microsoft
/
azure-data-services-go-fast-codebase
зеркало из https://github.com/microsoft/azure-data-services-go-fast-codebase.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Merge pull request #256 from microsoft/feature-1.0.4 

Feature 1.0.4
This commit is contained in:
John Rampono 2022-08-23 08:03:49 +08:00 коммит произвёл GitHub
Родитель 8fade4ed27 3617312d53
Коммит e91263aeff
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: 4AEE18F83AFDEB23
692 изменённых файлов: 72892 добавлений и 10325 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

3
.devcontainer/Dockerfile
Просмотреть файл

@ -36,8 +36,7 @@ RUN bash /tmp/library-scripts/common-debian.sh "${INSTALL_ZSH}" "${USERNAME}" "$
&& wget https://github.com/gruntwork-io/terragrunt/releases/download/v0.35.14/terragrunt_linux_amd64 \
&& mv terragrunt_linux_amd64 terragrunt \
&& chmod u+x terragrunt \
&& mv terragrunt /usr/local/bin/terragrunt
&& mv terragrunt /usr/local/bin/terragrunt
# [Optional] Uncomment this section to install additional OS packages.
# RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \

0
.github/workflows/deploy-terraform-state-store.yml → .github/workflows/01.create-rg-and-aad-objects.yml поставляемый
Просмотреть файл

184
.github/workflows/02.continuous-delivery-staging.yml поставляемый Normal file
Просмотреть файл

@ -0,0 +1,184 @@
name: Continuous Delivery - Staging
on:
workflow_dispatch:
push:
branches: main #feature-1.0.4
jobs:
deploy-to-env-one:
name: Deploy to Environment One
concurrency: terraform
environment:
name: development
env:
# Runner Installs
installTerragrunt: false
# This determines the location of the .hcl file that will be used
environmentName: staging
gitDeploy : true
skipTerraformDeployment: false
featureTemplate: ${{ secrets.ARM_FEATURE_TEMPLATE }}
WEB_APP_ADMIN_USER: ${{ secrets.WEB_APP_ADMIN_USER }}
keyVaultName: ${{ secrets.ARM_KEYVAULT_NAME }}
ARM_SYNAPSE_WORKSPACE_NAME: ${{ secrets.ARM_SYNAPSE_WORKSPACE_NAME }}
datalakeName: ${{ secrets.ARM_DATALAKE_NAME }}
# Required for Terraform
ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
ARM_PAL_PARTNER_ID: ${{ secrets.ARM_PAL_PARTNER_ID }}
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
# Customizing Terraform vars
TF_VAR_ip_address2 : ${{ secrets.ARM_IP_ADDRESS2 }}
TF_VAR_domain : ${{ secrets.ARM_DOMAIN }}
TF_VAR_subscription_id : ${{ secrets.ARM_SUBSCRIPTION_ID }}
TF_VAR_tenant_id : ${{ secrets.ARM_TENANT_ID }}
TF_VAR_environment_tag : ${{ secrets.ENVIRONMENT_TAG }}
TF_VAR_resource_group_name : ${{ secrets.ARM_RESOURCE_GROUP_NAME }}
TF_VAR_state_storage_account_name : ${{ secrets.ARM_STORAGE_NAME }}
TF_VAR_jumphost_password : ${{secrets.ARM_JUMPHOST_PASSWORD}}
TF_VAR_synapse_sql_password : ${{secrets.ARM_SYNAPSE_PASSWORD}}
TF_VAR_web_app_admin_security_group : ${{secrets.WEB_APP_ADMIN_SECURITY_GROUP}}
# GIT Integration set up
TF_VAR_synapse_git_repository_name : ${{secrets.GIT_REPOSITORY_NAME}}
TF_VAR_synapse_git_repository_branch_name : ${{secrets.GIT_SYNAPSE_REPOSITORY_BRANCH_NAME}}
TF_VAR_synapse_git_pat : ${{secrets.GIT_PAT}}
TF_VAR_synapse_git_user_name : ${{secrets.GIT_USER_NAME}}
TF_VAR_synapse_git_email_address : ${{secrets.GIT_EMAIL_ADDRESS}}
TF_VAR_adf_git_repository_name : ${{secrets.GIT_REPOSITORY_NAME}}
TF_VAR_adf_git_repository_branch_name : ${{secrets.GIT_ADF_REPOSITORY_BRANCH_NAME}}
TF_VAR_adf_git_pat : ${{secrets.GIT_PAT}}
TF_VAR_adf_git_user_name : ${{secrets.GIT_USER_NAME}}
TF_VAR_adf_git_email_address : ${{secrets.GIT_EMAIL_ADDRESS}}
#TF_LOG : TRACE
runs-on: self-hosted
steps:
- name: PrintInfo
run: |
echo "Deploying to Resource Group: ${{ env.TF_VAR_resource_group_name }} "
echo "echo Hcl file name: ${{ env.environmentName}} "
- name: Checkout
uses: actions/checkout@v3.0.0
- name: Get public IP
id: ip
uses: haythem/public-ip@v1.2
- name: Login via Az module
uses: azure/login@v1
with:
creds: '{"clientId":"${{ secrets.ARM_CLIENT_ID }}","clientSecret":"${{ secrets.ARM_CLIENT_SECRET }}","subscriptionId":"${{ secrets.ARM_SUBSCRIPTION_ID }}","tenantId":"${{ secrets.ARM_TENANT_ID }}"}'
enable-AzPSSession: false
- name: Open Firewalls for Agent
id: open_firewalls
continue-on-error: true
working-directory: ./solution/DeploymentV2/terraform
run: |
az keyvault network-rule add -g ${{ env.TF_VAR_resource_group_name }} --name ${{ env.keyVaultName }} --ip-address ${{ steps.ip.outputs.ipv4 }}/32
az synapse workspace firewall-rule create --name CICDAgent --resource-group ${{ env.TF_VAR_resource_group_name }} --start-ip-address ${{ steps.ip.outputs.ipv4 }} --end-ip-address ${{ steps.ip.outputs.ipv4 }} --workspace-name ${{ env.ARM_SYNAPSE_WORKSPACE_NAME }}
az storage account network-rule add --resource-group ${{ env.TF_VAR_resource_group_name }} --account-name ${{ env.datalakeName }} --ip-address ${{ steps.ip.outputs.ipv4 }}
- name: Set PAL
id: set_pal
continue-on-error: true
run: |
az extension add --name managementpartner
az managementpartner update --partner-id ${{ secrets.ARM_PAL_PARTNER_ID }} || az managementpartner create --partner-id ${{ secrets.ARM_PAL_PARTNER_ID }}
- name: Terragrunt Install
id: terragrunt_install
working-directory: ./solution/DeploymentV2/terraform_layer2
run: |
tgcheck=$(command -v terragrunt)
if [ -z "$tgcheck" ]; then tgcheck="NotInstalled";fi
if [ $tgcheck == "NotInstalled" ];then echo "Terragrunt Not Installed. Installing"; brew install terragrunt; else echo "Terragrunt Installed"; fi
- name: Install Jsonnet
id: jsonnet-install
working-directory: ./solution/DeploymentV2/
env:
TF_VAR_ip_address : ${{steps.ip.outputs.ipv4}}
run: |
wget https://github.com/google/go-jsonnet/releases/download/v0.17.0/jsonnet-go_0.17.0_linux_amd64.deb
sudo dpkg -i jsonnet-go_0.17.0_linux_amd64.deb
- name: Deploy Solution IAC
id: solution-deployment-iac
working-directory: ./solution/DeploymentV2/terraform_layer2
shell: pwsh
env:
TF_VAR_ip_address : ${{steps.ip.outputs.ipv4}}
run: |
git update-index --chmod=+x ./02-deploy.ps1
./02-deploy.ps1 -FeatureTemplate $env:featureTemplate
- name: Build and Publish Code Artefacts
id: solution-deployment-code
working-directory: ./solution/DeploymentV2/terraform_layer2
shell: pwsh
env:
TF_VAR_ip_address : ${{steps.ip.outputs.ipv4}}
run: |
git update-index --chmod=+x ./02-publish.ps1
./02-publish.ps1 -FeatureTemplate $env:featureTemplate
#PROD ENVIRONMENT
deploy-to-env-two:
name: Deploy to Environment Two
concurrency: terraform
needs: [deploy-to-env-one]
environment:
name: Prod
env:
environmentName: production
gitDeploy : true
skipTerraformDeployment: false
WEB_APP_ADMIN_USER: ${{ secrets.WEB_APP_ADMIN_USER }}
keyVaultName: ${{ secrets.ARM_KEYVAULT_NAME }}
ARM_SYNAPSE_WORKSPACE_NAME: ${{ secrets.ARM_SYNAPSE_WORKSPACE_NAME }}
datalakeName: ${{ secrets.ARM_DATALAKE_NAME }}
# Required for Terraform
ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
ARM_PAL_PARTNER_ID: ${{ secrets.ARM_PAL_PARTNER_ID }}
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
# Customizing Terraform vars
TF_VAR_domain : ${{ secrets.ARM_DOMAIN }}
TF_VAR_subscription_id : ${{ secrets.ARM_SUBSCRIPTION_ID }}
TF_VAR_tenant_id : ${{ secrets.ARM_TENANT_ID }}
TF_VAR_environment_tag : ${{ secrets.ENVIRONMENT_TAG }}
TF_VAR_resource_group_name : ${{ secrets.ARM_RESOURCE_GROUP_NAME }}
TF_VAR_state_storage_account_name : ${{ secrets.ARM_STORAGE_NAME }}
TF_VAR_jumphost_password : ${{secrets.ARM_JUMPHOST_PASSWORD}}
TF_VAR_synapse_sql_password : ${{secrets.ARM_SYNAPSE_PASSWORD}}
TF_VAR_web_app_admin_security_group : ${{secrets.WEB_APP_ADMIN_SECURITY_GROUP}}
# GIT Integration set up
TF_VAR_synapse_git_repository_name : ${{secrets.GIT_REPOSITORY_NAME}}
TF_VAR_synapse_git_repository_branch_name : ${{secrets.GIT_SYNAPSE_REPOSITORY_BRANCH_NAME}}
TF_VAR_synapse_git_pat : ${{secrets.GIT_PAT}}
TF_VAR_synapse_git_user_name : ${{secrets.GIT_USER_NAME}}
TF_VAR_synapse_git_email_address : ${{secrets.GIT_EMAIL_ADDRESS}}
TF_VAR_adf_git_repository_name : ${{secrets.GIT_REPOSITORY_NAME}}
TF_VAR_adf_git_repository_branch_name : ${{secrets.GIT_ADF_REPOSITORY_BRANCH_NAME}}
TF_VAR_adf_git_pat : ${{secrets.GIT_PAT}}
TF_VAR_adf_git_user_name : ${{secrets.GIT_USER_NAME}}
TF_VAR_adf_git_email_address : ${{secrets.GIT_EMAIL_ADDRESS}}
#PROD ENVIRONMENT
#TF_LOG : TRACE
runs-on: self-hosted
steps:
- name: Checkout
uses: actions/checkout@v3.0.0
- name: Get public IP
id: ip
uses: haythem/public-ip@v1.2

180
.github/workflows/02.continuous-delivery-uat.yml поставляемый Normal file
Просмотреть файл

@ -0,0 +1,180 @@
name: Continuous Delivery - Uat
on:
workflow_dispatch:
push:
branches: main #feature-1.0.4
jobs:
deploy-to-env-one:
name: Deploy to Environment One
concurrency: terraform
environment:
name: uat
env:
# This determines the location of the .hcl file that will be used
environmentName: uat
gitDeploy : true
skipTerraformDeployment: false
featureTemplate: ${{ secrets.ARM_FEATURE_TEMPLATE }}
WEB_APP_ADMIN_USER: ${{ secrets.WEB_APP_ADMIN_USER }}
keyVaultName: ${{ secrets.ARM_KEYVAULT_NAME }}
ARM_SYNAPSE_WORKSPACE_NAME: ${{ secrets.ARM_SYNAPSE_WORKSPACE_NAME }}
datalakeName: ${{ secrets.ARM_DATALAKE_NAME }}
# Required for Terraform
ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
ARM_PAL_PARTNER_ID: ${{ secrets.ARM_PAL_PARTNER_ID }}
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
# Customizing Terraform vars
TF_VAR_ip_address2 : ${{ secrets.ARM_IP_ADDRESS2 }}
TF_VAR_domain : ${{ secrets.ARM_DOMAIN }}
TF_VAR_subscription_id : ${{ secrets.ARM_SUBSCRIPTION_ID }}
TF_VAR_tenant_id : ${{ secrets.ARM_TENANT_ID }}
TF_VAR_environment_tag : ${{ secrets.ENVIRONMENT_TAG }}
TF_VAR_resource_group_name : ${{ secrets.ARM_RESOURCE_GROUP_NAME }}
TF_VAR_state_storage_account_name : ${{ secrets.ARM_STORAGE_NAME }}
TF_VAR_jumphost_password : ${{secrets.ARM_JUMPHOST_PASSWORD}}
TF_VAR_synapse_sql_password : ${{secrets.ARM_SYNAPSE_PASSWORD}}
TF_VAR_web_app_admin_security_group : ${{secrets.WEB_APP_ADMIN_SECURITY_GROUP}}
# GIT Integration set up
TF_VAR_synapse_git_repository_name : ${{secrets.GIT_REPOSITORY_NAME}}
TF_VAR_synapse_git_repository_branch_name : ${{secrets.GIT_SYNAPSE_REPOSITORY_BRANCH_NAME}}
TF_VAR_synapse_git_pat : ${{secrets.GIT_PAT}}
TF_VAR_synapse_git_user_name : ${{secrets.GIT_USER_NAME}}
TF_VAR_synapse_git_email_address : ${{secrets.GIT_EMAIL_ADDRESS}}
TF_VAR_adf_git_repository_name : ${{secrets.GIT_REPOSITORY_NAME}}
TF_VAR_adf_git_repository_branch_name : ${{secrets.GIT_ADF_REPOSITORY_BRANCH_NAME}}
TF_VAR_adf_git_pat : ${{secrets.GIT_PAT}}
TF_VAR_adf_git_user_name : ${{secrets.GIT_USER_NAME}}
TF_VAR_adf_git_email_address : ${{secrets.GIT_EMAIL_ADDRESS}}
#TF_LOG : TRACE
runs-on: self-hosted
steps:
- name: PrintInfo
run: |
echo "Deploying to Resource Group: ${{ env.TF_VAR_resource_group_name }} "
echo "echo Hcl file name: ${{ env.environmentName}} "
- name: Checkout
uses: actions/checkout@v3.0.0
- name: Get public IP
id: ip
uses: haythem/public-ip@v1.2
- name: Login via Az module
uses: azure/login@v1
with:
creds: '{"clientId":"${{ secrets.ARM_CLIENT_ID }}","clientSecret":"${{ secrets.ARM_CLIENT_SECRET }}","subscriptionId":"${{ secrets.ARM_SUBSCRIPTION_ID }}","tenantId":"${{ secrets.ARM_TENANT_ID }}"}'
enable-AzPSSession: false
- name: Open Firewalls for Agent
id: open_firewalls
continue-on-error: true
working-directory: ./solution/DeploymentV2/terraform
run: |
az keyvault network-rule add -g ${{ env.TF_VAR_resource_group_name }} --name ${{ env.keyVaultName }} --ip-address ${{ steps.ip.outputs.ipv4 }}/32
az synapse workspace firewall-rule create --name CICDAgent --resource-group ${{ env.TF_VAR_resource_group_name }} --start-ip-address ${{ steps.ip.outputs.ipv4 }} --end-ip-address ${{ steps.ip.outputs.ipv4 }} --workspace-name ${{ env.ARM_SYNAPSE_WORKSPACE_NAME }}
az storage account network-rule add --resource-group ${{ env.TF_VAR_resource_group_name }} --account-name ${{ env.datalakeName }} --ip-address ${{ steps.ip.outputs.ipv4 }}
- name: Set PAL
id: set_pal
continue-on-error: true
run: |
az extension add --name managementpartner
az managementpartner update --partner-id ${{ secrets.ARM_PAL_PARTNER_ID }} || az managementpartner create --partner-id ${{ secrets.ARM_PAL_PARTNER_ID }}
- name: Terragrunt Install
id: terragrunt_install
working-directory: ./solution/DeploymentV2/terraform_layer2
run: |
brew install terragrunt
- name: Install Jsonnet
id: jsonnet-install
working-directory: ./solution/DeploymentV2/
env:
TF_VAR_ip_address : ${{steps.ip.outputs.ipv4}}
run: |
wget https://github.com/google/go-jsonnet/releases/download/v0.17.0/jsonnet-go_0.17.0_linux_amd64.deb
sudo dpkg -i jsonnet-go_0.17.0_linux_amd64.deb
- name: Deploy Solution IAC
id: solution-deployment-iac
working-directory: ./solution/DeploymentV2/terraform_layer2
shell: pwsh
env:
TF_VAR_ip_address : ${{steps.ip.outputs.ipv4}}
run: |
git update-index --chmod=+x ./02-deploy.ps1
./02-deploy.ps1 -FeatureTemplate $env:featureTemplate
- name: Build and Publish Code Artefacts
id: solution-deployment-code
working-directory: ./solution/DeploymentV2/terraform_layer2
shell: pwsh
env:
TF_VAR_ip_address : ${{steps.ip.outputs.ipv4}}
run: |
git update-index --chmod=+x ./02-publish.ps1
./02-publish.ps1 -FeatureTemplate $env:featureTemplate
#PROD ENVIRONMENT
deploy-to-env-two:
name: Deploy to Environment Two
concurrency: terraform
needs: [deploy-to-env-one]
environment:
name: Prod
env:
environmentName: production
gitDeploy : true
skipTerraformDeployment: false
WEB_APP_ADMIN_USER: ${{ secrets.WEB_APP_ADMIN_USER }}
keyVaultName: ${{ secrets.ARM_KEYVAULT_NAME }}
ARM_SYNAPSE_WORKSPACE_NAME: ${{ secrets.ARM_SYNAPSE_WORKSPACE_NAME }}
datalakeName: ${{ secrets.ARM_DATALAKE_NAME }}
# Required for Terraform
ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
ARM_PAL_PARTNER_ID: ${{ secrets.ARM_PAL_PARTNER_ID }}
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
# Customizing Terraform vars
TF_VAR_domain : ${{ secrets.ARM_DOMAIN }}
TF_VAR_subscription_id : ${{ secrets.ARM_SUBSCRIPTION_ID }}
TF_VAR_tenant_id : ${{ secrets.ARM_TENANT_ID }}
TF_VAR_environment_tag : ${{ secrets.ENVIRONMENT_TAG }}
TF_VAR_resource_group_name : ${{ secrets.ARM_RESOURCE_GROUP_NAME }}
TF_VAR_state_storage_account_name : ${{ secrets.ARM_STORAGE_NAME }}
TF_VAR_jumphost_password : ${{secrets.ARM_JUMPHOST_PASSWORD}}
TF_VAR_synapse_sql_password : ${{secrets.ARM_SYNAPSE_PASSWORD}}
TF_VAR_web_app_admin_security_group : ${{secrets.WEB_APP_ADMIN_SECURITY_GROUP}}
# GIT Integration set up
TF_VAR_synapse_git_repository_name : ${{secrets.GIT_REPOSITORY_NAME}}
TF_VAR_synapse_git_repository_branch_name : ${{secrets.GIT_SYNAPSE_REPOSITORY_BRANCH_NAME}}
TF_VAR_synapse_git_pat : ${{secrets.GIT_PAT}}
TF_VAR_synapse_git_user_name : ${{secrets.GIT_USER_NAME}}
TF_VAR_synapse_git_email_address : ${{secrets.GIT_EMAIL_ADDRESS}}
TF_VAR_adf_git_repository_name : ${{secrets.GIT_REPOSITORY_NAME}}
TF_VAR_adf_git_repository_branch_name : ${{secrets.GIT_ADF_REPOSITORY_BRANCH_NAME}}
TF_VAR_adf_git_pat : ${{secrets.GIT_PAT}}
TF_VAR_adf_git_user_name : ${{secrets.GIT_USER_NAME}}
TF_VAR_adf_git_email_address : ${{secrets.GIT_EMAIL_ADDRESS}}
#PROD ENVIRONMENT
#TF_LOG : TRACE
runs-on: self-hosted
steps:
- name: Checkout
uses: actions/checkout@v3.0.0
- name: Get public IP
id: ip
uses: haythem/public-ip@v1.2

110
.github/workflows/continuous-delivery.yml → .github/workflows/03.grant-aad-permissions.yml поставляемый
Просмотреть файл

@ -6,23 +6,29 @@ on:
branches: $default-branch
jobs:
deploy-to-nonprod:
name: Deploy to NonProd Environment
deploy-to-env-one:
name: Deploy to Environment One
concurrency: terraform
environment:
name: development
env:
environmentName: staging
# This determines the location of the .hcl file that will be used
environmentName: staging
gitDeploy : true
skipTerraformDeployment: false
specificUserIdForWebAppAdmin: 45672f90-82f9-4108-b389-da7139e938a1
featureTemplate: ${{ secrets.ARM_FEATURE_TEMPLATE }}
WEB_APP_ADMIN_USER: ${{ secrets.WEB_APP_ADMIN_USER }}
keyVaultName: ${{ secrets.ARM_KEYVAULT_NAME }}
synapseWorkspaceName: ${{ secrets.ARM_SYNAPSE_WORKSPACE_NAME }}
ARM_SYNAPSE_WORKSPACE_NAME: ${{ secrets.ARM_SYNAPSE_WORKSPACE_NAME }}
datalakeName: ${{ secrets.ARM_DATALAKE_NAME }}
# Required for Terraform
ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
ARM_PAL_PARTNER_ID: ${{ secrets.ARM_PAL_PARTNER_ID }}
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
# Customizing Terraform vars
TF_VAR_ip_address2 : ${{ secrets.ARM_IP_ADDRESS2 }}
TF_VAR_domain : ${{ secrets.ARM_DOMAIN }}
TF_VAR_subscription_id : ${{ secrets.ARM_SUBSCRIPTION_ID }}
TF_VAR_tenant_id : ${{ secrets.ARM_TENANT_ID }}
@ -45,11 +51,14 @@ jobs:
TF_VAR_adf_git_email_address : ${{secrets.GIT_EMAIL_ADDRESS}}
#TF_LOG : TRACE
environment:
name: NonProd
runs-on: ubuntu-latest
steps:
runs-on: ubuntu-latest
steps:
- name: PrintInfo
run: |
echo "Deploying to Resource Group: ${{ env.TF_VAR_resource_group_name }} "
echo "echo Hcl file name: ${{ env.environmentName}} "
- name: Checkout
uses: actions/checkout@v3.0.0
@ -63,22 +72,28 @@ jobs:
creds: '{"clientId":"${{ secrets.ARM_CLIENT_ID }}","clientSecret":"${{ secrets.ARM_CLIENT_SECRET }}","subscriptionId":"${{ secrets.ARM_SUBSCRIPTION_ID }}","tenantId":"${{ secrets.ARM_TENANT_ID }}"}'
enable-AzPSSession: true
- name: Open Firewalls for Agent
id: open_firewalls
continue-on-error: true
working-directory: ./solution/DeploymentV2/terraform
run: |
az keyvault network-rule add -g ${{ env.TF_VAR_resource_group_name }} --name ${{ env.keyVaultName }} --ip-address ${{ steps.ip.outputs.ipv4 }}/32
az synapse workspace firewall-rule create --name AllowCICD --resource-group ${{ env.TF_VAR_resource_group_name }} --start-ip-address ${{ steps.ip.outputs.ipv4 }} --end-ip-address ${{ steps.ip.outputs.ipv4 }} --workspace-name ${{ env.ARM_SYNAPSE_WORKSPACE_NAME }}
az storage account network-rule add --resource-group ${{ env.TF_VAR_resource_group_name }} --account-name ${{ env.datalakeName }} --ip-address ${{ steps.ip.outputs.ipv4 }}
- name: Set PAL
id: set_pal
continue-on-error: true
run: |
az extension add --name managementpartner
az managementpartner update --partner-id 6372669 || az managementpartner create --partner-id 6372669
az managementpartner update --partner-id ${{ secrets.ARM_PAL_PARTNER_ID }} || az managementpartner create --partner-id ${{ secrets.ARM_PAL_PARTNER_ID }}
- name: Terragrunt Install
id: terragrunt_install
working-directory: ./solution/DeploymentV2/terraform
run: |
brew install terragrunt
az keyvault network-rule add -g ${{ env.TF_VAR_resource_group_name }} --name ${{ env.keyVaultName }} --ip-address ${{ steps.ip.outputs.ipv4 }}/32
az synapse workspace firewall-rule create --name AllowCICD --resource-group ${{ env.TF_VAR_resource_group_name }} --start-ip-address ${{ steps.ip.outputs.ipv4 }} --end-ip-address ${{ steps.ip.outputs.ipv4 }} --workspace-name ${{ env.synapseWorkspaceName }}
az storage account network-rule add --resource-group ${{ env.TF_VAR_resource_group_name }} --account-name ${{ env.datalakeName }} --ip-address ${{ steps.ip.outputs.ipv4 }}
- name: Install Jsonnet
id: jsonnet-install
working-directory: ./solution/DeploymentV2/
@ -95,25 +110,28 @@ jobs:
env:
TF_VAR_ip_address : ${{steps.ip.outputs.ipv4}}
run: |
git update-index --chmod=+x ./Deploy.ps1
./Deploy.ps1
git update-index --chmod=+x ./Deploy.ps1
./Deploy.ps1 -RunTerraformLayer3 $true -FeatureTemplate ${{ env.featureTemplate}} -PerformPostIACPublishing $false
#PROD ENVIRONMENT
deploy-to-prod:
name: Deploy to Prod Environment
deploy-to-env-two:
name: Deploy to Environment Two
concurrency: terraform
needs: [deploy-to-nonprod]
needs: [deploy-to-env-one]
environment:
name: Prod
env:
environmentName: production
gitDeploy : true
skipTerraformDeployment: false
specificUserIdForWebAppAdmin: 45672f90-82f9-4108-b389-da7139e938a1
# Required for updating firewall for runner
WEB_APP_ADMIN_USER: ${{ secrets.WEB_APP_ADMIN_USER }}
keyVaultName: ${{ secrets.ARM_KEYVAULT_NAME }}
synapseWorkspaceName: ${{ secrets.ARM_SYNAPSE_WORKSPACE_NAME }}
ARM_SYNAPSE_WORKSPACE_NAME: ${{ secrets.ARM_SYNAPSE_WORKSPACE_NAME }}
datalakeName: ${{ secrets.ARM_DATALAKE_NAME }}
# Required for Terraform
ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
ARM_PAL_PARTNER_ID: ${{ secrets.ARM_PAL_PARTNER_ID }}
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
@ -139,10 +157,9 @@ jobs:
TF_VAR_adf_git_user_name : ${{secrets.GIT_USER_NAME}}
TF_VAR_adf_git_email_address : ${{secrets.GIT_EMAIL_ADDRESS}}
#TF_LOG : TRACE
environment:
name: Prod
#PROD ENVIRONMENT
#TF_LOG : TRACE
runs-on: ubuntu-latest
steps:
@ -152,44 +169,3 @@ jobs:
- name: Get public IP
id: ip
uses: haythem/public-ip@v1.2
- name: Login via Az module
uses: azure/login@v1
with:
creds: '{"clientId":"${{ secrets.ARM_CLIENT_ID }}","clientSecret":"${{ secrets.ARM_CLIENT_SECRET }}","subscriptionId":"${{ secrets.ARM_SUBSCRIPTION_ID }}","tenantId":"${{ secrets.ARM_TENANT_ID }}"}'
enable-AzPSSession: true
- name: Set PAL
id: set_pal
continue-on-error: true
run: |
az extension add --name managementpartner
az managementpartner update --partner-id 6372669 || az managementpartner create --partner-id 6372669
- name: Terragrunt Install
id: terragrunt_install
working-directory: ./solution/DeploymentV2/terraform
run: |
brew install terragrunt
az keyvault network-rule add -g ${{ env.TF_VAR_resource_group_name }} --name ${{ env.keyVaultName }} --ip-address ${{ steps.ip.outputs.ipv4 }}/32
az synapse workspace firewall-rule create --name AllowCICD --resource-group ${{ env.TF_VAR_resource_group_name }} --start-ip-address ${{ steps.ip.outputs.ipv4 }} --end-ip-address ${{ steps.ip.outputs.ipv4 }} --workspace-name ${{ env.synapseWorkspaceName }}
az storage account network-rule add --resource-group ${{ env.TF_VAR_resource_group_name }} --account-name ${{ env.datalakeName }} --ip-address ${{ steps.ip.outputs.ipv4 }}
- name: Install Jsonnet
id: jsonnet-install
working-directory: ./solution/DeploymentV2/
env:
TF_VAR_ip_address : ${{steps.ip.outputs.ipv4}}
run: |
wget https://github.com/google/go-jsonnet/releases/download/v0.17.0/jsonnet-go_0.17.0_linux_amd64.deb
sudo dpkg -i jsonnet-go_0.17.0_linux_amd64.deb
- name: Deploy Solution
id: solution-deployment
working-directory: ./solution/DeploymentV2/
shell: pwsh
env:
TF_VAR_ip_address : ${{steps.ip.outputs.ipv4}}
run: |
git update-index --chmod=+x ./Deploy.ps1
./Deploy.ps1

1
.gitignore поставляемый
Просмотреть файл

@ -294,3 +294,4 @@ solution/FunctionApp/Patterns/pipeline/*/output/
#test folders
solution/DataFactory/Patterns/pipeline/*/functionapptests/tests/tests.json
solution/Synapse/Patterns/pipeline/*/functionapptests/tests/tests.json
solution/DeploymentV2/terraform_layer0/.terraform.lock.hcl

29
README.md
Просмотреть файл

@ -56,7 +56,7 @@ Once you have set up these pre-requisites you will then need to [Clone](https://
:triangular_flag_on_post: If you want a stable deployment it is highly recommended that you checkout one of the official release tags. For example, if you wish to deploy v1.0.2 run the line below from within the directory into which you cloned the repository.
```bash
git checkout tags/v1.0.2
git checkout tags/v1.0.4
```
## Deployment
@ -73,6 +73,33 @@ cd ./solution/DeploymentV2
```
>- :white_check_mark: You are now ready to begin the IAC deployment. To do so follow [this detailed guide.](./solution/DeploymentV2/README.md)
## :hash: Code Composition
See below for the a "Cloc" generated breakdown of the source code files by format:
Language|# Files|Blank Lines|Comment Lines|Code Lines
:-------|-------:|-------:|-------:|-------:
JSON|508|52|0|367628
YAML|20|4140|4215|186305
SQL|180|2058|2098|38799
C#|240|3910|1461|19565
Razor|322|1757|268|18142
CSS|4|2117|42|9440
HCL|97|1090|581|9248
Jupyter Notebook|15|0|1937|3755
PowerShell|70|858|704|3568
JavaScript|12|268|218|1288
Markdown|40|235|0|994
SVG|7|0|18|657
MSBuild script|8|60|2|634
Bourne Shell|3|62|72|423
Python|2|14|64|55
Dockerfile|1|6|9|34
DOS Batch|1|4|3|1
HTML|1|1|0|0
--------|--------|--------|--------|--------
SUM:|1531|16632|11692|660536
## Post Deployment Set-up and Instructions
=======
Coming Soon.

25
cloc.md Normal file
Просмотреть файл

@ -0,0 +1,25 @@
cloc|github.com/AlDanial/cloc v 1.82 T=0.89 s (1714.7 files/s, 771497.5 lines/s)
--- | ---
Language|files|blank|comment|code
:-------|-------:|-------:|-------:|-------:
JSON|508|52|0|367628
YAML|20|4140|4215|186305
SQL|180|2058|2098|38799
C#|240|3910|1461|19565
Razor|322|1757|268|18142
CSS|4|2117|42|9440
HCL|97|1090|581|9248
Jupyter Notebook|15|0|1937|3755
PowerShell|70|858|704|3568
JavaScript|12|268|218|1288
Markdown|40|235|0|994
SVG|7|0|18|657
MSBuild script|8|60|2|634
Bourne Shell|3|62|72|423
Python|2|14|64|55
Dockerfile|1|6|9|34
DOS Batch|1|4|3|1
HTML|1|1|0|0
--------|--------|--------|--------|--------
SUM:|1531|16632|11692|660536

5
solution/DataFactory/Patterns/AdfOnlyTests_Run.ps1
Просмотреть файл

@ -1,6 +1,7 @@
az config set extension.use_dynamic_install=yes_without_prompt
Import-Module .\GatherOutputsFromTerraform.psm1 -force
$tout = GatherOutputsFromTerraform
Import-Module ./GatherOutputsFromTerraform_DataFactoryFolder.psm1 -Force
$tout = GatherOutputsFromTerraform_DataFactoryFolder
if($tout.datafactory_name -eq "") {
$tout.datafactory_name = Read-Host "Enter the name of the data factory"

6
solution/DataFactory/Patterns/EnvVarsToFile.ps1
Просмотреть файл

@ -12,6 +12,8 @@ $obj | Add-Member "AdsOpts_CD_Services_DataFactory_SubscriptionId" $Subscription
$obj | ConvertTo-Json | Set-Content ('./pipeline/static/partials/secrets.libsonnet')
#>
Import-Module .\GatherOutputsFromTerraform.psm1 -force
$tout = GatherOutputsFromTerraform
Write-Host $PWD.Path
Import-Module ./GatherOutputsFromTerraform_DataFactoryFolder.psm1 -Force
$tout = GatherOutputsFromTerraform_DataFactoryFolder
$tout | ConvertTo-Json -Depth 10| Set-Content "./pipeline/static/partials/secrets.libsonnet"

2
solution/DataFactory/Patterns/FuncAppTests_Generate.ps1
Просмотреть файл

@ -14,7 +14,7 @@ foreach ($pattern in $patterns) {
if (!(Test-Path "./tests"))
{
New-Item -itemType Directory -Name "tests"
New-Item -itemType Directory -Name -Force "tests"
}
else
{

4
solution/DataFactory/Patterns/FuncAppTests_Run.ps1
Просмотреть файл

@ -1,5 +1,5 @@
Import-Module .\GatherOutputsFromTerraform.psm1 -force
$tout = GatherOutputsFromTerraform
Import-Module ./GatherOutputsFromTerraform_DataFactoryFolder.psm1 -Force
$tout = GatherOutputsFromTerraform_DataFactoryFolder
if($tout.datafactory_name -eq "") {

31
solution/DataFactory/Patterns/GatherOutputsFromTerraform.psm1
Просмотреть файл

@ -1,31 +0,0 @@
function GatherOutputsFromTerraform()
{
$environmentName = $env:TFenvironmentName
$environmentName = "local" # currently supports (local, staging)
$myIp = (Invoke-WebRequest ifconfig.me/ip).Content
$CurrentFolderPath = $PWD
Set-Location "../../DeploymentV2/terraform"
$env:TF_VAR_ip_address = $myIp
#------------------------------------------------------------------------------------------------------------
# Get all the outputs from terraform so we can use them in subsequent steps
#------------------------------------------------------------------------------------------------------------
Write-Verbose "-------------------------------------------------------------------------------------------------"
Write-Verbose "Reading Terraform Outputs - Started"
$tout = New-Object PSObject
$tout0 = (terraform output -json | ConvertFrom-Json -Depth 10).PSObject.Properties
$tout0 | Foreach-Object {
$tout | Add-Member -MemberType NoteProperty -Name $_.Name -Value $_.Value.value
}
$rgid = (az group show -n $tout.resource_group_name | ConvertFrom-Json -Depth 10).id
$tout | Add-Member -MemberType NoteProperty -Name "resource_group_id" -Value $rgid
Set-Location $CurrentFolderPath
Write-Verbose "Reading Terraform Outputs - Finished"
Write-Verbose "-------------------------------------------------------------------------------------------------"
return $tout
}

22
solution/DataFactory/Patterns/GatherOutputsFromTerraform_DataFactoryFolder.psm1 Normal file
Просмотреть файл

@ -0,0 +1,22 @@
function GatherOutputsFromTerraform_DataFactoryFolder()
{
$PathToReturnTo = (Get-Location).Path
$DeploymentFolderPath = Convert-Path -Path ((Get-Location).tostring() + './../../DeploymentV2/')
$TerraformFolderPath = Convert-Path -Path ($DeploymentFolderPath + '/terraform_layer2/')
Import-Module (Convert-Path -Path ($DeploymentFolderPath + "/pwshmodules/GatherOutputsFromTerraform.psm1")) -Force
Import-Module (Convert-Path -Path ($DeploymentFolderPath + "/pwshmodules/Deploy_0_Prep.psm1")) -Force
$gitDeploy = ([System.Environment]::GetEnvironmentVariable('gitDeploy') -eq 'true')
if($gitDeploy)
{
#Do Nothing as prepare will already have been run
}
else
{
PrepareDeployment -gitDeploy $false -deploymentFolderPath $deploymentFolderPath -FeatureTemplate "" -PathToReturnTo $PathToReturnTo
}
$tout = GatherOutputsFromTerraform -TerraformFolderPath $TerraformFolderPath
return $tout
}

13
solution/DataFactory/Patterns/Jsonnet_GenerateADFArtefacts.ps1
Просмотреть файл

@ -1,5 +1,8 @@
Import-Module .\GatherOutputsFromTerraform.psm1 -force
$tout = GatherOutputsFromTerraform
Import-Module ./GatherOutputsFromTerraform_DataFactoryFolder.psm1 -Force
$tout = GatherOutputsFromTerraform_DataFactoryFolder
$newfolder = "./output/"
@ -187,11 +190,11 @@ foreach ($patternFolder in $patternFolders)
Write-Verbose "_____________________________"
$newfolder = ($folder + "/output")
$hiddenoutput = !(Test-Path $newfolder) ? ($F = New-Item -itemType Directory -Name $newfolder) : ($F = "")
$hiddenoutput = !(Test-Path $newfolder) ? ($F = New-Item -itemType Directory -Force -Name $newfolder) : ($F = "")
$newfolder = ($newfolder + "/schemas")
$hiddenoutput = !(Test-Path $newfolder) ? ($F = New-Item -itemType Directory -Name $newfolder) : ($F = "")
$hiddenoutput = !(Test-Path $newfolder) ? ($F = New-Item -itemType Directory -Force -Name $newfolder) : ($F = "")
$newfolder = ($newfolder + "/taskmasterjson/")
$hiddenoutput = !(Test-Path $newfolder) ? ($F = New-Item -itemType Directory -Name $newfolder) : ($F = "")
$hiddenoutput = !(Test-Path $newfolder) ? ($F = New-Item -itemType Directory -Force -Name $newfolder) : ($F = "")
$schemafile = (Get-ChildItem -Path ($folder+"/jsonschema/") -Filter "Main.libsonnet")
#foreach ($schemafile in $schemafiles)

7
solution/DataFactory/Patterns/SqlTests_Upload.ps1
Просмотреть файл

@ -1,5 +1,8 @@
Import-Module .\GatherOutputsFromTerraform.psm1 -force
$tout = GatherOutputsFromTerraform
Write-Host $PWD
Import-Module ./GatherOutputsFromTerraform_DataFactoryFolder.psm1 -Force
$tout = GatherOutputsFromTerraform_DataFactoryFolder
$sqlserver_name=$tout.sqlserver_name
$stagingdb_name=$tout.stagingdb_name
$metadatadb_name=$tout.metadatadb_name

5
solution/DataFactory/Patterns/UploadGeneratedPatternsToADF.ps1
Просмотреть файл

@ -1,5 +1,6 @@
Import-Module .\GatherOutputsFromTerraform.psm1 -force
$tout = GatherOutputsFromTerraform
Import-Module ./GatherOutputsFromTerraform_DataFactoryFolder.psm1 -Force
$tout = GatherOutputsFromTerraform_DataFactoryFolder
if($tout.datafactory_name -eq "") {

5
solution/DataFactory/Patterns/UploadGeneratedPatternstoGit.ps1
Просмотреть файл

@ -1,5 +1,6 @@
Import-Module .\GatherOutputsFromTerraform.psm1 -force
$tout = GatherOutputsFromTerraform
Import-Module ./GatherOutputsFromTerraform_DataFactoryFolder.psm1 -Force
$tout = GatherOutputsFromTerraform_DataFactoryFolder
function RemoveRepetitiveChars ($string, $char) {
$string = $string.Split($char).where{$_} -join $char

6
solution/DataFactory/Patterns/UploadTaskTypeMappings.ps1
Просмотреть файл

@ -1,5 +1,7 @@
Import-Module .\GatherOutputsFromTerraform.psm1 -force
$tout = GatherOutputsFromTerraform
Import-Module ./GatherOutputsFromTerraform_DataFactoryFolder.psm1 -Force
$tout = GatherOutputsFromTerraform_DataFactoryFolder
$sqlserver_name=$tout.sqlserver_name
$stagingdb_name=$tout.stagingdb_name
$metadatadb_name=$tout.metadatadb_name

2
solution/DataFactory/Patterns/test.ps1
Просмотреть файл

@ -4,7 +4,7 @@ $newfolder = "./output/"
if (!(Test-Path "./output"))
{
New-Item -itemType Directory -Name "output"
New-Item -itemType Directory -Name -Force "output"
}
else
{

4
solution/Database/ADSGoFastDbUp/AdsGoFastDbUp/1-0-0/A-Journaled/008-CreateMSILogins.sql
Просмотреть файл

@ -1,4 +1,4 @@
DROP USER IF EXISTS [$FunctionAppName$]
/* DROP USER IF EXISTS [$FunctionAppName$]
CREATE USER [$FunctionAppName$] FROM EXTERNAL PROVIDER;
ALTER ROLE db_datareader ADD MEMBER [$FunctionAppName$];
ALTER ROLE db_datawriter ADD MEMBER [$FunctionAppName$];
@ -18,4 +18,4 @@
ALTER ROLE db_datareader ADD MEMBER [$DataFactoryName$];
ALTER ROLE db_datawriter ADD MEMBER [$DataFactoryName$];
GRANT EXECUTE ON SCHEMA::[dbo] TO [$DataFactoryName$];
GO
GO */

2
solution/Database/ADSGoFastDbUp/AdsGoFastDbUp/AdsGoFastDbUp.csproj
Просмотреть файл

@ -2,7 +2,7 @@
<PropertyGroup>
<OutputType>Exe</OutputType>
<TargetFramework>netcoreapp3.1</TargetFramework>
<TargetFramework>net6.0</TargetFramework>
</PropertyGroup>
<PropertyGroup>

2
solution/Deployment/.devcontainer/.gitattributes поставляемый
Просмотреть файл

@ -1,2 +0,0 @@
# Force line endings on bas scripts
*.sh text eol=lf

23
solution/Deployment/.devcontainer/Dockerfile
Просмотреть файл

@ -1,23 +0,0 @@
# You can pick any Debian/Ubuntu-based image. 😊
FROM mcr.microsoft.com/vscode/devcontainers/base:0-buster
# [Option] Install zsh
ARG INSTALL_ZSH="true"
# [Option] Upgrade OS packages to their latest versions
ARG UPGRADE_PACKAGES="false"
# Install needed packages and setup non-root user. Use a separate RUN statement to add your own dependencies.
ARG USERNAME=vscode
ARG USER_UID=1000
ARG USER_GID=$USER_UID
COPY library-scripts/*.sh /tmp/library-scripts/
RUN bash /tmp/library-scripts/common-debian.sh "${INSTALL_ZSH}" "${USERNAME}" "${USER_UID}" "${USER_GID}" "${UPGRADE_PACKAGES}" "true" "true" \
# Install the Azure CLI
&& bash /tmp/library-scripts/azcli-debian.sh \
# Clean up
&& apt-get clean -y && rm -rf /var/lib/apt/lists/* /tmp/library-scripts
# [Optional] Uncomment this section to install additional OS packages.
# RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \
# && apt-get -y install --no-install-recommends <your-package-list-here>

35
solution/Deployment/.devcontainer/devcontainer.json
Просмотреть файл

@ -1,35 +0,0 @@
// For format details, see https://aka.ms/devcontainer.json. For config options, see the README at:
// https://github.com/microsoft/vscode-dev-containers/tree/v0.191.1/containers/azure-cli
{
"name": "Azure CLI",
"dockerFile": "Dockerfile",
// Set *default* container specific settings.json values on container create.
"settings": {
"terminal.integrated.defaultProfile.linux": "pwsh"
//"terminal.integrated.cwd": "/home/vscode"
},
// Instead of mounting the local workspace folder (Deployment) by default,
// this should mount its parent folder (per "..") into the default /workspace folder
// of the container. This assumes that the Deployment folder was opened in vscode
"workspaceMount": "source=${localWorkspaceFolder}/..,target=/workspace,type=bind",
"workspaceFolder": "/workspace",
// Add the IDs of extensions you want installed when the container is created.
"extensions": [
"ms-vscode.azurecli"
],
// Use 'forwardPorts' to make a list of ports inside the container available locally.
// "forwardPorts": [],
// Use 'postCreateCommand' to run commands after the container is created.
"postCreateCommand": "sudo apt-get update && sudo apt-get install -y wget apt-transport-https software-properties-common && wget -q https://packages.microsoft.com/config/ubuntu/16.04/packages-microsoft-prod.deb && sudo dpkg -i packages-microsoft-prod.deb && sudo apt-get update && sudo apt-get install -y powershell && rm ./packages-microsoft-prod.deb && sudo apt install -y dotnet-sdk-3.1 && curl -fsSL https://deb.nodesource.com/setup_17.x | sudo -E bash - && apt-get install -y nodejs",
// Uncomment when using a ptrace-based debugger like C++, Go, and Rust
// "runArgs": [ "--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined" ],
// Comment out connect as root instead. More info: https://aka.ms/vscode-remote/containers/non-root.
//"remoteUser": "vscode"
}

67
solution/Deployment/.devcontainer/library-scripts/azcli-debian.sh
Просмотреть файл

@ -1,67 +0,0 @@
#!/usr/bin/env bash
#-------------------------------------------------------------------------------------------------------------
# Copyright (c) Microsoft Corporation. All rights reserved.
# Licensed under the MIT License. See https://go.microsoft.com/fwlink/?linkid=2090316 for license information.
#-------------------------------------------------------------------------------------------------------------
#
# Docs: https://github.com/microsoft/vscode-dev-containers/blob/main/script-library/docs/azcli.md
# Maintainer: The VS Code and Codespaces Teams
#
# Syntax: ./azcli-debian.sh
set -e
MICROSOFT_GPG_KEYS_URI="https://packages.microsoft.com/keys/microsoft.asc"
if [ "$(id -u)" -ne 0 ]; then
echo -e 'Script must be run as root. Use sudo, su, or add "USER root" to your Dockerfile before running this script.'
exit 1
fi
# Get central common setting
get_common_setting() {
if [ "${common_settings_file_loaded}" != "true" ]; then
curl -sfL "https://aka.ms/vscode-dev-containers/script-library/settings.env" 2>/dev/null -o /tmp/vsdc-settings.env || echo "Could not download settings file. Skipping."
common_settings_file_loaded=true
fi
if [ -f "/tmp/vsdc-settings.env" ]; then
local multi_line=""
if [ "$2" = "true" ]; then multi_line="-z"; fi
local result="$(grep ${multi_line} -oP "$1=\"?\K[^\"]+" /tmp/vsdc-settings.env | tr -d '\0')"
if [ ! -z "${result}" ]; then declare -g $1="${result}"; fi
fi
echo "$1=${!1}"
}
# Function to run apt-get if needed
apt_get_update_if_needed()
{
if [ ! -d "/var/lib/apt/lists" ] || [ "$(ls /var/lib/apt/lists/ | wc -l)" = "0" ]; then
echo "Running apt-get update..."
apt-get update
else
echo "Skipping apt-get update."
fi
}
# Checks if packages are installed and installs them if not
check_packages() {
if ! dpkg -s "$@" > /dev/null 2>&1; then
apt_get_update_if_needed
apt-get -y install --no-install-recommends "$@"
fi
}
export DEBIAN_FRONTEND=noninteractive
# Install dependencies
check_packages apt-transport-https curl ca-certificates lsb-release gnupg2
# Import key safely (new 'signed-by' method rather than deprecated apt-key approach) and install
. /etc/os-release
get_common_setting MICROSOFT_GPG_KEYS_URI
curl -sSL ${MICROSOFT_GPG_KEYS_URI} | gpg --dearmor > /usr/share/keyrings/microsoft-archive-keyring.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/microsoft-archive-keyring.gpg] https://packages.microsoft.com/repos/azure-cli/ ${VERSION_CODENAME} main" > /etc/apt/sources.list.d/azure-cli.list
apt-get update
apt-get install -y azure-cli
echo "Done!"

478
solution/Deployment/.devcontainer/library-scripts/common-debian.sh
Просмотреть файл

@ -1,478 +0,0 @@
#!/usr/bin/env bash
#-------------------------------------------------------------------------------------------------------------
# Copyright (c) Microsoft Corporation. All rights reserved.
# Licensed under the MIT License. See https://go.microsoft.com/fwlink/?linkid=2090316 for license information.
#-------------------------------------------------------------------------------------------------------------
#
# Docs: https://github.com/microsoft/vscode-dev-containers/blob/main/script-library/docs/common.md
# Maintainer: The VS Code and Codespaces Teams
#
# Syntax: ./common-debian.sh [install zsh flag] [username] [user UID] [user GID] [upgrade packages flag] [install Oh My Zsh! flag] [Add non-free packages]
set -e
INSTALL_ZSH=${1:-"true"}
USERNAME=${2:-"automatic"}
USER_UID=${3:-"automatic"}
USER_GID=${4:-"automatic"}
UPGRADE_PACKAGES=${5:-"true"}
INSTALL_OH_MYS=${6:-"true"}
ADD_NON_FREE_PACKAGES=${7:-"false"}
SCRIPT_DIR="$(cd $(dirname "${BASH_SOURCE[0]}") && pwd)"
MARKER_FILE="/usr/local/etc/vscode-dev-containers/common"
if [ "$(id -u)" -ne 0 ]; then
echo -e 'Script must be run as root. Use sudo, su, or add "USER root" to your Dockerfile before running this script.'
exit 1
fi
# Ensure that login shells get the correct path if the user updated the PATH using ENV.
rm -f /etc/profile.d/00-restore-env.sh
echo "export PATH=${PATH//$(sh -lc 'echo $PATH')/\$PATH}" > /etc/profile.d/00-restore-env.sh
chmod +x /etc/profile.d/00-restore-env.sh
# If in automatic mode, determine if a user already exists, if not use vscode
if [ "${USERNAME}" = "auto" ] || [ "${USERNAME}" = "automatic" ]; then
USERNAME=""
POSSIBLE_USERS=("vscode" "node" "codespace" "$(awk -v val=1000 -F ":" '$3==val{print $1}' /etc/passwd)")
for CURRENT_USER in ${POSSIBLE_USERS[@]}; do
if id -u ${CURRENT_USER} > /dev/null 2>&1; then
USERNAME=${CURRENT_USER}
break
fi
done
if [ "${USERNAME}" = "" ]; then
USERNAME=vscode
fi
elif [ "${USERNAME}" = "none" ]; then
USERNAME=root
USER_UID=0
USER_GID=0
fi
# Load markers to see which steps have already run
if [ -f "${MARKER_FILE}" ]; then
echo "Marker file found:"
cat "${MARKER_FILE}"
source "${MARKER_FILE}"
fi
# Ensure apt is in non-interactive to avoid prompts
export DEBIAN_FRONTEND=noninteractive
# Function to call apt-get if needed
apt_get_update_if_needed()
{
if [ ! -d "/var/lib/apt/lists" ] || [ "$(ls /var/lib/apt/lists/ | wc -l)" = "0" ]; then
echo "Running apt-get update..."
apt-get update
else
echo "Skipping apt-get update."
fi
}
# Run install apt-utils to avoid debconf warning then verify presence of other common developer tools and dependencies
if [ "${PACKAGES_ALREADY_INSTALLED}" != "true" ]; then
package_list="apt-utils \
openssh-client \
gnupg2 \
iproute2 \
procps \
lsof \
htop \
net-tools \
psmisc \
curl \
wget \
rsync \
ca-certificates \
unzip \
zip \
nano \
vim-tiny \
less \
jq \
lsb-release \
apt-transport-https \
dialog \
libc6 \
libgcc1 \
libkrb5-3 \
libgssapi-krb5-2 \
libicu[0-9][0-9] \
liblttng-ust0 \
libstdc++6 \
zlib1g \
locales \
sudo \
ncdu \
man-db \
strace \
manpages \
manpages-dev \
init-system-helpers"
# Needed for adding manpages-posix and manpages-posix-dev which are non-free packages in Debian
if [ "${ADD_NON_FREE_PACKAGES}" = "true" ]; then
# Bring in variables from /etc/os-release like VERSION_CODENAME
. /etc/os-release
sed -i -E "s/deb http:\/\/(deb|httpredir)\.debian\.org\/debian ${VERSION_CODENAME} main/deb http:\/\/\1\.debian\.org\/debian ${VERSION_CODENAME} main contrib non-free/" /etc/apt/sources.list
sed -i -E "s/deb-src http:\/\/(deb|httredir)\.debian\.org\/debian ${VERSION_CODENAME} main/deb http:\/\/\1\.debian\.org\/debian ${VERSION_CODENAME} main contrib non-free/" /etc/apt/sources.list
sed -i -E "s/deb http:\/\/(deb|httpredir)\.debian\.org\/debian ${VERSION_CODENAME}-updates main/deb http:\/\/\1\.debian\.org\/debian ${VERSION_CODENAME}-updates main contrib non-free/" /etc/apt/sources.list
sed -i -E "s/deb-src http:\/\/(deb|httpredir)\.debian\.org\/debian ${VERSION_CODENAME}-updates main/deb http:\/\/\1\.debian\.org\/debian ${VERSION_CODENAME}-updates main contrib non-free/" /etc/apt/sources.list
sed -i "s/deb http:\/\/security\.debian\.org\/debian-security ${VERSION_CODENAME}\/updates main/deb http:\/\/security\.debian\.org\/debian-security ${VERSION_CODENAME}\/updates main contrib non-free/" /etc/apt/sources.list
sed -i "s/deb-src http:\/\/security\.debian\.org\/debian-security ${VERSION_CODENAME}\/updates main/deb http:\/\/security\.debian\.org\/debian-security ${VERSION_CODENAME}\/updates main contrib non-free/" /etc/apt/sources.list
sed -i "s/deb http:\/\/deb\.debian\.org\/debian ${VERSION_CODENAME}-backports main/deb http:\/\/deb\.debian\.org\/debian ${VERSION_CODENAME}-backports main contrib non-free/" /etc/apt/sources.list
sed -i "s/deb-src http:\/\/deb\.debian\.org\/debian ${VERSION_CODENAME}-backports main/deb http:\/\/deb\.debian\.org\/debian ${VERSION_CODENAME}-backports main contrib non-free/" /etc/apt/sources.list
echo "Running apt-get update..."
apt-get update
package_list="${package_list} manpages-posix manpages-posix-dev"
else
apt_get_update_if_needed
fi
# Install libssl1.1 if available
if [[ ! -z $(apt-cache --names-only search ^libssl1.1$) ]]; then
package_list="${package_list} libssl1.1"
fi
# Install appropriate version of libssl1.0.x if available
libssl_package=$(dpkg-query -f '${db:Status-Abbrev}\t${binary:Package}\n' -W 'libssl1\.0\.?' 2>&1 || echo '')
if [ "$(echo "$LIlibssl_packageBSSL" | grep -o 'libssl1\.0\.[0-9]:' | uniq | sort | wc -l)" -eq 0 ]; then
if [[ ! -z $(apt-cache --names-only search ^libssl1.0.2$) ]]; then
# Debian 9
package_list="${package_list} libssl1.0.2"
elif [[ ! -z $(apt-cache --names-only search ^libssl1.0.0$) ]]; then
# Ubuntu 18.04, 16.04, earlier
package_list="${package_list} libssl1.0.0"
fi
fi
echo "Packages to verify are installed: ${package_list}"
apt-get -y install --no-install-recommends ${package_list} 2> >( grep -v 'debconf: delaying package configuration, since apt-utils is not installed' >&2 )
# Install git if not already installed (may be more recent than distro version)
if ! type git > /dev/null 2>&1; then
apt-get -y install --no-install-recommends git
fi
PACKAGES_ALREADY_INSTALLED="true"
fi
# Get to latest versions of all packages
if [ "${UPGRADE_PACKAGES}" = "true" ]; then
apt_get_update_if_needed
apt-get -y upgrade --no-install-recommends
apt-get autoremove -y
fi
# Ensure at least the en_US.UTF-8 UTF-8 locale is available.
# Common need for both applications and things like the agnoster ZSH theme.
if [ "${LOCALE_ALREADY_SET}" != "true" ] && ! grep -o -E '^\s*en_US.UTF-8\s+UTF-8' /etc/locale.gen > /dev/null; then
echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen
locale-gen
LOCALE_ALREADY_SET="true"
fi
# Create or update a non-root user to match UID/GID.
if id -u ${USERNAME} > /dev/null 2>&1; then
# User exists, update if needed
if [ "${USER_GID}" != "automatic" ] && [ "$USER_GID" != "$(id -G $USERNAME)" ]; then
groupmod --gid $USER_GID $USERNAME
usermod --gid $USER_GID $USERNAME
fi
if [ "${USER_UID}" != "automatic" ] && [ "$USER_UID" != "$(id -u $USERNAME)" ]; then
usermod --uid $USER_UID $USERNAME
fi
else
# Create user
if [ "${USER_GID}" = "automatic" ]; then
groupadd $USERNAME
else
groupadd --gid $USER_GID $USERNAME
fi
if [ "${USER_UID}" = "automatic" ]; then
useradd -s /bin/bash --gid $USERNAME -m $USERNAME
else
useradd -s /bin/bash --uid $USER_UID --gid $USERNAME -m $USERNAME
fi
fi
# Add add sudo support for non-root user
if [ "${USERNAME}" != "root" ] && [ "${EXISTING_NON_ROOT_USER}" != "${USERNAME}" ]; then
echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME
chmod 0440 /etc/sudoers.d/$USERNAME
EXISTING_NON_ROOT_USER="${USERNAME}"
fi
# ** Shell customization section **
if [ "${USERNAME}" = "root" ]; then
user_rc_path="/root"
else
user_rc_path="/home/${USERNAME}"
fi
# Restore user .bashrc defaults from skeleton file if it doesn't exist or is empty
if [ ! -f "${user_rc_path}/.bashrc" ] || [ ! -s "${user_rc_path}/.bashrc" ] ; then
cp /etc/skel/.bashrc "${user_rc_path}/.bashrc"
fi
# Restore user .profile defaults from skeleton file if it doesn't exist or is empty
if [ ! -f "${user_rc_path}/.profile" ] || [ ! -s "${user_rc_path}/.profile" ] ; then
cp /etc/skel/.profile "${user_rc_path}/.profile"
fi
# .bashrc/.zshrc snippet
rc_snippet="$(cat << 'EOF'
if [ -z "${USER}" ]; then export USER=$(whoami); fi
if [[ "${PATH}" != *"$HOME/.local/bin"* ]]; then export PATH="${PATH}:$HOME/.local/bin"; fi
# Display optional first run image specific notice if configured and terminal is interactive
if [ -t 1 ] && [[ "${TERM_PROGRAM}" = "vscode" || "${TERM_PROGRAM}" = "codespaces" ]] && [ ! -f "$HOME/.config/vscode-dev-containers/first-run-notice-already-displayed" ]; then
if [ -f "/usr/local/etc/vscode-dev-containers/first-run-notice.txt" ]; then
cat "/usr/local/etc/vscode-dev-containers/first-run-notice.txt"
elif [ -f "/workspaces/.codespaces/shared/first-run-notice.txt" ]; then
cat "/workspaces/.codespaces/shared/first-run-notice.txt"
fi
mkdir -p "$HOME/.config/vscode-dev-containers"
# Mark first run notice as displayed after 10s to avoid problems with fast terminal refreshes hiding it
((sleep 10s; touch "$HOME/.config/vscode-dev-containers/first-run-notice-already-displayed") &)
fi
# Set the default git editor if not already set
if [ -z "$(git config --get core.editor)" ] && [ -z "${GIT_EDITOR}" ]; then
if [ "${TERM_PROGRAM}" = "vscode" ]; then
if [[ -n $(command -v code-insiders) && -z $(command -v code) ]]; then
export GIT_EDITOR="code-insiders --wait"
else
export GIT_EDITOR="code --wait"
fi
fi
fi
EOF
)"
# code shim, it fallbacks to code-insiders if code is not available
cat << 'EOF' > /usr/local/bin/code
#!/bin/sh
get_in_path_except_current() {
which -a "$1" | grep -A1 "$0" | grep -v "$0"
}
code="$(get_in_path_except_current code)"
if [ -n "$code" ]; then
exec "$code" "$@"
elif [ "$(command -v code-insiders)" ]; then
exec code-insiders "$@"
else
echo "code or code-insiders is not installed" >&2
exit 127
fi
EOF
chmod +x /usr/local/bin/code
# systemctl shim - tells people to use 'service' if systemd is not running
cat << 'EOF' > /usr/local/bin/systemctl
#!/bin/sh
set -e
if [ -d "/run/systemd/system" ]; then
exec /bin/systemctl/systemctl "$@"
else
echo '\n"systemd" is not running in this container due to its overhead.\nUse the "service" command to start services intead. e.g.: \n\nservice --status-all'
fi
EOF
chmod +x /usr/local/bin/systemctl
# Codespaces bash and OMZ themes - partly inspired by https://github.com/ohmyzsh/ohmyzsh/blob/master/themes/robbyrussell.zsh-theme
codespaces_bash="$(cat \
<<'EOF'
# Codespaces bash prompt theme
__bash_prompt() {
local userpart='`export XIT=$? \
&& [ ! -z "${GITHUB_USER}" ] && echo -n "\[\033[0;32m\]@${GITHUB_USER} " || echo -n "\[\033[0;32m\]\u " \
&& [ "$XIT" -ne "0" ] && echo -n "\[\033[1;31m\]➜" || echo -n "\[\033[0m\]➜"`'
local gitbranch='`\
export BRANCH=$(git symbolic-ref --short HEAD 2>/dev/null || git rev-parse --short HEAD 2>/dev/null); \
if [ "${BRANCH}" != "" ]; then \
echo -n "\[\033[0;36m\](\[\033[1;31m\]${BRANCH}" \
&& if git ls-files --error-unmatch -m --directory --no-empty-directory -o --exclude-standard ":/*" > /dev/null 2>&1; then \
echo -n " \[\033[1;33m\]✗"; \
fi \
&& echo -n "\[\033[0;36m\]) "; \
fi`'
local lightblue='\[\033[1;34m\]'
local removecolor='\[\033[0m\]'
PS1="${userpart} ${lightblue}\w ${gitbranch}${removecolor}\$ "
unset -f __bash_prompt
}
__bash_prompt
EOF
)"
codespaces_zsh="$(cat \
<<'EOF'
# Codespaces zsh prompt theme
__zsh_prompt() {
local prompt_username
if [ ! -z "${GITHUB_USER}" ]; then
prompt_username="@${GITHUB_USER}"
else
prompt_username="%n"
fi
PROMPT="%{$fg[green]%}${prompt_username} %(?:%{$reset_color%}➜ :%{$fg_bold[red]%}➜ )" # User/exit code arrow
PROMPT+='%{$fg_bold[blue]%}%(5~|%-1~/…/%3~|%4~)%{$reset_color%} ' # cwd
PROMPT+='$(git_prompt_info)%{$fg[white]%}$ %{$reset_color%}' # Git status
unset -f __zsh_prompt
}
ZSH_THEME_GIT_PROMPT_PREFIX="%{$fg_bold[cyan]%}(%{$fg_bold[red]%}"
ZSH_THEME_GIT_PROMPT_SUFFIX="%{$reset_color%} "
ZSH_THEME_GIT_PROMPT_DIRTY=" %{$fg_bold[yellow]%}✗%{$fg_bold[cyan]%})"
ZSH_THEME_GIT_PROMPT_CLEAN="%{$fg_bold[cyan]%})"
__zsh_prompt
EOF
)"
# Add notice that Oh My Bash! has been removed from images and how to provide information on how to install manually
omb_readme="$(cat \
<<'EOF'
"Oh My Bash!" has been removed from this image in favor of a simple shell prompt. If you
still wish to use it, remove "~/.oh-my-bash" and install it from: https://github.com/ohmybash/oh-my-bash
You may also want to consider "Bash-it" as an alternative: https://github.com/bash-it/bash-it
See here for infomation on adding it to your image or dotfiles: https://aka.ms/codespaces/omb-remove
EOF
)"
omb_stub="$(cat \
<<'EOF'
#!/usr/bin/env bash
if [ -t 1 ]; then
cat $HOME/.oh-my-bash/README.md
fi
EOF
)"
# Add RC snippet and custom bash prompt
if [ "${RC_SNIPPET_ALREADY_ADDED}" != "true" ]; then
echo "${rc_snippet}" >> /etc/bash.bashrc
echo "${codespaces_bash}" >> "${user_rc_path}/.bashrc"
echo 'export PROMPT_DIRTRIM=4' >> "${user_rc_path}/.bashrc"
if [ "${USERNAME}" != "root" ]; then
echo "${codespaces_bash}" >> "/root/.bashrc"
echo 'export PROMPT_DIRTRIM=4' >> "/root/.bashrc"
fi
chown ${USERNAME}:${USERNAME} "${user_rc_path}/.bashrc"
RC_SNIPPET_ALREADY_ADDED="true"
fi
# Add stub for Oh My Bash!
if [ ! -d "${user_rc_path}/.oh-my-bash}" ] && [ "${INSTALL_OH_MYS}" = "true" ]; then
mkdir -p "${user_rc_path}/.oh-my-bash" "/root/.oh-my-bash"
echo "${omb_readme}" >> "${user_rc_path}/.oh-my-bash/README.md"
echo "${omb_stub}" >> "${user_rc_path}/.oh-my-bash/oh-my-bash.sh"
chmod +x "${user_rc_path}/.oh-my-bash/oh-my-bash.sh"
if [ "${USERNAME}" != "root" ]; then
echo "${omb_readme}" >> "/root/.oh-my-bash/README.md"
echo "${omb_stub}" >> "/root/.oh-my-bash/oh-my-bash.sh"
chmod +x "/root/.oh-my-bash/oh-my-bash.sh"
fi
chown -R "${USERNAME}:${USERNAME}" "${user_rc_path}/.oh-my-bash"
fi
# Optionally install and configure zsh and Oh My Zsh!
if [ "${INSTALL_ZSH}" = "true" ]; then
if ! type zsh > /dev/null 2>&1; then
apt_get_update_if_needed
apt-get install -y zsh
fi
if [ "${ZSH_ALREADY_INSTALLED}" != "true" ]; then
echo "${rc_snippet}" >> /etc/zsh/zshrc
ZSH_ALREADY_INSTALLED="true"
fi
# Adapted, simplified inline Oh My Zsh! install steps that adds, defaults to a codespaces theme.
# See https://github.com/ohmyzsh/ohmyzsh/blob/master/tools/install.sh for official script.
oh_my_install_dir="${user_rc_path}/.oh-my-zsh"
if [ ! -d "${oh_my_install_dir}" ] && [ "${INSTALL_OH_MYS}" = "true" ]; then
template_path="${oh_my_install_dir}/templates/zshrc.zsh-template"
user_rc_file="${user_rc_path}/.zshrc"
umask g-w,o-w
mkdir -p ${oh_my_install_dir}
git clone --depth=1 \
-c core.eol=lf \
-c core.autocrlf=false \
-c fsck.zeroPaddedFilemode=ignore \
-c fetch.fsck.zeroPaddedFilemode=ignore \
-c receive.fsck.zeroPaddedFilemode=ignore \
"https://github.com/ohmyzsh/ohmyzsh" "${oh_my_install_dir}" 2>&1
echo -e "$(cat "${template_path}")\nDISABLE_AUTO_UPDATE=true\nDISABLE_UPDATE_PROMPT=true" > ${user_rc_file}
sed -i -e 's/ZSH_THEME=.*/ZSH_THEME="codespaces"/g' ${user_rc_file}
mkdir -p ${oh_my_install_dir}/custom/themes
echo "${codespaces_zsh}" > "${oh_my_install_dir}/custom/themes/codespaces.zsh-theme"
# Shrink git while still enabling updates
cd "${oh_my_install_dir}"
git repack -a -d -f --depth=1 --window=1
# Copy to non-root user if one is specified
if [ "${USERNAME}" != "root" ]; then
cp -rf "${user_rc_file}" "${oh_my_install_dir}" /root
chown -R ${USERNAME}:${USERNAME} "${user_rc_path}"
fi
fi
fi
# Persist image metadata info, script if meta.env found in same directory
meta_info_script="$(cat << 'EOF'
#!/bin/sh
. /usr/local/etc/vscode-dev-containers/meta.env
# Minimal output
if [ "$1" = "version" ] || [ "$1" = "image-version" ]; then
echo "${VERSION}"
exit 0
elif [ "$1" = "release" ]; then
echo "${GIT_REPOSITORY_RELEASE}"
exit 0
elif [ "$1" = "content" ] || [ "$1" = "content-url" ] || [ "$1" = "contents" ] || [ "$1" = "contents-url" ]; then
echo "${CONTENTS_URL}"
exit 0
fi
#Full output
echo
echo "Development container image information"
echo
if [ ! -z "${VERSION}" ]; then echo "- Image version: ${VERSION}"; fi
if [ ! -z "${DEFINITION_ID}" ]; then echo "- Definition ID: ${DEFINITION_ID}"; fi
if [ ! -z "${VARIANT}" ]; then echo "- Variant: ${VARIANT}"; fi
if [ ! -z "${GIT_REPOSITORY}" ]; then echo "- Source code repository: ${GIT_REPOSITORY}"; fi
if [ ! -z "${GIT_REPOSITORY_RELEASE}" ]; then echo "- Source code release/branch: ${GIT_REPOSITORY_RELEASE}"; fi
if [ ! -z "${BUILD_TIMESTAMP}" ]; then echo "- Timestamp: ${BUILD_TIMESTAMP}"; fi
if [ ! -z "${CONTENTS_URL}" ]; then echo && echo "More info: ${CONTENTS_URL}"; fi
echo
EOF
)"
if [ -f "${SCRIPT_DIR}/meta.env" ]; then
mkdir -p /usr/local/etc/vscode-dev-containers/
cp -f "${SCRIPT_DIR}/meta.env" /usr/local/etc/vscode-dev-containers/meta.env
echo "${meta_info_script}" > /usr/local/bin/devcontainer-info
chmod +x /usr/local/bin/devcontainer-info
fi
# Write marker file
mkdir -p "$(dirname "${MARKER_FILE}")"
echo -e "\
PACKAGES_ALREADY_INSTALLED=${PACKAGES_ALREADY_INSTALLED}\n\
LOCALE_ALREADY_SET=${LOCALE_ALREADY_SET}\n\
EXISTING_NON_ROOT_USER=${EXISTING_NON_ROOT_USER}\n\
RC_SNIPPET_ALREADY_ADDED=${RC_SNIPPET_ALREADY_ADDED}\n\
ZSH_ALREADY_INSTALLED=${ZSH_ALREADY_INSTALLED}" > "${MARKER_FILE}"
echo "Done!"

28
solution/Deployment/arm/AppService_Func.bicep
Просмотреть файл

@ -1,28 +0,0 @@
@description('Location for all resources.')
param location string = resourceGroup().location
@description('')
param asp_name string = 'test'
resource asp_name_resource 'Microsoft.Web/serverfarms@2020-06-01' = {
name: asp_name
location: location
kind: 'functionapp'
properties: {
perSiteScaling: false
maximumElasticWorkerCount: 1
isSpot: false
reserved: false
isXenon: false
hyperV: false
targetWorkerCount: 0
targetWorkerSizeId: 0
}
sku: {
name: 'Y1'
tier: 'Dynamic'
size: 'Y1'
family: 'Y'
capacity: 0
}
}

49
solution/Deployment/arm/AppService_Func.json
Просмотреть файл

@ -1,49 +0,0 @@
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "Location for all resources."
}
},
"asp_name": {
"type": "string",
"defaultValue": "test",
"metadata": {
"description": ""
}
}
},
"resources": [
{
"type": "Microsoft.Web/serverfarms",
"apiVersion": "2020-06-01",
"name": "[parameters('asp_name')]",
"location": "[parameters('location')]",
"kind": "functionapp",
"properties": {
"perSiteScaling": false,
"maximumElasticWorkerCount": 1,
"isSpot": false,
"reserved": false,
"isXenon": false,
"hyperV": false,
"targetWorkerCount": 0,
"targetWorkerSizeId": 0
},
"sku": {
"name": "Y1",
"tier": "Dynamic",
"size": "Y1",
"family": "Y",
"capacity": 0
}
}
],
"outputs": {
}
}

27
solution/Deployment/arm/AppService_Web.bicep
Просмотреть файл

@ -1,27 +0,0 @@
@description('Location for all resources.')
param location string = resourceGroup().location
@description('')
param asp_name string = 'test'
resource asp_name_resource 'Microsoft.Web/serverfarms@2018-02-01' = {
name: asp_name
location: location
properties: {
perSiteScaling: false
maximumElasticWorkerCount: 1
isSpot: false
reserved: false
isXenon: false
hyperV: false
targetWorkerCount: 0
targetWorkerSizeId: 0
}
sku: {
name: 'S1'
tier: 'Standard'
size: 'S1'
family: 'S'
capacity: 1
}
}

48
solution/Deployment/arm/AppService_Web.json
Просмотреть файл

@ -1,48 +0,0 @@
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "Location for all resources."
}
},
"asp_name": {
"type": "string",
"defaultValue": "test",
"metadata": {
"description": ""
}
}
},
"resources": [
{
"type": "Microsoft.Web/serverfarms",
"apiVersion": "2018-02-01",
"name": "[parameters('asp_name')]",
"location": "[parameters('location')]",
"properties": {
"perSiteScaling": false,
"maximumElasticWorkerCount": 1,
"isSpot": false,
"reserved": false,
"isXenon": false,
"hyperV": false,
"targetWorkerCount": 0,
"targetWorkerSizeId": 0
},
"sku": {
"name": "S1",
"tier": "Standard",
"size": "S1",
"family": "S",
"capacity": 1
}
}
],
"outputs": {
}
}

288
solution/Deployment/arm/ApplicationInsights.bicep
Просмотреть файл

@ -1,288 +0,0 @@
param appinsights_name string = 'appinsights-adsgofastyckrmqteklajm'
param location string = 'australiaeast'
resource appinsights_name_resource 'microsoft.insights/components@2020-02-02-preview' = {
name: appinsights_name
location: location
tags: {}
kind: 'web'
properties: {
Application_Type: 'web'
IngestionMode: 'ApplicationInsights'
publicNetworkAccessForIngestion: 'Enabled'
publicNetworkAccessForQuery: 'Enabled'
}
}
resource appinsights_name_degradationindependencyduration 'microsoft.insights/components/ProactiveDetectionConfigs@2018-05-01-preview' = {
parent: appinsights_name_resource
name: 'degradationindependencyduration'
location: location
properties: {
RuleDefinitions: {
Name: 'degradationindependencyduration'
DisplayName: 'Degradation in dependency duration'
Description: 'Smart Detection rules notify you of performance anomaly issues.'
HelpUrl: 'https://docs.microsoft.com/en-us/azure/application-insights/app-insights-proactive-performance-diagnostics'
IsHidden: false
IsEnabledByDefault: true
IsInPreview: false
SupportsEmailNotifications: true
}
Enabled: true
SendEmailsToSubscriptionOwners: true
CustomEmails: []
}
}
resource appinsights_name_degradationinserverresponsetime 'microsoft.insights/components/ProactiveDetectionConfigs@2018-05-01-preview' = {
parent: appinsights_name_resource
name: 'degradationinserverresponsetime'
location: location
properties: {
RuleDefinitions: {
Name: 'degradationinserverresponsetime'
DisplayName: 'Degradation in server response time'
Description: 'Smart Detection rules notify you of performance anomaly issues.'
HelpUrl: 'https://docs.microsoft.com/en-us/azure/application-insights/app-insights-proactive-performance-diagnostics'
IsHidden: false
IsEnabledByDefault: true
IsInPreview: false
SupportsEmailNotifications: true
}
Enabled: true
SendEmailsToSubscriptionOwners: true
CustomEmails: []
}
}
resource appinsights_name_digestMailConfiguration 'microsoft.insights/components/ProactiveDetectionConfigs@2018-05-01-preview' = {
parent: appinsights_name_resource
name: 'digestMailConfiguration'
location: location
properties: {
RuleDefinitions: {
Name: 'digestMailConfiguration'
DisplayName: 'Digest Mail Configuration'
Description: 'This rule describes the digest mail preferences'
HelpUrl: 'www.homail.com'
IsHidden: true
IsEnabledByDefault: true
IsInPreview: false
SupportsEmailNotifications: true
}
Enabled: true
SendEmailsToSubscriptionOwners: true
CustomEmails: []
}
}
resource appinsights_name_extension_billingdatavolumedailyspikeextension 'microsoft.insights/components/ProactiveDetectionConfigs@2018-05-01-preview' = {
parent: appinsights_name_resource
name: 'extension_billingdatavolumedailyspikeextension'
location: location
properties: {
RuleDefinitions: {
Name: 'extension_billingdatavolumedailyspikeextension'
DisplayName: 'Abnormal rise in daily data volume (preview)'
Description: 'This detection rule automatically analyzes the billing data generated by your application, and can warn you about an unusual increase in your application\'s billing costs'
HelpUrl: 'https://github.com/Microsoft/ApplicationInsights-Home/tree/master/SmartDetection/billing-data-volume-daily-spike.md'
IsHidden: false
IsEnabledByDefault: true
IsInPreview: true
SupportsEmailNotifications: false
}
Enabled: true
SendEmailsToSubscriptionOwners: true
CustomEmails: []
}
}
resource appinsights_name_extension_canaryextension 'microsoft.insights/components/ProactiveDetectionConfigs@2018-05-01-preview' = {
parent: appinsights_name_resource
name: 'extension_canaryextension'
location: location
properties: {
RuleDefinitions: {
Name: 'extension_canaryextension'
DisplayName: 'Canary extension'
Description: 'Canary extension'
HelpUrl: 'https://github.com/Microsoft/ApplicationInsights-Home/blob/master/SmartDetection/'
IsHidden: true
IsEnabledByDefault: true
IsInPreview: true
SupportsEmailNotifications: false
}
Enabled: true
SendEmailsToSubscriptionOwners: true
CustomEmails: []
}
}
resource appinsights_name_extension_exceptionchangeextension 'microsoft.insights/components/ProactiveDetectionConfigs@2018-05-01-preview' = {
parent: appinsights_name_resource
name: 'extension_exceptionchangeextension'
location: location
properties: {
RuleDefinitions: {
Name: 'extension_exceptionchangeextension'
DisplayName: 'Abnormal rise in exception volume (preview)'
Description: 'This detection rule automatically analyzes the exceptions thrown in your application, and can warn you about unusual patterns in your exception telemetry.'
HelpUrl: 'https://github.com/Microsoft/ApplicationInsights-Home/blob/master/SmartDetection/abnormal-rise-in-exception-volume.md'
IsHidden: false
IsEnabledByDefault: true
IsInPreview: true
SupportsEmailNotifications: false
}
Enabled: true
SendEmailsToSubscriptionOwners: true
CustomEmails: []
}
}
resource appinsights_name_extension_memoryleakextension 'microsoft.insights/components/ProactiveDetectionConfigs@2018-05-01-preview' = {
parent: appinsights_name_resource
name: 'extension_memoryleakextension'
location: location
properties: {
RuleDefinitions: {
Name: 'extension_memoryleakextension'
DisplayName: 'Potential memory leak detected (preview)'
Description: 'This detection rule automatically analyzes the memory consumption of each process in your application, and can warn you about potential memory leaks or increased memory consumption.'
HelpUrl: 'https://github.com/Microsoft/ApplicationInsights-Home/tree/master/SmartDetection/memory-leak.md'
IsHidden: false
IsEnabledByDefault: true
IsInPreview: true
SupportsEmailNotifications: false
}
Enabled: true
SendEmailsToSubscriptionOwners: true
CustomEmails: []
}
}
resource appinsights_name_extension_securityextensionspackage 'microsoft.insights/components/ProactiveDetectionConfigs@2018-05-01-preview' = {
parent: appinsights_name_resource
name: 'extension_securityextensionspackage'
location: location
properties: {
RuleDefinitions: {
Name: 'extension_securityextensionspackage'
DisplayName: 'Potential security issue detected (preview)'
Description: 'This detection rule automatically analyzes the telemetry generated by your application and detects potential security issues.'
HelpUrl: 'https://github.com/Microsoft/ApplicationInsights-Home/blob/master/SmartDetection/application-security-detection-pack.md'
IsHidden: false
IsEnabledByDefault: true
IsInPreview: true
SupportsEmailNotifications: false
}
Enabled: true
SendEmailsToSubscriptionOwners: true
CustomEmails: []
}
}
resource appinsights_name_extension_traceseveritydetector 'microsoft.insights/components/ProactiveDetectionConfigs@2018-05-01-preview' = {
parent: appinsights_name_resource
name: 'extension_traceseveritydetector'
location: location
properties: {
RuleDefinitions: {
Name: 'extension_traceseveritydetector'
DisplayName: 'Degradation in trace severity ratio (preview)'
Description: 'This detection rule automatically analyzes the trace logs emitted from your application, and can warn you about unusual patterns in the severity of your trace telemetry.'
HelpUrl: 'https://github.com/Microsoft/ApplicationInsights-Home/blob/master/SmartDetection/degradation-in-trace-severity-ratio.md'
IsHidden: false
IsEnabledByDefault: true
IsInPreview: true
SupportsEmailNotifications: false
}
Enabled: true
SendEmailsToSubscriptionOwners: true
CustomEmails: []
}
}
resource appinsights_name_longdependencyduration 'microsoft.insights/components/ProactiveDetectionConfigs@2018-05-01-preview' = {
parent: appinsights_name_resource
name: 'longdependencyduration'
location: location
properties: {
RuleDefinitions: {
Name: 'longdependencyduration'
DisplayName: 'Long dependency duration'
Description: 'Smart Detection rules notify you of performance anomaly issues.'
HelpUrl: 'https://docs.microsoft.com/en-us/azure/application-insights/app-insights-proactive-performance-diagnostics'
IsHidden: false
IsEnabledByDefault: true
IsInPreview: false
SupportsEmailNotifications: true
}
Enabled: true
SendEmailsToSubscriptionOwners: true
CustomEmails: []
}
}
resource appinsights_name_migrationToAlertRulesCompleted 'microsoft.insights/components/ProactiveDetectionConfigs@2018-05-01-preview' = {
parent: appinsights_name_resource
name: 'migrationToAlertRulesCompleted'
location: location
properties: {
RuleDefinitions: {
Name: 'migrationToAlertRulesCompleted'
DisplayName: 'Migration To Alert Rules Completed'
Description: 'A configuration that controls the migration state of Smart Detection to Smart Alerts'
HelpUrl: 'https://docs.microsoft.com/en-us/azure/application-insights/app-insights-proactive-performance-diagnostics'
IsHidden: true
IsEnabledByDefault: false
IsInPreview: true
SupportsEmailNotifications: false
}
Enabled: false
SendEmailsToSubscriptionOwners: true
CustomEmails: []
}
}
resource appinsights_name_slowpageloadtime 'microsoft.insights/components/ProactiveDetectionConfigs@2018-05-01-preview' = {
parent: appinsights_name_resource
name: 'slowpageloadtime'
location: location
properties: {
RuleDefinitions: {
Name: 'slowpageloadtime'
DisplayName: 'Slow page load time'
Description: 'Smart Detection rules notify you of performance anomaly issues.'
HelpUrl: 'https://docs.microsoft.com/en-us/azure/application-insights/app-insights-proactive-performance-diagnostics'
IsHidden: false
IsEnabledByDefault: true
IsInPreview: false
SupportsEmailNotifications: true
}
Enabled: true
SendEmailsToSubscriptionOwners: true
CustomEmails: []
}
}
resource appinsights_name_slowserverresponsetime 'microsoft.insights/components/ProactiveDetectionConfigs@2018-05-01-preview' = {
parent: appinsights_name_resource
name: 'slowserverresponsetime'
location: location
properties: {
RuleDefinitions: {
Name: 'slowserverresponsetime'
DisplayName: 'Slow server response time'
Description: 'Smart Detection rules notify you of performance anomaly issues.'
HelpUrl: 'https://docs.microsoft.com/en-us/azure/application-insights/app-insights-proactive-performance-diagnostics'
IsHidden: false
IsEnabledByDefault: true
IsInPreview: false
SupportsEmailNotifications: true
}
Enabled: true
SendEmailsToSubscriptionOwners: true
CustomEmails: []
}
}

345
solution/Deployment/arm/ApplicationInsights.json
Просмотреть файл

@ -1,345 +0,0 @@
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"appinsights_name": {
"defaultValue": "appinsights-adsgofastyckrmqteklajm",
"type": "String"
},
"location": {
"defaultValue": "australiaeast",
"type": "String"
}
},
"variables": {},
"resources": [
{
"type": "microsoft.insights/components",
"apiVersion": "2020-02-02-preview",
"name": "[parameters('appinsights_name')]",
"location": "[parameters('location')]",
"tags": {
},
"kind": "web",
"properties": {
"Application_Type": "web",
"IngestionMode": "ApplicationInsights",
"publicNetworkAccessForIngestion": "Enabled",
"publicNetworkAccessForQuery": "Enabled"
}
},
{
"type": "microsoft.insights/components/ProactiveDetectionConfigs",
"apiVersion": "2018-05-01-preview",
"name": "[concat(parameters('appinsights_name'), '/degradationindependencyduration')]",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('microsoft.insights/components', parameters('appinsights_name'))]"
],
"properties": {
"ruleDefinitions": {
"Name": "degradationindependencyduration",
"DisplayName": "Degradation in dependency duration",
"Description": "Smart Detection rules notify you of performance anomaly issues.",
"HelpUrl": "https://docs.microsoft.com/en-us/azure/application-insights/app-insights-proactive-performance-diagnostics",
"IsHidden": false,
"IsEnabledByDefault": true,
"IsInPreview": false,
"SupportsEmailNotifications": true
},
"enabled": true,
"sendEmailsToSubscriptionOwners": true,
"customEmails": []
}
},
{
"type": "microsoft.insights/components/ProactiveDetectionConfigs",
"apiVersion": "2018-05-01-preview",
"name": "[concat(parameters('appinsights_name'), '/degradationinserverresponsetime')]",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('microsoft.insights/components', parameters('appinsights_name'))]"
],
"properties": {
"ruleDefinitions": {
"Name": "degradationinserverresponsetime",
"DisplayName": "Degradation in server response time",
"Description": "Smart Detection rules notify you of performance anomaly issues.",
"HelpUrl": "https://docs.microsoft.com/en-us/azure/application-insights/app-insights-proactive-performance-diagnostics",
"IsHidden": false,
"IsEnabledByDefault": true,
"IsInPreview": false,
"SupportsEmailNotifications": true
},
"enabled": true,
"sendEmailsToSubscriptionOwners": true,
"customEmails": []
}
},
{
"type": "microsoft.insights/components/ProactiveDetectionConfigs",
"apiVersion": "2018-05-01-preview",
"name": "[concat(parameters('appinsights_name'), '/digestMailConfiguration')]",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('microsoft.insights/components', parameters('appinsights_name'))]"
],
"properties": {
"ruleDefinitions": {
"Name": "digestMailConfiguration",
"DisplayName": "Digest Mail Configuration",
"Description": "This rule describes the digest mail preferences",
"HelpUrl": "www.homail.com",
"IsHidden": true,
"IsEnabledByDefault": true,
"IsInPreview": false,
"SupportsEmailNotifications": true
},
"enabled": true,
"sendEmailsToSubscriptionOwners": true,
"customEmails": []
}
},
{
"type": "microsoft.insights/components/ProactiveDetectionConfigs",
"apiVersion": "2018-05-01-preview",
"name": "[concat(parameters('appinsights_name'), '/extension_billingdatavolumedailyspikeextension')]",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('microsoft.insights/components', parameters('appinsights_name'))]"
],
"properties": {
"ruleDefinitions": {
"Name": "extension_billingdatavolumedailyspikeextension",
"DisplayName": "Abnormal rise in daily data volume (preview)",
"Description": "This detection rule automatically analyzes the billing data generated by your application, and can warn you about an unusual increase in your application's billing costs",
"HelpUrl": "https://github.com/Microsoft/ApplicationInsights-Home/tree/master/SmartDetection/billing-data-volume-daily-spike.md",
"IsHidden": false,
"IsEnabledByDefault": true,
"IsInPreview": true,
"SupportsEmailNotifications": false
},
"enabled": true,
"sendEmailsToSubscriptionOwners": true,
"customEmails": []
}
},
{
"type": "microsoft.insights/components/ProactiveDetectionConfigs",
"apiVersion": "2018-05-01-preview",
"name": "[concat(parameters('appinsights_name'), '/extension_canaryextension')]",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('microsoft.insights/components', parameters('appinsights_name'))]"
],
"properties": {
"ruleDefinitions": {
"Name": "extension_canaryextension",
"DisplayName": "Canary extension",
"Description": "Canary extension",
"HelpUrl": "https://github.com/Microsoft/ApplicationInsights-Home/blob/master/SmartDetection/",
"IsHidden": true,
"IsEnabledByDefault": true,
"IsInPreview": true,
"SupportsEmailNotifications": false
},
"enabled": true,
"sendEmailsToSubscriptionOwners": true,
"customEmails": []
}
},
{
"type": "microsoft.insights/components/ProactiveDetectionConfigs",
"apiVersion": "2018-05-01-preview",
"name": "[concat(parameters('appinsights_name'), '/extension_exceptionchangeextension')]",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('microsoft.insights/components', parameters('appinsights_name'))]"
],
"properties": {
"ruleDefinitions": {
"Name": "extension_exceptionchangeextension",
"DisplayName": "Abnormal rise in exception volume (preview)",
"Description": "This detection rule automatically analyzes the exceptions thrown in your application, and can warn you about unusual patterns in your exception telemetry.",
"HelpUrl": "https://github.com/Microsoft/ApplicationInsights-Home/blob/master/SmartDetection/abnormal-rise-in-exception-volume.md",
"IsHidden": false,
"IsEnabledByDefault": true,
"IsInPreview": true,
"SupportsEmailNotifications": false
},
"enabled": true,
"sendEmailsToSubscriptionOwners": true,
"customEmails": []
}
},
{
"type": "microsoft.insights/components/ProactiveDetectionConfigs",
"apiVersion": "2018-05-01-preview",
"name": "[concat(parameters('appinsights_name'), '/extension_memoryleakextension')]",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('microsoft.insights/components', parameters('appinsights_name'))]"
],
"properties": {
"ruleDefinitions": {
"Name": "extension_memoryleakextension",
"DisplayName": "Potential memory leak detected (preview)",
"Description": "This detection rule automatically analyzes the memory consumption of each process in your application, and can warn you about potential memory leaks or increased memory consumption.",
"HelpUrl": "https://github.com/Microsoft/ApplicationInsights-Home/tree/master/SmartDetection/memory-leak.md",
"IsHidden": false,
"IsEnabledByDefault": true,
"IsInPreview": true,
"SupportsEmailNotifications": false
},
"enabled": true,
"sendEmailsToSubscriptionOwners": true,
"customEmails": []
}
},
{
"type": "microsoft.insights/components/ProactiveDetectionConfigs",
"apiVersion": "2018-05-01-preview",
"name": "[concat(parameters('appinsights_name'), '/extension_securityextensionspackage')]",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('microsoft.insights/components', parameters('appinsights_name'))]"
],
"properties": {
"ruleDefinitions": {
"Name": "extension_securityextensionspackage",
"DisplayName": "Potential security issue detected (preview)",
"Description": "This detection rule automatically analyzes the telemetry generated by your application and detects potential security issues.",
"HelpUrl": "https://github.com/Microsoft/ApplicationInsights-Home/blob/master/SmartDetection/application-security-detection-pack.md",
"IsHidden": false,
"IsEnabledByDefault": true,
"IsInPreview": true,
"SupportsEmailNotifications": false
},
"enabled": true,
"sendEmailsToSubscriptionOwners": true,
"customEmails": []
}
},
{
"type": "microsoft.insights/components/ProactiveDetectionConfigs",
"apiVersion": "2018-05-01-preview",
"name": "[concat(parameters('appinsights_name'), '/extension_traceseveritydetector')]",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('microsoft.insights/components', parameters('appinsights_name'))]"
],
"properties": {
"ruleDefinitions": {
"Name": "extension_traceseveritydetector",
"DisplayName": "Degradation in trace severity ratio (preview)",
"Description": "This detection rule automatically analyzes the trace logs emitted from your application, and can warn you about unusual patterns in the severity of your trace telemetry.",
"HelpUrl": "https://github.com/Microsoft/ApplicationInsights-Home/blob/master/SmartDetection/degradation-in-trace-severity-ratio.md",
"IsHidden": false,
"IsEnabledByDefault": true,
"IsInPreview": true,
"SupportsEmailNotifications": false
},
"enabled": true,
"sendEmailsToSubscriptionOwners": true,
"customEmails": []
}
},
{
"type": "microsoft.insights/components/ProactiveDetectionConfigs",
"apiVersion": "2018-05-01-preview",
"name": "[concat(parameters('appinsights_name'), '/longdependencyduration')]",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('microsoft.insights/components', parameters('appinsights_name'))]"
],
"properties": {
"ruleDefinitions": {
"Name": "longdependencyduration",
"DisplayName": "Long dependency duration",
"Description": "Smart Detection rules notify you of performance anomaly issues.",
"HelpUrl": "https://docs.microsoft.com/en-us/azure/application-insights/app-insights-proactive-performance-diagnostics",
"IsHidden": false,
"IsEnabledByDefault": true,
"IsInPreview": false,
"SupportsEmailNotifications": true
},
"enabled": true,
"sendEmailsToSubscriptionOwners": true,
"customEmails": []
}
},
{
"type": "microsoft.insights/components/ProactiveDetectionConfigs",
"apiVersion": "2018-05-01-preview",
"name": "[concat(parameters('appinsights_name'), '/migrationToAlertRulesCompleted')]",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('microsoft.insights/components', parameters('appinsights_name'))]"
],
"properties": {
"ruleDefinitions": {
"Name": "migrationToAlertRulesCompleted",
"DisplayName": "Migration To Alert Rules Completed",
"Description": "A configuration that controls the migration state of Smart Detection to Smart Alerts",
"HelpUrl": "https://docs.microsoft.com/en-us/azure/application-insights/app-insights-proactive-performance-diagnostics",
"IsHidden": true,
"IsEnabledByDefault": false,
"IsInPreview": true,
"SupportsEmailNotifications": false
},
"enabled": false,
"sendEmailsToSubscriptionOwners": true,
"customEmails": []
}
},
{
"type": "microsoft.insights/components/ProactiveDetectionConfigs",
"apiVersion": "2018-05-01-preview",
"name": "[concat(parameters('appinsights_name'), '/slowpageloadtime')]",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('microsoft.insights/components', parameters('appinsights_name'))]"
],
"properties": {
"ruleDefinitions": {
"Name": "slowpageloadtime",
"DisplayName": "Slow page load time",
"Description": "Smart Detection rules notify you of performance anomaly issues.",
"HelpUrl": "https://docs.microsoft.com/en-us/azure/application-insights/app-insights-proactive-performance-diagnostics",
"IsHidden": false,
"IsEnabledByDefault": true,
"IsInPreview": false,
"SupportsEmailNotifications": true
},
"enabled": true,
"sendEmailsToSubscriptionOwners": true,
"customEmails": []
}
},
{
"type": "microsoft.insights/components/ProactiveDetectionConfigs",
"apiVersion": "2018-05-01-preview",
"name": "[concat(parameters('appinsights_name'), '/slowserverresponsetime')]",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('microsoft.insights/components', parameters('appinsights_name'))]"
],
"properties": {
"ruleDefinitions": {
"Name": "slowserverresponsetime",
"DisplayName": "Slow server response time",
"Description": "Smart Detection rules notify you of performance anomaly issues.",
"HelpUrl": "https://docs.microsoft.com/en-us/azure/application-insights/app-insights-proactive-performance-diagnostics",
"IsHidden": false,
"IsEnabledByDefault": true,
"IsInPreview": false,
"SupportsEmailNotifications": true
},
"enabled": true,
"sendEmailsToSubscriptionOwners": true,
"customEmails": []
}
}
]
}

172
solution/Deployment/arm/AzureSQLServer.json
Просмотреть файл

@ -1,172 +0,0 @@
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"metadata": {
"_generator": {
"name": "bicep",
"version": "0.4.613.9944",
"templateHash": "6917878293454276384"
}
},
"parameters": {
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "Location for all resources."
}
},
"sql_server_name": {
"type": "string",
"defaultValue": "[format('adsgofast-srv-{0}', uniqueString(resourceGroup().id))]",
"metadata": {
"description": "Azure SQL Server Name (Logical Server)."
}
},
"sql_admin_login": {
"type": "string",
"defaultValue": "adsgofastadmin",
"metadata": {
"description": "The administrator username of the SQL logical server"
}
},
"sql_admin_password": {
"type": "secureString",
"metadata": {
"description": "The administrator password of the SQL logical server."
}
},
"sample_db_name": {
"type": "string",
"defaultValue": "AdventureWorksLT"
},
"ads_go_fast_db_name": {
"type": "string",
"defaultValue": "adsgofast"
},
"staging_db_name": {
"type": "string",
"defaultValue": "staging"
},
"vnet_name": {
"type": "string",
"defaultValue": "adsgofast-vnet",
"metadata": {
"description": "Name of Azure Bastion resource"
}
}
},
"functions": [],
"variables": {
"data_subnet_name": "Data",
"sample_database_name_var": "[format('{0}/{1}', parameters('sql_server_name'), parameters('sample_db_name'))]",
"ads_go_fast_database_name_var": "[format('{0}/{1}', parameters('sql_server_name'), parameters('ads_go_fast_db_name'))]",
"staging_database_name_var": "[format('{0}/{1}', parameters('sql_server_name'), parameters('staging_db_name'))]",
"vnet_data_subnet_resource_id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('vnet_name'), variables('data_subnet_name'))]"
},
"resources": [
{
"type": "Microsoft.Sql/servers",
"apiVersion": "2019-06-01-preview",
"name": "[parameters('sql_server_name')]",
"location": "[parameters('location')]",
"tags": {
"displayName": "[parameters('sql_server_name')]"
},
"properties": {
"administratorLogin": "[parameters('sql_admin_login')]",
"administratorLoginPassword": "[parameters('sql_admin_password')]",
"version": "12.0",
"publicNetworkAccess": "Enabled"
}
},
{
"type": "Microsoft.Sql/servers/virtualNetworkRules",
"apiVersion": "2015-05-01-preview",
"name": "[format('{0}/{1}', parameters('sql_server_name'), variables('data_subnet_name'))]",
"properties": {
"virtualNetworkSubnetId": "[variables('vnet_data_subnet_resource_id')]",
"ignoreMissingVnetServiceEndpoint": false
},
"dependsOn": [
"[resourceId('Microsoft.Sql/servers', parameters('sql_server_name'))]"
]
},
{
"type": "Microsoft.Sql/servers/databases",
"apiVersion": "2019-06-01-preview",
"name": "[variables('sample_database_name_var')]",
"location": "[parameters('location')]",
"tags": {
"displayName": "[variables('sample_database_name_var')]"
},
"sku": {
"name": "Standard",
"tier": "Standard",
"capacity": 50
},
"properties": {
"collation": "SQL_Latin1_General_CP1_CI_AS",
"maxSizeBytes": 32212254720,
"catalogCollation": "SQL_Latin1_General_CP1_CI_AS",
"zoneRedundant": false,
"readScale": "Disabled",
"storageAccountType": "GRS",
"sampleName": "AdventureWorksLT"
},
"dependsOn": [
"[resourceId('Microsoft.Sql/servers', parameters('sql_server_name'))]"
]
},
{
"type": "Microsoft.Sql/servers/databases",
"apiVersion": "2019-06-01-preview",
"name": "[variables('ads_go_fast_database_name_var')]",
"location": "[parameters('location')]",
"tags": {
"displayName": "[variables('ads_go_fast_database_name_var')]"
},
"sku": {
"name": "Standard",
"tier": "Standard",
"capacity": 50
},
"properties": {
"collation": "SQL_Latin1_General_CP1_CI_AS",
"maxSizeBytes": 32212254720,
"catalogCollation": "SQL_Latin1_General_CP1_CI_AS",
"zoneRedundant": false,
"readScale": "Disabled",
"storageAccountType": "GRS"
},
"dependsOn": [
"[resourceId('Microsoft.Sql/servers', parameters('sql_server_name'))]"
]
},
{
"type": "Microsoft.Sql/servers/databases",
"apiVersion": "2019-06-01-preview",
"name": "[variables('staging_database_name_var')]",
"location": "[parameters('location')]",
"tags": {
"displayName": "[variables('staging_database_name_var')]"
},
"sku": {
"name": "Standard",
"tier": "Standard",
"capacity": 100
},
"properties": {
"collation": "SQL_Latin1_General_CP1_CI_AS",
"maxSizeBytes": 32212254720,
"catalogCollation": "SQL_Latin1_General_CP1_CI_AS",
"zoneRedundant": false,
"readScale": "Disabled",
"storageAccountType": "GRS"
},
"dependsOn": [
"[resourceId('Microsoft.Sql/servers', parameters('sql_server_name'))]"
]
}
]
}

120
solution/Deployment/arm/AzureSqlServer.bicep
Просмотреть файл

@ -1,120 +0,0 @@
@description('Location for all resources.')
param location string = resourceGroup().location
@description('Azure SQL Server Name (Logical Server).')
param sql_server_name string = 'adsgofast-srv-${uniqueString(resourceGroup().id)}'
@description('The administrator username of the SQL logical server')
param sql_admin_login string = 'adsgofastadmin'
@description('The administrator password of the SQL logical server.')
@secure()
param sql_admin_password string
param sample_db_name string = 'AdventureWorksLT'
param ads_go_fast_db_name string = 'adsgofast'
param staging_db_name string = 'staging'
@description('Name of Azure Bastion resource')
param vnet_name string = 'adsgofast-vnet'
var data_subnet_name = 'Data'
var sample_database_name_var = '${sql_server_name}/${sample_db_name}'
var ads_go_fast_database_name_var = '${sql_server_name}/${ads_go_fast_db_name}'
var staging_database_name_var = '${sql_server_name}/${staging_db_name}'
var vnet_data_subnet_resource_id = resourceId('Microsoft.Network/virtualNetworks/subnets', vnet_name, data_subnet_name)
resource sql_server_name_resource 'Microsoft.Sql/servers@2019-06-01-preview' = {
name: sql_server_name
location: location
tags: {
displayName: sql_server_name
}
properties: {
administratorLogin: sql_admin_login
administratorLoginPassword: sql_admin_password
version: '12.0'
publicNetworkAccess: 'Enabled'
}
}
resource sql_server_name_data_subnet_name 'Microsoft.Sql/servers/virtualNetworkRules@2015-05-01-preview' = {
parent: sql_server_name_resource
name: '${data_subnet_name}'
properties: {
virtualNetworkSubnetId: vnet_data_subnet_resource_id
ignoreMissingVnetServiceEndpoint: false
}
}
resource sample_database_name 'Microsoft.Sql/servers/databases@2019-06-01-preview' = {
name: sample_database_name_var
location: location
tags: {
displayName: sample_database_name_var
}
sku: {
name: 'Standard'
tier: 'Standard'
capacity: 50
}
properties: {
collation: 'SQL_Latin1_General_CP1_CI_AS'
maxSizeBytes: 32212254720
catalogCollation: 'SQL_Latin1_General_CP1_CI_AS'
zoneRedundant: false
readScale: 'Disabled'
storageAccountType: 'GRS'
sampleName: 'AdventureWorksLT'
}
dependsOn: [
sql_server_name_resource
]
}
resource ads_go_fast_database_name 'Microsoft.Sql/servers/databases@2019-06-01-preview' = {
name: ads_go_fast_database_name_var
location: location
tags: {
displayName: ads_go_fast_database_name_var
}
sku: {
name: 'Standard'
tier: 'Standard'
capacity: 50
}
properties: {
collation: 'SQL_Latin1_General_CP1_CI_AS'
maxSizeBytes: 32212254720
catalogCollation: 'SQL_Latin1_General_CP1_CI_AS'
zoneRedundant: false
readScale: 'Disabled'
storageAccountType: 'GRS'
}
dependsOn: [
sql_server_name_resource
]
}
resource staging_database_name 'Microsoft.Sql/servers/databases@2019-06-01-preview' = {
name: staging_database_name_var
location: location
tags: {
displayName: staging_database_name_var
}
sku: {
name: 'Standard'
tier: 'Standard'
capacity: 100
}
properties: {
collation: 'SQL_Latin1_General_CP1_CI_AS'
maxSizeBytes: 32212254720
catalogCollation: 'SQL_Latin1_General_CP1_CI_AS'
zoneRedundant: false
readScale: 'Disabled'
storageAccountType: 'GRS'
}
dependsOn: [
sql_server_name_resource
]
}

14
solution/Deployment/arm/DataFactory.bicep
Просмотреть файл

@ -1,14 +0,0 @@
@description('Location for all resources.')
param location string = resourceGroup().location
@description('')
param adf_name string = 'test'
resource adf_name_resource 'Microsoft.DataFactory/factories@2018-06-01' = {
name: adf_name
location: location
identity: {
type: 'SystemAssigned'
}
properties: {}
}

31
solution/Deployment/arm/DataFactory.json
Просмотреть файл

@ -1,31 +0,0 @@
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "Location for all resources."
}
},
"adf-name": {
"type": "string",
"defaultValue": "test",
"metadata": {
"description": ""
}
}
},
"resources": [{
"apiVersion": "2018-06-01",
"name": "[parameters('adf-name')]",
"location": "[parameters('location')]",
"type": "Microsoft.DataFactory/factories",
"identity": {
"type": "SystemAssigned"
},
"properties": {}
}],
"outputs":{}
}

48
solution/Deployment/arm/FunctionApp.bicep
Просмотреть файл

@ -1,48 +0,0 @@
@description('Location for all resources.')
param location string = resourceGroup().location
@description('The name of you Web Site.')
param azure_function_site_name string = 'FuncApp-${uniqueString(resourceGroup().id)}'
@description('The name of Azure Application Insights.')
param app_insights_name string = 'appinsights-adsgofast'
@description('The name of storage account used for logging')
param storage_log_account_name string = 'adsgofastlog'
@description('A key to the storage account')
param storage_log_account_key string = ''
@description('')
param appservice_name string = ''
resource azure_function_site_name_resource 'Microsoft.Web/sites@2020-06-01' = {
name: azure_function_site_name
kind: 'functionapp'
location: location
properties: {
name: azure_function_site_name
siteConfig: {
appSettings: [
{
name: 'FUNCTIONS_WORKER_RUNTIME'
value: 'dotnet'
}
{
name: 'FUNCTIONS_EXTENSION_VERSION'
value: '~3'
}
{
name: 'AzureWebJobsStorage'
value: 'DefaultEndpointsProtocol=https;AccountName=${storage_log_account_name};AccountKey=${storage_log_account_key}'
}
{
name: 'APPINSIGHTS_INSTRUMENTATIONKEY'
value: reference(resourceId('microsoft.insights/components/', app_insights_name), '2015-05-01').InstrumentationKey
}
]
}
serverFarmId: resourceId('Microsoft.Web/serverfarms', appservice_name)
clientAffinityEnabled: false
}
}

84
solution/Deployment/arm/FunctionApp.json
Просмотреть файл

@ -1,84 +0,0 @@
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "Location for all resources."
}
},
"azure-function-site-name": {
"type": "string",
"defaultValue": "[concat('FuncApp-', uniqueString(resourceGroup().id))]",
"metadata": {
"description": "The name of you Web Site."
}
},
"app-insights-name": {
"type": "string",
"defaultValue": "appinsights-adsgofast",
"metadata": {
"description": "The name of Azure Application Insights."
}
},
"storage-log-account-name": {
"type": "string",
"defaultValue": "adsgofastlog",
"metadata": {
"description": "The name of storage account used for logging"
}
},
"storage-log-account-key": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "A key to the storage account"
}
},
"appservice-name": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": ""
}
}
},
"resources": [
{
"type": "Microsoft.Web/sites",
"apiVersion": "2020-06-01",
"name": "[parameters('azure-function-site-name')]",
"kind": "functionapp",
"location": "[parameters('location')]",
"properties": {
"name": "[parameters('azure-function-site-name')]",
"siteConfig": {
"appSettings": [
{
"name": "FUNCTIONS_WORKER_RUNTIME",
"value": "dotnet"
},
{
"name": "FUNCTIONS_EXTENSION_VERSION",
"value": "~3"
},
{
"name": "AzureWebJobsStorage",
"value": "[concat('DefaultEndpointsProtocol=https;AccountName=', parameters('storage-log-account-name'), ';AccountKey=', parameters('storage-log-account-key'))]"
},
{
"name": "APPINSIGHTS_INSTRUMENTATIONKEY",
"value": "[reference(resourceId('microsoft.insights/components/', parameters('app-insights-name')), '2015-05-01').InstrumentationKey]"
}
]
},
"serverFarmId": "[resourceId('Microsoft.Web/serverfarms', parameters('appservice-name'))]",
"clientAffinityEnabled": false
}
}
],
"outputs": {
}
}

28
solution/Deployment/arm/KeyVault.bicep
Просмотреть файл

@ -1,28 +0,0 @@
@description('Location for all resources.')
param location string = ''
@description('kv')
param keyvault_name string = 'kv'
@description('kv')
param tenant_id string = 'kv'
resource keyvault_name_resource 'Microsoft.KeyVault/vaults@2018-02-14' = {
name: keyvault_name
location: location
properties: {
enabledForDeployment: true
enabledForDiskEncryption: true
enabledForTemplateDeployment: true
tenantId: tenant_id
accessPolicies: []
sku: {
name: 'standard'
family: 'A'
}
networkAcls: {
defaultAction: 'Allow'
bypass: 'AzureServices'
}
}
}

50
solution/Deployment/arm/KeyVault.json
Просмотреть файл

@ -1,50 +0,0 @@
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "Location for all resources."
}
},
"keyvault-name": {
"type": "string",
"defaultValue": "kv",
"metadata": {
"description": "kv"
}
},
"tenant-id": {
"type": "string",
"defaultValue": "kv",
"metadata": {
"description": "kv"
}
}
},
"resources": [{
"type": "Microsoft.KeyVault/vaults",
"name": "[parameters('keyvault-name')]",
"apiVersion": "2018-02-14",
"location": "[parameters('location')]",
"properties": {
"enabledForDeployment": true,
"enabledForDiskEncryption":true,
"enabledForTemplateDeployment": true,
"tenantId": "[parameters('tenant-id')]",
"accessPolicies": [
],
"sku": {
"name": "standard",
"family": "A"
},
"networkAcls": {
"defaultAction": "Allow",
"bypass": "AzureServices"
}
}
}],
"outputs":{}
}

36
solution/Deployment/arm/LogAnalytics.bicep
Просмотреть файл

@ -1,36 +0,0 @@
@description('Location for all resources.')
param location string = resourceGroup().location
param workspaces_adsgofastloganalytics_name string = 'adsloganalytics'
@description('Pricing tier: PerGB2018 or legacy tiers (Free, Standalone, PerNode, Standard or Premium) which are not available to all customers.')
@allowed([
'pergb2018'
'Free'
'Standalone'
'PerNode'
'Standard'
'Premium'
])
param log_analytics_sku string = 'pergb2018'
@description('Number of days to retain data.')
param log_analytics_retentionInDays int = 30
@description('true to use resource or workspace permissions. false to require workspace permissions.')
param log_analytics_resourcePermissions bool = false
resource workspaces_adsgofastloganalytics_name_resource 'microsoft.operationalinsights/workspaces@2020-08-01' = {
name: workspaces_adsgofastloganalytics_name
location: location
properties: {
sku: {
name: log_analytics_sku
}
retentionInDays: log_analytics_retentionInDays
features: {
searchVersion: 1
legacy: 0
enableLogAccessUsingOnlyResourcePermissions: log_analytics_resourcePermissions
}
}
}

69
solution/Deployment/arm/LogAnalytics.json
Просмотреть файл

@ -1,69 +0,0 @@
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "Location for all resources."
}
},
"workspaces_adsgofastloganalytics_name": {
"defaultValue": "adsloganalytics",
"type": "String"
},
"log-analytics-sku": {
"type": "string",
"allowedValues": [
"pergb2018",
"Free",
"Standalone",
"PerNode",
"Standard",
"Premium"
],
"defaultValue": "pergb2018",
"metadata": {
"description": "Pricing tier: PerGB2018 or legacy tiers (Free, Standalone, PerNode, Standard or Premium) which are not available to all customers."
}
},
"log-analytics-retentionInDays": {
"type": "int",
"defaultValue": 30,
"metadata": {
"description": "Number of days to retain data."
}
},
"log-analytics-resourcePermissions": {
"type": "bool",
"defaultValue": false,
"metadata": {
"description": "true to use resource or workspace permissions. false to require workspace permissions."
}
}
},
"resources": [
{
"type": "microsoft.operationalinsights/workspaces",
"apiVersion": "2020-08-01",
"name": "[parameters('workspaces_adsgofastloganalytics_name')]",
"location": "[parameters('location')]",
"properties": {
"sku": {
"name": "[parameters('log-analytics-sku')]"
},
"retentionInDays": "[parameters('log-analytics-retentionInDays')]",
"features": {
"searchVersion": 1,
"legacy": 0,
"enableLogAccessUsingOnlyResourcePermissions": "[parameters('log-analytics-resourcePermissions')]"
}
}
}
],
"outputs": {
}
}

107
solution/Deployment/arm/Networking.bicep
Просмотреть файл

@ -1,107 +0,0 @@
@description('Location for all resources.')
param location string = resourceGroup().location
@description('Name of Azure Bastion resource')
param vnet_name string = 'adsgofast-vnet'
@description('Bastion subnet IP prefix MUST be within vnet IP prefix address space')
param vnet_address_prefix string = '10.1.0.0/16'
@description('Bastion subnet IP prefix MUST be within vnet IP prefix address space')
param bastion_subnet_ip_prefix string = '10.1.1.0/27'
@description('Bastion subnet IP prefix MUST be within vnet IP prefix address space')
param data_subnet_ip_prefix string = '10.1.2.0/27'
@description('Name of Azure Bastion resource')
param bastion_host_name string = 'azure-bastion-ads-go-fast'
var bastion_subnet_name = 'AzureBastionSubnet'
var data_subnet_name = 'Data'
var public_ip_address_name_bastion_var = '${bastion_host_name}-pip'
resource public_ip_address_name_bastion 'Microsoft.Network/publicIpAddresses@2019-02-01' = {
name: public_ip_address_name_bastion_var
location: location
sku: {
name: 'Standard'
}
properties: {
publicIPAllocationMethod: 'Static'
}
}
resource vnet_name_resource 'Microsoft.Network/virtualNetworks@2019-02-01' = {
name: vnet_name
location: location
properties: {
addressSpace: {
addressPrefixes: [
vnet_address_prefix
]
}
subnets: [
{
name: bastion_subnet_name
properties: {
addressPrefix: bastion_subnet_ip_prefix
}
}
{
name: data_subnet_name
properties: {
addressPrefix: data_subnet_ip_prefix
}
}
]
}
}
resource vnet_name_bastion_subnet_name 'Microsoft.Network/virtualNetworks/subnets@2019-02-01' = {
parent: vnet_name_resource
name: '${bastion_subnet_name}'
location: location
properties: {
addressPrefix: bastion_subnet_ip_prefix
}
dependsOn: [
vnet_name_data_subnet_name
]
}
resource vnet_name_data_subnet_name 'Microsoft.Network/virtualNetworks/subnets@2019-02-01' = {
parent: vnet_name_resource
name: '${data_subnet_name}'
location: location
properties: {
addressPrefix: data_subnet_ip_prefix
serviceEndpoints: [
{
service: 'Microsoft.Sql'
}
]
}
}
resource bastion_host_name_resource 'Microsoft.Network/bastionHosts@2019-04-01' = {
name: bastion_host_name
location: location
properties: {
ipConfigurations: [
{
name: 'IpConf'
properties: {
subnet: {
id: vnet_name_bastion_subnet_name.id
}
publicIPAddress: {
id: public_ip_address_name_bastion.id
}
}
}
]
}
dependsOn: [
vnet_name_resource
]
}

210
solution/Deployment/arm/Networking.json
Просмотреть файл

@ -1,210 +0,0 @@
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "Location for all resources."
}
},
"vnet-name": {
"type": "string",
"defaultValue": "adsgofast-vnet",
"metadata": {
"description": "Name of Azure Bastion resource"
}
},
"vnet-address-prefix": {
"type": "string",
"defaultValue": "10.1.0.0/16",
"metadata": {
"description": "Bastion subnet IP prefix MUST be within vnet IP prefix address space"
}
},
"bastion-subnet-ip-prefix": {
"type": "string",
"defaultValue": "10.1.1.0/27",
"metadata": {
"description": "Bastion subnet IP prefix MUST be within vnet IP prefix address space"
}
},
"data-subnet-ip-prefix": {
"type": "string",
"defaultValue": "10.1.2.0/27",
"metadata": {
"description": "Data subnet IP prefix MUST be within vnet IP prefix address space"
}
},
"webapp-subnet-ip-prefix": {
"type": "string",
"defaultValue": "10.1.3.0/27",
"metadata": {
"description": "Web App subnet IP prefix MUST be within vnet IP prefix address space"
}
},
"funcapp-subnet-ip-prefix": {
"type": "string",
"defaultValue": "10.1.4.0/27",
"metadata": {
"description": "Function App subnet IP prefix MUST be within vnet IP prefix address space"
}
},
"bastion-host-name": {
"type": "string",
"defaultValue": "azure-bastion-ads-go-fast",
"metadata": {
"description": "Name of Azure Bastion resource"
}
},
"bastion-subnet-name": {
"type": "string",
"defaultValue": "AzureBastionSubnet",
"metadata": {
"description": "Name of Azure Bastion Subnet"
}
},
"data-subnet-name": {
"type": "string",
"defaultValue": "Data",
"metadata": {
"description": "Name of Data Subnet"
}
},
"webapp-subnet-name": {
"type": "string",
"defaultValue": "WebApp",
"metadata": {
"description": "Name of Web App Subnet. vNet integration in WebApp requires an empty Subnet."
}
},
"funcapp-subnet-name": {
"type": "string",
"defaultValue": "FuncApp",
"metadata": {
"description": "Name of Function App Subnet."
}
}
},
"variables": {
"bastion-subnet-name": "[parameters('bastion-subnet-name')]",
"data-subnet-name": "[parameters('data-subnet-name')]",
"webapp-subnet-name": "[parameters('webapp-subnet-name')]",
"funcapp-subnet-name": "[parameters('funcapp-subnet-name')]",
"public-ip-address-name-bastion": "[concat(parameters('bastion-host-name'),'-pip')]"
},
"resources": [
{
"apiVersion": "2019-02-01",
"type": "Microsoft.Network/publicIpAddresses",
"name": "[variables('public-ip-address-name-bastion')]",
"location": "[parameters('location')]",
"sku": {
"name": "Standard"
},
"properties": {
"publicIPAllocationMethod": "Static"
}
},
{
"apiVersion": "2019-02-01",
"name": "[parameters('vnet-name')]",
"type": "Microsoft.Network/virtualNetworks",
"location": "[parameters('location')]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"[parameters('vnet-address-prefix')]"
]
},
"subnets": [
{
"name": "[variables('bastion-subnet-name')]",
"properties": {
"addressPrefix": "[parameters('bastion-subnet-ip-prefix')]"
}
},
{
"name": "[variables('data-subnet-name')]",
"properties": {
"addressPrefix": "[parameters('data-subnet-ip-prefix')]"
}
},
{
"name": "[variables('webapp-subnet-name')]",
"properties": {
"addressPrefix": "[parameters('webapp-subnet-ip-prefix')]"
}
},
{
"name": "[variables('funcapp-subnet-name')]",
"properties": {
"addressPrefix": "[parameters('funcapp-subnet-ip-prefix')]"
}
}
]
}
},
{
"apiVersion": "2019-02-01",
"type": "Microsoft.Network/virtualNetworks/subnets",
"name": "[concat(parameters('vnet-name'), '/', variables('bastion-subnet-name'))]",
"dependsOn": [
"[resourceId('Microsoft.Network/virtualNetworks', parameters('vnet-name'))]",
"[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('vnet-name'), variables('data-subnet-name'))]"
],
"location": "[parameters('location')]",
"properties": {
"addressPrefix": "[parameters('bastion-subnet-ip-prefix')]"
}
},
{
"apiVersion": "2019-02-01",
"type": "Microsoft.Network/virtualNetworks/subnets",
"name": "[concat(parameters('vnet-name'), '/', variables('data-subnet-name'))]",
"dependsOn": [
"[resourceId('Microsoft.Network/virtualNetworks', parameters('vnet-name'))]"
],
"location": "[parameters('location')]",
"properties": {
"addressPrefix": "[parameters('data-subnet-ip-prefix')]",
"serviceEndpoints": [
{
"service": "Microsoft.Sql"
}
]
}
},
{
"apiVersion": "2019-04-01",
"type": "Microsoft.Network/bastionHosts",
"name": "[parameters('bastion-host-name')]",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('Microsoft.Network/publicIpAddresses', variables('public-ip-address-name-bastion'))]",
"[resourceId('Microsoft.Network/virtualNetworks', parameters('vnet-name'))]",
"[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('vnet-name'), variables('bastion-subnet-name'))]"
],
"properties": {
"ipConfigurations": [
{
"name": "IpConf",
"properties": {
"subnet": {
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('vnet-name'), variables('bastion-subnet-name'))]"
},
"publicIPAddress": {
"id": "[resourceId('Microsoft.Network/publicIpAddresses', variables('public-ip-address-name-bastion'))]"
}
}
}
]
}
}
],
"outputs": {
}
}

53
solution/Deployment/arm/Storage_ADLS.bicep
Просмотреть файл

@ -1,53 +0,0 @@
@description('Location for all resources.')
param location string = ''
@description('')
param storage_account_name string = 'adsgfadls'
@description('datalakelanding')
param storage_landing_container_name string = 'datalakelanding'
@description('datalakeraw')
param storage_raw_container_name string = 'datalakeraw'
@description('')
param storage_account_sku string = 'Standard_GRS'
resource storage_account_name_resource 'Microsoft.Storage/storageAccounts@2019-04-01' = {
location: location
name: storage_account_name
kind: 'StorageV2'
sku: {
name: storage_account_sku
}
properties: {
encryption: {
keySource: 'Microsoft.Storage'
services: {
blob: {
enabled: true
}
file: {
enabled: true
}
}
}
isHnsEnabled: true
supportsHttpsTrafficOnly: true
accessTier: 'Hot'
}
}
resource storage_account_name_default_storage_landing_container_name 'Microsoft.Storage/storageAccounts/blobServices/containers@2019-06-01' = {
name: '${storage_account_name}/default/${storage_landing_container_name}'
dependsOn: [
storage_account_name_resource
]
}
resource storage_account_name_default_storage_raw_container_name 'Microsoft.Storage/storageAccounts/blobServices/containers@2019-06-01' = {
name: '${storage_account_name}/default/${storage_raw_container_name}'
dependsOn: [
storage_account_name_resource
]
}

89
solution/Deployment/arm/Storage_ADLS.json
Просмотреть файл

@ -1,89 +0,0 @@
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "Location for all resources."
}
},
"storage-account-name": {
"type": "String",
"defaultValue": "adsgfadls",
"metadata": {
"description": ""
}
},
"storage-landing-container-name": {
"type": "String",
"defaultValue": "datalakelanding",
"metadata": {
"description": "datalakelanding"
}
},
"storage-raw-container-name": {
"type": "String",
"defaultValue": "datalakeraw",
"metadata": {
"description": "datalakeraw"
}
},
"storage-account-sku": {
"type": "String",
"defaultValue": "Standard_GRS",
"metadata": {
"description": ""
}
}
},
"resources": [
{
"type": "Microsoft.Storage/storageAccounts",
"apiVersion": "2019-04-01",
"location": "[parameters('location')]",
"name": "[parameters('storage-account-name')]",
"kind": "StorageV2",
"sku": {
"name": "[parameters('storage-account-sku')]"
},
"properties": {
"encryption": {
"keySource": "Microsoft.Storage",
"services": {
"blob": {
"enabled": true
},
"file": {
"enabled": true
}
}
},
"isHnsEnabled": true,
"supportsHttpsTrafficOnly": true,
"accessTier": "Hot"
},
"resources": [
{
"type": "blobServices/containers",
"apiVersion": "2019-06-01",
"name": "[concat('default/', parameters('storage-landing-container-name'))]",
"dependsOn": [
"[parameters('storage-account-name')]"
]
},
{
"type": "blobServices/containers",
"apiVersion": "2019-06-01",
"name": "[concat('default/', parameters('storage-raw-container-name'))]",
"dependsOn": [
"[parameters('storage-account-name')]"
]
}
]
}
],
"outputs": {
}
}

53
solution/Deployment/arm/Storage_Blob.bicep
Просмотреть файл

@ -1,53 +0,0 @@
@description('Location for all resources.')
param location string = ''
@description('')
param storage_account_name string = 'adsgfadls'
@description('')
param storage_landing_container_name string = 'datalakelanding'
@description('')
param storage_raw_container_name string = 'datalakeraw'
@description('')
param storage_account_sku string = 'Standard_GRS'
resource storage_account_name_resource 'Microsoft.Storage/storageAccounts@2019-04-01' = {
location: location
name: storage_account_name
kind: 'StorageV2'
sku: {
name: storage_account_sku
}
properties: {
encryption: {
keySource: 'Microsoft.Storage'
services: {
blob: {
enabled: true
}
file: {
enabled: true
}
}
}
isHnsEnabled: false
supportsHttpsTrafficOnly: true
accessTier: 'Hot'
}
}
resource storage_account_name_default_storage_landing_container_name 'Microsoft.Storage/storageAccounts/blobServices/containers@2019-06-01' = {
name: '${storage_account_name}/default/${storage_landing_container_name}'
dependsOn: [
storage_account_name_resource
]
}
resource storage_account_name_default_storage_raw_container_name 'Microsoft.Storage/storageAccounts/blobServices/containers@2019-06-01' = {
name: '${storage_account_name}/default/${storage_raw_container_name}'
dependsOn: [
storage_account_name_resource
]
}

89
solution/Deployment/arm/Storage_Blob.json
Просмотреть файл

@ -1,89 +0,0 @@
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "Location for all resources."
}
},
"storage-account-name": {
"type": "String",
"defaultValue": "adsgfadls",
"metadata": {
"description": ""
}
},
"storage-landing-container-name": {
"type": "String",
"defaultValue": "datalakelanding",
"metadata": {
"description": ""
}
},
"storage-raw-container-name": {
"type": "String",
"defaultValue": "datalakeraw",
"metadata": {
"description": ""
}
},
"storage-account-sku": {
"type": "String",
"defaultValue": "Standard_GRS",
"metadata": {
"description": ""
}
}
},
"resources": [
{
"type": "Microsoft.Storage/storageAccounts",
"apiVersion": "2019-04-01",
"location": "[parameters('location')]",
"name": "[parameters('storage-account-name')]",
"kind": "StorageV2",
"sku": {
"name": "[parameters('storage-account-sku')]"
},
"properties": {
"encryption": {
"keySource": "Microsoft.Storage",
"services": {
"blob": {
"enabled": true
},
"file": {
"enabled": true
}
}
},
"isHnsEnabled": false,
"supportsHttpsTrafficOnly": true,
"accessTier": "Hot"
},
"resources": [
{
"type": "blobServices/containers",
"apiVersion": "2019-06-01",
"name": "[concat('default/', parameters('storage-landing-container-name'))]",
"dependsOn": [
"[parameters('storage-account-name')]"
]
},
{
"type": "blobServices/containers",
"apiVersion": "2019-06-01",
"name": "[concat('default/', parameters('storage-raw-container-name'))]",
"dependsOn": [
"[parameters('storage-account-name')]"
]
}
]
}
],
"outputs": {
}
}

21
solution/Deployment/arm/Storage_Logging.bicep
Просмотреть файл

@ -1,21 +0,0 @@
@description('Location for all resources.')
param location string = ''
@description('The name of the Log Store account to create.')
param storage_log_account_name string = 'logstg'
resource storage_log_account_name_resource 'Microsoft.Storage/storageAccounts@2019-06-01' = {
name: storage_log_account_name
location: location
kind: 'StorageV2'
sku: {
name: 'Standard_LRS'
tier: 'Standard'
}
properties: {
accessTier: 'Hot'
}
}
output stringSubcriptionId string = subscription().id
output stringLogStorageAccount string = storage_log_account_name

46
solution/Deployment/arm/Storage_Logging.json
Просмотреть файл

@ -1,46 +0,0 @@
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "Location for all resources."
}
},
"storage-log-account-name": {
"type": "String",
"defaultValue": "logstg",
"metadata": {
"description": "The name of the Log Store account to create."
}
}
},
"resources": [
{
"type": "Microsoft.Storage/storageAccounts",
"name": "[parameters('storage-log-account-name')]",
"apiVersion": "2019-06-01",
"location": "[parameters('location')]",
"kind": "StorageV2",
"sku": {
"name": "Standard_LRS",
"tier": "Standard"
},
"properties": {
"accessTier": "Hot"
}
}
],
"outputs": {
"stringSubcriptionId": {
"type": "string",
"value": "[subscription().id]"
},
"stringLogStorageAccount": {
"type": "string",
"value": "[parameters('storage-log-account-name')]"
}
}
}

254
solution/Deployment/arm/VirtualMachine.bicep
Просмотреть файл

@ -1,254 +0,0 @@
@description('Location for all resources.')
param location string = resourceGroup().location
@description('The size of the VM')
param adf_ir_vm_size string = 'Standard_D4s_v3'
@description('Username for the Virtual Machine.')
param adf_ir_vm_admin_username string = 'adsgofastadmin'
@description('Password for the Virtual Machine. The password must be at least 12 characters long and have lower case, upper characters, digit and a special character (Regex match)')
@secure()
param adf_ir_vm_admin_password string
@description('Defines the type of storage account to use for the data lake store')
@allowed([
'Standard_LRS'
'Standard_ZRS'
'Standard_GRS'
'Standard_RAGRS'
])
param os_disk_type_adfir_vm string = 'Standard_LRS'
param adf_ir_onp_vm_name string
@description('Windows Server and SQL Offer')
@allowed([
'sql2019-ws2019'
'sql2017-ws2019'
'SQL2017-WS2016'
'SQL2016SP1-WS2016'
'SQL2016SP2-WS2016'
'SQL2014SP3-WS2012R2'
'SQL2014SP2-WS2012R2'
])
param imageOffer string = 'sql2019-ws2019'
@description('SQL Server Sku')
@allowed([
'Standard'
'Enterprise'
'SQLDEV'
'Web'
'Express'
])
param sqlSku string = 'Standard'
@description('Amount of data disks (1TB each) for SQL Data files')
@minValue(1)
@maxValue(8)
param sqlDataDisksCount int = 1
@description('Amount of data disks (1TB each) for SQL Log files')
@minValue(1)
@maxValue(8)
param sqlLogDisksCount int = 1
@description('SQL Server Workload Type')
@allowed([
'General'
'OLTP'
'DW'
])
param storageWorkloadType string = 'General'
@description('Path for SQL Data files. Please choose drive letter from F to Z, and other drives from A to E are reserved for system')
param dataPath string = 'F:\\SQLData'
@description('Path for SQL Log files. Please choose drive letter from F to Z and different than the one used for SQL data. Drive letter from A to E are reserved for system')
param logPath string = 'G:\\SQLLog'
@description('Name of Azure Bastion resource')
param vnet_name string = 'adsgofast-vnet'
var adf_ir_vm_name_var = take('IR-Az-${uniqueString(resourceGroup().id)}-VM', 15)
var adf_ir_az_network_interface_name_var = '${adf_ir_vm_name_var}NetInt'
var adf_ir_onp_network_interface_name_var = '${adf_ir_onp_vm_name}NetInt'
var dataDisks = {
createOption: 'empty'
caching: 'ReadOnly'
writeAcceleratorEnabled: false
storageAccountType: 'Premium_LRS'
diskSizeGB: 1023
}
var diskConfigurationType = 'NEW'
var dataDisksLuns = array(range(0, sqlDataDisksCount))
var logDisksLuns = array(range(sqlDataDisksCount, sqlLogDisksCount))
var tempDbPath = 'D:\\SQLTemp'
var data_subnet_name = 'Data'
resource adf_ir_az_network_interface_name 'Microsoft.Network/networkInterfaces@2019-09-01' = {
name: adf_ir_az_network_interface_name_var
location: location
tags: {
displayName: adf_ir_az_network_interface_name_var
}
properties: {
ipConfigurations: [
{
name: 'ipConfig1'
properties: {
privateIPAllocationMethod: 'Dynamic'
subnet: {
id: resourceId('Microsoft.Network/virtualNetworks/subnets', vnet_name, data_subnet_name)
}
}
}
]
}
dependsOn: []
}
resource adf_ir_onp_network_interface_name 'Microsoft.Network/networkInterfaces@2019-09-01' = {
name: adf_ir_onp_network_interface_name_var
location: location
tags: {
displayName: adf_ir_onp_network_interface_name_var
}
properties: {
ipConfigurations: [
{
name: 'ipConfig1'
properties: {
privateIPAllocationMethod: 'Dynamic'
subnet: {
id: resourceId('Microsoft.Network/virtualNetworks/subnets', vnet_name, data_subnet_name)
}
}
}
]
}
dependsOn: []
}
resource adf_ir_vm_name 'Microsoft.Compute/virtualMachines@2019-07-01' = {
name: adf_ir_vm_name_var
location: location
tags: {
displayName: adf_ir_vm_name_var
}
properties: {
hardwareProfile: {
vmSize: adf_ir_vm_size
}
osProfile: {
computerName: adf_ir_vm_name_var
adminUsername: adf_ir_vm_admin_username
adminPassword: adf_ir_vm_admin_password
}
storageProfile: {
imageReference: {
publisher: 'MicrosoftWindowsServer'
offer: 'WindowsServer'
sku: '2019-Datacenter'
version: 'latest'
}
osDisk: {
name: '${adf_ir_vm_name_var}OsDisk'
caching: 'ReadWrite'
createOption: 'FromImage'
managedDisk: {
storageAccountType: os_disk_type_adfir_vm
}
diskSizeGB: 128
}
}
networkProfile: {
networkInterfaces: [
{
id: adf_ir_az_network_interface_name.id
}
]
}
}
}
resource adf_ir_onp_vm_name_resource 'Microsoft.Compute/virtualMachines@2019-07-01' = {
name: adf_ir_onp_vm_name
location: location
tags: {
displayName: adf_ir_onp_vm_name
}
properties: {
hardwareProfile: {
vmSize: adf_ir_vm_size
}
osProfile: {
computerName: adf_ir_onp_vm_name
adminUsername: adf_ir_vm_admin_username
adminPassword: adf_ir_vm_admin_password
windowsConfiguration: {
enableAutomaticUpdates: true
provisionVMAgent: true
}
}
storageProfile: {
imageReference: {
publisher: 'MicrosoftSQLServer'
offer: imageOffer
sku: sqlSku
version: 'latest'
}
osDisk: {
name: '${adf_ir_onp_vm_name}OsDisk'
caching: 'ReadWrite'
createOption: 'FromImage'
managedDisk: {
storageAccountType: os_disk_type_adfir_vm
}
diskSizeGB: 128
}
dataDisks: [for j in range(0, (sqlDataDisksCount + sqlLogDisksCount)): {
lun: j
createOption: dataDisks.createOption
caching: ((j >= sqlDataDisksCount) ? 'None' : dataDisks.caching)
writeAcceleratorEnabled: dataDisks.writeAcceleratorEnabled
diskSizeGB: dataDisks.diskSizeGB
managedDisk: {
storageAccountType: dataDisks.storageAccountType
}
}]
}
networkProfile: {
networkInterfaces: [
{
id: adf_ir_onp_network_interface_name.id
}
]
}
}
}
resource Microsoft_SqlVirtualMachine_SqlVirtualMachines_adf_ir_onp_vm_name 'Microsoft.SqlVirtualMachine/SqlVirtualMachines@2017-03-01-preview' = {
name: adf_ir_onp_vm_name
location: location
properties: {
virtualMachineResourceId: adf_ir_onp_vm_name_resource.id
sqlManagement: 'Full'
sqlServerLicenseType: 'PAYG'
storageConfigurationSettings: {
diskConfigurationType: diskConfigurationType
storageWorkloadType: storageWorkloadType
sqlDataSettings: {
luns: dataDisksLuns
defaultFilePath: dataPath
}
sqlLogSettings: {
luns: logDisksLuns
defaultFilePath: logPath
}
sqlTempDbSettings: {
defaultFilePath: tempDbPath
}
}
}
}

342
solution/Deployment/arm/VirtualMachine.json
Просмотреть файл

@ -1,342 +0,0 @@
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "Location for all resources."
}
},
"adf-ir-vm-size": {
"type": "string",
"defaultValue": "Standard_D4s_v3",
"metadata": {
"description": "The size of the VM"
}
},
"adf-ir-vm-admin-username": {
"type": "string",
"defaultValue": "adsgofastadmin",
"metadata": {
"description": "Username for the Virtual Machine."
}
},
"adf-ir-vm-admin-password": {
"type": "secureString",
"metadata": {
"description": "Password for the Virtual Machine. The password must be at least 12 characters long and have lower case, upper characters, digit and a special character (Regex match)"
}
},
"os-disk-type-adfir-vm": {
"type": "string",
"defaultValue": "Standard_LRS",
"allowedValues": [
"Standard_LRS",
"Standard_ZRS",
"Standard_GRS",
"Standard_RAGRS"
],
"metadata": {
"description": "Defines the type of storage account to use for the data lake store"
}
},
"adf-ir-onp-vm-name": {
"type": "String"
},
"imageOffer": {
"type": "String",
"defaultValue": "sql2019-ws2019",
"allowedValues": [
"sql2019-ws2019",
"sql2017-ws2019",
"SQL2017-WS2016",
"SQL2016SP1-WS2016",
"SQL2016SP2-WS2016",
"SQL2014SP3-WS2012R2",
"SQL2014SP2-WS2012R2"
],
"metadata": {
"description": "Windows Server and SQL Offer"
}
},
"sqlSku": {
"type": "String",
"defaultValue": "Standard",
"allowedValues": [
"Standard",
"Enterprise",
"SQLDEV",
"Web",
"Express"
],
"metadata": {
"description": "SQL Server Sku"
}
},
"sqlDataDisksCount": {
"type": "int",
"defaultValue": 1,
"minValue": 1,
"maxValue": 8,
"metadata": {
"description": "Amount of data disks (1TB each) for SQL Data files"
}
},
"sqlLogDisksCount": {
"type": "int",
"defaultValue": 1,
"minValue": 1,
"maxValue": 8,
"metadata": {
"description": "Amount of data disks (1TB each) for SQL Log files"
}
},
"storageWorkloadType": {
"type": "String",
"defaultValue": "General",
"allowedValues": [
"General",
"OLTP",
"DW"
],
"metadata": {
"description": "SQL Server Workload Type"
}
},
"dataPath": {
"type": "String",
"defaultValue": "F:\\SQLData",
"metadata": {
"description": "Path for SQL Data files. Please choose drive letter from F to Z, and other drives from A to E are reserved for system"
}
},
"logPath": {
"type": "String",
"defaultValue": "G:\\SQLLog",
"metadata": {
"description": "Path for SQL Log files. Please choose drive letter from F to Z and different than the one used for SQL data. Drive letter from A to E are reserved for system"
}
},
"vnet-name": {
"type": "string",
"defaultValue": "adsgofast-vnet",
"metadata": {
"description": "Name of Azure Bastion resource"
}
}
},
"variables": {
"adf-ir-vm-name": "[take(concat('IR-Az-', uniqueString(resourceGroup().id),'-VM'),15)]",
"adf-ir-az-network-interface-name": "[concat(variables('adf-ir-vm-name'),'NetInt')]",
"adf-ir-onp-network-interface-name": "[concat(parameters('adf-ir-onp-vm-name'),'NetInt')]",
"dataDisks": {
"createOption": "empty",
"caching": "ReadOnly",
"writeAcceleratorEnabled": false,
"storageAccountType": "Premium_LRS",
"diskSizeGB": 1023
},
"diskConfigurationType": "NEW",
"dataDisksLuns": "[array(range(0 ,parameters('sqlDataDisksCount')))]",
"logDisksLuns": "[array(range(parameters('sqlDataDisksCount'), parameters('sqlLogDisksCount')))]",
"tempDbPath": "D:\\SQLTemp",
"data-subnet-name": "Data"
},
"resources": [
{
"type": "Microsoft.Network/networkInterfaces",
"apiVersion": "2019-09-01",
"name": "[variables('adf-ir-az-network-interface-name')]",
"location": "[parameters('location')]",
"dependsOn": [
],
"tags": {
"displayName": "[variables('adf-ir-az-network-interface-name')]"
},
"properties": {
"ipConfigurations": [
{
"name": "ipConfig1",
"properties": {
"privateIPAllocationMethod": "Dynamic",
"subnet": {
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('vnet-name'), variables('data-subnet-name'))]"
}
}
}
]
}
},
{
"type": "Microsoft.Network/networkInterfaces",
"apiVersion": "2019-09-01",
"name": "[variables('adf-ir-onp-network-interface-name')]",
"location": "[parameters('location')]",
"dependsOn": [
],
"tags": {
"displayName": "[variables('adf-ir-onp-network-interface-name')]"
},
"properties": {
"ipConfigurations": [
{
"name": "ipConfig1",
"properties": {
"privateIPAllocationMethod": "Dynamic",
"subnet": {
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('vnet-name'), variables('data-subnet-name'))]"
}
}
}
]
}
},
{
"type": "Microsoft.Compute/virtualMachines",
"apiVersion": "2019-07-01",
"name": "[variables('adf-ir-vm-name')]",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('Microsoft.Network/networkInterfaces', variables('adf-ir-az-network-interface-name'))]"
],
"tags": {
"displayName": "[variables('adf-ir-vm-name')]"
},
"properties": {
"hardwareProfile": {
"vmSize": "[parameters('adf-ir-vm-size')]"
},
"osProfile": {
"computerName": "[variables('adf-ir-vm-name')]",
"adminUsername": "[parameters('adf-ir-vm-admin-username')]",
"adminPassword": "[parameters('adf-ir-vm-admin-password')]"
},
"storageProfile": {
"imageReference": {
"publisher": "MicrosoftWindowsServer",
"offer": "WindowsServer",
"sku": "2019-Datacenter",
"version": "latest"
},
"osDisk": {
"name": "[concat(variables('adf-ir-vm-name'),'OsDisk')]",
"caching": "ReadWrite",
"createOption": "FromImage",
"managedDisk": {
"storageAccountType": "[parameters('os-disk-type-adfir-vm')]"
},
"diskSizeGB": 128
}
},
"networkProfile": {
"networkInterfaces": [
{
"id": "[resourceId('Microsoft.Network/networkInterfaces', variables('adf-ir-az-network-interface-name'))]"
}
]
}
}
},
{
"type": "Microsoft.Compute/virtualMachines",
"apiVersion": "2019-07-01",
"name": "[parameters('adf-ir-onp-vm-name')]",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('Microsoft.Network/networkInterfaces', variables('adf-ir-onp-network-interface-name'))]"
],
"tags": {
"displayName": "[parameters('adf-ir-onp-vm-name')]"
},
"properties": {
"hardwareProfile": {
"vmSize": "[parameters('adf-ir-vm-size')]"
},
"osProfile": {
"computerName": "[parameters('adf-ir-onp-vm-name')]",
"adminUsername": "[parameters('adf-ir-vm-admin-username')]",
"adminPassword": "[parameters('adf-ir-vm-admin-password')]",
"windowsConfiguration": {
"enableAutomaticUpdates": true,
"provisionVmAgent": true
}
},
"storageProfile": {
"imageReference": {
"publisher": "MicrosoftSQLServer",
"offer": "[parameters('imageOffer')]",
"sku": "[parameters('sqlSku')]",
"version": "latest"
},
"osDisk": {
"name": "[concat(parameters('adf-ir-onp-vm-name'),'OsDisk')]",
"caching": "ReadWrite",
"createOption": "FromImage",
"managedDisk": {
"storageAccountType": "[parameters('os-disk-type-adfir-vm')]"
},
"diskSizeGB": 128
},
"copy": [
{
"name": "dataDisks",
"count": "[add(parameters('sqlDataDisksCount'), parameters('sqlLogDisksCount'))]",
"input": {
"lun": "[copyIndex('dataDisks')]",
"createOption": "[variables('dataDisks').createOption]",
"caching": "[if(greaterOrEquals(copyIndex('dataDisks'), parameters('sqlDataDisksCount')) ,'None', variables('dataDisks').caching )]",
"writeAcceleratorEnabled": "[variables('dataDisks').writeAcceleratorEnabled]",
"diskSizeGB": "[variables('dataDisks').diskSizeGB]",
"managedDisk": {
"storageAccountType": "[variables('dataDisks').storageAccountType]"
}
}
}
]
},
"networkProfile": {
"networkInterfaces": [
{
"id": "[resourceId('Microsoft.Network/networkInterfaces', variables('adf-ir-onp-network-interface-name'))]"
}
]
}
}
},
{
"type": "Microsoft.SqlVirtualMachine/SqlVirtualMachines",
"apiVersion": "2017-03-01-preview",
"name": "[parameters('adf-ir-onp-vm-name')]",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('Microsoft.Compute/virtualMachines', parameters('adf-ir-onp-vm-name'))]"
],
"properties": {
"virtualMachineResourceId": "[resourceId('Microsoft.Compute/virtualMachines', parameters('adf-ir-onp-vm-name'))]",
"sqlManagement": "Full",
"SqlServerLicenseType": "PAYG",
"StorageConfigurationSettings": {
"DiskConfigurationType": "[variables('diskConfigurationType')]",
"StorageWorkloadType": "[parameters('storageWorkloadType')]",
"SQLDataSettings": {
"LUNs": "[variables('dataDisksLUNs')]",
"DefaultFilePath": "[parameters('dataPath')]"
},
"SQLLogSettings": {
"Luns": "[variables('logDisksLUNs')]",
"DefaultFilePath": "[parameters('logPath')]"
},
"SQLTempDbSettings": {
"DefaultFilePath": "[variables('tempDbPath')]"
}
}
}
}
],
"outputs": {
}
}

42
solution/Deployment/arm/WebApp.bicep
Просмотреть файл

@ -1,42 +0,0 @@
@description('Location for all resources.')
param location string = resourceGroup().location
@description('Resource Group.')
param resource_group_name string = ''
@description('The name of Web Application.')
param sites_AdsGoFastWebApp_name string = 'adsgofastWebApp'
@description('')
param appservice_name string = ''
resource sites_AdsGoFastWebApp_name_resource 'Microsoft.Web/sites@2018-11-01' = {
name: sites_AdsGoFastWebApp_name
location: location
tags: {}
properties: {
name: sites_AdsGoFastWebApp_name
siteConfig: {
appSettings: [
{
name: 'XDT_MicrosoftApplicationInsights_Mode'
value: 'default'
}
{
name: 'ANCM_ADDITIONAL_ERROR_PAGE_LINK'
value: 'https://${sites_AdsGoFastWebApp_name}.scm.azurewebsites.net/detectors?type=tools&name=eventviewer'
}
]
metadata: [
{
name: 'CURRENT_STACK'
value: 'dotnetcore'
}
]
phpVersion: 'OFF'
alwaysOn: true
}
serverFarmId: resourceId('Microsoft.Web/serverfarms', appservice_name)
clientAffinityEnabled: true
}
}

76
solution/Deployment/arm/WebApp.json
Просмотреть файл

@ -1,76 +0,0 @@
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"metadata": {
"_generator": {
"name": "bicep",
"version": "0.4.613.9944",
"templateHash": "4770209531422889309"
}
},
"parameters": {
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "Location for all resources."
}
},
"resource_group_name": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "Resource Group."
}
},
"sites_AdsGoFastWebApp_name": {
"type": "string",
"defaultValue": "adsgofastWebApp",
"metadata": {
"description": "The name of Web Application."
}
},
"appservice_name": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": ""
}
}
},
"functions": [],
"resources": [
{
"type": "Microsoft.Web/sites",
"apiVersion": "2018-11-01",
"name": "[parameters('sites_AdsGoFastWebApp_name')]",
"location": "[parameters('location')]",
"tags": {},
"properties": {
"name": "[parameters('sites_AdsGoFastWebApp_name')]",
"siteConfig": {
"appSettings": [
{
"name": "XDT_MicrosoftApplicationInsights_Mode",
"value": "default"
},
{
"name": "ANCM_ADDITIONAL_ERROR_PAGE_LINK",
"value": "[format('https://{0}.scm.azurewebsites.net/detectors?type=tools&name=eventviewer', parameters('sites_AdsGoFastWebApp_name'))]"
}
],
"metadata": [
{
"name": "CURRENT_STACK",
"value": "dotnetcore"
}
],
"phpVersion": "OFF",
"alwaysOn": true
},
"serverFarmId": "[resourceId('Microsoft.Web/serverfarms', parameters('appservice_name'))]",
"clientAffinityEnabled": true
}
}
]
}

67
solution/Deployment/environments/EditSettings.html
Просмотреть файл

@ -1,67 +0,0 @@
<!DOCTYPE html>
<html>
<head>
<title>Page Title</title>
<script src="https://cdn.jsdelivr.net/npm/@json-editor/json-editor@latest/dist/jsoneditor.min.js"></script>
<link rel="stylesheet" id="theme-link" href="https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css">
<link rel="stylesheet" id="iconlib-link" href="https://use.fontawesome.com/releases/v5.6.1/css/all.css">
</head>
<script src="https://code.jquery.com/jquery-3.5.1.min.js" integrity="sha256-9/aliU8dGd2tb6OSsuzixeV4y/faTqgFtohetphbbj0=" crossorigin="anonymous"></script>
<body>
<h1>Azure Data Services Go Fast Settings Editor</h1>
<button type="button" onclick="WriteValue()" class="btn btn-danger">Click here to update the environment file with the form changes</button>
<div id="json-editor-form" data-theme="bootstrap4"></div>
<script>
const element = document.getElementById('json-editor-form');
var editor;
$.ajax({
url: 'environment.schema.json',
complete: function(schema) {
$.ajax({
url: 'development.json',
complete: function(data) {
LoadEditor(schema, data);
}
});
}
});
function LoadEditor(schema,data)
{
JSONEditor.defaults.options.theme = 'bootstrap4';
// Set an option during instantiation
editor = new JSONEditor(element, {
schema: schema.responseJSON,
theme: 'bootstrap4',
iconlib: "fontawesome5" ,
disable_properties: true,
disable_edit_json: true
});
editor.on('ready',() => {
// Now the api methods will be available
editor.setValue(data.responseJSON);
});
}
function WriteValue()
{
data = editor.getValue();
$.ajax({
url: 'development.json',
method: "PUT",
data: JSON.stringify(data),
complete: function(data) {
}
});
}
</script>
</body>
</html>

872
solution/Deployment/environments/Node/package-lock.json сгенерированный
Просмотреть файл

@ -1,872 +0,0 @@
{
"name": "ads_gofast_configuration_app",
"version": "1.0.0",
"lockfileVersion": 2,
"requires": true,
"packages": {
"": {
"name": "ads_gofast_configuration_app",
"version": "1.0.0",
"dependencies": {
"express": "^4.16.1",
"fs": "0.0.2",
"node-static": "0.7.11",
"path": "0.12.7"
}
},
"node_modules/accepts": {
"version": "1.3.7",
"license": "MIT",
"dependencies": {
"mime-types": "~2.1.24",
"negotiator": "0.6.2"
},
"engines": {
"node": ">= 0.6"
}
},
"node_modules/array-flatten": {
"version": "1.1.1",
"license": "MIT"
},
"node_modules/body-parser": {
"version": "1.19.0",
"resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.19.0.tgz",
"integrity": "sha512-dhEPs72UPbDnAQJ9ZKMNTP6ptJaionhP5cBb541nXPlW60Jepo9RV/a4fX4XWW9CuFNK22krhrj1+rgzifNCsw==",
"dependencies": {
"bytes": "3.1.0",
"content-type": "~1.0.4",
"debug": "2.6.9",
"depd": "~1.1.2",
"http-errors": "1.7.2",
"iconv-lite": "0.4.24",
"on-finished": "~2.3.0",
"qs": "6.7.0",
"raw-body": "2.4.0",
"type-is": "~1.6.17"
},
"engines": {
"node": ">= 0.8"
}
},
"node_modules/bytes": {
"version": "3.1.0",
"resolved": "https://registry.npmjs.org/bytes/-/bytes-3.1.0.tgz",
"integrity": "sha512-zauLjrfCG+xvoyaqLoV8bLVXXNGC4JqlxFCutSDWA6fJrTo2ZuvLYTqZ7aHBLZSMOopbzwv8f+wZcVzfVTI2Dg==",
"engines": {
"node": ">= 0.8"
}
},
"node_modules/colors": {
"version": "1.4.0",
"resolved": "https://registry.npmjs.org/colors/-/colors-1.4.0.tgz",
"integrity": "sha512-a+UqTh4kgZg/SlGvfbzDHpgRu7AAQOmmqRHJnxhRZICKFUT91brVhNNt58CMWU9PsBbv3PDCZUHbVxuDiH2mtA==",
"engines": {
"node": ">=0.1.90"
}
},
"node_modules/content-disposition": {
"version": "0.5.3",
"license": "MIT",
"dependencies": {
"safe-buffer": "5.1.2"
},
"engines": {
"node": ">= 0.6"
}
},
"node_modules/content-type": {
"version": "1.0.4",
"license": "MIT",
"engines": {
"node": ">= 0.6"
}
},
"node_modules/cookie": {
"version": "0.4.0",
"license": "MIT",
"engines": {
"node": ">= 0.6"
}
},
"node_modules/cookie-signature": {
"version": "1.0.6",
"license": "MIT"
},
"node_modules/debug": {
"version": "2.6.9",
"license": "MIT",
"dependencies": {
"ms": "2.0.0"
}
},
"node_modules/depd": {
"version": "1.1.2",
"license": "MIT",
"engines": {
"node": ">= 0.6"
}
},
"node_modules/destroy": {
"version": "1.0.4",
"license": "MIT"
},
"node_modules/ee-first": {
"version": "1.1.1",
"license": "MIT"
},
"node_modules/encodeurl": {
"version": "1.0.2",
"license": "MIT",
"engines": {
"node": ">= 0.8"
}
},
"node_modules/escape-html": {
"version": "1.0.3",
"license": "MIT"
},
"node_modules/etag": {
"version": "1.8.1",
"license": "MIT",
"engines": {
"node": ">= 0.6"
}
},
"node_modules/express": {
"version": "4.17.1",
"resolved": "https://registry.npmjs.org/express/-/express-4.17.1.tgz",
"integrity": "sha512-mHJ9O79RqluphRrcw2X/GTh3k9tVv8YcoyY4Kkh4WDMUYKRZUq0h1o0w2rrrxBqM7VoeUVqgb27xlEMXTnYt4g==",
"dependencies": {
"accepts": "~1.3.7",
"array-flatten": "1.1.1",
"body-parser": "1.19.0",
"content-disposition": "0.5.3",
"content-type": "~1.0.4",
"cookie": "0.4.0",
"cookie-signature": "1.0.6",
"debug": "2.6.9",
"depd": "~1.1.2",
"encodeurl": "~1.0.2",
"escape-html": "~1.0.3",
"etag": "~1.8.1",
"finalhandler": "~1.1.2",
"fresh": "0.5.2",
"merge-descriptors": "1.0.1",
"methods": "~1.1.2",
"on-finished": "~2.3.0",
"parseurl": "~1.3.3",
"path-to-regexp": "0.1.7",
"proxy-addr": "~2.0.5",
"qs": "6.7.0",
"range-parser": "~1.2.1",
"safe-buffer": "5.1.2",
"send": "0.17.1",
"serve-static": "1.14.1",
"setprototypeof": "1.1.1",
"statuses": "~1.5.0",
"type-is": "~1.6.18",
"utils-merge": "1.0.1",
"vary": "~1.1.2"
},
"engines": {
"node": ">= 0.10.0"
}
},
"node_modules/finalhandler": {
"version": "1.1.2",
"license": "MIT",
"dependencies": {
"debug": "2.6.9",
"encodeurl": "~1.0.2",
"escape-html": "~1.0.3",
"on-finished": "~2.3.0",
"parseurl": "~1.3.3",
"statuses": "~1.5.0",
"unpipe": "~1.0.0"
},
"engines": {
"node": ">= 0.8"
}
},
"node_modules/forwarded": {
"version": "0.2.0",
"license": "MIT",
"engines": {
"node": ">= 0.6"
}
},
"node_modules/fresh": {
"version": "0.5.2",
"license": "MIT",
"engines": {
"node": ">= 0.6"
}
},
"node_modules/fs": {
"version": "0.0.2",
"resolved": "https://registry.npmjs.org/fs/-/fs-0.0.2.tgz",
"integrity": "sha1-4fJE7zkzwbKmS9R5kTYGDQ9ZFPg="
},
"node_modules/http-errors": {
"version": "1.7.2",
"license": "MIT",
"dependencies": {
"depd": "~1.1.2",
"inherits": "2.0.3",
"setprototypeof": "1.1.1",
"statuses": ">= 1.5.0 < 2",
"toidentifier": "1.0.0"
},
"engines": {
"node": ">= 0.6"
}
},
"node_modules/iconv-lite": {
"version": "0.4.24",
"resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz",
"integrity": "sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA==",
"dependencies": {
"safer-buffer": ">= 2.1.2 < 3"
},
"engines": {
"node": ">=0.10.0"
}
},
"node_modules/inherits": {
"version": "2.0.3",
"license": "ISC"
},
"node_modules/ipaddr.js": {
"version": "1.9.1",
"license": "MIT",
"engines": {
"node": ">= 0.10"
}
},
"node_modules/media-typer": {
"version": "0.3.0",
"license": "MIT",
"engines": {
"node": ">= 0.6"
}
},
"node_modules/merge-descriptors": {
"version": "1.0.1",
"license": "MIT"
},
"node_modules/methods": {
"version": "1.1.2",
"license": "MIT",
"engines": {
"node": ">= 0.6"
}
},
"node_modules/mime": {
"version": "1.6.0",
"license": "MIT",
"bin": {
"mime": "cli.js"
},
"engines": {
"node": ">=4"
}
},
"node_modules/mime-db": {
"version": "1.51.0",
"license": "MIT",
"engines": {
"node": ">= 0.6"
}
},
"node_modules/mime-types": {
"version": "2.1.34",
"license": "MIT",
"dependencies": {
"mime-db": "1.51.0"
},
"engines": {
"node": ">= 0.6"
}
},
"node_modules/minimist": {
"version": "0.0.10",
"resolved": "https://registry.npmjs.org/minimist/-/minimist-0.0.10.tgz",
"integrity": "sha1-3j+YVD2/lggr5IrRoMfNqDYwHc8="
},
"node_modules/ms": {
"version": "2.0.0",
"license": "MIT"
},
"node_modules/negotiator": {
"version": "0.6.2",
"license": "MIT",
"engines": {
"node": ">= 0.6"
}
},
"node_modules/node-static": {
"version": "0.7.11",
"resolved": "https://registry.npmjs.org/node-static/-/node-static-0.7.11.tgz",
"integrity": "sha512-zfWC/gICcqb74D9ndyvxZWaI1jzcoHmf4UTHWQchBNuNMxdBLJMDiUgZ1tjGLEIe/BMhj2DxKD8HOuc2062pDQ==",
"dependencies": {
"colors": ">=0.6.0",
"mime": "^1.2.9",
"optimist": ">=0.3.4"
},
"bin": {
"static": "bin/cli.js"
},
"engines": {
"node": ">= 0.4.1"
}
},
"node_modules/on-finished": {
"version": "2.3.0",
"license": "MIT",
"dependencies": {
"ee-first": "1.1.1"
},
"engines": {
"node": ">= 0.8"
}
},
"node_modules/optimist": {
"version": "0.6.1",
"resolved": "https://registry.npmjs.org/optimist/-/optimist-0.6.1.tgz",
"integrity": "sha1-2j6nRob6IaGaERwybpDrFaAZZoY=",
"dependencies": {
"minimist": "~0.0.1",
"wordwrap": "~0.0.2"
}
},
"node_modules/parseurl": {
"version": "1.3.3",
"license": "MIT",
"engines": {
"node": ">= 0.8"
}
},
"node_modules/path": {
"version": "0.12.7",
"resolved": "https://registry.npmjs.org/path/-/path-0.12.7.tgz",
"integrity": "sha1-1NwqUGxM4hl+tIHr/NWzbAFAsQ8=",
"dependencies": {
"process": "^0.11.1",
"util": "^0.10.3"
}
},
"node_modules/path-to-regexp": {
"version": "0.1.7",
"license": "MIT"
},
"node_modules/process": {
"version": "0.11.10",
"resolved": "https://registry.npmjs.org/process/-/process-0.11.10.tgz",
"integrity": "sha1-czIwDoQBYb2j5podHZGn1LwW8YI=",
"engines": {
"node": ">= 0.6.0"
}
},
"node_modules/proxy-addr": {
"version": "2.0.7",
"license": "MIT",
"dependencies": {
"forwarded": "0.2.0",
"ipaddr.js": "1.9.1"
},
"engines": {
"node": ">= 0.10"
}
},
"node_modules/qs": {
"version": "6.7.0",
"license": "BSD-3-Clause",
"engines": {
"node": ">=0.6"
}
},
"node_modules/range-parser": {
"version": "1.2.1",
"license": "MIT",
"engines": {
"node": ">= 0.6"
}
},
"node_modules/raw-body": {
"version": "2.4.0",
"resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.4.0.tgz",
"integrity": "sha512-4Oz8DUIwdvoa5qMJelxipzi/iJIi40O5cGV1wNYp5hvZP8ZN0T+jiNkL0QepXs+EsQ9XJ8ipEDoiH70ySUJP3Q==",
"dependencies": {
"bytes": "3.1.0",
"http-errors": "1.7.2",
"iconv-lite": "0.4.24",
"unpipe": "1.0.0"
},
"engines": {
"node": ">= 0.8"
}
},
"node_modules/safe-buffer": {
"version": "5.1.2",
"license": "MIT"
},
"node_modules/safer-buffer": {
"version": "2.1.2",
"resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz",
"integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg=="
},
"node_modules/send": {
"version": "0.17.1",
"license": "MIT",
"dependencies": {
"debug": "2.6.9",
"depd": "~1.1.2",
"destroy": "~1.0.4",
"encodeurl": "~1.0.2",
"escape-html": "~1.0.3",
"etag": "~1.8.1",
"fresh": "0.5.2",
"http-errors": "~1.7.2",
"mime": "1.6.0",
"ms": "2.1.1",
"on-finished": "~2.3.0",
"range-parser": "~1.2.1",
"statuses": "~1.5.0"
},
"engines": {
"node": ">= 0.8.0"
}
},
"node_modules/send/node_modules/ms": {
"version": "2.1.1",
"license": "MIT"
},
"node_modules/serve-static": {
"version": "1.14.1",
"license": "MIT",
"dependencies": {
"encodeurl": "~1.0.2",
"escape-html": "~1.0.3",
"parseurl": "~1.3.3",
"send": "0.17.1"
},
"engines": {
"node": ">= 0.8.0"
}
},
"node_modules/setprototypeof": {
"version": "1.1.1",
"license": "ISC"
},
"node_modules/statuses": {
"version": "1.5.0",
"license": "MIT",
"engines": {
"node": ">= 0.6"
}
},
"node_modules/toidentifier": {
"version": "1.0.0",
"license": "MIT",
"engines": {
"node": ">=0.6"
}
},
"node_modules/type-is": {
"version": "1.6.18",
"license": "MIT",
"dependencies": {
"media-typer": "0.3.0",
"mime-types": "~2.1.24"
},
"engines": {
"node": ">= 0.6"
}
},
"node_modules/unpipe": {
"version": "1.0.0",
"license": "MIT",
"engines": {
"node": ">= 0.8"
}
},
"node_modules/util": {
"version": "0.10.4",
"resolved": "https://registry.npmjs.org/util/-/util-0.10.4.tgz",
"integrity": "sha512-0Pm9hTQ3se5ll1XihRic3FDIku70C+iHUdT/W926rSgHV5QgXsYbKZN8MSC3tJtSkhuROzvsQjAaFENRXr+19A==",
"dependencies": {
"inherits": "2.0.3"
}
},
"node_modules/utils-merge": {
"version": "1.0.1",
"resolved": "https://registry.npmjs.org/utils-merge/-/utils-merge-1.0.1.tgz",
"integrity": "sha1-n5VxD1CiZ5R7LMwSR0HBAoQn5xM=",
"engines": {
"node": ">= 0.4.0"
}
},
"node_modules/vary": {
"version": "1.1.2",
"resolved": "https://registry.npmjs.org/vary/-/vary-1.1.2.tgz",
"integrity": "sha1-IpnwLG3tMNSllhsLn3RSShj2NPw=",
"engines": {
"node": ">= 0.8"
}
},
"node_modules/wordwrap": {
"version": "0.0.3",
"resolved": "https://registry.npmjs.org/wordwrap/-/wordwrap-0.0.3.tgz",
"integrity": "sha1-o9XabNXAvAAI03I0u68b7WMFkQc=",
"engines": {
"node": ">=0.4.0"
}
}
},
"dependencies": {
"accepts": {
"version": "1.3.7",
"requires": {
"mime-types": "~2.1.24",
"negotiator": "0.6.2"
}
},
"array-flatten": {
"version": "1.1.1"
},
"body-parser": {
"version": "1.19.0",
"resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.19.0.tgz",
"integrity": "sha512-dhEPs72UPbDnAQJ9ZKMNTP6ptJaionhP5cBb541nXPlW60Jepo9RV/a4fX4XWW9CuFNK22krhrj1+rgzifNCsw==",
"requires": {
"bytes": "3.1.0",
"content-type": "~1.0.4",
"debug": "2.6.9",
"depd": "~1.1.2",
"http-errors": "1.7.2",
"iconv-lite": "0.4.24",
"on-finished": "~2.3.0",
"qs": "6.7.0",
"raw-body": "2.4.0",
"type-is": "~1.6.17"
}
},
"bytes": {
"version": "3.1.0",
"resolved": "https://registry.npmjs.org/bytes/-/bytes-3.1.0.tgz",
"integrity": "sha512-zauLjrfCG+xvoyaqLoV8bLVXXNGC4JqlxFCutSDWA6fJrTo2ZuvLYTqZ7aHBLZSMOopbzwv8f+wZcVzfVTI2Dg=="
},
"colors": {
"version": "1.4.0",
"resolved": "https://registry.npmjs.org/colors/-/colors-1.4.0.tgz",
"integrity": "sha512-a+UqTh4kgZg/SlGvfbzDHpgRu7AAQOmmqRHJnxhRZICKFUT91brVhNNt58CMWU9PsBbv3PDCZUHbVxuDiH2mtA=="
},
"content-disposition": {
"version": "0.5.3",
"requires": {
"safe-buffer": "5.1.2"
}
},
"content-type": {
"version": "1.0.4"
},
"cookie": {
"version": "0.4.0"
},
"cookie-signature": {
"version": "1.0.6"
},
"debug": {
"version": "2.6.9",
"requires": {
"ms": "2.0.0"
}
},
"depd": {
"version": "1.1.2"
},
"destroy": {
"version": "1.0.4"
},
"ee-first": {
"version": "1.1.1"
},
"encodeurl": {
"version": "1.0.2"
},
"escape-html": {
"version": "1.0.3"
},
"etag": {
"version": "1.8.1"
},
"express": {
"version": "4.17.1",
"resolved": "https://registry.npmjs.org/express/-/express-4.17.1.tgz",
"integrity": "sha512-mHJ9O79RqluphRrcw2X/GTh3k9tVv8YcoyY4Kkh4WDMUYKRZUq0h1o0w2rrrxBqM7VoeUVqgb27xlEMXTnYt4g==",
"requires": {
"accepts": "~1.3.7",
"array-flatten": "1.1.1",
"body-parser": "1.19.0",
"content-disposition": "0.5.3",
"content-type": "~1.0.4",
"cookie": "0.4.0",
"cookie-signature": "1.0.6",
"debug": "2.6.9",
"depd": "~1.1.2",
"encodeurl": "~1.0.2",
"escape-html": "~1.0.3",
"etag": "~1.8.1",
"finalhandler": "~1.1.2",
"fresh": "0.5.2",
"merge-descriptors": "1.0.1",
"methods": "~1.1.2",
"on-finished": "~2.3.0",
"parseurl": "~1.3.3",
"path-to-regexp": "0.1.7",
"proxy-addr": "~2.0.5",
"qs": "6.7.0",
"range-parser": "~1.2.1",
"safe-buffer": "5.1.2",
"send": "0.17.1",
"serve-static": "1.14.1",
"setprototypeof": "1.1.1",
"statuses": "~1.5.0",
"type-is": "~1.6.18",
"utils-merge": "1.0.1",
"vary": "~1.1.2"
}
},
"finalhandler": {
"version": "1.1.2",
"requires": {
"debug": "2.6.9",
"encodeurl": "~1.0.2",
"escape-html": "~1.0.3",
"on-finished": "~2.3.0",
"parseurl": "~1.3.3",
"statuses": "~1.5.0",
"unpipe": "~1.0.0"
}
},
"forwarded": {
"version": "0.2.0"
},
"fresh": {
"version": "0.5.2"
},
"fs": {
"version": "0.0.2",
"resolved": "https://registry.npmjs.org/fs/-/fs-0.0.2.tgz",
"integrity": "sha1-4fJE7zkzwbKmS9R5kTYGDQ9ZFPg="
},
"http-errors": {
"version": "1.7.2",
"requires": {
"depd": "~1.1.2",
"inherits": "2.0.3",
"setprototypeof": "1.1.1",
"statuses": ">= 1.5.0 < 2",
"toidentifier": "1.0.0"
}
},
"iconv-lite": {
"version": "0.4.24",
"resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz",
"integrity": "sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA==",
"requires": {
"safer-buffer": ">= 2.1.2 < 3"
}
},
"inherits": {
"version": "2.0.3"
},
"ipaddr.js": {
"version": "1.9.1"
},
"media-typer": {
"version": "0.3.0"
},
"merge-descriptors": {
"version": "1.0.1"
},
"methods": {
"version": "1.1.2"
},
"mime": {
"version": "1.6.0"
},
"mime-db": {
"version": "1.51.0"
},
"mime-types": {
"version": "2.1.34",
"requires": {
"mime-db": "1.51.0"
}
},
"minimist": {
"version": "0.0.10",
"resolved": "https://registry.npmjs.org/minimist/-/minimist-0.0.10.tgz",
"integrity": "sha1-3j+YVD2/lggr5IrRoMfNqDYwHc8="
},
"ms": {
"version": "2.0.0"
},
"negotiator": {
"version": "0.6.2"
},
"node-static": {
"version": "0.7.11",
"resolved": "https://registry.npmjs.org/node-static/-/node-static-0.7.11.tgz",
"integrity": "sha512-zfWC/gICcqb74D9ndyvxZWaI1jzcoHmf4UTHWQchBNuNMxdBLJMDiUgZ1tjGLEIe/BMhj2DxKD8HOuc2062pDQ==",
"requires": {
"colors": ">=0.6.0",
"mime": "^1.2.9",
"optimist": ">=0.3.4"
}
},
"on-finished": {
"version": "2.3.0",
"requires": {
"ee-first": "1.1.1"
}
},
"optimist": {
"version": "0.6.1",
"resolved": "https://registry.npmjs.org/optimist/-/optimist-0.6.1.tgz",
"integrity": "sha1-2j6nRob6IaGaERwybpDrFaAZZoY=",
"requires": {
"minimist": "~0.0.1",
"wordwrap": "~0.0.2"
}
},
"parseurl": {
"version": "1.3.3"
},
"path": {
"version": "0.12.7",
"resolved": "https://registry.npmjs.org/path/-/path-0.12.7.tgz",
"integrity": "sha1-1NwqUGxM4hl+tIHr/NWzbAFAsQ8=",
"requires": {
"process": "^0.11.1",
"util": "^0.10.3"
}
},
"path-to-regexp": {
"version": "0.1.7"
},
"process": {
"version": "0.11.10",
"resolved": "https://registry.npmjs.org/process/-/process-0.11.10.tgz",
"integrity": "sha1-czIwDoQBYb2j5podHZGn1LwW8YI="
},
"proxy-addr": {
"version": "2.0.7",
"requires": {
"forwarded": "0.2.0",
"ipaddr.js": "1.9.1"
}
},
"qs": {
"version": "6.7.0"
},
"range-parser": {
"version": "1.2.1"
},
"raw-body": {
"version": "2.4.0",
"resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.4.0.tgz",
"integrity": "sha512-4Oz8DUIwdvoa5qMJelxipzi/iJIi40O5cGV1wNYp5hvZP8ZN0T+jiNkL0QepXs+EsQ9XJ8ipEDoiH70ySUJP3Q==",
"requires": {
"bytes": "3.1.0",
"http-errors": "1.7.2",
"iconv-lite": "0.4.24",
"unpipe": "1.0.0"
}
},
"safe-buffer": {
"version": "5.1.2"
},
"safer-buffer": {
"version": "2.1.2",
"resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz",
"integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg=="
},
"send": {
"version": "0.17.1",
"requires": {
"debug": "2.6.9",
"depd": "~1.1.2",
"destroy": "~1.0.4",
"encodeurl": "~1.0.2",
"escape-html": "~1.0.3",
"etag": "~1.8.1",
"fresh": "0.5.2",
"http-errors": "~1.7.2",
"mime": "1.6.0",
"ms": "2.1.1",
"on-finished": "~2.3.0",
"range-parser": "~1.2.1",
"statuses": "~1.5.0"
},
"dependencies": {
"ms": {
"version": "2.1.1"
}
}
},
"serve-static": {
"version": "1.14.1",
"requires": {
"encodeurl": "~1.0.2",
"escape-html": "~1.0.3",
"parseurl": "~1.3.3",
"send": "0.17.1"
}
},
"setprototypeof": {
"version": "1.1.1"
},
"statuses": {
"version": "1.5.0"
},
"toidentifier": {
"version": "1.0.0"
},
"type-is": {
"version": "1.6.18",
"requires": {
"media-typer": "0.3.0",
"mime-types": "~2.1.24"
}
},
"unpipe": {
"version": "1.0.0"
},
"util": {
"version": "0.10.4",
"resolved": "https://registry.npmjs.org/util/-/util-0.10.4.tgz",
"integrity": "sha512-0Pm9hTQ3se5ll1XihRic3FDIku70C+iHUdT/W926rSgHV5QgXsYbKZN8MSC3tJtSkhuROzvsQjAaFENRXr+19A==",
"requires": {
"inherits": "2.0.3"
}
},
"utils-merge": {
"version": "1.0.1",
"resolved": "https://registry.npmjs.org/utils-merge/-/utils-merge-1.0.1.tgz",
"integrity": "sha1-n5VxD1CiZ5R7LMwSR0HBAoQn5xM="
},
"vary": {
"version": "1.1.2",
"resolved": "https://registry.npmjs.org/vary/-/vary-1.1.2.tgz",
"integrity": "sha1-IpnwLG3tMNSllhsLn3RSShj2NPw="
},
"wordwrap": {
"version": "0.0.3",
"resolved": "https://registry.npmjs.org/wordwrap/-/wordwrap-0.0.3.tgz",
"integrity": "sha1-o9XabNXAvAAI03I0u68b7WMFkQc="
}
}
}

16
solution/Deployment/environments/Node/package.json
Просмотреть файл

@ -1,16 +0,0 @@
{
"name": "ads_gofast_configuration_app",
"version": "1.0.0",
"description": "ads_gofast_configuration_app",
"author": "john.rampono@microsoft.com",
"main": "server.js",
"scripts": {
"start": "node server.js"
},
"dependencies": {
"express": "^4.16.1",
"node-static": "0.7.11",
"fs": "0.0.2",
"path": "0.12.7"
}
}

37
solution/Deployment/environments/Node/server.js
Просмотреть файл

@ -1,37 +0,0 @@
var static = require('node-static');
var http = require('http');
// Import the path module
const path = require('path');
var fs = require('fs');
var directory = path.resolve(__dirname + "/../");
var file = new(static.Server)(directory, { cache: 1 });
http.createServer(function (req, res) {
if (req.method === "GET")
{
file.serve(req, res);
}
else
{
var body = '';
filePath = directory + '/development.json';
req.on('data', function(data) {
body += data;
body = decodeURI(body);
body = JSON.parse(body);
body = JSON.stringify(body, null, 2);
//body = body.replace("\n", "\r\n");
});
req.on('end', function (){
fs.writeFile(filePath, body, function() {
res.end();
});
});
}
}).listen(8080);

197
solution/Deployment/environments/development.json
Просмотреть файл

@ -1,197 +0,0 @@
{
"AdsOpts": {
"CI": {
"Enable": true,
"BuildFunctionApp": true,
"BuildWebApp": true,
"BuildAdsGoFastDatabase": true,
"BuildDataFactory": true
},
"CD": {
"EnableDeploy": true,
"EnableConfigure": true,
"ResourceGroup": {
"Enable": true,
"Id": "/subscriptions/035a1364-f00d-48e2-b582-4fe125905ee3/resourceGroups/AdsTestNew",
"Subscription": "Jorampon Internal Consumption",
"Domain": "microsoft.com",
"TenantId": "72f988bf-86f1-41af-91ab-2d7cd011db47",
"Location": "australiaeast",
"Name": "AdsTestNew",
"AADUser": "jorampon@microsoft.com",
"Hash": "DummyValueToBeReplacedAtRuntime"
},
"ServicePrincipals": {
"DeploymentSP": {
"Enable": true,
"Name": "AdsGoFastDeployer",
"ApplyNamePostFix": true
},
"WebAppAuthenticationSP": {
"Enable": true,
"Name": "AdsGFWebAuthSP",
"ApplyNamePostFix": true,
"ClientId": "a6f5f6bf-25da-43c3-863e-df3588db7d56"
},
"FunctionAppAuthenticationSP": {
"Enable": true,
"Name": "AdsGFFuncAppAuthSP",
"ApplyNamePostFix": true,
"ClientId": "584f2d03-a7e3-4fe8-9627-48f935697a68"
}
},
"FolderPaths": {
"ArmTemplates": "./arm",
"Environments": "./../environments",
"PublishZip": "./../bin/publish/zipped",
"PublishUnZip": "./../bin/publish/unzipped"
},
"AzureLoginOptions": {
"UseInteractiveAzCliLogin": true
},
"EnviroInstalls": {
"PerformLocalInstalls": true,
"PerformLocalInstallsAzCli": false,
"PerformLocalInstallsAzCliAddToPath": true
},
"ArmOptions": {
"PerformDeployment": false,
"PerformDeploymentStorageLogging": false,
"PerformDeploymentAppService": false
},
"Services": {
"UseARMDefaults": false,
"AppInsights": {
"Enable": true,
"Name": "adsgfappin",
"ApplyNamePostFix": true
},
"AppPlans": {
"WebApp": {
"Enable": true,
"Name": "adsgfappplanweb",
"ApplyNamePostFix": true,
"ResourceGroup": null
},
"FunctionApp": {
"Enable": true,
"Name": "adsgfappplanfnc",
"ApplyNamePostFix": true,
"ResourceGroup": null
}
},
"AzureSQLServer": {
"Enable": true,
"Name": "adsgfsvr",
"ApplyNamePostFix": true,
"AdminUser": "AdsAdmin",
"AdminPassword": "*********",
"AdsGoFastDB": {
"Enable": true,
"Name": "AdsGF",
"UpdateSourceAndTargetSystems": true,
"UpdateDataFactory": true,
"ApplyNamePostFix": false
},
"StagingDB": {
"Enable": true,
"Name": "AdsGfStaging",
"ApplyNamePostFix": false
},
"SampleDB": {
"Enable": true,
"Name": "AdsGfSample",
"ApplyNamePostFix": false
}
},
"CoreFunctionApp": {
"Enable": true,
"Name": "adsgofastfunc",
"ApplyNamePostFix": true,
"PrincipalId": ""
},
"DataFactory": {
"Enable": true,
"Name": "adsgfadf",
"ApplyNamePostFix": true,
"AzVnetIr": {
"Enable": true,
"Name": "IRA",
"Type": "ManagedVnet"
},
"OnPremVnetIr": {
"Enable": false,
"Name": "IRB",
"Type": "SelfHosted",
"IrInstallConfig": {
"LocalDrive": "C:",
"LocalVMFolder": "ADFInstaller",
"IrDownloadURL": "https://download.microsoft.com/download/E/4/7/E4771905-1079-445B-8BF9-8A1A075D8A10/IntegrationRuntime_5.9.7900.1.msi",
"JDKDownloadURL": "https://github.com/adoptium/temurin11-binaries/releases/download/jdk-11.0.12%2B7/OpenJDK11U-jdk_x64_windows_hotspot_11.0.12_7.msi",
"JDKInstallFolder": "c:\\Program Files\\Eclipse Foundation\\"
}
}
},
"WebSite": {
"Enable": true,
"Name": "adsgofastweb",
"ApplyNamePostFix": true,
"PrincipalId": ""
},
"LogAnalytics": {
"Enable": true,
"Name": "adsgofastloganalytics",
"ApplyNamePostFix": true
},
"KeyVault": {
"Enable": true,
"Name": "adsgfkv",
"ApplyNamePostFix": true
},
"Vnet": {
"Enable": false,
"Name": "AdsGoFastVnet",
"ApplyNamePostFix": true,
"vNetAddressRange": "10.3.0.0/16",
"BastionSubnetAddressRange": "10.3.1.0/27",
"DataSubnetAddressRange": "10.3.2.0/27",
"WebAppSubnetAddressRange": "10.3.3.0/27",
"FuncAppSubnetAddressRange": "10.3.4.0/27",
"BastionSubnetName": "AzureBastionSubnet",
"DataSubnetName": "Data",
"WebAppSubnetName": "WebApp",
"FuncAppSubnetName": "FuncApp"
},
"Storage": {
"Logging": {
"Name": "logstg",
"ApplyNamePostFix": true,
"Enable": true,
"Dummy": ""
},
"ADLS": {
"Name": "adls",
"ApplyNamePostFix": true,
"Enable": true
},
"Blob": {
"Name": "blob",
"ApplyNamePostFix": true,
"Enable": true,
"ResourceId": ""
},
"ADLSTransient": {
"Name": "adlstran",
"ApplyNamePostFix": true,
"Enable": false
}
},
"Bastion": {
"Name": "adsgfbastion",
"ApplyNamePostFix": true,
"Enable": true
}
}
}
}
}

2076
solution/Deployment/environments/environment.schema.json
Просмотреть файл

Разница между файлами не показана из-за своего большого размера Загрузить разницу

82
solution/Deployment/workflows/CD_0a_CreateServicePrincipals_AAD_Elevated.ps1
Просмотреть файл

@ -1,82 +0,0 @@
$error.clear()
#First Create the Resource Group
Invoke-Expression -Command ".\Steps\CD_DeployResourceGroup.ps1"
Import-Module .\Functions\Helpers.psm1
########################################################################
### SetUp Service Principals Required.. Need to run this part with elevated privileges
#########################################################################
if($env:AdsOpts_CD_ServicePrincipals_DeploymentSP_Enable -eq "True")
{
Write-Debug "Creating Deployment Service Principal"
$subid = ((az account show -s $env:AdsOpts_CD_ResourceGroup_Subscription) | ConvertFrom-Json ).id
$spcheck = az ad sp list --filter "displayname eq '$env:AdsOpts_CD_ServicePrincipals_DeploymentSP_Name'" | ConvertFrom-Json
if ($null -eq $spcheck)
{
Write-Debug "Deployment Principal does not exist so creating now."
$SP = az ad sp create-for-rbac --name $env:AdsOpts_CD_ServicePrincipals_DeploymentSP_Name --role contributor --scopes /subscriptions/$subid/resourceGroups/$env:AdsOpts_CD_ResourceGroup_Name | ConvertFrom-Json
}
else {
Write-Debug "Deployment Prinicpal Already Exists So Just Adding Contributor Role on Resource Group"
$SP = az role assignment create --assignee $spcheck[0].objectId --role "Contributor" --scope /subscriptions/$subid/resourceGroups/$env:AdsOpts_CD_ResourceGroup_Name | ConvertFrom-Json
}
}
$environmentfile = $env:AdsOpts_CD_FolderPaths_Environments + "/" + $env:ENVIRONMENT_NAME + ".json"
$envsettings = Get-Content $environmentfile | ConvertFrom-Json
if($env:AdsOpts_CD_ServicePrincipals_WebAppAuthenticationSP_Enable -eq "True")
{
Write-Debug "Creating WebAppAuthentication Service Principal"
$roleid = [guid]::NewGuid()
$roles = '[{\"allowedMemberTypes\": [\"Application\"],\"description\": \"Administrator\",\"displayName\": \"Administrator\",\"id\": \"@Id\",\"isEnabled\": true,\"lang\": null,\"origin\": \"Users\\Groups\",\"value\": \"Administrator\"}]'
$roles = $roles.Replace("@Id",$roleid)
$replyurls = "https://$env:AdsOpts_CD_Services_WebSite_Name.azurewebsites.net/signin-oidc"
$subid = ((az account show -s $env:AdsOpts_CD_ResourceGroup_Subscription) | ConvertFrom-Json ).id
$appid = ((az ad app create --display-name $env:AdsOpts_CD_ServicePrincipals_WebAppAuthenticationSP_Name --homepage "api://$env:AdsOpts_CD_ServicePrincipals_WebAppAuthenticationSP_Name" --identifier-uris "api://$env:AdsOpts_CD_ServicePrincipals_WebAppAuthenticationSP_Name" --app-roles $roles --reply-urls $replyurls) | ConvertFrom-Json ).appId
$appid = ((az ad app show --id "api://$env:AdsOpts_CD_ServicePrincipals_WebAppAuthenticationSP_Name") | ConvertFrom-Json ).appId
$spid = ((az ad sp create --id $appid) | ConvertFrom-Json ).ObjectId
}
if($env:AdsOpts_CD_ServicePrincipals_FunctionAppAuthenticationSP_Enable -eq "True")
{
Write-Debug "Creating FunctionAppAuthentication Service Principal"
$roleid = [guid]::NewGuid()
$roles = '[{\"allowedMemberTypes\": [\"Application\"],\"description\": \"Used to applications to call the ADS Go Fast functions\",\"displayName\": \"FunctionAPICaller\",\"id\": \"@Id\",\"isEnabled\": true,\"lang\": null,\"origin\": \"Application\",\"value\": \"FunctionAPICaller\"}]'
$roles = $roles.Replace("@Id",$roleid)
$subid = ((az account show -s $env:AdsOpts_CD_ResourceGroup_Subscription) | ConvertFrom-Json ).id
$appid = ((az ad app create --display-name $env:AdsOpts_CD_ServicePrincipals_FunctionAppAuthenticationSP_Name --homepage "api://$env:AdsOpts_CD_ServicePrincipals_FunctionAppAuthenticationSP_Name" --identifier-uris "api://$env:AdsOpts_CD_ServicePrincipals_FunctionAppAuthenticationSP_Name" --app-roles $roles) | ConvertFrom-Json ).appId
$appid = ((az ad app show --id "api://$env:AdsOpts_CD_ServicePrincipals_FunctionAppAuthenticationSP_Name") | ConvertFrom-Json ).appId
$spid = ((az ad sp create --id $appid) | ConvertFrom-Json ).ObjectId
#Will need to do below during service creation to add the Azure Function MSI to role
#az role assignment create --assignee $appid --role $roleid --scope "/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/{providerName}/{resourceType}/{resourceSubType}/{resourceName}"
#az rest --method patch --uri "https://graph.microsoft.com/beta/applications/<object-id>" --headers '{"Content-Type":"application/json"}' --body '{"api":{"preAuthorizedApplications":[{"appId":"a37c1158-xxxxx94f2b","permissionIds":["5479xxxxx522869e718f0"]}]}}'
}
#Update the Environment File
$appid = ((az ad app show --id "api://$env:AdsOpts_CD_ServicePrincipals_FunctionAppAuthenticationSP_Name") | ConvertFrom-Json ).appId
$envsettings.AdsOpts.CD.ServicePrincipals.FunctionAppAuthenticationSP.ClientId = $appid
[Environment]::SetEnvironmentVariable("AdsOpts_CD_ServicePrincipals_FunctionAppAuthenticationSP_ClientId", "$appid")
$appid = ((az ad app show --id "api://$env:AdsOpts_CD_ServicePrincipals_WebAppAuthenticationSP_Name") | ConvertFrom-Json ).appId
$envsettings.AdsOpts.CD.ServicePrincipals.WebAppAuthenticationSP.ClientId = $appid
[Environment]::SetEnvironmentVariable("AdsOpts_CD_ServicePrincipals_WebAppAuthenticationSP_ClientId", "$appid")
$envsettings | ConvertTo-Json -Depth 10 | set-content $environmentfile
#Check Status of Errors
Write-Host "Script Complete Please Check below for Errors:"
Write-Host $error

56
solution/Deployment/workflows/CD_1a_DeployServices.ps1
Просмотреть файл

@ -1,56 +0,0 @@
######################################################
### Continuous Deployment ####
######################################################Write-Host ([Environment]::GetEnvironmentVariable("AdsOpts_CI_Enable"))
if (([Environment]::GetEnvironmentVariable("AdsOpts_CD_EnableDeploy")) -eq "True")
{
$Scripts = @(
".\Steps\CD_DeployKeyVault.ps1"
,".\Steps\CD_DeployStorageForLogging.ps1"
,".\Steps\CD_DeployStorageADLS.ps1"
,".\Steps\CD_DeployStorageBlob.ps1"
)
Write-Debug "Starting CD.."
$Scripts|ForEach-Object -Parallel {
Invoke-Expression -Command $_
}
$Scripts = @(
,".\Steps\CD_DeployAppInsights.ps1"
,".\Steps\CD_DeployLogAnalytics.ps1"
,".\Steps\CD_DeployVnet.ps1"
)
$Scripts|ForEach-Object -Parallel {
Invoke-Expression -Command $_
}
$Scripts = @(
,".\Steps\CD_DeployAppService.ps1"
,".\Steps\CD_DeployAzureSqlServer.ps1"
,".\Steps\CD_DeployADF.ps1"
)
$Scripts|ForEach-Object -Parallel {
Invoke-Expression -Command $_
}
$Scripts = @(
,".\Steps\CD_DeployWebSite.ps1"
,".\Steps\CD_DeployFunctionApp.ps1"
)
$Scripts|ForEach-Object -Parallel {
Invoke-Expression -Command $_
}
Write-Debug "Finishing CD.."
}
else
{
Write-Warning "CD_1a_DeployServices.ps1 skipped as flag in environment file is set to false"
}
#,".\Cleanup_RemoveAll.ps1"

178
solution/Deployment/workflows/CD_2a_CreateMSIs_AAD_Elevated.ps1
Просмотреть файл

@ -1,178 +0,0 @@
az config set extension.use_dynamic_install=yes_without_prompt
#Create MSIs
if($env:AdsOpts_CD_Services_CoreFunctionApp_Enable -eq "True")
{
$id = $null
$id = ((az functionapp identity show --name $env:AdsOpts_CD_Services_CoreFunctionApp_Name --resource-group $env:AdsOpts_CD_ResourceGroup_Name) | ConvertFrom-Json).principalId
if ($null -eq $id) {
Write-Host "Creating MSI for FunctionApp"
$id = ((az functionapp identity assign --resource-group $env:AdsOpts_CD_ResourceGroup_Name --name $env:AdsOpts_CD_Services_CoreFunctionApp_Name) | ConvertFrom-Json).principalId
}
}
else
{
Write-Host "AdsOpts_CD_Services_CoreFunctionApp skipped as flag in environment file is set to false" -ForegroundColor Yellow
}
if($env:AdsOpts_CD_Services_WebSite_Enable -eq "True")
{
$id = $null
$id = ((az webapp identity show --name $env:AdsOpts_CD_Services_WebSite_Name --resource-group $env:AdsOpts_CD_ResourceGroup_Name) | ConvertFrom-Json).principalId
if ($id -eq $null) {
Write-Host "Creating MSI for WebApp"
$id = ((az webapp identity assign --resource-group $env:AdsOpts_CD_ResourceGroup_Name --name $env:AdsOpts_CD_Services_WebSite_Name) | ConvertFrom-Json).principalId
}
}
else
{
Write-Host "AdsOpts_CD_Services_WebSite_Enable skipped as flag in environment file is set to false" -ForegroundColor Yellow
}
#Make sure we have the datafactory extension
az extension add --name datafactory
#Get ADF MSI Id
$dfpid = ((az datafactory show --factory-name $env:AdsOpts_CD_Services_DataFactory_Name --resource-group $env:AdsOpts_CD_ResourceGroup_Name) | ConvertFrom-Json).identity.principalId
$dfoid = ((az ad sp show --id $dfpid) | ConvertFrom-Json).objectId
#Allow ADF to Read Key Vault
$result = az keyvault set-policy --name $env:AdsOpts_CD_Services_KeyVault_Name --certificate-permissions get list --key-permissions get list --object-id $dfoid --resource-group $env:AdsOpts_CD_ResourceGroup_Name --secret-permissions get list --storage-permissions get --subscription $env:AdsOpts_CD_ResourceGroup_Subscription
#Give MSIs Required AD Privileges
#Assign SQL Admin
$cu = az ad signed-in-user show | ConvertFrom-Json
$result = az sql server ad-admin create --display-name $cu.DisplayName --object-id $cu.ObjectId --resource-group $env:AdsOpts_CD_ResourceGroup_Name --server $env:AdsOpts_CD_Services_AzureSQLServer_Name --subscription $env:AdsOpts_CD_ResourceGroup_Subscription
#az login --service-principal --username $env:secrets_AZURE_CREDENTIALS_clientId --password $env:secrets_AZURE_CREDENTIALS_clientSecret --tenant $env:secrets_AZURE_CREDENTIALS_tenantId
$SqlInstalled = Get-InstalledModule SqlServer
if($null -eq $SqlInstalled)
{
write-host "Installing SqlServer Module"
Install-Module -Name SqlServer -Scope CurrentUser -Force
}
#Add Ip to SQL Firewall
write-host "Creating SQL Server Firewall Rules"
$myIp = (Invoke-WebRequest ifconfig.me/ip).Content
$result = az sql server firewall-rule create -g $env:AdsOpts_CD_ResourceGroup_Name -s $env:AdsOpts_CD_Services_AzureSQLServer_Name -n "MySetupIP" --start-ip-address $myIp --end-ip-address $myIp
#May Need to add a wait here to allow MSI creation to have propogated completely
#ADS GO FAST DB
#Deployment SP
$sqlcommand = "
DROP USER IF EXISTS [$env:AdsOpts_CD_ServicePrincipals_DeploymentSP_Name]
CREATE USER [$env:AdsOpts_CD_ServicePrincipals_DeploymentSP_Name] FROM EXTERNAL PROVIDER;
ALTER ROLE db_owner ADD MEMBER [$env:AdsOpts_CD_ServicePrincipals_DeploymentSP_Name];
GO"
$sqlcommand = "
DROP USER IF EXISTS [$env:AdsOpts_CD_Services_CoreFunctionApp_Name]
CREATE USER [$env:AdsOpts_CD_Services_CoreFunctionApp_Name] FROM EXTERNAL PROVIDER;
ALTER ROLE db_datareader ADD MEMBER [$env:AdsOpts_CD_Services_CoreFunctionApp_Name];
ALTER ROLE db_datawriter ADD MEMBER [$env:AdsOpts_CD_Services_CoreFunctionApp_Name];
ALTER ROLE db_ddladmin ADD MEMBER [$env:AdsOpts_CD_Services_CoreFunctionApp_Name];
GRANT EXECUTE ON SCHEMA::[dbo] TO [$env:AdsOpts_CD_Services_CoreFunctionApp_Name];
GO"
$sqlcommand = $sqlcommand + "
DROP USER IF EXISTS [$env:AdsOpts_CD_Services_WebSite_Name]
CREATE USER [$env:AdsOpts_CD_Services_WebSite_Name] FROM EXTERNAL PROVIDER;
ALTER ROLE db_datareader ADD MEMBER [$env:AdsOpts_CD_Services_WebSite_Name];
ALTER ROLE db_datawriter ADD MEMBER [$env:AdsOpts_CD_Services_WebSite_Name];
GRANT EXECUTE ON SCHEMA::[dbo] TO [$env:AdsOpts_CD_Services_WebSite_Name];
GO
"
$sqlcommand = $sqlcommand + "
DROP USER IF EXISTS [$env:AdsOpts_CD_Services_DataFactory_Name]
CREATE USER [$env:AdsOpts_CD_Services_DataFactory_Name] FROM EXTERNAL PROVIDER;
ALTER ROLE db_datareader ADD MEMBER [$env:AdsOpts_CD_Services_DataFactory_Name];
ALTER ROLE db_datawriter ADD MEMBER [$env:AdsOpts_CD_Services_DataFactory_Name];
GRANT EXECUTE ON SCHEMA::[dbo] TO [$env:AdsOpts_CD_Services_DataFactory_Name];
GO
"
write-host "Granting MSI Privileges on ADS Go Fast DB"
$token=$(az account get-access-token --resource=https://database.windows.net --query accessToken --output tsv)
Invoke-Sqlcmd -ServerInstance "$env:AdsOpts_CD_Services_AzureSQLServer_Name.database.windows.net,1433" -Database $env:AdsOpts_CD_Services_AzureSQLServer_AdsGoFastDB_Name -AccessToken $token -query $sqlcommand
#SAMPLE DB
$sqlcommand = "
DROP USER IF EXISTS [$env:AdsOpts_CD_Services_DataFactory_Name]
CREATE USER [$env:AdsOpts_CD_Services_DataFactory_Name] FROM EXTERNAL PROVIDER;
ALTER ROLE db_datareader ADD MEMBER [$env:AdsOpts_CD_Services_DataFactory_Name];
ALTER ROLE db_datawriter ADD MEMBER [$env:AdsOpts_CD_Services_DataFactory_Name];
ALTER ROLE db_ddladmin ADD MEMBER [$env:AdsOpts_CD_Services_DataFactory_Name];
GRANT EXECUTE ON SCHEMA::[dbo] TO [$env:AdsOpts_CD_Services_DataFactory_Name];
GO
"
write-host "Granting MSI Privileges on SAMPLE DB"
$token=$(az account get-access-token --resource=https://database.windows.net --query accessToken --output tsv)
Invoke-Sqlcmd -ServerInstance "$env:AdsOpts_CD_Services_AzureSQLServer_Name.database.windows.net,1433" -Database $env:AdsOpts_CD_Services_AzureSQLServer_SampleDB_Name -AccessToken $token -query $sqlcommand
#STAGING DB
$sqlcommand = "
DROP USER IF EXISTS [$env:AdsOpts_CD_Services_DataFactory_Name]
CREATE USER [$env:AdsOpts_CD_Services_DataFactory_Name] FROM EXTERNAL PROVIDER;
ALTER ROLE db_datareader ADD MEMBER [$env:AdsOpts_CD_Services_DataFactory_Name];
ALTER ROLE db_datawriter ADD MEMBER [$env:AdsOpts_CD_Services_DataFactory_Name];
ALTER ROLE db_ddladmin ADD MEMBER [$env:AdsOpts_CD_Services_DataFactory_Name];
GRANT EXECUTE ON SCHEMA::[dbo] TO [$env:AdsOpts_CD_Services_DataFactory_Name];
GO
"
write-host "Granting MSI Privileges on STAGING DB"
$token=$(az account get-access-token --resource=https://database.windows.net --query accessToken --output tsv)
Invoke-Sqlcmd -ServerInstance "$env:AdsOpts_CD_Services_AzureSQLServer_Name.database.windows.net,1433" -Database $env:AdsOpts_CD_Services_AzureSQLServer_StagingDB_Name -AccessToken $token -query $sqlcommand
#Next Add MSIs Permissions
#Function App MSI Access to App Role to allow chained function calls
write-host "Granting Function App MSI Access to App Role to allow chained function calls"
$authapp = az ad app show --id "api://$env:AdsOpts_CD_ServicePrincipals_FunctionAppAuthenticationSP_Name" | ConvertFrom-Json
$callingappid = ((az functionapp identity show --name $env:AdsOpts_CD_Services_CoreFunctionApp_Name --resource-group $env:AdsOpts_CD_ResourceGroup_Name) | ConvertFrom-Json).principalId
$authappid = $authapp.appId
$permissionid = $authapp.oauth2Permissions.id
$authappobjectid = (az ad sp show --id $authappid | ConvertFrom-Json).objectId
$body = '{"principalId": "@principalid","resourceId":"@resourceId","appRoleId": "@appRoleId"}' | ConvertFrom-Json
$body.resourceId = $authappobjectid
$body.appRoleId = ($authapp.appRoles | Where-Object {$_.value -eq "FunctionAPICaller" }).id
$body.principalId = $callingappid
$body = ($body | ConvertTo-Json -compress | Out-String).Replace('"','\"')
$result = az rest --method post --uri "https://graph.microsoft.com/v1.0/servicePrincipals/$authappobjectid/appRoleAssignedTo" --headers '{\"Content-Type\":\"application/json\"}' --body $body
#Web App
write-host "Adding Admin Role To WebApp"
$authapp = az ad app show --id "api://$env:AdsOpts_CD_ServicePrincipals_WebAppAuthenticationSP_Name" | ConvertFrom-Json
$callinguser = $cu.objectId
$authappid = $authapp.appId
$permissionid = $authapp.oauth2Permissions.id
$authappobjectid = (az ad sp show --id $authapp.appId | ConvertFrom-Json).objectId
$body = '{"principalId": "@principalid","resourceId":"@resourceId","appRoleId": "@appRoleId"}' | ConvertFrom-Json
$body.resourceId = $authappobjectid
$body.appRoleId = ($authapp.appRoles | Where-Object {$_.value -eq "Administrator" }).id
$body.principalId = $callinguser
$body = ($body | ConvertTo-Json -compress | Out-String).Replace('"','\"')
$result = az rest --method post --uri "https://graph.microsoft.com/v1.0/servicePrincipals/$authappobjectid/appRoleAssignedTo" --headers '{\"Content-Type\":\"application/json\"}' --body $body
Invoke-Expression -Command ".\Steps\CD_GrantRBAC.ps1"

35
solution/Deployment/workflows/CD_2b_ConfigureServices.ps1
Просмотреть файл

@ -1,35 +0,0 @@
#Invoke-Expression -Command ".\Steps\CD_SetResourceGroupHash.ps1"
az config set extension.use_dynamic_install=yes_without_prompt
#az login --service-principal --username $env:secrets_AZURE_CREDENTIALS_clientId --password $env:secrets_AZURE_CREDENTIALS_clientSecret --tenant $env:secrets_AZURE_CREDENTIALS_tenantId
######################################################
### Continuous Deployment - Configure ####
######################################################Write-Host ([Environment]::GetEnvironmentVariable("AdsOpts_CI_Enable"))
if (([Environment]::GetEnvironmentVariable("AdsOpts_CD_EnableConfigure")) -eq "True")
{
Write-Host "Starting CD.."
Invoke-Expression -Command ".\Steps\CD_ConfigureKeyVault.ps1"
Invoke-Expression -Command ".\Steps\CD_ConfigureAzureSQLServer.ps1"
Invoke-Expression -Command ".\Steps\CD_ConfigureWebApp.ps1"
Invoke-Expression -Command ".\Steps\CD_ConfigureFunctionApp.ps1"
Invoke-Expression -Command ".\Steps\CD_ConfigureADF.ps1"
Invoke-Expression -Command ".\Steps\CD_ConfigureVnet.ps1"
Invoke-Expression -Command ".\Steps\CD_ConfigureAzureSqlServer_UpdateTaskTypeMappingJson.ps1"
Invoke-Expression -Command ".\Steps\CD_ConfigureSampleData.ps1"
Write-Host "Finishing CD.."
}
#Invoke-Expression -Command ".\Cleanup_RemoveAll.ps1"

18
solution/Deployment/workflows/CI_1a_BuildCode.ps1
Просмотреть файл

@ -1,18 +0,0 @@
######################################################
### Continuous Integration ####
######################################################
if (([Environment]::GetEnvironmentVariable("AdsOpts_CI_Enable")) -eq "True")
{
Write-Host "Starting CI.."
Invoke-Expression -Command ".\Steps\CI_BuildFunctionApp.ps1"
Invoke-Expression -Command ".\Steps\CI_BuildWebApp.ps1"
Invoke-Expression -Command ".\Steps\CI_BuildAdsGoFastDatabase.ps1"
Invoke-Expression -Command ".\Steps\CI_BuildDataFactory.ps1"
Write-Host "Finishing CI.."
}

17
solution/Deployment/workflows/Cleanup_RemoveAll.ps1
Просмотреть файл

@ -1,17 +0,0 @@
[Environment]::SetEnvironmentVariable("ENVIRONMENT_NAME", "development")
. .\Steps\PushEnvFileIntoVariables.ps1
ParseEnvFile("$env:ENVIRONMENT_NAME")
Invoke-Expression -Command ".\Steps\CD_SetResourceGroupHash.ps1"
az group delete --name $env:AdsOpts_CD_ResourceGroup_Name
#Delete App and SP for Web App Auth
az ad app delete --id "api://$env:AdsOpts_CD_ServicePrincipals_WebAppAuthenticationSP_Name"
#Delete App and SP for Function App Auth
az ad app delete --id "api://$env:AdsOpts_CD_ServicePrincipals_FunctionAppAuthenticationSP_Name"
$resources = az resource list --resource-group $env:AdsOpts_CD_ResourceGroup_Name | ConvertFrom-Json
foreach ($resource in $resources) {
az resource delete --resource-group myResourceGroup --ids $resource.id --verbose
}

32
solution/Deployment/workflows/Functions/Helpers.psm1
Просмотреть файл

@ -1,32 +0,0 @@
Function ConvertFrom-AzureCli {
[CmdletBinding()]
param (
[Parameter(ValueFromPipeline)] [string] $line
)
begin {
# Collect all lines in the input
$lines = @()
}
process {
# 'process' is run once for each line in the input pipeline.
$lines += $line
}
end {
# Azure Cli errors and warnings change output colors permanently.
# Reset the shell colors after each operation to keep consistent.
[Console]::ResetColor()
# If the 'az' process exited with a non-zero exit code we have an error.
# The 'az' error message is already printed to console, and is not a part of the input.
if ($LASTEXITCODE) {
Write-Error "az exited with exit code $LASTEXITCODE" -ErrorAction 'Stop'
}
$inputJson = $([string]::Join("`n", $lines));
# We expect a Json result from az cli if we have no error. The json result CAN be $null.
$result = ConvertFrom-Json $inputJson
return $result
}
}

16
solution/Deployment/workflows/LocalDevOnly_EnvironmentSetUp.ps1
Просмотреть файл

@ -1,16 +0,0 @@
#az login
#az account set -s "jorampon internal consumption"
#$DebugPreference = "Continue"
#$DebugPreference = "SilentlyContinue"
[Environment]::SetEnvironmentVariable("ENVIRONMENT_NAME", "development")
if (Test-Path -PathType Container -Path "../bin/"){$newitem = New-Item -ItemType Directory -Force -Path "../bin"}
$newitem = New-Item -Path "../bin/" -Name "GitEnv.txt" -type "file" -value "" -force
. .\Steps\PushEnvFileIntoVariables.ps1
ParseEnvFile("$env:ENVIRONMENT_NAME")
Invoke-Expression -Command ".\Steps\CD_SetResourceGroupHash.ps1"
#Load Secrets into Environment Variables
ParseSecretsFile ($SecretFile)

8
solution/Deployment/workflows/LocalDevOnly_InstallOnPremSHIR.ps1
Просмотреть файл

@ -1,8 +0,0 @@
if (([Environment]::GetEnvironmentVariable("AdsOpts_CD_Services_DataFactory_OnPremVnetIr_Enable")) -eq "True")
{
Write-Host "Starting On Prem SHIR Installation.."
Invoke-Expression -Command ".\Steps\CD_DeployADFOnPremSHIR.ps1"
Write-Host "Completed On Prem SHIR Installation."
}

277
solution/Deployment/workflows/Steps/CD_ConfigureADF.ps1
Просмотреть файл

@ -1,277 +0,0 @@
# Create ADF Diagnostic Settings
$logsSetting = "[{'category':'ActivityRuns','enabled':true,'retentionPolicy':{'days': 30,'enabled': true}},{'category':'PipelineRuns','enabled':true,'retentionPolicy':{'days': 30,'enabled': true}},{'category':'TriggerRuns','enabled':true,'retentionPolicy':{'days': 30,'enabled': true}}]".Replace("'",'\"')
$metricsSetting = "[{'category':'AllMetrics','enabled':true,'retentionPolicy':{'days': 30,'enabled': true}}]".Replace("'",'\"')
$result = az monitor diagnostic-settings create --name ADF-Diagnostics --export-to-resource-specific true --resource "$env:AdsOpts_CD_ResourceGroup_Id/providers/Microsoft.DataFactory/factories/$env:AdsOpts_CD_Services_DataFactory_Name" --logs $logsSetting --metrics $metricsSetting --storage-account "$env:AdsOpts_CD_ResourceGroup_Id/providers/Microsoft.Storage/storageAccounts/$env:AdsOpts_CD_Services_Storage_Logging_Name" --workspace "$env:AdsOpts_CD_ResourceGroup_Id/providers/microsoft.operationalinsights/workspaces/$env:AdsOpts_CD_Services_LogAnalytics_Name"
#Create IRs
#Create Managed Network
$subid = (az account show -s $env:AdsOpts_CD_ResourceGroup_Subscription | ConvertFrom-Json).id
$uri = "https://management.azure.com/subscriptions/$subid/resourceGroups/$env:AdsOpts_CD_ResourceGroup_Name/providers/Microsoft.DataFactory/factories/$env:AdsOpts_CD_Services_DataFactory_Name/managedVirtualNetworks/default" + '?api-version=2018-06-01'
$rest = az rest --method put --uri $uri --headers '{\"Content-Type\":\"application/json\"}' --body '{\"properties\": {}}'
#VNET
$body = '
{
"properties": {
"type": "Managed",
"typeProperties": {
"computeProperties": {
"location": "AutoResolve",
"dataFlowProperties": {
"computeType": "General",
"coreCount": 8,
"timeToLive": 10,
"cleanup": true
}
}
},
"managedVirtualNetwork": {
"type": "ManagedVirtualNetworkReference",
"referenceName": "default"
}
}
}' | ConvertFrom-Json
$body = ($body | ConvertTo-Json -compress -Depth 10 | Out-String).Replace('"','\"')
$uri = "https://management.azure.com/$env:AdsOpts_CD_ResourceGroup_Id/providers/Microsoft.DataFactory/factories/$env:AdsOpts_CD_Services_DataFactory_Name/integrationRuntimes/$env:AdsOpts_CD_Services_DataFactory_AzVnetIr_Name" + '?&api-version=2018-06-01'
Write-Host "Creating IR: $env:AdsOpts_CD_Services_DataFactory_AzVnetIr_Name"
$rest = az rest --method put --uri $uri --headers '{\"Content-Type\":\"application/json\"}' --body $body
#On Prem - Note we are using a managed VNET IR to mimic on prem
# $body = '
# {
# "properties": {
# "type": "Managed",
# "typeProperties": {
# "computeProperties": {
# "location": "AutoResolve",
# "dataFlowProperties": {
# "computeType": "General",
# "coreCount": 8,
# "timeToLive": 10,
# "cleanup": true
# }
# }
# },
# "managedVirtualNetwork": {
# "type": "ManagedVirtualNetworkReference",
# "referenceName": "default"
# }
# }
# }' | ConvertFrom-Json
if (([Environment]::GetEnvironmentVariable("AdsOpts_CD_Services_DataFactory_OnPremVnetIr_Enable")) -eq "True")
{
$body = '
{
"properties": {
"type": "SelfHosted"
}
}' | ConvertFrom-Json
$body = ($body | ConvertTo-Json -compress -Depth 10 | Out-String).Replace('"','\"')
$uri = "https://management.azure.com/$env:AdsOpts_CD_ResourceGroup_Id/providers/Microsoft.DataFactory/factories/$env:AdsOpts_CD_Services_DataFactory_Name/integrationRuntimes/$env:AdsOpts_CD_Services_DataFactory_OnPremVnetIr_Name" + '?&api-version=2018-06-01'
Write-Host "Creating IR: $env:AdsOpts_CD_Services_DataFactory_OnPremVnetIr_Name"
$rest = az rest --method put --uri $uri --headers '{\"Content-Type\":\"application/json\"}' --body $body
}
$IRA_PostFix = "_" + $env:AdsOpts_CD_Services_DataFactory_AzVnetIr_Name
$IRB_PostFix = "_" + $env:AdsOpts_CD_Services_DataFactory_OnPremVnetIr_Name
$dfbase = "$env:AdsOpts_CD_FolderPaths_PublishUnZip/datafactory"
#Data Factory - LinkedServices
Get-ChildItem "$dfbase/linkedService" -Filter *.json |
Foreach-Object {
$lsName = $_.BaseName
$fileName = $_.FullName
$jsonobject = $_ | Get-Content | ConvertFrom-Json
#Swap out Key Vault Url for Function App Linked Service
if($lsName -eq "AdsGoFastKeyVault")
{
$jsonobject.properties.typeProperties.baseUrl = "https://$env:AdsOpts_CD_Services_KeyVault_Name.vault.azure.net/"
}
#Swap out Function App Url
if($lsName -eq "AzureFunctionAdsGoFastDataLakeAccelFunApp")
{
$jsonobject.properties.typeProperties.functionAppUrl = "https://$env:AdsOpts_CD_Services_CoreFunctionApp_Name.azurewebsites.net"
}
#ParseOut the Name Attribute
$name = $jsonobject.name
#Persist File Back
$jsonobject | ConvertTo-Json -Depth 100 | set-content $_
#Make a copy of the file for upload
Copy-Item -Path $fileName -Destination "FileForUpload.json"
write-host ("LinkedService:" + $lsName) -ForegroundColor Yellow -BackgroundColor DarkGreen
#Set-AzDataFactoryV2LinkedService -DataFactoryName $env:AdsOpts_CD_Services_DataFactory_Name -ResourceGroupName $env:AdsOpts_CD_ResourceGroup_Name -Name $lsName -DefinitionFile $fileName -force
$body = ($jsonobject | ConvertTo-Json -compress -Depth 10 | Out-String).Replace('"','\"')
$uri = "https://management.azure.com/$env:AdsOpts_CD_ResourceGroup_Id/providers/Microsoft.DataFactory/factories/$env:AdsOpts_CD_Services_DataFactory_Name/linkedservices/$name"
write-host $uri
$rest = az rest --method put --uri $uri --headers '{\"Content-Type\":\"application/json\"}' --body "@FileForUpload.json" --uri-parameters 'api-version=2018-06-01'
}
#Data Factory - Dataset
Get-ChildItem "$dfbase/dataset" -Filter *.json |
Foreach-Object {
$lsName = $_.BaseName
$fileName = $_.FullName
#ParseOut the Name Attribute
$jsonobject = $_ | Get-Content | ConvertFrom-Json
$name = $jsonobject.name
#Persist File Back
$jsonobject | ConvertTo-Json -Depth 100 | set-content $_
#Make a copy of the file for upload
Copy-Item -Path $fileName -Destination "FileForUpload.json"
write-host ("Dataset: " + $fileName) -ForegroundColor Yellow -BackgroundColor DarkGreen
#Set-AzDataFactoryV2Dataset -DataFactoryName $env:AdsOpts_CD_Services_DataFactory_Name -ResourceGroupName $env:AdsOpts_CD_ResourceGroup_Name -Name $lsName -DefinitionFile $fileName -Force
$body = ($jsonobject | ConvertTo-Json -compress -Depth 10 | Out-String).Replace('"','\"')
$uri = "https://management.azure.com/$env:AdsOpts_CD_ResourceGroup_Id/providers/Microsoft.DataFactory/factories/$env:AdsOpts_CD_Services_DataFactory_Name/datasets/$name"
$rest = az rest --method put --uri $uri --headers '{\"Content-Type\":\"application/json\"}' --body "@FileForUpload.json" --uri-parameters 'api-version=2018-06-01'
}
#Move to pipelines directory
$CurrentPath = (Get-Location).Path
Set-Location "..\bin\publish\unzipped\datafactory\pipeline"
#Data Factory - Pipelines
Write-Host "Starting Pipelines"
Write-Host "Uploading Level 0 Dependencies"
Get-ChildItem "./" -Recurse -Include "AZ_Function*.json", "AZ_SQL_Watermark_IR*.json", "SH_SQL_Watermark_IR*.json" |
Foreach-Object {
$lsName = $_.BaseName
$fileName = $_.FullName
#ParseOut the Name Attribute
$jsonobject = $_ | Get-Content | ConvertFrom-Json
$name = $jsonobject.name
#Persist File Back
$jsonobject | ConvertTo-Json -Depth 100 | set-content $_
#Make a copy of the file for upload
Copy-Item -Path $fileName -Destination "FileForUpload.json"
write-host $fileName -ForegroundColor Yellow -BackgroundColor DarkGreen
#Set-AzDataFactoryV2Pipeline -DataFactoryName $env:AdsOpts_CD_Services_DataFactory_Name -ResourceGroupName $env:AdsOpts_CD_ResourceGroup_Name -Name $lsName -DefinitionFile $fileName -force
#$body = ($jsonobject | ConvertTo-Json -compress -Depth 100 | Out-String).Replace('"','\"')
$uri = "https://management.azure.com/$env:AdsOpts_CD_ResourceGroup_Id/providers/Microsoft.DataFactory/factories/$env:AdsOpts_CD_Services_DataFactory_Name/pipelines/$name"
$rest = az rest --method put --uri $uri --headers '{\"Content-Type\":\"application/json\"}' --body "@FileForUpload.json" --uri-parameters 'api-version=2018-06-01'
}
Write-Host "Uploading Level 1 Dependencies"
Get-ChildItem "./" -Recurse -Include "AZ_SQL_Full_Load_IR*.json", "SH_SQL_Full_Load_IR*.json" |
Foreach-Object {
$lsName = $_.BaseName
$fileName = $_.FullName
#ParseOut the Name Attribute
$jsonobject = $_ | Get-Content | ConvertFrom-Json
$name = $jsonobject.name
#Persist File Back
$jsonobject | ConvertTo-Json -Depth 100 | set-content $_
#Make a copy of the file for upload
Copy-Item -Path $fileName -Destination "FileForUpload.json"
write-host $fileName -ForegroundColor Yellow -BackgroundColor DarkGreen
#Set-AzDataFactoryV2Pipeline -DataFactoryName $env:AdsOpts_CD_Services_DataFactory_Name -ResourceGroupName $env:AdsOpts_CD_ResourceGroup_Name -Name $lsName -DefinitionFile $fileName -Force
$body = ($jsonobject | ConvertTo-Json -compress -Depth 100 | Out-String).Replace('"','\"')
$uri = "https://management.azure.com/$env:AdsOpts_CD_ResourceGroup_Id/providers/Microsoft.DataFactory/factories/$env:AdsOpts_CD_Services_DataFactory_Name/pipelines/$name"
$rest = az rest --method put --uri $uri --headers '{\"Content-Type\":\"application/json\"}' --body "@FileForUpload.json" --uri-parameters 'api-version=2018-06-01'
}
Write-Host "Uploading Level 3 Dependencies - Chunks"
Get-ChildItem "./" -Filter *chunk*.json |
Foreach-Object {
$lsName = $_.BaseName
$fileName = $_.FullName
#ParseOut the Name Attribute
$jsonobject = $_ | Get-Content | ConvertFrom-Json
$name = $jsonobject.name
#Persist File Back
$jsonobject | ConvertTo-Json -Depth 100 | set-content $_
#Make a copy of the file for upload
Copy-Item -Path $fileName -Destination "FileForUpload.json"
write-host $fileName -ForegroundColor Yellow -BackgroundColor DarkGreen
#Set-AzDataFactoryV2Pipeline -DataFactoryName $env:AdsOpts_CD_Services_DataFactory_Name -ResourceGroupName $env:AdsOpts_CD_ResourceGroup_Name -Name $lsName -DefinitionFile $fileName -Force
$body = ($jsonobject | ConvertTo-Json -compress -Depth 100 | Out-String).Replace('"','\"')
$uri = "https://management.azure.com/$env:AdsOpts_CD_ResourceGroup_Id/providers/Microsoft.DataFactory/factories/$env:AdsOpts_CD_Services_DataFactory_Name/pipelines/$name"
$rest = az rest --method put --uri $uri --headers '{\"Content-Type\":\"application/json\"}' --body "@FileForUpload.json" --uri-parameters 'api-version=2018-06-01'
}
Write-Host "Uploading Level 4 Dependencies"
Get-ChildItem "./" -Exclude "FileForUpload.json", "Master*.json","AZ_Function_Generic.json", "OnP_SQL_Watermark_IR*.json", "AZ_SQL_Watermark_IR*.json", "*Chunk*.json", "AZ_SQL_Full_Load_IR*.json", "SH_SQL_Full_Load_IR*.json", "OnP_SQL_Full_Load_IR*.json", "SH_SQL_Watermark_IR*.json" |
Foreach-Object {
$lsName = $_.BaseName
$fileName = $_.FullName
#ParseOut the Name Attribute
$jsonobject = $_ | Get-Content | ConvertFrom-Json
$name = $jsonobject.name
#Persist File Back
$jsonobject | ConvertTo-Json -Depth 100 | set-content $_
#Make a copy of the file for upload
Copy-Item -Path $fileName -Destination "FileForUpload.json"
write-host $fileName -ForegroundColor Yellow -BackgroundColor DarkGreen
#Set-AzDataFactoryV2Pipeline -DataFactoryName $env:AdsOpts_CD_Services_DataFactory_Name -ResourceGroupName $env:AdsOpts_CD_ResourceGroup_Name -Name $lsName -DefinitionFile $fileName -Force
$body = ($jsonobject | ConvertTo-Json -compress -Depth 100 | Out-String).Replace('"','\"')
$uri = "https://management.azure.com/$env:AdsOpts_CD_ResourceGroup_Id/providers/Microsoft.DataFactory/factories/$env:AdsOpts_CD_Services_DataFactory_Name/pipelines/$name"
$rest = az rest --method put --uri $uri --headers '{\"Content-Type\":\"application/json\"}' --body "@FileForUpload.json" --uri-parameters 'api-version=2018-06-01'
}
Write-Host "Processing Master"
Get-ChildItem "./" -Filter Master*.json |
Foreach-Object {
$lsName = $_.BaseName
$fileName = $_.FullName
#ParseOut the Name Attribute
$jsonobject = $_ | Get-Content | ConvertFrom-Json
$name = $jsonobject.name
#Make a copy of the file for upload
Copy-Item -Path $fileName -Destination "FileForUpload.json"
write-host $fileName -ForegroundColor Yellow -BackgroundColor DarkGreen
#Set-AzDataFactoryV2Pipeline -DataFactoryName $env:AdsOpts_CD_Services_DataFactory_Name -ResourceGroupName $env:AdsOpts_CD_ResourceGroup_Name -Name $lsName -DefinitionFile $fileName -Force
$body = ($jsonobject | ConvertTo-Json -compress -Depth 100 | Out-String).Replace('"','\"')
$uri = "https://management.azure.com/$env:AdsOpts_CD_ResourceGroup_Id/providers/Microsoft.DataFactory/factories/$env:AdsOpts_CD_Services_DataFactory_Name/pipelines/$name"
Write-Host "Uploading Master"
$rest = az rest --method put --uri $uri --headers '{\"Content-Type\":\"application/json\"}' --body "@FileForUpload.json" --uri-parameters 'api-version=2018-06-01'
}
Remove-Item -Path "FileForUpload.json" -ErrorAction SilentlyContinue
#Change Back to Workflows dir
Set-Location $CurrentPath

192
solution/Deployment/workflows/Steps/CD_ConfigureAzureSQLServer.ps1
Просмотреть файл

@ -1,192 +0,0 @@
#Function for password generator
$symbols = '!@#$%^&*'.ToCharArray()
$characterList = 'a'..'z' + 'A'..'Z' + '0'..'9' + $symbols
function GeneratePassword {
param(
[ValidateRange(12, 256)]
[int]
$length = 14
)
do {
$password = -join (0..$length | % { $characterList | Get-Random })
[int]$hasLowerChar = $password -cmatch '[a-z]'
[int]$hasUpperChar = $password -cmatch '[A-Z]'
[int]$hasDigit = $password -match '[0-9]'
[int]$hasSymbol = $password.IndexOfAny($symbols) -ne -1
}
until (($hasLowerChar + $hasUpperChar + $hasDigit + $hasSymbol) -ge 3)
$password | ConvertTo-SecureString -AsPlainText
}
Write-Debug "Configuring Azure SQL Server"
#Install Sql Server Module
if (Get-Module -ListAvailable -Name SqlServer) {
Write-Host "SqlServer Module exists"
}
else {
Write-Host "Module does not exist.. installing.."
Install-Module -Name SqlServer -Force
}
#Get Access Token for SQL --Note that the deployment principal or user running locally will need rights on the database
$token=$(az account get-access-token --resource=https://database.windows.net/ --query accessToken --output tsv)
$targetserver = $env:AdsOpts_CD_Services_AzureSQLServer_Name + ".database.windows.net"
if($env:AdsOpts_CD_Services_AzureSQLServer_AdsGoFastDB_Enable -eq "True")
{
#Add Ip to SQL Firewall
$myIp = (Invoke-WebRequest ifconfig.me/ip).Content
$result = az sql server firewall-rule create -g $env:AdsOpts_CD_ResourceGroup_Name -s $env:AdsOpts_CD_Services_AzureSQLServer_Name -n "MySetupIP" --start-ip-address $myIp --end-ip-address $myIp
#Allow Azure services and resources to access this server
$result = az sql server firewall-rule create -g $env:AdsOpts_CD_ResourceGroup_Name -s $env:AdsOpts_CD_Services_AzureSQLServer_Name -n "Azure" --start-ip-address 0.0.0.0 --end-ip-address 0.0.0.0
$CurrentPath = (Get-Location).Path
Set-Location "..\bin\publish\unzipped\database\"
#Create User for DBUp
$temppassword = GeneratePassword
$sql = "
DROP USER IF EXISTS DbUpUser
CREATE USER DbUpUser WITH PASSWORD=N'$temppassword', DEFAULT_SCHEMA=[dbo]
EXEC sp_addrolemember 'db_owner', 'DbUpUser'
GO "
Invoke-Sqlcmd -ServerInstance "$targetserver,1433" -Database $env:AdsOpts_CD_Services_AzureSQLServer_AdsGoFastDB_Name -AccessToken "$token" -Query $sql
#.\AdsGoFastDbUp.exe -c "Server=$targetserver; Database=$env:AdsOpts_CD_Services_AzureSQLServer_AdsGoFastDB_Name; user id=$env:AdsOpts_CD_Services_AzureSQLServer_AdminUser; password=$env:AdsOpts_CD_Services_AzureSQLServer_AdminPassword" -v True
dotnet AdsGoFastDbUp.dll -c "Server=$targetserver; Database=$env:AdsOpts_CD_Services_AzureSQLServer_AdsGoFastDB_Name; user id=DbUpUser; password='$temppassword'" -v True
Set-Location $CurrentPath
#Environment Specific Updates
$subid = (az account show -s $env:AdsOpts_CD_ResourceGroup_Subscription | ConvertFrom-Json).id
$LogAnalyticsId = az monitor log-analytics workspace show --resource-group $env:AdsOpts_CD_ResourceGroup_Name --workspace-name $env:AdsOpts_CD_Services_LogAnalytics_Name --query customerId --out tsv
if($env:AdsOpts_CD_Services_AzureSQLServer_AdsGoFastDB_UpdateDataFactory -eq "True")
{
$sql =
"Update [dbo].[DataFactory]
Set [Name] = '$env:AdsOpts_CD_Services_DataFactory_Name',
ResourceGroup = '$env:AdsOpts_CD_ResourceGroup_Name',
SubscriptionUid = '$subid',
DefaultKeyVaultURL = 'https://$env:AdsOpts_CD_Services_KeyVault_Name.vault.azure.net/',
LogAnalyticsWorkspaceId = '$LogAnalyticsId'
where id = 1"
Write-Debug "Updating DataFactory in ADS Go Fast DB Config - DataFactory"
Invoke-Sqlcmd -ServerInstance "$targetserver,1433" -Database $env:AdsOpts_CD_Services_AzureSQLServer_AdsGoFastDB_Name -AccessToken "$token" -Query $sql
}
if($env:AdsOpts_CD_Services_AzureSQLServer_AdsGoFastDB_UpdateSourceAndTargetSystems -eq "True")
{
$sql =
"
Update
[dbo].[SourceAndTargetSystems]
Set
SystemServer = '$env:AdsOpts_CD_Services_AzureSQLServer_Name.database.windows.net',
SystemKeyVaultBaseUrl = 'https://$env:AdsOpts_CD_Services_KeyVault_Name.vault.azure.net/',
SystemJSON = '{ ""Database"" : ""$env:AdsOpts_CD_Services_AzureSQLServer_SampleDB_Name"" }'
Where
SystemId = '1'
GO
Update
[dbo].[SourceAndTargetSystems]
Set
SystemServer = '$env:AdsOpts_CD_Services_AzureSQLServer_Name.database.windows.net',
SystemKeyVaultBaseUrl = 'https://$env:AdsOpts_CD_Services_KeyVault_Name.vault.azure.net/',
SystemJSON = '{ ""Database"" : ""$env:AdsOpts_CD_Services_AzureSQLServer_StagingDB_Name"" }'
Where
SystemId = '2'
GO
Update
[dbo].[SourceAndTargetSystems]
Set
SystemServer = '$env:AdsOpts_CD_Services_AzureSQLServer_Name.database.windows.net',
SystemKeyVaultBaseUrl = 'https://$env:AdsOpts_CD_Services_KeyVault_Name.vault.azure.net/',
SystemJSON = '{ ""Database"" : ""$env:AdsOpts_CD_Services_AzureSQLServer_AdsGoFastDB_Name"" }'
Where
SystemId = '11'
GO
"
Write-Debug "Updating DataFactory in ADS Go Fast DB Config - SourceAndTargetSystems - Azure SQL Servers"
Invoke-Sqlcmd -ServerInstance "$targetserver,1433" -Database $env:AdsOpts_CD_Services_AzureSQLServer_AdsGoFastDB_Name -AccessToken "$token" -Query $sql
$sql =
"
Update
[dbo].[SourceAndTargetSystems]
Set
SystemServer = 'https://$env:AdsOpts_CD_Services_Storage_Blob_Name.blob.core.windows.net',
SystemKeyVaultBaseUrl = 'https://$env:AdsOpts_CD_Services_KeyVault_Name.vault.azure.net/',
SystemJSON = '{ ""Container"" : ""datalakeraw"" }'
Where
SystemId = '3'
GO
Update
[dbo].[SourceAndTargetSystems]
Set
SystemServer = 'https://$env:AdsOpts_CD_Services_Storage_Blob_Name.blob.core.windows.net',
SystemKeyVaultBaseUrl = 'https://$env:AdsOpts_CD_Services_KeyVault_Name.vault.azure.net/',
SystemJSON = '{ ""Container"" : ""datalakelanding"" }'
Where
SystemId = '7'
GO
Update
[dbo].[SourceAndTargetSystems]
Set
SystemServer = 'https://$env:AdsOpts_CD_Services_Storage_Blob_Name.blob.core.windows.net',
SystemKeyVaultBaseUrl = 'https://$env:AdsOpts_CD_Services_KeyVault_Name.vault.azure.net/',
SystemJSON = '{ ""Container"" : ""transientin"" }'
Where
SystemId = '9'
GO
Update
[dbo].[SourceAndTargetSystems]
Set
SystemServer = 'https://$env:AdsOpts_CD_Services_Storage_ADLS_Name.dfs.core.windows.net',
SystemKeyVaultBaseUrl = 'https://$env:AdsOpts_CD_Services_KeyVault_Name.vault.azure.net/',
SystemJSON = '{ ""Container"" : ""datalakeraw"" }'
Where
SystemId = '4'
GO
Update
[dbo].[SourceAndTargetSystems]
Set
SystemServer = 'https://$env:AdsOpts_CD_Services_Storage_ADLS_Name.dfs.core.windows.net',
SystemKeyVaultBaseUrl = 'https://$env:AdsOpts_CD_Services_KeyVault_Name.vault.azure.net/',
SystemJSON = '{ ""Container"" : ""datalakelanding"" }'
Where
SystemId = '8'
GO
"
Write-Debug "Updating DataFactory in ADS Go Fast DB Config - SourceAndTargetSystems - Storage Accounts"
Invoke-Sqlcmd -ServerInstance "$targetserver,1433" -Database $env:AdsOpts_CD_Services_AzureSQLServer_AdsGoFastDB_Name -AccessToken "$token" -Query $sql
}
#sqlpackage.exe /a:Publish /sf:'./../bin/publish/unzipped/database/AdsGoFastBuild.dacpac' /tsn:$targetserver /tdn:$env:AdsOpts_CD_Services_AzureSQLServer_AdsGoFastDB_Name /tu:$env:AdsOpts_CD_Services_AzureSQLServer_AdminUser /tp:$env:AdsOpts_CD_Services_AzureSQLServer_AdminPassword
#Database - Post Script Deployment
#Invoke-Sqlcmd -ServerInstance "$targetserver,1433" -Database $env:AdsOpts_CD_Services_AzureSQLServer_AdsGoFastDB_Name -Username $env:AdsOpts_CD_Services_AzureSQLServer_AdminUser -Password $env:AdsOpts_CD_Services_AzureSQLServer_AdminPassword -InputFile "./../../Database/AdsGoFastDatabase"
}
else
{
Write-Warning "Skipped Configuring Azure SQL Server"
}

31
solution/Deployment/workflows/Steps/CD_ConfigureAzureSqlServer_UpdateTaskTypeMappingJson.ps1
Просмотреть файл

@ -1,31 +0,0 @@
#Get Access Token for SQL --Note that the deployment principal or user running locally will need rights on the database
$token=$(az account get-access-token --resource=https://database.windows.net/ --query accessToken --output tsv)
$targetserver = $env:AdsOpts_CD_Services_AzureSQLServer_Name + ".database.windows.net"
$jsonbase = "./../../TaskTypeJson/"
Get-ChildItem "$jsonbase" -Filter *.json |
Foreach-Object {
$lsName = $_.BaseName
$fileName = $_.FullName
$jsonobject = ($_ | Get-Content).Replace("'", "''")
$Name = $_.BaseName
$sql = "Update TaskTypeMapping
Set TaskMasterJsonSchema = new.TaskMasterJsonSchema
from TaskTypeMapping ttm
inner join
(
Select MappingName = N'$Name' , TaskMasterJsonSchema = N'$jsonobject'
) new on ttm.MappingName = new.MappingName"
Invoke-Sqlcmd -ServerInstance "$targetserver,1433" -Database $env:AdsOpts_CD_Services_AzureSQLServer_AdsGoFastDB_Name -AccessToken "$token" -Query $sql
}
#Loop through all Existing Task Master JSON Entries in DB
#$tm = Invoke-Sqlcmd -ServerInstance "$targetserver,1433" -Database $env:AdsOpts_CD_Services_AzureSQLServer_AdsGoFastDB_Name -AccessToken "$token" -Query "Select * from dbo.TaskMaster"
#$ttm = Invoke-Sqlcmd -ServerInstance "$targetserver,1433" -Database $env:AdsOpts_CD_Services_AzureSQLServer_AdsGoFastDB_Name -AccessToken "$token" -Query "Select * from dbo.TaskTypeMapping"

50
solution/Deployment/workflows/Steps/CD_ConfigureFunctionApp.ps1
Просмотреть файл

@ -1,50 +0,0 @@
Write-Debug "Configuring Function App"
$SourceFile = $env:AdsOpts_CD_FolderPaths_PublishZip + "/functionapp/Publish.zip"
if($env:AdsOpts_CD_Services_CoreFunctionApp_Enable -eq "True")
{
#Update App Settings
$appsettingsfile = $env:AdsOpts_CD_FolderPaths_PublishUnZip + "/functionapp/appsettings.json"
$appSettings = Get-Content $appsettingsfile | ConvertFrom-Json
$appSettings.ApplicationOptions.UseMSI = $true
$appSettings.ApplicationOptions.ServiceConnections.AdsGoFastTaskMetaDataDatabaseServer = "$env:AdsOpts_CD_Services_AzureSQLServer_Name.database.windows.net"
$appSettings.ApplicationOptions.ServiceConnections.AdsGoFastTaskMetaDataDatabaseName = $env:AdsOpts_CD_Services_AzureSQLServer_AdsGoFastDB_Name
$appSettings.ApplicationOptions.ServiceConnections.CoreFunctionsURL = "https://$env:AdsOpts_CD_Services_CoreFunctionApp_Name.azurewebsites.net"
#Get App Insights WorkspaceID
$AppInsightsWPId = (az monitor app-insights component show --app $env:AdsOpts_CD_Services_AppInsights_Name -g $env:AdsOpts_CD_ResourceGroup_Name | ConvertFrom-Json).appId
$appSettings.ApplicationOptions.ServiceConnections.AppInsightsWorkspaceId = $AppInsightsWPId
$appSettings.AzureAdAzureServicesViaAppReg.Domain=$env:AdsOpts_CD_ResourceGroup_Domain
$appSettings.AzureAdAzureServicesViaAppReg.TenantId=$env:AdsOpts_CD_ResourceGroup_TenantId
#Client Secret is null as this is only used to validate the claims & to authenticate get a scope specific token based on MSI
$appSettings.AzureAdAzureServicesViaAppReg.Audience = "api://$env:AdsOpts_CD_ServicePrincipals_FunctionAppAuthenticationSP_Name"
$appSettings.AzureAdAzureServicesViaAppReg.ClientSecret = $null
$appSettings.AzureAdAzureServicesViaAppReg.ClientId=$env:AdsOpts_CD_ServicePrincipals_FunctionAppAuthenticationSP_ClientId
#Setting to null as we are using MSI
$appSettings.AzureAdAzureServicesDirect.ClientSecret = $null
$appSettings.AzureAdAzureServicesDirect.ClientId=$null
$appSettings | ConvertTo-Json -Depth 10 | set-content $appsettingsfile
#Repack CoreFunctionApp
$CurrentPath = Get-Location
Set-Location "./../bin/publish"
$Path = (Get-Location).Path + "/zipped/functionapp"
New-Item -ItemType Directory -Force -Path $Path
$Path = $Path + "/Publish.zip"
Compress-Archive -Path '.\unzipped\functionapp\*' -DestinationPath $Path -force
#Move back to workflows
Set-Location $CurrentPath
# Deploy CoreFunctionApp App
$result = az functionapp deployment source config-zip --resource-group $env:AdsOpts_CD_ResourceGroup_Name --name $env:AdsOpts_CD_Services_CoreFunctionApp_Name --src $SourceFile
}
else
{
Write-Warning "Skipped Configuring Function App"
}

28
solution/Deployment/workflows/Steps/CD_ConfigureKeyVault.ps1
Просмотреть файл

@ -1,28 +0,0 @@
Write-Debug " Configuring Key Vault"
if($env:AdsOpts_CD_Services_KeyVault_Enable -eq "True")
{
#Try to set user object id based on an interactive login
$AADUserId = (az ad signed-in-user show | ConvertFrom-Json).objectId
if ([string]::IsNullOrEmpty($AADUserId))
{
#If Interactive user failed then use SP method.
$AADUserId = (az ad sp show --id (az account show | ConvertFrom-Json).user.name | ConvertFrom-Json).objectId
}
$functionkey = (az functionapp keys list -g $env:AdsOpts_CD_ResourceGroup_Name -n $env:AdsOpts_CD_Services_CoreFunctionApp_Name | ConvertFrom-Json).functionKeys.default
Write-Debug " Enabling Access to KeyVault and Adding Secrets"
#Set KeyVault Policy to allow logged in user to add key
$result = az keyvault set-policy --name $env:AdsOpts_CD_Services_KeyVault_Name --certificate-permissions backup create delete deleteissuers get getissuers import list listissuers managecontacts manageissuers purge recover restore setissuers update --key-permissions backup create decrypt delete encrypt get import list purge recover restore sign unwrapKey update verify wrapKey --object-id $AADUserId --resource-group $env:AdsOpts_CD_ResourceGroup_Name --secret-permissions backup delete get list purge recover restore set --storage-permissions backup delete deletesas get getsas list listsas purge recover regeneratekey restore set setsas update --subscription $env:AdsOpts_CD_ResourceGroup_Subscription
#Set KeyVault Policy to allow MSI for ADF to Retrieve Key Vault Key
#az keyvault set-policy --name $env:AdsOpts_CD_Services_KeyVault_Name --certificate-permissions backup create delete deleteissuers get getissuers import list listissuers managecontacts manageissuers purge recover restore setissuers update --key-permissions backup create decrypt delete encrypt get import list purge recover restore sign unwrapKey update verify wrapKey --object-id $AADUserId --resource-group $env:AdsOpts_CD_ResourceGroup_Name --secret-permissions backup delete get list purge recover restore set --storage-permissions backup delete deletesas get getsas list listsas purge recover regeneratekey restore set setsas update --subscription $env:AdsOpts_CD_ResourceGroup_Subscription
#Save Function Key to KeyVault
$result = az keyvault secret set --name "AdsGfCoreFunctionAppKey" --vault-name $env:AdsOpts_CD_Services_KeyVault_Name --disabled false --subscription $env:AdsOpts_CD_ResourceGroup_Subscription --value $functionkey --output none
}
else
{
Write-Warning "Skipped Configuring Key Vault"
}

10
solution/Deployment/workflows/Steps/CD_ConfigureSampleData.ps1
Просмотреть файл

@ -1,10 +0,0 @@
$pathbase = "./../../SampleFiles/"
$files = @("yellow_tripdata_2017-03.xlsx","yellow_tripdata_2017-03.csv")
$files | ForEach-Object -Parallel {
$result = az storage blob upload --file $using:pathbase/$_ --container-name "datalakeraw" --name samples/$_ --account-name $env:AdsOpts_CD_Services_Storage_ADLS_Name
$result = az storage blob upload --file $using:pathbase/$_ --container-name "datalakeraw" --name samples/$_ --account-name $env:AdsOpts_CD_Services_Storage_Blob_Name
}

203
solution/Deployment/workflows/Steps/CD_ConfigureVnet.ps1
Просмотреть файл

@ -1,203 +0,0 @@
if($env:AdsOpts_CD_Services_Vnet_Enable -eq "True")
{
##############################################################################################################
#Firewall and Virtual Network Rules for Services
##############################################################################################################
Write-Debug " Configuring VNet rules for provisioned services"
#Enable Service Endpoints on the subnet. Required to be done before adding network rules.
$result = az network vnet subnet update --resource-group $env:AdsOpts_CD_ResourceGroup_Name --vnet-name $env:AdsOpts_CD_Services_Vnet_Name --name $env:AdsOpts_CD_Services_Vnet_DataSubnetName --service-endpoints Microsoft.Sql Microsoft.Storage Microsoft.KeyVault Microsoft.Web
Write-Debug " Configured Microsoft.Storage Service Endpoint to subnet $env:AdsOpts_CD_Services_Vnet_DataSubnetName"
#adls
$result = az storage account network-rule add --resource-group $env:AdsOpts_CD_ResourceGroup_Name --account-name $env:AdsOpts_CD_Services_Storage_ADLS_Name --vnet-name $env:AdsOpts_CD_Services_Vnet_Name --subnet $env:AdsOpts_CD_Services_Vnet_DataSubnetName
$result = az storage account update --resource-group $env:AdsOpts_CD_ResourceGroup_Name --name $env:AdsOpts_CD_Services_Storage_ADLS_Name --default-action Deny #Default action to apply when no rule matches i.e. allow access from selected network/PE only.
Write-Debug " Completed network rule configuration for storage $env:AdsOpts_CD_Services_Storage_ADLS_Name"
#adlstran
#Note: Skipping as it will be outside for importing data into it.
#Logging
#Note: Commented below to allow App Insights access to Storage account.
# az storage account network-rule add --resource-group $env:AdsOpts_CD_ResourceGroup_Name --account-name $env:AdsOpts_CD_Services_Storage_Logging_Name --vnet-name $env:AdsOpts_CD_Services_Vnet_Name --subnet $env:AdsOpts_CD_Services_Vnet_DataSubnetName
# az storage account update --resource-group $env:AdsOpts_CD_ResourceGroup_Name --name $env:AdsOpts_CD_Services_Storage_Logging_Name --default-action Deny #Default action to apply when no rule matches i.e. allow access from selected network/PE only.
# Write-Debug " Completed network rule configuration for storage $env:AdsOpts_CD_Services_Storage_Logging_Name"
#Blob
$result = az storage account network-rule add --resource-group $env:AdsOpts_CD_ResourceGroup_Name --account-name $env:AdsOpts_CD_Services_Storage_Blob_Name --vnet-name $env:AdsOpts_CD_Services_Vnet_Name --subnet $env:AdsOpts_CD_Services_Vnet_DataSubnetName
$result = az storage account update --resource-group $env:AdsOpts_CD_ResourceGroup_Name --name $env:AdsOpts_CD_Services_Storage_Blob_Name --default-action Deny #Default action to apply when no rule matches i.e. allow access from selected network/PE only.
Write-Debug " Completed network rule configuration for storage $env:AdsOpts_CD_Services_Storage_Blob_Name"
#Azure Sql
#Note: Commenting below as will use the PE for SQL, so vNet rule is not required.
# az sql server vnet-rule create --server $env:AdsOpts_CD_Services_AzureSQLServer_Name --name $env:AdsOpts_CD_Services_Vnet_Name --resource-group $env:AdsOpts_CD_ResourceGroup_Name --vnet-name $env:AdsOpts_CD_Services_Vnet_Name --subnet $env:AdsOpts_CD_Services_Vnet_DataSubnetName
# Write-Debug " Completed network rule configuration for Azure SQL Server $env:AdsOpts_CD_Services_AzureSQLServer_Name"
#Key Vault
#Note: Commenting below as will use the PE for AKV, so vNet rule is not required.
# az keyvault network-rule add --name $env:AdsOpts_CD_Services_KeyVault_Name --resource-group $env:AdsOpts_CD_ResourceGroup_Name --vnet-name $env:AdsOpts_CD_Services_Vnet_Name --subnet $env:AdsOpts_CD_Services_Vnet_DataSubnetName
# az keyvault update --name $env:AdsOpts_CD_Services_KeyVault_Name --resource-group $env:AdsOpts_CD_ResourceGroup_Name --default-action Deny #Default action to apply when no rule matches i.e. allow access from selected network/PE only.
# Write-Debug " Completed network rule configuration for Azure Key Vault $env:AdsOpts_CD_Services_KeyVault_Name"
#Azure Function App
$result = az appservice plan update --name $env:AdsOpts_CD_Services_AppPlans_FunctionApp_Name --resource-group $env:AdsOpts_CD_ResourceGroup_Name --sku P1V2 #Upgrade SKU to 'P1V2' to support PE and vNet Integration.
$result = az functionapp vnet-integration add --resource-group $env:AdsOpts_CD_ResourceGroup_Name --name $env:AdsOpts_CD_Services_CoreFunctionApp_Name --vnet $env:AdsOpts_CD_Services_Vnet_Name --subnet $env:AdsOpts_CD_Services_Vnet_FuncAppSubnetName
$result = az functionapp config access-restriction add --priority 100 --rule-name "Allow FuncApp Subnet" --resource-group $env:AdsOpts_CD_ResourceGroup_Name --name $env:AdsOpts_CD_Services_CoreFunctionApp_Name --vnet-name $env:AdsOpts_CD_Services_Vnet_Name --subnet $env:AdsOpts_CD_Services_Vnet_FuncAppSubnetName --description "Allow vNet" --action Allow #Configure Access Restrictions.
$result = az functionapp config access-restriction add --priority 200 --rule-name "Allow Data Subnet" --resource-group $env:AdsOpts_CD_ResourceGroup_Name --name $env:AdsOpts_CD_Services_CoreFunctionApp_Name --vnet-name $env:AdsOpts_CD_Services_Vnet_Name --subnet $env:AdsOpts_CD_Services_Vnet_DataSubnetName --description "Allow vNet" --action Allow #Configure Access Restrictions.
$result = az functionapp config access-restriction add --priority 300 --rule-name "Allow WebApp Subnet" --resource-group $env:AdsOpts_CD_ResourceGroup_Name --name $env:AdsOpts_CD_Services_CoreFunctionApp_Name --vnet-name $env:AdsOpts_CD_Services_Vnet_Name --subnet $env:AdsOpts_CD_Services_Vnet_WebAppSubnetName --description "Allow vNet" --action Allow #Configure Access Restrictions.
$result = az functionapp config access-restriction add --priority 400 --rule-name "Allow Azure Portal" --resource-group $env:AdsOpts_CD_ResourceGroup_Name --name $env:AdsOpts_CD_Services_CoreFunctionApp_Name --service-tag AzurePortal --description "Allow vNet" --action Allow #Configure Access Restrictions.
$result = az functionapp config access-restriction add --priority 500 --rule-name "Allow ADF" --resource-group $env:AdsOpts_CD_ResourceGroup_Name --name $env:AdsOpts_CD_Services_CoreFunctionApp_Name --service-tag DataFactory --description "Allow vNet" --action Allow #Configure Access Restrictions.
Write-Debug " Completed network rule configuration for Azure Function App $env:AdsOpts_CD_Services_CoreFunctionApp_Name"
#Azure Web App
$result = az appservice plan update --name $env:AdsOpts_CD_Services_AppPlans_WebApp_Name --resource-group $env:AdsOpts_CD_ResourceGroup_Name --sku P1V2 #Upgrade SKU to 'P1V2' to support PE.
$result = az webapp vnet-integration add --resource-group $env:AdsOpts_CD_ResourceGroup_Name --name $env:AdsOpts_CD_Services_Website_Name --vnet $env:AdsOpts_CD_Services_Vnet_Name --subnet $env:AdsOpts_CD_Services_Vnet_WebAppSubnetName
#Note: Commented below to keep Web App accessible over internet. For customers who have VPN/Express Route/use Bastion -> Uncomment below.
#az functionapp config access-restriction add --priority 100 --resource-group $env:AdsOpts_CD_ResourceGroup_Name --name $env:AdsOpts_CD_Services_Website_Name --vnet-name $env:AdsOpts_CD_Services_Vnet_Name --subnet $env:AdsOpts_CD_Services_Vnet_WebAppSubnetName --description "Allow vNet" --action Allow #Configure Access Restrictions.
Write-Debug " Completed network rule configuration for Azure Web App $env:AdsOpts_CD_Services_Website_Name"
}
else
{
Write-Warning "Skipped Configuration of Vnet rules for provisioned services"
}
if($env:AdsOpts_CD_Services_Vnet_Enable -eq "True")
{
##############################################################################################################
#Private Endpoints for Services (ADF Managed and vNet Managed)
##############################################################################################################
Write-Debug " Configuring Private Endpoints for provisioned services"
########## ADF Managed PE
$apiVersion = "2018-06-01"
#$adfId = az datafactory show --factory-name $env:AdsOpts_CD_Services_DataFactory_Name --resource-group $env:AdsOpts_CD_ResourceGroup_Name --query '[id][0]' --output tsv
#adls (ADF Managed PE)
$managedPrivateEndpointName = "ADF-Managed-PE-"+$env:AdsOpts_CD_Services_Storage_ADLS_Name
$privateEndpointResourceId = "$env:AdsOpts_CD_ResourceGroup_Id/providers/Microsoft.DataFactory/factories/$env:AdsOpts_CD_Services_DataFactory_Name/managedVirtualNetworks/default/managedprivateendpoints/${managedPrivateEndpointName}"
$privateLinkResourceId = az storage account show --name $env:AdsOpts_CD_Services_Storage_ADLS_Name --resource-group $env:AdsOpts_CD_ResourceGroup_Name --query '[id][0]' --output tsv
Write-Debug " Creating $managedPrivateEndpointName"
New-AzResource -Force -ApiVersion "${apiVersion}" -ResourceId "${privateEndpointResourceId}" -Properties @{
privateLinkResourceId = "${privateLinkResourceId}"
groupId = "dfs"
}
Write-Debug " Created $managedPrivateEndpointName"
#Blob (ADF Managed PE)
$managedPrivateEndpointName = "ADF-Managed-PE-"+$env:AdsOpts_CD_Services_Storage_Blob_Name
$privateEndpointResourceId = "$env:AdsOpts_CD_ResourceGroup_Id/providers/Microsoft.DataFactory/factories/$env:AdsOpts_CD_Services_DataFactory_Name/managedVirtualNetworks/default/managedprivateendpoints/${managedPrivateEndpointName}"
$privateLinkResourceId = az storage account show --name $env:AdsOpts_CD_Services_Storage_Blob_Name --resource-group $env:AdsOpts_CD_ResourceGroup_Name --query '[id][0]' --output tsv
Write-Debug " Creating $managedPrivateEndpointName"
New-AzResource -Force -ApiVersion "${apiVersion}" -ResourceId "${privateEndpointResourceId}" -Properties @{
privateLinkResourceId = "${privateLinkResourceId}"
groupId = "blob"
}
Write-Debug " Created $managedPrivateEndpointName"
#Note: Commented below to allow On-Prem SHIR to communicate with AKV (Non-VPN,Non-ExpressRoute, Non-Peering scenario)
# #Key Vault (ADF Managed PE)
# $managedPrivateEndpointName = "ADF-Managed-PE-"+$env:AdsOpts_CD_Services_KeyVault_Name
# $privateEndpointResourceId = "$env:AdsOpts_CD_ResourceGroup_Id/providers/Microsoft.DataFactory/factories/$env:AdsOpts_CD_Services_DataFactory_Name/managedVirtualNetworks/default/managedprivateendpoints/${managedPrivateEndpointName}"
# $privateLinkResourceId = az keyvault show --name $env:AdsOpts_CD_Services_KeyVault_Name --resource-group $env:AdsOpts_CD_ResourceGroup_Name --query '[id][0]' --output tsv
# Write-Debug " Creating $managedPrivateEndpointName"
# New-AzResource -Force -ApiVersion "${apiVersion}" -ResourceId "${privateEndpointResourceId}" -Properties @{
# privateLinkResourceId = "${privateLinkResourceId}"
# groupId = "vault"
# }
# Write-Debug " Created $managedPrivateEndpointName"
########## PEs
#Note: Not using to allow SHIR to communicate with AKV (Non-VPN,Non-ExpressRoute, Peering scenario)
#Key Vault (vNet Managed PE)
Write-Debug " Creating PE for Azure Key Vault"
$PE_Name = "PE-AKV"
$Private_DNS_Zone_Name = "privatelink.vaultcore.azure.net"
$id= az keyvault list --resource-group $env:AdsOpts_CD_ResourceGroup_Name --query '[].[id]' --output tsv
#PE
$result = az network private-endpoint create `
--name $PE_Name `
--resource-group $env:AdsOpts_CD_ResourceGroup_Name `
--vnet-name $env:AdsOpts_CD_Services_Vnet_Name --subnet $env:AdsOpts_CD_Services_Vnet_DataSubnetName `
--private-connection-resource-id $id `
--group-id "vault" `
--connection-name "PE-AKV-Connection"
#Private DNS Zone
$result = az network private-dns zone create `
--resource-group $env:AdsOpts_CD_ResourceGroup_Name `
--name $Private_DNS_Zone_Name
$result = az network private-dns link vnet create `
--resource-group $env:AdsOpts_CD_ResourceGroup_Name `
--zone-name $Private_DNS_Zone_Name `
--name "DnsLink-AzKeyVault" `
--virtual-network $env:AdsOpts_CD_Services_Vnet_Name `
--registration-enabled false
$result = az network private-endpoint dns-zone-group create `
--resource-group $env:AdsOpts_CD_ResourceGroup_Name `
--endpoint-name $PE_Name `
--name "AkvZoneGroup" `
--private-dns-zone $Private_DNS_Zone_Name `
--zone-name "akv"
Write-Debug " Completed PE creation for Azure Key Vault"
#Azure Sql (vNet Managed)
Write-Debug " Creating PE for Azure SQL Server"
$PE_Name = "PE-SQL"
$Private_DNS_Zone_Name = "privatelink.database.windows.net"
$id= az sql server list --resource-group $env:AdsOpts_CD_ResourceGroup_Name --query '[].[id]' --output tsv
#PE
$result = az network private-endpoint create `
--name $PE_Name `
--resource-group $env:AdsOpts_CD_ResourceGroup_Name `
--vnet-name $env:AdsOpts_CD_Services_Vnet_Name --subnet $env:AdsOpts_CD_Services_Vnet_DataSubnetName `
--private-connection-resource-id $id `
--group-id "sqlServer" `
--connection-name "PE-SQL-Connection"
#Private DNS Zone
$result = az network private-dns zone create `
--resource-group $env:AdsOpts_CD_ResourceGroup_Name `
--name $Private_DNS_Zone_Name
$result = az network private-dns link vnet create `
--resource-group $env:AdsOpts_CD_ResourceGroup_Name `
--zone-name $Private_DNS_Zone_Name `
--name "DnsLink-AzSQL" `
--virtual-network $env:AdsOpts_CD_Services_Vnet_Name `
--registration-enabled false
$result = az network private-endpoint dns-zone-group create `
--resource-group $env:AdsOpts_CD_ResourceGroup_Name `
--endpoint-name $PE_Name `
--name "SqlZoneGroup" `
--private-dns-zone $Private_DNS_Zone_Name `
--zone-name "sql"
Write-Debug " Completed PE creation for Azure SQL Server"
##############################
#Post PE Addition Task
$result = az sql server update --name $env:AdsOpts_CD_Services_AzureSQLServer_Name --resource-group $env:AdsOpts_CD_ResourceGroup_Name --enable-public-network false #Disable Public Access (Requires PE to be enabled first).
Write-Debug " Disabled Public Access to Azure SQL"
#Enable soft-delete on AKV
$result = az keyvault update --name $env:AdsOpts_CD_Services_KeyVault_Name --enable-soft-delete true
Write-Debug " Soft-delete enabled on AKV"
##############################
}
else
{
Write-Warning "Skipped Configuration of Private Endpoints for provisioned services"
}

47
solution/Deployment/workflows/Steps/CD_ConfigureWebApp.ps1
Просмотреть файл

@ -1,47 +0,0 @@
Write-Debug " Configuring Web App"
$SourceFile = $env:AdsOpts_CD_FolderPaths_PublishZip + "/webapplication/Publish.zip"
if($env:AdsOpts_CD_Services_WebSite_Enable -eq "True")
{
#Update App Settings
$appsettingsfile = $env:AdsOpts_CD_FolderPaths_PublishUnZip + "/webapplication/appsettings.json"
$appSettings = Get-Content $appsettingsfile | ConvertFrom-Json
$appSettings.ApplicationOptions.UseMSI = $true
$appSettings.ApplicationOptions.AdsGoFastTaskMetaDataDatabaseServer = "$env:AdsOpts_CD_Services_AzureSQLServer_Name.database.windows.net"
$appSettings.ApplicationOptions.AdsGoFastTaskMetaDataDatabaseName = $env:AdsOpts_CD_Services_AzureSQLServer_AdsGoFastDB_Name
$AppInsightsWPId = (az monitor app-insights component show --app $env:AdsOpts_CD_Services_AppInsights_Name -g $env:AdsOpts_CD_ResourceGroup_Name | ConvertFrom-Json).appId
$appSettings.ApplicationOptions.AppInsightsWorkspaceId = $AppInsightsWPId
$LogAnalyticsWorkspaceId = (az monitor log-analytics workspace show --workspace-name $env:AdsOpts_CD_Services_LogAnalytics_Name -g $env:AdsOpts_CD_ResourceGroup_Name | ConvertFrom-Json -AsHashtable).customerId
$appSettings.ApplicationOptions.LogAnalyticsWorkspaceId = $LogAnalyticsWorkspaceId
$appSettings.AzureAdAuth.Domain=$env:AdsOpts_CD_ResourceGroup_Domain
$appSettings.AzureAdAuth.TenantId=$env:AdsOpts_CD_ResourceGroup_TenantId
$appSettings.AzureAdAuth.ClientId= $env:AdsOpts_CD_ServicePrincipals_WebAppAuthenticationSP_ClientId
$appSettings | ConvertTo-Json -Depth 10 | set-content $appsettingsfile
#Repack WebApp
$CurrentPath = Get-Location
Set-Location "./../bin/publish"
$Path = (Get-Location).Path + "/zipped/webapplication"
New-Item -ItemType Directory -Force -Path $Path
$Path = $Path + "/Publish.zip"
Compress-Archive -Path '.\unzipped\webapplication\*' -DestinationPath $Path -force
#Move back to workflows
Set-Location $CurrentPath
# Deploy Web App
$result = az webapp deployment source config-zip --resource-group $env:AdsOpts_CD_ResourceGroup_Name --name $env:AdsOpts_CD_Services_WebSite_Name --src $SourceFile
#Enable App Insights
#az resource create --resource-group $env:AdsOpts_CD_ResourceGroup_Name --resource-type "Microsoft.Insights/components" --name $env:AdsOpts_CD_Services_WebSite_Name --location $env:AdsOpts_CD_ResourceGroup_Location --properties '{\"Application_Type\":\"web\"}'
}
else
{
Write-Warning "Skipped Configuring Web App"
}

10
solution/Deployment/workflows/Steps/CD_DeployADF.ps1
Просмотреть файл

@ -1,10 +0,0 @@
if ($env:AdsOpts_CD_Services_DataFactory_Enable -eq "True")
{
Write-Debug " Creating Data Factory"
$result = az deployment group create -g $env:AdsOpts_CD_ResourceGroup_Name --template-file ./../arm/DataFactory.json --parameters location=$env:AdsOpts_CD_ResourceGroup_Location adf-name=$env:AdsOpts_CD_Services_DataFactory_Name
}
else
{
Write-Warning "Skipped Creation of Data Factory"
}

60
solution/Deployment/workflows/Steps/CD_DeployADFOnPremSHIR.ps1
Просмотреть файл

@ -1,60 +0,0 @@
$ProgressPreference = 'SilentlyContinue' #Turn-off the progress bar and speed up the download via Invoke-WebRequest
$ADFLocalDrive = $env:AdsOpts_CD_Services_DataFactory_OnPremVnetIr_IrInstallConfig_LocalDrive #"C:" #Drive where the below directory will be created.
$ADFLocalVMFolder = $env:AdsOpts_CD_Services_DataFactory_OnPremVnetIr_IrInstallConfig_LocalVMFolder #"ADFInstaller" #Directory in which the .msi files will be downloaded.
$ADFIRDownloadURL = $env:AdsOpts_CD_Services_DataFactory_OnPremVnetIr_IrInstallConfig_IrDownloadURL #"https://download.microsoft.com/download/E/4/7/E4771905-1079-445B-8BF9-8A1A075D8A10/IntegrationRuntime_5.9.7900.1.msi"
$ADFIRLocalFileName = $ADFIRDownloadURL.Split("/")[$ADFIRDownloadURL.Split("/").Length-1] #Get the .msi filename.
$ADFIRInstallerLocalFileLocation = $ADFLocalDrive + '\' + $ADFLocalVMFolder + '\' + $ADFIRLocalFileName #Local Path of downloaded installer.
$ADFJDKDownloadURL = $env:AdsOpts_CD_Services_DataFactory_OnPremVnetIr_IrInstallConfig_JDKDownloadURL #"https://github.com/adoptium/temurin11-binaries/releases/download/jdk-11.0.12%2B7/OpenJDK11U-jdk_x64_windows_hotspot_11.0.12_7.msi"
$ADFJDKLocalFileName = $ADFJDKDownloadURL.Split("/")[$ADFJDKDownloadURL.Split("/").Length-1] #Get the .msi filename.
$ADFJDKInstallerLocalFileLocation = $ADFLocalDrive + '\' + $ADFLocalVMFolder + '\' + $ADFJDKLocalFileName #Local Path of downloaded installer.
Write-Debug " Creating directory to download the SHIR installable."
New-Item -Path $ADFLocalDrive -Name $ADFLocalVMFolder -ItemType Directory -Force #'-Force' Ok if directory already exists.
Write-Debug " Downloading the SHIR installable at $ADFIRInstallerLocalFileLocation."
Invoke-WebRequest -Uri $ADFIRDownloadURL -OutFile $ADFIRInstallerLocalFileLocation #Download SHIR installable.
Write-Debug " Downloading the OpenJDK for SHIR at $ADFJDKInstallerLocalFileLocation."
Invoke-WebRequest -Uri $ADFJDKDownloadURL -OutFile $ADFJDKInstallerLocalFileLocation #Download OpenJDK.
Write-Debug " Installing OpenJDK."
#msiexec /i $ADFJDKInstallerLocalFileLocation ADDLOCAL=FeatureMain,FeatureEnvironment,FeatureJarFileRunWith,FeatureJavaHome /quiet
#Ensure command prompt is run as administrator
$MSIInstallArguments = @(
"/i"
"$ADFJDKInstallerLocalFileLocation"
'ADDLOCAL=FeatureMain,FeatureEnvironment,FeatureJarFileRunWith,FeatureJavaHome'
# 'INSTALLDIR="c:\Program Files\Eclipse Foundation\"'
'INSTALLDIR="""$env:AdsOpts_CD_Services_DataFactory_OnPremVnetIr_IrInstallConfig_JDKInstallFolder"""'
"/qb!"
"/norestart"
)
Write-Debug $MSIInstallArguments
Start-Process "msiexec.exe" -ArgumentList $MSIInstallArguments -Wait -NoNewWindow
Write-Debug " Installing SHIR."
# Data Factory - VM AZ IR - Install IR
# $irKey1 = az datafactory integration-runtime list-auth-key --factory-name $DataFactoryName --name "SelfHostedIntegrationRuntime-Azure-VNET" --resource-group $ResourceGroupName --query authKey1 --out tsv
# az vm run-command invoke --command-id RunPowerShellScript --name $VMAzIR -g $ResourceGroupName --scripts "$ADFIRInstallerLocalFileLocation -path $ADFIRLocalFileLocation -authKey '$irKey1'"
#
$irKey1 = az datafactory integration-runtime list-auth-key --factory-name $env:AdsOpts_CD_Services_DataFactory_Name --name $env:AdsOpts_CD_Services_DataFactory_OnPremVnetIr_Name --resource-group $env:AdsOpts_CD_ResourceGroup_Name --query authKey1 --out tsv
Write-Debug " irKey1 retrieved."
# #Ensure command prompt is run as administrator
# $MSIInstallArguments = @(
# "/i"
# "$ADFIRInstallerLocalFileLocation"
# "authKey='$irKey1'"
# "/qb!"
# "/norestart"
# )
# Write-Debug $MSIInstallArguments
# Start-Process "msiexec.exe" -ArgumentList $MSIInstallArguments -Wait -NoNewWindow
. .\Steps\InstallGatewayFunctions.ps1 -path "$ADFIRInstallerLocalFileLocation" -authKey "$irKey1"

12
solution/Deployment/workflows/Steps/CD_DeployAppInsights.ps1
Просмотреть файл

@ -1,12 +0,0 @@
if ($env:AdsOpts_CD_Services_AppInsights_Enable -eq "True")
{
Write-Debug " Creating App Insights"
$storageaccountkey = (az storage account keys list -g $env:AdsOpts_CD_ResourceGroup_Name -n $env:AdsOpts_CD_Services_Storage_Logging_Name | ConvertFrom-Json)[0].value
$result = az deployment group create -g $env:AdsOpts_CD_ResourceGroup_Name --template-file ./../arm/ApplicationInsights.json --parameters location=$env:AdsOpts_CD_ResourceGroup_Location appinsights_name=$env:AdsOpts_CD_Services_AppInsights_Name
}
else
{
Write-Warning "Skipped Creation of App Insights"
}

27
solution/Deployment/workflows/Steps/CD_DeployAppService.ps1
Просмотреть файл

@ -1,27 +0,0 @@
if ($env:AdsOpts_CD_Services_AppPlans_WebApp_Enable -eq "True")
{
Write-Debug " Creating App Service for Web App"
#App Service (Includes both functions and web)
$storageaccountkey = (az storage account keys list -g $env:AdsOpts_CD_ResourceGroup_Name -n $env:AdsOpts_CD_Services_Storage_Logging_Name | ConvertFrom-Json)[0].value
$result = az deployment group create -g $env:AdsOpts_CD_ResourceGroup_Name --template-file ./../arm/AppService_Web.json --parameters location=$env:AdsOpts_CD_ResourceGroup_Location asp_name=$env:AdsOpts_CD_Services_AppPlans_WebApp_Name
}
else
{
Write-Warning "Skipped Creation of App Service for Web App"
}
if ($env:AdsOpts_CD_Services_AppPlans_FunctionApp_Enable -eq "True")
{
Write-Debug " Creating App Service for Function App"
#App Service (Includes both functions and web)
$storageaccountkey = (az storage account keys list -g $env:AdsOpts_CD_ResourceGroup_Name -n $env:AdsOpts_CD_Services_Storage_Logging_Name | ConvertFrom-Json)[0].value
$result = az deployment group create -g $env:AdsOpts_CD_ResourceGroup_Name --template-file ./../arm/AppService_Func.json --parameters location=$env:AdsOpts_CD_ResourceGroup_Location asp_name=$env:AdsOpts_CD_Services_AppPlans_FunctionApp_Name
}
else
{
Write-Warning "Skipped Creation of App Service For Func App"
}

45
solution/Deployment/workflows/Steps/CD_DeployAzureSqlServer.ps1
Просмотреть файл

@ -1,45 +0,0 @@
Write-Debug " Creating Azure SQL Server"
Write-Debug $env:AdsOpts_CD_Services_AzureSQLServer_Name
Write-Debug $env:AdsOpts_CD_Services_AzureSQLServer_SampleDB_Name
Write-Debug $env:AdsOpts_CD_Services_AzureSQLServer_AdsGoFastDB_Name
Write-Debug $env:AdsOpts_CD_Services_AzureSQLServer_AdminUser
Write-Debug $env:AdsOpts_CD_Services_AzureSQLServer_StagingDB_Name
$symbols = '!@#$%^&*'.ToCharArray()
$characterList = 'a'..'z' + 'A'..'Z' + '0'..'9' + $symbols
function GeneratePassword {
param(
[ValidateRange(12, 256)]
[int]
$length = 14
)
do {
$password = -join (0..$length | % { $characterList | Get-Random })
[int]$hasLowerChar = $password -cmatch '[a-z]'
[int]$hasUpperChar = $password -cmatch '[A-Z]'
[int]$hasDigit = $password -match '[0-9]'
[int]$hasSymbol = $password.IndexOfAny($symbols) -ne -1
}
until (($hasLowerChar + $hasUpperChar + $hasDigit + $hasSymbol) -ge 3)
$password | ConvertTo-SecureString -AsPlainText
}
if($env:AdsOpts_CD_Services_AzureSQLServer_Enable -eq "True")
{
Write-Debug " Creating Azure SQL Server"
$temppassword = GeneratePassword
[Environment]::SetEnvironmentVariable("AdsOpts_CD_Services_AzureSQLServer_AdminPassword", "$temppassword")
#StorageAccount For Logging
$result = az deployment group create -g $env:AdsOpts_CD_ResourceGroup_Name --template-file ./../arm/AzureSQLServer.json --parameters location=$env:AdsOpts_CD_ResourceGroup_Location sql_server_name=$env:AdsOpts_CD_Services_AzureSQLServer_Name sql_admin_login=$env:AdsOpts_CD_Services_AzureSQLServer_AdminUser sql_admin_password=$env:AdsOpts_CD_Services_AzureSQLServer_AdminPassword sample_db_name=$env:AdsOpts_CD_Services_AzureSQLServer_SampleDB_Name ads_go_fast_db_name=$env:AdsOpts_CD_Services_AzureSQLServer_AdsGoFastDB_Name staging_db_name=$env:AdsOpts_CD_Services_AzureSQLServer_StagingDB_Name vnet_name=$env:AdsOpts_CD_Services_Vnet_Name
#Make sure password is correct
$result = az sql server update -n $env:AdsOpts_CD_Services_AzureSQLServer_Name -g $env:AdsOpts_CD_ResourceGroup_Name -p ($env:AdsOpts_CD_Services_AzureSQLServer_AdminPassword | Out-String)
}
else
{
Write-Warning "Skipped Creation of Azure SQL Server"
}

27
solution/Deployment/workflows/Steps/CD_DeployFunctionApp.ps1
Просмотреть файл

@ -1,27 +0,0 @@
Write-Debug " Creating Function App"
if ($env:AdsOpts_CD_Services_CoreFunctionApp_Enable -eq "True")
{
if ($env:AdsOpts_CD_Services_AppPlans_FunctionApp_ResourceGroup -eq $null)
{
$rg = $env:AdsOpts_CD_ResourceGroup_Name
}
else
{
$rg = $env:AdsOpts_CD_Services_AppPlans_FunctionApp_ResourceGroup
}
$sn = $env:AdsOpts_CD_Services_AppPlans_FunctionApp_Name
#$appserviceid = ((az appservice plan show --name $sn --resource-group $rg) | ConvertFrom-Json).id
$key = az storage account keys list -g $env:AdsOpts_CD_ResourceGroup_Name -n $env:AdsOpts_CD_Services_Storage_Logging_Name --query [0].value -o tsv
$result = az deployment group create -g $rg --template-file ./../arm/FunctionApp.json --parameters azure-function-site-name=$env:AdsOpts_CD_Services_CoreFunctionApp_Name app-insights-name=$env:AdsOpts_CD_Services_AppInsights_Name storage-log-account-name=$env:AdsOpts_CD_Services_Storage_Logging_Name storage-log-account-key=$key appservice-name=$sn
}
else
{
Write-Warning "Skipped Creation of Function App"
}

10
solution/Deployment/workflows/Steps/CD_DeployKeyVault.ps1
Просмотреть файл

@ -1,10 +0,0 @@
if ($env:AdsOpts_CD_Services_KeyVault_Enable -eq "True")
{
Write-Debug "Creating Key Vault"
$result = az deployment group create -g $env:AdsOpts_CD_ResourceGroup_Name --template-file ./../arm/KeyVault.json --parameters location=$env:AdsOpts_CD_ResourceGroup_Location keyvault-name=$env:AdsOpts_CD_Services_KeyVault_Name tenant-id=$env:AdsOpts_CD_ResourceGroup_TenantId
}
else
{
Write-Warning "Skipped Creation of Key Vault"
}

10
solution/Deployment/workflows/Steps/CD_DeployLogAnalytics.ps1
Просмотреть файл

@ -1,10 +0,0 @@
if ($env:AdsOpts_CD_Services_DataFactory_Enable -eq "True")
{
Write-Debug " Creating Log Analyticss"
$results = az deployment group create -g $env:AdsOpts_CD_ResourceGroup_Name --template-file ./../arm/LogAnalytics.json --parameters location=$env:AdsOpts_CD_ResourceGroup_Location workspaces_adsgofastloganalytics_name=$env:AdsOpts_CD_Services_LogAnalytics_Name
}
else
{
Write-Warning "Skipped Creation of Log Analytics"
}

14
solution/Deployment/workflows/Steps/CD_DeployResourceGroup.ps1
Просмотреть файл

@ -1,14 +0,0 @@
if($env:AdsOpts_CD_ResourceGroup_Enable -eq "True")
{
Write-Debug "Creating Resource Group"
$groupcreate = az group create --name $env:AdsOpts_CD_ResourceGroup_Name --location $env:AdsOpts_CD_ResourceGroup_Location
}
#Get ResourceGroup Object ID
$id = ((az group show --name $env:AdsOpts_CD_ResourceGroup_Name) | ConvertFrom-Json).id
#Save to Environment File
$environmentfile = $env:AdsOpts_CD_FolderPaths_Environments + "/" + $env:ENVIRONMENT_NAME + ".json"
$envsettings = Get-Content $environmentfile | ConvertFrom-Json
$envsettings.AdsOpts.CD.ResourceGroup.Id = $id
$envsettings | ConvertTo-Json -Depth 10 | set-content $environmentfile

23
solution/Deployment/workflows/Steps/CD_DeployStorageADLS.ps1
Просмотреть файл

@ -1,23 +0,0 @@
Write-Debug " Creating Storage Account (ADLS) For Data Lake"
if($env:AdsOpts_CD_Services_Storage_ADLS_Enable -eq "True")
{
#StorageAccount For Logging
$result = az deployment group create -g $env:AdsOpts_CD_ResourceGroup_Name --template-file ./../arm/Storage_ADLS.json --parameters location=$env:AdsOpts_CD_ResourceGroup_Location storage-account-name=$env:AdsOpts_CD_Services_Storage_ADLS_Name
Write-Debug " Creating Storage Account (ADLS) For Data Lake"
}
else
{
Write-Warning "Skipped Creation of Storage (ADLS) For Data Lake"
}
#Transient Storage Account
if($env:AdsOpts_CD_Services_Storage_ADLSTransient_Enable -eq "True")
{
Write-Debug " Creating Transient Storage Account (ADLS)"
$result = az deployment group create -g $env:AdsOpts_CD_ResourceGroup_Name --template-file ./../arm/Storage_ADLS.json --parameters location=$env:AdsOpts_CD_ResourceGroup_Location storage-account-name=$env:AdsOpts_CD_Services_Storage_ADLSTransient_Name storage-raw-container-name=transient
}
else
{
Write-Warning "Skipped Creation of Transient Storage (ADLS)"
}

11
solution/Deployment/workflows/Steps/CD_DeployStorageBlob.ps1
Просмотреть файл

@ -1,11 +0,0 @@
Write-Debug " Creating Storage Account (Blob) For Data Lake"
if($env:AdsOpts_CD_Services_Storage_Blob_Enable -eq "True")
{
#StorageAccount For Logging
$result = az deployment group create -g $env:AdsOpts_CD_ResourceGroup_Name --template-file ./../arm/Storage_Blob.json --parameters location=$env:AdsOpts_CD_ResourceGroup_Location storage-account-name=$env:AdsOpts_CD_Services_Storage_Blob_Name
Write-Debug " Creating Storage Account (Blob) For Data Lake"
}
else
{
Write-Warning "Skipped Creation of Storage (Blob) For Data Lake"
}

12
solution/Deployment/workflows/Steps/CD_DeployStorageForLogging.ps1
Просмотреть файл

@ -1,12 +0,0 @@
Write-Debug " Creating Storage Account For Logging"
Write-Debug $env:AdsOpts_CD_Services_Storage_Logging_Name
if($env:AdsOpts_CD_Services_Storage_Logging_Enable -eq "True")
{
#StorageAccount For Logging
$result = az deployment group create -g $env:AdsOpts_CD_ResourceGroup_Name --template-file ./../arm/Storage_Logging.json --parameters location=$env:AdsOpts_CD_ResourceGroup_Location storage-log-account-name=$env:AdsOpts_CD_Services_Storage_Logging_Name
Write-Debug " Creating Storage Account For Logging"
}
else
{
Write-Warning "Skipped Creation of Storage Account For Logging"
}

25
solution/Deployment/workflows/Steps/CD_DeployVnet.ps1
Просмотреть файл

@ -1,25 +0,0 @@
#SetServiceName -RootElement "AdsOpts_CD_Services_Vnet"
if($env:AdsOpts_CD_Services_Vnet_Enable -eq "True")
{
Write-Debug " Creating Vnet + Subnets (Bastion, Data, WebApp)"
Write-Debug $env:AdsOpts_CD_Services_Vnet_Name
#vNet
$result = az deployment group create -g $env:AdsOpts_CD_ResourceGroup_Name --template-file ./../arm/Networking.json --parameters location=$env:AdsOpts_CD_ResourceGroup_Location vnet-name=$env:AdsOpts_CD_Services_Vnet_Name vnet-address-prefix=$env:AdsOpts_CD_Services_Vnet_vNetAddressRange `
bastion-subnet-ip-prefix=$env:AdsOpts_CD_Services_Vnet_BastionSubnetAddressRange `
data-subnet-ip-prefix=$env:AdsOpts_CD_Services_Vnet_DataSubnetAddressRange `
webapp-subnet-ip-prefix=$env:AdsOpts_CD_Services_Vnet_WebAppSubnetAddressRange `
funcapp-subnet-ip-prefix=$env:AdsOpts_CD_Services_Vnet_FuncAppSubnetAddressRange `
bastion-host-name=$env:AdsOpts_CD_Services_Bastion_Name `
bastion-subnet-name=$env:AdsOpts_CD_Services_Vnet_BastionSubnetName `
data-subnet-name=$env:AdsOpts_CD_Services_Vnet_DataSubnetName `
webapp-subnet-name=$env:AdsOpts_CD_Services_Vnet_WebAppSubnetName `
funcapp-subnet-name=$env:AdsOpts_CD_Services_Vnet_FuncAppSubnetName
Write-Debug " Creating Vnet"
}
else
{
Write-Warning "Skipped Creation of Vnet"
}

22
solution/Deployment/workflows/Steps/CD_DeployWebSite.ps1
Просмотреть файл

@ -1,22 +0,0 @@
if ($env:AdsOpts_CD_Services_WebSite_Enable -eq "True")
{
if ($env:AdsOpts_CD_Services_AppPlans_WebApp_ResourceGroup -eq $null)
{
$rg = $env:AdsOpts_CD_ResourceGroup_Name
}
else
{
$rg = $env:AdsOpts_CD_Services_AppPlans_WebApp_ResourceGroup
}
$sn = $env:AdsOpts_CD_Services_AppPlans_WebApp_Name
Write-Debug " Deploying Wesite to $sn in resource group $rg"
$result = az deployment group create -g $rg --template-file ./../arm/WebApp.json --parameters resource_group_name=$rg sites_AdsGoFastWebApp_name=$env:AdsOpts_CD_Services_WebSite_Name appservice_name=$sn}
else
{
Write-Warning "Skipped Creation of Web Site"
}

58
solution/Deployment/workflows/Steps/CD_GrantRBAC.ps1
Просмотреть файл

@ -1,58 +0,0 @@
$subid = (az account show -s $env:AdsOpts_CD_ResourceGroup_Subscription | ConvertFrom-Json).id
$basescope = "/subscriptions/$subid/resourceGroups/$env:AdsOpts_CD_ResourceGroup_Name/providers"
$DataFactoryId = az ad sp list --display-name $env:AdsOpts_CD_Services_DataFactory_Name --output tsv --query "[].{id:objectId}"
$AzureFunctionId = ((az webapp identity show --resource-group $env:AdsOpts_CD_ResourceGroup_Name --name $env:AdsOpts_CD_Services_CoreFunctionApp_Name) | ConvertFrom-Json).principalId
$DeploymentSpId = (az ad sp list --filter "displayname eq '$env:AdsOpts_CD_ServicePrincipals_DeploymentSP_Name'" | ConvertFrom-Json).appId
$WebAppID = ((az webapp identity show --resource-group $env:AdsOpts_CD_ResourceGroup_Name --name $env:AdsOpts_CD_Services_WebSite_Name) | ConvertFrom-Json).principalId
$AADUserId = (az ad signed-in-user show | ConvertFrom-Json).objectId
#RBAC Rights
# MSI Access from Azure Function to ADF
$result = az role assignment create --assignee $AzureFunctionId --role "Contributor" --scope "$basescope/Microsoft.DataFactory/factories/$env:AdsOpts_CD_Services_DataFactory_Name"
# Deployment Principal to ADF
$result = az role assignment create --assignee $DeploymentSpId --role "Contributor" --scope "$basescope/Microsoft.DataFactory/factories/$env:AdsOpts_CD_Services_DataFactory_Name"
# MSI Access from Azure Function to ADF Log Analytics
$result = az role assignment create --assignee $AzureFunctionId --role "Contributor" --scope "$basescope/microsoft.operationalinsights/workspaces/$env:AdsOpts_CD_Services_LogAnalytics_Name"
# MSI Access from AF to ADLS Gen2
$result = az role assignment create --assignee $AzureFunctionId --role "Storage Blob Data Contributor" --scope "$basescope/Microsoft.Storage/storageAccounts/$env:AdsOpts_CD_Services_Storage_ADLS_Name"
# MSI Access from AF to Blob Gen2
$result = az role assignment create --assignee $AzureFunctionId --role "Storage Blob Data Contributor" --scope "$basescope/Microsoft.Storage/storageAccounts/$env:AdsOpts_CD_Services_Storage_Blob_Name"
# MSI Access from ADF to ADLS Gen2
$result = az role assignment create --assignee $DataFactoryId --role "Storage Blob Data Contributor" --scope "$basescope/Microsoft.Storage/storageAccounts/$env:AdsOpts_CD_Services_Storage_ADLS_Name"
# MSI Access from ADF to Blob
$result = az role assignment create --assignee $DataFactoryId --role "Storage Blob Data Contributor" --scope "$basescope/Microsoft.Storage/storageAccounts/$env:AdsOpts_CD_Services_Storage_Blob_Name"
# MSI Access from ADF to KeyVault
$result = az keyvault set-policy --name $env:AdsOpts_CD_Services_KeyVault_Name --object-id $DataFactoryId --certificate-permissions get list --key-permissions get list --resource-group $env:AdsOpts_CD_ResourceGroup_Name --secret-permissions get list --subscription $subid
# MSI Access from WebApp to ADLS Gen2
$result = az role assignment create --assignee $WebAppID --role "Storage Blob Data Contributor" --scope "$basescope/Microsoft.Storage/storageAccounts/$env:AdsOpts_CD_Services_Storage_ADLS_Name"
# MSI Access from WebApp to ADF Log Analytics
$result = az role assignment create --assignee $WebAppID --role "Contributor" --scope "$basescope/microsoft.operationalinsights/workspaces/$env:AdsOpts_CD_Services_LogAnalytics_Name"
# MSI Access from WebApp to ADF App Insights
$result = az role assignment create --assignee $WebAppID --role "Contributor" --scope "$basescope/microsoft.insights/components/$env:AdsOpts_CD_Services_AppInsights_Name"
# AAD User Access to ADLS Gen2 - to upload sample data files
$result = az role assignment create --assignee $AADUserId --role "Storage Blob Data Contributor" --scope "$basescope/Microsoft.Storage/storageAccounts/$env:AdsOpts_CD_Services_Storage_ADLS_Name"
$result = az role assignment create --assignee $AADUserId --role "Owner" --scope "$basescope/Microsoft.Storage/storageAccounts/$env:AdsOpts_CD_Services_Storage_ADLS_Name"
#Transient Storage Account
if($env:AdsOpts_CD_Services_Storage_ADLSTransient_Enable -eq "True")
{
Write-Debug " Granting RBAC on Transient Storage Account (ADLS)"
# MSI Access from AF to ADLS Gen2
$result = az role assignment create --assignee $AzureFunctionId --role "Storage Blob Data Contributor" --scope "$basescope/Microsoft.Storage/storageAccounts/$env:AdsOpts_CD_Services_Storage_ADLSTransient_Name"
# MSI Access from ADF to ADLS Gen2
$result = az role assignment create --assignee $DataFactoryId --role "Storage Blob Data Contributor" --scope "$basescope/Microsoft.Storage/storageAccounts/$env:AdsOpts_CD_Services_Storage_ADLSTransient_Name"
# MSI Access from WebApp to ADLS Gen2
$result = az role assignment create --assignee $WebAppID --role "Storage Blob Data Contributor" --scope "$basescope/Microsoft.Storage/storageAccounts/$env:AdsOpts_CD_Services_Storage_ADLSTransient_Name"
}
else
{
Write-Warning "Skipped RBAC on Transient Storage Account (ADLS)"
}

21
solution/Deployment/workflows/Steps/CD_GrantWebAppAccess.ps1
Просмотреть файл

@ -1,21 +0,0 @@
#Description - Run this script per user who require the Web App UI access.
#Note: --id parameter is principal name of the user for which to get information.
$cu = az ad user show --id 'xxxxx@xxxxx.com' | ConvertFrom-Json
#Script from CD_2a_ file
#Web App
$authapp = az ad app show --id "api://$env:AdsOpts_CD_ServicePrincipals_WebAppAuthenticationSP_Name" | ConvertFrom-Json
$callinguser = $cu.objectId
$authappid = $authapp.appId
$permissionid = $authapp.oauth2Permissions.id
$authappobjectid = (az ad sp show --id $authapp.appId | ConvertFrom-Json).objectId
$body = '{"principalId": "@principalid","resourceId":"@resourceId","appRoleId": "@appRoleId"}' | ConvertFrom-Json
$body.resourceId = $authappobjectid
$body.appRoleId = ($authapp.appRoles | Where-Object {$_.value -eq "Administrator" }).id
$body.principalId = $callinguser
$body = ($body | ConvertTo-Json -compress | Out-String).Replace('"','\"')
$result = az rest --method post --uri "https://graph.microsoft.com/v1.0/servicePrincipals/$authappobjectid/appRoleAssignedTo" --headers '{\"Content-Type\":\"application/json\"}' --body $body

37
solution/Deployment/workflows/Steps/CD_SetResourceGroupHash.ps1
Просмотреть файл

@ -1,37 +0,0 @@
function Get-UniqueString ([string]$id, $length=13)
{
$hashArray = (new-object System.Security.Cryptography.SHA512Managed).ComputeHash($id.ToCharArray())
-join ($hashArray[1..$length] | ForEach-Object { [char]($_ % 26 + [byte][char]'a') })
}
Write-Debug "Creating RG Hash"
$ResourceGroupHash = Get-UniqueString ($id=$env:AdsOpts_CD_ResourceGroup_Name+$env:AdsOpts_CD_ResourceGroup_TenantId) #Resource Group Name + TenantId to make hash more unique
Write-Debug $ResourceGroupHash
PersistEnvVariable -Name "AdsOpts_CD_ResourceGroup_Hash" -Value $ResourceGroupHash
Write-Debug "Created RG Hash"
Write-Debug "Setting Service Names"
SetServiceName -RootElement "AdsOpts_CD_Services_AzureSQLServer"
SetServiceName -RootElement "AdsOpts_CD_Services_CoreFunctionApp"
SetServiceName -RootElement "AdsOpts_CD_Services_WebSite"
SetServiceName -RootElement "AdsOpts_CD_Services_AppInsights"
SetServiceName -RootElement "AdsOpts_CD_Services_Storage_Logging"
SetServiceName -RootElement "AdsOpts_CD_Services_Storage_ADLS"
SetServiceName -RootElement "AdsOpts_CD_Services_Storage_ADLSTransient" #Added for Transient Storage
SetServiceName -RootElement "AdsOpts_CD_Services_Storage_Blob"
SetServiceName -RootElement "AdsOpts_CD_Services_DataFactory"
SetServiceName -RootElement "AdsOpts_CD_Services_AppPlans_WebApp"
SetServiceName -RootElement "AdsOpts_CD_Services_AppPlans_FunctionApp"
SetServiceName -RootElement "AdsOpts_CD_Services_LogAnalytics"
SetServiceName -RootElement "AdsOpts_CD_Services_KeyVault"
SetServiceName -RootElement "AdsOpts_CD_ServicePrincipals_DeploymentSP"
SetServiceName -RootElement "AdsOpts_CD_ServicePrincipals_WebAppAuthenticationSP"
SetServiceName -RootElement "AdsOpts_CD_ServicePrincipals_FunctionAppAuthenticationSP"
SetServiceName -RootElement "AdsOpts_CD_Services_Vnet" #Added for enabling vNet Integration
SetServiceName -RootElement "AdsOpts_CD_Services_Bastion" #Added for enabling vNet Integration

14
solution/Deployment/workflows/Steps/CI_BuildAdsGoFastDatabase.ps1
Просмотреть файл

@ -1,14 +0,0 @@
#Move From Workflows to Function App
$CurrentPath = (Get-Location).Path
Set-Location "..\..\Database\ADSGoFastDbUp\AdsGoFastDbUp\"
dotnet restore
dotnet build --configuration Release --output ".\..\..\..\Deployment\bin\publish\unzipped\database\"
#Move back to workflows
Set-Location $CurrentPath
Set-Location "../bin/publish"
$Path = (Get-Location).Path + "/zipped/database"
New-Item -ItemType Directory -Force -Path $Path
$Path = $Path + "/Publish.zip"
Compress-Archive -Path '.\unzipped\database\*' -DestinationPath $Path -force
#Move back to workflows
Set-Location $CurrentPath

22
solution/Deployment/workflows/Steps/CI_BuildDataFactory.ps1
Просмотреть файл

@ -1,22 +0,0 @@
#Move From Workflows to Function App
$CurrentPath = (Get-Location).Path
Set-Location "..\..\DataFactory\ADF\"
if (-Not (Test-Path "..\..\Deployment\bin\publish\unzipped\datafactory\"))
{
New-Item -ItemType Directory -Force -Path "..\..\Deployment\bin\publish\unzipped\datafactory\"
}
Get-ChildItem -Path "..\..\Deployment\bin\publish\unzipped\datafactory\" | Remove-Item -Force -Recurse
Copy-Item -Path ".\*" -Destination "..\..\Deployment\bin\publish\unzipped\datafactory\" -PassThru -Force -Recurse
#Move back to workflows
Set-Location $CurrentPath
Set-Location "..\bin\publish"
$Path = (Get-Location).Path + "\zipped\datafactory"
New-Item -ItemType Directory -Force -Path $Path
$Path = $Path + "\Publish.zip"
Compress-Archive -Path '.\unzipped\datafactory\*' -DestinationPath $Path -force
#Move back to workflows
Set-Location $CurrentPath

14
solution/Deployment/workflows/Steps/CI_BuildFunctionApp.ps1
Просмотреть файл

@ -1,14 +0,0 @@
#Move From Workflows to Function App
$CurrentPath = (Get-Location).Path
Set-Location "..\..\FunctionApp"
dotnet restore
dotnet publish --no-restore --configuration Release --output '..\Deployment\bin\publish\unzipped\functionapp\'
#Move back to workflows
Set-Location $CurrentPath
Set-Location "../bin/publish"
$Path = (Get-Location).Path + "/zipped/functionapp"
New-Item -ItemType Directory -Force -Path $Path
$Path = $Path + "/Publish.zip"
Compress-Archive -Path '.\unzipped\functionapp\*' -DestinationPath $Path -force
#Move back to workflows
Set-Location $CurrentPath

14
solution/Deployment/workflows/Steps/CI_BuildWebApp.ps1
Просмотреть файл

@ -1,14 +0,0 @@
#Move From Workflows to Function App
$CurrentPath = (Get-Location).Path
Set-Location "..\..\WebApplication"
dotnet restore
dotnet publish --no-restore --configuration Release --output '..\Deployment\bin\publish\unzipped\webapplication\'
#Move back to workflows
Set-Location $CurrentPath
Set-Location "../bin/publish"
$Path = (Get-Location).Path + "/zipped/webapplication"
New-Item -ItemType Directory -Force -Path $Path
$Path = $Path + "/Publish.zip"
Compress-Archive -Path '.\unzipped\webapplication\*' -DestinationPath $Path -force
#Move back to workflows
Set-Location $CurrentPath

100
solution/Deployment/workflows/Steps/PushEnvFileIntoVariables.ps1
Просмотреть файл

@ -1,100 +0,0 @@
function SetServiceName($RootElement)
{
$PostFixHash = [Environment]::GetEnvironmentVariable(($RootElement + "_ApplyNamePostFix"))
$Value = [Environment]::GetEnvironmentVariable(($RootElement + "_Name"))
if ($PostFixHash -eq "True")
{
$Value = $Value + $env:AdsOpts_CD_ResourceGroup_Hash
}
PersistEnvVariable -Name ($RootElement + "_Name") -Value $Value
}
function PersistEnvVariable($Name, $Value)
{
Write-Debug "Writing $Name to env file"
echo "$Name=$Value" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
#Also Push Variables to the Session Env Variables for local testing
[Environment]::SetEnvironmentVariable($Name, "$Value")
}
function ParseEnvFragment([object]$Json, [string]$NamePrefix)
{
#$Json
foreach($p in ($Json.psobject.properties.where({$_.MemberType -eq "NoteProperty"})))
{
$Name = $p.Name
Write-Debug "Parsing $($Name)"
if($NamePrefix -ne "")
{
Write-Debug "Prefix is $NamePrefix"
$Name = $NamePrefix + "_" + $p.Name
}
$Value = $p.Value
if($p.TypeNameOfValue -ne "System.Management.Automation.PSCustomObject")
{
PersistEnvVariable -Name $Name -Value $Value
##Push Variables to the GitHub Actions Compatible Store
#Write-Debug "Writing $Name to env file"
#Write-Debug $p.TypeNameOfValue
#echo "$Name=$Value" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append
##Also Push Variables to the Session Env Variables for local testing
#[Environment]::SetEnvironmentVariable($Name, "$Value")
}
else {
Write-Debug "Further Parsing of $Name required"
$JsonString = $p.Value #| ConvertTo-Json
ParseEnvFragment -Json $JsonString -NamePrefix $Name
}
}
}
function ParseEnvFile ($EnvFile)
{
if ($null -eq $Env:GITHUB_ENV)
{
[Environment]::SetEnvironmentVariable("GITHUB_ENV","..\bin\GitEnv.txt")
$FileNameOnly = Split-Path $env:GITHUB_ENV -leaf
$PathOnly = Split-Path $env:GITHUB_ENV
if ((Test-Path $env:GITHUB_ENV))
{
# Remove-Item -Path $env:GITHUB_ENV
}
else
{
New-Item -Path $PathOnly -Name $FileNameOnly -type "file" -value ""
}
}
$Json = Get-Content -Path "..\environments\$($EnvFile).json" | ConvertFrom-Json
#$JsonForSchemaValidation = $Json | ConvertTo-Json -Depth 100
#$schema = Get-Content "..\environments\environment.schema.json"
#$schema = ($schema | ConvertFrom-Json | ConvertTo-Json -depth 100)
#$SchemaValidation = $JsonForSchemaValidation | Test-Json -Schema $schema
#if($SchemaValidation -eq $false)
#{
# Write-Warning "..\environments\$($EnvFile).json does not adhere to environment.schema.json!"
#}
ParseEnvFragment -Json $Json -NamePrefix ""
}
function ParseSecretsFile ()
{
$path = "..\bin\Secrets.json"
$test = (Test-Path -Path $path)
if($test -eq $true)
{
$Json = Get-Content -Path $path | ConvertFrom-Json
ParseEnvFragment -Json $Json -NamePrefix "secrets"
}
}

Некоторые файлы не были показаны из-за слишком большого количества измененных файлов Показать больше