/VirtualMachines/2.0/deploy.json
Просмотреть файл

@ -150,6 +150,13 @@
"description": "Required. Name of Shared Services Subnet, this name is used to get the SubnetId"
}
},
"loadBalancerBackendPoolId": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "Optional. Represents a Load Balancer backend pool resource identifier, if left blank, no Load Balancer will be associated to the VMSS"
}
},
"applicationSecurityGroupId": {
"type": "string",
"defaultValue": "",
@ -257,6 +264,11 @@
]
}
},
"loadBalancerBackendPoolId": [
{
"id": "[parameters('loadBalancerBackendPoolId')]"
}
],
"subnetId": "[concat(parameters('vNetId'), '/subnets/', variables('subnetName'))]",
"antimalwareExtensionName": "IaaSAntimalware",
"diagnosticsExtensionName": "IaaSDiagnostics",
@ -359,6 +371,7 @@
"subnet": {
"id": "[variables('subnetId')]"
},
"loadBalancerBackendAddressPools": "[if(empty(parameters('loadBalancerBackendPoolId')), json('null'), variables('loadBalancerBackendPoolId'))]",
"applicationSecurityGroups": "[if(empty(parameters('applicationSecurityGroupId')), json('null'), variables('applicationSecurityGroups'))]"
}
}
@ -446,7 +459,10 @@
"name": "[replace(toLower(substring(concat(parameters('virtualMachineName'), copyIndex('vmLoop', parameters('virtualMachineOffset')), '-dsk', copyindex('dataDisks', parameters('virtualMachineOffset')), '-', replace(concat(variables('uniqueString'), variables('uniqueString')), '-', '')), 0, 30)), '-', '')]",
"diskSizeGB": "[parameters('virtualMachineDataDisks')[copyIndex('dataDisks')].size]",
"createOption": "Empty",
"caching": "None"
"caching": "None",
"managedDisk": {
"storageAccountType": "Premium_LRS"
}
}
}
]

16
Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1
Просмотреть файл

@ -2408,7 +2408,7 @@ Function Get-OutputReferenceValue() {
-Key $outputPathString;
# Check if the cache value was retrieval successfully (i.e it returns a value)
if($cacheValue)
if($null -ne $cacheValue)
{
Write-Debug "Output found in cache";
$resolvedOutput = $cacheValue;
@ -2431,20 +2431,24 @@ Function Get-OutputReferenceValue() {
if ($resolvedOutput `
-and $resolvedOutput -is [object[]]){
Write-Debug "Replacing an array";
# Since is an array, let's replace the reference function
# including double quotes or single quotes
$tempfullReferenceFunctionString1 = `
"""$fullReferenceFunctionString""";
Write-Debug "reference with double quotes is: $tempfullReferenceFunctionString1"
$tempfullReferenceFunctionString2 = `
"'$fullReferenceFunctionString'";
Write-Debug "reference with single quotes is: $tempfullReferenceFunctionString2"
$resolvedOutputString = `
ConvertTo-Json `
-InputObject $resolvedOutput `
-Depth 100 `
-Compress;
ConvertTo-Json `
-InputObject $resolvedOutput `
-Depth 100 `
-Compress;
$parameterValueString = `
$parameterValueString.Replace(