diff --git a/.gitignore b/.gitignore
index 9c52e32e7795c2781e023c05c4ce8f989384c05f..da93b46aa9128ef5613f179a7e338a026a1f9100 100644
--- a/.gitignore
+++ b/.gitignore
@@ -375,3 +375,4 @@ build/
# Dep files
*.toml
*.lock
+.aider*
diff --git a/infra/scripts/common_prepare.sh b/infra/scripts/common_prepare.sh
old mode 100644
new mode 100755
index 8550d1b3ac2346e4a55d30e3c58ba8343d4fb5f5..a5d1e7610049d2dca842156b62b5081795563922
--- a/infra/scripts/common_prepare.sh
+++ b/infra/scripts/common_prepare.sh
@@ -70,10 +70,13 @@ if [ -z $AZURE_AKS_USER ]; then
fi
-
-
###############################
-## FUNCTIONS ##
+## WSL DETECTION ##
+###############################
+if [ -f /proc/version ] && grep -qi microsoft /proc/version; then
+ export MSYS_NO_PATHCONV=1
+fi
+
###############################
function CreateResourceGroup() {
# Required Argument $1 = RESOURCE_GROUP
@@ -102,6 +105,7 @@ function CreateResourceGroup() {
tput setaf 3; echo "Resource Group $1 already exists."; tput sgr0
fi
}
+
function CreateTfPrincipal() {
# Required Argument $1 = PRINCIPAL_NAME
# Required Argument $2 = VAULT_NAME
@@ -116,7 +120,7 @@ function CreateTfPrincipal() {
if [ "$_result" == "" ]
then
- PRINCIPAL_SECRET=$(az ad sp create-for-rbac \
+ PRINCIPAL_SECRET=$(MSYS_NO_PATHCONV=1 az ad sp create-for-rbac \
--name $1 \
--role owner \
--scopes /subscriptions/${ARM_SUBSCRIPTION_ID} \
@@ -138,7 +142,7 @@ function CreateTfPrincipal() {
--api $MS_GRAPH_API_GUID \
--api-permissions $OWNED_BY_GUID=Role \
-ojsonc)
-
+
# MS Graph API Directory.Read.All
PERMISSION_2=$(az ad app permission add \
--id $PRINCIPAL_ID \
@@ -160,6 +164,7 @@ function CreateTfPrincipal() {
tput setaf 3; echo "Service Principal $1 already exists."; tput sgr0
fi
}
+
function CreatePrincipal() {
# Required Argument $1 = PRINCIPAL_NAME
# Required Argument $2 = VAULT_NAME
@@ -173,49 +178,47 @@ function CreatePrincipal() {
local _result=$(az ad sp list --display-name $1 --query [].appId -otsv)
if [ "$_result" == "" ]
then
-
- PRINCIPAL_SECRET=$(az ad sp create-for-rbac \
- --name $1 \
- --skip-assignment \
- --role owner \
- --scopes /subscriptions/${ARM_SUBSCRIPTION_ID} \
- --query password -otsv)
-
- PRINCIPAL_ID=$(az ad sp list \
- --display-name $1 \
- --query [].appId -otsv)
-
- PRINCIPAL_OID=$(az ad sp list \
- --display-name $1 \
- --query [].id -otsv)
-
- MS_GRAPH_API_GUID="00000003-0000-0000-c000-000000000000"
- AZURE_STORAGE_API_GUID="e406a681-f3d4-42a8-90b6-c2b029497af1"
-
-
- # MS Graph API Directory.Read.All
- PERMISSION_1=$(az ad app permission add \
- --id $PRINCIPAL_ID \
- --api $MS_GRAPH_API_GUID \
- --api-permissions 7ab1d382-f21e-4acd-a863-ba3e13f7da61=Role \
- -ojsonc)
-
- # AzureStorage API user_impersonation scope
+ PRINCIPAL_SECRET=$(az ad sp create-for-rbac \
+ --name $1 \
+ --role owner \
+ --scopes /subscriptions/${ARM_SUBSCRIPTION_ID} \
+ --query password -otsv)
+
+ PRINCIPAL_ID=$(az ad sp list \
+ --display-name $1 \
+ --query [].appId -otsv)
+
+ PRINCIPAL_OID=$(az ad sp list \
+ --display-name $1 \
+ --query [].id -otsv)
+
+ MS_GRAPH_API_GUID="00000003-0000-0000-c000-000000000000"
+ AZURE_STORAGE_API_GUID="e406a681-f3d4-42a8-90b6-c2b029497af1"
+
+ # MS Graph API Directory.Read.All
+ PERMISSION_1=$(az ad app permission add \
+ --id $PRINCIPAL_ID \
+ --api $MS_GRAPH_API_GUID \
+ --api-permissions 7ab1d382-f21e-4acd-a863-ba3e13f7da61=Role \
+ -ojsonc)
+
+ # AzureStorage API user_impersonation scope
PERMISSION_2=$(az ad app permission add \
--id $PRINCIPAL_ID \
--api $AZURE_STORAGE_API_GUID \
--api-permissions 03e0da56-190b-40ad-a80c-ea378c433f7f=Scope \
-ojsonc)
- tput setaf 2; echo "Adding Information to Vault..." ; tput sgr0
- AddKeyToVault $2 "${1}-id" $PRINCIPAL_ID
- AddKeyToVault $2 "${1}-key" $PRINCIPAL_SECRET
- AddKeyToVault $2 "${1}-oid" $PRINCIPAL_OID
+ tput setaf 2; echo "Adding Information to Vault..." ; tput sgr0
+ AddKeyToVault $2 "${1}-id" $PRINCIPAL_ID
+ AddKeyToVault $2 "${1}-key" $PRINCIPAL_SECRET
+ AddKeyToVault $2 "${1}-oid" $PRINCIPAL_OID
else
tput setaf 3; echo "Service Principal $1 already exists."; tput sgr0
fi
}
+
function CreateADApplication() {
# Required Argument $1 = APPLICATION_NAME
# Required Argument $2 = VAULT_NAME
@@ -228,29 +231,28 @@ function CreateADApplication() {
local _result=$(az ad sp list --display-name $1 --query [].appId -otsv)
if [ "$_result" == "" ]
then
+ APP_SECRET=$(MSYS_NO_PATHCONV=1 az ad sp create-for-rbac \
+ --name $1 \
+ --query password -otsv)
- APP_SECRET=$(az ad sp create-for-rbac \
- --name $1 \
- --skip-assignment \
- --query password -otsv)
-
- APP_ID=$(az ad sp list \
- --display-name $1 \
- --query [].appId -otsv)
+ APP_ID=$(az ad sp list \
+ --display-name $1 \
+ --query [].appId -otsv)
- APP_OID=$(az ad sp list \
- --display-name $1 \
- --query [].id -otsv)
+ APP_OID=$(az ad sp list \
+ --display-name $1 \
+ --query [].id -otsv)
- tput setaf 2; echo "Adding AD Application to Vault..." ; tput sgr0
- AddKeyToVault $2 "${1}-clientid" $APP_ID
- AddKeyToVault $2 "${1}-secret" $APP_SECRET
- AddKeyToVault $2 "${1}-oid" $APP_OID
+ tput setaf 2; echo "Adding AD Application to Vault..." ; tput sgr0
+ AddKeyToVault $2 "${1}-clientid" $APP_ID
+ AddKeyToVault $2 "${1}-secret" $APP_SECRET
+ AddKeyToVault $2 "${1}-oid" $APP_OID
else
tput setaf 3; echo "AD Application $1 already exists."; tput sgr0
fi
}
+
function CreateSSHKeysPassphrase() {
# Required Argument $1 = SSH_USER
# Required Argument $2 = KEY_NAME
@@ -292,6 +294,7 @@ function CreateSSHKeysPassphrase() {
AddKeyToVault $AZURE_VAULT "${2}-pub" "~/.ssh/osdu_${UNIQUE}/${2}.pub" "file"
AddKeyToVault $AZURE_VAULT "${2}-passphrase" $PASSPHRASE
}
+
function CreateSSHKeys() {
# Required Argument $1 = SSH_USER
# Required Argument $2 = KEY_NAME
@@ -351,11 +354,12 @@ function CreateKeyVault() {
local _vault=$(az keyvault list --resource-group $2 --query [].name -otsv 2>/dev/null)
if [ "$_vault" == "" ]
then
- OUTPUT=$(az keyvault create --name $1 --resource-group $2 --location $3 --enable-purge-protection true --query [].name -otsv)
+ OUTPUT=$(az keyvault create --name $1 --resource-group $2 --location $3 --query [].name -otsv)
else
tput setaf 3; echo "Key Vault $1 already exists."; tput sgr0
fi
}
+
function CreateStorageAccount() {
# Required Argument $1 = STORAGE_ACCOUNT
# Required Argument $2 = RESOURCE_GROUP
@@ -389,6 +393,7 @@ function CreateStorageAccount() {
tput setaf 3; echo "Storage Account $1 already exists."; tput sgr0
fi
}
+
function GetStorageAccountKey() {
# Required Argument $1 = STORAGE_ACCOUNT
# Required Argument $2 = RESOURCE_GROUP
@@ -409,6 +414,7 @@ function GetStorageAccountKey() {
--output tsv)
echo ${_result}
}
+
function CreateBlobContainer() {
# Required Argument $1 = CONTAINER_NAME
# Required Argument $2 = STORAGE_ACCOUNT
@@ -445,6 +451,7 @@ function CreateBlobContainer() {
tput setaf 3; echo "Storage Container $1 already exists."; tput sgr0
fi
}
+
function AddKeyToVault() {
# Required Argument $1 = KEY_VAULT
# Required Argument $2 = SECRET_NAME
diff --git a/infra/scripts/keda_upgrade_and_host_encryption.sh b/infra/scripts/keda_upgrade_and_host_encryption.sh
old mode 100644
new mode 100755