diff --git a/pom.xml b/pom.xml
index bd0daaf..0375054 100644
--- a/pom.xml
+++ b/pom.xml
@@ -21,7 +21,7 @@
com.ibm.websphere.azure
azure.liberty.aro
- 1.0.53
+ 1.0.54
com.microsoft.azure.iaas
diff --git a/src/main/arm/mainTemplate.json b/src/main/arm/mainTemplate.json
index e9ae0da..82815f2 100644
--- a/src/main/arm/mainTemplate.json
+++ b/src/main/arm/mainTemplate.json
@@ -174,7 +174,8 @@
"name_clusterVNetName": "[concat('vnet', variables('const_suffix'))]",
"name_deploymentScriptName": "[concat('aroscript', variables('const_suffix'))]",
"name_preflightDSName": "[concat('preflight', variables('const_suffix'))]",
- "name_roleAssignmentName": "[guid(format('{0}{1}Role assignment in group{0}', resourceGroup().id, variables('ref_identityId')))]",
+ "name_roleAssignmentName": "[guid(format('{0}{1}Role assignment in group{0}', resourceGroup().name, variables('ref_identityId')))]",
+ "name_roleAssignmentToCluserRGName": "[guid(format('{0}{1}Role assignment in group{0}', variables('const_clusterRGName'), variables('ref_identityId')))]",
"ref_identityId": "[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', variables('const_identityName'))]"
},
"resources": [
@@ -225,13 +226,68 @@
"principalType": "ServicePrincipal"
}
},
+ {
+ "condition": "[not(parameters('createCluster'))]",
+ "type": "Microsoft.Resources/deployments",
+ "apiVersion": "${azure.apiVersion.deployments}",
+ "name": "[variables('name_roleAssignmentToCluserRGName')]",
+ "resourceGroup": "[variables('const_clusterRGName')]",
+ "dependsOn": [
+ "[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', variables('const_identityName'))]"
+ ],
+ "properties": {
+ "expressionEvaluationOptions": {
+ "scope": "inner"
+ },
+ "mode": "Incremental",
+ "template": {
+ "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
+ "contentVersion": "1.0.0.0",
+ "parameters": {
+ "roleAssignmentName": {
+ "type": "string"
+ },
+ "contributorRole": {
+ "type": "string"
+ },
+ "principalId": {
+ "type": "string"
+ }
+ },
+ "resources": [
+ {
+ "type": "Microsoft.Authorization/roleAssignments",
+ "apiVersion": "${azure.apiVersion.roleAssignment}",
+ "name": "[parameters('roleAssignmentName')]",
+ "properties": {
+ "roleDefinitionId": "[parameters('contributorRole')]",
+ "principalId": "[parameters('principalId')]",
+ "principalType": "ServicePrincipal"
+ }
+ }
+ ]
+ },
+ "parameters": {
+ "roleAssignmentName": {
+ "value": "[variables('name_roleAssignmentToCluserRGName')]"
+ },
+ "contributorRole": {
+ "value": "[variables('const_contribRole')]"
+ },
+ "principalId": {
+ "value": "[reference(variables('ref_identityId')).principalId]"
+ }
+ }
+ }
+ },
{
"type": "Microsoft.Resources/deploymentScripts",
"apiVersion": "${azure.apiVersion.deploymentScript}",
"name": "[variables('name_preflightDSName')]",
"location": "[parameters('location')]",
"dependsOn": [
- "[resourceId('Microsoft.Authorization/roleAssignments', variables('name_roleAssignmentName'))]"
+ "[resourceId('Microsoft.Authorization/roleAssignments', variables('name_roleAssignmentName'))]",
+ "[resourceId(variables('const_clusterRGName'), 'Microsoft.Resources/deployments', variables('name_roleAssignmentToCluserRGName'))]"
],
"kind": "AzureCLI",
"identity": {
@@ -244,6 +300,10 @@
"AzCliVersion": "2.41.0",
"primaryScriptUri": "[uri(variables('const_scriptLocation'), concat('preflight.sh', parameters('_artifactsLocationSasToken')))]",
"environmentVariables": [
+ {
+ "name": "CREATE_CLUSTER",
+ "value": "[parameters('createCluster')]"
+ },
{
"name": "AAD_CLIENT_ID",
"value": "[parameters('aadClientId')]"
diff --git a/src/main/scripts/preflight.sh b/src/main/scripts/preflight.sh
index addb2a8..e79eb32 100644
--- a/src/main/scripts/preflight.sh
+++ b/src/main/scripts/preflight.sh
@@ -17,12 +17,14 @@
set -Eeuo pipefail
-# Fail fast the deployment if object Id of the service principal is empty
-if [[ -z "$AAD_OBJECT_ID" ]]; then
- echo "The object Id of the service principal you just created is not successfully retrieved, please retry another deployment using its client id ${AAD_CLIENT_ID}." >&2
- exit 1
-fi
+if [[ "${CREATE_CLUSTER,,}" == "true" ]]; then
+ # Fail fast the deployment if object Id of the service principal is empty
+ if [[ -z "$AAD_OBJECT_ID" ]]; then
+ echo "The object Id of the service principal you just created is not successfully retrieved, please retry another deployment using its client id ${AAD_CLIENT_ID}." >&2
+ exit 1
+ fi
-# Wait 30s for service principal available after creation
-# See https://github.com/WASdev/azure.liberty.aro/issues/59 & https://github.com/WASdev/azure.liberty.aro/issues/79
-sleep 30
+ # Wait 30s for service principal available after creation
+ # See https://github.com/WASdev/azure.liberty.aro/issues/59 & https://github.com/WASdev/azure.liberty.aro/issues/79
+ sleep 30
+fi