Skip to content

Fix tenant_id and sslmode for post-provision scripts #116

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Oct 23, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion scripts/setup_postgres_azurerole.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,11 @@ if (-not $?) {
}
$POSTGRES_USERNAME = (azd env get-value POSTGRES_USERNAME)
$APP_IDENTITY_NAME = (azd env get-value SERVICE_WEB_IDENTITY_NAME)
$AZURE_TENANT_ID = (azd env get-value AZURE_TENANT_ID)

if ([string]::IsNullOrEmpty($POSTGRES_HOST) -or [string]::IsNullOrEmpty($POSTGRES_USERNAME) -or [string]::IsNullOrEmpty($APP_IDENTITY_NAME)) {
Write-Host "Can't find POSTGRES_HOST, POSTGRES_USERNAME, and SERVICE_WEB_IDENTITY_NAME environment variables. Make sure you run azd up first."
exit 1
}

python ./src/backend/fastapi_app/setup_postgres_azurerole.py --host $POSTGRES_HOST --username $POSTGRES_USERNAME --app-identity-name $APP_IDENTITY_NAME
python ./src/backend/fastapi_app/setup_postgres_azurerole.py --host $POSTGRES_HOST --username $POSTGRES_USERNAME --app-identity-name $APP_IDENTITY_NAME --sslmode require --tenant-id $AZURE_TENANT_ID
3 changes: 2 additions & 1 deletion scripts/setup_postgres_azurerole.sh
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ if [ $? -ne 0 ]; then
fi
POSTGRES_USERNAME=$(azd env get-value POSTGRES_USERNAME)
APP_IDENTITY_NAME=$(azd env get-value SERVICE_WEB_IDENTITY_NAME)
AZURE_TENANT_ID=$(azd env get-value AZURE_TENANT_ID)

if [ -z "$POSTGRES_HOST" ] || [ -z "$POSTGRES_USERNAME" ] || [ -z "$APP_IDENTITY_NAME" ]; then
echo "Can't find POSTGRES_HOST, POSTGRES_USERNAME, and SERVICE_WEB_IDENTITY_NAME environment variables. Make sure you run azd up first."
Expand All @@ -13,4 +14,4 @@ fi

. ./scripts/load_python_env.sh

.venv/bin/python ./src/backend/fastapi_app/setup_postgres_azurerole.py --host $POSTGRES_HOST --username $POSTGRES_USERNAME --app-identity-name $APP_IDENTITY_NAME
.venv/bin/python ./src/backend/fastapi_app/setup_postgres_azurerole.py --host $POSTGRES_HOST --username $POSTGRES_USERNAME --app-identity-name $APP_IDENTITY_NAME --sslmode require --tenant-id $AZURE_TENANT_ID
3 changes: 2 additions & 1 deletion scripts/setup_postgres_database.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,11 @@ if (-not $?) {
}
$POSTGRES_USERNAME = (azd env get-value POSTGRES_USERNAME)
$POSTGRES_DATABASE = (azd env get-value POSTGRES_DATABASE)
$AZURE_TENANT_ID = (azd env get-value AZURE_TENANT_ID)

if ([string]::IsNullOrEmpty($POSTGRES_HOST) -or [string]::IsNullOrEmpty($POSTGRES_USERNAME) -or [string]::IsNullOrEmpty($POSTGRES_DATABASE)) {
Write-Host "Can't find POSTGRES_HOST, POSTGRES_USERNAME, and POSTGRES_DATABASE environment variables. Make sure you run azd up first."
exit 1
}

python ./src/backend/fastapi_app/setup_postgres_database.py --host $POSTGRES_HOST --username $POSTGRES_USERNAME --database $POSTGRES_DATABASE
python ./src/backend/fastapi_app/setup_postgres_database.py --host $POSTGRES_HOST --username $POSTGRES_USERNAME --database $POSTGRES_DATABASE --sslmode require --tenant-id $AZURE_TENANT_ID
3 changes: 2 additions & 1 deletion scripts/setup_postgres_database.sh
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,8 @@ if [ $? -ne 0 ]; then
fi
POSTGRES_USERNAME=$(azd env get-value POSTGRES_USERNAME)
POSTGRES_DATABASE=$(azd env get-value POSTGRES_DATABASE)
AZURE_TENANT_ID=$(azd env get-value AZURE_TENANT_ID)

. ./scripts/load_python_env.sh

.venv/bin/python ./src/backend/fastapi_app/setup_postgres_database.py --host $POSTGRES_HOST --username $POSTGRES_USERNAME --database $POSTGRES_DATABASE
.venv/bin/python ./src/backend/fastapi_app/setup_postgres_database.py --host $POSTGRES_HOST --username $POSTGRES_USERNAME --database $POSTGRES_DATABASE --sslmode require --tenant-id $AZURE_TENANT_ID
3 changes: 2 additions & 1 deletion scripts/setup_postgres_seeddata.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,11 @@ if (-not $?) {
}
$POSTGRES_USERNAME = (azd env get-value POSTGRES_USERNAME)
$POSTGRES_DATABASE = (azd env get-value POSTGRES_DATABASE)
$AZURE_TENANT_ID = (azd env get-value AZURE_TENANT_ID)

if ([string]::IsNullOrEmpty($POSTGRES_HOST) -or [string]::IsNullOrEmpty($POSTGRES_USERNAME) -or [string]::IsNullOrEmpty($POSTGRES_DATABASE)) {
Write-Host "Can't find POSTGRES_HOST, POSTGRES_USERNAME, and POSTGRES_DATABASE environment variables. Make sure you run azd up first."
exit 1
}

python ./src/backend/fastapi_app/setup_postgres_seeddata.py --host $POSTGRES_HOST --username $POSTGRES_USERNAME --database $POSTGRES_DATABASE
python ./src/backend/fastapi_app/setup_postgres_seeddata.py --host $POSTGRES_HOST --username $POSTGRES_USERNAME --database $POSTGRES_DATABASE --sslmode require --tenant-id $AZURE_TENANT_ID
3 changes: 2 additions & 1 deletion scripts/setup_postgres_seeddata.sh
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,8 @@ if [ $? -ne 0 ]; then
fi
POSTGRES_USERNAME=$(azd env get-value POSTGRES_USERNAME)
POSTGRES_DATABASE=$(azd env get-value POSTGRES_DATABASE)
AZURE_TENANT_ID=$(azd env get-value AZURE_TENANT_ID)

. ./scripts/load_python_env.sh

.venv/bin/python ./src/backend/fastapi_app/setup_postgres_seeddata.py --host $POSTGRES_HOST --username $POSTGRES_USERNAME --database $POSTGRES_DATABASE
.venv/bin/python ./src/backend/fastapi_app/setup_postgres_seeddata.py --host $POSTGRES_HOST --username $POSTGRES_USERNAME --database $POSTGRES_DATABASE --sslmode require --tenant-id $AZURE_TENANT_ID
7 changes: 6 additions & 1 deletion src/backend/fastapi_app/postgres_engine.py
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,12 @@ async def create_postgres_engine_from_env(azure_credential=None) -> AsyncEngine:

async def create_postgres_engine_from_args(args, azure_credential=None) -> AsyncEngine:
if azure_credential is None and args.host.endswith(".database.azure.com"):
azure_credential = AzureDeveloperCliCredential(process_timeout=60)
if tenant_id := args.tenant_id:
logger.info("Authenticating to Azure using Azure Developer CLI Credential for tenant %s", tenant_id)
azure_credential = AzureDeveloperCliCredential(tenant_id=tenant_id, process_timeout=60)
else:
logger.info("Authenticating to Azure using Azure Developer CLI Credential")
azure_credential = AzureDeveloperCliCredential(process_timeout=60)

return await create_postgres_engine(
host=args.host,
Expand Down
1 change: 1 addition & 0 deletions src/backend/fastapi_app/setup_postgres_azurerole.py
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,7 @@ async def main():
# You must connect to the *postgres* database when assigning roles
parser.add_argument("--database", type=str, help="Postgres database", default="postgres")
parser.add_argument("--sslmode", type=str, help="Postgres SSL mode", default=None)
parser.add_argument("--tenant-id", type=str, help="Azure tenant ID", default=None)
parser.add_argument("--app-identity-name", type=str, help="Azure App Service identity name")

args = parser.parse_args()
Expand Down
1 change: 1 addition & 0 deletions src/backend/fastapi_app/setup_postgres_database.py
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ async def main():
parser.add_argument("--password", type=str, help="Postgres password")
parser.add_argument("--database", type=str, help="Postgres database")
parser.add_argument("--sslmode", type=str, help="Postgres sslmode")
parser.add_argument("--tenant-id", type=str, help="Azure tenant ID", default=None)

# if no args are specified, use environment variables
args = parser.parse_args()
Expand Down
1 change: 1 addition & 0 deletions src/backend/fastapi_app/setup_postgres_seeddata.py
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,7 @@ async def main():
parser.add_argument("--password", type=str, help="Postgres password")
parser.add_argument("--database", type=str, help="Postgres database")
parser.add_argument("--sslmode", type=str, help="Postgres sslmode")
parser.add_argument("--tenant-id", type=str, help="Azure tenant ID", default=None)

# if no args are specified, use environment variables
args = parser.parse_args()
Expand Down
Loading