created branch for fetching key_vault_Feature #33
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
There was a problem hiding this comment.
Pull Request Overview
This pull request integrates Azure Key Vault for secret management and updates automation scripts for improved temporary file handling.
- Added Key Vault parameters (key_vault_id and secret_name) to the sap-parameters.yaml file
- Updated automation scripts to check MSI permissions and retrieve secrets from Key Vault
- Implemented cleanup logic for temporary files after use
Files not reviewed (1)
- scripts/sap_automation_qa.sh: Language not supported
Contributor
Author
|
AUTH TYPE-- VM PASSWORD no local file |
Contributor
Author
|
This is when authtype is VMPASSWORD and we use local file |
Contributor
Author
|
AuthType is SSHKEY using Local File |
Contributor
Author
|
AuthType is SSHKEY uses KeyVault |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This pull request introduces several changes to enhance the automation scripts and configuration files by integrating Azure Key Vault for secret management and improving the handling of temporary files. The most important changes include adding Key Vault parameters, implementing functions to check permissions and retrieve secrets from Key Vault, and ensuring temporary files are properly managed.
Key Vault Integration:
WORKSPACES/SYSTEM/DEV-WEEU-SAP01-X00/sap-parameters.yaml: Addedkey_vault_idandsecret_nameparameters to support Key Vault integration.scripts/sap_automation_qa.sh: Added a new functioncheck_msi_permissions()to verify if the Managed Service Identity (MSI) has the required permissions on the Key Vault.Enhancements to Ansible Playbook Execution:
scripts/sap_automation_qa.sh: Updatedrun_ansible_playbook()to support retrieving SSH keys and passwords from Key Vault, and added logic to handle temporary files created for these secrets.scripts/sap_automation_qa.sh: Modified themain()function to include a new authentication typeKEYVAULTand ensure Key Vault parameters are set.Temporary File Management:
scripts/sap_automation_qa.sh: Added cleanup logic to delete temporary files after use in bothrun_ansible_playbook()andmain()functions.