Perform Logon from the script

Kimmo Forss · Kimmo Forss · commit 51448a8ad131 · 2024-05-06T19:04:12.000+03:00
diff --git a/articles/sap/automation/configure-devops.md b/articles/sap/automation/configure-devops.md
@@ -31,38 +31,69 @@ Open PowerShell ISE and copy the following script and update the parameters to m
     $Env:SDAF_ADO_ORGANIZATION = "https://dev.azure.com/ORGANIZATIONNAME"
     $Env:SDAF_ADO_PROJECT = "SAP Deployment Automation Framework"
     $Env:SDAF_CONTROL_PLANE_CODE = "MGMT"
-    $Env:SDAF_WORKLOAD_ZONE_CODE = "DEV"
     $Env:SDAF_ControlPlaneSubscriptionID = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
-    $Env:SDAF_WorkloadZoneSubscriptionID = "yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyyyyyyy"
     $Env:ARM_TENANT_ID="zzzzzzzz-zzzz-zzzz-zzzz-zzzzzzzzzzzz"
+
+    $Env:MSI_OBJECT_ID = $null
+
+    $branchName = "main"
+        
+    $UniqueIdentifier = "SDAF" + $ShortCode
     
-    $UniqueIdentifier = Read-Host "Please provide an identifier that makes the service principal names unique, for instance a project code"
-    
-    $confirmation = Read-Host "Do you want to create a new Application registration (needed for the Web Application) y/n?"
-    if ($confirmation -eq 'y') {
-        $Env:SDAF_APP_NAME = $UniqueIdentifier + " SDAF Control Plane"
+    if ($Env:ARM_TENANT_ID.Length -eq 0) {
+      az login --output none --only-show-errors --scope https://graph.microsoft.com//.default
     }
-    
     else {
-      $Env:SDAF_APP_NAME = Read-Host "Please provide the Application registration name"
+      az login --output none --tenant $ARM_TENANT_ID --only-show-errors --scope https://graph.microsoft.com//.default
     }
-    
-    $confirmation = Read-Host "Do you want to create a new Service Principal for the Control plane y/n?"
-    if ($confirmation -eq 'y') {
-        $Env:SDAF_MGMT_SPN_NAME = $UniqueIdentifier + " SDAF " + $Env:SDAF_CONTROL_PLANE_CODE + " SPN"
+
+    az config set extension.use_dynamic_install=yes_without_prompt --only-show-errors
+
+    az extension add --name azure-devops --only-show-errors
+
+    $differentTenant = Read-Host "Is your Azure DevOps organization hosted in a different tenant than the one you are currently logged in to? y/n"
+    if ($differentTenant -eq 'y') {
+        $env:AZURE_DEVOPS_EXT_PAT = Read-Host "Please enter your Personal Access Token (PAT) with permissions to add new projects, manage agent pools to the Azure DevOps organization $Env:ADO_Organization"
+        try {
+            az devops login --organization $Env:ADO_Organization
+        }
+        catch {
+            $_
+        }
     }
+    
+    $confirmationWebAppDeployment = Read-Host "Do you want to use the Web Application for editing the configuration files (recommended) y/n?"
+    if ($confirmationWebAppDeployment -eq 'y') {
+        $Env:SDAF_WEBAPP = "true"
+        $confirmation = Read-Host "Do you want to create a new Application registration (needed for the Web Application) y/n?"
+        if ($confirmation -eq 'y') {
+            $Env:SDAF_APP_NAME = "SDAF " + $UniqueIdentifier + " SDAF Control Plane"
+        }
         else {
-      $Env:SDAF_MGMT_SPN_NAME = Read-Host "Please provide the Control Plane Service Principal Name"
+            $Env:SDAF_APP_NAME = Read-Host "Please provide the Application registration name"
+        }
     }
-    
-    $confirmation = Read-Host "Do you want to create a new Service Principal for the Workload zone y/n?"
-    if ($confirmation -eq 'y') {
-        $Env:SDAF_WorkloadZone_SPN_NAME = $UniqueIdentifier + " SDAF " + $Env:SDAF_WORKLOAD_ZONE_CODE + " SPN"
+    else {
+        $Env:SDAF_WEBAPP = "false"
     }
+    
+    $Env:SDAF_AuthenticationMethod = 'Managed Identity'
+    
+    $confirmationDeployment = Read-Host "Do you want to use Managed Identities for the deployment (recommended) y/n?"
+    
+    if ($confirmationDeployment -eq 'n') {
+        $Env:SDAF_AuthenticationMethod = 'Service Principal'
+         
+        $confirmation = Read-Host "Do you want to create a new Service Principal for the Control plane y/n?"
+        if ($confirmation -eq 'y') {
+            $Env:SDAF_MGMT_SPN_NAME = "SDAF " + $UniqueIdentifier + $Env:SDAF_CONTROL_PLANE_CODE + " SPN"
+        }
         else {
-      $Env:SDAF_WorkloadZone_SPN_NAME = Read-Host "Please provide the Workload Zone Service Principal Name"
+            $Env:SDAF_MGMT_SPN_NAME = Read-Host "Please provide the Control Plane Service Principal Name"
+        }
+        
     }
-    
+        
     if ( $PSVersionTable.Platform -eq "Unix") {
         if ( Test-Path "SDAF") {
         }
@@ -78,14 +109,29 @@ Open PowerShell ISE and copy the following script and update the parameters to m
             New-Item -Path $sdaf_path -Type Directory
         }
     }
-    
+        
     Set-Location -Path $sdaf_path
-    
+        
     if ( Test-Path "New-SDAFDevopsProject.ps1") {
-        remove-item .\New-SDAFDevopsProject.ps1
+        if ( $PSVersionTable.Platform -eq "Unix") {
+            Remove-Item "New-SDAFDevopsProject.ps1"
+        }
+        else {
+            Remove-Item ".\New-SDAFDevopsProject.ps1"
+        }
     }
+        
+    Invoke-WebRequest -Uri https://raw.githubusercontent.com/Azure/sap-automation/$branchName/deploy/scripts/New-SDAFDevopsProject.ps1 -OutFile New-SDAFDevopsProject.ps1 
+    
     
-    Invoke-WebRequest -Uri https://raw.githubusercontent.com/Azure/sap-automation/main/deploy/scripts/New-SDAFDevopsProject.ps1 -OutFile .\New-SDAFDevopsProject.ps1 ; .\New-SDAFDevopsProject.ps1
+    if ( $PSVersionTable.Platform -eq "Unix") {
+        Unblock-File ./New-SDAFDevopsProject.ps1
+        ./New-SDAFDevopsProject.ps1
+    }
+    else {
+        Unblock-File .\New-SDAFDevopsProject.ps1
+        .\New-SDAFDevopsProject.ps1
+    }
     
 ```
 
