diff --git a/Makefile b/Makefile index ab3ce67bb..b2df99999 100644 --- a/Makefile +++ b/Makefile @@ -54,7 +54,7 @@ take-dir-ownership: @sudo chown -R vscode . terraform-remote-backend: - @mv ./infra/backend.tf.ci ./infra/backend.tf + @./scripts/terraform-remote-backend.sh infrastructure-remote-backend: terraform-remote-backend infrastructure diff --git a/infra/backend.tf.ci b/infra/backend.tf.ci index 0a509b065..e46392729 100644 --- a/infra/backend.tf.ci +++ b/infra/backend.tf.ci @@ -1,5 +1,6 @@ terraform { - required_version = ">= 0.13" + required_version = ">= 0.15.3" backend "azurerm" { + environment = "public" } } \ No newline at end of file diff --git a/infra/backend.tf.us.ci b/infra/backend.tf.us.ci new file mode 100644 index 000000000..02aa1ee9d --- /dev/null +++ b/infra/backend.tf.us.ci @@ -0,0 +1,6 @@ +terraform { + required_version = ">= 0.15.3" + backend "azurerm" { + environment = "usgovernment" + } +} \ No newline at end of file diff --git a/scripts/check-subscription.sh b/scripts/check-subscription.sh index 1d1e08ee2..814e3b6ff 100755 --- a/scripts/check-subscription.sh +++ b/scripts/check-subscription.sh @@ -16,7 +16,7 @@ figlet Check Subscription if [ -n "${IN_AUTOMATION}" ] then - if [ -n "${AZURE_ENVIRONMENT}" ] && [ $AZURE_ENVIRONMENT == "AzureUSGovernment" ]; then + if [ -n "${AZURE_ENVIRONMENT}" ] && [[ $AZURE_ENVIRONMENT == "AzureUSGovernment" ]]; then az cloud set --name AzureUSGovernment fi diff --git a/scripts/deploy-enrichment-webapp.sh b/scripts/deploy-enrichment-webapp.sh index 4fb004c97..be5f730e8 100755 --- a/scripts/deploy-enrichment-webapp.sh +++ b/scripts/deploy-enrichment-webapp.sh @@ -38,7 +38,7 @@ fi if [ -n "${IN_AUTOMATION}" ] then - if [ -n "${AZURE_ENVIRONMENT}" ] && $AZURE_ENVIRONMENT == "AzureUSGovernment"; then + if [ -n "${AZURE_ENVIRONMENT}" ] && [[ $AZURE_ENVIRONMENT == "AzureUSGovernment" ]]; then az cloud set --name AzureUSGovernment fi diff --git a/scripts/deploy-functions.sh b/scripts/deploy-functions.sh index e09052db9..0d5388982 100755 --- a/scripts/deploy-functions.sh +++ b/scripts/deploy-functions.sh @@ -17,7 +17,7 @@ cd $BINARIES_OUTPUT_PATH if [ -n "${IN_AUTOMATION}" ] then - if [ -n "${AZURE_ENVIRONMENT}" ] && $AZURE_ENVIRONMENT == "AzureUSGovernment"; then + if [ -n "${AZURE_ENVIRONMENT}" ] && [[ $AZURE_ENVIRONMENT == "AzureUSGovernment" ]]; then az cloud set --name AzureUSGovernment fi diff --git a/scripts/deploy-search-indexes.sh b/scripts/deploy-search-indexes.sh index e02328797..667606490 100755 --- a/scripts/deploy-search-indexes.sh +++ b/scripts/deploy-search-indexes.sh @@ -14,7 +14,7 @@ source "${DIR}/environments/infrastructure.env" if [ -n "${IN_AUTOMATION}" ] then - if [ -n "${AZURE_ENVIRONMENT}" ] && $AZURE_ENVIRONMENT == "AzureUSGovernment"; then + if [ -n "${AZURE_ENVIRONMENT}" ] && [[ $AZURE_ENVIRONMENT == "AzureUSGovernment" ]]; then az cloud set --name AzureUSGovernment fi diff --git a/scripts/deploy-webapp.sh b/scripts/deploy-webapp.sh index 2a69a0695..201e037c0 100755 --- a/scripts/deploy-webapp.sh +++ b/scripts/deploy-webapp.sh @@ -38,7 +38,7 @@ fi if [ -n "${IN_AUTOMATION}" ] then - if [ -n "${AZURE_ENVIRONMENT}" ] && $AZURE_ENVIRONMENT == "AzureUSGovernment"; then + if [ -n "${AZURE_ENVIRONMENT}" ] && [[ $AZURE_ENVIRONMENT == "AzureUSGovernment" ]]; then az cloud set --name AzureUSGovernment fi diff --git a/scripts/inf-create.sh b/scripts/inf-create.sh index 1055aa5b6..0d8ba3bbb 100755 --- a/scripts/inf-create.sh +++ b/scripts/inf-create.sh @@ -49,6 +49,17 @@ if [ -n "${IN_AUTOMATION}" ]; then export TF_VAR_aadMgmtClientSecret=$aadMgmtAppSecret fi +if [ -n "${IN_AUTOMATION}" ] +then + + if [ -n "${AZURE_ENVIRONMENT}" ] && [[ $AZURE_ENVIRONMENT == "AzureUSGovernment" ]]; then + az cloud set --name AzureUSGovernment + fi + + az login --service-principal -u "$ARM_CLIENT_ID" -p "$ARM_CLIENT_SECRET" --tenant "$ARM_TENANT_ID" + az account set -s "$ARM_SUBSCRIPTION_ID" +fi + # Create our application configuration file before starting infrastructure ${DIR}/configuration-create.sh diff --git a/scripts/inf-destroy.sh b/scripts/inf-destroy.sh index 800b0f582..70db5e819 100755 --- a/scripts/inf-destroy.sh +++ b/scripts/inf-destroy.sh @@ -16,7 +16,7 @@ if [ -n "${IN_AUTOMATION}" ] then echo "Delete the resource group $RG_NAME, but don't wait (fire and forget)" - if [ -n "${AZURE_ENVIRONMENT}" ] && $AZURE_ENVIRONMENT == "AzureUSGovernment"; then + if [ -n "${AZURE_ENVIRONMENT}" ] && [[ $AZURE_ENVIRONMENT == "AzureUSGovernment" ]]; then az cloud set --name AzureUSGovernment fi diff --git a/scripts/terraform-init.sh b/scripts/terraform-init.sh index 027e437a9..d8b7859c7 100755 --- a/scripts/terraform-init.sh +++ b/scripts/terraform-init.sh @@ -59,11 +59,20 @@ trap finish EXIT if [ -n "${IN_AUTOMATION}" ] then - terraform init -backend-config="resource_group_name=$TF_BACKEND_RESOURCE_GROUP" \ + if [ -n "${AZURE_ENVIRONMENT}" ] && [[ "$AZURE_ENVIRONMENT" == "AzureUSGovernment" ]]; then + terraform init -backend-config="resource_group_name=$TF_BACKEND_RESOURCE_GROUP" \ + -backend-config="storage_account_name=$TF_BACKEND_STORAGE_ACCOUNT" \ + -backend-config="container_name=$TF_BACKEND_CONTAINER" \ + -backend-config="access_key=$TF_BACKEND_ACCESS_KEY" \ + -backend-config="key=$TF_BACKEND_STATE_KEY" \ + -backend-config="environment=usgovernment" + else + terraform init -backend-config="resource_group_name=$TF_BACKEND_RESOURCE_GROUP" \ -backend-config="storage_account_name=$TF_BACKEND_STORAGE_ACCOUNT" \ -backend-config="container_name=$TF_BACKEND_CONTAINER" \ -backend-config="access_key=$TF_BACKEND_ACCESS_KEY" \ -backend-config="key=$TF_BACKEND_STATE_KEY" + fi else terraform init -upgrade fi diff --git a/scripts/terraform-remote-backend.sh b/scripts/terraform-remote-backend.sh new file mode 100755 index 000000000..94f902cda --- /dev/null +++ b/scripts/terraform-remote-backend.sh @@ -0,0 +1,11 @@ +# Copyright (c) Microsoft Corporation. +# Licensed under the MIT license. + +#!/bin/bash +set -e + +if [ -n "${AZURE_ENVIRONMENT}" ] && [[ "$AZURE_ENVIRONMENT" == "AzureUSGovernment" ]]; then + mv ./infra/backend.tf.us.ci ./infra/backend.tf +else + mv ./infra/backend.tf.ci ./infra/backend.tf +fi \ No newline at end of file