Skip to content

Commit 4c04f06

Browse files
author
Sheyla Trudo
committed
fixup! Move to Resource Module
1 parent 0921f35 commit 4c04f06

File tree

2 files changed

+64
-78
lines changed

2 files changed

+64
-78
lines changed

.pipelines/templates/create-or-update-resource.steps.yaml

Lines changed: 39 additions & 52 deletions
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,33 @@ ${{ if parameters.createCondition }}:
3333
- task: AzureCLI@2
3434
displayName: "[CREATE] ARM Details - (${{ parameters.resourceType }})"
3535
condition: ${{ parameters.createCondition }}
36+
37+
env:
38+
BUILDTAG_DEFINITIONID: '${{ parameters.inputs.buildTagDefinitionIdKey }}'
39+
BUILDTAG_CREATEDBYAPPID: '${{ parameters.inputs.buildTagCreatedByAppIdKey }}'
40+
BUILDTAG_CREATEDBYBUILDID: '${{ parameters.inputs.buildTagCreatedByBuildIdKey }}'
41+
${{ if eq(parameters.resourceType, 'roleassignments') }}:
42+
ROLE_NAME: '${{ parameters.inputs.roleName }}'
43+
RESOURCEGROUP_ID: '${{ parameters.inputs.resourceGroupId }}'
44+
MANAGEDIDENTITY_OBJECTID: '${{ parameters.inputs.managedIdentityObjectId }}'
45+
46+
${{ elseif eq(parameters.resourceType, 'resourcegroups') }}:
47+
RESOURCEGROUP_NAME: '${{ parameters.inputs.resourceGroupName }}'
48+
RESOURCEGROUP_LOCATION: '${{ parameters.inputs.resourceGroupLocation }}'
49+
50+
${{ elseif eq(parameters.resourceType, 'storageaccounts') }}:
51+
MANAGEDIDENTITY_ARMID: '${{ parameters.inputs.storageAccountManagedIdentityId }}'
52+
RESOURCEGROUP_NAME: '${{ parameters.inputs.resourceGroupName }}'
53+
RESOURCEGROUP_LOCATION: '${{ parameters.inputs.resourceGroupLocation }}'
54+
55+
${{ elseif eq(parameters.resourceType, 'roledefinition') }}:
56+
ROLEDEFINITION_JSON: '${{ parameters.inputs.roleDefinitionJson }}'
57+
58+
${{ elseif eq(parameters.resourceType, 'managedidentity') }}:
59+
MANAGEDIDENTITY_NAME: '${{ parameters.inputs.managedIdentityName }}'
60+
MANAGEDIDENTITY_LOCATION: '${{ parameters.inputs.managedIdentityLocation }}'
61+
RESOURCEGROUP_NAME: '${{ parameters.inputs.resourceGroupName }}'
62+
3663
inputs:
3764
azureSubscription: ${{ parameters.serviceConnection }}
3865
scriptType: bash
@@ -49,10 +76,6 @@ ${{ if parameters.createCondition }}:
4976
--assignee-object-id "$MANAGEDIDENTITY_OBJECTID" \
5077
--assignee-principal-type ServicePrincipal \
5178
--scope "$RESOURCEGROUP_ID"
52-
env:
53-
ROLE_NAME: '${{ parameters.inputs.roleName }}'
54-
RESOURCEGROUP_ID: '${{ parameters.inputs.resourceGroupId }}'
55-
MANAGEDIDENTITY_OBJECTID: '${{ parameters.inputs.managedIdentityObjectId }}'
5679

5780
${{ elseif eq(parameters.resourceType, 'resourcegroups') }}:
5881
inlineScript: |
@@ -65,12 +88,6 @@ ${{ if parameters.createCondition }}:
6588
--tags "$BUILDTAG_DEFINITIONID"="$SYSTEM_DEFINITIONID" \
6689
"$BUILDTAG_CREATEDBYBUILDID"="$BUILD_BUILDID" \
6790
"$BUILDTAG_CREATEDBYAPPID"="$servicePrincipalId"
68-
env:
69-
RESOURCEGROUP_NAME: '${{ parameters.inputs.resourceGroupName }}'
70-
RESOURCEGROUP_LOCATION: '${{ parameters.inputs.resourceGroupLocation }}'
71-
BUILDTAG_DEFINITIONID: '${{ parameters.inputs.buildTagDefinitionIdKey }}'
72-
BUILDTAG_CREATEDBYAPPID: '${{ parameters.inputs.buildTagCreatedByAppIdKey }}'
73-
BUILDTAG_CREATEDBYBUILDID: '${{ parameters.inputs.buildTagCreatedByBuildIdKey }}'
7491

7592
${{ elseif eq(parameters.resourceType, 'storageaccounts') }}:
7693
inlineScript: |
@@ -91,22 +108,13 @@ ${{ if parameters.createCondition }}:
91108
#--enable-files-aad-integration true
92109
#--assign-identity "$ACNCI_MANAGEDIDENTITY_OBJECTID"
93110
#--default-action Deny
94-
env:
95-
MANAGEDIDENTITY_ARMID: '${{ parameters.inputs.storageAccountManagedIdentityId }}'
96-
RESOURCEGROUP_NAME: '${{ parameters.inputs.resourceGroupName }}'
97-
RESOURCEGROUP_LOCATION: '${{ parameters.inputs.resourceGroupLocation }}'
98-
BUILDTAG_DEFINITIONID: '${{ parameters.inputs.buildTagDefinitionIdKey }}'
99-
BUILDTAG_CREATEDBYAPPID: '${{ parameters.inputs.buildTagCreatedByAppIdKey }}'
100-
BUILDTAG_CREATEDBYBUILDID: '${{ parameters.inputs.buildTagCreatedByBuildIdKey }}'
101111
102112
${{ elseif eq(parameters.resourceType, 'roledefinition') }}:
103113
inlineScript: |
104114
set -e
105115
[[ -n $SYSTEM_DEBUG ]] && [[ $SYSTEM_DEBUG =~ $IS_TRUE ]] && set -x || set +x
106116
107117
az role definition create --role-definition "$ROLEDEFINITION_JSON"
108-
env:
109-
ROLEDEFINITION_JSON: '${{ parameters.inputs.roleDefinitionJson }}'
110118
111119
${{ elseif eq(parameters.resourceType, 'managedidentity') }}:
112120
inlineScript: |
@@ -120,48 +128,27 @@ ${{ if parameters.createCondition }}:
120128
--tags "$ACNCI_BUILDTAG_DEFINITIONID"="$SYSTEM_DEFINITIONID" \
121129
"$ACNCI_BUILDTAG_CREATEDBYBUILDID"="$BUILD_BUILDID" \
122130
"$ACNCI_BUILDTAG_CREATEDBYAPPID"="$servicePrincipalId"
123-
env:
124-
MANAGEDIDENTITY_NAME: '${{ parameters.inputs.managedIdentityName }}'
125-
MANAGEDIDENTITY_LOCATION: '${{ parameters.inputs.managedIdentityLocation }}'
126-
RESOURCEGROUP_NAME: '${{ parameters.inputs.resourceGroupName }}'
127-
BUILDTAG_DEFINITIONID: '${{ parameters.inputs.buildTagDefinitionIdKey }}'
128-
BUILDTAG_CREATEDBYAPPID: '${{ parameters.inputs.buildTagCreatedByAppIdKey }}'
129-
BUILDTAG_CREATEDBYBUILDID: '${{ parameters.inputs.buildTagCreatedByBuildIdKey }}'
130131
131132

132133
# Update data list
133-
- ${{ if parameters.createCondition }}:
134+
- ${{ if and(parameters.createCondition,
135+
contains('resourcegroups|managedidentity|storageaccounts', parameters.resourceType)) }}:
134136
- template: get-resources.steps.yaml
135137
parameters:
136-
137-
${{ if eq(parameters.resourceType, 'resourcegroups') }}:
138-
resourceType: resourcegroups
139-
inputs:
140-
buildTagDefinitionIdKey: '${{ parameters.inputs.buildTagDefinitionIdKey }}'
141-
buildTagCreatedByAppIdKey: '${{ parameters.inputs.buildTagCreatedByAppIdKey }}'
142-
143-
${{ elseif eq(parameters.resourceType, 'managedidentity') }}:
144-
resourceType: managedidentity
145-
inputs:
146-
resourceGroupName: '${{ parameters.inputs.resourceGroupName }}'
147-
buildTagDefinitionIdKey: '${{ parameters.inputs.buildTagDefinitionIdKey }}'
148-
buildTagCreatedByAppIdKey: '${{ parameters.inputs.buildTagCreatedByAppIdKey }}'
138+
resourceType: ${{ parameters.resourceType }}
139+
inputs:
140+
buildTagDefinitionIdKey: '${{ parameters.inputs.buildTagDefinitionIdKey }}'
141+
buildTagCreatedByAppIdKey: '${{ parameters.inputs.buildTagCreatedByAppIdKey }}'
142+
${{ if eq(parameters.resourceType, 'managedidentity') }}:
143+
resourceGroupName: '${{ parameters.inputs.resourceGroupName }}'
149144

150145
${{ elseif eq(parameters.resourceType, 'roledefinition') }}:
151-
resourceType: roledefinition
152-
inputs:
153-
roleDefinitionName: '${{ parameters.inputs.roleDefinitionName }}'
154-
roleDefinitionFileLocation: '${{ parameters.inputs.roleDefinitionFileLocation }}'
155-
subscriptionId: '${{ parameters.inputs.subscriptionId }}'
156-
buildTagDefinitionIdKey: '${{ parameters.inputs.buildTagDefinitionIdKey }}'
157-
buildTagCreatedByAppIdKey: '${{ parameters.inputs.buildTagCreatedByAppIdKey }}'
146+
roleDefinitionName: '${{ parameters.inputs.roleDefinitionName }}'
147+
roleDefinitionFileLocation: '${{ parameters.inputs.roleDefinitionFileLocation }}'
148+
subscriptionId: '${{ parameters.inputs.subscriptionId }}'
158149

159150
${{ elseif eq(parameters.resourceType, 'storageaccounts') }}:
160-
resourceType: storageaccounts
161-
inputs:
162-
resourceGroupName: '${{ parameters.inputs.resourceGroupName }}'
163-
buildTagDefinitionIdKey: '${{ parameters.inputs.buildTagDefinitionIdKey }}'
164-
buildTagCreatedByAppIdKey: '${{ parameters.inputs.buildTagCreatedByAppIdKey }}'
151+
resourceGroupName: '${{ parameters.inputs.resourceGroupName }}'
165152

166153

167154
- ${{ if parameters.updateCondition }}:

.pipelines/templates/get-resources.steps.yaml

Lines changed: 25 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,31 @@ parameters:
2323
steps:
2424
- task: AzureCLI@2
2525
displayName: "[GET] ARM Details - (${{ parameters.resourceType }})"
26+
27+
env:
28+
VAR_NAME: '${{ parameters.outputVariableName }}'
29+
BUILDTAG_DEFINITIONID: '${{ parameters.inputs.buildTagDefinitionIdKey }}'
30+
BUILDTAG_CREATEDBYAPPID: '${{ parameters.inputs.buildTagCreatedByAppIdKey }}'
31+
${{ if eq(parameters.resourceType, 'roledefinition') }}:
32+
SUBSCRIPTION_ID: '${{ parameters.inputs.subscriptionId }}'
33+
ROLE_NAME: '${{ parameters.inputs.roleName }}'
34+
ROLEDEFINITION_FILEPATH: '${{ parameters.inputs.roleDefinitionFileLocation }}'
35+
36+
${{ elseif eq(parameters.resourceType, 'roleassignments') }}:
37+
MANAGEDIDENTITY_OBJECTID: '${{ parameters.inputs.managedIdentityObjectId }}'
38+
RESOUCEGROUP_NAME: '${{ parameters.inputs.resourceGroupName }}'
39+
ROLE_NAME: '${{ parameters.inputs.roleName }}'
40+
41+
${{ elseif eq(parameters.resourceType, 'resourcegroups') }}:
42+
# Allows use of az devops commands
43+
AZURE_DEVOPS_EXT_PAT: $(System.AccessToken)
44+
45+
${{ elseif eq(parameters.resourceType, 'storageaccounts') }}:
46+
RESOUCEGROUP_NAME: '${{ parameters.inputs.resourceGroupName }}'
47+
48+
${{ elseif eq(parameters.resourceType, 'managedidentity') }}:
49+
RESOUCEGROUP_NAME: '${{ parameters.inputs.resourceGroupName }}'
50+
2651
inputs:
2752
azureSubscription: ${{ parameters.serviceConnection }}
2853
scriptType: bash
@@ -47,11 +72,6 @@ steps:
4772

4873
echo >&2 "##vso[task.setvariable variable=${VAR_NAME};]$DEFS"
4974
echo >&2 "##vso[task.setvariable variable=${VAR_NAME}_LENGTH;]$DEFS_FOUND"
50-
env:
51-
VAR_NAME: '${{ parameters.outputVariableName }}'
52-
SUBSCRIPTION_ID: '${{ parameters.inputs.subscriptionId }}'
53-
ROLE_NAME: '${{ parameters.inputs.roleName }}'
54-
ROLEDEFINITION_FILEPATH: '${{ parameters.inputs.roleDefinitionFileLocation }}'
5575

5676

5777
${{ elseif eq(parameters.resourceType, 'roleassignments') }}:
@@ -69,11 +89,6 @@ steps:
6989

7090
echo >&2 "##vso[task.setvariable variable=${VAR_NAME};]$MI_ROLE_DATA"
7191
echo >&2 "##vso[task.setvariable variable=${VAR_NAME}_LENGTH;]$MI_ROLE_DATA_LENGTH"
72-
env:
73-
VAR_NAME: '${{ parameters.outputVariableName }}'
74-
MANAGEDIDENTITY_OBJECTID: '${{ parameters.inputs.managedIdentityObjectId }}'
75-
RESOUCEGROUP_NAME: '${{ parameters.inputs.resourceGroupName }}'
76-
ROLE_NAME: '${{ parameters.inputs.roleName }}'
7792

7893

7994
${{ elseif eq(parameters.resourceType, 'resourcegroups') }}:
@@ -90,12 +105,6 @@ steps:
90105

91106
echo >&2 "##vso[task.setvariable variable=${VAR_NAME};]$INFRA_RG_LIST"
92107
echo >&2 "##vso[task.setvariable variable=${VAR_NAME}_LENGTH;]$INFRA_RG_LENGTH"
93-
env:
94-
VAR_NAME: '${{ parameters.outputVariableName }}'
95-
# Allows use of az devops commands
96-
AZURE_DEVOPS_EXT_PAT: $(System.AccessToken)
97-
BUILDTAG_DEFINITIONID: '${{ parameters.inputs.buildTagDefinitionIdKey }}'
98-
BUILDTAG_CREATEDBYAPPID: '${{ parameters.inputs.buildTagCreatedByAppIdKey }}'
99108

100109

101110
${{ elseif eq(parameters.resourceType, 'storageaccounts') }}:
@@ -117,11 +126,6 @@ steps:
117126
# uses custom variable naming if specified.
118127
echo >&2 "##vso[task.setvariable variable=${VAR_NAME};]$R_LIST"
119128
echo >&2 "##vso[task.setvariable variable=${VAR_NAME}_LENGTH;]$R_LIST_LENGTH"
120-
env:
121-
VAR_NAME: '${{ parameters.outputVariableName }}'
122-
BUILDTAG_DEFINITIONID: '${{ parameters.inputs.buildTagDefinitionIdKey }}'
123-
BUILDTAG_CREATEDBYAPPID: '${{ parameters.inputs.buildTagCreatedByAppIdKey }}'
124-
RESOUCEGROUP_NAME: '${{ parameters.inputs.resourceGroupName }}'
125129

126130

127131
${{ elseif eq(parameters.resourceType, 'managedidentity') }}:
@@ -143,8 +147,3 @@ steps:
143147

144148
echo >&2 "##vso[task.setvariable variable=${VAR_NAME};]$MI_LIST"
145149
echo >&2 "##vso[task.setvariable variable=${VAR_NAME}_LENGTH;]$MI_LIST_LENGTH"
146-
env:
147-
VAR_NAME: '${{ parameters.outputVariableName }}'
148-
BUILDTAG_DEFINITIONID: '${{ parameters.inputs.buildTagDefinitionIdKey }}'
149-
BUILDTAG_CREATEDBYAPPID: '${{ parameters.inputs.buildTagCreatedByAppIdKey }}'
150-
RESOUCEGROUP_NAME: '${{ parameters.inputs.resourceGroupName }}'

0 commit comments

Comments
 (0)