github/azure-sdk-for-cpp
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
88bb72c045
azure-sdk-for-cpp/eng/common/TestResources/deploy-test-resources.yml
Azure SDK Bot 88bb72c045
Sync eng/common directory with azure-sdk-tools for PR 8371 (#5685) 
* Restrict live test storage account access to client IP

* Add storage pools to test resources vnet allowlist

* Use pool subnet map to reduce number of subnets added to live test resources

* snap

* Add test resource parameter to add ip ranges to storage firewall

* Validate and update ip firewall rules

* Get pool subnet using separate workload identity

---------

Co-authored-by: Ben Broderick Phillips <bebroder@microsoft.com>
2024-07-01 15:08:16 -04:00

104 lines
4.2 KiB
YAML
Raw Blame History

parameters:
ServiceDirectory: not-set
ArmTemplateParameters: '@{}'
DeleteAfterHours: 8
Location: ''
EnvVars: {}
SubscriptionConfiguration: $(sub-config-azure-cloud-test-resources)
ServiceConnection: not-specified
ResourceType: test
UseFederatedAuth: false
# SubscriptionConfiguration will be splatted into the parameters of the test
# resources script. It should be JSON in the form:
# {
# "SubscriptionId": "<subscription id>",
# "TenantId": "<tenant id>",
# "TestApplicationId": "<test app id>",
# "TestApplicationSecret": "<test app secret>",
# "ProvisionerApplicationId": "<provisioner app id>",
# "ProvisionerApplicationSecret": "<provisioner app secret>",
# "Environment": "AzureCloud | AzureGov | AzureChina | <other environment>"
# "EnvironmentVariables": {
# "SERVICE_MANAGEMENT_URL": "<service management url>",
# "STORAGE_ENDPOINT_SUFFIX": "<storage endpoint suffix>",
# "RESOURCE_MANAGER_URL": "<resource manager url>",
# "SEARCH_ENDPOINT_SUFFIX": "<search endpoint suffix>",
# "COSMOS_TABLES_ENDPOINT_SUFFIX": "<cosmos tables endpoint suffix>"
# },
# "ArmTemplateParameters": {
# "keyVaultDomainSuffix": "<keyVaultDomainSuffix>",
# "storageEndpointSuffix": "<storageEndpointSuffix>",
# "endpointSuffix": "<endpointSuffix>",
# "azureAuthorityHost": "<azureAuthorityHost>",
# "keyVaultEndpointSuffix": "<keyVaultEndpointSuffix>"
# }
# }
steps:
- template: /eng/common/pipelines/templates/steps/cache-ps-modules.yml
- template: /eng/common/TestResources/setup-environments.yml
- ${{ if eq('true', parameters.UseFederatedAuth) }}:
- task: AzurePowerShell@5
displayName: Deploy test resources
env:
TEMP: $(Agent.TempDirectory)
PoolSubnet: $(PoolSubnet)
${{ insert }}: ${{ parameters.EnvVars }}
inputs:
azureSubscription: ${{ parameters.ServiceConnection }}
azurePowerShellVersion: LatestVersion
pwsh: true
ScriptType: InlineScript
Inline: |
eng/common/scripts/Import-AzModules.ps1
$subscriptionConfiguration = @'
${{ parameters.SubscriptionConfiguration }}
'@ | ConvertFrom-Json -AsHashtable;
# The subscriptionConfiguration may have ArmTemplateParameters defined, so
# pass those in via the ArmTemplateParameters flag, and handle any
# additional parameters from the pipelines via AdditionalParameters
eng/common/TestResources/New-TestResources.ps1 `
-ResourceType '${{ parameters.ResourceType }}' `
-ServiceDirectory '${{ parameters.ServiceDirectory }}' `
-Location '${{ parameters.Location }}' `
-DeleteAfterHours '${{ parameters.DeleteAfterHours }}' `
@subscriptionConfiguration `
-AdditionalParameters ${{ parameters.ArmTemplateParameters }} `
-AllowIpRanges ('$(azsdk-corp-net-ip-ranges)' -split ',') `
-CI `
-Force `
-Verbose | Out-Null
- ${{ else }}:
- pwsh: |
eng/common/scripts/Import-AzModules.ps1
$subscriptionConfiguration = @'
${{ parameters.SubscriptionConfiguration }}
'@ | ConvertFrom-Json -AsHashtable;
# The subscriptionConfiguration may have ArmTemplateParameters defined, so
# pass those in via the ArmTemplateParameters flag, and handle any
# additional parameters from the pipelines via AdditionalParameters
eng/common/TestResources/New-TestResources.ps1 `
-ResourceType '${{ parameters.ResourceType }}' `
-ServiceDirectory '${{ parameters.ServiceDirectory }}' `
-Location '${{ parameters.Location }}' `
-DeleteAfterHours '${{ parameters.DeleteAfterHours }}' `
@subscriptionConfiguration `
-AdditionalParameters ${{ parameters.ArmTemplateParameters }} `
-AllowIpRanges ('$(azsdk-corp-net-ip-ranges)' -split ',') `
-CI `
-ServicePrincipalAuth `
-Force `
-Verbose | Out-Null
displayName: Deploy test resources
env:
TEMP: $(Agent.TempDirectory)
PoolSubnet: $(PoolSubnet)
${{ insert }}: ${{ parameters.EnvVars }}
Reference in New Issue View Git Blame Copy Permalink