Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[DeploymentScripts] inclusion of storage account settings #9157

Merged
merged 9 commits into from
Apr 28, 2020
Merged

[DeploymentScripts] inclusion of storage account settings #9157

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
6d85ce1
inclusion of storage account settings
jorgecotillo-fork Apr 21, 2020
1c014a6
included examples
jorgecotillo-fork Apr 21, 2020
83faf3f
removed restartPolicy
jorgecotillo-fork Apr 21, 2020
400c745
updated sample response
jorgecotillo-fork Apr 21, 2020
6013bc2
updated based on feedback
jorgecotillo-fork Apr 22, 2020
46b0614
Merge branch 'master' of https://github.com/Azure/azure-rest-api-specs
jorgecotillo-fork Apr 22, 2020
59a6dc7
renamed file
jorgecotillo-fork Apr 22, 2020
e81a8b9
updated file name to prevent case sensitive error
jorgecotillo-fork Apr 22, 2020
51de276
Merge branch 'master' of https://github.com/Azure/azure-rest-api-specs
jorgecotillo-fork Apr 23, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
31 changes: 31 additions & 0 deletions ...es/resource-manager/Microsoft.Resources/preview/2019-10-01-preview/deploymentScripts.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -614,6 +614,11 @@
"description": "Container settings.",
"$ref": "#/definitions/ContainerConfiguration"
},
"storageAccountSettings": {
"type": "object",
"description": "Storage Account settings.",
"$ref": "#/definitions/StorageAccountConfiguration"
},
"cleanupPreference": {
"type": "string",
"description": "The clean up preference when the script execution gets in a terminal state. Default setting is 'Always'.",
Expand Down Expand Up @@ -670,6 +675,32 @@
"description": "Container group name, if not specified then the name will get auto-generated. Not specifying a 'containerGroupName' indicates the system to generate a unique name which might end up flagging an Azure Policy as non-compliant. Use 'containerGroupName' when you have an Azure Policy that expects a specific naming convention or when you want to fully control the name. 'containerGroupName' property must be between 1 and 63 characters long, must contain only lowercase letters, numbers, and dashes and it cannot start or end with a dash and consecutive dashes are not allowed. To specify a 'containerGroupName', add the following object to properties: { \"containerSettings\": { \"containerGroupName\": \"contoso-container\" } }. If you do not want to specify a 'containerGroupName' then do not add 'containerSettings' property.",
"minLength": 1,
"maxLength": 63
},
"restartPolicy": {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just curious about the purpose of this property. It seems like it only has one possible value. Is this different than default restart policy setting on the containers?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is the same setting actually. In a recent PR update this property got removed (the RP got updated to not return this value, since it is read-only and sets only one value)

"type": "string",
"description": "Restart policy for all containers within the container group. This value is read-only and set to 'Never'",
"readOnly": true,
"enum": [
"Never"
],
"x-ms-enum": {
"name": "RestartPolicy",
"modelAsString": true
}
}
}
},
"StorageAccountConfiguration": {
"type": "object",
"description": "Settings to use an existing storage account. Valid storage account kinds are: Storage, StorageV2 and FileStorage",
"properties": {
"storageAccountName": {
"type": "string",
"description": "The storage account name."
},
"storageAccountKey": {
Copy link
Member

@majastrz majastrz Apr 21, 2020
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

storageAccountKey [](start = 9, length = 17)

Can you add the "x-ms-secret": true to this property? #Resolved

"type": "string",
"description": "The storage account access key."
}
}
},
Expand Down
111 changes: 111 additions & 0 deletions .../preview/2019-10-01-preview/examples/DeploymentScripts_Create_using_existing_storage.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,111 @@
{
"parameters": {
"api-version": "2019-10-01-preview",
"subscriptionId": "00000000-0000-0000-0000-000000000000",
"resourceGroupName": "script-rg",
"scriptName": "MyDeploymentScript",
"deploymentScript": {
"kind": "AzurePowerShell",
"location": "westus",
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/scriptRG/providers/Microsoft.ManagedIdentity/userAssignedIdentities/uai": {}
}
},
"properties": {
"azPowerShellVersion": "1.7.0",
"scriptContent": "Param([string]$Location,[string]$Name) $deploymentScriptOutputs['test'] = 'value' Get-AzResourceGroup -Location $Location -Name $Name",
"storageAccountSettings": {
"storageAccountName": "contosostorage",
"storageAccountKey": "contosostoragekey"
},
"arguments": "-Location 'westus' -Name \"*rg2\"",
"supportingScriptUris": [
"https://uri1.to.supporting.script",
"https://uri2.to.supporting.script"
],
"retentionInterval": "PT7D",
"timeout": "PT1H",
"cleanupPreference": "Always"
}
}
},
"responses": {
"201": {
"body": {
"kind": "AzurePowerShell",
"location": "westus",
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/scriptRG/providers/Microsoft.ManagedIdentity/userAssignedIdentities/uai": {}
}
},
"systemData": {
"createdBy": "string",
"createdByType": "Application",
"createdAt": "2020-02-01T01:01:01.1075056Z",
"lastModifiedBy": "string",
"lastModifiedByType": "Application",
"lastModifiedAt": "2020-02-01T01:01:01.1075056Z"
},
"properties": {
Copy link
Member

@majastrz majastrz Apr 21, 2020
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

properties [](start = 9, length = 10)

The response is missing the specified storageAccountSettings. #Resolved

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also, what are we going to return in the PUT response if you don't specify storageAccountSettings?

In reply to: 412423575 [](ancestors = 412423575)

Copy link
Contributor Author

@jorgecotillo jorgecotillo Apr 21, 2020
edited by majastrz
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@majastrz added storageAccountSettings to the response and also updated the sample from container group name.
If storageAccountSettings are not provided, null will be returned as the value of storageAccountSettings.

Question, in a response that contains storageAccountSettings -> storageAccountName, storageAccountKey is set as an empty string because it is marked as a required property, does this results in the property being returned with an empty string value or it will be ignored from the response?
#Resolved

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Properties that are secrets generally shouldn't be returned in the response or returned with explicit null (2nd case is rare). We shouldn't return empty string. The service can enforce that the storageAccountKey is present on PUT but it doesn't need to be returned in the response. I don't see any of these marked as required in the Swagger unless I'm missing something.

In reply to: 412492407 [](ancestors = 412492407)

"provisioningState": "Creating",
"azPowerShellVersion": "1.7.0",
"scriptContent": "Param([string]$Location,[string]$Name) $deploymentScriptOutputs['test'] = 'value' Get-AzResourceGroup -Location $Location -Name $Name",
"arguments": "-Location 'westus' -Name \"*rg2\"",
"supportingScriptUris": [
"https://uri1.to.supporting.script",
"https://uri2.to.supporting.script"
],
"retentionInterval": "P7D",
"timeout": "PT1H",
"cleanupPreference": "Always",
"status": {
"containerInstanceId": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/scriptRG/providers/Microsoft.ContainerInstance/containerGroups/scriptContainer",
"storageAccountId": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/scriptRG/providers/Microsoft.Storage/storageAccounts/scriptStorage",
"startTime": "2018-11-13T15:19:45-08:00",
"endTime": "2018-11-13T15:19:45-08:00",
"expirationTime": "2018-11-13T15:19:45-08:00"
}
}
}
},
"200": {
"body": {
"kind": "AzurePowerShell",
"location": "westus",
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/scriptRG/providers/Microsoft.ManagedIdentity/userAssignedIdentities/uai": {}
}
},
"properties": {
"provisioningState": "Succeeded",
"azPowerShellVersion": "1.7.0",
"scriptContent": "Param([string]$Location,[string]$Name) $deploymentScriptOutputs['test'] = 'value' Get-AzResourceGroup -Location $Location -Name $Name",
"arguments": "-Location 'westus' -Name \"*rg2\"",
"supportingScriptUris": [
"https://uri1.to.supporting.script",
"https://uri2.to.supporting.script"
],
"retentionInterval": "P7D",
"timeout": "PT1H",
"cleanupPreference": "Always",
"status": {
"containerInstanceId": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/scriptRG/providers/Microsoft.ContainerInstance/containerGroups/scriptContainer",
"storageAccountId": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/scriptRG/providers/Microsoft.Storage/storageAccounts/scriptStorage",
"startTime": "2018-11-13T15:19:45-08:00",
"endTime": "2018-11-13T15:19:45-08:00",
"expirationTime": "2018-11-13T15:19:45-08:00"
},
"outputs": {
"output1": "value1"
}
}
}
}
}
}
110 changes: 110 additions & 0 deletions ...Resources/preview/2019-10-01-preview/examples/DeploymentScripts_Create_with_aci_name.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,110 @@
{
"parameters": {
"api-version": "2019-10-01-preview",
"subscriptionId": "00000000-0000-0000-0000-000000000000",
"resourceGroupName": "script-rg",
"scriptName": "MyDeploymentScript",
"deploymentScript": {
"kind": "AzurePowerShell",
"location": "westus",
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/scriptRG/providers/Microsoft.ManagedIdentity/userAssignedIdentities/uai": {}
}
},
"properties": {
"azPowerShellVersion": "1.7.0",
"scriptContent": "Param([string]$Location,[string]$Name) $deploymentScriptOutputs['test'] = 'value' Get-AzResourceGroup -Location $Location -Name $Name",
"containerSettings": {
"containerGroupName": "contoso-aci"
},
"arguments": "-Location 'westus' -Name \"*rg2\"",
"supportingScriptUris": [
"https://uri1.to.supporting.script",
"https://uri2.to.supporting.script"
],
"retentionInterval": "PT7D",
"timeout": "PT1H",
"cleanupPreference": "Always"
}
}
},
"responses": {
"201": {
"body": {
"kind": "AzurePowerShell",
"location": "westus",
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/scriptRG/providers/Microsoft.ManagedIdentity/userAssignedIdentities/uai": {}
}
},
"systemData": {
"createdBy": "string",
"createdByType": "Application",
"createdAt": "2020-02-01T01:01:01.1075056Z",
"lastModifiedBy": "string",
"lastModifiedByType": "Application",
"lastModifiedAt": "2020-02-01T01:01:01.1075056Z"
},
"properties": {
"provisioningState": "Creating",
"azPowerShellVersion": "1.7.0",
"scriptContent": "Param([string]$Location,[string]$Name) $deploymentScriptOutputs['test'] = 'value' Get-AzResourceGroup -Location $Location -Name $Name",
"arguments": "-Location 'westus' -Name \"*rg2\"",
"supportingScriptUris": [
"https://uri1.to.supporting.script",
"https://uri2.to.supporting.script"
],
"retentionInterval": "P7D",
"timeout": "PT1H",
"cleanupPreference": "Always",
"status": {
"containerInstanceId": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/scriptRG/providers/Microsoft.ContainerInstance/containerGroups/scriptContainer",
"storageAccountId": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/scriptRG/providers/Microsoft.Storage/storageAccounts/scriptStorage",
"startTime": "2018-11-13T15:19:45-08:00",
"endTime": "2018-11-13T15:19:45-08:00",
"expirationTime": "2018-11-13T15:19:45-08:00"
}
}
}
},
"200": {
"body": {
"kind": "AzurePowerShell",
"location": "westus",
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/scriptRG/providers/Microsoft.ManagedIdentity/userAssignedIdentities/uai": {}
}
},
"properties": {
"provisioningState": "Succeeded",
"azPowerShellVersion": "1.7.0",
"scriptContent": "Param([string]$Location,[string]$Name) $deploymentScriptOutputs['test'] = 'value' Get-AzResourceGroup -Location $Location -Name $Name",
"arguments": "-Location 'westus' -Name \"*rg2\"",
"supportingScriptUris": [
"https://uri1.to.supporting.script",
"https://uri2.to.supporting.script"
],
"retentionInterval": "P7D",
"timeout": "PT1H",
"cleanupPreference": "Always",
"status": {
"containerInstanceId": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/scriptRG/providers/Microsoft.ContainerInstance/containerGroups/scriptContainer",
"storageAccountId": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/scriptRG/providers/Microsoft.Storage/storageAccounts/scriptStorage",
"startTime": "2018-11-13T15:19:45-08:00",
"endTime": "2018-11-13T15:19:45-08:00",
"expirationTime": "2018-11-13T15:19:45-08:00"
},
"outputs": {
"output1": "value1"
}
}
}
}
}
}