fixes for the github reusable workflow deploy

Azure · Jul 20, 2022 · 03311e3 · 03311e3
1 parent 8ead24a
commit 03311e3
Show file tree

Hide file tree

Showing 4 changed files with 14 additions and 11 deletions.
diff --git a/helper/src/components/addonsTab.js b/helper/src/components/addonsTab.js
@@ -248,7 +248,7 @@ export default function ({ tabValues, updateFn, featureFlag, invalidArray }) {
                 {addons.azurepolicy !== 'none' &&
                 <Stack.Item align="center" styles={{ root: { maxWidth: '700px'}}}>
                     <Dropdown
-                        label="Pod Security Policy"
+                        label="Azure Policy Initiative"
                         onChange={(ev, { key }) => updateFn("azurePolicyInitiative", key)} selectedKey={addons.azurePolicyInitiative}
                         styles={{ root: {  marginTop: '20px', marginLeft: '100px', width: '700px' } }}
                         options={[

diff --git a/helper/src/components/appsTab.js b/helper/src/components/appsTab.js
@@ -9,13 +9,13 @@ export default function AppsTab({  tabValues }) {
     const aks = `aks-${deploy.clusterName}`
 
     const deploycmd = `
-# Build app
+# Build app using ACR Tasks and Private Pools (ACR Preview)
 export ACRNAME=$(az acr list -g ${deploy.rg} --query [0].name -o tsv)
 az acr build -r $ACRNAME -t openjdk-demo:0.0.1  ${net.vnetprivateend ? "--agent-pool private-pool" : ""} https://github.com/Azure-Samples/java-aks-keyvault-tls.git
 
 
 
-# Create backend Certificate in KeyVault
+# Create backend self-signed Certificate in KeyVault
 export KVNAME=$(az keyvault list -g ${deploy.rg} --query [0].name -o tsv)
 export COMMON_NAME=openjdk-demo
 az keyvault certificate create --vault-name $KVNAME -n $COMMON_NAME -p "$(az keyvault certificate get-default-policy | sed -e s/CN=CLIGetDefaultPolicy/CN=$\{COMMON_NAME}/g )"
@@ -35,7 +35,7 @@ az network application-gateway root-cert create \\
 # Install
 export APPNAME=openjdk-demo
 ${cluster.apisecurity === "private" ? `az aks command invoke -g ${deploy.rg} -n ${aks}  --command "` : ``}
-helm upgrade --install $APPNAME https://github.com/Azure-Samples/java-aks-keyvault-tls/blob/main/helm/openjdk-demo-3.5.0.tgz?raw=true \\
+helm upgrade --install $APPNAME https://github.com/Azure-Samples/java-aks-keyvault-tls/blob/main/helm/openjdk-demo-3.6.1.tgz?raw=true \\
   --set ingressType=${addons.ingress} \\
   --set letsEncrypt.issuer=letsencrypt-prod \\
   --set image.repository=$\{ACRNAME}.azurecr.io/openjdk-demo \\

diff --git a/helper/src/components/deployTab.js b/helper/src/components/deployTab.js
@@ -396,7 +396,7 @@ az role assignment create --role "Managed Identity Operator" --assignee-principa
           }
         </PivotItem>
 
-        <PivotItem headerText="Github CI/CD" itemKey="github" itemIcon="ConfigurationSolid">
+        <PivotItem headerText="Github Actions" itemKey="github" itemIcon="GitGraph">
             <Stack horizontal>
               <Stack.Item>
                 <Stack>
@@ -445,16 +445,17 @@ on:
 jobs:
   reusable_workflow_job:
     uses: Azure/AKS-Construction/.github/workflows/AKSC_Deploy.yml@main
-    with:
+    with:` + (deploy.selectedTemplate !== 'local' ? `
+      templateVersion: ${deploy.selectedTemplate}` : '') + `
       rg: ${deploy.rg}
       resourceName: ${finalParams.resourceName}
-      templateParams: "${Object.keys(finalParams).map(k => {
+      templateParams: ${Object.keys(finalParams).map(k => {
           const val = finalParams[k]
-          const targetVal = k.endsWith('PrincipalId')? '_USER_OBJECT_ID_' : ( Array.isArray(val) ? JSON.stringify(JSON.stringify(val)) : val)
+          const targetVal = k.endsWith('PrincipalId')? '_USER_OBJECT_ID_' : ( Array.isArray(val) ? JSON.stringify(val) : val)
           return `${k}=${targetVal}`
-      }).join(' ')}"` +
+      }).join(' ')}` +
       (Object.keys(post_params).length >0 ? (cluster.apisecurity === "private" ? '\n      postScriptInvokeCommand: true' : '') +  `
-      postScriptParams: "${Object.keys(post_params).filter(k => k !== 'KubeletId' && k !== 'TenantId').map(k => `${k}=${post_params[k]}`).join(',')}"` : '') + `
+      postScriptParams: "${Object.keys(post_params).filter(k => k !== 'KubeletId' && k !== 'TenantId' && k !== 'acrName').map(k => `${k}=${post_params[k]}`).join(',')}"` : '') + `
     secrets:
       AZURE_CLIENT_ID: \${{ secrets.AZURE_CLIENT_ID }}
       AZURE_TENANT_ID: \${{ secrets.AZURE_TENANT_ID }}

diff --git a/postdeploy/scripts/postdeploy.sh b/postdeploy/scripts/postdeploy.sh
@@ -236,9 +236,11 @@ if [ "$monitor" = "oss" ]; then
 fi
 
 ingressClass=$ingress
+legacyIngressClass=$ingress
 # https://azure.github.io/application-gateway-kubernetes-ingress/ingress-v1/
 if [ "$ingress" = "appgw" ]; then
     ingressClass="azure-application-gateway"
+    legacyIngressClass="azure/application-gateway"
 fi
 
 prometheus_namespace="monitoring"
@@ -352,7 +354,7 @@ if [ "$certEmail" ]; then
 
     helm upgrade --install letsencrypt-issuer ${release_version:-./postdeploy/helm}/Az-CertManagerIssuer-0.3.0.tgz \
         --set email=${certEmail}  \
-        --set ingressClass=${ingressClass}
+        --set ingressClass=${legacyIngressClass}
 fi