Skip to content
This repository has been archived by the owner on Nov 1, 2023. It is now read-only.

Move the event grid topic creation and subscription to the deployment template #1591

Merged
merged 46 commits into from
Mar 15, 2022
Merged
Show file tree
Hide file tree
Changes from 42 commits
Commits
Show all changes
46 commits
Select commit Hold shift + click to select a range
41a6748
move the event grid subscription to the tempalte
chkeita Jan 20, 2022
8f9fc4a
change the name of the new subscription to prevent deleting the wrong…
chkeita Jan 20, 2022
171487a
refactoring
chkeita Jan 20, 2022
d3b3350
Merge remote-tracking branch 'upstream/main' into chkeita/bug_fix
chkeita Jan 21, 2022
1ab370a
mypy fix
chkeita Jan 21, 2022
2bf9a60
format
chkeita Jan 21, 2022
f7dd5d4
format
chkeita Jan 24, 2022
0377cb3
Merge remote-tracking branch 'upstream/main' into chkeita/bug_fix
chkeita Jan 24, 2022
44168aa
remove old event grid before arm deployment
chkeita Jan 25, 2022
2244352
fix deply
chkeita Jan 25, 2022
a9955a8
Merge branch 'main' into chkeita/bug_fix
chkeita Jan 26, 2022
d9b8e4d
attempt to fix check-pr issue
chkeita Jan 27, 2022
da01cf2
Merge branch 'main' into chkeita/bug_fix
chkeita Jan 27, 2022
790f7fc
Merge branch 'main' into chkeita/bug_fix
chkeita Jan 31, 2022
b47220b
fix interactive login in check-pr
chkeita Jan 31, 2022
e29986f
Merge branch 'chkeita/check-pr' into chkeita/bug_fix
chkeita Jan 31, 2022
dd5ea21
move the event grid subscription to the tempalte
chkeita Jan 20, 2022
5010419
change the name of the new subscription to prevent deleting the wrong…
chkeita Jan 20, 2022
a4c69a6
refactoring
chkeita Jan 20, 2022
95b7fb4
mypy fix
chkeita Jan 21, 2022
b538c8a
format
chkeita Jan 21, 2022
383e270
format
chkeita Jan 24, 2022
a5952fc
remove old event grid before arm deployment
chkeita Jan 25, 2022
962500d
using resource Id
chkeita Feb 1, 2022
1fa3bd2
Merge branch 'chkeita/bug_fix' of https://github.com/chkeita/onefuzz …
chkeita Feb 1, 2022
6100857
fix type
chkeita Feb 1, 2022
528170e
fix location
chkeita Feb 2, 2022
449582c
Merge branch 'main' into chkeita/bug_fix
chkeita Feb 3, 2022
396bf14
revert changes in registration.py
chkeita Feb 3, 2022
9f5dcfc
Merge branch 'main' into chkeita/bug_fix
chkeita Feb 3, 2022
6357f98
build fix attempt
chkeita Feb 3, 2022
0342db0
Merge remote-tracking branch 'upstream/main' into chkeita/bug_fix
chkeita Feb 8, 2022
d6cb194
build fix
chkeita Feb 8, 2022
d977e59
revert ci changes
chkeita Feb 8, 2022
c754601
remove file
chkeita Mar 1, 2022
4133e9d
Merge branch 'main' into chkeita/bug_fix
chkeita Mar 2, 2022
eedd0db
Merge branch 'main' into chkeita/bug_fix
chkeita Mar 4, 2022
a2ac7ba
Merge branch 'main' into chkeita/bug_fix
chkeita Mar 7, 2022
c759dbf
Merge branch 'main' into chkeita/bug_fix
chkeita Mar 9, 2022
4004176
address comment
chkeita Mar 9, 2022
3b02648
address PR comments
chkeita Mar 9, 2022
ba0fdad
naming
chkeita Mar 9, 2022
040c62a
Merge branch 'main' into chkeita/bug_fix
chkeita Mar 9, 2022
6de6e3b
Merge branch 'main' into chkeita/bug_fix
chkeita Mar 10, 2022
ea57ca2
fix deplyment
chkeita Mar 10, 2022
9466a6a
Merge branch 'main' into chkeita/bug_fix
chkeita Mar 15, 2022
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
41 changes: 40 additions & 1 deletion src/deployment/azuredeploy.json
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,8 @@
"Storage Account Contributor": "17d1049b-9a84-46fb-8f53-869881c3d3ab",
"Virtual Machine Contributor": "9980e02c-c2be-4d73-94e8-173b1dc7cf3c",
"Storage Blob Data Reader": "2a2b9908-6ea1-4ae2-8e65-a410df84e7d1",
"keyVaultName": "[concat('of-kv-', uniquestring(resourceGroup().id))]"
"keyVaultName": "[concat('of-kv-', uniquestring(resourceGroup().id))]",
"fuzz-blob-topic-name": "[concat('fuzz-blob-topic-', uniquestring(resourceGroup().id))]"
chkeita marked this conversation as resolved.
Show resolved Hide resolved
},
"functions": [
{
Expand Down Expand Up @@ -865,6 +866,44 @@
}
]
}
},
{
"type": "Microsoft.EventGrid/systemTopics",
"apiVersion": "2021-12-01",
"name": "[variables('fuzz-blob-topic-name')]",
"location": "[resourceGroup().location]",
"properties": {
"source": "[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountName'))]",
"topicType": "microsoft.storage.storageaccounts"
}
},
{
"type": "Microsoft.EventGrid/systemTopics/eventSubscriptions",
"apiVersion": "2021-12-01",
"name": "[concat(variables('fuzz-blob-topic-name'), '/onefuzz1_subscription')]",
chkeita marked this conversation as resolved.
Show resolved Hide resolved
"dependsOn": [
"[resourceId('Microsoft.EventGrid/systemTopics', variables('fuzz-blob-topic-name'))]"
],
"properties": {
"destination": {
"properties": {
"resourceId": "[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountNameFunc'))]",
"queueName": "file-changes"
},
"endpointType": "StorageQueue"
},
"filter": {
"includedEventTypes": [
"Microsoft.Storage.BlobCreated",
"Microsoft.Storage.BlobDeleted"
]
},
"eventDeliverySchema": "EventGridSchema",
"retryPolicy": {
"maxDeliveryAttempts": 30,
"eventTimeToLiveInMinutes": 1440
}
}
}
],
"outputs": {
Expand Down
89 changes: 53 additions & 36 deletions src/deployment/deploy.py
Original file line number Diff line number Diff line change
Expand Up @@ -20,19 +20,14 @@
from uuid import UUID

from azure.common.credentials import get_cli_profile
from azure.core.exceptions import ResourceNotFoundError
from azure.cosmosdb.table.tableservice import TableService
from azure.identity import AzureCliCredential
from azure.mgmt.applicationinsights import ApplicationInsightsManagementClient
from azure.mgmt.applicationinsights.models import (
ApplicationInsightsComponentExportRequest,
)
from azure.mgmt.eventgrid import EventGridManagementClient
from azure.mgmt.eventgrid.models import (
EventSubscription,
EventSubscriptionFilter,
RetryPolicy,
StorageQueueEventSubscriptionDestination,
)
from azure.mgmt.resource import ResourceManagementClient, SubscriptionClient
from azure.mgmt.resource.resources.models import (
Deployment,
Expand Down Expand Up @@ -694,42 +689,64 @@ def set_instance_config(self) -> None:
tenants.append(tenant)
update_allowed_aad_tenants(config_client, tenants)

def create_eventgrid(self) -> None:
logger.info("creating eventgrid subscription")
src_resource_id = self.results["deploy"]["fuzz-storage"]["value"]
dst_resource_id = self.results["deploy"]["func-storage"]["value"]

@staticmethod
def event_subscription_exists(
client: EventGridManagementClient, resource_id: str, subscription_name: str
) -> bool:
try:
client.event_subscriptions.get(resource_id, subscription_name)
return True
except ResourceNotFoundError:
return False

@staticmethod
def get_storage_account_id(
client: StorageManagementClient, resource_group: str, prefix: str
) -> Optional[str]:
try:
storage_accounts = client.storage_accounts.list_by_resource_group(
chkeita marked this conversation as resolved.
Show resolved Hide resolved
resource_group
)
for storage_account in storage_accounts:
if storage_account.name.startswith(prefix):
return str(storage_account.id)
return None
except ResourceNotFoundError:
return None

def remove_eventgrid(self) -> None:
credential = AzureCliCredential()
client = StorageManagementClient(
storage_account_client = StorageManagementClient(
credential, subscription_id=self.get_subscription_id()
)
event_subscription_info = EventSubscription(
destination=StorageQueueEventSubscriptionDestination(
resource_id=dst_resource_id, queue_name="file-changes"
),
filter=EventSubscriptionFilter(
included_event_types=[
"Microsoft.Storage.BlobCreated",
"Microsoft.Storage.BlobDeleted",
]
),
retry_policy=RetryPolicy(
max_delivery_attempts=30,
event_time_to_live_in_minutes=1440,
),

src_resource_id = Client.get_storage_account_id(
storage_account_client, self.resource_group, "fuzz"
)
if not src_resource_id:
return

client = EventGridManagementClient(
event_grid_client = EventGridManagementClient(
credential, subscription_id=self.get_subscription_id()
)
result = client.event_subscriptions.begin_create_or_update(
src_resource_id, "onefuzz1", event_subscription_info
).result()
if result.provisioning_state != "Succeeded":
raise Exception(
"eventgrid subscription failed: %s"
% json.dumps(result.as_dict(), indent=4, sort_keys=True),
)

# Event subscription for version up to 5.1.0
old_subscription_name = "onefuzz1"
chkeita marked this conversation as resolved.
Show resolved Hide resolved
old_subscription_exists = Client.event_subscription_exists(
event_grid_client, src_resource_id, old_subscription_name
)

if old_subscription_exists:
logger.info("removing deprecated event subscription")
result = event_grid_client.event_subscriptions.begin_delete(
src_resource_id, old_subscription_name
).result()

if result.provisioning_state != "Succeeded":
raise Exception(
"Failed to remove : %s"
% json.dumps(result.as_dict(), indent=4, sort_keys=True),
)

def add_instance_id(self) -> None:
logger.info("setting instance_id log export")
Expand Down Expand Up @@ -1030,6 +1047,7 @@ def main() -> None:
rbac_only_states = [
("check_region", Client.check_region),
("rbac", Client.setup_rbac),
("eventgrid", Client.remove_eventgrid),
("arm", Client.deploy_template),
("assign_scaleset_identity_role", Client.assign_scaleset_identity_role),
("assign_user_access", Client.assign_user_access),
Expand All @@ -1038,7 +1056,6 @@ def main() -> None:
full_deployment_states = rbac_only_states + [
("apply_migrations", Client.apply_migrations),
("set_instance_config", Client.set_instance_config),
("eventgrid", Client.create_eventgrid),
("tools", Client.upload_tools),
("add_instance_id", Client.add_instance_id),
("instance-specific-setup", Client.upload_instance_setup),
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ def get_base_event(
resource_group, location
):
if (
entry.name == "onefuzz1"
entry.name == "onefuzz1_subscription"
and entry.type == "Microsoft.EventGrid/eventSubscriptions"
and entry.event_delivery_schema == "EventGridSchema"
and entry.destination.endpoint_type == "StorageQueue"
Expand Down