ExternalVendorCode/onefuzz
1
0
Fork 0
mirror of https://github.com/microsoft/onefuzz.git synced 2025-06-15 03:18:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

move storage queue creation into ARM template rather than custom python (#1193)

Browse Source 
Co-authored-by: Brian Caswell <bmc@shmoo.com>
This commit is contained in:
bmc-msft
2021-08-27 14:18:08 -04:00
committed by GitHub
parent 14cc2564fe
commit 6555a100cc
3 changed files with 66 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

69
src/deployment/azuredeploy.json
View File

@ -122,11 +122,16 @@
"enabledForTemplateDeployment": true,
"tenantId": "[subscription().tenantId]",
"accessPolicies": [
{
{
"objectId": "[reference(resourceId('Microsoft.Web/sites', parameters('name')), '2019-08-01', 'full').identity.principalId]",
"tenantId": "[subscription().tenantId]",
"permissions": {
"secrets": ["get", "list", "set", "delete"]
"secrets": [
"get",
"list",
"set",
"delete"
]
}
}
],
@ -278,7 +283,9 @@
"clientSecret": "[parameters('clientSecret')]",
"issuer": "[parameters('app_func_issuer')]",
"defaultProvider": "AzureActiveDirectory",
"allowedAudiences": ["[parameters('app_func_audience')]"],
"allowedAudiences": [
"[parameters('app_func_audience')]"
],
"isAadAutoProvisioned": false
}
},
@ -670,6 +677,62 @@
"[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountNameFunc'))]"
]
},
{
"name": "[concat(variables('storageAccountNameFunc'), '/default/file-changes')]",
"type": "Microsoft.Storage/storageAccounts/queueServices/queues",
"apiVersion": "2019-06-01",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountNameFunc'))]"
]
},
{
"name": "[concat(variables('storageAccountNameFunc'), '/default/task-heartbeat')]",
"type": "Microsoft.Storage/storageAccounts/queueServices/queues",
"apiVersion": "2019-06-01",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountNameFunc'))]"
]
},
{
"name": "[concat(variables('storageAccountNameFunc'), '/default/node-heartbeat')]",
"type": "Microsoft.Storage/storageAccounts/queueServices/queues",
"apiVersion": "2019-06-01",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountNameFunc'))]"
]
},
{
"name": "[concat(variables('storageAccountNameFunc'), '/default/proxy')]",
"type": "Microsoft.Storage/storageAccounts/queueServices/queues",
"apiVersion": "2019-06-01",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountNameFunc'))]"
]
},
{
"name": "[concat(variables('storageAccountNameFunc'), '/default/update-queue')]",
"type": "Microsoft.Storage/storageAccounts/queueServices/queues",
"apiVersion": "2019-06-01",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountNameFunc'))]"
]
},
{
"name": "[concat(variables('storageAccountNameFunc'), '/default/webhooks')]",
"type": "Microsoft.Storage/storageAccounts/queueServices/queues",
"apiVersion": "2019-06-01",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountNameFunc'))]"
]
},
{
"name": "[concat(variables('storageAccountNameFunc'), '/default/signalr-events')]",
"type": "Microsoft.Storage/storageAccounts/queueServices/queues",
"apiVersion": "2019-06-01",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountNameFunc'))]"
]
},
{
"type": "Microsoft.Authorization/roleAssignments",
"apiVersion": "2017-09-01",

27
src/deployment/deploy.py
View File

@ -21,7 +21,6 @@ from uuid import UUID
from azure.common.client_factory import get_client_from_cli_profile
from azure.common.credentials import get_cli_profile
from azure.core.exceptions import ResourceExistsError
from azure.cosmosdb.table.tableservice import TableService
from azure.graphrbac import GraphRbacManagementClient
from azure.graphrbac.models import (
@ -58,7 +57,6 @@ from azure.storage.blob import (
ContainerSasPermissions,
generate_container_sas,
)
from azure.storage.queue import QueueServiceClient
from msrest.serialization import TZ_UTC
from data_migration import migrate
@ -568,30 +566,6 @@ class Client:
tenants.append(tenant)
update_allowed_aad_tenants(table_service, self.application_name, tenants)
def create_queues(self) -> None:
logger.info("creating eventgrid destination queue")
name = self.results["deploy"]["func-name"]["value"]
key = self.results["deploy"]["func-key"]["value"]
account_url = "https://%s.queue.core.windows.net" % name
client = QueueServiceClient(
account_url=account_url,
credential={"account_name": name, "account_key": key},
)
for queue in [
"file-changes",
"task-heartbeat",
"node-heartbeat",
"proxy",
"update-queue",
"webhooks",
"signalr-events",
]:
try:
client.create_queue(queue)
except ResourceExistsError:
pass
def create_eventgrid(self) -> None:
logger.info("creating eventgrid subscription")
src_resource_id = self.results["deploy"]["fuzz-storage"]["value"]
@ -932,7 +906,6 @@ def main() -> None:
full_deployment_states = rbac_only_states + [
("apply_migrations", Client.apply_migrations),
("set_instance_config", Client.set_instance_config),
("queues", Client.create_queues),
("eventgrid", Client.create_eventgrid),
("tools", Client.upload_tools),
("add_instance_id", Client.add_instance_id),

1
src/deployment/requirements.txt
View File

@ -5,7 +5,6 @@ azure-mgmt-eventgrid==9.0.0
azure-mgmt-resource==18.0.0
azure-mgmt-storage==18.0.0
azure-storage-blob==12.8.1
azure-storage-queue==12.1.6
pyfunctional==1.4.3
pyopenssl==19.1.0
adal~=1.2.5