From 64ca89b6d958e6cde1028eb6227cc63689261d53 Mon Sep 17 00:00:00 2001
From: Glenn Musa <4622125+glennmusa@users.noreply.github.com>
Date: Thu, 1 Apr 2021 07:04:35 -0400
Subject: [PATCH] use arguments for build scripts (#141)

---
 .github/workflows/README.md                   |  1 +
 .../workflows/apply-and-destroy-terraform.yml |  4 ++--
 src/build/get_vars.sh                         | 24 ++++++++++++++++---
 src/build/login_azcli.sh                      | 18 ++++++--------
 4 files changed, 31 insertions(+), 16 deletions(-)

diff --git a/.github/workflows/README.md b/.github/workflows/README.md
index a86aca024..8e1aa795b 100644
--- a/.github/workflows/README.md
+++ b/.github/workflows/README.md
@@ -75,6 +75,7 @@ For more on workflows: <https://docs.github.com/en/actions/reference/workflow-sy
 
     Secret Name | Value
     ------------ | -------------
+    MLZTENANTID | The Tenant to deploy MLZ into
     MLZCLIENTID | The Service Principal Authorized to deploy resources into MLZ Terraform Subscriptions
     MLZCLIENTSECRET | The credential for the Service Principal above
     STORAGEACCOUNT | The Azure Storage Account for the files in the previous step
diff --git a/.github/workflows/apply-and-destroy-terraform.yml b/.github/workflows/apply-and-destroy-terraform.yml
index 3ac41451d..231beac49 100644
--- a/.github/workflows/apply-and-destroy-terraform.yml
+++ b/.github/workflows/apply-and-destroy-terraform.yml
@@ -28,12 +28,12 @@ jobs:
     - name: get vars
       run : |
         cd src/build
-        ./get_vars.sh
+        ./get_vars.sh "$STORAGEACCOUNT" "$STORAGETOKEN" "$STORAGECONTAINER"
 
     - name: login
       run : |
         cd src/build
-        ./login_azcli.sh vars/mlz_tf_cfg.var
+        ./login_azcli.sh "$MLZTENANTID" "$MLZCLIENTID" "$MLZCLIENTSECRET"
 
     - name: apply terraform
       run : |
diff --git a/src/build/get_vars.sh b/src/build/get_vars.sh
index 554800238..c4b40f91e 100755
--- a/src/build/get_vars.sh
+++ b/src/build/get_vars.sh
@@ -7,15 +7,33 @@
 
 set -e
 
+error_log() {
+  echo "${1}" 1>&2;
+}
+
+usage() {
+  echo "get_vars.sh: login using known Service Principal credentials into a given tenant"
+  error_log "usage: get_vars.sh.sh <storage account name> <storage account token> <storage account container>"
+}
+
+if [[ "$#" -lt 3 ]]; then
+   usage
+   exit 1
+fi
+
+sa_name=$1
+sa_token=$2
+sa_container=$3
+
 # create some place to hold the configuration and TF vars
 rm -rf "vars"
 mkdir "vars"
 
 # download everything in the container to that place
 az storage blob download-batch \
-  --account-name "${STORAGEACCOUNT}" \
-  --sas-token "${STORAGETOKEN}" \
-  --source "${STORAGECONTAINER}" \
+  --account-name "${sa_name}" \
+  --sas-token "${sa_token}" \
+  --source "${sa_container}" \
   --pattern "*" \
   --destination "vars" \
   --output "none" \
diff --git a/src/build/login_azcli.sh b/src/build/login_azcli.sh
index 4db4084bc..d5cc606aa 100755
--- a/src/build/login_azcli.sh
+++ b/src/build/login_azcli.sh
@@ -16,27 +16,23 @@ error_log() {
 }
 
 usage() {
-  echo "login_azcli.sh: Get the tenant ID from some MLZ configuration file and login using known Service Principal credentials"
-  error_log "usage: login_azcli.sh <mlz config> <SP_ID> <SP_PW>"
+  echo "login_azcli.sh: login using known Service Principal credentials into a given tenant"
+  error_log "usage: login_azcli.sh <tenant ID> <service principal ID> <service principal password>"
 }
 
-if [[ "$#" -lt 1 ]]; then
+if [[ "$#" -lt 3 ]]; then
    usage
    exit 1
 fi
 
-mlz_config=$1
-
-# source the variables from MLZ config
-source "${mlz_config}"
-
-sp_id=${2:-$MLZCLIENTID}
-sp_pw=${3:-$MLZCLIENTSECRET}
+tenant_id=$1
+sp_id=$2
+sp_pw=$3
 
 # login with known credentials
 az login --service-principal \
   --user "${sp_id}" \
   --password="${sp_pw}" \
-  --tenant "${mlz_tenantid}" \
+  --tenant "${tenant_id}" \
   --allow-no-subscriptions \
   --output json