зеркало из https://github.com/Azure/vdc.git
ASE/SQL DB pipeline (#73)
* moved hardcoded parameters to reference tokens * updated org name * added missing location * downgrade api versions - adds * updated adds vm name * Update pipeline.yml for Azure Pipelines * Update pipeline.yml for Azure Pipelines * temp update of self hosted agent name * restablish self hosted agent name * updated organization name * added dependsOn to landing zone pipeline * fixed module configuration names * fixed missing pipeline property * fixed yaml syntax * fixed dependson * fixed path * fixed deployment name * fixed parameter format * set diagnostic storage access key as secured string * removed service endpoint on storage account * fixed output references * fixed parameter name * Moved phased wait log to write-debug * fixed travis path
This commit is contained in:
Jorge Cotillo
GitHub
Родитель
fc1327053c
Коммит
7a33fbccc5
|
|
@ -15,7 +15,7 @@ matrix:
|
|||
fast_finish: true
|
||||
|
||||
install:
|
||||
- pwsh -f "${TRAVIS_BUILD_DIR}/installDependencies.ps1"
|
||||
- pwsh -f "${TRAVIS_BUILD_DIR}/InstallDependencies.ps1"
|
||||
|
||||
script:
|
||||
- pwsh -f "${TRAVIS_BUILD_DIR}/orchestration/Tests/UnitTests/RunAll.ps1"
|
||||
- pwsh -f "${TRAVIS_BUILD_DIR}/Orchestration/Tests/UnitTests/RunAll.ps1"
|
||||
|
|
@ -81,8 +81,8 @@
|
|||
"appServicePlanName": {
|
||||
"value": "${Parameters.ModuleConfigurationParameters.AppServicePlan.Name}"
|
||||
},
|
||||
"AppServiceEnvironmentsId": {
|
||||
"value": "reference(ASE.AppServiceEnvironmentsResourceId)"
|
||||
"AppServiceEnvironmentId": {
|
||||
"value": "reference(AppServiceEnvironments.appServiceEnvironmentResourceId)"
|
||||
},
|
||||
"sku": {
|
||||
"value": "${Parameters.ModuleConfigurationParameters.AppServicePlan.Sku}"
|
||||
|
|
@ -97,10 +97,10 @@
|
|||
"Deployment": {
|
||||
"OverrideParameters": {
|
||||
"appServicePlanId": {
|
||||
"value": "reference(ASEServicePlan.appServicePlanResourceId)"
|
||||
"value": "reference(AppServicePlan.appServicePlanResourceId)"
|
||||
},
|
||||
"AppServiceEnvironmentsId": {
|
||||
"value": "reference(ASE.AppServiceEnvironmentsResourceId)"
|
||||
"AppServiceEnvironmentId": {
|
||||
"value": "reference(AppServiceEnvironments.appServiceEnvironmentResourceId)"
|
||||
},
|
||||
"appServiceWebAppName": {
|
||||
"value": "${Parameters.ModuleConfigurationParameters.AppServiceWebApp.Name}"
|
||||
|
|
@ -134,7 +134,9 @@
|
|||
"diagnosticStorageAccountAccessKey": {
|
||||
"value": "reference(DiagnosticStorageAccount.storageAccountAccessKey)"
|
||||
},
|
||||
"virtualNetworkList": "${Parameters.ModuleConfigurationParameters.SQLDB.Server.VirtualNetworkList}"
|
||||
"virtualNetworkList": {
|
||||
"value": "${Parameters.ModuleConfigurationParameters.SQLDB.Server.VirtualNetworkList}"
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
"Organization": "file(../../_Common/organizationName.txt)",
|
||||
"DeploymentName": "workload01",
|
||||
"DeploymentName": "ase-sqldb",
|
||||
"InstanceName": "${Parameters.Organization}-${Parameters.DeploymentName}",
|
||||
"Subscription": "ASE_SQLDB",
|
||||
"ModuleConfigurationParameters": {
|
||||
|
|
@ -8,9 +8,9 @@
|
|||
"OnPremisesInformation": {
|
||||
"ActiveDirectory": {
|
||||
"PrimaryDomainControllerIP": "192.168.1.4",
|
||||
"DomainName": "contoso.com",
|
||||
"DomainName": "northwind.com",
|
||||
"ADSitename": "Cloud-Site",
|
||||
"DomainAdminUserName": "contoso"
|
||||
"DomainAdminUserName": "northwind"
|
||||
},
|
||||
"Network": {
|
||||
"AddressPrefix": "192.168.1.0/28"
|
||||
|
|
|
|||
|
|
@ -36,7 +36,7 @@ stages:
|
|||
azureSubscription: 'vdc2-spoke1'
|
||||
ScriptType: 'FilePath'
|
||||
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
|
||||
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "KeyVault" -Validate'
|
||||
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "KeyVault" -Validate'
|
||||
azurePowerShellVersion: 'LatestVersion'
|
||||
env:
|
||||
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
|
||||
|
|
@ -66,7 +66,7 @@ stages:
|
|||
azureSubscription: 'vdc2-spoke1'
|
||||
ScriptType: 'FilePath'
|
||||
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
|
||||
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "AppServiceEnvironments" -Validate'
|
||||
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "AppServiceEnvironments" -Validate'
|
||||
azurePowerShellVersion: 'LatestVersion'
|
||||
env:
|
||||
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
|
||||
|
|
@ -96,7 +96,7 @@ stages:
|
|||
azureSubscription: 'vdc2-spoke1'
|
||||
ScriptType: 'FilePath'
|
||||
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
|
||||
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "AppServicePlan" -Validate'
|
||||
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "AppServicePlan" -Validate'
|
||||
azurePowerShellVersion: 'LatestVersion'
|
||||
env:
|
||||
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
|
||||
|
|
@ -126,7 +126,7 @@ stages:
|
|||
azureSubscription: 'vdc2-spoke1'
|
||||
ScriptType: 'FilePath'
|
||||
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
|
||||
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "AppServiceWebApp" -Validate'
|
||||
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "AppServiceWebApp" -Validate'
|
||||
azurePowerShellVersion: 'LatestVersion'
|
||||
env:
|
||||
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
|
||||
|
|
@ -156,7 +156,7 @@ stages:
|
|||
azureSubscription: 'vdc2-spoke1'
|
||||
ScriptType: 'FilePath'
|
||||
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
|
||||
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "SQLDBServer" -Validate'
|
||||
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "SQLDBServer" -Validate'
|
||||
azurePowerShellVersion: 'LatestVersion'
|
||||
env:
|
||||
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
|
||||
|
|
@ -186,7 +186,7 @@ stages:
|
|||
azureSubscription: 'vdc2-spoke1'
|
||||
ScriptType: 'FilePath'
|
||||
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
|
||||
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "SQLDatabase" -Validate'
|
||||
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "SQLDatabase" -Validate'
|
||||
azurePowerShellVersion: 'LatestVersion'
|
||||
env:
|
||||
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
|
||||
|
|
@ -210,8 +210,7 @@ stages:
|
|||
azurePowerShellVersion: 'LatestVersion'
|
||||
- stage: Deploy
|
||||
jobs:
|
||||
- job: Deployment
|
||||
timeoutInMinutes: 0
|
||||
- job: KeyVault
|
||||
pool:
|
||||
name: 'vdc-self-hosted'
|
||||
steps:
|
||||
|
|
@ -221,7 +220,7 @@ stages:
|
|||
azureSubscription: 'vdc2-spoke1'
|
||||
ScriptType: 'FilePath'
|
||||
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
|
||||
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "KeyVault"'
|
||||
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "KeyVault"'
|
||||
azurePowerShellVersion: 'LatestVersion'
|
||||
env:
|
||||
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
|
||||
|
|
@ -230,13 +229,18 @@ stages:
|
|||
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
|
||||
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
|
||||
TENANT_ID: $(TENANT_ID)
|
||||
- job: AppServiceEnvironments
|
||||
timeoutInMinutes: 0
|
||||
pool:
|
||||
name: 'vdc-self-hosted'
|
||||
steps:
|
||||
- task: AzurePowerShell@4
|
||||
displayName: "App Service Environments"
|
||||
inputs:
|
||||
azureSubscription: 'vdc2-spoke1'
|
||||
ScriptType: 'FilePath'
|
||||
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
|
||||
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "AppServiceEnvironments"'
|
||||
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "AppServiceEnvironments"'
|
||||
azurePowerShellVersion: 'LatestVersion'
|
||||
env:
|
||||
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
|
||||
|
|
@ -245,13 +249,19 @@ stages:
|
|||
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
|
||||
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
|
||||
TENANT_ID: $(TENANT_ID)
|
||||
- job: AppServicePlan
|
||||
timeoutInMinutes: 0
|
||||
pool:
|
||||
name: 'vdc-self-hosted'
|
||||
dependsOn: AppServiceEnvironments
|
||||
steps:
|
||||
- task: AzurePowerShell@4
|
||||
displayName: "App Service Plan"
|
||||
inputs:
|
||||
azureSubscription: 'vdc2-spoke1'
|
||||
ScriptType: 'FilePath'
|
||||
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
|
||||
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "AppServicePlan"'
|
||||
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "AppServicePlan"'
|
||||
azurePowerShellVersion: 'LatestVersion'
|
||||
env:
|
||||
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
|
||||
|
|
@ -260,13 +270,18 @@ stages:
|
|||
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
|
||||
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
|
||||
TENANT_ID: $(TENANT_ID)
|
||||
- job: AppServiceWebApp
|
||||
pool:
|
||||
name: 'vdc-self-hosted'
|
||||
dependsOn: AppServicePlan
|
||||
steps:
|
||||
- task: AzurePowerShell@4
|
||||
displayName: "App Service WebApp"
|
||||
inputs:
|
||||
azureSubscription: 'vdc2-spoke1'
|
||||
ScriptType: 'FilePath'
|
||||
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
|
||||
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "AppServiceWebApp"'
|
||||
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "AppServiceWebApp"'
|
||||
azurePowerShellVersion: 'LatestVersion'
|
||||
env:
|
||||
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
|
||||
|
|
@ -275,13 +290,19 @@ stages:
|
|||
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
|
||||
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
|
||||
TENANT_ID: $(TENANT_ID)
|
||||
- job: SQLDBServer
|
||||
timeoutInMinutes: 0
|
||||
pool:
|
||||
name: 'vdc-self-hosted'
|
||||
dependsOn: KeyVault
|
||||
steps:
|
||||
- task: AzurePowerShell@4
|
||||
displayName: "SQLDB Server"
|
||||
inputs:
|
||||
azureSubscription: 'vdc2-spoke1'
|
||||
ScriptType: 'FilePath'
|
||||
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
|
||||
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "SQLDBServer"'
|
||||
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "SQLDBServer"'
|
||||
azurePowerShellVersion: 'LatestVersion'
|
||||
env:
|
||||
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
|
||||
|
|
@ -290,13 +311,19 @@ stages:
|
|||
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
|
||||
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
|
||||
TENANT_ID: $(TENANT_ID)
|
||||
- job: SQLDatabase
|
||||
timeoutInMinutes: 0
|
||||
pool:
|
||||
name: 'vdc-self-hosted'
|
||||
dependsOn: SQLDBServer
|
||||
steps:
|
||||
- task: AzurePowerShell@4
|
||||
displayName: "SQLDatabase"
|
||||
inputs:
|
||||
azureSubscription: 'vdc2-spoke1'
|
||||
ScriptType: 'FilePath'
|
||||
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
|
||||
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "SQLDatabase"'
|
||||
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/Archetype/definition.json" -ModuleConfigurationName "SQLDatabase"'
|
||||
azurePowerShellVersion: 'LatestVersion'
|
||||
env:
|
||||
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
|
||||
|
|
|
|||
|
|
@ -172,7 +172,7 @@
|
|||
"value": "${Parameters.ModuleConfigurationParameters.VirtualNetworkPeering.LocalPeering.Name}"
|
||||
},
|
||||
"remoteVirtualNetworkId": {
|
||||
"value": "reference(fabrikam-shrdsvcs.VirtualNetwork.vNetResourceId)"
|
||||
"value": "reference(nw-shrdsvcs.VirtualNetwork.vNetResourceId)"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -181,11 +181,11 @@
|
|||
"Name": "RemoteVirtualNetworkPeering",
|
||||
"ModuleDefinitionName": "vNetPeering",
|
||||
"Subscription": "SharedServices",
|
||||
"ResourceGroupName": "reference(fabrikam-shrdsvcs.VirtualNetwork.vNetResourceGroup)",
|
||||
"ResourceGroupName": "reference(nw-shrdsvcs.VirtualNetwork.vNetResourceGroup)",
|
||||
"Deployment": {
|
||||
"OverrideParameters": {
|
||||
"localVnetName": {
|
||||
"value": "reference(fabrikam-shrdsvcs.VirtualNetwork.vNetName)"
|
||||
"value": "reference(nw-shrdsvcs.VirtualNetwork.vNetName)"
|
||||
},
|
||||
"peeringName": {
|
||||
"value": "${Parameters.ModuleConfigurationParameters.VirtualNetworkPeering.RemotePeering.Name}"
|
||||
|
|
@ -201,22 +201,6 @@
|
|||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"Name": "EnableServiceEndpointOnDiagnosticStorageAccount",
|
||||
"ModuleDefinitionName": "StorageAccounts",
|
||||
"Updates": "DiagnosticStorageAccount",
|
||||
"Comments": "Enables Service endpoint on the Storage Account",
|
||||
"Deployment": {
|
||||
"OverrideParameters": {
|
||||
"networkAcls": {
|
||||
"value": "${Parameters.ModuleConfigurationParameters.DiagnosticStorageAccount.NetworkAcls}"
|
||||
},
|
||||
"vNetId": {
|
||||
"value": "reference(VirtualNetwork.vNetResourceId)"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
|
@ -7,9 +7,9 @@
|
|||
"OnPremisesInformation": {
|
||||
"ActiveDirectory": {
|
||||
"PrimaryDomainControllerIP": "192.168.1.4",
|
||||
"DomainName": "fabrikam.com",
|
||||
"DomainName": "northwind.com",
|
||||
"ADSitename": "Cloud-Site",
|
||||
"DomainAdminUserName": "fabrikam"
|
||||
"DomainAdminUserName": "northwind"
|
||||
},
|
||||
"Network": {
|
||||
"AddressPrefix": "192.168.1.0/28"
|
||||
|
|
|
|||
|
|
@ -45,21 +45,6 @@ stages:
|
|||
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
|
||||
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
|
||||
TENANT_ID: $(TENANT_ID)
|
||||
- task: AzurePowerShell@4
|
||||
displayName: "ARM Validation - Enable Service Endpoint On Diagnostic Storage Account"
|
||||
inputs:
|
||||
azureSubscription: 'vdc2-spoke1'
|
||||
ScriptType: 'FilePath'
|
||||
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
|
||||
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "EnableServiceEndpointOnDiagnosticStorageAccount" -Validate'
|
||||
azurePowerShellVersion: 'LatestVersion'
|
||||
env:
|
||||
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
|
||||
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
|
||||
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
|
||||
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
|
||||
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
|
||||
TENANT_ID: $(TENANT_ID)
|
||||
- job: LogAnalytics
|
||||
pool:
|
||||
name: 'vdc-self-hosted'
|
||||
|
|
@ -300,7 +285,7 @@ stages:
|
|||
azurePowerShellVersion: 'LatestVersion'
|
||||
- stage: Deploy
|
||||
jobs:
|
||||
- job: Deployment
|
||||
- job: DiagnosticStorageAccount
|
||||
pool:
|
||||
name: 'vdc-self-hosted'
|
||||
steps:
|
||||
|
|
@ -319,6 +304,11 @@ stages:
|
|||
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
|
||||
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
|
||||
TENANT_ID: $(TENANT_ID)
|
||||
- job: LogAnalytics
|
||||
pool:
|
||||
name: 'vdc-self-hosted'
|
||||
dependsOn: DiagnosticStorageAccount
|
||||
steps:
|
||||
- task: AzurePowerShell@4
|
||||
displayName: "Log Analytics"
|
||||
inputs:
|
||||
|
|
@ -334,6 +324,10 @@ stages:
|
|||
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
|
||||
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
|
||||
TENANT_ID: $(TENANT_ID)
|
||||
- job: AzureSecurityCenter
|
||||
pool:
|
||||
name: 'vdc-self-hosted'
|
||||
steps:
|
||||
- task: AzurePowerShell@4
|
||||
displayName: "Azure Security Center"
|
||||
inputs:
|
||||
|
|
@ -349,6 +343,10 @@ stages:
|
|||
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
|
||||
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
|
||||
TENANT_ID: $(TENANT_ID)
|
||||
- job: NISTControls
|
||||
pool:
|
||||
name: 'vdc-self-hosted'
|
||||
steps:
|
||||
- task: AzurePowerShell@4
|
||||
displayName: "NIST Controls"
|
||||
inputs:
|
||||
|
|
@ -364,6 +362,11 @@ stages:
|
|||
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
|
||||
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
|
||||
TENANT_ID: $(TENANT_ID)
|
||||
- job: DefaultNetworkSecurityGroup
|
||||
pool:
|
||||
name: 'vdc-self-hosted'
|
||||
dependsOn: DiagnosticStorageAccount
|
||||
steps:
|
||||
- task: AzurePowerShell@4
|
||||
displayName: "Default Network Security Group"
|
||||
inputs:
|
||||
|
|
@ -379,6 +382,10 @@ stages:
|
|||
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
|
||||
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
|
||||
TENANT_ID: $(TENANT_ID)
|
||||
- job: DefaultRouteTable
|
||||
pool:
|
||||
name: 'vdc-self-hosted'
|
||||
steps:
|
||||
- task: AzurePowerShell@4
|
||||
displayName: "Default Route Table"
|
||||
inputs:
|
||||
|
|
@ -394,6 +401,11 @@ stages:
|
|||
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
|
||||
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
|
||||
TENANT_ID: $(TENANT_ID)
|
||||
- job: VirtualNetwork
|
||||
pool:
|
||||
name: 'vdc-self-hosted'
|
||||
dependsOn: [ DefaultNetworkSecurityGroup, DefaultRouteTable ]
|
||||
steps:
|
||||
- task: AzurePowerShell@4
|
||||
displayName: "Virtual Network"
|
||||
inputs:
|
||||
|
|
@ -409,6 +421,11 @@ stages:
|
|||
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
|
||||
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
|
||||
TENANT_ID: $(TENANT_ID)
|
||||
- job: WorkloadPeeringToSharedServices
|
||||
pool:
|
||||
name: 'vdc-self-hosted'
|
||||
dependsOn: 'VirtualNetwork'
|
||||
steps:
|
||||
- task: AzurePowerShell@4
|
||||
displayName: "Workload Virtual Network Peering to Shared Services"
|
||||
inputs:
|
||||
|
|
@ -424,6 +441,11 @@ stages:
|
|||
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
|
||||
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
|
||||
TENANT_ID: $(TENANT_ID)
|
||||
- job: SharedServicesPeeringToWorkload
|
||||
pool:
|
||||
name: 'vdc-self-hosted'
|
||||
dependsOn: 'VirtualNetwork'
|
||||
steps:
|
||||
- task: AzurePowerShell@4
|
||||
displayName: "Shared Services Virtual Network Peering to Workload"
|
||||
inputs:
|
||||
|
|
@ -439,18 +461,3 @@ stages:
|
|||
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
|
||||
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
|
||||
TENANT_ID: $(TENANT_ID)
|
||||
- task: AzurePowerShell@4
|
||||
displayName: "Enable Service Endpoint On Diagnostic Storage Account"
|
||||
inputs:
|
||||
azureSubscription: 'vdc2-spoke1'
|
||||
ScriptType: 'FilePath'
|
||||
ScriptPath: 'Orchestration/OrchestrationService/ModuleConfigurationDeployment.ps1'
|
||||
ScriptArguments: '-DefinitionPath "Environments/ASE_SQLDB/LandingZone/definition.json" -ModuleConfigurationName "EnableServiceEndpointOnDiagnosticStorageAccount"'
|
||||
azurePowerShellVersion: 'LatestVersion'
|
||||
env:
|
||||
VDC_SUBSCRIPTIONS: $(VDC_SUBSCRIPTIONS)
|
||||
VDC_TOOLKIT_SUBSCRIPTION: $(VDC_TOOLKIT_SUBSCRIPTION)
|
||||
DEPLOYMENT_USER_ID: $(DEPLOYMENT_USER_ID)
|
||||
ADMIN_USER_PWD: $(ADMIN_USER_PWD)
|
||||
DOMAIN_ADMIN_USER_PWD: $(DOMAIN_ADMIN_USER_PWD)
|
||||
TENANT_ID: $(TENANT_ID)
|
||||
|
|
@ -393,13 +393,13 @@
|
|||
"Comments": "Optional - If no object is specified, no Policies deployment will occur",
|
||||
"OverrideParameters": {
|
||||
"effect": {
|
||||
"value": "Deny"
|
||||
"value": "${Parameters.ModuleConfigurationParameters.ArtifactsStorageAccount.Policies.Effect}"
|
||||
},
|
||||
"resourceGroup": {
|
||||
"value": "fabrikam-shrdsvcs-diagnostics-rg"
|
||||
"value": "${Parameters.ModuleConfigurationParameters.ArtifactsStorageAccount.ResourceGroup}"
|
||||
},
|
||||
"resourceGroupLocation": {
|
||||
"value": "West US 2"
|
||||
"value": "${Parameters.ModuleConfigurationParameters.ArtifactsStorageAccount.Location}"
|
||||
}
|
||||
}
|
||||
},
|
||||
|
|
|
|||
|
|
@ -8,16 +8,16 @@
|
|||
"OnPremisesInformation": {
|
||||
"ActiveDirectory": {
|
||||
"PrimaryDomainControllerIP": "192.168.1.4",
|
||||
"DomainName": "fabrikam.com",
|
||||
"DomainName": "northwind.com",
|
||||
"ADSitename": "Cloud-Site",
|
||||
"DomainAdminUserName": "fabrikam"
|
||||
"DomainAdminUserName": "northwind"
|
||||
},
|
||||
"Network": {
|
||||
"AddressPrefix": "192.168.1.0/28"
|
||||
},
|
||||
"VirtualNetworkGateway": {
|
||||
"Name": "fabrikam-onprem-gw",
|
||||
"ResourceGroup": "fabrikam-onprem-net-rg"
|
||||
"Name": "nw-onprem-gw",
|
||||
"ResourceGroup": "nw-onprem-net-rg"
|
||||
},
|
||||
"SubscriptionId": "${Subscriptions.OnPremises.SubscriptionId}"
|
||||
},
|
||||
|
|
@ -793,7 +793,7 @@
|
|||
}
|
||||
},
|
||||
"ActiveDirectoryDomainServices": {
|
||||
"Name": "adds-vm",
|
||||
"Name": "addsv2-vm",
|
||||
"ResourceGroup": "${Parameters.InstanceName}-adds-rg",
|
||||
"Comments": "Windows VM name cannot exceed 13 characters",
|
||||
"AdminUsername": "${Parameters.ModuleConfigurationParameters.KeyVault.SecretsObject.Secrets[0].secretName}",
|
||||
|
|
@ -805,7 +805,7 @@
|
|||
"publisher": "MicrosoftWindowsServer",
|
||||
"sku": "2016-Datacenter"
|
||||
},
|
||||
"AddsIPAddressStart": "172.0.0.20",
|
||||
"AddsIPAddressStart": "172.0.0.25",
|
||||
"DomainName": "${Parameters.ModuleConfigurationParameters.OnPremisesInformation.ActiveDirectory.DomainName}",
|
||||
"PrimaryDomainControllerIP": "${Parameters.ModuleConfigurationParameters.OnPremisesInformation.ActiveDirectory.PrimaryDomainControllerIP}",
|
||||
"ADSitename": "${Parameters.ModuleConfigurationParameters.OnPremisesInformation.ActiveDirectory.ADSitename}",
|
||||
|
|
|
|||
|
|
@ -1,5 +1,9 @@
|
|||
{
|
||||
"Name": "${Parameters.Organization}cstmartfcts01",
|
||||
"ResourceGroup": "${Parameters.InstanceName}-artifacts-rg",
|
||||
"Sku": "Standard_GRS"
|
||||
"Sku": "Standard_GRS",
|
||||
"Location": "${Parameters.Location}",
|
||||
"Policies": {
|
||||
"Effect": "Audit"
|
||||
}
|
||||
}
|
||||
|
|
@ -1 +1 @@
|
|||
fabrikam
|
||||
nw
|
||||
|
|
@ -258,7 +258,7 @@
|
|||
},
|
||||
{
|
||||
"type": "Microsoft.Compute/virtualMachines",
|
||||
"apiVersion": "2019-03-01",
|
||||
"apiVersion": "2017-03-30",
|
||||
"location": "[resourceGroup().location]",
|
||||
"name": "[concat(parameters('virtualMachineName'), copyindex(1))]",
|
||||
"tags": {
|
||||
|
|
@ -327,7 +327,7 @@
|
|||
{
|
||||
"type": "extensions",
|
||||
"name": "[variables('MMAExtensionName')]",
|
||||
"apiVersion": "2019-03-01",
|
||||
"apiVersion": "2015-06-15",
|
||||
"location": "[resourceGroup().location]",
|
||||
"dependsOn": [
|
||||
"[resourceId('Microsoft.Compute/virtualMachines', concat(parameters('virtualMachineName'), copyindex(1)))]"
|
||||
|
|
@ -348,7 +348,7 @@
|
|||
{
|
||||
"type": "extensions",
|
||||
"name": "[variables('customAddsExtensionName')]",
|
||||
"apiVersion": "2019-03-01",
|
||||
"apiVersion": "2017-03-30",
|
||||
"location": "[resourceGroup().location]",
|
||||
"dependsOn": [
|
||||
"[resourceId('Microsoft.Compute/virtualMachines', concat(parameters('virtualMachineName'), copyindex(1)))]",
|
||||
|
|
@ -378,7 +378,7 @@
|
|||
{
|
||||
"type": "extensions",
|
||||
"name": "[variables('antimalwareExtensionName')]",
|
||||
"apiVersion": "2019-03-01",
|
||||
"apiVersion": "2017-03-30",
|
||||
"location": "[resourceGroup().location]",
|
||||
"dependsOn": [
|
||||
"[resourceId('Microsoft.Compute/virtualMachines', concat(parameters('virtualMachineName'), copyindex(1)))]",
|
||||
|
|
@ -405,7 +405,7 @@
|
|||
"type": "extensions",
|
||||
"name": "[variables('diagnosticsExtensionName')]",
|
||||
"location": "[resourceGroup().location]",
|
||||
"apiVersion": "2019-03-01",
|
||||
"apiVersion": "2017-03-30",
|
||||
"dependsOn": [
|
||||
"[resourceId('Microsoft.Compute/virtualMachines', concat(parameters('virtualMachineName'), copyindex(1)))]",
|
||||
"[resourceId('Microsoft.Compute/virtualMachines/extensions', concat(parameters('virtualMachineName'), copyindex(1)), variables('customAddsExtensionName'))]"
|
||||
|
|
@ -697,7 +697,7 @@
|
|||
{
|
||||
"type": "extensions",
|
||||
"name": "[variables('networkWatcherExtensionName')]",
|
||||
"apiVersion": "2019-03-01",
|
||||
"apiVersion": "2017-03-30",
|
||||
"location": "[resourceGroup().location]",
|
||||
"dependsOn": [
|
||||
"[resourceId('Microsoft.Compute/virtualMachines', concat(parameters('virtualMachineName'), copyindex(1)))]",
|
||||
|
|
@ -713,7 +713,7 @@
|
|||
{
|
||||
"type": "extensions",
|
||||
"name": "[variables('windowsPasswordPoliciesExtensionName')]",
|
||||
"apiVersion": "2019-03-01",
|
||||
"apiVersion": "2017-03-30",
|
||||
"location": "[resourceGroup().location]",
|
||||
"dependsOn": [
|
||||
"[resourceId('Microsoft.Compute/virtualMachines', concat(parameters('virtualMachineName'), copyindex(1)))]"
|
||||
|
|
@ -884,7 +884,7 @@
|
|||
{
|
||||
"type": "extensions",
|
||||
"name": "[variables('azureDiskEncryptionExtensionName')]",
|
||||
"apiVersion": "2019-03-01",
|
||||
"apiVersion": "2017-03-30",
|
||||
"location": "[resourceGroup().location]",
|
||||
"condition": "[variables('enableDiskEncryption')]",
|
||||
"dependsOn": [
|
||||
|
|
@ -934,7 +934,7 @@
|
|||
"parameters": {},
|
||||
"resources": [
|
||||
{
|
||||
"apiVersion": "2019-03-01",
|
||||
"apiVersion": "2017-03-30",
|
||||
"type": "Microsoft.Compute/virtualMachines",
|
||||
"name": "[concat(parameters('virtualMachineName'), copyindex(1))]",
|
||||
"condition": "[variables('enableDiskEncryption')]",
|
||||
|
|
@ -985,7 +985,7 @@
|
|||
"parameters": {},
|
||||
"resources": [
|
||||
{
|
||||
"apiVersion": "2019-03-01",
|
||||
"apiVersion": "2017-03-30",
|
||||
"type": "Microsoft.Compute/virtualMachines",
|
||||
"name": "[concat(parameters('virtualMachineName'), copyindex(1))]",
|
||||
"location": "[resourceGroup().location]",
|
||||
|
|
|
|||
|
|
@ -41,7 +41,7 @@
|
|||
}
|
||||
},
|
||||
"diagnosticStorageAccountAccessKey": {
|
||||
"type": "string",
|
||||
"type": "securestring",
|
||||
"metadata": {
|
||||
"description": "The key of the storage account where the vulnerability assesments scan results will be stored."
|
||||
}
|
||||
|
|
|
|||
|
|
@ -135,7 +135,7 @@
|
|||
},
|
||||
"databaseResourceId": {
|
||||
"type": "string",
|
||||
"value": "[resourceId('Microsoft.Sql/servers/databases', variables('databaseName'))]",
|
||||
"value": "[concat(resourceId('Microsoft.Sql/servers', parameters('serverName')), '/databases/', parameters('databaseName'))]",
|
||||
"metadata": {
|
||||
"description": "The Resource Id of the SQL Database deployed."
|
||||
}
|
||||
|
|
|
|||
|
|
@ -179,7 +179,7 @@ Class AzureResourceManagerDeploymentService: IDeploymentService {
|
|||
try
|
||||
{
|
||||
Write-Debug "Invoking ARM REST API with Uri: $uri";
|
||||
Write-Debug "Request Body: $(ConvertTo-Json $requestBody -Depth 50)";
|
||||
Write-Debug "Request Body: $requestBody";
|
||||
|
||||
# Call REST API to start the deployment
|
||||
$deployment = `
|
||||
|
|
@ -201,9 +201,11 @@ Class AzureResourceManagerDeploymentService: IDeploymentService {
|
|||
# Only two failures can result:
|
||||
# 1. Template / Parameters Validation failure
|
||||
# 2. Deployment failure
|
||||
Write-Host "Running a deployment ...";
|
||||
$this.WaitForDeploymentToComplete(
|
||||
$deployment,
|
||||
$this.isSubscriptionDeployment);
|
||||
Write-Host "Deployment complete";
|
||||
}
|
||||
return $deployment;
|
||||
}
|
||||
|
|
@ -379,11 +381,11 @@ Class AzureResourceManagerDeploymentService: IDeploymentService {
|
|||
$phase = 1;
|
||||
do {
|
||||
$loop++;
|
||||
Write-Host "Loop #: $loop";
|
||||
Write-Debug "Loop #: $loop";
|
||||
# Increment the phase number after
|
||||
# 10 loops
|
||||
if($loop%10 -eq 0) {
|
||||
Write-Host "Wait phase: $phase, complete";
|
||||
Write-Debug "Wait phase: $phase, complete";
|
||||
# Phase complete
|
||||
# new phase:
|
||||
$phase += 1;
|
||||
|
|
@ -391,10 +393,10 @@ Class AzureResourceManagerDeploymentService: IDeploymentService {
|
|||
# let's increate the wait time
|
||||
$wait = ($wait * 2);
|
||||
|
||||
Write-Host "Moving to next wait phase: $phase";
|
||||
Write-Host "New wait time: $wait seconds";
|
||||
Write-Debug "Moving to next wait phase: $phase";
|
||||
Write-Debug "New wait time: $wait seconds";
|
||||
}
|
||||
Write-Host "Waiting for deployment: $($deployment.Name) to complete. Will check in $wait seconds.";
|
||||
Write-Debug "Waiting for deployment: $($deployment.Name) to complete. Will check in $wait seconds.";
|
||||
Start-Sleep -s $wait;
|
||||
|
||||
# Get-AzResourceGroupDeployment will only return minimal details about the deployment
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче