Resolve transient failure with creating Service Principals in MAG (#122)

* - Added code to account for SP transient error * - Added max wait for SP and messages * - Added wait login for SP objecut ID as well * - Fixed sample path in Azure Installation steps * - Removed trailing " setup_ezdeploy.sh cmd line example * - Modified loop logic * - Modified script example for clarity * - Updated loop logic for Service Principal creation * - Moved loop logic to function * - Added missing $ for variable usage Co-authored-by: Brooke Hamilton <[email protected]>
Azure · Apr 7, 2021 · b528d42 · b528d42
1 parent 7e3cf17
commit b528d42
Show file tree

Hide file tree

Showing 2 changed files with 67 additions and 4 deletions.
diff --git a/src/docs/ui-deployment.md b/src/docs/ui-deployment.md
@@ -27,6 +27,19 @@ This process will build the user interface container image on your workstation u
 Log in using the Azure CLI
 
 ```BASH
+chmod u+x ./scripts/setup_ezdeploy.sh
+./scripts/setup_ezdeploy.sh \
+    -d build \
+    -s <subscription_id> \
+    -t <tenant_id> \
+    -l <location> \
+    -e <tf_env_name> \
+    -m <mlz_env_name> \
+    -p port \
+    -0 <saca_subscription_id> \
+    -1 <tier0_subscription_id> \
+    -2 <tier1_subscription_id> \
+    -3 <tier2_subscription_id>
 az login
 ```
 

diff --git a/src/scripts/config/mlz_config_create.sh b/src/scripts/config/mlz_config_create.sh
@@ -20,6 +20,46 @@ usage() {
   error_log "usage: mlz_config_create.sh <mlz config>"
 }
 
+sp_exists () {
+
+    sp_name=$1
+    sp_property=$2
+
+    sp_query="az ad sp show \
+        --id http://${sp_name} \
+        --query ${sp_property}"
+
+    if ! $sp_query &> /dev/null; then
+
+        sleep_time_in_seconds=10
+        max_wait_in_minutes=3
+        max_wait_in_seconds=180
+        max_retries=$((max_wait_in_seconds/sleep_time_in_seconds))
+
+        echo "Maximum time to wait in seconds = ${max_wait_in_seconds}"
+        echo "Maximum number of retries = ${max_retries}"
+
+        count=1
+
+        while ! $sp_query &> /dev/null
+        do
+
+            echo "Waiting for Service Principal ${sp_property} to complete provisioning (${count}/${max_retries})"
+            echo "Trying again in ${sleep_time_in_seconds} seconds..."
+            sleep "${sleep_time_in_seconds}"
+
+            if [[ ${count} -eq max_retries ]]; then
+                echo "Provisioning the Service Principal ${sp_property} has exceeded ${max_wait_in_minutes} minutes. Investigate and re-run script."
+                exit 1
+            fi
+
+            count=$((count +1))
+
+        done
+    fi
+
+}
+
 if [[ "$#" -lt 1 ]]; then
    usage
    exit 1
@@ -70,12 +110,22 @@ if [[ -z $(az ad sp list --filter "displayName eq '${mlz_sp_name}'" --query "[].
         --output tsv)
 
     # Get Service Principal AppId
+    # Added the sleep below to accomodate for the transient behavior where the Service Principal creation
+    # is complete but an immediate query for it will fail. The sleep loop will run for 3 minutes and then
+    # the script will exit due to a platform problem
+    sp_exists "${mlz_sp_name}" "appId"
+
     sp_clientid=$(az ad sp show \
-        --id "http://${mlz_sp_name}" \
-        --query appId \
-        --output tsv)
+    --id "http://${mlz_sp_name}" \
+    --query appId \
+    --output tsv)
+
+    # Get Service Principal ObjectId
+    # Added the sleep below to accomodate for the transient behavior where the Service Principal creation
+    # is complete but an immediate query for it will fail. The sleep loop will run for 3 minutes and then
+    # the script will exit due to a platform problem
+    sp_exists "${mlz_sp_name}" "objectId"
 
-        # Get Service Principal ObjectId
     sp_objid=$(az ad sp show \
         --id "http://${mlz_sp_name}" \
         --query objectId \