Merge pull request #195 from aztfmod/AL-2108

Component version updates for 2108
aztfmod · Aug 13, 2021 · 870d198 · 870d198
2 parents 9b205b5 + ea494ec
commit 870d198
Show file tree

Hide file tree

Showing 9 changed files with 83 additions and 28 deletions.
diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json
@@ -25,7 +25,7 @@
     // "shutdownAction": "none",
     // Uncomment the next line to run commands after the container is created.
     //"postCreateCommand": "cp -R /tmp/.ssh-localhost/* ~/.ssh && sudo chmod 600 ~/.ssh/* && sudo chown -R $(whoami) /tf/caf && git config --global core.editor vim && pre-commit install && pre-commit autoupdate",
-    "postCreateCommand": "sudo cp -R /tmp/.ssh-localhost/* ~/.ssh && sudo chown -R $(whoami):$(whoami) /tf/caf && sudo chmod 400 ~/.ssh/* && git config --global core.editor vi && pre-commit install && pre-commit autoupdate",
+    "postCreateCommand": "sudo cp -R /tmp/.ssh-localhost/* ~/.ssh && sudo chown -R $(whoami):$(whoami) /tf/caf ~/.ssh && sudo chmod 400 ~/.ssh/* && git config --global core.editor vi && pre-commit install && pre-commit autoupdate",
     "postStartCommand": "sudo cp -f /tf/rover/version.txt /tf/caf/scripts/version.txt && sudo rm -rf /tf/rover && sudo ln -s /tf/caf/scripts /tf/rover",
     // Add the IDs of extensions you want installed when the container is created in the array below.
     "extensions": [

diff --git a/.env b/.env
@@ -1,14 +1,14 @@
-versionAzureCli=2.25.0
+versionAzureCli=2.27.0
 versionKubectl=1.21.2
 versionGit=1:2.30.2-1ubuntu1
-versionTflint=0.29.1
-versionTflintazrs=0.10.1
-versionVault=1.7.3
+versionTflint=0.31.0
+versionTflintazrs=0.12.0
+versionVault=1.8.1
 versionJq=1.6-2.1ubuntu1
-versionDockerCompose=1.27.4
-versionTfsec=0.40.6
+versionDockerCompose=1.29.2
+versionTfsec=0.57.1
 versionTerraformDocs=0.14.1
 versionAnsible=2.10.7-1
-versionPacker=1.7.3
-versionCheckov=2.0.228
+versionPacker=1.7.4
+versionCheckov=2.0.344
 versionMssqlTools=17.7.1.1
diff --git a/.env.terraform b/.env.terraform
@@ -1,7 +1,5 @@
-1.0.1
-1.0.0
+1.0.4
+1.0.3
 0.15.5
 0.14.11
-0.14.10
 0.13.7
-0.13.6
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -2,7 +2,7 @@
 # See http://pre-commit.com/hooks.html for more hooks
 repos:
   - repo: git://github.com/IamTheFij/docker-pre-commit
-    rev: v2.0.0
+    rev: v2.0.1
     hooks:
     - id: docker-compose-check
   - repo: git://github.com/pre-commit/pre-commit-hooks

diff --git a/.vscode/settings.json b/.vscode/settings.json
@@ -0,0 +1,11 @@
+{
+    "files.eol": "\n",
+    "editor.tabSize": 2,
+    "terminal.integrated.scrollback": 32000,
+    "terminal.integrated.profiles.linux": {
+    "caf (rover)": {
+        "path": "docker-compose",
+        "args": ["-f", "rover_on_ssh_host.yml", "run", "-e", "ROVER_RUNNER=true", "--rm", "-w", "/tf/caf" ,"rover", "/bin/bash"],
+        "overrideName": true
+    }
+}
diff --git a/Dockerfile b/Dockerfile
@@ -68,7 +68,8 @@ RUN apt-get update && \
     vim \
     gpg \
     apt-utils \
-    gpg-agent && \
+    gpg-agent \
+    bsdmainutils && \
     #
     # Create USERNAME
     #

diff --git a/rover_on_ssh_host.yml b/rover_on_ssh_host.yml
@@ -0,0 +1,37 @@
+---
+#-------------------------------------------------------------------------------------------------------------
+# Copyright (c) Microsoft Corporation. All rights reserved.
+# Licensed under the MIT License. See https://go.microsoft.com/fwlink/?linkid=2090316 for license information.
+#-------------------------------------------------------------------------------------------------------------
+
+#
+# Docker compose to open the rover in remote ssh shells
+#
+
+version: '3.7'
+services:
+  rover:
+    image: aztfmod/rover-preview:1.0.1-2107.200307
+
+    user: vscode
+
+    labels:
+      - "caf=Azure CAF"
+
+    volumes:
+      # This is where VS Code should expect to find your project's source code
+      # and the value of "workspaceFolder" in .devcontainer/devcontainer.json
+      - .:/tf/caf
+      - volume-caf-vscode:/home/vscode
+      - volume-caf-vscode-bashhistory:/commandhistory
+      - ~/.ssh:/tmp/.ssh-localhost:ro
+      - /var/run/docker.sock:/var/run/docker.sock
+
+    # Overrides default command so things don't shut down after the process ends.
+    command: /bin/sh -c "while sleep 1000; do :; done"
+
+volumes:
+  volume-caf-vscode:
+    labels:
+      - "caf=Azure CAF"
+  volume-caf-vscode-bashhistory:
diff --git a/scripts/functions.sh b/scripts/functions.sh
@@ -64,7 +64,7 @@ function parameter_value {
     fi
 
     echo ${2}
-} 
+}
 
 function process_actions {
     echo "@calling process_actions"
@@ -128,7 +128,7 @@ function display_login_instructions {
 function display_instructions {
     echo ""
     echo "You can deploy a landingzone with the rover by running:"
-    echo "  rover -lz [landingzone_folder_name] -a [plan|apply|destroy|validate|refresh|graph|import|output|taint|'state list'|'state rm'|'state show']"
+    echo "  rover -lz [landingzone_folder_name] -a [plan|apply|destroy|validate|refresh|graph|import|output|taint|untaint|'state list'|'state rm'|'state show']"
     echo ""
 
 }
@@ -248,7 +248,7 @@ function login_as_sp_from_keyvault_secrets {
 
     export ARM_CLIENT_ID=$(az keyvault secret show --id ${sp_keyvault_url}/secrets/sp-client-id --query 'value' -o tsv)
     export ARM_CLIENT_SECRET=$(az keyvault secret show --id ${sp_keyvault_url}/secrets/sp-client-secret --query 'value' -o tsv)
-    
+
     information "Loging with service principal"
     az login --service-principal -u ${ARM_CLIENT_ID} -p ${ARM_CLIENT_SECRET} -t ${ARM_TENANT_ID}
 
@@ -633,9 +633,17 @@ function get_logged_user_object_id {
                 export ARM_TENANT_ID=$(az identity show --ids $msiResource | jq -r .tenantId)
                 ;;
             *)
+                # Service Principal
+                # Set the security context for Azure Terraform providers
+                session=$(az account show --sdk-auth -o json 2> /dev/null)
+                export ARM_CLIENT_ID=$(echo $session | jq -r .clientId)
+                export ARM_CLIENT_SECRET=$(echo $session | jq -r .clientSecret)
+                export ARM_TENANT_ID=$(echo $session | jq -r .tenantId)
+                export ARM_SUBSCRIPTION_ID=$(echo $session | jq -r .subscriptionId)
+
                 # When connected with a service account the name contains the objectId
                 export TF_VAR_logged_aad_app_objectId=$(az ad sp show --id ${clientId} --query objectId -o tsv) && echo " Logged in rover app object_id: ${TF_VAR_logged_aad_app_objectId}"
-                export TF_VAR_logged_user_objectId=$(az ad sp show --id ${clientId} --query objectId -o tsv) && echo " Logged in rover app object_id: ${TF_VAR_logged_aad_app_objectId}"
+                export TF_VAR_logged_user_objectId=${TF_VAR_logged_aad_app_objectId}
                 echo " - logged in Azure AD application:  $(az ad sp show --id ${clientId} --query displayName -o tsv)"
                 ;;
         esac
@@ -677,7 +685,7 @@ function deploy {
                         return
                     else
                         echo "6"
-                        exit                     
+                        exit
                     fi
                 fi
             else
@@ -709,7 +717,7 @@ function deploy {
                 "destroy")
                     destroy_from_remote_state
                     ;;
-                "plan"|"apply"|"validate"|"refresh"|"graph"|"import"|"output"|"taint"|"state list"|"state rm"|"state show")
+                "plan"|"apply"|"validate"|"refresh"|"graph"|"import"|"output"|"taint"|"untaint"|"state list"|"state rm"|"state show")
                     deploy_from_remote_state
                     ;;
                 *)

diff --git a/scripts/rover.sh b/scripts/rover.sh
@@ -42,7 +42,7 @@ current_path=$(pwd)
 
 mkdir -p ${TF_PLUGIN_CACHE_DIR}
 __log_init__
-set_log_severity INFO # Default Log Severity. This can be overriden via -log-severity or -d (shortcut for -log-severity DEBUG)
+set_log_severity ERROR # Default Log Severity. This can be overriden via -log-severity or -d (shortcut for -log-severity DEBUG)
 
 while (( "$#" )); do
     case "${1}" in
@@ -76,8 +76,8 @@ while (( "$#" )); do
             ;;
         -log-severity)
             set_log_severity $2
-            shift 2    
-            ;;      
+            shift 2
+            ;;
         -stack)
            export stack_name=${2}
            shift 2
@@ -115,20 +115,20 @@ while (( "$#" )); do
             export cd_action=${2}
             export TF_VAR_level="all"
             export caf_command="cd"
-            export devops="true"       
+            export devops="true"
             len=$#
             if [ "$len" == "1" ]; then
               shift 1
             else
               shift 2
             fi
-            
-            ;;            
+
+            ;;
         test)
             shift 1
             export caf_command="test"
             export devops="true"
-            ;;            
+            ;;
         -sc|--symphony-config)
             export symphony_yaml_file=$(parameter_value --symphony-config ${2})
             shift 2