From e54970c781c93ca8ebd371af385e710b07c4d187 Mon Sep 17 00:00:00 2001 From: Federico Feroldi Date: Fri, 12 Jan 2018 15:41:11 +0100 Subject: [PATCH] [#153676720] Adds website git provisioner --- README.md | 1 - infrastructure/azure.tf | 33 +++++++++++ infrastructure/env/common/config.json | 4 -- infrastructure/env/common/tfvars.json | 3 +- .../azurerm_website_git.ts} | 57 ++++++++++++++----- lib/config.ts | 4 -- package.json | 1 - 7 files changed, 78 insertions(+), 25 deletions(-) rename infrastructure/{tasks/34-devapp_git.ts => local-provisioners/azurerm_website_git.ts} (55%) diff --git a/README.md b/README.md index 75673985..304c12fa 100644 --- a/README.md +++ b/README.md @@ -322,7 +322,6 @@ script: | `yarn resources:apim:api` | [Synch Digital Citizenship API from OpenAPI specs to API management](./infrastructure/tasks/25-apim_api.ts) | | `yarn resources:devapp:apikey` | [Create a Digital Citizenship API user and setup its API Key in the developer portal web application settings](./infrastructure/tasks/30-devapp_apikey.ts) | | `yarn resources:devapp:setup` | [Setup developer portal application settings](./infrastructure/tasks/31-devapp_setup.ts) | -| `yarn resources:devapp:git` | [Setup developer portal application deployment from the GitHub repository](./infrastructure/tasks/34-devapp_git.ts) | | `yarn deploy:devapp:sync` | [Deploy developer portal application code from the GitHub repository](./infrastructure/tasks/35-devapp_sync.ts) | | `yarn resources:ip:restrict` | [Setup IP restrictions to access resources](./infrastructure/tasks/70-ip_security.ts) | diff --git a/infrastructure/azure.tf b/infrastructure/azure.tf index f611c2ff..f3c23209 100644 --- a/infrastructure/azure.tf +++ b/infrastructure/azure.tf @@ -99,6 +99,16 @@ variable "azurerm_app_service_portal" { type = "string" } +variable "app_service_portal_git_repo" { + type = "string" + description = "URL of the GitHub repository providing the source of the App Service Portal" +} + +variable "app_service_portal_git_branch" { + default = "master" + description = "Branch of the GitHub repository providing the source of the App Service Portal" +} + # Redirect to this page after developer portal login variable "app_service_portal_post_login_url" { type = "string" @@ -152,6 +162,10 @@ variable "cosmosdb_collection_provisioner" { default = "infrastructure/local-provisioners/azurerm_cosmosdb_collection.ts" } +variable "website_git_provisioner" { + default = "infrastructure/local-provisioners/azurerm_website_git.ts" +} + ## RESOURCE GROUP # Create a resource group if it doesn’t exist @@ -373,6 +387,25 @@ resource "azurerm_app_service" "azurerm_app_service_portal" { } } +resource "null_resource" "azurerm_app_service_portal_git" { + triggers = { + azurerm_app_service_portal_id = "${azurerm_app_service.azurerm_app_service_portal.id}" + + # trigger recreation of this resource when the following variables change + app_service_portal_git_repo = "${var.app_service_portal_git_repo}" + app_service_portal_git_branch = "${var.app_service_portal_git_branch}" + + # increment the following value when changing the provisioner script to + # trigger the re-execution of the script + # TODO: consider using the hash of the script content instead + provisioner_version = "1" + } + + provisioner "local-exec" { + command = "ts-node ${var.website_git_provisioner} --resource-group-name ${azurerm_resource_group.azurerm_resource_group.name} --appservice-portal-name ${azurerm_app_service.azurerm_app_service_portal.name} --git-repo ${var.app_service_portal_git_repo} --git-branch ${var.app_service_portal_git_branch}" + } +} + # TODO: assign role to the MSI to let the App Service access API Management users # resource "azurerm_virtual_machine_extension" "app_service_portal_msi" { # name = "app_service_portal_msi" diff --git a/infrastructure/env/common/config.json b/infrastructure/env/common/config.json index 88e34cda..ba7d6a27 100644 --- a/infrastructure/env/common/config.json +++ b/infrastructure/env/common/config.json @@ -1,8 +1,4 @@ { - "app_service_portal_git_repo": - "https://github.com/teamdigitale/digital-citizenship-onboarding", - "app_service_portal_git_branch": "master", - "app_service_portal_scm_type": "GitHub", "functionapp_git_repo": "https://github.com/teamdigitale/digital-citizenship-functions", "functionapp_git_branch": "funcpack-release-latest", diff --git a/infrastructure/env/common/tfvars.json b/infrastructure/env/common/tfvars.json index 7d2fef57..061c0c9f 100644 --- a/infrastructure/env/common/tfvars.json +++ b/infrastructure/env/common/tfvars.json @@ -6,5 +6,6 @@ "profiles": "fiscalCode", "notifications": "messageId", "services": "serviceId" - } + }, + "app_service_portal_git_repo": "https://github.com/teamdigitale/digital-citizenship-onboarding" } diff --git a/infrastructure/tasks/34-devapp_git.ts b/infrastructure/local-provisioners/azurerm_website_git.ts similarity index 55% rename from infrastructure/tasks/34-devapp_git.ts rename to infrastructure/local-provisioners/azurerm_website_git.ts index 1d9d3130..85e5835d 100644 --- a/infrastructure/tasks/34-devapp_git.ts +++ b/infrastructure/local-provisioners/azurerm_website_git.ts @@ -15,16 +15,22 @@ // tslint:disable:no-console // tslint:disable:no-any +import yargs = require("yargs"); + import * as winston from "winston"; import { login } from "../../lib/login"; -import { IResourcesConfiguration, readConfig } from "../../lib/config"; -import { checkEnvironment } from "../../lib/environment"; - import webSiteManagementClient = require("azure-arm-website"); -export const run = async (config: IResourcesConfiguration) => { - if (!config.app_service_portal_git_repo) { +interface IRunParams { + readonly resourceGroupName: string; + readonly appServicePortalName: string; + readonly appServicePortalGitBranch: string; + readonly appServicePortalGitRepo: string; +} + +export const run = async (config: IRunParams) => { + if (!config.appServicePortalGitRepo) { return Promise.reject( "Deployment from source control repository not configured, skipping." ); @@ -37,34 +43,57 @@ export const run = async (config: IResourcesConfiguration) => { ); const siteSourceControl = { - branch: config.app_service_portal_git_branch, + branch: config.appServicePortalGitBranch, deploymentRollbackEnabled: true, // [#152115927] TODO: setting `isManualIntegration: false` will fail trying to send an email // to the service principal user. I guess this is a bug in the Azure APIs isManualIntegration: true, isMercurial: false, - repoUrl: config.app_service_portal_git_repo, - type: config.app_service_portal_scm_type + repoUrl: config.appServicePortalGitRepo, + type: "GitHub" }; - winston.info("Setup Git integration for the Developer Portal application"); + winston.info( + `Configuring Git integration for the Developer Portal application: ${ + config.appServicePortalGitRepo + }#${config.appServicePortalGitBranch}` + ); // Create git integration return webSiteClient.webApps.createOrUpdateSourceControl( - config.azurerm_resource_group, - config.azurerm_app_service_portal, + config.resourceGroupName, + config.appServicePortalName, siteSourceControl ); }; -checkEnvironment() - .then(() => readConfig(process.env.ENVIRONMENT)) - .then(run) +const argv = yargs + .alias("g", "resource-group-name") + .demandOption("g") + .string("g") + .alias("n", "appservice-portal-name") + .demandOption("n") + .string("n") + .alias("r", "git-repo") + .demandOption("r") + .string("r") + .alias("b", "git-branch") + .demandOption("b") + .string("b").argv; + +run({ + appServicePortalGitBranch: argv.b as string, + appServicePortalGitRepo: argv.r as string, + appServicePortalName: argv.n as string, + resourceGroupName: argv.g as string +}) .then(r => { if (r) { winston.info( "Successfully synced developer portal webapp with source control" ); + } else { + winston.warn("Nothing happened"); } }) .catch((e: Error) => console.error(process.env.VERBOSE ? e : e.message)); diff --git a/lib/config.ts b/lib/config.ts index 4077c4b8..47b87a07 100644 --- a/lib/config.ts +++ b/lib/config.ts @@ -66,7 +66,6 @@ const ResourcesConfiguration = t.interface({ apim_sku: t.string, app_service_portal_git_branch: t.string, app_service_portal_git_repo: t.string, - app_service_portal_scm_type: t.string, azure_portal_ips: t.array(t.string), azurerm_adb2c_policy: t.string, azurerm_apim: t.string, @@ -76,9 +75,6 @@ const ResourcesConfiguration = t.interface({ azurerm_app_service_plan_portal: t.string, azurerm_app_service_portal: t.string, azurerm_application_insights: t.string, - azurerm_cosmosdb: t.string, - azurerm_cosmosdb_collections: t.array(CosmosCollection), - azurerm_cosmosdb_documentdb: t.string, azurerm_eventhub_ns: t.string, azurerm_functionapp: t.string, azurerm_functionapp_slot: t.string, diff --git a/package.json b/package.json index ae362283..1ed0417d 100644 --- a/package.json +++ b/package.json @@ -27,7 +27,6 @@ "resources:apim:api": "ts-node infrastructure/tasks/25-apim_api.ts", "resources:devapp:apikey": "ts-node --no-ignore infrastructure/tasks/30-devapp_apikey.ts", "resources:devapp:setup": "ts-node infrastructure/tasks/31-devapp_setup.ts", - "resources:devapp:git": "ts-node infrastructure/tasks/34-devapp_git.ts", "deploy:devapp:sync": "ts-node infrastructure/tasks/35-devapp_sync.ts", "resources:security:ip": "ts-node infrastructure/tasks/70-security_ip.ts", "infrastructure:deploy": "cross-env NPMDEPLOY=1 npm-run-all -s resources:**"