From b59147c79920b964972c64141eeb572c070a9e52 Mon Sep 17 00:00:00 2001 From: Luuk van Venrooij Date: Mon, 23 Mar 2020 12:07:25 +0100 Subject: [PATCH] - Add ability to add subsciptionId to sp.yml on Azure (#1044) --- CHANGELOG-0.6.md | 1 + .../cli/engine/terraform/TerraformRunner.py | 16 ++++++++++++---- docs/home/howto/CLUSTER.md | 1 + 3 files changed, 14 insertions(+), 4 deletions(-) diff --git a/CHANGELOG-0.6.md b/CHANGELOG-0.6.md index eaa632915d..78b21eeced 100644 --- a/CHANGELOG-0.6.md +++ b/CHANGELOG-0.6.md @@ -8,6 +8,7 @@ - [#987](https://github.com/epiphany-platform/epiphany/issues/987) - Add verbosity levels for Terraform and Ansible - [#656](https://github.com/epiphany-platform/epiphany/issues/656) - Add logrotation to kafka by size - [#1016](https://github.com/epiphany-platform/epiphany/issues/1016) - Disable verify , backup and recovery as they are not fully implemented +- [#1044](https://github.com/epiphany-platform/epiphany/issues/1044) - Add ability to add subsciptionId to sp.yml on Azure ### Fixed diff --git a/core/src/epicli/cli/engine/terraform/TerraformRunner.py b/core/src/epicli/cli/engine/terraform/TerraformRunner.py index dda24cfa62..583f249678 100644 --- a/core/src/epicli/cli/engine/terraform/TerraformRunner.py +++ b/core/src/epicli/cli/engine/terraform/TerraformRunner.py @@ -49,22 +49,30 @@ def azure_login(self): subscription = apiproxy.login_account() apiproxy.set_active_subscribtion(subscription['id']) - # Create the service principle + # Create the service principle, for now we use the default subscription self.logger.info('Creating service principal') cluster_name = self.cluster_model.specification.name.lower() cluster_prefix = self.cluster_model.specification.prefix.lower() resource_group_name = resource_name(cluster_prefix, cluster_name, 'rg') sp = apiproxy.create_sp(resource_group_name, subscription['id']) + sp['subscriptionId'] = subscription['id'] save_sp(sp, self.cluster_model.specification.name) else: self.logger.info('Using service principal from file') sp = load_yaml_file(sp_file) - # Login as SP. + # Login as SP and get the default subscription. subscription = apiproxy.login_sp(sp) - # Setup environment variables for Terraform when working with Azure and service principal. - self.new_env['ARM_SUBSCRIPTION_ID'] = subscription[0]['id'] + if 'subscriptionId' in sp: + # Set active subscription if sp contains it. + apiproxy.set_active_subscribtion(sp['subscriptionId']) + self.new_env['ARM_SUBSCRIPTION_ID'] = sp['subscriptionId'] + else: + # No subscriptionId in sp.yml so use the default one from Azure SP login. + self.new_env['ARM_SUBSCRIPTION_ID'] = subscription[0]['id'] + + # Set other environment variables for Terraform when working with Azure and service principal. self.new_env['ARM_TENANT_ID'] = sp['tenant'] self.new_env['ARM_CLIENT_ID'] = sp['appId'] self.new_env['ARM_CLIENT_SECRET'] = sp['password'] diff --git a/docs/home/howto/CLUSTER.md b/docs/home/howto/CLUSTER.md index b5e1bdbf3a..f5f9b5d55c 100644 --- a/docs/home/howto/CLUSTER.md +++ b/docs/home/howto/CLUSTER.md @@ -256,6 +256,7 @@ To setup the cluster do the following steps from the provisioning machine: name: "http://app-name" password: "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx" tenant: "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx" + subscriptionId: "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx" ``` Epicli will read this file and automaticly use it for authentication for resource creation and management.