From 4863a0c35e075974bced5b8569bf81dfa2e56070 Mon Sep 17 00:00:00 2001 From: Harneet Virk Date: Mon, 30 Jan 2023 11:46:22 -0800 Subject: [PATCH 01/21] Add role assignment cleanup --- .../workflows/automated-cleanup-resources.yml | 14 ++++++++ infra/scripts/remove-role-assignments.ps1 | 33 +++++++++++++++++++ 2 files changed, 47 insertions(+) create mode 100644 infra/scripts/remove-role-assignments.ps1 diff --git a/.github/workflows/automated-cleanup-resources.yml b/.github/workflows/automated-cleanup-resources.yml index efbd1fcd8a..002115bed3 100644 --- a/.github/workflows/automated-cleanup-resources.yml +++ b/.github/workflows/automated-cleanup-resources.yml @@ -18,6 +18,13 @@ jobs: steps: - name: check out repo uses: actions/checkout@v2 + - run: + name: Install for PowerShell + command: | + apt-get -y update && apt-get -y install powershell + pwsh -v + pwsh -c "Install-Module -Name Az -AllowClobber -Scope CurrentUser -Force" + pwsh -c "Import-Module Az" - name: setup python uses: actions/setup-python@v2 with: @@ -41,3 +48,10 @@ jobs: bash cleanup.sh working-directory: infra continue-on-error: true + - name: Perform additional Cleanup + shell: pwsh + run: | + source "${{ github.workspace }}/infra/sdk_helpers.sh"; + source "${{ github.workspace }}/infra/init_environment.sh"; + & ${{ github.workspace }}/infra/scripts/remove-role-assignments.ps1 -ResourceScope "/subscriptions/$env:SUBSCRIPTION_ID/resourceGroups/$env:RESOURCE_GROUP_NAME" + working-directory: infra diff --git a/infra/scripts/remove-role-assignments.ps1 b/infra/scripts/remove-role-assignments.ps1 new file mode 100644 index 0000000000..96f34d7ce9 --- /dev/null +++ b/infra/scripts/remove-role-assignments.ps1 @@ -0,0 +1,33 @@ +#################################################################################################### +# This script allows you to remove stale role assignments listed as 'Identity not found' # +#################################################################################################### +[CmdletBinding()] +param ( + [Parameter(Mandatory=$true)] + [string] + $ResourceScope +) +function Get-RoleAssignmentCount { + Write-Output "Determing unknown Role Assignment count..." + $stale = Get-AzRoleAssignment -Scope "$ResourceScope" | Where-Object { $_.ObjectType -eq 'Unknown'} + $unknownRoleAssignmentCount = $stale.Count + Write-Output "Total Unknown Role Assignment Count: $unknownRoleAssignmentCount..." + + return $unknownRoleAssignmentCount +} + +try +{ + Write-Output "Pre-checking the RoleAssignment count..." + Get-RoleAssignmentCount + Get-AzRoleAssignment -Scope "$ResourceScope" | Where-Object { $_.ObjectType -eq 'Unknown'} | Remove-AzRoleAssignment + Write-Output "Check the Role Assignment count after cleanup" + Get-RoleAssignmentCount + Write-Output "Role Assignment clean-up complete." +} +catch +{ + Write-Error "There was an issue cleaning the . See details: $($_.ErrorDetails.Message)" + # Write-Error $_.Exception.Message + # Exit 1 +} \ No newline at end of file From aad9bb848e3289261a18030ec77f93ceb59a0f21 Mon Sep 17 00:00:00 2001 From: Harneet Virk Date: Mon, 30 Jan 2023 11:48:19 -0800 Subject: [PATCH 02/21] Update error message --- infra/scripts/remove-role-assignments.ps1 | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/infra/scripts/remove-role-assignments.ps1 b/infra/scripts/remove-role-assignments.ps1 index 96f34d7ce9..0de076db09 100644 --- a/infra/scripts/remove-role-assignments.ps1 +++ b/infra/scripts/remove-role-assignments.ps1 @@ -27,7 +27,6 @@ try } catch { - Write-Error "There was an issue cleaning the . See details: $($_.ErrorDetails.Message)" - # Write-Error $_.Exception.Message - # Exit 1 -} \ No newline at end of file + Write-Error "There was an issue in cleaning-up the Role Assignment. See details: $($_.ErrorDetails.Message)" + Exit 1 +} From bc8b2544c70733c399624b521085c75260183d32 Mon Sep 17 00:00:00 2001 From: Harneet Virk Date: Mon, 30 Jan 2023 11:53:25 -0800 Subject: [PATCH 03/21] Change the task --- .github/workflows/automated-cleanup-resources.yml | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/.github/workflows/automated-cleanup-resources.yml b/.github/workflows/automated-cleanup-resources.yml index 002115bed3..c1ffd62c1c 100644 --- a/.github/workflows/automated-cleanup-resources.yml +++ b/.github/workflows/automated-cleanup-resources.yml @@ -18,13 +18,6 @@ jobs: steps: - name: check out repo uses: actions/checkout@v2 - - run: - name: Install for PowerShell - command: | - apt-get -y update && apt-get -y install powershell - pwsh -v - pwsh -c "Install-Module -Name Az -AllowClobber -Scope CurrentUser -Force" - pwsh -c "Import-Module Az" - name: setup python uses: actions/setup-python@v2 with: @@ -39,6 +32,10 @@ jobs: source "${{ github.workspace }}/infra/sdk_helpers.sh"; source "${{ github.workspace }}/infra/init_environment.sh"; bash setup.sh + apt-get -y update && apt-get -y install powershell + pwsh -v + pwsh -c "Install-Module -Name Az -AllowClobber -Scope CurrentUser -Force" + pwsh -c "Import-Module Az" working-directory: cli continue-on-error: true - name: Perform Cleanup From 8c6c9f7488cd7ad7367ba166bf3d6a970f2e1c16 Mon Sep 17 00:00:00 2001 From: Harneet Virk Date: Mon, 30 Jan 2023 12:00:12 -0800 Subject: [PATCH 04/21] Update the call to bash --- .github/workflows/automated-cleanup-resources.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/automated-cleanup-resources.yml b/.github/workflows/automated-cleanup-resources.yml index c1ffd62c1c..b1b9f7d621 100644 --- a/.github/workflows/automated-cleanup-resources.yml +++ b/.github/workflows/automated-cleanup-resources.yml @@ -48,7 +48,7 @@ jobs: - name: Perform additional Cleanup shell: pwsh run: | - source "${{ github.workspace }}/infra/sdk_helpers.sh"; - source "${{ github.workspace }}/infra/init_environment.sh"; + & "${{ github.workspace }}/infra/sdk_helpers.sh"; + & "${{ github.workspace }}/infra/init_environment.sh"; & ${{ github.workspace }}/infra/scripts/remove-role-assignments.ps1 -ResourceScope "/subscriptions/$env:SUBSCRIPTION_ID/resourceGroups/$env:RESOURCE_GROUP_NAME" working-directory: infra From cb3f478df2968ec4b56d6bf4ad88adaf806683a9 Mon Sep 17 00:00:00 2001 From: Harneet Virk Date: Mon, 30 Jan 2023 12:10:53 -0800 Subject: [PATCH 05/21] Update the error logging --- .github/workflows/automated-cleanup-resources.yml | 8 +++----- infra/scripts/remove-role-assignments.ps1 | 2 +- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/.github/workflows/automated-cleanup-resources.yml b/.github/workflows/automated-cleanup-resources.yml index b1b9f7d621..57ca183070 100644 --- a/.github/workflows/automated-cleanup-resources.yml +++ b/.github/workflows/automated-cleanup-resources.yml @@ -32,10 +32,8 @@ jobs: source "${{ github.workspace }}/infra/sdk_helpers.sh"; source "${{ github.workspace }}/infra/init_environment.sh"; bash setup.sh - apt-get -y update && apt-get -y install powershell + sudo apt-get -y update && sudo apt-get -y install powershell pwsh -v - pwsh -c "Install-Module -Name Az -AllowClobber -Scope CurrentUser -Force" - pwsh -c "Import-Module Az" working-directory: cli continue-on-error: true - name: Perform Cleanup @@ -48,7 +46,7 @@ jobs: - name: Perform additional Cleanup shell: pwsh run: | - & "${{ github.workspace }}/infra/sdk_helpers.sh"; - & "${{ github.workspace }}/infra/init_environment.sh"; + Install-Module -Name Az -AllowClobber -Scope CurrentUser -Force; + Import-Module Az; & ${{ github.workspace }}/infra/scripts/remove-role-assignments.ps1 -ResourceScope "/subscriptions/$env:SUBSCRIPTION_ID/resourceGroups/$env:RESOURCE_GROUP_NAME" working-directory: infra diff --git a/infra/scripts/remove-role-assignments.ps1 b/infra/scripts/remove-role-assignments.ps1 index 0de076db09..a991e23100 100644 --- a/infra/scripts/remove-role-assignments.ps1 +++ b/infra/scripts/remove-role-assignments.ps1 @@ -27,6 +27,6 @@ try } catch { - Write-Error "There was an issue in cleaning-up the Role Assignment. See details: $($_.ErrorDetails.Message)" + Write-Error "There was an issue in cleaning-up the Role Assignment. See details: $($_.Exception.Message)" Exit 1 } From 2e65768f4d7b6bd481187a1e228286da9c2c2deb Mon Sep 17 00:00:00 2001 From: Harneet Virk Date: Mon, 30 Jan 2023 13:18:35 -0800 Subject: [PATCH 06/21] Fix environment variables --- .github/workflows/automated-cleanup-resources.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/automated-cleanup-resources.yml b/.github/workflows/automated-cleanup-resources.yml index 57ca183070..b0dd467c42 100644 --- a/.github/workflows/automated-cleanup-resources.yml +++ b/.github/workflows/automated-cleanup-resources.yml @@ -48,5 +48,7 @@ jobs: run: | Install-Module -Name Az -AllowClobber -Scope CurrentUser -Force; Import-Module Az; + bash "${{ github.workspace }}/infra/sdk_helpers.sh"; + bash "${{ github.workspace }}/infra/init_environment.sh"; & ${{ github.workspace }}/infra/scripts/remove-role-assignments.ps1 -ResourceScope "/subscriptions/$env:SUBSCRIPTION_ID/resourceGroups/$env:RESOURCE_GROUP_NAME" working-directory: infra From 68e7ad6d18348230e8097acbf9dbadeaa402f70a Mon Sep 17 00:00:00 2001 From: Harneet Virk Date: Mon, 30 Jan 2023 13:54:51 -0800 Subject: [PATCH 07/21] Fix the call to bash --- .github/workflows/automated-cleanup-resources.yml | 6 +++--- infra/scripts/call_all_scripts.ps1 | 5 +++++ ...ove-role-assignments.ps1 => remove_role_assignments.ps1} | 0 3 files changed, 8 insertions(+), 3 deletions(-) create mode 100644 infra/scripts/call_all_scripts.ps1 rename infra/scripts/{remove-role-assignments.ps1 => remove_role_assignments.ps1} (100%) diff --git a/.github/workflows/automated-cleanup-resources.yml b/.github/workflows/automated-cleanup-resources.yml index b0dd467c42..e6772d22b8 100644 --- a/.github/workflows/automated-cleanup-resources.yml +++ b/.github/workflows/automated-cleanup-resources.yml @@ -48,7 +48,7 @@ jobs: run: | Install-Module -Name Az -AllowClobber -Scope CurrentUser -Force; Import-Module Az; - bash "${{ github.workspace }}/infra/sdk_helpers.sh"; - bash "${{ github.workspace }}/infra/init_environment.sh"; - & ${{ github.workspace }}/infra/scripts/remove-role-assignments.ps1 -ResourceScope "/subscriptions/$env:SUBSCRIPTION_ID/resourceGroups/$env:RESOURCE_GROUP_NAME" + "${{ github.workspace }}/infra/sdk_helpers.sh"; + "${{ github.workspace }}/infra/init_environment.sh"; + & "${{ github.workspace }}/infra/scripts/call_all_scripts.ps1" working-directory: infra diff --git a/infra/scripts/call_all_scripts.ps1 b/infra/scripts/call_all_scripts.ps1 new file mode 100644 index 0000000000..f53e57789d --- /dev/null +++ b/infra/scripts/call_all_scripts.ps1 @@ -0,0 +1,5 @@ +#################################################################################################### +# All the post cleanup scripts are called from this file # +#################################################################################################### + +./remove_role_assignments.ps1 -ResourceScope "/subscriptions/$env:SUBSCRIPTION_ID/resourceGroups/$env:RESOURCE_GROUP_NAME" diff --git a/infra/scripts/remove-role-assignments.ps1 b/infra/scripts/remove_role_assignments.ps1 similarity index 100% rename from infra/scripts/remove-role-assignments.ps1 rename to infra/scripts/remove_role_assignments.ps1 From 872f9baf9efa14289a51c809d4718b1a6bf56374 Mon Sep 17 00:00:00 2001 From: Harneet Virk Date: Mon, 30 Jan 2023 14:34:24 -0800 Subject: [PATCH 08/21] Fix the path --- .../workflows/automated-cleanup-resources.yml | 16 +++++++--------- infra/scripts/call_all_scripts.ps1 | 2 +- 2 files changed, 8 insertions(+), 10 deletions(-) diff --git a/.github/workflows/automated-cleanup-resources.yml b/.github/workflows/automated-cleanup-resources.yml index e6772d22b8..36bb6792f3 100644 --- a/.github/workflows/automated-cleanup-resources.yml +++ b/.github/workflows/automated-cleanup-resources.yml @@ -32,8 +32,6 @@ jobs: source "${{ github.workspace }}/infra/sdk_helpers.sh"; source "${{ github.workspace }}/infra/init_environment.sh"; bash setup.sh - sudo apt-get -y update && sudo apt-get -y install powershell - pwsh -v working-directory: cli continue-on-error: true - name: Perform Cleanup @@ -44,11 +42,11 @@ jobs: working-directory: infra continue-on-error: true - name: Perform additional Cleanup - shell: pwsh run: | - Install-Module -Name Az -AllowClobber -Scope CurrentUser -Force; - Import-Module Az; - "${{ github.workspace }}/infra/sdk_helpers.sh"; - "${{ github.workspace }}/infra/init_environment.sh"; - & "${{ github.workspace }}/infra/scripts/call_all_scripts.ps1" - working-directory: infra + source "${{ github.workspace }}/infra/sdk_helpers.sh"; + source "${{ github.workspace }}/infra/init_environment.sh"; + bash setup.sh + sudo apt-get -y update && sudo apt-get -y install powershell + pwsh -v + pwsh -c 'Install-Module Az -Force; Import-Module Az -Force;' + pwsh -File '${{ github.workspace }}/infra/scripts/call_all_scripts.ps1' \ No newline at end of file diff --git a/infra/scripts/call_all_scripts.ps1 b/infra/scripts/call_all_scripts.ps1 index f53e57789d..feb216bf85 100644 --- a/infra/scripts/call_all_scripts.ps1 +++ b/infra/scripts/call_all_scripts.ps1 @@ -2,4 +2,4 @@ # All the post cleanup scripts are called from this file # #################################################################################################### -./remove_role_assignments.ps1 -ResourceScope "/subscriptions/$env:SUBSCRIPTION_ID/resourceGroups/$env:RESOURCE_GROUP_NAME" +./scripts/remove_role_assignments.ps1 -ResourceScope "/subscriptions/$env:SUBSCRIPTION_ID/resourceGroups/$env:RESOURCE_GROUP_NAME" From 4a4a5e6021a6a050c84ab66e2aeefaf23cc81893 Mon Sep 17 00:00:00 2001 From: Harneet Virk Date: Mon, 30 Jan 2023 15:59:20 -0800 Subject: [PATCH 09/21] Remove setup call --- .github/workflows/automated-cleanup-resources.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/automated-cleanup-resources.yml b/.github/workflows/automated-cleanup-resources.yml index 36bb6792f3..8f86586e28 100644 --- a/.github/workflows/automated-cleanup-resources.yml +++ b/.github/workflows/automated-cleanup-resources.yml @@ -45,7 +45,6 @@ jobs: run: | source "${{ github.workspace }}/infra/sdk_helpers.sh"; source "${{ github.workspace }}/infra/init_environment.sh"; - bash setup.sh sudo apt-get -y update && sudo apt-get -y install powershell pwsh -v pwsh -c 'Install-Module Az -Force; Import-Module Az -Force;' From 9352d00dc87e34d237711181b1d5a38330ba8311 Mon Sep 17 00:00:00 2001 From: Harneet Virk Date: Mon, 30 Jan 2023 16:21:39 -0800 Subject: [PATCH 10/21] Update PS call --- infra/scripts/call_all_scripts.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infra/scripts/call_all_scripts.ps1 b/infra/scripts/call_all_scripts.ps1 index feb216bf85..d04afecbf2 100644 --- a/infra/scripts/call_all_scripts.ps1 +++ b/infra/scripts/call_all_scripts.ps1 @@ -2,4 +2,4 @@ # All the post cleanup scripts are called from this file # #################################################################################################### -./scripts/remove_role_assignments.ps1 -ResourceScope "/subscriptions/$env:SUBSCRIPTION_ID/resourceGroups/$env:RESOURCE_GROUP_NAME" +"scripts/remove_role_assignments.ps1" -ResourceScope "/subscriptions/$env:SUBSCRIPTION_ID/resourceGroups/$env:RESOURCE_GROUP_NAME" From 3af61846b941486fcbb48726ec2c2ba36559ce5d Mon Sep 17 00:00:00 2001 From: Harneet Virk Date: Mon, 30 Jan 2023 19:14:37 -0800 Subject: [PATCH 11/21] Fix the path --- infra/scripts/call_all_scripts.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infra/scripts/call_all_scripts.ps1 b/infra/scripts/call_all_scripts.ps1 index d04afecbf2..9f3ee31987 100644 --- a/infra/scripts/call_all_scripts.ps1 +++ b/infra/scripts/call_all_scripts.ps1 @@ -2,4 +2,4 @@ # All the post cleanup scripts are called from this file # #################################################################################################### -"scripts/remove_role_assignments.ps1" -ResourceScope "/subscriptions/$env:SUBSCRIPTION_ID/resourceGroups/$env:RESOURCE_GROUP_NAME" +scripts/remove_role_assignments.ps1 "/subscriptions/$env:SUBSCRIPTION_ID/resourceGroups/$env:RESOURCE_GROUP_NAME" From 3aebd48b780d192419639cb3d8b23636f4b4dd19 Mon Sep 17 00:00:00 2001 From: Harneet Virk Date: Mon, 30 Jan 2023 21:09:49 -0800 Subject: [PATCH 12/21] Update the path --- infra/scripts/call_all_scripts.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infra/scripts/call_all_scripts.ps1 b/infra/scripts/call_all_scripts.ps1 index 9f3ee31987..e63d3a252b 100644 --- a/infra/scripts/call_all_scripts.ps1 +++ b/infra/scripts/call_all_scripts.ps1 @@ -2,4 +2,4 @@ # All the post cleanup scripts are called from this file # #################################################################################################### -scripts/remove_role_assignments.ps1 "/subscriptions/$env:SUBSCRIPTION_ID/resourceGroups/$env:RESOURCE_GROUP_NAME" +&"$PSScriptroot\remove_role_assignments.ps1" "/subscriptions/$env:SUBSCRIPTION_ID/resourceGroups/$env:RESOURCE_GROUP_NAME" From 6146df053df1a48810f4976e685813a864a92032 Mon Sep 17 00:00:00 2001 From: Harneet Virk Date: Mon, 30 Jan 2023 21:42:54 -0800 Subject: [PATCH 13/21] Update the azpssession --- .github/workflows/automated-cleanup-resources.yml | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/.github/workflows/automated-cleanup-resources.yml b/.github/workflows/automated-cleanup-resources.yml index 8f86586e28..91b770e988 100644 --- a/.github/workflows/automated-cleanup-resources.yml +++ b/.github/workflows/automated-cleanup-resources.yml @@ -26,7 +26,12 @@ jobs: uses: azure/login@v1 with: creds: ${{secrets.AZUREML_CREDENTIALS}} + enable-AzPSSession: true continue-on-error: true + - name: "Install Az Modules" + shell: pwsh + run: | + Install-Module Az -Force; Import-Module Az -Force; - name: setup-cli run: | source "${{ github.workspace }}/infra/sdk_helpers.sh"; @@ -45,7 +50,4 @@ jobs: run: | source "${{ github.workspace }}/infra/sdk_helpers.sh"; source "${{ github.workspace }}/infra/init_environment.sh"; - sudo apt-get -y update && sudo apt-get -y install powershell - pwsh -v - pwsh -c 'Install-Module Az -Force; Import-Module Az -Force;' - pwsh -File '${{ github.workspace }}/infra/scripts/call_all_scripts.ps1' \ No newline at end of file + pwsh -File '${{ github.workspace }}/infra/scripts/call_all_scripts.ps1' From bac975ad57b72de9d584d1bb38f7586c1a106edf Mon Sep 17 00:00:00 2001 From: Harneet Virk Date: Tue, 21 Feb 2023 16:31:21 -0800 Subject: [PATCH 14/21] Add verbose logging for troubleshooting the exit code 100 issue --- infra/scripts/call_all_scripts.ps1 | 2 +- infra/scripts/remove_role_assignments.ps1 | 18 ++++++++++++------ infra/sdk_helpers.sh | 11 ++++++----- 3 files changed, 19 insertions(+), 12 deletions(-) diff --git a/infra/scripts/call_all_scripts.ps1 b/infra/scripts/call_all_scripts.ps1 index e63d3a252b..8bd68e2abb 100644 --- a/infra/scripts/call_all_scripts.ps1 +++ b/infra/scripts/call_all_scripts.ps1 @@ -2,4 +2,4 @@ # All the post cleanup scripts are called from this file # #################################################################################################### -&"$PSScriptroot\remove_role_assignments.ps1" "/subscriptions/$env:SUBSCRIPTION_ID/resourceGroups/$env:RESOURCE_GROUP_NAME" +&"$PSScriptroot\remove_role_assignments.ps1" -ResourceGroupName "$env:RESOURCE_GROUP_NAME" diff --git a/infra/scripts/remove_role_assignments.ps1 b/infra/scripts/remove_role_assignments.ps1 index a991e23100..235625d6bd 100644 --- a/infra/scripts/remove_role_assignments.ps1 +++ b/infra/scripts/remove_role_assignments.ps1 @@ -4,23 +4,29 @@ [CmdletBinding()] param ( [Parameter(Mandatory=$true)] - [string] - $ResourceScope + [ValidateNotNullOrEmpty()] + [string]$ResourceGroupName ) function Get-RoleAssignmentCount { - Write-Output "Determing unknown Role Assignment count..." - $stale = Get-AzRoleAssignment -Scope "$ResourceScope" | Where-Object { $_.ObjectType -eq 'Unknown'} + $OBJTYPE = "Unknown" + Write-Output "Determing unknown Role Assignment count in the ResourceGroup:$ResourceGroupName..." + $stale = Get-AzRoleAssignment -ResourceGroupName "$ResourceGroupName" | Where-Object { $_.ObjectType -eq $OBJTYPE} $unknownRoleAssignmentCount = $stale.Count - Write-Output "Total Unknown Role Assignment Count: $unknownRoleAssignmentCount..." + Write-Output "Total Unknown Role Assignment Count: $unknownRoleAssignmentCount in the ResourceGroup:$ResourceGroupName..." return $unknownRoleAssignmentCount } try { + $OBJTYPE = "Unknown" Write-Output "Pre-checking the RoleAssignment count..." Get-RoleAssignmentCount - Get-AzRoleAssignment -Scope "$ResourceScope" | Where-Object { $_.ObjectType -eq 'Unknown'} | Remove-AzRoleAssignment + # Remove only limited RoleDefinitions + $staleRoleAssignments = Get-AzRoleAssignment -ResourceGroupName "$ResourceGroupName" | Where-Object {($_.ObjectType -eq $OBJTYPE) -and ($_.RoleDefinitionName -match "Storage Blob Data Reader|AzureML Metrics Writer (preview)|AcrPull")} + $unknownRoleAssignmentCount = $staleRoleAssignments.Count + Write-Output "Initiating the cleanup of unknownRole in the ResourceGroup:$ResourceGroupName having count as $unknownRoleAssignmentCount..." + $staleRoleAssignments | Remove-AzRoleAssignment Write-Output "Check the Role Assignment count after cleanup" Get-RoleAssignmentCount Write-Output "Role Assignment clean-up complete." diff --git a/infra/sdk_helpers.sh b/infra/sdk_helpers.sh index 4bf0edb371..f205ad4914 100644 --- a/infra/sdk_helpers.sh +++ b/infra/sdk_helpers.sh @@ -266,9 +266,9 @@ function install_packages() { echo_info ">>> Updating packages index" echo_info "------------------------------------------------" - sudo apt-get update > /dev/null 2>&1 - sudo apt-get upgrade -y > /dev/null 2>&1 - sudo apt-get dist-upgrade -y > /dev/null 2>&1 + sudo apt-get update + sudo apt-get upgrade -y + sudo apt-get dist-upgrade -y echo_info ">>> Installing packages" @@ -283,14 +283,15 @@ function install_packages() { for package in "${packages_to_install[@]}"; do echo_info "Installing '$package'" if ! IsInstalled "$package"; then - sudo apt-get install -y --no-install-recommends "${package}" > /dev/null 2>&1 + # sudo apt-get install -y --no-install-recommends "${package}" > /dev/null 2>&1 + sudo apt-get install -y --no-install-recommends "${package}" else echo_info "$package is already installed" fi done echo_info ">>> Clean local cache for packages" - sudo apt-get autoclean && sudo apt-get autoremove > /dev/null 2>&1 + sudo apt-get autoclean && sudo apt-get autoremove } function add_extension() { From a7af563220fa356b0db542a0334c1ea4ccecbc8a Mon Sep 17 00:00:00 2001 From: Harneet Virk Date: Wed, 22 Feb 2023 21:23:58 -0800 Subject: [PATCH 15/21] Update grub-efi --- infra/sdk_helpers.sh | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/infra/sdk_helpers.sh b/infra/sdk_helpers.sh index f205ad4914..cdabd7e028 100644 --- a/infra/sdk_helpers.sh +++ b/infra/sdk_helpers.sh @@ -268,6 +268,13 @@ function install_packages() { sudo apt-get update sudo apt-get upgrade -y + # sudo apt install --reinstall grub-efi-arm64-signed -y + # Errors: grub-efi-amd64-signed & shim-signed + # https://stackoverflow.com/questions/53203528/errors-grub-efi-amd64-signed-shim-signed/53284186#53284186 + sudo apt-get purge grub\* + sudo apt-get install grub-efi + sudo apt-get autoremove + sudo update-grub sudo apt-get dist-upgrade -y echo_info ">>> Installing packages" From 61fe1fa4beb48513edb2e8867ed7f0ba4f226d9d Mon Sep 17 00:00:00 2001 From: Harneet Virk Date: Wed, 22 Feb 2023 21:28:32 -0800 Subject: [PATCH 16/21] Update grub-efi with reinstallation --- infra/sdk_helpers.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/infra/sdk_helpers.sh b/infra/sdk_helpers.sh index cdabd7e028..5cce2d70d8 100644 --- a/infra/sdk_helpers.sh +++ b/infra/sdk_helpers.sh @@ -268,13 +268,13 @@ function install_packages() { sudo apt-get update sudo apt-get upgrade -y - # sudo apt install --reinstall grub-efi-arm64-signed -y + sudo apt install --reinstall grub-efi-arm64-signed -y # Errors: grub-efi-amd64-signed & shim-signed # https://stackoverflow.com/questions/53203528/errors-grub-efi-amd64-signed-shim-signed/53284186#53284186 - sudo apt-get purge grub\* - sudo apt-get install grub-efi - sudo apt-get autoremove - sudo update-grub + # sudo apt-get purge grub\* + # sudo apt-get install grub-efi + # sudo apt-get autoremove + # sudo update-grub sudo apt-get dist-upgrade -y echo_info ">>> Installing packages" From 11fa1580b0cb313f439d71a71c8a7d19a8210990 Mon Sep 17 00:00:00 2001 From: Harneet Virk Date: Wed, 22 Feb 2023 21:34:11 -0800 Subject: [PATCH 17/21] Update grub-efi with reinstallation --- infra/sdk_helpers.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infra/sdk_helpers.sh b/infra/sdk_helpers.sh index 5cce2d70d8..8ba5d0aad0 100644 --- a/infra/sdk_helpers.sh +++ b/infra/sdk_helpers.sh @@ -267,8 +267,8 @@ function install_packages() { echo_info "------------------------------------------------" sudo apt-get update - sudo apt-get upgrade -y sudo apt install --reinstall grub-efi-arm64-signed -y + sudo apt-get upgrade -y # Errors: grub-efi-amd64-signed & shim-signed # https://stackoverflow.com/questions/53203528/errors-grub-efi-amd64-signed-shim-signed/53284186#53284186 # sudo apt-get purge grub\* From f3b39ea4842b885b18fc6c92446169af3f8aa9e8 Mon Sep 17 00:00:00 2001 From: Harneet Virk Date: Wed, 22 Feb 2023 21:36:49 -0800 Subject: [PATCH 18/21] Remove an update grub-efi with reinstallation --- infra/sdk_helpers.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/infra/sdk_helpers.sh b/infra/sdk_helpers.sh index 8ba5d0aad0..3f26734391 100644 --- a/infra/sdk_helpers.sh +++ b/infra/sdk_helpers.sh @@ -267,7 +267,7 @@ function install_packages() { echo_info "------------------------------------------------" sudo apt-get update - sudo apt install --reinstall grub-efi-arm64-signed -y + # sudo apt install --reinstall grub-efi-arm64-signed -y sudo apt-get upgrade -y # Errors: grub-efi-amd64-signed & shim-signed # https://stackoverflow.com/questions/53203528/errors-grub-efi-amd64-signed-shim-signed/53284186#53284186 @@ -275,7 +275,7 @@ function install_packages() { # sudo apt-get install grub-efi # sudo apt-get autoremove # sudo update-grub - sudo apt-get dist-upgrade -y + # sudo apt-get dist-upgrade -y echo_info ">>> Installing packages" From bb349cbb63bcb714fab993038fe72890c0ab6a74 Mon Sep 17 00:00:00 2001 From: Harneet Virk Date: Wed, 22 Feb 2023 21:47:36 -0800 Subject: [PATCH 19/21] Add grub-efi-amd64-bin --- infra/sdk_helpers.sh | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/infra/sdk_helpers.sh b/infra/sdk_helpers.sh index 3f26734391..0631478f85 100644 --- a/infra/sdk_helpers.sh +++ b/infra/sdk_helpers.sh @@ -266,16 +266,22 @@ function install_packages() { echo_info ">>> Updating packages index" echo_info "------------------------------------------------" + echo_info ">>> Executing: apt-get update" sudo apt-get update + echo_info ">>> Executing: apt install grub-efi-amd64-bin" + sudo apt install grub-efi-amd64-bin # sudo apt install --reinstall grub-efi-arm64-signed -y + echo_info ">>> Executing: apt-get upgrade" sudo apt-get upgrade -y + echo_info ">>> Executing: apt-get upgrade" # Errors: grub-efi-amd64-signed & shim-signed # https://stackoverflow.com/questions/53203528/errors-grub-efi-amd64-signed-shim-signed/53284186#53284186 # sudo apt-get purge grub\* # sudo apt-get install grub-efi # sudo apt-get autoremove # sudo update-grub - # sudo apt-get dist-upgrade -y + echo_info ">>> Executing: apt-get dist-upgrade" + sudo apt-get dist-upgrade -y echo_info ">>> Installing packages" From 66fcef36f4c1c664804379011777f82ad5d21681 Mon Sep 17 00:00:00 2001 From: Harneet Virk Date: Wed, 22 Feb 2023 21:55:35 -0800 Subject: [PATCH 20/21] bypass the error for grub-efi-amd64-signed --- infra/sdk_helpers.sh | 14 +++----------- 1 file changed, 3 insertions(+), 11 deletions(-) diff --git a/infra/sdk_helpers.sh b/infra/sdk_helpers.sh index 0631478f85..6549c4a83a 100644 --- a/infra/sdk_helpers.sh +++ b/infra/sdk_helpers.sh @@ -267,19 +267,11 @@ function install_packages() { echo_info "------------------------------------------------" echo_info ">>> Executing: apt-get update" - sudo apt-get update - echo_info ">>> Executing: apt install grub-efi-amd64-bin" - sudo apt install grub-efi-amd64-bin - # sudo apt install --reinstall grub-efi-arm64-signed -y + # https://github.com/orgs/community/discussions/47863 + sudo apt-mark hold grub-efi-amd64-signed + sudo apt-get update --fix-missing echo_info ">>> Executing: apt-get upgrade" sudo apt-get upgrade -y - echo_info ">>> Executing: apt-get upgrade" - # Errors: grub-efi-amd64-signed & shim-signed - # https://stackoverflow.com/questions/53203528/errors-grub-efi-amd64-signed-shim-signed/53284186#53284186 - # sudo apt-get purge grub\* - # sudo apt-get install grub-efi - # sudo apt-get autoremove - # sudo update-grub echo_info ">>> Executing: apt-get dist-upgrade" sudo apt-get dist-upgrade -y From 34d567894edd64b5099d102215049faae5df6b4e Mon Sep 17 00:00:00 2001 From: Harneet Virk Date: Thu, 23 Feb 2023 09:25:50 -0800 Subject: [PATCH 21/21] Adding the redirections back --- infra/sdk_helpers.sh | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/infra/sdk_helpers.sh b/infra/sdk_helpers.sh index 6549c4a83a..310c46fe61 100644 --- a/infra/sdk_helpers.sh +++ b/infra/sdk_helpers.sh @@ -288,15 +288,14 @@ function install_packages() { for package in "${packages_to_install[@]}"; do echo_info "Installing '$package'" if ! IsInstalled "$package"; then - # sudo apt-get install -y --no-install-recommends "${package}" > /dev/null 2>&1 - sudo apt-get install -y --no-install-recommends "${package}" + sudo apt-get install -y --no-install-recommends "${package}" > /dev/null 2>&1 else echo_info "$package is already installed" fi done echo_info ">>> Clean local cache for packages" - sudo apt-get autoclean && sudo apt-get autoremove + sudo apt-get autoclean && sudo apt-get autoremove > /dev/null 2>&1 } function add_extension() {