move storage queue creation into ARM template rather than custom python (#1193)

Co-authored-by: Brian Caswell <bmc@shmoo.com>
2025-06-15 11:28:09 +00:00 · 2021-08-27 14:18:08 -04:00
parent 14cc2564fe
commit 6555a100cc
3 changed files with 66 additions and 31 deletions
--- a/src/deployment/azuredeploy.json
+++ b/src/deployment/azuredeploy.json
@ -126,7 +126,12 @@
                        "objectId": "[reference(resourceId('Microsoft.Web/sites', parameters('name')), '2019-08-01', 'full').identity.principalId]",
                        "tenantId": "[subscription().tenantId]",
                        "permissions": {
-                            "secrets": ["get", "list", "set", "delete"]
+                            "secrets": [
                                "get",
                                "list",
                                "set",
                                "delete"
                            ]
                        }
                    }
                ],
@ -278,7 +283,9 @@
                        "clientSecret": "[parameters('clientSecret')]",
                        "issuer": "[parameters('app_func_issuer')]",
                        "defaultProvider": "AzureActiveDirectory",
-                        "allowedAudiences": ["[parameters('app_func_audience')]"],
+                        "allowedAudiences": [
                            "[parameters('app_func_audience')]"
                        ],
                        "isAadAutoProvisioned": false
                    }
                },
@ -670,6 +677,62 @@
                "[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountNameFunc'))]"
            ]
        },
        {
            "name": "[concat(variables('storageAccountNameFunc'), '/default/file-changes')]",
            "type": "Microsoft.Storage/storageAccounts/queueServices/queues",
            "apiVersion": "2019-06-01",
            "dependsOn": [
                "[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountNameFunc'))]"
            ]
        },
        {
            "name": "[concat(variables('storageAccountNameFunc'), '/default/task-heartbeat')]",
            "type": "Microsoft.Storage/storageAccounts/queueServices/queues",
            "apiVersion": "2019-06-01",
            "dependsOn": [
                "[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountNameFunc'))]"
            ]
        },
        {
            "name": "[concat(variables('storageAccountNameFunc'), '/default/node-heartbeat')]",
            "type": "Microsoft.Storage/storageAccounts/queueServices/queues",
            "apiVersion": "2019-06-01",
            "dependsOn": [
                "[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountNameFunc'))]"
            ]
        },
        {
            "name": "[concat(variables('storageAccountNameFunc'), '/default/proxy')]",
            "type": "Microsoft.Storage/storageAccounts/queueServices/queues",
            "apiVersion": "2019-06-01",
            "dependsOn": [
                "[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountNameFunc'))]"
            ]
        },
        {
            "name": "[concat(variables('storageAccountNameFunc'), '/default/update-queue')]",
            "type": "Microsoft.Storage/storageAccounts/queueServices/queues",
            "apiVersion": "2019-06-01",
            "dependsOn": [
                "[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountNameFunc'))]"
            ]
        },
        {
            "name": "[concat(variables('storageAccountNameFunc'), '/default/webhooks')]",
            "type": "Microsoft.Storage/storageAccounts/queueServices/queues",
            "apiVersion": "2019-06-01",
            "dependsOn": [
                "[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountNameFunc'))]"
            ]
        },
        {
            "name": "[concat(variables('storageAccountNameFunc'), '/default/signalr-events')]",
            "type": "Microsoft.Storage/storageAccounts/queueServices/queues",
            "apiVersion": "2019-06-01",
            "dependsOn": [
                "[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountNameFunc'))]"
            ]
        },
        {
            "type": "Microsoft.Authorization/roleAssignments",
            "apiVersion": "2017-09-01",
--- a/src/deployment/deploy.py
+++ b/src/deployment/deploy.py
@ -21,7 +21,6 @@ from uuid import UUID
 from azure.common.client_factory import get_client_from_cli_profile
 from azure.common.credentials import get_cli_profile
 from azure.core.exceptions import ResourceExistsError
 from azure.cosmosdb.table.tableservice import TableService
 from azure.graphrbac import GraphRbacManagementClient
 from azure.graphrbac.models import (
@ -58,7 +57,6 @@ from azure.storage.blob import (
    ContainerSasPermissions,
    generate_container_sas,
 )
 from azure.storage.queue import QueueServiceClient
 from msrest.serialization import TZ_UTC
 from data_migration import migrate
@ -568,30 +566,6 @@ class Client:
            tenants.append(tenant)
        update_allowed_aad_tenants(table_service, self.application_name, tenants)
    def create_queues(self) -> None:
        logger.info("creating eventgrid destination queue")
        name = self.results["deploy"]["func-name"]["value"]
        key = self.results["deploy"]["func-key"]["value"]
        account_url = "https://%s.queue.core.windows.net" % name
        client = QueueServiceClient(
            account_url=account_url,
            credential={"account_name": name, "account_key": key},
        )
        for queue in [
            "file-changes",
            "task-heartbeat",
            "node-heartbeat",
            "proxy",
            "update-queue",
            "webhooks",
            "signalr-events",
        ]:
            try:
                client.create_queue(queue)
            except ResourceExistsError:
                pass
    def create_eventgrid(self) -> None:
        logger.info("creating eventgrid subscription")
        src_resource_id = self.results["deploy"]["fuzz-storage"]["value"]
@ -932,7 +906,6 @@ def main() -> None:
    full_deployment_states = rbac_only_states + [
        ("apply_migrations", Client.apply_migrations),
        ("set_instance_config", Client.set_instance_config),
        ("queues", Client.create_queues),
        ("eventgrid", Client.create_eventgrid),
        ("tools", Client.upload_tools),
        ("add_instance_id", Client.add_instance_id),
--- a/src/deployment/requirements.txt
+++ b/src/deployment/requirements.txt
@ -5,7 +5,6 @@ azure-mgmt-eventgrid==9.0.0
 azure-mgmt-resource==18.0.0
 azure-mgmt-storage==18.0.0
 azure-storage-blob==12.8.1
 azure-storage-queue==12.1.6
 pyfunctional==1.4.3
 pyopenssl==19.1.0
 adal~=1.2.5