Skip to content
Snippets Groups Projects
Commit d4459aae authored by harshit aggarwal's avatar harshit aggarwal
Browse files

Merge branch 'master' into haaggarw/GitlabAirflow

parents 63b8c6ec f70b809a
No related tags found
No related merge requests found
......@@ -2,7 +2,12 @@
# Current Master
# v0.8 (2021-4-9)
__Infra Changes__
- [Operationalize 104 - Backup and Restore](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/104)
- [Feature 115 - Enable Custom HTTPS Certificates](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/115)
- [Feature 121 - Added Default Dashboard](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/121)
- [Feature 149 - Make auto-scale parameters of App Gateway configurable](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/149)
# v0.7 (2021-3-11)
......
......@@ -220,11 +220,6 @@ EOF
cp .envrc .envrc_${UNIQUE}
```
## Configure Back Up
Back is enabled by default. To set the backup policies, utilize the script
[here](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/tree/master/tools).
The script should be run whenever you bring up a Resource Group in your deployment.
## Configure Key Access in Manifest Repository
The public key of the `azure-aks-gitops-ssh-key` previously created needs to be added as a deploy key in your Azure DevOPS Project, follow these [steps](https://docs.microsoft.com/en-us/azure/devops/repos/git/use-ssh-keys-to-authenticate?view=azure-devops&tabs=current-page#step-2--add-the-public-key-to-azure-devops-servicestfs) to add your public SSH key to your ADO environment.
......@@ -283,6 +278,13 @@ __Automated Pipeline Installation__
1. Setup Service Automation following directions [here](./docs/service-automation.md).
## Developer Activities
1. To onboard new services follow the process located [here](./docs/service-onboarding.md).
## Configure Back Up
Back is enabled by default. To set the backup policies, utilize the script
[here](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/tree/master/tools).
The script should be run whenever you bring up a Resource Group in your deployment.
......@@ -514,12 +514,12 @@ AddKeyToVault $AZURE_VAULT "${AZURE_STORAGE}-storage" $AZURE_STORAGE
AddKeyToVault $AZURE_VAULT "${AZURE_STORAGE}-storage-key" $STORAGE_KEY
tput setaf 2; echo 'Creating required Service Principals...' ; tput sgr0
CreateTfPrincipal "osdu-mvp-${UNIQUE}-terraform" $AZURE_VAULT
CreatePrincipal "osdu-mvp-${UNIQUE}-principal" $AZURE_VAULT
CreateTfPrincipal "${ADO_PROJECT}-${UNIQUE}-terraform" $AZURE_VAULT
CreatePrincipal "${ADO_PROJECT}-${UNIQUE}-principal" $AZURE_VAULT
tput setaf 2; echo 'Creating required AD Application...' ; tput sgr0
CreateADApplication "osdu-mvp-${UNIQUE}-application" $AZURE_VAULT
CreateADApplication "osdu-mvp-${UNIQUE}-noaccess" $AZURE_VAULT
CreateADApplication "${ADO_PROJECT}-${UNIQUE}-application" $AZURE_VAULT
CreateADApplication "${ADO_PROJECT}-${UNIQUE}-noaccess" $AZURE_VAULT
tput setaf 2; echo 'Creating SSH Keys...' ; tput sgr0
CreateSSHKeys $AZURE_AKS_USER "azure-aks-gitops-ssh-key"
......@@ -537,8 +537,8 @@ export UNIQUE=${UNIQUE}
export COMMON_VAULT="${AZURE_VAULT}"
export ARM_TENANT_ID="$(az account show -ojson --query tenantId -otsv)"
export ARM_SUBSCRIPTION_ID="${ARM_SUBSCRIPTION_ID}"
export ARM_CLIENT_ID="$(az keyvault secret show --id https://$AZURE_VAULT.vault.azure.net/secrets/osdu-mvp-${UNIQUE}-terraform-id --query value -otsv)"
export ARM_CLIENT_SECRET="$(az keyvault secret show --id https://$AZURE_VAULT.vault.azure.net/secrets/osdu-mvp-${UNIQUE}-terraform-key --query value -otsv)"
export ARM_CLIENT_ID="$(az keyvault secret show --id https://$AZURE_VAULT.vault.azure.net/secrets/${ADO_PROJECT}-${UNIQUE}-terraform-id --query value -otsv)"
export ARM_CLIENT_SECRET="$(az keyvault secret show --id https://$AZURE_VAULT.vault.azure.net/secrets/${ADO_PROJECT}-${UNIQUE}-terraform-key --query value -otsv)"
export ARM_ACCESS_KEY="$(az keyvault secret show --id https://$AZURE_VAULT.vault.azure.net/secrets/osducommon${RANDOM_NUMBER}-storage-key --query value -otsv)"
export TF_VAR_remote_state_account="$(az keyvault secret show --id https://$AZURE_VAULT.vault.azure.net/secrets/osducommon${RANDOM_NUMBER}-storage --query value -otsv)"
......@@ -549,13 +549,13 @@ export TF_VAR_cosmosdb_replica_location="${AZURE_PAIR_LOCATION}"
export TF_VAR_central_resources_workspace_name="cr-${UNIQUE}"
export TF_VAR_principal_appId="$(az keyvault secret show --id https://$AZURE_VAULT.vault.azure.net/secrets/osdu-mvp-${UNIQUE}-principal-id --query value -otsv)"
export TF_VAR_principal_name="osdu-mvp-${UNIQUE}-principal"
export TF_VAR_principal_password="$(az keyvault secret show --id https://$AZURE_VAULT.vault.azure.net/secrets/osdu-mvp-${UNIQUE}-principal-key --query value -otsv)"
export TF_VAR_principal_objectId="$(az keyvault secret show --id https://$AZURE_VAULT.vault.azure.net/secrets/osdu-mvp-${UNIQUE}-principal-oid --query value -otsv)"
export TF_VAR_principal_appId="$(az keyvault secret show --id https://$AZURE_VAULT.vault.azure.net/secrets/${ADO_PROJECT}-${UNIQUE}-principal-id --query value -otsv)"
export TF_VAR_principal_name="${ADO_PROJECT}-${UNIQUE}-principal"
export TF_VAR_principal_password="$(az keyvault secret show --id https://$AZURE_VAULT.vault.azure.net/secrets/${ADO_PROJECT}-${UNIQUE}-principal-key --query value -otsv)"
export TF_VAR_principal_objectId="$(az keyvault secret show --id https://$AZURE_VAULT.vault.azure.net/secrets/${ADO_PROJECT}-${UNIQUE}-principal-oid --query value -otsv)"
export TF_VAR_application_clientid="$(az keyvault secret show --id https://$AZURE_VAULT.vault.azure.net/secrets/osdu-mvp-${UNIQUE}-application-clientid --query value -otsv)"
export TF_VAR_application_secret="$(az keyvault secret show --id https://$AZURE_VAULT.vault.azure.net/secrets/osdu-mvp-${UNIQUE}-application-secret --query value -otsv)"
export TF_VAR_application_clientid="$(az keyvault secret show --id https://$AZURE_VAULT.vault.azure.net/secrets/${ADO_PROJECT}-${UNIQUE}-application-clientid --query value -otsv)"
export TF_VAR_application_secret="$(az keyvault secret show --id https://$AZURE_VAULT.vault.azure.net/secrets/${ADO_PROJECT}-${UNIQUE}-application-secret --query value -otsv)"
export TF_VAR_ssh_public_key_file=~/.ssh/osdu_${UNIQUE}/azure-aks-node-ssh-key.pub
export TF_VAR_gitops_ssh_key_file=~/.ssh/osdu_${UNIQUE}/azure-aks-gitops-ssh-key
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment