diff --git a/src/deployment/azuredeploy.json b/src/deployment/azuredeploy.json index bf2eaf79a..7d9eea5da 100644 --- a/src/deployment/azuredeploy.json +++ b/src/deployment/azuredeploy.json @@ -122,11 +122,16 @@ "enabledForTemplateDeployment": true, "tenantId": "[subscription().tenantId]", "accessPolicies": [ - { + { "objectId": "[reference(resourceId('Microsoft.Web/sites', parameters('name')), '2019-08-01', 'full').identity.principalId]", "tenantId": "[subscription().tenantId]", "permissions": { - "secrets": ["get", "list", "set", "delete"] + "secrets": [ + "get", + "list", + "set", + "delete" + ] } } ], @@ -278,7 +283,9 @@ "clientSecret": "[parameters('clientSecret')]", "issuer": "[parameters('app_func_issuer')]", "defaultProvider": "AzureActiveDirectory", - "allowedAudiences": ["[parameters('app_func_audience')]"], + "allowedAudiences": [ + "[parameters('app_func_audience')]" + ], "isAadAutoProvisioned": false } }, @@ -670,6 +677,62 @@ "[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountNameFunc'))]" ] }, + { + "name": "[concat(variables('storageAccountNameFunc'), '/default/file-changes')]", + "type": "Microsoft.Storage/storageAccounts/queueServices/queues", + "apiVersion": "2019-06-01", + "dependsOn": [ + "[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountNameFunc'))]" + ] + }, + { + "name": "[concat(variables('storageAccountNameFunc'), '/default/task-heartbeat')]", + "type": "Microsoft.Storage/storageAccounts/queueServices/queues", + "apiVersion": "2019-06-01", + "dependsOn": [ + "[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountNameFunc'))]" + ] + }, + { + "name": "[concat(variables('storageAccountNameFunc'), '/default/node-heartbeat')]", + "type": "Microsoft.Storage/storageAccounts/queueServices/queues", + "apiVersion": "2019-06-01", + "dependsOn": [ + "[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountNameFunc'))]" + ] + }, + { + "name": "[concat(variables('storageAccountNameFunc'), '/default/proxy')]", + "type": "Microsoft.Storage/storageAccounts/queueServices/queues", + "apiVersion": "2019-06-01", + "dependsOn": [ + "[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountNameFunc'))]" + ] + }, + { + "name": "[concat(variables('storageAccountNameFunc'), '/default/update-queue')]", + "type": "Microsoft.Storage/storageAccounts/queueServices/queues", + "apiVersion": "2019-06-01", + "dependsOn": [ + "[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountNameFunc'))]" + ] + }, + { + "name": "[concat(variables('storageAccountNameFunc'), '/default/webhooks')]", + "type": "Microsoft.Storage/storageAccounts/queueServices/queues", + "apiVersion": "2019-06-01", + "dependsOn": [ + "[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountNameFunc'))]" + ] + }, + { + "name": "[concat(variables('storageAccountNameFunc'), '/default/signalr-events')]", + "type": "Microsoft.Storage/storageAccounts/queueServices/queues", + "apiVersion": "2019-06-01", + "dependsOn": [ + "[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountNameFunc'))]" + ] + }, { "type": "Microsoft.Authorization/roleAssignments", "apiVersion": "2017-09-01", diff --git a/src/deployment/deploy.py b/src/deployment/deploy.py index 918a829b2..17ab75389 100644 --- a/src/deployment/deploy.py +++ b/src/deployment/deploy.py @@ -21,7 +21,6 @@ from uuid import UUID from azure.common.client_factory import get_client_from_cli_profile from azure.common.credentials import get_cli_profile -from azure.core.exceptions import ResourceExistsError from azure.cosmosdb.table.tableservice import TableService from azure.graphrbac import GraphRbacManagementClient from azure.graphrbac.models import ( @@ -58,7 +57,6 @@ from azure.storage.blob import ( ContainerSasPermissions, generate_container_sas, ) -from azure.storage.queue import QueueServiceClient from msrest.serialization import TZ_UTC from data_migration import migrate @@ -568,30 +566,6 @@ class Client: tenants.append(tenant) update_allowed_aad_tenants(table_service, self.application_name, tenants) - def create_queues(self) -> None: - logger.info("creating eventgrid destination queue") - - name = self.results["deploy"]["func-name"]["value"] - key = self.results["deploy"]["func-key"]["value"] - account_url = "https://%s.queue.core.windows.net" % name - client = QueueServiceClient( - account_url=account_url, - credential={"account_name": name, "account_key": key}, - ) - for queue in [ - "file-changes", - "task-heartbeat", - "node-heartbeat", - "proxy", - "update-queue", - "webhooks", - "signalr-events", - ]: - try: - client.create_queue(queue) - except ResourceExistsError: - pass - def create_eventgrid(self) -> None: logger.info("creating eventgrid subscription") src_resource_id = self.results["deploy"]["fuzz-storage"]["value"] @@ -932,7 +906,6 @@ def main() -> None: full_deployment_states = rbac_only_states + [ ("apply_migrations", Client.apply_migrations), ("set_instance_config", Client.set_instance_config), - ("queues", Client.create_queues), ("eventgrid", Client.create_eventgrid), ("tools", Client.upload_tools), ("add_instance_id", Client.add_instance_id), diff --git a/src/deployment/requirements.txt b/src/deployment/requirements.txt index 9bcccabd3..1b33536c5 100644 --- a/src/deployment/requirements.txt +++ b/src/deployment/requirements.txt @@ -5,7 +5,6 @@ azure-mgmt-eventgrid==9.0.0 azure-mgmt-resource==18.0.0 azure-mgmt-storage==18.0.0 azure-storage-blob==12.8.1 -azure-storage-queue==12.1.6 pyfunctional==1.4.3 pyopenssl==19.1.0 adal~=1.2.5