Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

error in Deploy SAP Workload Zone pipeline. #64

Open
stahkur opened this issue Mar 9, 2024 · 1 comment
Open

error in Deploy SAP Workload Zone pipeline. #64

stahkur opened this issue Mar 9, 2024 · 1 comment

Comments

@stahkur
Copy link

stahkur commented Mar 9, 2024

error in Deploy SAP Workload Zone pipeline.

Attached the snippet., pls suggest.
Untitled

2024-03-09T11:01:00.0990511Z ##[section]Starting: Deploy SAP Workload Zone
2024-03-09T11:01:00.0994445Z ==============================================================================
2024-03-09T11:01:00.0994551Z Task : Bash
2024-03-09T11:01:00.0994617Z Description : Run a Bash script on macOS, Linux, or Windows
2024-03-09T11:01:00.0994697Z Version : 3.236.1
2024-03-09T11:01:00.0994750Z Author : Microsoft Corporation
2024-03-09T11:01:00.0994812Z Help : https://docs.microsoft.com/azure/devops/pipelines/tasks/utility/bash
2024-03-09T11:01:00.0994916Z ==============================================================================
2024-03-09T11:01:02.5873816Z Generating script.
2024-03-09T11:01:02.5884831Z ========================== Starting Command Output ===========================
2024-03-09T11:01:02.5896939Z [command]/usr/bin/bash /home/azureadm/agent/_work/_temp/585314e7-2e70-438c-934c-39d894ef72fd.sh
2024-03-09T11:01:03.2096306Z azureadm account ready for use with Azure SAP Automated Deployment
2024-03-09T11:01:03.2098911Z �[1;31m--- DEV-WEEU-SAP01-INFRASTRUCTURE.tfvars was not found ---�[0m
2024-03-09T11:01:03.2142202Z ##[error]File DEV-WEEU-SAP01-INFRASTRUCTURE.tfvars was not found.
2024-03-09T11:01:03.2152889Z
2024-03-09T11:01:03.2154533Z ##[error]Bash exited with code '2'.
2024-03-09T11:01:03.2183291Z ##[section]Async Command Start: Update Build Number
2024-03-09T11:01:04.4722519Z Update build number to Deploying the SAP Workload zone defined in DEV-WEEU-SAP01-INFRASTRUCTURE for build 800
2024-03-09T11:01:04.4722738Z ##[section]Async Command End: Update Build Number
2024-03-09T11:01:04.4723717Z ##[section]Finishing: Deploy SAP Workload Zone
@stahkur
Copy link
Author

stahkur commented Mar 9, 2024

2024-03-09T15:12:56.3237314Z ##[debug]Evaluating condition for step: 'Deploy SAP Workload Zone'
2024-03-09T15:12:56.3237888Z ##[debug]Evaluating: SucceededNode()
2024-03-09T15:12:56.3238072Z ##[debug]Evaluating SucceededNode:
2024-03-09T15:12:56.3238404Z ##[debug]=> True
2024-03-09T15:12:56.3238599Z ##[debug]Result: True
2024-03-09T15:12:56.3238819Z ##[section]Starting: Deploy SAP Workload Zone
2024-03-09T15:12:56.3242501Z ==============================================================================
2024-03-09T15:12:56.3242612Z Task : Bash
2024-03-09T15:12:56.3242663Z Description : Run a Bash script on macOS, Linux, or Windows
2024-03-09T15:12:56.3242758Z Version : 3.236.1
2024-03-09T15:12:56.3242812Z Author : Microsoft Corporation
2024-03-09T15:12:56.3242874Z Help : https://docs.microsoft.com/azure/devops/pipelines/tasks/utility/bash
2024-03-09T15:12:56.3242977Z ==============================================================================
2024-03-09T15:12:57.1985847Z ##[debug]Agent environment resources - Disk: / Available 121066.00 MB out of 126841.00 MB, Memory: Used 496.00 MB out of 15980.00 MB, CPU: Usage 22.79%
2024-03-09T15:12:58.5514336Z ##[debug]Using node path: /home/azureadm/agent/externals/node20_1/bin/node
2024-03-09T15:12:58.6117888Z ##[debug]agent.TempDirectory=/home/azureadm/agent/_work/_temp
2024-03-09T15:12:58.6126038Z ##[debug]loading inputs and endpoints
2024-03-09T15:12:58.6128651Z ##[debug]loading INPUT_TARGETTYPE
2024-03-09T15:12:58.6140630Z ##[debug]loading INPUT_FILEPATH
2024-03-09T15:12:58.6142849Z ##[debug]loading INPUT_SCRIPT
2024-03-09T15:12:58.6145177Z ##[debug]loading INPUT_WORKINGDIRECTORY
2024-03-09T15:12:58.6147167Z ##[debug]loading INPUT_FAILONSTDERR
2024-03-09T15:12:58.6148624Z ##[debug]loading ENDPOINT_AUTH_SYSTEMVSSCONNECTION
2024-03-09T15:12:58.6150249Z ##[debug]loading ENDPOINT_AUTH_SCHEME_SYSTEMVSSCONNECTION
2024-03-09T15:12:58.6152291Z ##[debug]loading ENDPOINT_AUTH_PARAMETER_SYSTEMVSSCONNECTION_ACCESSTOKEN
2024-03-09T15:12:58.6158708Z ##[debug]loading SECRET_CP_ARM_CLIENT_SECRET
2024-03-09T15:12:58.6161195Z ##[debug]loading SECRET_SYSTEM_ACCESSTOKEN
2024-03-09T15:12:58.6163125Z ##[debug]loading SECRET_ARM_CLIENT_SECRET
2024-03-09T15:12:58.6165815Z ##[debug]loading SECRET_WZ_PAT
2024-03-09T15:12:58.6168133Z ##[debug]loading SECRET_S-PASSWORD
2024-03-09T15:12:58.6170269Z ##[debug]loading SECRET_WEB_APP_CLIENT_SECRET
2024-03-09T15:12:58.6171383Z ##[debug]loading SECRET_PAT
2024-03-09T15:12:58.6172491Z ##[debug]loaded 15
2024-03-09T15:12:58.6176599Z ##[debug]Agent.ProxyUrl=undefined
2024-03-09T15:12:58.6178062Z ##[debug]Agent.CAInfo=undefined
2024-03-09T15:12:58.6178924Z ##[debug]Agent.ClientCert=undefined
2024-03-09T15:12:58.6179475Z ##[debug]Agent.SkipCertValidation=undefined
2024-03-09T15:12:58.6196557Z ##[debug]check path : /home/azureadm/agent/_work/_tasks/Bash_6c731c3c-3c68-459a-a5c9-bde6e6595b5b/3.236.1/task.json
2024-03-09T15:12:58.6197814Z ##[debug]adding resource file: /home/azureadm/agent/_work/_tasks/Bash_6c731c3c-3c68-459a-a5c9-bde6e6595b5b/3.236.1/task.json
2024-03-09T15:12:58.6198488Z ##[debug]system.culture=en-US
2024-03-09T15:12:58.6207598Z ##[debug]failOnStderr=false
2024-03-09T15:12:58.6209135Z ##[debug]workingDirectory=/home/azureadm/agent/_work/2/s
2024-03-09T15:12:58.6209769Z ##[debug]check path : /home/azureadm/agent/_work/2/s
2024-03-09T15:12:58.6210729Z ##[debug]targetType=inline
2024-03-09T15:12:58.6212155Z ##[debug]bashEnvValue=undefined
2024-03-09T15:12:58.6245168Z ##[debug]script=#!/bin/bash
green="\e[1;32m" ; reset="\e[0m" ; boldred="\e[1;31m" ; cyan="\e[1;36m"

echo "##vso[build.updatebuildnumber]Deploying the SAP Workload zone defined in DEV-WEEU-SAP01-INFRASTRUCTURE"

Check if running on deployer

if [ ! -f /etc/profile.d/deploy_server.sh ]; then
echo -e "$green --- Install dos2unix ---$reset"
sudo apt-get -qq install dos2unix
export AZURE_DEVOPS_EXT_PAT=$PAT
else
source /etc/profile.d/deploy_server.sh
export AZURE_DEVOPS_EXT_PAT=$PAT
fi

if [ ! -f $CONFIG_REPO_PATH/LANDSCAPE/DEV-WEEU-SAP01-INFRASTRUCTURE/DEV-WEEU-SAP01-INFRASTRUCTURE.tfvars ]; then
echo -e "$boldred--- DEV-WEEU-SAP01-INFRASTRUCTURE.tfvars was not found ---$reset"
echo "##vso[task.logissue type=error]File DEV-WEEU-SAP01-INFRASTRUCTURE.tfvars was not found."
exit 2
fi

echo -e "$green--- Checkout main ---$reset"

cd $CONFIG_REPO_PATH
mkdir -p .sap_deployment_automation
git checkout -q main

echo -e "$green--- Validations ---$reset"

if [ -z $WL_ARM_SUBSCRIPTION_ID ]; then
echo "##vso[task.logissue type=error]Variable ARM_SUBSCRIPTION_ID was not defined in the SDAF-DEV variable group."
exit 2
fi

if [ -z $WL_ARM_CLIENT_ID ]; then
echo "##vso[task.logissue type=error]Variable ARM_CLIENT_ID was not defined in the SDAF-DEV variable group."
exit 2
fi

if [ -z $WL_ARM_CLIENT_SECRET ]; then
echo "##vso[task.logissue type=error]Variable ARM_CLIENT_SECRET was not defined in the SDAF-DEV variable group."
exit 2
fi

if [ -z $WL_ARM_TENANT_ID ]; then
echo "##vso[task.logissue type=error]Variable ARM_TENANT_ID was not defined in the SDAF-DEV variable group."
exit 2
fi

if [ -z $CP_ARM_SUBSCRIPTION_ID ]; then
echo "##vso[task.logissue type=error]Variable CP_ARM_SUBSCRIPTION_ID was not defined in the SDAF-MGMT variable group."
exit 2
fi

if [ -z $CP_ARM_CLIENT_ID ]; then
echo "##vso[task.logissue type=error]Variable CP_ARM_CLIENT_ID was not defined in the SDAF-MGMT variable group."
exit 2
fi

if [ -z $CP_ARM_CLIENT_SECRET ]; then
echo "##vso[task.logissue type=error]Variable CP_ARM_CLIENT_SECRET was not defined in the SDAF-MGMT variable group."
exit 2
fi

if [ -z $CP_ARM_TENANT_ID ]; then
echo "##vso[task.logissue type=error]Variable CP_ARM_TENANT_ID was not defined in the SDAF-MGMT variable group."
exit 2
fi

echo -e "$green--- Convert config file to UX format ---$reset"
dos2unix -q LANDSCAPE/DEV-WEEU-SAP01-INFRASTRUCTURE/DEV-WEEU-SAP01-INFRASTRUCTURE.tfvars
echo -e "$green--- Read details ---$reset"

ENVIRONMENT=$(grep "^environment" LANDSCAPE/DEV-WEEU-SAP01-INFRASTRUCTURE/DEV-WEEU-SAP01-INFRASTRUCTURE.tfvars | awk -F'=' '{print $2}' | xargs)
LOCATION=$(grep "^location" LANDSCAPE/DEV-WEEU-SAP01-INFRASTRUCTURE/DEV-WEEU-SAP01-INFRASTRUCTURE.tfvars | awk -F'=' '{print $2}' | xargs | tr 'A-Z' 'a-z')
NETWORK=$(grep "^network_logical_name" LANDSCAPE/DEV-WEEU-SAP01-INFRASTRUCTURE/DEV-WEEU-SAP01-INFRASTRUCTURE.tfvars | awk -F'=' '{print $2}' | xargs)
echo Environment: ${ENVIRONMENT}
echo Location: ${LOCATION}
echo Network: ${NETWORK}

ENVIRONMENT_IN_FILENAME=$(echo DEV-WEEU-SAP01-INFRASTRUCTURE | awk -F'-' '{print $1}' | xargs )
LOCATION_CODE=$(echo DEV-WEEU-SAP01-INFRASTRUCTURE | awk -F'-' '{print $2}' | xargs )
case "$LOCATION_CODE" in
"AUCE") LOCATION_IN_FILENAME="australiacentral" ;;
"AUC2") LOCATION_IN_FILENAME="australiacentral2" ;;
"AUEA") LOCATION_IN_FILENAME="australiaeast" ;;
"AUSE") LOCATION_IN_FILENAME="australiasoutheast" ;;
"BRSO") LOCATION_IN_FILENAME="brazilsouth" ;;
"BRSE") LOCATION_IN_FILENAME="brazilsoutheast" ;;
"BRUS") LOCATION_IN_FILENAME="brazilus" ;;
"CACE") LOCATION_IN_FILENAME="canadacentral" ;;
"CAEA") LOCATION_IN_FILENAME="canadaeast" ;;
"CEIN") LOCATION_IN_FILENAME="centralindia" ;;
"CEUS") LOCATION_IN_FILENAME="centralus" ;;
"CEUA") LOCATION_IN_FILENAME="centraluseuap" ;;
"EAAS") LOCATION_IN_FILENAME="eastasia" ;;
"EAUS") LOCATION_IN_FILENAME="eastus" ;;
"EUSA") LOCATION_IN_FILENAME="eastus2euap" ;;
"EUS2") LOCATION_IN_FILENAME="eastus2" ;;
"EUSG") LOCATION_IN_FILENAME="eastusstg" ;;
"FRCE") LOCATION_IN_FILENAME="francecentral" ;;
"FRSO") LOCATION_IN_FILENAME="francesouth" ;;
"GENO") LOCATION_IN_FILENAME="germanynorth" ;;
"GEWE") LOCATION_IN_FILENAME="germanywest" ;;
"GEWC") LOCATION_IN_FILENAME="germanywestcentral" ;;
"ISCE") LOCATION_IN_FILENAME="israelcentral" ;;
"ITNO") LOCATION_IN_FILENAME="italynorth" ;;
"JAEA") LOCATION_IN_FILENAME="japaneast" ;;
"JAWE") LOCATION_IN_FILENAME="japanwest" ;;
"JINC") LOCATION_IN_FILENAME="jioindiacentral" ;;
"JINW") LOCATION_IN_FILENAME="jioindiawest" ;;
"KOCE") LOCATION_IN_FILENAME="koreacentral" ;;
"KOSO") LOCATION_IN_FILENAME="koreasouth" ;;
"NCUS") LOCATION_IN_FILENAME="northcentralus" ;;
"NOEU") LOCATION_IN_FILENAME="northeurope" ;;
"NOEA") LOCATION_IN_FILENAME="norwayeast" ;;
"NOWE") LOCATION_IN_FILENAME="norwaywest" ;;
"PLCE") LOCATION_IN_FILENAME="polandcentral" ;;
"QACE") LOCATION_IN_FILENAME="qatarcentral" ;;
"SANO") LOCATION_IN_FILENAME="southafricanorth" ;;
"SAWE") LOCATION_IN_FILENAME="southafricawest" ;;
"SCUS") LOCATION_IN_FILENAME="southcentralus" ;;
"SCUG") LOCATION_IN_FILENAME="southcentralusstg" ;;
"SOEA") LOCATION_IN_FILENAME="southeastasia" ;;
"SOIN") LOCATION_IN_FILENAME="southindia" ;;
"SECE") LOCATION_IN_FILENAME="swedencentral" ;;
"SWNO") LOCATION_IN_FILENAME="switzerlandnorth" ;;
"SWWE") LOCATION_IN_FILENAME="switzerlandwest" ;;
"UACE") LOCATION_IN_FILENAME="uaecentral" ;;
"UANO") LOCATION_IN_FILENAME="uaenorth" ;;
"UKSO") LOCATION_IN_FILENAME="uksouth" ;;
"UKWE") LOCATION_IN_FILENAME="ukwest" ;;
"WCUS") LOCATION_IN_FILENAME="westcentralus" ;;
"WEEU") LOCATION_IN_FILENAME="westeurope" ;;
"WEIN") LOCATION_IN_FILENAME="westindia" ;;
"WEUS") LOCATION_IN_FILENAME="westus" ;;
"WUS2") LOCATION_IN_FILENAME="westus2" ;;
"WUS3") LOCATION_IN_FILENAME="westus3" ;;
*) LOCATION_IN_FILENAME="westeurope" ;;
esac

NETWORK_IN_FILENAME=$(echo DEV-WEEU-SAP01-INFRASTRUCTURE | awk -F'-' '{print $3}' | xargs )
echo "Environment(filename): $ENVIRONMENT_IN_FILENAME"
echo "Location(filename): $LOCATION_IN_FILENAME"
echo "Network(filename): $NETWORK_IN_FILENAME"

if [ $ENVIRONMENT != $ENVIRONMENT_IN_FILENAME ]; then
echo "##vso[task.logissue type=error]The environment setting in DEV-WEEU-SAP01-INFRASTRUCTURE.tfvars '$ENVIRONMENT' does not match the DEV-WEEU-SAP01-INFRASTRUCTURE.tfvars file name '$ENVIRONMENT_IN_FILENAME'. Filename should have the pattern [ENVIRONMENT]-[REGION_CODE]-[NETWORK_LOGICAL_NAME]-INFRASTRUCTURE"
exit 2
fi

if [ $LOCATION != $LOCATION_IN_FILENAME ]; then
echo "##vso[task.logissue type=error]The location setting in DEV-WEEU-SAP01-INFRASTRUCTURE.tfvars '$LOCATION' does not match the DEV-WEEU-SAP01-INFRASTRUCTURE.tfvars file name '$LOCATION_IN_FILENAME'. Filename should have the pattern [ENVIRONMENT]-[REGION_CODE]-[NETWORK_LOGICAL_NAME]-INFRASTRUCTURE"
exit 2
fi

if [ $NETWORK != $NETWORK_IN_FILENAME ]; then
echo "##vso[task.logissue type=error]The network_logical_name setting in DEV-WEEU-SAP01-INFRASTRUCTURE.tfvars '$NETWORK' does not match the DEV-WEEU-SAP01-INFRASTRUCTURE.tfvars file name '$NETWORK_IN_FILENAME-. Filename should have the pattern [ENVIRONMENT]-[REGION_CODE]-[NETWORK_LOGICAL_NAME]-INFRASTRUCTURE"
exit 2
fi

echo -e "$green--- Configure devops CLI extension ---$reset"
az config set extension.use_dynamic_install=yes_without_prompt --output none

az extension add --name azure-devops --output none

az devops configure --defaults organization=https://dev.azure.com/sathakur4022/ project='SAPHANADEF' --output none

export PARENT_VARIABLE_GROUP_ID=$(az pipelines variable-group list --query "[?name=='SDAF-MGMT'].id | [0]")
echo 'SDAF-MGMT id: ' $PARENT_VARIABLE_GROUP_ID
if [ -z ${PARENT_VARIABLE_GROUP_ID} ]; then
echo "##vso[task.logissue type=error]Variable group SDAF-MGMT could not be found."
exit 2
fi

export VARIABLE_GROUP_ID=$(az pipelines variable-group list --query "[?name=='SDAF-DEV'].id | [0]")
echo 'SDAF-DEV id: ' $VARIABLE_GROUP_ID
if [ -z ${VARIABLE_GROUP_ID} ]; then
echo "##vso[task.logissue type=error]Variable group SDAF-DEV could not be found."
exit 2
fi

echo "Agent Pool: " sdaf-mgmt-pool

echo -e "$green--- Set CONFIG_REPO_PATH variable ---$reset"

deployer_environment_file_name=$CONFIG_REPO_PATH/.sap_deployment_automation/MGMTWEEU ; echo 'Deployer Environment File' $deployer_environment_file_name
workload_environment_file_name=$CONFIG_REPO_PATH/.sap_deployment_automation/${ENVIRONMENT}${LOCATION_CODE}${NETWORK} ; echo 'Workload Environment File' $workload_environment_file_name
dos2unix -q ${deployer_environment_file_name}
dos2unix -q ${workload_environment_file_name}

if [ ! -f ${deployer_environment_file_name} ]; then
echo -e "$boldred--- MGMTWEEU was not found ---$reset"
echo "##vso[task.logissue type=error]Control plane configuration file MGMTWEEU was not found."
exit 2
fi

echo -e "$green--- Read parameter values ---$reset"

if [ "true" == true ]; then

az_var=$(az pipelines variable-group variable list --group-id ${PARENT_VARIABLE_GROUP_ID} --query "Deployer_State_FileName.value" | tr -d \")
if [ -z ${az_var} ]; then
  deployer_tfstate_key=$(cat ${deployer_environment_file_name}  | grep deployer_tfstate_key | awk -F'=' '{print $2}' | xargs) ; echo 'Deployer State File' $deployer_tfstate_key
else
  deployer_tfstate_key=${az_var} ; echo 'Deployer State File' $deployer_tfstate_key
fi

az_var=$(az pipelines variable-group variable list --group-id ${PARENT_VARIABLE_GROUP_ID} --query "Deployer_Key_Vault.value" | tr -d \")
if [ -z ${az_var} ]; then
  key_vault=$(cat ${deployer_environment_file_name}  | grep keyvault= | awk -F'=' '{print $2}' | xargs) ; echo 'Deployer Key Vault' ${key_vault}
else
  key_vault=${az_var}; echo 'Deployer Key Vault' ${key_vault}
fi

az_var=$(az pipelines variable-group variable list --group-id ${PARENT_VARIABLE_GROUP_ID} --query "Terraform_Remote_Storage_Account_Name.value" | tr -d \")
if [ -z ${az_var} ]; then
  REMOTE_STATE_SA=$(cat ${deployer_environment_file_name}  | grep REMOTE_STATE_SA      | awk -F'=' '{print $2}' | xargs) ; echo 'Terraform state file storage account' $REMOTE_STATE_SA
else
  REMOTE_STATE_SA=${az_var}; echo 'Terraform state file storage account' $REMOTE_STATE_SA
fi

az_var=$(az pipelines variable-group variable list --group-id ${PARENT_VARIABLE_GROUP_ID} --query "Terraform_Remote_Storage_Subscription.value" | tr -d \")
if [ -z ${az_var} ]; then
  STATE_SUBSCRIPTION=$(cat ${deployer_environment_file_name}  | grep STATE_SUBSCRIPTION   | awk -F'=' '{print $2}' | xargs) ; echo 'Terraform state file subscription' $STATE_SUBSCRIPTION
else
  STATE_SUBSCRIPTION=${az_var}; echo 'Terraform state file subscription' $STATE_SUBSCRIPTION
fi

az_var=$(az pipelines variable-group variable list --group-id ${VARIABLE_GROUP_ID} --query "ARM_SUBSCRIPTION_ID.value" | tr -d \")
if [ -z ${az_var} ]; then
  echo "##vso[task.logissue type=error]Variable ARM_SUBSCRIPTION_ID was not defined."
  exit 2
else
  echo 'Target subscription' $WL_ARM_SUBSCRIPTION_ID
fi

az_var=$(az pipelines variable-group variable list --group-id ${VARIABLE_GROUP_ID} --query "Workload_Key_Vault.value" | tr -d \")
if [ -z ${az_var} ]; then
  if [ -f ${workload_environment_file_name} ]; then
    export workload_key_vault=$(cat ${workload_environment_file_name}  | grep workload_key_vault     | awk -F'=' '{print $2}' | xargs) ; echo 'Workload Key Vault' ${workload_key_vault}
  fi
else
  export workload_key_vault=$(Workload_Key_Vault)  ; echo 'Workload Key Vault' ${workload_key_vault}
fi

else
deployer_tfstate_key=$(cat ${workload_environment_file_name} | grep deployer_tfstate_key | awk -F'=' '{print $2}' | xargs) ; echo 'Deployer State File' $deployer_tfstate_key
key_vault=$(cat ${workload_environment_file_name} | grep workload_key_vault= -m1 | awk -F'=' '{print $2}' | xargs) ; echo 'Deployer Key Vault' ${key_vault}
REMOTE_STATE_SA=$(cat ${workload_environment_file_name} | grep REMOTE_STATE_SA | awk -F'=' '{print $2}' | xargs) ; echo 'Terraform state file storage account' $REMOTE_STATE_SA
STATE_SUBSCRIPTION=$(cat ${workload_environment_file_name} | grep STATE_SUBSCRIPTION | awk -F'=' '{print $2}' | xargs) ; echo 'Terraform state file subscription' $STATE_SUBSCRIPTION
fi

secrets_set=1
if [ ! -f /etc/profile.d/deploy_server.sh ]; then
echo -e "$green --- Install terraform ---$reset"

wget -q https://releases.hashicorp.com/terraform/1.6.2/terraform_1.6.2_linux_amd64.zip
return_code=$?
if [ 0 != $return_code ]; then
echo "##vso[task.logissue type=error]Unable to download Terraform version 1.6.2."
exit 2
fi
unzip -qq terraform_1.6.2_linux_amd64.zip ; sudo mv terraform /bin/
rm -f terraform_1.6.2_linux_amd64.zip

export ARM_CLIENT_ID=$WL_ARM_CLIENT_ID
export ARM_CLIENT_SECRET=$WL_ARM_CLIENT_SECRET
export ARM_TENANT_ID=$WL_ARM_TENANT_ID
export ARM_SUBSCRIPTION_ID=$WL_ARM_SUBSCRIPTION_ID
export ARM_USE_MSI=false

echo -e "$green--- az login ---$reset"
az login --service-principal --username $CP_ARM_CLIENT_ID --password=$CP_ARM_CLIENT_SECRET --tenant $CP_ARM_TENANT_ID --output none
return_code=$?
if [ 0 != $return_code ]; then
echo -e "$boldred--- Login failed ---$reset"
echo "##vso[task.logissue type=error]az login failed."
exit $return_code
fi

else
echo -e "$green--- az login ---$reset"

if [ $LOGON_USING_SPN == "true" ]; then
  echo "Using SPN"
  az login --service-principal --username $CP_ARM_CLIENT_ID --password=$CP_ARM_CLIENT_SECRET --tenant $CP_ARM_TENANT_ID --output none
else
  az login --identity --allow-no-subscriptions --output none
fi

return_code=$?
if [ 0 != $return_code ]; then
  echo -e "$boldred--- Login failed ---$reset"
  echo "##vso[task.logissue type=error]az login failed."
  exit $return_code
fi

echo -e "$green --- Set secrets ---$reset"

$SAP_AUTOMATION_REPO_PATH/deploy/scripts/set_secrets.sh --workload --vault "${key_vault}" --environment "${ENVIRONMENT}"
--region "${LOCATION}" --subscription $WL_ARM_SUBSCRIPTION_ID --spn_id $WL_ARM_CLIENT_ID --spn_secret "${WL_ARM_CLIENT_SECRET}"
--tenant_id $WL_ARM_TENANT_ID --keyvault_subscription $STATE_SUBSCRIPTION
secrets_set=$? ; echo -e "$cyan Set Secrets returned $secrets_set $reset"
az keyvault set-policy --name "${key_vault}" --object-id $WL_ARM_OBJECT_ID --secret-permissions get list --output none
fi

debug_variable='--output none'
debug_variable=''

az login --service-principal --username $CP_ARM_CLIENT_ID --password=$CP_ARM_CLIENT_SECRET --tenant $CP_ARM_TENANT_ID --output none

isUserAccessAdmin=$(az role assignment list --role "User Access Administrator" --subscription $STATE_SUBSCRIPTION --query "[?principalType=='ServicePrincipal'].principalId | [0] " --assignee $CP_ARM_CLIENT_ID)

tfstate_resource_id=$(az resource list --name "${REMOTE_STATE_SA}" --subscription ${STATE_SUBSCRIPTION} --resource-type Microsoft.Storage/storageAccounts --query "[].id | [0]" -o tsv)

if [ -n "${isUserAccessAdmin}" ]; then

echo -e "$green--- Set permissions ---$reset"
perms=$(az role assignment list --subscription ${STATE_SUBSCRIPTION} --role "Reader" --query "[?principalId=='$WL_ARM_CLIENT_ID'].principalId | [0]" -o tsv --only-show-errors)
if [ -z "$perms" ]; then
echo -e "$green --- Assign subscription permissions to $perms ---$reset"
az role assignment create --assignee-object-id $WL_ARM_OBJECT_ID --assignee-principal-type ServicePrincipal --role "Reader" --scope "/subscriptions/${STATE_SUBSCRIPTION}" --output none
fi

perms=$(az role assignment list --subscription ${STATE_SUBSCRIPTION} --role "Storage Account Contributor" --scope "${tfstate_resource_id}" --query "[?principalId=='$WL_ARM_OBJECT_ID'].principalName | [0]" -o tsv  --only-show-errors)
if [ -z "$perms" ]; then
  echo "Assigning Storage Account Contributor permissions for $WL_ARM_OBJECT_ID to ${tfstate_resource_id}"
  az role assignment create --assignee-object-id $WL_ARM_OBJECT_ID  --assignee-principal-type ServicePrincipal --role "Storage Account Contributor" --scope "${tfstate_resource_id}" --output none
fi

resource_group_name=$(az resource show --id "${tfstate_resource_id}" --query resourceGroup -o tsv)

if [ -n ${resource_group_name} ]; then
for scope in $(az resource list --resource-group "${resource_group_name}" --subscription ${STATE_SUBSCRIPTION} --resource-type Microsoft.Network/privateDnsZones --query "[].id" --output tsv); do
perms=$(az role assignment list --subscription ${STATE_SUBSCRIPTION} --role "Private DNS Zone Contributor" --scope $scope --query "[?principalId=='$WL_ARM_OBJECT_ID'].principalId | [0]" -o tsv --only-show-errors)
if [ -z "$perms" ]; then
echo "Assigning DNS Zone Contributor permissions for $WL_ARM_OBJECT_ID to ${scope}"
az role assignment create --assignee-object-id $WL_ARM_OBJECT_ID --assignee-principal-type ServicePrincipal --role "Private DNS Zone Contributor" --scope $scope --output none
fi
done
fi

resource_group_name=$(az keyvault show --name "${key_vault}" --query resourceGroup --subscription ${STATE_SUBSCRIPTION} -o tsv)

if [ -n ${resource_group_name} ]; then
  resource_group_id=$(az group show --name ${resource_group_name} --subscription ${STATE_SUBSCRIPTION} --query id -o tsv)

  vnet_resource_id=$(az resource list --resource-group "${resource_group_name}" --subscription ${STATE_SUBSCRIPTION} --resource-type Microsoft.Network/virtualNetworks -o tsv --query "[].id | [0]")
  if [ -n "${vnet_resource_id}" ]; then
    perms=$(az role assignment list --subscription ${STATE_SUBSCRIPTION} --role "Network Contributor"  --scope $vnet_resource_id --only-show-errors --query "[].principalId | [0]"  --assignee $WL_ARM_OBJECT_ID -o tsv --only-show-errors)

    if [ -z "$perms" ]; then
      echo "Assigning Network Contributor rights for $WL_ARM_OBJECT_ID to ${vnet_resource_id}"
      az role assignment create --assignee-object-id $WL_ARM_OBJECT_ID  --assignee-principal-type ServicePrincipal --role "Network Contributor"  --scope $vnet_resource_id --output none
    fi
  fi

fi
else
echo "##vso[task.logissue type=warning]Service Principal $CP_ARM_CLIENT_ID does not have 'User Access Administrator' permissions. Please ensure that the service principal $WL_ARM_CLIENT_ID has permissions on the Terrafrom state storage account and if needed on the Private DNS zone and the source management network resource"
fi

echo -e "$green--- Deploy the workload zone ---$reset"
cd $CONFIG_REPO_PATH/LANDSCAPE/DEV-WEEU-SAP01-INFRASTRUCTURE
if [ -f /etc/profile.d/deploy_server.sh ]; then
az logout --output none
if [ $LOGON_USING_SPN == "true" ]; then
echo "Logon Using SPN"

  export ARM_CLIENT_ID=$WL_ARM_CLIENT_ID
  export ARM_CLIENT_SECRET=$WL_ARM_CLIENT_SECRET
  export ARM_TENANT_ID=$WL_ARM_TENANT_ID
  export ARM_SUBSCRIPTION_ID=$WL_ARM_SUBSCRIPTION_ID
  export ARM_USE_MSI=false
  az login --service-principal --username $WL_ARM_CLIENT_ID --password=$WL_ARM_CLIENT_SECRET --tenant $WL_ARM_TENANT_ID --output none
  return_code=$?
  if [ 0 != $return_code ]; then
    echo -e "$boldred--- Login failed ---$reset"
    echo "##vso[task.logissue type=error]az login failed."
    exit $return_code
  fi
else
  export ARM_USE_MSI=true
  az login --identity --allow-no-subscriptions --output none
fi

else
export ARM_CLIENT_ID=$WL_ARM_CLIENT_ID
export ARM_CLIENT_SECRET=$WL_ARM_CLIENT_SECRET
export ARM_TENANT_ID=$WL_ARM_TENANT_ID
export ARM_SUBSCRIPTION_ID=$WL_ARM_SUBSCRIPTION_ID
export ARM_USE_MSI=false
az login --service-principal --username $WL_ARM_CLIENT_ID --password=$WL_ARM_CLIENT_SECRET --tenant $WL_ARM_TENANT_ID --output none
return_code=$?
if [ 0 != $return_code ]; then
echo -e "$boldred--- Login failed ---$reset"
echo "##vso[task.logissue type=error]az login failed."
exit $return_code
fi

fi

$SAP_AUTOMATION_REPO_PATH/deploy/scripts/install_workloadzone.sh --parameterfile DEV-WEEU-SAP01-INFRASTRUCTURE.tfvars
--deployer_environment MGMT --subscription ea5ea3d1-e269-43a5-81f8-17e0f331a78e
--spn_id $WL_ARM_CLIENT_ID --spn_secret $WL_ARM_CLIENT_SECRET --tenant_id $WL_ARM_TENANT_ID
--deployer_tfstate_key "${deployer_tfstate_key}" --keyvault "${key_vault}" --storageaccountname "${REMOTE_STATE_SA}"
--state_subscription "${STATE_SUBSCRIPTION}" --auto-approve --ado
return_code=$?

echo "Return code: ${return_code}"
if [ -f ${workload_environment_file_name} ]; then
export workload_key_vault=$(cat ${workload_environment_file_name} | grep workloadkeyvault= | awk -F'=' '{print $2}' | xargs) ; echo 'Workload Key Vault' ${workload_key_vault}
export workload_prefix=$(cat ${workload_environment_file_name} | grep workload_zone_prefix= | awk -F'=' '{print $2}' | xargs) ; echo 'Workload Prefix' ${workload_prefix}
export landscape_tfstate_key=$(cat ${workload_environment_file_name} | grep landscape_tfstate_key= | awk -F'=' '{print $2}' | xargs) ; echo 'Workload Zone State File' $landscape_tfstate_key
fi

az logout --output none

az_var=$(az pipelines variable-group variable list --group-id ${VARIABLE_GROUP_ID} --query "FENCING_SPN_ID.value")
if [ -z ${az_var} ]; then
echo "##vso[task.logissue type=warning]Variable FENCING_SPN_ID is not set. Required for highly available deployments"
else
export fencing_id=$(az keyvault secret list --vault-name $workload_key_vault --query [].name -o tsv | grep ${workload_prefix}-fencing-spn-id | xargs)
if [ -z "$fencing_id" ]; then
az keyvault secret set --name ${workload_prefix}-fencing-spn-id --vault-name $workload_key_vault --value $(FENCING_SPN_ID) --output none
az keyvault secret set --name ${workload_prefix}-fencing-spn-pwd --vault-name $workload_key_vault --value=$FENCING_SPN_PWD --output none
az keyvault secret set --name ${workload_prefix}-fencing-spn-tenant --vault-name $workload_key_vault --value $(FENCING_SPN_TENANT) --output none
fi
fi

echo -e "$green--- Add & update files in the DevOps Repository ---$reset"
cd /home/azureadm/agent/_work/2/s/config
git pull

echo -e "$green--- Pull latest ---$reset"
cd $CONFIG_REPO_PATH
git pull

added=0
if [ -f ${workload_environment_file_name} ]; then
git add ${workload_environment_file_name}
added=1
fi
if [ -f ${workload_environment_file_name}.md ]; then
git add ${workload_environment_file_name}.md
added=1
fi
if [ -f WORKSPACES/LANDSCAPE/DEV-WEEU-SAP01-INFRASTRUCTURE/.terraform/terraform.tfstate ]; then
git add -f WORKSPACES/LANDSCAPE/DEV-WEEU-SAP01-INFRASTRUCTURE/.terraform/terraform.tfstate
added=1
fi
if [ 1 == $added ]; then
git config --global user.email "[email protected]"
git config --global user.name "Sanjeev Thakur"
git commit -m "Added updates from devops deployment SAP Workload Zone deployment [skip ci]"
git -c http.extraheader="AUTHORIZATION: bearer ***" push --set-upstream origin main
fi

if [ -f ${workload_environment_file_name}.md ]; then
echo "##vso[task.uploadsummary]${workload_environment_file_name}.md"
fi
echo -e "$green--- Adding variables to the variable group" SDAF-DEV "---$reset"
if [ -n $VARIABLE_GROUP_ID ]; then
az_var=$(az pipelines variable-group variable list --group-id ${VARIABLE_GROUP_ID} --query Terraform_Remote_Storage_Account_Name.value --output table)
if [ -n "${az_var}" ]; then
az pipelines variable-group variable update --group-id ${VARIABLE_GROUP_ID} --name Terraform_Remote_Storage_Account_Name --value "${REMOTE_STATE_SA}" --output none --only-show-errors
else
az pipelines variable-group variable create --group-id ${VARIABLE_GROUP_ID} --name Terraform_Remote_Storage_Account_Name --value "${REMOTE_STATE_SA}" --output none --only-show-errors
fi

az_var=$(az pipelines variable-group variable list --group-id ${VARIABLE_GROUP_ID} --query Terraform_Remote_Storage_Subscription.value --output table)
if [ -n "${az_var}" ]; then
  az pipelines variable-group variable update --group-id ${VARIABLE_GROUP_ID} --name Terraform_Remote_Storage_Subscription --value "${STATE_SUBSCRIPTION}" --output none --only-show-errors
else
  az pipelines variable-group variable create --group-id ${VARIABLE_GROUP_ID} --name Terraform_Remote_Storage_Subscription --value "${STATE_SUBSCRIPTION}" --output none --only-show-errors
fi

az_var=$(az pipelines variable-group variable list --group-id ${VARIABLE_GROUP_ID} --query Deployer_State_FileName.value --output table)
if [ -n "${az_var}" ]; then
  az pipelines variable-group variable update --group-id ${VARIABLE_GROUP_ID} --name Deployer_State_FileName --value "${deployer_tfstate_key}" --output none --only-show-errors
else
  az pipelines variable-group variable create --group-id ${VARIABLE_GROUP_ID} --name Deployer_State_FileName --value "${deployer_tfstate_key}" --output none --only-show-errors
fi

az_var=$(az pipelines variable-group variable list --group-id ${VARIABLE_GROUP_ID} --query Deployer_Key_Vault.value --output table)
if [ -n "${az_var}" ]; then
  az pipelines variable-group variable update --group-id ${VARIABLE_GROUP_ID} --name Deployer_Key_Vault --value ${key_vault} --output none --only-show-errors
else
  az pipelines variable-group variable create --group-id ${VARIABLE_GROUP_ID} --name Deployer_Key_Vault --value ${key_vault} --output none --only-show-errors
fi

az_var=$(az pipelines variable-group variable list --group-id ${VARIABLE_GROUP_ID} --query "${NETWORK}"Workload_Key_Vault.value --output table)
if [ -n "${az_var}" ]; then
  az pipelines variable-group variable update --group-id ${VARIABLE_GROUP_ID} --name "${NETWORK}"Workload_Key_Vault --value $workload_key_vault --output none --only-show-errors
else
  az pipelines variable-group variable create --group-id ${VARIABLE_GROUP_ID} --name "${NETWORK}"Workload_Key_Vault --value $workload_key_vault --output none --only-show-errors
fi

az_var=$(az pipelines variable-group variable list --group-id ${VARIABLE_GROUP_ID} --query "${NETWORK}"Workload_Secret_Prefix.value --output table)
if [ -n "${az_var}" ]; then
  az pipelines variable-group variable update --group-id ${VARIABLE_GROUP_ID} --name "${NETWORK}"Workload_Secret_Prefix --value "${workload_prefix}" --output none --only-show-errors
else
  az pipelines variable-group variable create --group-id ${VARIABLE_GROUP_ID} --name "${NETWORK}"Workload_Secret_Prefix --value "${workload_prefix}" --output none --only-show-errors
fi

az_var=$(az pipelines variable-group variable list --group-id ${VARIABLE_GROUP_ID} --query "${NETWORK}"Workload_Zone_State_FileName.value --output table)
if [ -n "${az_var}" ]; then
  az pipelines variable-group variable update --group-id ${VARIABLE_GROUP_ID} --name "${NETWORK}"Workload_Zone_State_FileName --value "${landscape_tfstate_key}" --output none --only-show-errors
else
  az pipelines variable-group variable create --group-id ${VARIABLE_GROUP_ID} --name "${NETWORK}"Workload_Zone_State_FileName --value "${landscape_tfstate_key}" --output none --only-show-errors
fi

az_var=$(az pipelines variable-group variable list --group-id ${VARIABLE_GROUP_ID} --query WZ_PAT.isSecret --output table)
if [ -n "${az_var}" ]; then
  az pipelines variable-group variable update --group-id ${VARIABLE_GROUP_ID} --name WZ_PAT --value $AZURE_DEVOPS_EXT_PAT --output none --only-show-errors --secret true
else
  az pipelines variable-group variable create --group-id ${VARIABLE_GROUP_ID} --name WZ_PAT --value $AZURE_DEVOPS_EXT_PAT --output none --only-show-errors --secret true
fi

fi

if [ 0 != $return_code ]; then
echo "##vso[task.logissue type=error]Return code from install_workloadzone $return_code."
if [ -f ${workload_environment_file_name}.err ]; then
error_message=$(cat ${workload_environment_file_name}.err)
echo "##vso[task.logissue type=error]Error message: $error_message."
fi

fi

exit $return_code
2024-03-09T15:12:58.6268079Z Generating script.
2024-03-09T15:12:58.6268414Z ##[debug]which 'bash'
2024-03-09T15:12:58.6268729Z ##[debug]found: '/usr/bin/bash'
2024-03-09T15:12:58.6269003Z ##[debug]Agent.Version=3.234.0
2024-03-09T15:12:58.6269395Z ##[debug]agent.tempDirectory=/home/azureadm/agent/_work/_temp
2024-03-09T15:12:58.6269863Z ##[debug]check path : /home/azureadm/agent/_work/_temp
2024-03-09T15:12:58.6270098Z ========================== Starting Command Output ===========================
2024-03-09T15:12:58.6270363Z ##[debug]which '/usr/bin/bash'
2024-03-09T15:12:58.6270634Z ##[debug]found: '/usr/bin/bash'
2024-03-09T15:12:58.6270977Z ##[debug]/usr/bin/bash arg: /home/azureadm/agent/_work/_temp/3bae54ec-e2fa-450f-abbd-cd69128c649d.sh
2024-03-09T15:12:58.6271366Z ##[debug]exec tool: /usr/bin/bash
2024-03-09T15:12:58.6271645Z ##[debug]arguments:
2024-03-09T15:12:58.6271977Z ##[debug] /home/azureadm/agent/_work/_temp/3bae54ec-e2fa-450f-abbd-cd69128c649d.sh
2024-03-09T15:12:58.6272531Z [command]/usr/bin/bash /home/azureadm/agent/_work/_temp/3bae54ec-e2fa-450f-abbd-cd69128c649d.sh
2024-03-09T15:12:58.6309006Z ##[debug]Update build number for build: 811 to: Deploying the SAP Workload zone defined in DEV-WEEU-SAP01-INFRASTRUCTURE at backend.
2024-03-09T15:12:58.6365221Z ##[debug]Processed: ##vso[build.updatebuildnumber]Deploying the SAP Workload zone defined in DEV-WEEU-SAP01-INFRASTRUCTURE
2024-03-09T15:12:59.2378659Z azureadm account ready for use with Azure SAP Automated Deployment
2024-03-09T15:12:59.2380243Z �[1;31m--- DEV-WEEU-SAP01-INFRASTRUCTURE.tfvars was not found ---�[0m
2024-03-09T15:12:59.2422894Z ##[error]File DEV-WEEU-SAP01-INFRASTRUCTURE.tfvars was not found.
2024-03-09T15:12:59.2442511Z ##[debug]Processed: ##vso[task.logissue type=error]File DEV-WEEU-SAP01-INFRASTRUCTURE.tfvars was not found.
2024-03-09T15:12:59.2442876Z
2024-03-09T15:12:59.2443290Z ##[debug]Exit code 2 received from tool '/usr/bin/bash'
2024-03-09T15:12:59.2443597Z ##[debug]STDIO streams have closed for tool '/usr/bin/bash'
2024-03-09T15:12:59.2444031Z ##[error]Bash exited with code '2'.
2024-03-09T15:12:59.2444464Z ##[debug]Processed: ##vso[task.issue type=error;]Bash exited with code '2'.
2024-03-09T15:12:59.2444773Z ##[debug]task result: Failed
2024-03-09T15:12:59.2453084Z ##[debug]Processed: ##vso[task.complete result=Failed;done=true;]
2024-03-09T15:12:59.2456580Z ##[section]Async Command Start: Update Build Number
2024-03-09T15:12:59.9247800Z Update build number to Deploying the SAP Workload zone defined in DEV-WEEU-SAP01-INFRASTRUCTURE for build 811
2024-03-09T15:12:59.9248017Z ##[section]Async Command End: Update Build Number
2024-03-09T15:12:59.9248874Z ##[section]Finishing: Deploy SAP Workload Zone

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@stahkur