azure cli gh action

Signed-off-by: Gerd Oberlechner <[email protected]>

.github/actions/install-azure-cli/action.yml

@@ -0,0 +1,14 @@
+name: Install azure-cli
+description: Installs the azure cli.
+runs:
+  using: composite
+  steps:
+    - name: install azure-cli
+      run: |
+        sudo apt-get install -y ca-certificates curl apt-transport-https lsb-release gnupg
+        curl -sL https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/microsoft.gpg > /dev/null
+        AZ_REPO=$(lsb_release -cs)
+        echo "deb [arch=amd64] https://packages.microsoft.com/repos/azure-cli/ $AZ_REPO main" | sudo tee /etc/apt/sources.list.d/azure-cli.list
+        sudo apt-get update
+        sudo apt-get install -y azure-cli
+      shell: bash

.github/actions/templatize.yml

@@ -0,0 +1,46 @@
+name: 'Azure CLI, Go, and Make'
+description: 'Install Azure CLI, Go, and Make, and run a script'
+runs:
+  using: 'composite'
+  steps:
+    - name: 'Prepare workspace'
+      run: mkdir -p /workspace/bin
+
+    - name: 'Copy Azure CLI'
+      uses: docker://mcr.microsoft.com/azure-cli:2.64.0
+      with:
+        args: |
+          /bin/bash -c "
+          cp -r /usr/local/bin/az /workspace/bin/ &&
+          cp -r /usr/local/az /workspace/bin/
+          "
+      volumes:
+        - name: workspace
+          path: /workspace
+
+    - name: 'Build templatize'
+      uses: docker://golang:1.23
+      with:
+        args: |
+          /bin/bash -c "
+          go build -o /workspace/templatize ./tooling/templatize
+          "
+      env:
+        GO111MODULE: 'on'
+      volumes:
+        - name: workspace
+          path: /workspace
+
+    - name: 'Install Make'
+      run: |
+        sudo apt-get update
+        sudo apt-get install -y make
+
+    - name: 'Run script'
+      run: ${{ inputs.script }}
+      shell: bash
+
+inputs:
+  script:
+    description: 'The script to run'
+    required: true

.github/workflows/aro-hcp-dev-bicep-what-if.yml

@@ -30,16 +30,16 @@ jobs:
             tenant-id: ${{ secrets.AZURE_TENANT_ID }}
             subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
 
+      - name: Install Azure CLI
+        uses: ./.github/actions/install-azure-cli
+
       - name: 'Deployment What If'
-        uses: azure/cli@089eac9d8cc39f5d003e94f8b65efc51076c9cbd # v2.1.0
-        with:
-          azcliversion: 2.63.0
-          inlineScript: |
-            dev-infrastructure/make ${DEPLOY_ENV} acr.what-if
-            dev-infrastructure/make ${DEPLOY_ENV} acr-svc.what-if
-            dev-infrastructure/make ${DEPLOY_ENV} acr-ocp.what-if
-            dev-infrastructure/make ${DEPLOY_ENV} region.what-if
-            dev-infrastructure/make ${DEPLOY_ENV} svc.what-if
-            dev-infrastructure/make ${DEPLOY_ENV} mgmt.what-if
-            dev-infrastructure/make ${DEPLOY_ENV} metrics-infra.what-if
-            dev-infrastructure/make ${DEPLOY_ENV} image-sync.what-if
+        run: |
+          dev-infrastructure/make ${DEPLOY_ENV} acr.what-if
+          dev-infrastructure/make ${DEPLOY_ENV} acr-svc.what-if
+          dev-infrastructure/make ${DEPLOY_ENV} acr-ocp.what-if
+          dev-infrastructure/make ${DEPLOY_ENV} region.what-if
+          dev-infrastructure/make ${DEPLOY_ENV} svc.what-if
+          dev-infrastructure/make ${DEPLOY_ENV} mgmt.what-if
+          dev-infrastructure/make ${DEPLOY_ENV} metrics-infra.what-if
+          dev-infrastructure/make ${DEPLOY_ENV} imagesync.what-if

.github/workflows/cs-pr-bicep-what-if.yml

@@ -30,16 +30,16 @@ jobs:
             tenant-id: ${{ secrets.AZURE_TENANT_ID }}
             subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
 
+      - name: Install Azure CLI
+        uses: ./.github/actions/install-azure-cli
+
       - name: 'Deployment What If'
-        uses: azure/cli@089eac9d8cc39f5d003e94f8b65efc51076c9cbd # v2.1.0
-        with:
-          azcliversion: 2.63.0
-          inlineScript: |
-            dev-infrastructure/make ${DEPLOY_ENV} acr.what-if
-            dev-infrastructure/make ${DEPLOY_ENV} acr-svc.what-if
-            dev-infrastructure/make ${DEPLOY_ENV} acr-ocp.what-if
-            dev-infrastructure/make ${DEPLOY_ENV} region.what-if
-            dev-infrastructure/make ${DEPLOY_ENV} svc.what-if
-            dev-infrastructure/make ${DEPLOY_ENV} mgmt.what-if
-            dev-infrastructure/make ${DEPLOY_ENV} metrics-infra.what-if
-            dev-infrastructure/make ${DEPLOY_ENV} image-sync.what-if
+        run: |
+          dev-infrastructure/make ${DEPLOY_ENV} acr.what-if
+          dev-infrastructure/make ${DEPLOY_ENV} acr-svc.what-if
+          dev-infrastructure/make ${DEPLOY_ENV} acr-ocp.what-if
+          dev-infrastructure/make ${DEPLOY_ENV} region.what-if
+          dev-infrastructure/make ${DEPLOY_ENV} svc.what-if
+          dev-infrastructure/make ${DEPLOY_ENV} mgmt.what-if
+          dev-infrastructure/make ${DEPLOY_ENV} metrics-infra.what-if
+          dev-infrastructure/make ${DEPLOY_ENV} imagesync.what-if

.github/workflows/dev-infrastructure.yml

@@ -25,8 +25,8 @@ jobs:
         working-directory: './dev-infrastructure'
         run: |
           az bicep version
-          make fmt
-          make lint
+          make -f Makefile.lint.mk fmt
+          make -f Makefile.lint.mk lint
 
       - name: Check for uncommitted changes
         working-directory: './dev-infrastructure'

dev-infrastructure/Makefile

@@ -1,6 +1,7 @@
 SHELL = /bin/bash
 
 include configurations/config.mk
+include Makefile.lint.mk
 
 # Set SKIP_CONFIRM to a non-empty value to skip "what-if" confirmation prompts.
 ifndef SKIP_CONFIRM
@@ -11,24 +12,6 @@ list:
 	@grep '^[^#[:space:]].*:' Makefile
 .PHONY: list
 
-fmt:
-	set -e; \
-	FILES="$$(find . -type f -name "*.bicep*")"; \
-	for file in $$FILES; do \
-	echo "az bicep format --file $${file}"; \
-	az bicep format --file $$file; \
-	done
-.PHONY: fmt
-
-lint:
-	set -e; \
-	FILES="$$(find . -type f -name "*.bicep*")"; \
-	for file in $$FILES; do \
-	echo "az bicep lint --file $${file}"; \
-	az bicep lint --file $$file; \
-	done
-.PHONY: lint
-
 feature-registration: # hardcoded to eastus as this is a subscription deployment, not a resource group
 	@az deployment sub create \
 		--name "feature-registration" \
@@ -280,7 +263,7 @@ acr: globalRg
 	az deployment group create \
 		--name "acr" \
 		--resource-group $(GLOBAL_RESOURCEGROUP) \
-		--template-file templates/acr.bicep \
+		--template-file templates/dev-acr.bicep \
 		$(PROMPT_TO_CONFIRM) \
 		--parameters \
 			configurations/acr.bicepparam
@@ -290,15 +273,15 @@ acr.what-if: globalRg
 	az deployment group what-if \
 		--name "acr" \
 		--resource-group $(GLOBAL_RESOURCEGROUP) \
-		--template-file templates/acr.bicep \
+		--template-file templates/dev-acr.bicep \
 		--parameters \
 			configurations/acr.bicepparam
 
 acr-svc: globalRg
 	az deployment group create \
 		--name "acr-svc" \
 		--resource-group $(GLOBAL_RESOURCEGROUP) \
-		--template-file templates/acr-svc.bicep \
+		--template-file templates/dev-acr.bicep \
 		$(PROMPT_TO_CONFIRM) \
 		--parameters \
 			configurations/acr-svc.bicepparam
@@ -308,15 +291,15 @@ acr-svc.what-if: globalRg
 	az deployment group what-if \
 		--name "acr-svc" \
 		--resource-group $(GLOBAL_RESOURCEGROUP) \
-		--template-file templates/acr-svc.bicep \
+		--template-file templates/dev-acr.bicep \
 		--parameters \
 			configurations/acr-svc.bicepparam
 
 acr-ocp: globalRg
 	az deployment group create \
 		--name "acr-ocp" \
 		--resource-group $(GLOBAL_RESOURCEGROUP) \
-		--template-file templates/acr-ocp.bicep \
+		--template-file templates/dev-acr.bicep \
 		$(PROMPT_TO_CONFIRM) \
 		--parameters \
 			configurations/acr-ocp.bicepparam
@@ -326,7 +309,7 @@ acr-ocp.what-if: globalRg
 	az deployment group what-if \
 		--name "acr-ocp" \
 		--resource-group $(GLOBAL_RESOURCEGROUP) \
-		--template-file templates/acr-ocp.bicep \
+		--template-file templates/dev-acr.bicep \
 		--parameters \
 			configurations/acr-ocp.bicepparam
 

dev-infrastructure/Makefile.lint.mk

@@ -0,0 +1,17 @@
+fmt:
+	set -e; \
+	FILES="$$(find . -type f -name "*.bicep*")"; \
+	for file in $$FILES; do \
+	echo "az bicep format --file $${file}"; \
+	az bicep format --file $$file; \
+	done
+.PHONY: fmt
+
+lint:
+	set -e; \
+	FILES="$$(find . -type f -name "*.bicep*")"; \
+	for file in $$FILES; do \
+	echo "az bicep lint --file $${file}"; \
+	az bicep lint --file $$file; \
+	done
+.PHONY: lint

tooling/templatize/cmd/generate/generate_test.go

@@ -43,7 +43,7 @@ param maestroEventGridMaxClientSessionsPerAuthName = 4`,
 param maestroEventGridNamespacesName = '{{index . "region_eventgrid_namespace"}}'
 param maestroEventGridMaxClientSessionsPerAuthName = 4`,
 			expected: `param maestroKeyVaultName = 'kv'
-param maestroEventGridNamespacesName = ''
+param maestroEventGridNamespacesName = '<no value>'
 param maestroEventGridMaxClientSessionsPerAuthName = 4`,
 		},
 	} {

tooling/templatize/cmd/generate/options_test.go

@@ -1,6 +1,7 @@
 package generate
 
 import (
+	"fmt"
 	"path/filepath"
 	"testing"
 
@@ -15,14 +16,14 @@ func TestRawOptions(t *testing.T) {
 	opts := &RawGenerationOptions{
 		RawOptions: options.RawOptions{
 			ConfigFile:  "../../testdata/config.yaml",
-			Cloud:       "fairfax",
-			DeployEnv:   "prod",
+			Cloud:       "public",
+			DeployEnv:   "dev",
 			Region:      "uksouth",
 			RegionStamp: "1",
 			CXStamp:     "cx",
 		},
 		Input:  "../../testdata/helm.sh",
-		Output: tmpdir,
+		Output: fmt.Sprintf("%s/helm.sh", tmpdir),
 	}
 	assert.NoError(t, generate(opts))
 	testutil.CompareFileWithFixture(t, filepath.Join(tmpdir, "helm.sh"))

tooling/templatize/internal/config/config.go

@@ -66,11 +66,11 @@ func (cp *configProviderImpl) loadConfig(cloud, deployEnv string) (*VariableOver
 	}
 
 	functions := template.FuncMap{
-		"azureEventGridName": naming.AzureEventGridName,
-		"azurePostgresName":  naming.AzurePostgresName,
-		"azureKeyVaultName":  naming.AzureKeyVaultName,
+		"azureEventGridName":      naming.AzureEventGridName,
+		"azurePostgresName":       naming.AzurePostgresName,
+		"azureKeyVaultName":       naming.AzureKeyVaultName,
 		"azureStorageAccountName": naming.AzureStorageAccountName,
-		"uniqueString": 	  naming.UniqueString,
+		"uniqueString":            naming.UniqueString,
 	}
 
 	// parse, execute and unmarshal the config file as a template to generate the final config file

tooling/templatize/internal/config/config_test.go

@@ -19,7 +19,7 @@ func TestConfigProvider(t *testing.T) {
 	assert.NotNil(t, variables)
 
 	// key is not in the config file
-	assert.Equal(t, "", variables["svc_resourcegroup"])
+	assert.Nil(t, variables["svc_resourcegroup"])
 
 	// key is in the config file, region constant value
 	assert.Equal(t, "uksouth", variables["test"])

tooling/templatize/internal/naming/azure.go

@@ -15,4 +15,3 @@ func AzureKeyVaultName(prefix string, suffixLength int, suffixDigestArgs ...stri
 func AzureStorageAccountName(prefix string, suffixLength int, suffixDigestArgs ...string) (string, error) {
 	return suffixedName(prefix, "", 24, suffixLength, suffixDigestArgs...)
 }
-

tooling/templatize/internal/naming/common.go

@@ -34,6 +34,6 @@ func suffixedName(prefix string, suffixDelim string, maxLength int, suffixLength
 	return name, nil
 }
 
-func UniqueString(length int, digestArgs ...string) (string, error)  {
+func UniqueString(length int, digestArgs ...string) (string, error) {
 	return suffixDigest(length, digestArgs...)
 }

tooling/templatize/testdata/zz_fixture_TestRawOptions.sh

@@ -3,11 +3,11 @@ deploy-server:
     TENANT_ID="72f988bf-86f1-41af-91ab-2d7cd011db47"
     REGION_RG="hcp-underlay-uksouth-1"
     EVENTGRID_NS="maestro-eventgrid-uksouth-1"
-    MAESTRO_KV=""
-    SERVICE_RG=""
+    MAESTRO_KV="maestro-kv-uksouth-1"
+    SERVICE_RG="hcp-underlay-uksouth-svc-1"
     AKS="aro-hcp-aks"
     MAESTRO_MI="maestro-server"
-    HELM_CHART=""
+    HELM_CHART="../maestro/deploy/helm/server"
 
     EVENTGRID_HOSTNAME=$(az event namespace show -g "${REGION_RG}" -n "${EVENTGRID_NS}" --query "properties.topicSpacesConfiguration.hostname")
     MAESTRO_MI_CLIENT_ID=$(az identity show -g "${SERVICE_RG}" -n "${MAESTRO_MI}" --query "clientId")