From 916f77f5a84777fd4d6724f04e239968bb1de9e5 Mon Sep 17 00:00:00 2001 From: Erika Gressi Date: Tue, 21 Sep 2021 17:33:18 +0200 Subject: [PATCH 1/4] test workflow template --- .../resource.deployment.template.yml | 189 ++++++++++++++++++ 1 file changed, 189 insertions(+) create mode 100644 .github/workflows/resource.deployment.template.yml diff --git a/.github/workflows/resource.deployment.template.yml b/.github/workflows/resource.deployment.template.yml new file mode 100644 index 0000000000..95e1a3a7a8 --- /dev/null +++ b/.github/workflows/resource.deployment.template.yml @@ -0,0 +1,189 @@ +name: "Resources: Test Pipeline Template" + +on: + workflow_dispatch: + inputs: + removeDeployment: + description: 'Remove deployed module' + required: false + default: 'true' + versioningOption: + description: 'The mode to handle the version increments [major|minor|patch|custom]' + required: false + default: 'patch' + customVersion: + description: 'The version to enforce if [versionOption] is set to [custom]' + required: false + default: '0.0.1' + moduleName: + description: 'moduleName' + required: true + # default: '0.0.1' + modulePath: + description: 'modulePath' + required: true + # default: '0.0.1' + +env: + # moduleName: 'resourceGroups' + # modulePath: 'arm/Microsoft.Resources/resourceGroups' + ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }} + ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }} + ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }} + ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }} + ARM_MGMTGROUP_ID: ${{ secrets.ARM_MGMTGROUP_ID }} + +jobs: + ################## + # UNIT TESTS # + ################## + # Global tests + # ------------ + job_tests_module_global: + runs-on: ubuntu-20.04 + name: "Run global module tests" + steps: + - name: "Checkout" + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: "Test module" + uses: ./.github/actions/templates/validateModuleGeneral + with: + modulePath: '${{ env.modulePath }}' + moduleName: '${{ env.moduleName}}' + + # Global API tests + # ---------------- + job_tests_module_global_api: + runs-on: ubuntu-20.04 + name: "Run global API module tests" + steps: + - name: "Checkout" + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: "Test module" + uses: ./.github/actions/templates/validateModuleApis + with: + modulePath: '${{ env.modulePath }}' + moduleName: '${{ env.moduleName}}' + + # Validate deployment module tests + # -------------------------------- + job_tests_module_deploy_validate: + runs-on: ubuntu-20.04 + name: "Run deployment validation module tests" + strategy: + matrix: + parameterFilePaths: ['parameters.json'] + steps: + - name: "Checkout" + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set environment variables + uses: deep-mm/set-variables@v1.0 + with: + # Name of variable file + variableFileName: 'variables.module' # Don't write .json here + - name: "Test module" + uses: ./.github/actions/templates/validateModuleDeploy + with: + templateFilePath: '${{ env.modulePath }}/deploy.json' + parameterFilePath: '${{ env.modulePath }}/parameters/${{ matrix.parameterFilePaths }}' + location: '${{ env.defaultLocation }}' + resourceGroupName: '${{ env.resourceGroupName }}' + subscriptionId: '${{ secrets.ARM_SUBSCRIPTION_ID }}' + managementGroupId: '${{ secrets.ARM_MGMTGROUP_ID }}' + + #################### + # DEPLOY TESTS # + #################### + job_deploy_module: + runs-on: ubuntu-20.04 + name: "Deploy module" + needs: + - job_tests_module_global + - job_tests_module_global_api + - job_tests_module_deploy_validate + strategy: + matrix: + parameterFilePaths: ['parameters.json'] + steps: + - name: "Checkout" + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set environment variables + uses: deep-mm/set-variables@v1.0 + with: + # Name of variable file + variableFileName: 'variables.module' # Don't write .json here + - name: "Deploy module" + uses: ./.github/actions/templates/deployModule + with: + moduleName: '${{ env.moduleName }}' + templateFilePath: '${{ env.modulePath }}/deploy.json' + parameterFilePath: '${{ env.modulePath }}/parameters/${{ matrix.parameterFilePaths }}' + location: '${{ env.defaultLocation }}' + resourceGroupName: '${{ env.resourceGroupName }}' + subscriptionId: '${{ secrets.ARM_SUBSCRIPTION_ID }}' + managementGroupId: '${{ secrets.ARM_MGMTGROUP_ID }}' + removeDeployment: '${{ github.event.inputs.removeDeployment }}' + + ############### + # PUBLISH # + ############### + job_publish_module: + runs-on: ubuntu-20.04 + name: "Publish module" + needs: + - job_deploy_module + steps: + - name: "Checkout" + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set environment variables + uses: deep-mm/set-variables@v1.0 + with: + # Name of variable file + variableFileName: 'variables.module' # Don't write .json here + - name: "Publish module" + uses: ./.github/actions/templates/publishModule + with: + templateFilePath: '${{ env.modulePath }}/deploy.json' + componentTemplateSpecRGName: '${{ env.componentTemplateSpecRGName }}' + componentTemplateSpecRGLocation: '${{ env.componentTemplateSpecRGLocation }}' + componentTemplateSpecName: '${{ env.moduleName }}' + componentTemplateSpecDescription: '${{ env.componentTemplateSpecDescription }}' + publishToTemplateSpec: '${{ env.publishToTemplateSpec }}' + versioningOption: '${{ github.event.inputs.versioningOption }}' + customVersion: '${{ github.event.inputs.customVersion }}' + + ############## + # REMOVE # + ############## + job_remove_module: + runs-on: ubuntu-20.04 + name: "Remove module" + if: ${{ github.event.inputs.removeDeployment == 'true' }} + needs: + - job_deploy_module + steps: + - name: "Checkout" + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Set environment variables + uses: deep-mm/set-variables@v1.0 + with: + # Name of variable file + variableFileName: 'variables.module' # Don't write .json here + - name: "Remove module" + uses: ./.github/actions/templates/removeModule + with: + moduleName: '${{ env.moduleName }}' + templateFilePath: '${{ env.modulePath }}/deploy.json' + resourceGroupName: '${{ env.resourceGroupName }}' \ No newline at end of file From 1ef466175f2a3eed57d3d5ce6fd094ba1007e669 Mon Sep 17 00:00:00 2001 From: Erika Gressi Date: Sat, 25 Sep 2021 21:15:06 +0200 Subject: [PATCH 2/4] fix policy assignment to accept westeu --- .../resource.deployment.template.yml | 189 ------------------ .../allowedLocations.parameters.json | 2 +- 2 files changed, 1 insertion(+), 190 deletions(-) delete mode 100644 .github/workflows/resource.deployment.template.yml diff --git a/.github/workflows/resource.deployment.template.yml b/.github/workflows/resource.deployment.template.yml deleted file mode 100644 index 95e1a3a7a8..0000000000 --- a/.github/workflows/resource.deployment.template.yml +++ /dev/null @@ -1,189 +0,0 @@ -name: "Resources: Test Pipeline Template" - -on: - workflow_dispatch: - inputs: - removeDeployment: - description: 'Remove deployed module' - required: false - default: 'true' - versioningOption: - description: 'The mode to handle the version increments [major|minor|patch|custom]' - required: false - default: 'patch' - customVersion: - description: 'The version to enforce if [versionOption] is set to [custom]' - required: false - default: '0.0.1' - moduleName: - description: 'moduleName' - required: true - # default: '0.0.1' - modulePath: - description: 'modulePath' - required: true - # default: '0.0.1' - -env: - # moduleName: 'resourceGroups' - # modulePath: 'arm/Microsoft.Resources/resourceGroups' - ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }} - ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }} - ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }} - ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }} - ARM_MGMTGROUP_ID: ${{ secrets.ARM_MGMTGROUP_ID }} - -jobs: - ################## - # UNIT TESTS # - ################## - # Global tests - # ------------ - job_tests_module_global: - runs-on: ubuntu-20.04 - name: "Run global module tests" - steps: - - name: "Checkout" - uses: actions/checkout@v2 - with: - fetch-depth: 0 - - name: "Test module" - uses: ./.github/actions/templates/validateModuleGeneral - with: - modulePath: '${{ env.modulePath }}' - moduleName: '${{ env.moduleName}}' - - # Global API tests - # ---------------- - job_tests_module_global_api: - runs-on: ubuntu-20.04 - name: "Run global API module tests" - steps: - - name: "Checkout" - uses: actions/checkout@v2 - with: - fetch-depth: 0 - - name: "Test module" - uses: ./.github/actions/templates/validateModuleApis - with: - modulePath: '${{ env.modulePath }}' - moduleName: '${{ env.moduleName}}' - - # Validate deployment module tests - # -------------------------------- - job_tests_module_deploy_validate: - runs-on: ubuntu-20.04 - name: "Run deployment validation module tests" - strategy: - matrix: - parameterFilePaths: ['parameters.json'] - steps: - - name: "Checkout" - uses: actions/checkout@v2 - with: - fetch-depth: 0 - - name: Set environment variables - uses: deep-mm/set-variables@v1.0 - with: - # Name of variable file - variableFileName: 'variables.module' # Don't write .json here - - name: "Test module" - uses: ./.github/actions/templates/validateModuleDeploy - with: - templateFilePath: '${{ env.modulePath }}/deploy.json' - parameterFilePath: '${{ env.modulePath }}/parameters/${{ matrix.parameterFilePaths }}' - location: '${{ env.defaultLocation }}' - resourceGroupName: '${{ env.resourceGroupName }}' - subscriptionId: '${{ secrets.ARM_SUBSCRIPTION_ID }}' - managementGroupId: '${{ secrets.ARM_MGMTGROUP_ID }}' - - #################### - # DEPLOY TESTS # - #################### - job_deploy_module: - runs-on: ubuntu-20.04 - name: "Deploy module" - needs: - - job_tests_module_global - - job_tests_module_global_api - - job_tests_module_deploy_validate - strategy: - matrix: - parameterFilePaths: ['parameters.json'] - steps: - - name: "Checkout" - uses: actions/checkout@v2 - with: - fetch-depth: 0 - - name: Set environment variables - uses: deep-mm/set-variables@v1.0 - with: - # Name of variable file - variableFileName: 'variables.module' # Don't write .json here - - name: "Deploy module" - uses: ./.github/actions/templates/deployModule - with: - moduleName: '${{ env.moduleName }}' - templateFilePath: '${{ env.modulePath }}/deploy.json' - parameterFilePath: '${{ env.modulePath }}/parameters/${{ matrix.parameterFilePaths }}' - location: '${{ env.defaultLocation }}' - resourceGroupName: '${{ env.resourceGroupName }}' - subscriptionId: '${{ secrets.ARM_SUBSCRIPTION_ID }}' - managementGroupId: '${{ secrets.ARM_MGMTGROUP_ID }}' - removeDeployment: '${{ github.event.inputs.removeDeployment }}' - - ############### - # PUBLISH # - ############### - job_publish_module: - runs-on: ubuntu-20.04 - name: "Publish module" - needs: - - job_deploy_module - steps: - - name: "Checkout" - uses: actions/checkout@v2 - with: - fetch-depth: 0 - - name: Set environment variables - uses: deep-mm/set-variables@v1.0 - with: - # Name of variable file - variableFileName: 'variables.module' # Don't write .json here - - name: "Publish module" - uses: ./.github/actions/templates/publishModule - with: - templateFilePath: '${{ env.modulePath }}/deploy.json' - componentTemplateSpecRGName: '${{ env.componentTemplateSpecRGName }}' - componentTemplateSpecRGLocation: '${{ env.componentTemplateSpecRGLocation }}' - componentTemplateSpecName: '${{ env.moduleName }}' - componentTemplateSpecDescription: '${{ env.componentTemplateSpecDescription }}' - publishToTemplateSpec: '${{ env.publishToTemplateSpec }}' - versioningOption: '${{ github.event.inputs.versioningOption }}' - customVersion: '${{ github.event.inputs.customVersion }}' - - ############## - # REMOVE # - ############## - job_remove_module: - runs-on: ubuntu-20.04 - name: "Remove module" - if: ${{ github.event.inputs.removeDeployment == 'true' }} - needs: - - job_deploy_module - steps: - - name: "Checkout" - uses: actions/checkout@v2 - with: - fetch-depth: 0 - - name: Set environment variables - uses: deep-mm/set-variables@v1.0 - with: - # Name of variable file - variableFileName: 'variables.module' # Don't write .json here - - name: "Remove module" - uses: ./.github/actions/templates/removeModule - with: - moduleName: '${{ env.moduleName }}' - templateFilePath: '${{ env.modulePath }}/deploy.json' - resourceGroupName: '${{ env.resourceGroupName }}' \ No newline at end of file diff --git a/arm/Microsoft.Authorization/policyAssignments/parameters/allowedLocations.parameters.json b/arm/Microsoft.Authorization/policyAssignments/parameters/allowedLocations.parameters.json index cf753f50a5..c1146e8da7 100644 --- a/arm/Microsoft.Authorization/policyAssignments/parameters/allowedLocations.parameters.json +++ b/arm/Microsoft.Authorization/policyAssignments/parameters/allowedLocations.parameters.json @@ -11,7 +11,7 @@ "parameters": { "value": { "listOfAllowedLocations": { - "value": ["westus","westus2"] + "value": ["westus","westus2","westeu"] } } }, From 742259b6d858ed01e11f49dd51fa5fb732e437e7 Mon Sep 17 00:00:00 2001 From: Erika Gressi Date: Tue, 5 Oct 2021 13:37:34 +0200 Subject: [PATCH 3/4] Flow logs network watcher name --- .../networkWatcherFlowLogs/parameters/parameters.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arm/Microsoft.Network/networkWatcherFlowLogs/parameters/parameters.json b/arm/Microsoft.Network/networkWatcherFlowLogs/parameters/parameters.json index 8596d9e9f2..4293af8a70 100644 --- a/arm/Microsoft.Network/networkWatcherFlowLogs/parameters/parameters.json +++ b/arm/Microsoft.Network/networkWatcherFlowLogs/parameters/parameters.json @@ -3,7 +3,7 @@ "contentVersion": "1.0.0.0", "parameters": { "networkWatcherName": { - "value": "NetworkWatcher_westeurope" + "value": "adp-sxx-az-nw-weu-x-001" }, "networkSecurityGroupResourceId": { "value": "/subscriptions/8629be3b-96bc-482d-a04b-ffff597c65a2/resourceGroups/dependencies-rg/providers/Microsoft.Network/networkSecurityGroups/sxx-az-nsg-weu-x-003" From 5d3e564d32db7c57f6e64522ca168d59512c88e5 Mon Sep 17 00:00:00 2001 From: Erika Gressi Date: Wed, 6 Oct 2021 09:50:47 +0200 Subject: [PATCH 4/4] kv dep param up --- .../parameters/windows.parameters.json | 4 ++-- .../virtualMachines/parameters/parameters.json | 2 +- .../workspaces/parameters/parameters.json | 2 +- .../netAppAccounts/parameters/parameters.json | 2 +- arm/Microsoft.Network/connections/parameters/parameters.json | 2 +- .../privateEndpoints/parameters/parameters.json | 2 +- arm/Microsoft.Sql/servers/parameters/parameters.json | 4 ++-- 7 files changed, 9 insertions(+), 9 deletions(-) diff --git a/arm/Microsoft.Compute/virtualMachineScaleSets/parameters/windows.parameters.json b/arm/Microsoft.Compute/virtualMachineScaleSets/parameters/windows.parameters.json index b9c3730cbb..650b623ea4 100644 --- a/arm/Microsoft.Compute/virtualMachineScaleSets/parameters/windows.parameters.json +++ b/arm/Microsoft.Compute/virtualMachineScaleSets/parameters/windows.parameters.json @@ -43,7 +43,7 @@ "adminUsername": { "reference": { "keyVault": { - "id": "/subscriptions/8629be3b-96bc-482d-a04b-ffff597c65a2/resourceGroups/dependencies-rg/providers/Microsoft.KeyVault/vaults/sxx-az-kv-weu-x-004" + "id": "/subscriptions/8629be3b-96bc-482d-a04b-ffff597c65a2/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-sxx-az-kv-weu-x-001" }, "secretName": "adminUsername" } @@ -51,7 +51,7 @@ "adminPassword": { "reference": { "keyVault": { - "id": "/subscriptions/8629be3b-96bc-482d-a04b-ffff597c65a2/resourceGroups/dependencies-rg/providers/Microsoft.KeyVault/vaults/sxx-az-kv-weu-x-004" + "id": "/subscriptions/8629be3b-96bc-482d-a04b-ffff597c65a2/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-sxx-az-kv-weu-x-001" }, "secretName": "adminPassword" } diff --git a/arm/Microsoft.Compute/virtualMachines/parameters/parameters.json b/arm/Microsoft.Compute/virtualMachines/parameters/parameters.json index 8df18b9024..0328c36139 100644 --- a/arm/Microsoft.Compute/virtualMachines/parameters/parameters.json +++ b/arm/Microsoft.Compute/virtualMachines/parameters/parameters.json @@ -37,7 +37,7 @@ "adminPassword": { "reference": { "keyVault": { - "id": "/subscriptions/8629be3b-96bc-482d-a04b-ffff597c65a2/resourceGroups/dependencies-rg/providers/Microsoft.KeyVault/vaults/sxx-az-kv-weu-x-004" + "id": "/subscriptions/8629be3b-96bc-482d-a04b-ffff597c65a2/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-sxx-az-kv-weu-x-001" }, "secretName": "adminPassword" } diff --git a/arm/Microsoft.MachineLearningServices/workspaces/parameters/parameters.json b/arm/Microsoft.MachineLearningServices/workspaces/parameters/parameters.json index a64353469c..c50703ab88 100644 --- a/arm/Microsoft.MachineLearningServices/workspaces/parameters/parameters.json +++ b/arm/Microsoft.MachineLearningServices/workspaces/parameters/parameters.json @@ -12,7 +12,7 @@ "value": "/subscriptions/8629be3b-96bc-482d-a04b-ffff597c65a2/resourceGroups/dependencies-rg/providers/Microsoft.Storage/storageAccounts/sxxazsaweux003" }, "associatedKeyVaultResourceId": { - "value": "/subscriptions/8629be3b-96bc-482d-a04b-ffff597c65a2/resourceGroups/dependencies-rg/providers/Microsoft.KeyVault/vaults/sxx-az-kv-weu-x-004" + "value": "/subscriptions/8629be3b-96bc-482d-a04b-ffff597c65a2/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-sxx-az-kv-weu-x-001" }, "associatedApplicationInsightsResourceId": { "value": "/subscriptions/8629be3b-96bc-482d-a04b-ffff597c65a2/resourceGroups/validation-rg/providers/Microsoft.Insights/components/adp-sxx-az-appi-weu-x-001" diff --git a/arm/Microsoft.NetApp/netAppAccounts/parameters/parameters.json b/arm/Microsoft.NetApp/netAppAccounts/parameters/parameters.json index 827f492e92..246a2e0c59 100644 --- a/arm/Microsoft.NetApp/netAppAccounts/parameters/parameters.json +++ b/arm/Microsoft.NetApp/netAppAccounts/parameters/parameters.json @@ -14,7 +14,7 @@ // "domainJoinPassword": { // "reference": { // "keyVault": { - // "id": "/subscriptions/8629be3b-96bc-482d-a04b-ffff597c65a2/resourceGroups/dependencies-rg/providers/Microsoft.KeyVault/vaults/sxx-az-kv-weu-x-004" + // "id": "/subscriptions/8629be3b-96bc-482d-a04b-ffff597c65a2/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-sxx-az-kv-weu-x-001" // }, // "secretName": "adadmin-Password" // } diff --git a/arm/Microsoft.Network/connections/parameters/parameters.json b/arm/Microsoft.Network/connections/parameters/parameters.json index aebe8665ff..4dea2d9fd9 100644 --- a/arm/Microsoft.Network/connections/parameters/parameters.json +++ b/arm/Microsoft.Network/connections/parameters/parameters.json @@ -11,7 +11,7 @@ "vpnSharedKey": { "reference": { "keyVault": { - "id": "/subscriptions/8629be3b-96bc-482d-a04b-ffff597c65a2/resourceGroups/dependencies-rg/providers/Microsoft.KeyVault/vaults/sxx-az-kv-weu-x-004" + "id": "/subscriptions/8629be3b-96bc-482d-a04b-ffff597c65a2/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-sxx-az-kv-weu-x-001" }, "secretName": "vpnSharedKey" } diff --git a/arm/Microsoft.Network/privateEndpoints/parameters/parameters.json b/arm/Microsoft.Network/privateEndpoints/parameters/parameters.json index 3b12eb98cb..2c96d2738e 100644 --- a/arm/Microsoft.Network/privateEndpoints/parameters/parameters.json +++ b/arm/Microsoft.Network/privateEndpoints/parameters/parameters.json @@ -12,7 +12,7 @@ "value": "/subscriptions/8629be3b-96bc-482d-a04b-ffff597c65a2/resourceGroups/dependencies-rg/providers/Microsoft.Network/privateDnsZones/privatelink.vaultcore.azure.net" }, "serviceResourceId": { - "value": "/subscriptions/8629be3b-96bc-482d-a04b-ffff597c65a2/resourceGroups/dependencies-rg/providers/Microsoft.KeyVault/vaults/sxx-az-kv-weu-x-004" + "value": "/subscriptions/8629be3b-96bc-482d-a04b-ffff597c65a2/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-sxx-az-kv-weu-x-001" }, "groupId": { "value": ["vault"] diff --git a/arm/Microsoft.Sql/servers/parameters/parameters.json b/arm/Microsoft.Sql/servers/parameters/parameters.json index 5fac360e3c..1cf6eb98aa 100644 --- a/arm/Microsoft.Sql/servers/parameters/parameters.json +++ b/arm/Microsoft.Sql/servers/parameters/parameters.json @@ -8,7 +8,7 @@ "administratorLogin": { "reference": { "keyVault": { - "id": "/subscriptions/8629be3b-96bc-482d-a04b-ffff597c65a2/resourceGroups/dependencies-rg/providers/Microsoft.KeyVault/vaults/sxx-az-kv-weu-x-004" + "id": "/subscriptions/8629be3b-96bc-482d-a04b-ffff597c65a2/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-sxx-az-kv-weu-x-001" }, "secretName": "administratorLogin" } @@ -16,7 +16,7 @@ "administratorLoginPassword": { "reference": { "keyVault": { - "id": "/subscriptions/8629be3b-96bc-482d-a04b-ffff597c65a2/resourceGroups/dependencies-rg/providers/Microsoft.KeyVault/vaults/sxx-az-kv-weu-x-004" + "id": "/subscriptions/8629be3b-96bc-482d-a04b-ffff597c65a2/resourceGroups/validation-rg/providers/Microsoft.KeyVault/vaults/adp-sxx-az-kv-weu-x-001" }, "secretName": "administratorLoginPassword" }