Improving lab resource naming to allow re-runs and manual runs for dev environments

Author: NJLangley

.github/workflows/deploy.sh

@@ -4,6 +4,7 @@ echo
 echo "Connection info:"
 az account show | jq '. | {tenantId: .tenantId, subscriptionName: .name, userName: .user.name, userType: .user.type}'
 echo
+RUNTIMESTAMP=$(date +"%Y%m%d%H%M")
 
 echo "========================================================================================================================================================================================================"
 
@@ -20,32 +21,60 @@ echo "Artifact Source Name: $ARTIFACT_SOURCE_NAME"
 BRANCH_NAME=${GITHUB_REF#*refs/heads/}
 echo "Branch Name: $BRANCH_NAME"
 
+# Build some id's for the names of resources
+if [ "$GITHUB_EVENT_NAME" == "workflow_dispatch" ]; then
+    ACTOR_NAME='DEV_'"$(echo $GITHUB_ACTOR | sed "s/[^[:alpha:][:digit:]]//g")"
+    ACTOR_SHORT=$(echo ${GITHUB_ACTOR} | sed "s/[^[:alpha:][:digit:]]//g" | cut -c -9)
+    ENVIRONMENT=DEV
+else
+    ACTOR_NAME=GITHUB_CI_BUILD
+    ACTOR_SHORT=CI
+    ENVIRONMENT=CICD
+fi
+
+
+echo "GitHub Workflow URL: ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}/actions/runs/${GITHUB_RUN_ID}"
+
+
+# The name of the lab. Allows sorting by owner, timestamp, while showing the branch and commit it was built from
+#ENVIRONMENT_INSTANCE_NAME='CI_Build___'"${BRANCH_NAME////__}"'___'"${GITHUB_SHA:0:8}"''
+ENVIRONMENT_INSTANCE_NAME="${ACTOR_NAME}"'__'"${RUNTIMESTAMP}"'__'"${BRANCH_NAME////__}"'___'"${GITHUB_SHA:0:7}"''
+echo "Environment Instance Name: $ENVIRONMENT_INSTANCE_NAME"
+
+# Used for resource names, eg adlsnlangley1602c96a22d or adlsci09498d47f45. This should give enough uiniqueness to allow parallel environments, while showing the build reason and owner
+RESOURCE_NAME_SUFFIX="_${ACTOR_SHORT}_${RUNTIMESTAMP:8:12}_${GITHUB_SHA:0:7}"
+echo "Resource Name Suffix: $RESOURCE_NAME_SUFFIX"
+
 # We need the object id of the Enterprise Application created from the App Registration in order to set permissions in the ARM template. This is **not** the same as the app/client id
 echo "Retriving service principal id for the logged in user..."
 SERVICEPRINCIPALAPPID=$(az account show | jq --raw-output '.user.name')
-echo "Service Principal App/Client Id: $SERVICEPRINCIPALAPPID"
+#echo "Service Principal App/Client Id: $SERVICEPRINCIPALAPPID"
 SERVICEPRINCIPALID=$( az ad sp list --filter "appId eq '$SERVICEPRINCIPALAPPID' and servicePrincipalType eq 'Application'" --query [0].objectId --output tsv)
-echo "Service Principal Object Id:     $SERVICEPRINCIPALID"
+#echo "Service Principal Object Id:     $SERVICEPRINCIPALID"
 
 
 # Build a JSON snippet with the client/app id, object id and client secret for the devops SPN. This is used by the ARM template to grant permissions on resources so that the devops SPN
 # can deploy code into them. The ARM template generates the required .runsettings file for the integration tests as an output, which reuses the devops SPN to access resources to test.
 SERVICE_PRINCIPAL_INFO=$( echo $SERVICE_PRINCIPAL_CREDENTIALS | jq '{ tenantId, clientId, clientSecret, $clientObjectId }' --arg 'clientObjectId' $SERVICEPRINCIPALID -c )
-echo "Service Principal Info:          $SERVICE_PRINCIPAL_INFO"
+#echo "Service Principal Info:          $SERVICE_PRINCIPAL_INFO"
 
 echo "Building parameters file for ARM deployment..."
 PARAMETERS_FILE="$(pwd)/azuredeploy.parameters.json"
-echo $'[ { "name":"branch", "value":"'$BRANCH_NAME'" },' \
-    '  { "name":"commit", "value":"'$GITHUB_SHA'" },' \
+echo $'[' \
+    '  { "name":"branch", "value":"'$BRANCH_NAME'" },' \
+    '  { "name":"environment", "value":"'$ENVIRONMENT'" },' \
+    '  { "name":"environmentUser", "value":"'$ACTOR_NAME'" },' \
+    '  { "name":"gitSha", "value":"'$GITHUB_SHA'" },' \
+    '  { "name":"gitShaShort", "value":"'${GITHUB_SHA:0:7}'" },' \
+    '  { "name":"githubPullRequest", "value":"PR: '${GITHUB_PR_NUMBER}': '$GITHUB_PR_TITLE'" },' \
+    '  { "name":"resourceNameSuffix", "value":"'$RESOURCE_NAME_SUFFIX'" },' \
     '  { "name":"location", "value":"UK South" },' \
     '  { "name":"devopsServicePrincipalCredentials", "value":' $SERVICE_PRINCIPAL_INFO ' },' \
     '  { "name":"additionalPrincipals", "value":' "${ADDITIONAL_PRINCIPALS:=[]}" ' }' \
     ']' \
 | jq '.' > "$PARAMETERS_FILE"
 #cat $PARAMETERS_FILE
 
-ENVIRONMENT_INSTANCE_NAME='CI_Build___'"${BRANCH_NAME////__}"'___'"${GITHUB_SHA:0:8}"''
-echo "Environment Instance Name: $ENVIRONMENT_INSTANCE_NAME"
 
 echo "::set-output name=ENVIRONMENT_INSTANCE_NAME::$ENVIRONMENT_INSTANCE_NAME"
 
@@ -83,7 +112,6 @@ echo "==========================================================================
 
 
 # These don't show in the output, but we can view then in a yaml step as below
-#   echo "ENVIRONMENT_INSTANCE_NAME:                ${{ steps.create-devtest-labs-environment.outputs.ENVIRONMENT_INSTANCE_NAME }}"
 
 # DEBUG: Use this to get the full deployment output JSON. If the ARM template outputs a full reference to a resource, we can find the bits we need easily.
 #echo "::set-output name=DEPLOYMENTOUTPUT::$DEPLOYMENTOUTPUT"

.github/workflows/test_azure_devtest_labs_integration.yml

@@ -5,13 +5,13 @@ name: Build and Run Integration Tests on Azure DevTest Labs
 # Controls when the action will run. 
 on:
   # Triggers the workflow on push or pull request events but only for the main branch
-  push:
+  pull_request:
     branches:
     - main
-    - feature/*
-  pull_request:
+  push:
     branches:
     - main
+    - feature/*
   # Allows you to run this workflow manually from the Actions tab
   workflow_dispatch:
 
@@ -64,28 +64,30 @@ jobs:
       with:
         creds: '${{ secrets.AZURE_DEV_TEST_LABS_CREDENTIALS }}'
 
-
+    # Find the PR details
+    - uses: jwalton/gh-find-current-pr@v1
+      id: findPr
 
     # --raw-output is requiored on all jq commands that select strings, otherwise they come out with the quotes, which is interpreted as a command, and it likely won't exist!
     - name: Create DevTest Labs Environment
       id: create-devtest-labs-environment
       uses: azure/CLI@v1
+      env:
+        GITHUB_PR_NUMBER: ${{ steps.findPr.outputs.pr }}
+        GITHUB_PR_TITLE: ${{ steps.findPr.outputs.title }}
       with:
         # azcliversion: 2.24.0  # Versions prior to this have a bug creating environments
         # This runs in a container, so all output is passed back using 'echo "::set-output name=OUTPUT_VAR_NAME::value here"', as files created won't persist.
+        # Note: Environment variables passed in (as env:... above) break if they contain quotes and newlines, eg multiline JSON. The export commands below work correctly as long as the bash 
+        # quoting rules are followed.
         inlineScript: |
-          # We need the secrets in an environment variable so they get passed to our shell script that does the work
           export SERVICE_PRINCIPAL_CREDENTIALS=$'${{ secrets.AZURE_DEV_TEST_LABS_CREDENTIALS }}'
           export ADDITIONAL_PRINCIPALS=$'${{ secrets.ADDITIONAL_PRINCIPALS }}'
-
           # Execute the script to create the dev test lab
           chmod +x ./.github/workflows/deploy.sh
           ./.github/workflows/deploy.sh
           
         
-          
-    
-    
     # Runs a set of commands using the runners shell
     - name: Show create environment outputs
       run: |
@@ -139,10 +141,35 @@ jobs:
       run: dotnet test --no-build --configuration ${{ env.BUILD_CONFIGURATION }} --filter TestCategory=IntegrationTest --output ./output --results-directory ./test-results --verbosity normal --logger "trx;LogFileName=integration-test-results.trx" --settings ${{ env.RUN_SETTINGS_FILENAME }}
 
 
+    # --raw-output is requiored on all jq commands that select strings, otherwise they come out with the quotes, which is interpreted as a command, and it likely won't exist!
+    - name: Teardown DevTest Labs Environment
+      id: teardown-devtest-labs-environment
+      if: ${{ (github.event_name != 'workflow_dispatch') && (success() || failure()) }}    # run this step even if previous step failed
+      uses: azure/CLI@v1
+      env:
+        ENVIRONMENT_INSTANCE_NAME: ${{ steps.create-devtest-labs-environment.outputs.ENVIRONMENT_INSTANCE_NAME }}
+        ENVIRONMENT_INSTANCE_RESOURCE_GROUP_NAME: ${{ steps.create-devtest-labs-environment.outputs.ENVIRONMENT_INSTANCE_RESOURCE_GROUP_NAME }}
+      with:
+        # This runs in a container, so all output is passed back using 'echo "::set-output name=OUTPUT_VAR_NAME::value here"', as files created won't persist.
+        # Note: Environment variables passed in (as env:... above) break if they contain quotes and newlines, eg multiline JSON. The export commands below work correctly as long as the bash 
+        # quoting rules are followed.
+        inlineScript: |
+          # Get the prvisioing state for the RG created for the lab
+          echo "Lab Name: $ENVIRONMENT_INSTANCE_NAME"
+          echo "Checking provisioning state of lab resource group $ENVIRONMENT_INSTANCE_RESOURCE_GROUP_NAME"
+          PROVISIONING_STATE=$(az deployment group list --resource-group $ENVIRONMENT_INSTANCE_RESOURCE_GROUP_NAME --query 'sort_by([*], &properties.timestamp)[0].properties.provisioningState' | sed -e 's/^"//' -e 's/"$//')
+
+          echo "Povisioning State: $PROVISIONING_STATE"
+
+          if [ ! -z "$PROVISIONING_STATE" ]; then
+            echo "Deleting lab $ENVIRONMENT_INSTANCE_NAME"
+            az lab environment delete --resource-group "$RESOURCE_GROUP" --lab-name "$LAB_NAME" --name "$ENVIRONMENT_INSTANCE_NAME"
+          fi
+
 
     - name: Publish Test Report
       uses: dorny/test-reporter@v1
-      if: success() || failure()    # run this step even if previous step failed
+      if: success() || failure() # run this step even if previous step failed
       with:
         name: Tests                 # Name of the check run which will be created
         path: ./test-results/*.trx                 # Path to test results