forked from Azure-Samples/copilot-nodejs-todo-template
-
Notifications
You must be signed in to change notification settings - Fork 0
/
setup.sh
executable file
·187 lines (168 loc) · 4.99 KB
/
setup.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
#!/usr/bin/env bash
##############################################################################
# Usage: ./setup.sh <project_name>
# Setup the current GitHub repo for deploying on Azure.
##############################################################################
# v1.1.4 | dependencies: Azure CLI, GitHub CLI, jq
##############################################################################
set -euo pipefail
cd "$(dirname "${BASH_SOURCE[0]}")"
showUsage() {
script_name="$(basename "$0")"
echo "Usage: ./$script_name [project_name]"
echo "Setup the current GitHub repo for deploying on Azure."
echo
echo "Options:"
echo " -s, --skip-login Skip Azure and GitHub login steps"
echo " -t, --terminate Remove current setup and delete deployed resources"
echo " -l, --ci-login Only perform Azure CLI login using environment credentials"
echo " -c, --use-code Use device code login flow instead of browser"
echo
}
skip_login=false
terminate=false
ci_login=false
use_code=false
args=()
while [[ $# -gt 0 ]]; do
case $1 in
-s|--skip-login)
skip_login=true
shift
;;
-t|--terminate)
terminate=true
shift
;;
-l|--ci-login)
ci_login=true
shift
;;
-c|--use-code)
use_code=true
shift
;;
--help)
showUsage
exit 0
;;
--*|-*)
showUsage
echo "Unknown option $1"
exit 1
;;
*)
# Save positional arg
args+=("$1")
shift
;;
esac
done
# Restore positional args
set -- "${args[@]:-}"
project_name="${1:-copilot-nodejs-todo}"
if ! command -v az &> /dev/null; then
echo "Azure CLI not found."
echo "See https://aka.ms/tools/azure-cli for installation instructions."
exit 1
fi
if [[ "$ci_login" == true ]]; then
echo "Logging in to Azure using \$AZURE_CREDENTIALS..."
if [[ -z "${AZURE_CREDENTIALS:-}" ]]; then
echo "Azure credentials not found."
echo "Please run .azure/setup.sh locally to setup your deployment."
exit 1
fi
client_id="$(echo "$AZURE_CREDENTIALS" | jq -r .clientId)"
client_secret="$(echo "$AZURE_CREDENTIALS" | jq -r .clientSecret)"
subscription_id="$(echo "$AZURE_CREDENTIALS" | jq -r .subscriptionId)"
tenant_id="$(echo "$AZURE_CREDENTIALS" | jq -r .tenantId)"
az login \
--service-principal \
--username "$client_id" \
--password "$client_secret" \
--tenant "$tenant_id"
az account set --subscription "$subscription_id"
echo "Login successful."
exit 0
fi
if ! command -v gh &> /dev/null; then
echo "GitHub CLI not found."
echo "See https://cli.github.com for installation instructions."
exit 1
fi
if [[ -z "$project_name" ]]; then
showUsage
echo "Error: project name is required."
exit 1
fi
if [[ "$skip_login" == false ]]; then
az_login_options=""
if [[ "$use_code" == true || "${CODESPACES:-}" == true ]]; then
az_login_options="--use-device-code "
fi
if [[ -n "${TENANT_ID:-}" ]]; then
az_login_options+="--tenant ${TENANT_ID}"
fi
echo "Logging in to Azure..."
az login --query "[].{name:name,id:id}" $az_login_options
echo "Listed above are your available subscriptions."
echo
echo "Currently selected subscription is:"
az account show \
--query "{name:name,id:id}" \
--output tsv
echo
read -r -n 1 -p "Is your current subscription correct? (Y/n) " is_correct
echo
if [[ "$is_correct" == "n" ]]; then
read -r -p "Enter your subscription name or ID: " az_sub
az account set \
--subscription "$az_sub" \
--query "{name:name,id:id}" \
--output tsv
echo "Azure default subscription has been updated successfully."
fi
if [[ -z "${GITHUB_TOKEN:-}" || "${CODESPACES:-}" == true ]]; then
unset GITHUB_TOKEN
echo "Logging in to GitHub..."
gh auth login
if [[ -n "${GITHUB_REPOSITORY:-}" ]]; then
echo "Setting default GitHub repository to '$GITHUB_REPOSITORY'..."
gh repo set-default "$GITHUB_REPOSITORY"
fi
else
echo "GITHUB_TOKEN is already set, skipping GitHub login."
fi
echo "Login successful."
fi
if [[ "$terminate" == true ]]; then
echo "Deleting current setup..."
az group delete --name "rg-$project_name"
echo "Retrieving GitHub repository URL..."
remote_repo=$(git config --get remote.origin.url)
gh secret delete AZURE_CREDENTIALS -R "$remote_repo"
echo "Setup deleted."
else
echo "Retrieving Azure subscription..."
subscription_id=$(
az account show \
--query id \
--output tsv \
--only-show-errors \
)
echo "Creating Azure service principal..."
service_principal=$(
MSYS_NO_PATHCONV=1 az ad sp create-for-rbac \
--name="sp-$project_name" \
--role="Contributor" \
--scopes="/subscriptions/$subscription_id" \
--sdk-auth \
--only-show-errors \
)
echo "Retrieving GitHub repository URL..."
remote_repo=$(git config --get remote.origin.url)
echo "Setting up GitHub repository secrets..."
gh secret set AZURE_CREDENTIALS -b"$service_principal" -R "$remote_repo"
echo "Setup success!"
fi