Changes How Azure AD Apps are Created

- Adds the required fields to `azure ad sp create` command.
- Also stores the object and client Ids.
- Removes the createApplication method and call.
- echos out the parameters in a JSON object style.
This commit is contained in:
Rich 2016-08-18 16:01:23 +01:00
parent 27cdd4480a
commit d36f79ac44
1 changed files with 10 additions and 15 deletions

View File

@ -10,6 +10,7 @@ azure_storage_name=
azure_subscription_id= # Derived from the account after login azure_subscription_id= # Derived from the account after login
azure_tenant_id= # Derived from the account after login azure_tenant_id= # Derived from the account after login
location= location=
azure_object_id=
showhelp() { showhelp() {
echo "azure-setup" echo "azure-setup"
@ -89,7 +90,7 @@ askSubscription() {
askName() { askName() {
echo "" echo ""
echo "Choose a name for your resource group, storage account, and client" echo "Choose a name for your resource group, storage account and client"
echo "client. This is arbitrary, but it must not already be in use by" echo "client. This is arbitrary, but it must not already be in use by"
echo "any of those resources. ALPHANUMERIC ONLY. Ex: mypackerbuild" echo "any of those resources. ALPHANUMERIC ONLY. Ex: mypackerbuild"
echo -n "> " echo -n "> "
@ -144,18 +145,10 @@ createStorageAccount() {
fi fi
} }
createApplication() {
echo "==> Creating application"
azure_client_id=$(azure ad app create -n $meta_name -i http://$meta_name --home-page http://$meta_name -p $azure_client_secret --json | jq -r .appId)
if [ $? -ne 0 ]; then
echo "Error creating application: $meta_name @ http://$meta_name"
exit 1
fi
}
createServicePrinciple() { createServicePrinciple() {
echo "==> Creating service principal" echo "==> Creating service principal"
azure ad sp create $azure_client_id azure_object_id=$(azure ad sp create -n $meta_name --home-page http://$meta_name --identifier-uris http://$meta_name/example -p $azure_client_secret --json | jq -r .objectId)
azure_client_id=$(azure ad app show -c $meta_name --json | jq -r .[0].appId)
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
echo "Error creating service principal: $azure_client_id" echo "Error creating service principal: $azure_client_id"
exit 1 exit 1
@ -164,7 +157,7 @@ createServicePrinciple() {
createPermissions() { createPermissions() {
echo "==> Creating permissions" echo "==> Creating permissions"
azure role assignment create -o "Owner" --spn http://$meta_name -c /subscriptions/$azure_subscription_id azure role assignment create --objectId $azure_object_id -o "Owner" -c /subscriptions/$azure_subscription_id
# We want to use this more conservative scope but it does not work with the # We want to use this more conservative scope but it does not work with the
# current implementation which uses temporary resource groups # current implementation which uses temporary resource groups
# azure role assignment create --spn http://$meta_name -g $azure_group_name -o "API Management Service Contributor" # azure role assignment create --spn http://$meta_name -g $azure_group_name -o "API Management Service Contributor"
@ -178,11 +171,15 @@ showConfigs() {
echo "" echo ""
echo "Use the following configuration for your packer template:" echo "Use the following configuration for your packer template:"
echo "" echo ""
echo "{"
echo " \"client_id\": \"$azure_client_id\"," echo " \"client_id\": \"$azure_client_id\","
echo " \"client_secret\": \"$azure_client_secret\"," echo " \"client_secret\": \"$azure_client_secret\","
echo " \"object_id\": \"$azure_object_id\","
echo " \"subscription_id\": \"$azure_subscription_id\","
echo " \"tenant_id\": \"$azure_tenant_id\","
echo " \"resource_group_name\": \"$azure_group_name\"," echo " \"resource_group_name\": \"$azure_group_name\","
echo " \"storage_account\": \"$azure_storage_name\"," echo " \"storage_account\": \"$azure_storage_name\","
echo " \"subscription_id\": \"$azure_subscription_id\"," echo "}"
echo "" echo ""
} }
@ -204,8 +201,6 @@ setup() {
sleep 5 sleep 5
createStorageAccount createStorageAccount
sleep 5 sleep 5
createApplication
sleep 5
createServicePrinciple createServicePrinciple
sleep 5 sleep 5
createPermissions createPermissions