forked from microsoft/BotFramework-FunctionalTests
-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathcreateSharedResources.yml
274 lines (253 loc) · 13.3 KB
/
createSharedResources.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
#
# Creates the shared resources needed for the Skills Functional Tests.
#
name: $(BUILD.BUILDID)
trigger: none
pr: none
pool:
vmImage: "windows-2022"
variables:
## Azure Resources (Define these variables in Azure)
# AzureSubscription: Service Connection Name to Manage Azure resources.
# AppServicePlanDotNetName: (optional) Name of the App Service Plan for DotNet bots.
# AppServicePlanJSName: (optional) Name of the App Service Plan for JavaScript bots.
# AppServicePlanPythonName: (optional) Name of the App Service Plan for Python bots.
# AppServicePlanPricingTier: (optional) Pricing Tier for App Service Plans, default F1.
# ContainerRegistryPricingTier: (optional) Pricing Tier for Container Registry, default Basic.
# KeyVaultObjectId: (optional) Subscription's Object Id to create the keyvault to store App Registrations.
# ResourceGroupName: (optional) Name of the Resource Group for the shared resources.
# ResourceSuffix: (optional) Alphanumeric suffix to add to the resources' name to avoid collisions.
## Internal variables
InternalAppInsightsName: "bffnappinsights$($env:RESOURCESUFFIX)"
InternalAppServicePlanDotNetName: $[coalesce(variables['APPSERVICEPLANDOTNETNAME'], '')]
InternalAppServicePlanJSName: $[coalesce(variables['APPSERVICEPLANJSNAME'], '')]
InternalAppServicePlanPythonName: $[coalesce(variables['APPSERVICEPLANPYTHONNAME'], '')]
InternalContainerRegistryName: "bffncontainerregistry$($env:RESOURCESUFFIX)"
InternalCosmosDBName: "bffnbotstatedb$($env:RESOURCESUFFIX)"
InternalKeyVaultName: "bffnbotkeyvault$($env:RESOURCESUFFIX)"
InternalResourceGroupName: $[coalesce(variables['RESOURCEGROUPNAME'], 'BFFN-Shared')]
InternalVirtualNetworkName: "bffnvirtualnetwork$($env:RESOURCESUFFIX)"
InternalKeyVaultObjectId: $[coalesce(variables['KEYVAULTOBJECTID'], '')]
InternalStorageAccountName: "bffnstorageaccount$($env:RESOURCESUFFIX)"
stages:
- stage: Create_Resource_Group
displayName: "Create Resource Group"
jobs:
- job: Create_Resource_Group
displayName: "Create steps"
steps:
- checkout: none
- task: AzureCLI@2
displayName: "Create $(INTERNALRESOURCEGROUPNAME)"
inputs:
azureSubscription: $(AZURESUBSCRIPTION)
scriptType: pscore
scriptLocation: inlineScript
inlineScript: "az group create --name $(INTERNALRESOURCEGROUPNAME) --location westus"
- stage: Create_Virtual_Network
displayName: "Create Virtual Network"
dependsOn: Create_Resource_Group
jobs:
- job: Create_Virtual_Network
displayName: "Create steps"
steps:
- task: AzureCLI@2
displayName: "Deploy Virtual Network"
inputs:
azureSubscription: $(AZURESUBSCRIPTION)
scriptType: pscore
scriptLocation: inlineScript
inlineScript: "az deployment group create --name $(INTERNALVIRTUALNETWORKNAME) --resource-group $(INTERNALRESOURCEGROUPNAME) --template-file build/templates/template-virtual-network-resources.json --parameters virtualNetworkName=$(INTERNALVIRTUALNETWORKNAME)"
- stage: Create_CosmosDB
displayName: "Create CosmosDB"
dependsOn: Create_Resource_Group
jobs:
- job: Deploy_Cosmos_DB
displayName: "Deploy steps"
steps:
- task: AzureCLI@2
displayName: "Deploy CosmosDB"
inputs:
azureSubscription: $(AZURESUBSCRIPTION)
scriptType: pscore
scriptLocation: inlineScript
inlineScript: "az deployment group create --name $(INTERNALCOSMOSDBNAME) --resource-group $(INTERNALRESOURCEGROUPNAME) --template-file build/templates/template-cosmosdb-resources.json --parameters accountName=$(INTERNALCOSMOSDBNAME) databaseName=$(INTERNALCOSMOSDBNAME)"
- stage: Create_Key_Vault_and_App_Registrations
displayName: "Create Key Vault and App Registrations"
dependsOn: Create_Resource_Group
jobs:
- job: Check_Key_Vault_Object_Id
displayName: Check KeyVaultObjectId value
steps:
- checkout: none
- powershell: |
$keyVaultObjectId = '$(INTERNALKEYVAULTOBJECTID)'
if ($keyVaultObjectId -ne '') {
Write-Host "keyVaultObjectId set. The KeyVault and App Registrations will be created."
Write-Host "##vso[task.setvariable variable=createKeyVault;isOutput=true]$true"
}
else {
Write-Host "keyVaultObjectId not set. The KeyVault and App Registrations won't be created."
Write-Host "##vso[task.setvariable variable=createKeyVault;isOutput=true]$false"
}
name: checkKeyVaultObjectIdValue
failOnStderr: true
- job: Deploy_Key_Vault
displayName: "Deploy Key Vault"
dependsOn: Check_Key_Vault_Object_Id
condition: eq(dependencies.Check_Key_Vault_Object_Id.outputs['checkKeyVaultObjectIdValue.createKeyVault'], true)
steps:
- task: AzureCLI@2
displayName: "Deploy Key Vault"
inputs:
azureSubscription: $(AZURESUBSCRIPTION)
scriptType: pscore
scriptLocation: inlineScript
inlineScript: "az deployment group create --name $(INTERNALKEYVAULTNAME) --resource-group $(INTERNALRESOURCEGROUPNAME) --template-file build/templates/template-key-vault-resources.json --parameters keyVaultName=$(INTERNALKEYVAULTNAME) objectId=$(INTERNALKEYVAULTOBJECTID)"
- job: Create_App_Registrations
displayName: "Create App Registrations"
dependsOn: Deploy_Key_Vault
steps:
- checkout: none
- template: createAppRegistrations.yml
parameters:
azureSubscription: $(AZURESUBSCRIPTION)
keyVault: "$(INTERNALKEYVAULTNAME)"
resourceSuffix: $env:RESOURCESUFFIX
servicePrincipalId: $env:SERVICEPRINCIPALID
servicePrincipalKey: $env:SERVICEPRINCIPALKEY
tenantId: $env:TENANTID
- stage: Create_App_Service_Plans
displayName: "Create App Service Plans"
dependsOn:
- Create_Resource_Group
jobs:
- job: Check_App_Service_Plan_Creation
displayName: "Check AppServicePlan Creation"
steps:
- checkout: none
- powershell: |
$AppServicePlanDotNet = '$(INTERNALAPPSERVICEPLANDOTNETNAME)'
$AppServicePlanJS = '$(INTERNALAPPSERVICEPLANJSNAME)'
$AppServicePlanPython = '$(INTERNALAPPSERVICEPLANPYTHONNAME)'
Write-Host "##vso[task.setvariable variable=createDotnetPlan;isOutput=true]$false"
Write-Host "##vso[task.setvariable variable=createJSPlan;isOutput=true]$false"
Write-Host "##vso[task.setvariable variable=createPythonPlan;isOutput=true]$false"
if ($AppServicePlanDotNet -ne '') {
Write-Host "AppServicePlanDotNetName set. The AppServicePlan for DotNet will be created."
Write-Host "##vso[task.setvariable variable=createDotnetPlan;isOutput=true]$true"
}
if ($AppServicePlanJS -ne '') {
Write-Host "AppServicePlanJSName set. The AppServicePlan for JS will be created."
Write-Host "##vso[task.setvariable variable=createJSPlan;isOutput=true]$true"
}
if ($AppServicePlanPython -ne '') {
Write-Host "AppServicePlanPythonName set. The AppServicePlan for Python will be created."
Write-Host "##vso[task.setvariable variable=createPythonPlan;isOutput=true]$true"
}
name: checkAppServicePlanNames
failOnStderr: true
- job: Deploy_App_Service_Plan_DotNet
displayName: "Deploy AppServicePlan DotNet"
dependsOn: Check_App_Service_Plan_Creation
condition: eq(dependencies.Check_App_Service_Plan_Creation.outputs['checkAppServicePlanNames.createDotnetPlan'], true)
steps:
- task: AzureCLI@2
displayName: "Deploy App Service Plan (DotNet)"
inputs:
azureSubscription: $(AZURESUBSCRIPTION)
scriptType: pscore
scriptLocation: inlineScript
inlineScript: |
$appServicePlanPricingTier = if ($env:APPSERVICEPLANPRICINGTIER) { "newAppServicePlanSku=$env:APPSERVICEPLANPRICINGTIER" }
az deployment group create --name "$(INTERNALAPPSERVICEPLANDOTNETNAME)$($env:RESOURCESUFFIX)" --resource-group "$(INTERNALRESOURCEGROUPNAME)" --template-file build/templates/template-service-plan-windows-resources.json --parameters $appServicePlanPricingTier newAppServicePlanName="$(INTERNALAPPSERVICEPLANDOTNETNAME)$($env:RESOURCESUFFIX)"
- job: Deploy_App_Service_Plan_JS
displayName: "Deploy AppServicePlan JS"
dependsOn: Check_App_Service_Plan_Creation
condition: eq(dependencies.Check_App_Service_Plan_Creation.outputs['checkAppServicePlanNames.createJSPlan'], true)
steps:
- task: AzureCLI@2
displayName: "Deploy App Service Plan (JS)"
inputs:
azureSubscription: $(AZURESUBSCRIPTION)
scriptType: pscore
scriptLocation: inlineScript
inlineScript: |
$appServicePlanPricingTier = if ($env:APPSERVICEPLANPRICINGTIER) { "newAppServicePlanSku=$env:APPSERVICEPLANPRICINGTIER" }
az deployment group create --name "$(INTERNALAPPSERVICEPLANJSNAME)$($env:RESOURCESUFFIX)" --resource-group "$(INTERNALRESOURCEGROUPNAME)" --template-file build/templates/template-service-plan-linux-resources.json --parameters $appServicePlanPricingTier newAppServicePlanName="$(INTERNALAPPSERVICEPLANJSNAME)$($env:RESOURCESUFFIX)"
- job: Deploy_App_Service_Plan_Python
displayName: "Deploy AppServicePlan Python"
dependsOn: Check_App_Service_Plan_Creation
condition: eq(dependencies.Check_App_Service_Plan_Creation.outputs['checkAppServicePlanNames.createPythonPlan'], true)
steps:
- task: AzureCLI@2
displayName: "Deploy App Service Plan (Python)"
inputs:
azureSubscription: $(AZURESUBSCRIPTION)
scriptType: pscore
scriptLocation: inlineScript
inlineScript: |
$appServicePlanPricingTier = if ($env:APPSERVICEPLANPRICINGTIER) { "newAppServicePlanSku=$env:APPSERVICEPLANPRICINGTIER" }
az deployment group create --name "$(INTERNALAPPSERVICEPLANPYTHONNAME)$($env:RESOURCESUFFIX)" --resource-group "$(INTERNALRESOURCEGROUPNAME)" --template-file build/templates/template-service-plan-linux-resources.json --parameters $appServicePlanPricingTier newAppServicePlanName="$(INTERNALAPPSERVICEPLANPYTHONNAME)$($env:RESOURCESUFFIX)"
- stage: Create_App_Insights
displayName: "Create App Insights"
dependsOn: Create_Resource_Group
jobs:
- job: Deploy_App_Insights
displayName: "Deploy steps"
steps:
- task: AzureCLI@2
displayName: "Deploy App Insights"
inputs:
azureSubscription: $(AZURESUBSCRIPTION)
scriptType: pscore
scriptLocation: inlineScript
inlineScript: "az deployment group create --name $(INTERNALAPPINSIGHTSNAME) --resource-group $(INTERNALRESOURCEGROUPNAME) --template-file build/templates/template-app-insights-resources.json --parameters appInsightsName=$(INTERNALAPPINSIGHTSNAME)"
- stage: Create_Container_Registry
displayName: "Create Container Registry"
dependsOn: Create_Resource_Group
jobs:
- job: Deploy_Container_Registry
displayName: "Deploy steps"
steps:
- task: AzureCLI@2
displayName: "Deploy Container Registry"
inputs:
azureSubscription: $(AZURESUBSCRIPTION)
scriptType: pscore
scriptLocation: inlineScript
inlineScript: |
$containerRegistryPricingTier = if ($env:CONTAINERREGISTRYPRICINGTIER) { "skuName=$env:CONTAINERREGISTRYPRICINGTIER" }
az deployment group create --name "$(INTERNALCONTAINERREGISTRYNAME)" --resource-group "$(INTERNALRESOURCEGROUPNAME)" --template-file build/templates/template-container-registry-resources.json --parameters $containerRegistryPricingTier containerRegistryName="$(INTERNALCONTAINERREGISTRYNAME)"
- stage: Create_StorageAccount
displayName: "Create Storage Account"
dependsOn: Create_Resource_Group
jobs:
- job: Deploy_Storage_Account
displayName: "Deploy steps"
steps:
- task: AzureCLI@2
displayName: "Deploy Storage Account"
inputs:
azureSubscription: $(AZURESUBSCRIPTION)
scriptType: pscore
scriptLocation: inlineScript
inlineScript: "az deployment group create --name $(INTERNALSTORAGEACCOUNTNAME) --resource-group $(INTERNALRESOURCEGROUPNAME) --template-file build/templates/template-storage-account-resources.json --parameters storageAccountName=$(INTERNALSTORAGEACCOUNTNAME)"
- stage: Create_User_Identities
displayName: "Create User Assigned Managed Identities"
dependsOn: Create_Resource_Group
jobs:
- job: Deploy_User_Identities
displayName: "Deploy steps"
steps:
- task: AzureCLI@2
displayName: "Deploy User Assigned Managed Identities"
inputs:
azureSubscription: $(AZURESUBSCRIPTION)
scriptType: pscore
scriptLocation: inlineScript
inlineScript: |
az identity create -g "$(INTERNALRESOURCEGROUPNAME)" -n "bffnsimplehostbotdotnetmsi$($env:RESOURCESUFFIX)"
az identity create -g "$(INTERNALRESOURCEGROUPNAME)" -n "bffnsimplehostbotjsmsi$($env:RESOURCESUFFIX)"
az identity create -g "$(INTERNALRESOURCEGROUPNAME)" -n "bffnechoskillbotdotnetmsi$($env:RESOURCESUFFIX)"
az identity create -g "$(INTERNALRESOURCEGROUPNAME)" -n "bffnechoskillbotjsmsi$($env:RESOURCESUFFIX)"