Commit 6dd1b1c6 authored by Daniel Scholl's avatar Daniel Scholl
Browse files

Merge branch 'manual_setup_bugs' into 'master'

Manual setup bugs

See merge request osdu/platform/deployment-and-operations/infra-azure-provisioning!29
parents fee850ff c149b177
...@@ -198,17 +198,18 @@ Infrastructure requires a bring your own Elastic Search Instance of a version of ...@@ -198,17 +198,18 @@ Infrastructure requires a bring your own Elastic Search Instance of a version of
ES_ENDPOINT="" ES_ENDPOINT=""
ES_USERNAME="" ES_USERNAME=""
ES_PASSWORD="" ES_PASSWORD=""
az keyvault secret set --vault-name $COMMON_VAULT --name "elastic-endpoint-dp1-demo" --value $ES_ENDPOINT az keyvault secret set --vault-name $COMMON_VAULT --name "elastic-endpoint-dp1-${UNIQUE}" --value $ES_ENDPOINT
az keyvault secret set --vault-name $COMMON_VAULT --name "elastic-username-dp1-demo" --value $ES_USERNAME az keyvault secret set --vault-name $COMMON_VAULT --name "elastic-username-dp1-${UNIQUE}" --value $ES_USERNAME
az keyvault secret set --vault-name $COMMON_VAULT --name "elastic-password-dp1-demo" --value $ES_PASSWORD az keyvault secret set --vault-name $COMMON_VAULT --name "elastic-password-dp1-${UNIQUE}" --value $ES_PASSWORD
cat >> .envrc << EOF cat >> .envrc << EOF
# https://cloud.elastic.co # https://cloud.elastic.co
# ------------------------------------------------------------------------------------------------------ # ------------------------------------------------------------------------------------------------------
export TF_VAR_elasticsearch_endpoint="$(az keyvault secret show --id https://$COMMON_VAULT.vault.azure.net/secrets/elastic-endpoint-dp1-demo --query value -otsv)" export TF_VAR_elasticsearch_endpoint="$ES_ENDPOINT"
export TF_VAR_elasticsearch_username="$(az keyvault secret show --id https://$COMMON_VAULT.vault.azure.net/secrets/elastic-username-dp1-demo --query value -otsv)" export TF_VAR_elasticsearch_username="$ES_USERNAME"
export TF_VAR_elasticsearch_password="$(az keyvault secret show --id https://$COMMON_VAULT.vault.azure.net/secrets/elastic-password-dp1-demo --query value -otsv)" export TF_VAR_elasticsearch_password="$ES_PASSWORD"
EOF EOF
......
...@@ -171,6 +171,7 @@ resource "azurerm_role_assignment" "storage_access" { ...@@ -171,6 +171,7 @@ resource "azurerm_role_assignment" "storage_access" {
// Add Data Contributor Role to Principal // Add Data Contributor Role to Principal
resource "azurerm_role_assignment" "storage_data_contributor" { resource "azurerm_role_assignment" "storage_data_contributor" {
count = length(local.rbac_principals) count = length(local.rbac_principals)
depends_on = [azurerm_role_assignment.storage_access]
role_definition_name = "Storage Blob Data Contributor" role_definition_name = "Storage Blob Data Contributor"
principal_id = local.rbac_principals[count.index] principal_id = local.rbac_principals[count.index]
...@@ -201,6 +202,7 @@ resource "azurerm_role_assignment" "sdms_storage_access" { ...@@ -201,6 +202,7 @@ resource "azurerm_role_assignment" "sdms_storage_access" {
// Add Data Contributor Role to Principal // Add Data Contributor Role to Principal
resource "azurerm_role_assignment" "sdms_storage_data_contributor" { resource "azurerm_role_assignment" "sdms_storage_data_contributor" {
count = length(local.rbac_principals) count = length(local.rbac_principals)
depends_on = [azurerm_role_assignment.sdms_storage_access]
role_definition_name = "Storage Blob Data Contributor" role_definition_name = "Storage Blob Data Contributor"
principal_id = local.rbac_principals[count.index] principal_id = local.rbac_principals[count.index]
......
...@@ -49,6 +49,8 @@ storage_queues = [ "airflowlogqueue" ] ...@@ -49,6 +49,8 @@ storage_queues = [ "airflowlogqueue" ]
__Provision__ __Provision__
> Please run `helm repo update` prior to executing in case you have helm charts locally that need updates.
Execute the following commands to set up your terraform workspace. Execute the following commands to set up your terraform workspace.
```bash ```bash
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment