Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix workload zone remediation logic #710

Merged
merged 1 commit into from
Jan 30, 2025
Merged

Fix workload zone remediation logic #710

merged 1 commit into from
Jan 30, 2025
+14 −11

Conversation

SteffenBoThomsen
Copy link
Contributor

This PR fixes the remediation logic for storage account, which is needed to upgrade the provider with the data_plane_available setting.

  • This ensures that the az cli commands run against the right subscription, as it's authenticated against the state storage subscription, it fails to resolve the resource group from the target workload zone.
  • This increases the robustness of the backwards compatibility, in cases where it's been a while since the last re-deployment of a workload zone, there might be introduced changes to resource properties, which then fails the terraform state show without a failure message, as the subsequent grep and cut results in a empty string as the resourceId. The fix is to use other means, like the az cli to query the resource id or where possible use the terraform state output.
  • This also streamlines the way storage accounts are handled.
  • Further it's changed to use export STORAGE_ACCOUNT_ID as setting the azureResourceID only worked by chance, as it was overwritten by the function ReplaceResourceInStateFile

To increase readability and robustness, the function ReplaceResourceInStateFile should be updated to not rely on being aware of context outside it's scope and instead take the STORAGE_ACCOUNT_ID as direct input.

@SteffenBoThomsen
Fix the logic around remediation of the storage accounts, currently i…

Verified

This commit was signed with the committer’s verified signature.
SteffenBoThomsen Steffen Bo Thomsen
GPG key ID: 955D60B323C9B470
Verified
Learn about vigilant mode
Loading
Loading status checks…
6f7ce73 
…f there is a large(r) gap in re deployments of the workload zones, changes to terraform properties break the current solution. This ensures that we get the right resourceIds to re-import, by:

1. Being more specific in the az command target subscription
2. By querying the terraform output for output variables that have been there for a longer SDAF version span.
@SteffenBoThomsen SteffenBoThomsen requested a review from a team as a code owner January 30, 2025 07:59
@SteffenBoThomsen SteffenBoThomsen requested review from nnoaman and removed request for a team January 30, 2025 07:59
@KimForss KimForss self-requested a review January 30, 2025 09:32
@KimForss KimForss merged commit 8b5d28e into Azure:development Jan 30, 2025
9 checks passed
KimForss pushed a commit to KimForss/sap-automation that referenced this pull request Feb 5, 2025
@SteffenBoThomsen
Fix the logic around remediation of the storage accounts, currently i…
9e5915a 
…f there is a large(r) gap in re deployments of the workload zones, changes to terraform properties break the current solution. This ensures that we get the right resourceIds to re-import, by: (Azure#710)

1. Being more specific in the az command target subscription
2. By querying the terraform output for output variables that have been there for a longer SDAF version span.
daradicscsaba pushed a commit to daradicscsaba/sap-automation that referenced this pull request Feb 13, 2025
@SteffenBoThomsen
Fix the logic around remediation of the storage accounts, currently i…

Unverified

No user is associated with the committer email.
Learn about vigilant mode
bbb8250 
…f there is a large(r) gap in re deployments of the workload zones, changes to terraform properties break the current solution. This ensures that we get the right resourceIds to re-import, by: (Azure#710)

1. Being more specific in the az command target subscription
2. By querying the terraform output for output variables that have been there for a longer SDAF version span.
KimForss pushed a commit to KimForss/sap-automation that referenced this pull request Feb 24, 2025
Squashed commit of the following:
Loading
Loading status checks…
34bb3ec 
commit 2b97ab5
Merge: dee9a7c 5e0d97c
Author: Kimmo Forss <kimmo.forss@microsoft.com>
Date:   Mon Feb 24 19:11:28 2025 +0200

    Merge branch 'Azure:development' into development

commit 5e0d97c
Author: Kimmo Forss <kimmo.forss@microsoft.com>
Date:   Mon Feb 24 19:10:41 2025 +0200

    Hotfix temp infrastructure (Azure#722)

    * Refactor infrastructure variable usage in Terraform modules
    * Update subnet handling in Terraform modules to use IDs for web subnet deployment
    * Simplify the subnet logic
    * Refactor variable names for clarity in Terraform subnet configuration
    * Update subnet variable names for clarity in Terraform configuration
    * Refactor subnet variable names for consistency in Terraform configuration
    * Refactor subnet configuration for improved readability in Terraform

    ---------

    Co-authored-by: Kimmo Forss <kimforss@microsoft.com>

commit dee9a7c
Merge: f1e456a ae4388a
Author: Kimmo Forss <kimmo.forss@microsoft.com>
Date:   Fri Feb 21 10:09:29 2025 +0200

    Merge branch 'Azure:development' into development

commit ae4388a
Author: pkrcm <philipp.kruczkowski@cloud-motion.de>
Date:   Wed Feb 19 20:07:18 2025 +0100

    Pull Request: Enable Encryption at Host for All Terraform VM Modules (Azure#714)

    * Added the capability to enable "encryption at host" for all virtual machines (deployer, landscape, system)
    Variable value is passed on as part of local.deployer or local.temp_infrastructure

commit f1e456a
Author: Kimmo Forss <kimforss@microsoft.com>
Date:   Tue Feb 18 13:34:35 2025 +0200

    Merge branch 'main'

commit dc40a0e
Author: Kimmo Forss <kimforss@microsoft.com>
Date:   Tue Feb 18 13:34:19 2025 +0200

    Merge commit '9c400857f6653df7dbedea9b37db1a7eea3a36c5'

commit 7d2e564
Merge: 65030b5 efe6f3b
Author: Kimmo Forss <kimforss@microsoft.com>
Date:   Tue Feb 18 13:30:12 2025 +0200

    Merge branch 'development' of https://github.com/KimForss/sap-automation into development

commit efe6f3b
Author: Steffen Bo Thomsen <steffen.bo.thomsen@lego.com>
Date:   Tue Feb 18 12:26:09 2025 +0100

    Fix sybase standalone deployment (Azure#715)

    * When deploying a standalone sybase database using NFS_provider NONE, the mounts fail, as it tries to mount the exported /sapmnt from the SCS onto the sybase node_tier, those are the same host in a standalone deployment.

    * Ensure that web_subnet_deployed doesn't fail when doing a standalone deployment by checking that local.enable_deployment is set.

commit 31eee39
Merge: 8b5d28e d9d17fd
Author: Kimmo Forss <kimforss@microsoft.com>
Date:   Wed Feb 5 14:47:32 2025 +0200

    Merge branch 'main' of https://github.com/Azure/sap-automation into development

commit d9d17fd
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Thu Jan 30 11:56:35 2025 +0000

    Bump github/codeql-action from 3.28.6 to 3.28.8

    Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.6 to 3.28.8.
    - [Release notes](https://github.com/github/codeql-action/releases)
    - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
    - [Commits](github/codeql-action@17a820b...dd74661)

    ---
    updated-dependencies:
    - dependency-name: github/codeql-action
      dependency-type: direct:production
      update-type: version-update:semver-patch
    ...

    Signed-off-by: dependabot[bot] <support@github.com>

commit 8400c56
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Tue Jan 28 11:44:52 2025 +0000

    Bump actions/setup-python from 5.3.0 to 5.4.0

    Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.3.0 to 5.4.0.
    - [Release notes](https://github.com/actions/setup-python/releases)
    - [Commits](actions/setup-python@0b93645...4237552)

    ---
    updated-dependencies:
    - dependency-name: actions/setup-python
      dependency-type: direct:production
      update-type: version-update:semver-minor
    ...

    Signed-off-by: dependabot[bot] <support@github.com>

commit 8b5d28e
Author: Steffen Bo Thomsen <steffen.bo.thomsen@lego.com>
Date:   Thu Jan 30 10:57:39 2025 +0100

    Fix the logic around remediation of the storage accounts, currently if there is a large(r) gap in re deployments of the workload zones, changes to terraform properties break the current solution. This ensures that we get the right resourceIds to re-import, by: (Azure#710)

    1. Being more specific in the az command target subscription
    2. By querying the terraform output for output variables that have been there for a longer SDAF version span.

commit 9e65e35
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Tue Jan 28 06:22:02 2025 +0000

    Bump github/codeql-action from 3.28.3 to 3.28.6

    Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.3 to 3.28.6.
    - [Release notes](https://github.com/github/codeql-action/releases)
    - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
    - [Commits](github/codeql-action@dd196fa...17a820b)

    ---
    updated-dependencies:
    - dependency-name: github/codeql-action
      dependency-type: direct:production
      update-type: version-update:semver-patch
    ...

    Signed-off-by: dependabot[bot] <support@github.com>

commit 9e17cdd
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Fri Jan 24 12:01:49 2025 +0000

    Bump Azure.Identity, Microsoft.Identity.Web and Microsoft.Identity.Web.UI

    Bumps [Azure.Identity](https://github.com/Azure/azure-sdk-for-net), [Microsoft.Identity.Web](https://github.com/AzureAD/microsoft-identity-web) and [Microsoft.Identity.Web.UI](https://github.com/AzureAD/microsoft-identity-web). These dependencies needed to be updated together.

    Updates `Azure.Identity` from 1.13.2 to 1.11.4
    - [Release notes](https://github.com/Azure/azure-sdk-for-net/releases)
    - [Commits](Azure/azure-sdk-for-net@Azure.Identity_1.13.2...Azure.Identity_1.11.4)

    Updates `Microsoft.Identity.Web` from 3.6.2 to 3.6.2
    - [Release notes](https://github.com/AzureAD/microsoft-identity-web/releases)
    - [Changelog](https://github.com/AzureAD/microsoft-identity-web/blob/master/changelog.md)
    - [Commits](AzureAD/microsoft-identity-web@3.6.2...3.6.2)

    Updates `Microsoft.Identity.Web.UI` from 3.6.1 to 3.6.2
    - [Release notes](https://github.com/AzureAD/microsoft-identity-web/releases)
    - [Changelog](https://github.com/AzureAD/microsoft-identity-web/blob/master/changelog.md)
    - [Commits](AzureAD/microsoft-identity-web@3.6.1...3.6.2)

    ---
    updated-dependencies:
    - dependency-name: Azure.Identity
      dependency-type: direct:production
      update-type: version-update:semver-minor
    - dependency-name: Microsoft.Identity.Web
      dependency-type: direct:production
      update-type: version-update:semver-patch
    - dependency-name: Microsoft.Identity.Web.UI
      dependency-type: direct:production
      update-type: version-update:semver-patch
    ...

    Signed-off-by: dependabot[bot] <support@github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@KimForss KimForss

@nnoaman nnoaman

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@SteffenBoThomsen @KimForss