add role checks for Storage Blob Data Contributor and Key Vault Administrator in scripts and eliminated unnecessary output

Author: Harsh-Microsoft

azure.yaml

@@ -40,10 +40,6 @@ hooks:
       run: |
         echo "Web app URL: "
         echo $WEB_APP_URL
-        # echo "Run the following command in the terminal to copy data files to storage account: "
-        # echo $copykbfiles
-        # echo "Run the following command in the terminal to run the scripts: "
-        # echo $createindex
         echo ""
         echo "If you want to use the Sample Data, run the following command in the terminal to process it:"
         echo "bash ./infra/scripts/process_sample_data.sh $STORAGE_ACCOUNT_NAME $STORAGE_CONTAINER_NAME $KEY_VAULT_NAME"

infra/scripts/copy_kb_files.sh

@@ -50,10 +50,23 @@ signed_user_id=$(az ad signed-in-user show --query id -o tsv)
 echo "Getting storage account resource id"
 storage_account_resource_id=$(az storage account show --name $storageAccount --query id --output tsv)
 
-# add Storage Blob Data Contributor role to the user
-az role assignment create --assignee $signed_user_id --role "Storage Blob Data Contributor" --scope /$storage_account_resource_id
+#check if user has the Storage Blob Data Contributor role, add it if not
+echo "Checking if user has the Storage Blob Data Contributor role"
+role_assignment=$(MSYS_NO_PATHCONV=1 az role assignment list --assignee $signed_user_id --role "Storage Blob Data Contributor" --scope $storage_account_resource_id --query "[].roleDefinitionId" -o tsv)
+if [ -z "$role_assignment" ]; then
+    echo "User does not have the Storage Blob Data Contributor role. Assigning the role."
+    MSYS_NO_PATHCONV=1 az role assignment create --assignee $signed_user_id --role "Storage Blob Data Contributor" --scope $storage_account_resource_id --output none
+    if [ $? -eq 0 ]; then
+        echo "Role assignment completed successfully."
+    else
+        echo "Error: Role assignment failed."
+        exit 1
+    fi
+else
+    echo "User already has the Storage Blob Data Contributor role."
+fi
 
 # Using az storage blob upload-batch to upload files with managed identity authentication, as the az storage fs directory upload command is not working with managed identity authentication.
-echo "Uploading files to Azure Storage..."
-az storage blob upload-batch --account-name "$storageAccount" --destination "$fileSystem"/"$extractedFolder1" --source infra/data/"$extractedFolder1" --auth-mode login --pattern '*' --overwrite
+echo "Uploading files to Azure Storage"
+az storage blob upload-batch --account-name "$storageAccount" --destination "$fileSystem"/"$extractedFolder1" --source infra/data/"$extractedFolder1" --auth-mode login --pattern '*' --overwrite --output none
 # az storage blob upload-batch --account-name "$storageAccount" --destination data/"$extractedFolder2" --source /mnt/azscripts/azscriptinput/"$extractedFolder2" --auth-mode login --pattern '*' --overwrite

infra/scripts/run_create_index_scripts.sh

@@ -21,9 +21,21 @@ signed_user_id=$(az ad signed-in-user show --query id -o tsv)
 echo "Getting key vault resource id"
 key_vault_resource_id=$(az keyvault show --name $keyvaultName --query id --output tsv)
 
-# Assign the Key Vault Administrator role to the user
-echo "Assigning the Key Vault Administrator role to the user."
-az role assignment create --assignee $signed_user_id --role "Key Vault Administrator" --scope /$key_vault_resource_id
+# Check if the user has the Key Vault Administrator role
+echo "Checking if user has the Key Vault Administrator role"
+role_assignment=$(MSYS_NO_PATHCONV=1 az role assignment list --assignee $signed_user_id --role "Key Vault Administrator" --scope $key_vault_resource_id --query "[].roleDefinitionId" -o tsv)
+if [ -z "$role_assignment" ]; then
+    echo "User does not have the Key Vault Administrator role. Assigning the role."
+    MSYS_NO_PATHCONV=1 az role assignment create --assignee $signed_user_id --role "Key Vault Administrator" --scope $key_vault_resource_id --output none
+    if [ $? -eq 0 ]; then
+        echo "Key Vault Administrator role assigned successfully."
+    else
+        echo "Failed to assign Key Vault Administrator role."
+        exit 1
+    fi
+else
+    echo "User already has the Key Vault Administrator role."
+fi
 
 # RUN apt-get update
 # RUN apt-get install python3 python3-dev g++ unixodbc-dev unixodbc libpq-dev
@@ -58,7 +70,7 @@ source infra/scripts/scriptenv/bin/activate
 
 # Install the requirements
 echo "Installing requirements"
-pip install -r infra/scripts/index_scripts/requirements.txt
+pip install --quiet -r infra/scripts/index_scripts/requirements.txt
 echo "Requirements installed"
 
 # Run the scripts