Skip to content

Commit

Permalink
- Added posibility to run without service principal
Browse files Browse the repository at this point in the history
  • Loading branch information
seriva committed Aug 7, 2019
1 parent 7536252 commit 9816f51
Show file tree
Hide file tree
Showing 4 changed files with 27 additions and 21 deletions.
8 changes: 5 additions & 3 deletions core/src/epicli/cli/engine/TerraformCommand.py
Original file line number Diff line number Diff line change
Expand Up @@ -39,11 +39,13 @@ def run(self, command, env, auto_approve=False):

self.logger.info('Running: "' + ' '.join(cmd) + '"')

cmd = ' '.join(cmd)

logpipe = LogPipe(__name__)
with subprocess.Popen(cmd, stdout=logpipe, stderr=logpipe, env=env) as sp:
with subprocess.Popen(cmd, stdout=logpipe, stderr=logpipe, env=env, shell=True) as sp:
logpipe.close()

if sp.returncode != 0:
raise Exception('Error running: "' + ' '.join(cmd) + '"')
raise Exception('Error running: "' + cmd + '"')
else:
self.logger.info('Done running "' + ' '.join(cmd) + '"')
self.logger.info('Done running "' + cmd + '"')
34 changes: 18 additions & 16 deletions core/src/epicli/cli/engine/TerraformRunner.py
Original file line number Diff line number Diff line change
Expand Up @@ -20,24 +20,26 @@ def __enter__(self):

def run(self):
new_env = os.environ.copy()
self.terraform.init(env=new_env)

#if the provider is Azure we need to login and setup service principle.
if self.cluster_model.provider == 'azure':
subscription_id = self.azure_cli.login(self.cluster_model.specification.cloud.subscription_name)
sp_file = os.path.join(get_terraform_path(self.cluster_model.specification.name), SP_FILE_NAME)
if not os.path.exists(sp_file):
self.logger.info('Creating service principle')
sp = self.azure_cli.create_sp(self.cluster_model.specification.cloud.resource_group_name, subscription_id)
save_sp(sp, self.cluster_model.specification.name)
else:
self.logger.info('Using service principle from file')
sp = load_yaml_file(sp_file)

#Setup environment variables for Terraform when working with Azure.
new_env['ARM_SUBSCRIPTION_ID'] = subscription_id
new_env['ARM_CLIENT_ID'] = sp['appId']
new_env['ARM_CLIENT_SECRET'] = sp['password']
new_env['ARM_TENANT_ID'] = sp['tenant']
subscription = self.azure_cli.login(self.cluster_model.specification.cloud.subscription_name)

if self.cluster_model.specification.cloud.use_service_principle:
sp_file = os.path.join(get_terraform_path(self.cluster_model.specification.name), SP_FILE_NAME)
if not os.path.exists(sp_file):
self.logger.info('Creating service principle')
sp = self.azure_cli.create_sp(self.cluster_model.specification.cloud.resource_group_name, subscription['id'])
save_sp(sp, self.cluster_model.specification.name)
else:
self.logger.info('Using service principle from file')
sp = load_yaml_file(sp_file)

#Setup environment variables for Terraform when working with Azure.
new_env['ARM_SUBSCRIPTION_ID'] = subscription['id']
new_env['ARM_TENANT_ID'] = sp['tenant']
new_env['ARM_CLIENT_ID'] = sp['appId']
new_env['ARM_CLIENT_SECRET'] = sp['password']

self.terraform.init(env=new_env)
self.terraform.apply(auto_approve=True, env=new_env)
4 changes: 2 additions & 2 deletions core/src/epicli/cli/engine/azure/AzureCommand.py
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ def login(self, subscription_name):
if subscription is None:
raise Exception(f'User does not have access to subscription: "{subscription_name}"')
self.run(self, f'az account set --subscription {subscription["id"]}')
return subscription['id']
return subscription

def create_sp(self, app_name, subscription_id):
#TODO: make role configurable?
Expand All @@ -35,7 +35,7 @@ def run(self, cmd):
with Popen(cmd, stdout=PIPE, stderr=logpipe, shell=True) as sp:
logpipe.close()
try:
data = sp.stdout.read().decode("utf-8")
data = sp.stdout.read().decode('utf-8')
data = re.sub(r'\s+', '', data)
data = re.sub(r'(\x9B|\x1B\[)[0-?]*[ -\/]*[@-~]', '', data)
output = json.loads(data)
Expand Down
2 changes: 2 additions & 0 deletions core/src/epicli/data/common/defaults/epiphany-cluster.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,10 @@ specification:
key_path: /root/.ssh/epiphany-operations/id_rsa # YOUR-SSH-KEY-PATH
cloud:
subscription_name: YOUR-SUB-NAME
resource_group_name: YOUR-RESOURCE-GROUP-NAME
vnet_address_pool: 10.1.0.0/20
use_public_ips: False # When not using public IPs you have to provide connectivity via private IPs (VPN)
use_service_principle: False
region: eu-west-2
credentials: # todo change it to get credentials from vault
key: 3124-4124-4124
Expand Down

0 comments on commit 9816f51

Please sign in to comment.