Fix for mgmt vm (#966)

* add pip unique dns name and update container for artifacts in mgmt vm * add pip unique dns name and update container for artifacts in mgmt vm # Description add missing param to script used by runCommand ## Issue reference The issue this PR will close: #965 ## Checklist Please make sure you've completed the relevant tasks for this PR out of the following list: * [ ] All acceptance criteria in the backlog item are met * [ ] The documentation is updated to cover any new or changed features * [ ] Manual tests have passed * [ ] Relevant issues are linked to this PR * build json
Azure · Apr 4, 2024 · 7c9bb1d · 7c9bb1d
1 parent 6530416
commit 7c9bb1d
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 16 deletions.
diff --git a/src/bicep/add-ons/esri-enterprise/modules/managementVirtualMachine.bicep b/src/bicep/add-ons/esri-enterprise/modules/managementVirtualMachine.bicep
@@ -376,32 +376,32 @@ resource artifacts 'Microsoft.Compute/virtualMachines/runCommands@2023-03-01' =
     source: {
       script: '''
       param(
-        [string]$ContainerName,
         [string]$CertificateFileName,
         [string]$CertificatePassword,
-        [string]$StorageAccountName,
-        [string]$StorageEndpoint,
-        [string]$UserAssignedIdentityObjectId,
-        [string]$UserAssignedIdentityClientId,
-        [string]$PortalLicenseFileName,
+        [string]$ContainerName,
+        [string]$Environment,
+        [string]$EsriStorageAccount,
+        [string]$EsriStorageAccountContainer,
+        [string]$Fqdn,
+        [string]$KeyVaultName,
+        [string]$Location,
         [string]$PortalLicenseFile,
+        [string]$PortalLicenseFileName,
         [string]$ServerLicensefile,
         [string]$ServerLicenseFileName,
-        [string]$TenantId,
-        [string]$Location,
-        [string]$Fqdn,
+        [string]$StorageAccountName,
+        [string]$StorageEndpoint,
         [string]$Subscription,
-        [string]$KeyVaultName,
-        [string]$EsriStorageAccount,
-        [string]$Environment
+        [string]$TenantId,
+        [string]$UserAssignedIdentityClientId,
+        [string]$UserAssignedIdentityObjectId
       )
       New-Item -ItemType File "$env:windir\temp\$portalLicenseFileName"
       New-Item -ItemType File "$env:windir\temp\$serverLicenseFileName"
 
       $plf = "$env:windir\temp\$portalLicenseFileName"
       $slf = "$env:windir\temp\$serverLicenseFileName"
 
-
       $Utf8NoBomEncoding = New-Object System.Text.UTF8Encoding $False
 
       $portalLicense = [System.Text.UTF8Encoding]::UTF8.GetString([System.Convert]::FromBase64String($portalLicensefile))

diff --git a/src/bicep/add-ons/esri-enterprise/solution.json b/src/bicep/add-ons/esri-enterprise/solution.json
@@ -5,7 +5,7 @@
     "_generator": {
       "name": "bicep",
       "version": "0.26.54.24096",
-      "templateHash": "17309430228877481225"
+      "templateHash": "9100817995999971525"
     }
   },
   "parameters": {
@@ -7969,7 +7969,7 @@
             "_generator": {
               "name": "bicep",
               "version": "0.26.54.24096",
-              "templateHash": "7720856792939569744"
+              "templateHash": "15220953359455305824"
             }
           },
           "parameters": {
@@ -8321,7 +8321,7 @@
                   }
                 ],
                 "source": {
-                  "script": "      param(\r\n        [string]$ContainerName,\r\n        [string]$CertificateFileName,\r\n        [string]$CertificatePassword,\r\n        [string]$StorageAccountName,\r\n        [string]$StorageEndpoint,\r\n        [string]$UserAssignedIdentityObjectId,\r\n        [string]$UserAssignedIdentityClientId,\r\n        [string]$PortalLicenseFileName,\r\n        [string]$PortalLicenseFile,\r\n        [string]$ServerLicensefile,\r\n        [string]$ServerLicenseFileName,\r\n        [string]$TenantId,\r\n        [string]$Location,\r\n        [string]$Fqdn,\r\n        [string]$Subscription,\r\n        [string]$KeyVaultName,\r\n        [string]$EsriStorageAccount,\r\n        [string]$Environment\r\n      )\r\n      New-Item -ItemType File \"$env:windir\\temp\\$portalLicenseFileName\"\r\n      New-Item -ItemType File \"$env:windir\\temp\\$serverLicenseFileName\"\r\n\r\n      $plf = \"$env:windir\\temp\\$portalLicenseFileName\"\r\n      $slf = \"$env:windir\\temp\\$serverLicenseFileName\"\r\n\r\n\r\n      $Utf8NoBomEncoding = New-Object System.Text.UTF8Encoding $False\r\n\r\n      $portalLicense = [System.Text.UTF8Encoding]::UTF8.GetString([System.Convert]::FromBase64String($portalLicensefile))\r\n      [System.IO.File]::WriteAllLines($plf, $portalLicense, $Utf8NoBomEncoding)\r\n\r\n      $serverLicense = [System.Text.UTF8Encoding]::UTF8.GetString([System.Convert]::FromBase64String($serverLicensefile))\r\n      [System.IO.File]::WriteAllLines($slf, $serverLicense, $Utf8NoBomEncoding)\r\n\r\n      Import-Module az.keyvault\r\n      Connect-AzAccount -Environment $Environment -Subscription $Subscription -Identity -AccountId $UserAssignedIdentityClientId | Out-Null\r\n      $ctx = New-AzStorageContext -StorageAccountName $esriStorageAccount -UseConnectedAccount\r\n      $StorageAccountUrl = \"https://\" + $StorageAccountName + \".blob.\" + $StorageEndpoint\r\n      $TokenUri = \"http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=$StorageAccountUrl&object_id=$UserAssignedIdentityObjectId\"\r\n      $AccessToken = ((Invoke-WebRequest -Headers @{Metadata=$true} -Uri $TokenUri -UseBasicParsing).Content | ConvertFrom-Json).access_token\r\n      $BlobNames = @($certificateFileName)\r\n      Invoke-WebRequest -Headers @{\"x-ms-version\"=\"2017-11-09\"; Authorization =\"Bearer $AccessToken\"} -Uri \"$StorageAccountUrl/$ContainerName/$BlobNames\" -OutFile $env:windir\\temp\\$certificateFileName -Verbose\r\n      $pfx = \"$env:windir\\temp\\$CertificateFileName\"\r\n      Set-AzStorageBlobContent -File $pfx -Container $esriStorageAccountContainer -Blob $CertificateFileName -Context $ctx -Force\r\n      $base64 = [System.Convert]::ToBase64String([System.IO.File]::ReadAllBytes($pfx))\r\n      $Password = ConvertTo-SecureString -String $CertificatePassword -AsPlainText -Force\r\n      $cert = Import-AzKeyVaultCertificate -VaultName $keyVaultName -Name \"pfx$location\" -FilePath $pfx -Password $Password\r\n      $azKeyVaultCert = Get-AzKeyVaultCertificate -VaultName  $keyVaultName -Name \"pfx$location\"\r\n      $azKeyVaultCertBytes = $azKeyVaultCert.Certificate.Export([System.Security.Cryptography.X509Certificates.X509ContentType]::Cert)\r\n      $publicCertificateName = \"wildcard$fqdn-PublicKey.cer\"\r\n      $cerCertFile = \"$env:windir\\temp\\$publicCertificateName\"\r\n      Write-Output $cerCertFile\r\n      [System.IO.File]::WriteAllBytes($cerCertFile, $azKeyVaultCertBytes)\r\n      #$ctx = New-AzStorageContext -StorageAccountName $esriStorageAccount -UseConnectedAccount\r\n      Set-AzStorageBlobContent -File $cerCertFile -Container $esriStorageAccountContainer -Blob $publicCertificateName -Context $ctx -Force\r\n      #Set-AzStorageBlobContent -File $pfx -Container $esriStorageAccountContainer -Blob $CertificateFileName -Context $ctx -Force\r\n      Set-AzStorageBlobContent -File $plf -Container $esriStorageAccountContainer -Properties @{\"ContentEncoding\" = \"UTF-8\"} -Blob $portalLicenseFileName -Context $ctx -Force\r\n      Set-AzStorageBlobContent -File $slf -Container $esriStorageAccountContainer -Properties @{\"ContentEncoding\" = \"UTF-8\"} -Blob $serverLicenseFileName -Context $ctx -Force\r\n      "
+                  "script": "      param(\r\n        [string]$CertificateFileName,\r\n        [string]$CertificatePassword,\r\n        [string]$ContainerName,\r\n        [string]$Environment,\r\n        [string]$EsriStorageAccount,\r\n        [string]$EsriStorageAccountContainer,\r\n        [string]$Fqdn,\r\n        [string]$KeyVaultName,\r\n        [string]$Location,\r\n        [string]$PortalLicenseFile,\r\n        [string]$PortalLicenseFileName,\r\n        [string]$ServerLicensefile,\r\n        [string]$ServerLicenseFileName,\r\n        [string]$StorageAccountName,\r\n        [string]$StorageEndpoint,\r\n        [string]$Subscription,\r\n        [string]$TenantId,\r\n        [string]$UserAssignedIdentityClientId,\r\n        [string]$UserAssignedIdentityObjectId\r\n      )\r\n      New-Item -ItemType File \"$env:windir\\temp\\$portalLicenseFileName\"\r\n      New-Item -ItemType File \"$env:windir\\temp\\$serverLicenseFileName\"\r\n\r\n      $plf = \"$env:windir\\temp\\$portalLicenseFileName\"\r\n      $slf = \"$env:windir\\temp\\$serverLicenseFileName\"\r\n\r\n      $Utf8NoBomEncoding = New-Object System.Text.UTF8Encoding $False\r\n\r\n      $portalLicense = [System.Text.UTF8Encoding]::UTF8.GetString([System.Convert]::FromBase64String($portalLicensefile))\r\n      [System.IO.File]::WriteAllLines($plf, $portalLicense, $Utf8NoBomEncoding)\r\n\r\n      $serverLicense = [System.Text.UTF8Encoding]::UTF8.GetString([System.Convert]::FromBase64String($serverLicensefile))\r\n      [System.IO.File]::WriteAllLines($slf, $serverLicense, $Utf8NoBomEncoding)\r\n\r\n      Import-Module az.keyvault\r\n      Connect-AzAccount -Environment $Environment -Subscription $Subscription -Identity -AccountId $UserAssignedIdentityClientId | Out-Null\r\n      $ctx = New-AzStorageContext -StorageAccountName $esriStorageAccount -UseConnectedAccount\r\n      $StorageAccountUrl = \"https://\" + $StorageAccountName + \".blob.\" + $StorageEndpoint\r\n      $TokenUri = \"http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=$StorageAccountUrl&object_id=$UserAssignedIdentityObjectId\"\r\n      $AccessToken = ((Invoke-WebRequest -Headers @{Metadata=$true} -Uri $TokenUri -UseBasicParsing).Content | ConvertFrom-Json).access_token\r\n      $BlobNames = @($certificateFileName)\r\n      Invoke-WebRequest -Headers @{\"x-ms-version\"=\"2017-11-09\"; Authorization =\"Bearer $AccessToken\"} -Uri \"$StorageAccountUrl/$ContainerName/$BlobNames\" -OutFile $env:windir\\temp\\$certificateFileName -Verbose\r\n      $pfx = \"$env:windir\\temp\\$CertificateFileName\"\r\n      Set-AzStorageBlobContent -File $pfx -Container $esriStorageAccountContainer -Blob $CertificateFileName -Context $ctx -Force\r\n      $base64 = [System.Convert]::ToBase64String([System.IO.File]::ReadAllBytes($pfx))\r\n      $Password = ConvertTo-SecureString -String $CertificatePassword -AsPlainText -Force\r\n      $cert = Import-AzKeyVaultCertificate -VaultName $keyVaultName -Name \"pfx$location\" -FilePath $pfx -Password $Password\r\n      $azKeyVaultCert = Get-AzKeyVaultCertificate -VaultName  $keyVaultName -Name \"pfx$location\"\r\n      $azKeyVaultCertBytes = $azKeyVaultCert.Certificate.Export([System.Security.Cryptography.X509Certificates.X509ContentType]::Cert)\r\n      $publicCertificateName = \"wildcard$fqdn-PublicKey.cer\"\r\n      $cerCertFile = \"$env:windir\\temp\\$publicCertificateName\"\r\n      Write-Output $cerCertFile\r\n      [System.IO.File]::WriteAllBytes($cerCertFile, $azKeyVaultCertBytes)\r\n      #$ctx = New-AzStorageContext -StorageAccountName $esriStorageAccount -UseConnectedAccount\r\n      Set-AzStorageBlobContent -File $cerCertFile -Container $esriStorageAccountContainer -Blob $publicCertificateName -Context $ctx -Force\r\n      #Set-AzStorageBlobContent -File $pfx -Container $esriStorageAccountContainer -Blob $CertificateFileName -Context $ctx -Force\r\n      Set-AzStorageBlobContent -File $plf -Container $esriStorageAccountContainer -Properties @{\"ContentEncoding\" = \"UTF-8\"} -Blob $portalLicenseFileName -Context $ctx -Force\r\n      Set-AzStorageBlobContent -File $slf -Container $esriStorageAccountContainer -Properties @{\"ContentEncoding\" = \"UTF-8\"} -Blob $serverLicenseFileName -Context $ctx -Force\r\n      "
                 }
               },
               "dependsOn": [