Skip to content
This repository has been archived by the owner on Nov 1, 2023. It is now read-only.

Commit

Permalink
Merge branch 'main' into job_summary
Browse files Browse the repository at this point in the history
  • Loading branch information
chkeita authored Jul 26, 2023
2 parents db902aa + fc4e698 commit 476c6ab
Showing 1 changed file with 14 additions and 13 deletions.
27 changes: 14 additions & 13 deletions src/deployment/deploy.py
Original file line number Diff line number Diff line change
Expand Up @@ -147,7 +147,7 @@ def __init__(
create_registration: bool,
migrations: List[str],
export_appinsights: bool,
upgrade: bool,
skip_aad_setup: bool,
subscription_id: Optional[str],
admins: List[UUID],
allowed_aad_tenants: List[UUID],
Expand All @@ -168,7 +168,7 @@ def __init__(
self.third_party = third_party
self.create_registration = create_registration
self.custom_domain = custom_domain
self.upgrade = upgrade
self.skip_aad_setup = skip_aad_setup
self.results: Dict = {
"client_id": client_id,
"client_secret": client_secret,
Expand Down Expand Up @@ -465,12 +465,13 @@ def setup_rbac(self) -> None:
subscription=self.get_subscription_id(),
)

assign_instance_app_role(
self.application_name,
onefuzz_cli_app["displayName"],
self.get_subscription_id(),
OnefuzzAppRole.ManagedNode,
)
if not self.skip_aad_setup:
assign_instance_app_role(
self.application_name,
onefuzz_cli_app["displayName"],
self.get_subscription_id(),
OnefuzzAppRole.CliClient,
)

self.results["client_id"] = app["appId"]
self.results["client_secret"] = password
Expand Down Expand Up @@ -736,7 +737,7 @@ def deploy_template(self) -> None:
raise Exception("unknown error deploying")

def assign_scaleset_identity_role(self) -> None:
if self.upgrade:
if self.skip_aad_setup:
logger.info("Upgrading: skipping assignment of the managed identity role")
return
logger.info("assigning the user managed identity role")
Expand All @@ -748,7 +749,7 @@ def assign_scaleset_identity_role(self) -> None:
)

def assign_user_access(self) -> None:
if self.upgrade:
if self.skip_aad_setup:
logger.info("Upgrading: Skipping assignment of current user to app role")
return
logger.info("assigning user access to service principal")
Expand Down Expand Up @@ -1275,9 +1276,9 @@ def main() -> None:
"password for the pool agent",
)
parser.add_argument(
"--upgrade",
"--skip_aad_setup",
action="store_true",
help="Indicates that the instance is being upgraded",
help="Assumes that AAD resources already exist, and they do not need to be upgraded.",
)
parser.add_argument(
"--apply_migrations",
Expand Down Expand Up @@ -1359,7 +1360,7 @@ def main() -> None:
create_registration=args.create_pool_registration,
migrations=args.apply_migrations,
export_appinsights=args.export_appinsights,
upgrade=args.upgrade,
skip_aad_setup=args.skip_aad_setup,
subscription_id=args.subscription_id,
admins=args.set_admins,
allowed_aad_tenants=args.allowed_aad_tenants or [],
Expand Down

0 comments on commit 476c6ab

Please sign in to comment.