From 92e99f72b1175dce0a8556fedd82b6e28436ca0c Mon Sep 17 00:00:00 2001 From: Gordon Byers Date: Thu, 11 Nov 2021 08:04:46 +0000 Subject: [PATCH 1/6] Update ByoVnetCI.yml --- .github/workflows/ByoVnetCI.yml | 85 +++++++++++++-------------------- 1 file changed, 32 insertions(+), 53 deletions(-) diff --git a/.github/workflows/ByoVnetCI.yml b/.github/workflows/ByoVnetCI.yml index e352ca8c3..82079468f 100644 --- a/.github/workflows/ByoVnetCI.yml +++ b/.github/workflows/ByoVnetCI.yml @@ -42,7 +42,7 @@ on: concurrency: ci-${{ github.ref }} env: - AZCLIVERSION: 2.29.2 #2.26.0 #latest + AZCLIVERSION: 2.30.0 #2.29.2 #2.26.0 #latest RG: "Automation-Actions-AksDeployCI" ParamFilePath: ".github/workflows_dep/AksDeploy-ByoVnet.parameters.json" RESNAME: "Byo" @@ -222,9 +222,9 @@ jobs: - name: What If (GA edge Az cli version) (has issues) uses: Azure/cli@1.0.4 id: edgeWhatIf - continue-on-error: true + continue-on-error: true #Setting to true due to bug in the AzureCLI https://github.com/Azure/azure-cli/issues/19850 with: - azcliversion: latest #${{ env.AZCLIVERSION }} + azcliversion: ${{ env.AZCLIVERSION }} #latest inlineScript: | RG='${{ env.RG }}' RESNAME='${{ env.RESNAME }}' @@ -245,30 +245,6 @@ jobs: echo "::set-output name=edgeSuccess::true" - - name: What If (AZ CLI 2.26.0) - uses: Azure/cli@1.0.4 - if: steps.edgeWhatIf.outputs.edgeSuccess != 'true' - with: - azcliversion: 2.26.0 - inlineScript: | - RG='${{ env.RG }}' - RESNAME='${{ env.RESNAME }}' - DEPNAME='${{ env.DEPNAME }}' - WHATIFPATH='whatif.json' - EdgeWhatIfPassed='${{ steps.edgeWhatIf.outputs.edgeSuccess}}' - PARAMS='${{ steps.imperitiveparams.outputs.PARAMOVERRIDES}}' - - #az deployment group what-if --debug -f bicep/main.bicep -g $RG -p ${{ env.ParamFilePath }} -p resourceName=$RESNAME byoAKSSubnetId=${{ secrets.ByoAksSubnetId }} byoAGWSubnetId=${{ secrets.ByoAgwSubnetId }} - - az deployment group what-if --no-pretty-print -f bicep/main.bicep -g $RG -p ${{ env.ParamFilePath }} -p $PARAMS > $WHATIFPATH - - if [[ -f $WHATIFPATH ]] - then - echo "The WhatIf json file was created" - fi - - cat $WHATIFPATH - - name: What If Analysis Output - Parse output if: github.event.inputs.doVerifySteps != 'no' shell: pwsh @@ -300,33 +276,36 @@ jobs: #This is a current gap in the What-If analysis. $whatifpath='whatif.json' - $paramFilePath="${{ env.ParamFilePath }}" - $paramFileContent=Get-Content $paramFilePath - $params=$paramFileContent|ConvertFrom-Json - - if($params.parameters.createKV.value -eq $true) { - Write-Output "Checking for already existing soft deleted KV" - - #lets do this properly and interrogate the whatif file for the KVNAME - $whatIf = Get-Content $whatifpath | ConvertFrom-Json - $kvafter = $whatif.changes | where-object {$_.after.type -eq 'Microsoft.KeyVault/vaults'} | where {$_.changeType -ne 'Ignore'} | select after - $vaultname = $kvafter.after.name - - write-output "Looking for KeyVault $vaultname" - Get-AzKeyVault -InRemovedState | ft - - $deletedKv = Get-AzKeyVault -InRemovedState | where-object {$_.vaultname -eq $vaultname} - - if($deletedKv.length -eq 0) { - Write-Output "All is good, soft deleted KV not found in soft deleted list." - } - else { - Write-Output "Soft deleted KV output" - Write-Output $deletedKv.length - Write-Output $deletedKv + $whatifexists=Test-Path -path $whatifpath - - Write-Error "Existing soft deleted Key Vault ($vaultName) Found - Cannot proceed, as deployment will fail" + if ($whatifexists) { + $paramFilePath="${{ env.ParamFilePath }}" + $paramFileContent=Get-Content $paramFilePath + $params=$paramFileContent|ConvertFrom-Json + + if($params.parameters.createKV.value -eq $true) { + Write-Output "Checking for already existing soft deleted KV" + + #lets do this properly and interrogate the whatif file for the KVNAME + $whatIf = Get-Content $whatifpath | ConvertFrom-Json + $kvafter = $whatif.changes | where-object {$_.after.type -eq 'Microsoft.KeyVault/vaults'} | where {$_.changeType -ne 'Ignore'} | select after + $vaultname = $kvafter.after.name + + write-output "Looking for KeyVault $vaultname" + Get-AzKeyVault -InRemovedState | ft + + $deletedKv = Get-AzKeyVault -InRemovedState | where-object {$_.vaultname -eq $vaultname} + + if($deletedKv.length -eq 0) { + Write-Output "All is good, soft deleted KV not found in soft deleted list." + } + else { + Write-Output "Soft deleted KV output" + Write-Output $deletedKv.length + Write-Output $deletedKv + + Write-Error "Existing soft deleted Key Vault ($vaultName) Found - Cannot proceed, as deployment will fail" + } } } From 7eb112957f7724f0c7848b5e3c1d8715376bf442 Mon Sep 17 00:00:00 2001 From: Gordon Byers Date: Thu, 11 Nov 2021 08:16:55 +0000 Subject: [PATCH 2/6] Update ByoVnetCI.yml --- .github/workflows/ByoVnetCI.yml | 66 +++++++++++++++++++-------------- 1 file changed, 38 insertions(+), 28 deletions(-) diff --git a/.github/workflows/ByoVnetCI.yml b/.github/workflows/ByoVnetCI.yml index 82079468f..df0e99922 100644 --- a/.github/workflows/ByoVnetCI.yml +++ b/.github/workflows/ByoVnetCI.yml @@ -261,7 +261,12 @@ jobs: $whatIf=$jsonFileRaw | ConvertFrom-Json - Write-Output $whatif.changes[0].after.type + if ($null -eq $whatIf) { + Write-Output "What If results are null" + #We might want to throw an error here, after the whatif bug gets fixed https://github.com/Azure/azure-cli/issues/19850 + } else { + Write-Output $whatif.changes[0].after.type + } } - name: What If Analysis Output - Pester Testing @@ -275,36 +280,41 @@ jobs: run: | #This is a current gap in the What-If analysis. $whatifpath='whatif.json' - $whatifexists=Test-Path -path $whatifpath if ($whatifexists) { - $paramFilePath="${{ env.ParamFilePath }}" - $paramFileContent=Get-Content $paramFilePath - $params=$paramFileContent|ConvertFrom-Json - - if($params.parameters.createKV.value -eq $true) { - Write-Output "Checking for already existing soft deleted KV" - - #lets do this properly and interrogate the whatif file for the KVNAME - $whatIf = Get-Content $whatifpath | ConvertFrom-Json - $kvafter = $whatif.changes | where-object {$_.after.type -eq 'Microsoft.KeyVault/vaults'} | where {$_.changeType -ne 'Ignore'} | select after - $vaultname = $kvafter.after.name - - write-output "Looking for KeyVault $vaultname" - Get-AzKeyVault -InRemovedState | ft - - $deletedKv = Get-AzKeyVault -InRemovedState | where-object {$_.vaultname -eq $vaultname} - - if($deletedKv.length -eq 0) { - Write-Output "All is good, soft deleted KV not found in soft deleted list." - } - else { - Write-Output "Soft deleted KV output" - Write-Output $deletedKv.length - Write-Output $deletedKv - - Write-Error "Existing soft deleted Key Vault ($vaultName) Found - Cannot proceed, as deployment will fail" + $whatIf = Get-Content $whatifpath | ConvertFrom-Json + + if ($null -eq $whatIf) { + Write-Output "What If results are null" + #We might want to throw an error here, after the whatif bug gets fixed https://github.com/Azure/azure-cli/issues/19850 + } else { + $paramFilePath="${{ env.ParamFilePath }}" + $paramFileContent=Get-Content $paramFilePath + $params=$paramFileContent|ConvertFrom-Json + + if($params.parameters.createKV.value -eq $true) { + Write-Output "Checking for already existing soft deleted KV" + + #lets do this properly and interrogate the whatif file for the KVNAME + $kvafter = $whatif.changes | where-object {$_.after.type -eq 'Microsoft.KeyVault/vaults'} | where {$_.changeType -ne 'Ignore'} | select after + $vaultname = $kvafter.after.name + + write-output "Looking for KeyVault $vaultname" + Get-AzKeyVault -InRemovedState | ft + + $deletedKv = Get-AzKeyVault -InRemovedState | where-object {$_.vaultname -eq $vaultname} + + if($deletedKv.length -eq 0) { + Write-Output "All is good, soft deleted KV not found in soft deleted list." + } + else { + Write-Output "Soft deleted KV output" + Write-Output $deletedKv.length + Write-Output $deletedKv + + Write-Error "Existing soft deleted Key Vault ($vaultName) Found - Cannot proceed, as deployment will fail" + } } } } From 8287181bb886bd36946f31e992fa6b9a381156dc Mon Sep 17 00:00:00 2001 From: Gordon Byers Date: Thu, 11 Nov 2021 08:37:33 +0000 Subject: [PATCH 3/6] Update ByoVnetCI.yml --- .github/workflows/ByoVnetCI.yml | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/.github/workflows/ByoVnetCI.yml b/.github/workflows/ByoVnetCI.yml index df0e99922..3cdbc3be4 100644 --- a/.github/workflows/ByoVnetCI.yml +++ b/.github/workflows/ByoVnetCI.yml @@ -245,6 +245,28 @@ jobs: echo "::set-output name=edgeSuccess::true" + - name: What If (workaround task) + uses: Azure/cli@1.0.4 + continue-on-error: true #Setting to true due to bug in the AzureCLI https://github.com/Azure/azure-cli/issues/19850 + if: steps.edgeWhatIf.outputs.edgeSuccess != 'true' + with: + azcliversion: 2.26.0 + inlineScript: | + RG='${{ env.RG }}' + RESNAME='${{ env.RESNAME }}' + DEPNAME='${{ env.DEPNAME }}' + WHATIFPATH='whatif.json' + PARAMS='${{ steps.imperitiveparams.outputs.PARAMOVERRIDES}}' + + az deployment group what-if --no-pretty-print -f bicep/main.bicep -g $RG -p ${{ env.ParamFilePath }} -p $PARAMS > $WHATIFPATH + + if [[ -f $WHATIFPATH ]] + then + echo "The WhatIf json file was created" + fi + + cat $WHATIFPATH + - name: What If Analysis Output - Parse output if: github.event.inputs.doVerifySteps != 'no' shell: pwsh From 3dee087dffef9beefe6d4b69381f4b9a58285f76 Mon Sep 17 00:00:00 2001 From: Gordon Byers Date: Thu, 11 Nov 2021 11:02:57 +0000 Subject: [PATCH 4/6] Update ByoVnetCI.yml --- .github/workflows/ByoVnetCI.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ByoVnetCI.yml b/.github/workflows/ByoVnetCI.yml index 3cdbc3be4..7c41c23e1 100644 --- a/.github/workflows/ByoVnetCI.yml +++ b/.github/workflows/ByoVnetCI.yml @@ -860,7 +860,7 @@ jobs: EMAILAD: "gdogg@microsoft.com" run: | echo "Email Address for Lets Encrypt: $EMAILAD" - helm upgrade --install smokecertissuer ./helmcharts/samples/certmanager --set email=$EMAILAD + helm upgrade --install smokecertissuer ./helmcharts/samples/certmanagerissuer --set email=$EMAILAD - name: Verify ClusterIssuer if: github.event.inputs.doVerifySteps != 'no' From 9c7ff27b2a89ef76aeec9a03e59a46d271e20b07 Mon Sep 17 00:00:00 2001 From: Gordon Byers Date: Thu, 11 Nov 2021 14:24:46 +0000 Subject: [PATCH 5/6] updating to az cli 2.30.0 --- .github/workflows/StandardCI.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/StandardCI.yml b/.github/workflows/StandardCI.yml index 9b310d0ec..737cc1b29 100644 --- a/.github/workflows/StandardCI.yml +++ b/.github/workflows/StandardCI.yml @@ -28,7 +28,7 @@ env: ParamFilePath: ".github/workflows_dep/AksDeploy-Basic.parameters.json" #Path to parameter file RESNAME: "AksStan" #Used in Azure Resource Naming, overrides the default in the parameter file DEPNAME: "Dep${{ github.run_number }}" #Deployment Name - AZCLIVERSION: 2.29.2 #Pinning to a specific AZ CLI version + AZCLIVERSION: 2.30.0 #Pinning to a specific AZ CLI version jobs: Validation: From 7177a5baa59c2e74b5a04e3dfd4a9c6a223397a6 Mon Sep 17 00:00:00 2001 From: Gordon Byers Date: Thu, 11 Nov 2021 14:40:03 +0000 Subject: [PATCH 6/6] updating to 2.30.0 --- .github/workflows/ByoVnetPrivateCI.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ByoVnetPrivateCI.yml b/.github/workflows/ByoVnetPrivateCI.yml index b3ebda422..089f807c3 100644 --- a/.github/workflows/ByoVnetPrivateCI.yml +++ b/.github/workflows/ByoVnetPrivateCI.yml @@ -24,7 +24,7 @@ env: ParamFilePath: ".github/workflows_dep/AksDeploy-ByoVnetPrivate.parameters.json" RESNAME: 'AksPriv' DEPNAME: 'DepPriv${{ github.run_number }}' - AZCLIVERSION: 2.29.2 #Pinning to a specific AZ CLI version + AZCLIVERSION: 2.30.0 #Pinning to a specific AZ CLI version concurrency: ci-${{ github.ref }}