def executeAction(self,
parameters_file=None,
ws=None,
azure_credentials=None,
azure_computeTarget=None):
try:
azure_credentials = json.loads(azure_credentials)
except JSONDecodeError:
print(
"::error::Please paste output of `az ad sp create-for-rbac --name <your-sp-name> --role contributor --scopes /subscriptions/<your-subscriptionId>/resourceGroups/<your-rg> --sdk-auth` as value of secret variable: AZURE_CREDENTIALS"
)
raise AMLConfigurationException(
f"Incorrect or poorly formed output from azure credentials saved in AZURE_CREDENTIALS secret. See setup in https://github.com/Azure/aml-compute/blob/master/README.md"
)
# Checking provided parameters
print("::debug::Checking provided parameters")
required_parameters_provided(
parameters=azure_credentials,
keys=["tenantId", "clientId", "clientSecret"],
message=
"Required parameter(s) not found in your azure credentials saved in AZURE_CREDENTIALS secret for logging in to the workspace. Please provide a value for the following key(s): "
)
compute_target = ComputeTarget(workspace=ws, name=azure_computeTarget)
print(
f"::debug::Found compute target with same name. Not updating the compute target: {compute_target.serialize()}"
)
print(
"::debug::Successfully finished Azure Machine Learning Compute Action"
)
return compute_target
def test_required_parameters_provided_valid_inputs():
"""
Unit test to check the required_parameters_provided function with valid inputs
"""
parameters = {}
keys = []
required_parameters_provided(
parameters=parameters,
keys=keys
)
def executeAction(self,parameters_file,azure_credentials,azureml_workSpaceName,azureml_createWSIfNotExist):
try:
azure_credentials = json.loads(azure_credentials)
except JSONDecodeError:
print("::error::Please paste output of `az ad sp create-for-rbac --name <your-sp-name> --role contributor --scopes /subscriptions/<your-subscriptionId>/resourceGroups/<your-rg> --sdk-auth` as value of secret variable: AZURE_CREDENTIALS. The JSON should include the following keys: 'tenantId', 'clientId', 'clientSecret' and 'subscriptionId'.")
raise AMLConfigurationException(f"Incorrect or poorly formed output from azure credentials saved in AZURE_CREDENTIALS secret. See setup in https://github.com/Azure/aml-workspace/blob/master/README.md")
# Checking provided parameters
print("::debug::Checking provided parameters")
required_parameters_provided(
parameters=azure_credentials,
keys=["tenantId", "clientId", "clientSecret", "subscriptionId"],
message="Required parameter(s) not found in your azure credentials saved in AZURE_CREDENTIALS secret for logging in to the workspace. Please provide a value for the following key(s): "
)
if (azureml_workSpaceName == None) or len(azureml_workSpaceName) == 0:
raise AMLConfigurationException("WorkSpace Name must be provided")
# Loading Workspace
sp_auth = ServicePrincipalAuthentication(
tenant_id=azure_credentials.get("tenantId", ""),
service_principal_id=azure_credentials.get("clientId", ""),
service_principal_password=azure_credentials.get("clientSecret", "")
)
try:
print("::debug::Loading existing Workspace")
ws = Workspace.get(
name=azureml_workSpaceName,
subscription_id=azure_credentials.get("subscriptionId", ""),
auth=sp_auth
)
print("::debug::Successfully loaded existing Workspace")
print(ws)
except AuthenticationException as exception:
print(f"::error::Could not retrieve user token. Please paste output of `az ad sp create-for-rbac --name <your-sp-name> --role contributor --scopes /subscriptions/<your-subscriptionId>/resourceGroups/<your-rg> --sdk-auth` as value of secret variable: AZURE_CREDENTIALS: {exception}")
raise AuthenticationException
except AuthenticationError as exception:
print(f"::error::Microsoft REST Authentication Error: {exception}")
raise AuthenticationException
except AdalError as exception:
print(f"::error::Active Directory Authentication Library Error: {exception}")
raise AdalError
except ProjectSystemException as exception:
print(f"::error::Workspace authorizationfailed: {exception}")
raise ProjectSystemException
except WorkspaceException as exception:
print(f"::debug::Loading existing Workspace failed: {exception}")
return ws;
def test_required_parameters_provided_invalid_keys():
"""
Unit test to check the required_parameters_provided function with invalid keys
"""
parameters = {}
keys = ["test"]
with pytest.raises(AMLConfigurationException):
assert required_parameters_provided(
parameters=parameters,
keys=keys
)
def main():
# # Loading input values
# print("::debug::Loading input values")
template_file = os.environ.get("INPUT_ARMTEMPLATE_FILE",
default="arm_deploy.json")
template_params_file = os.environ.get("INPUT_ARMTEMPLATEPARAMS_FILE",
default="")
azure_credentials = os.environ.get("INPUT_AZURE_CREDENTIALS", default="{}")
resource_group = os.environ.get("INPUT_RESOURCE_GROUP", default=None)
mapped_params = os.environ.get("INPUT_MAPPED_PARAMS", default="{}")
deployment_mode = os.environ.get("INPUT_DEPLOYMENT_MODE",
default="Incremental")
deploy_enum = get_deploy_mode_obj(deployment_mode)
try:
azure_credentials = json.loads(azure_credentials)
except JSONDecodeError:
print(
"::error::Please paste output of `az ad sp create-for-rbac --name <your-sp-name> --role contributor --scopes /subscriptions/<your-subscriptionId>/resourceGroups/<your-rg> --sdk-auth` as value of secret variable: AZURE_CREDENTIALS"
)
raise AMLConfigurationException(
f"Incorrect or poorly formed output from azure credentials saved in AZURE_CREDENTIALS secret. See setup in https://github.com/Azure/aml-workspace/blob/master/README.md"
)
try:
mapped_params = json.loads(mapped_params)
except JSONDecodeError:
print(
"::error::Incorrect mapped parameters Format , please put mapped parameters strings like this {\"patToken\":\"${{secrets.PAT_TOKEN}}\", .... }"
)
raise AMLConfigurationException(
f"Incorrect or poorly formed mapped params. See setup in https://github.com/Azure/aml_configure/blob/master/README.md"
)
if not resource_group:
raise AMLConfigurationException(f"A resource group must be provided")
# Checking provided parameters
print("::debug::Checking provided parameters")
required_parameters_provided(
parameters=azure_credentials,
keys=["tenantId", "clientId", "clientSecret"],
message=
"Required parameter(s) not found in your azure credentials saved in AZURE_CREDENTIALS secret for logging in to the workspace. Please provide a value for the following key(s): "
)
# # Loading parameters file
# print("::debug::Loading parameters file")
template_file_file_path = os.path.join(".cloud", ".azure", template_file)
# Mask values
print("::debug::Masking parameters")
mask_parameter(parameter=azure_credentials.get("tenantId", ""))
mask_parameter(parameter=azure_credentials.get("clientId", ""))
mask_parameter(parameter=azure_credentials.get("clientSecret", ""))
#mask_parameter(parameter=azure_credentials.get("subscriptionId", ""))
# Login User on CLI
tenant_id = azure_credentials.get("tenantId", "")
service_principal_id = azure_credentials.get("clientId", "")
service_principal_password = azure_credentials.get("clientSecret", "")
subscriptionId = azure_credentials.get("subscriptionId", "")
parameters = get_template_parameters(template_params_file, mapped_params)
credentials = None
try:
credentials = ServicePrincipalCredentials(
client_id=service_principal_id,
secret=service_principal_password,
tenant=tenant_id)
except Exception as ex:
raise CredentialsVerificationError(ex)
client = None
try:
client = ResourceManagementClient(credentials, subscriptionId)
except Exception as ex:
raise ResourceManagementError(ex)
template = None
with open(template_file_file_path, 'r') as template_file_fd:
template = json.load(template_file_fd)
deployment_properties = {
'properties': {
'mode': deploy_enum,
'template': template,
'parameters': parameters
}
}
deployment_async_operation = None
try:
validate = client.deployments.validate(resource_group, "azure-sample",
deployment_properties)
validate.wait()
except Exception as ex:
raise ActionDeploymentError(ex)
try:
deployment_async_operation = client.deployments.create_or_update(
resource_group, 'azure-sample', deployment_properties)
deployment_async_operation.wait()
except Exception as ex:
raise ActionDeploymentError(ex)
print("Deployment done")
print(deployment_async_operation)
print("next----------")
print(deployment_async_operation.result())
print("next----------")
print(deployment_async_operation.result().properties)
def main():
# # Loading input values
# print("::debug::Loading input values")
template_file = os.environ.get("INPUT_ARMTEMPLATE_FILE",
default="deploy.json")
template_params_file = os.environ.get("INPUT_ARMTEMPLATEPARAMS_FILE",
default="deploy.params.json")
azure_credentials = os.environ.get("INPUT_AZURE_CREDENTIALS", default="{}")
resource_group = os.environ.get("INPUT_RESOURCE_GROUP",
default="newresource_group")
repo_PatToken = os.environ.get("INPUT_PATTOKEN", default="")
self_repoName = os.environ.get("INPUT_GITREPO", default="")
try:
azure_credentials = json.loads(azure_credentials)
except JSONDecodeError:
print(
"::error::Please paste output of `az ad sp create-for-rbac --name <your-sp-name> --role contributor --scopes /subscriptions/<your-subscriptionId>/resourceGroups/<your-rg> --sdk-auth` as value of secret variable: AZURE_CREDENTIALS"
)
raise AMLConfigurationException(
f"Incorrect or poorly formed output from azure credentials saved in AZURE_CREDENTIALS secret. See setup in https://github.com/Azure/aml-workspace/blob/master/README.md"
)
# Checking provided parameters
print("::debug::Checking provided parameters")
required_parameters_provided(
parameters=azure_credentials,
keys=["tenantId", "clientId", "clientSecret"],
message=
"Required parameter(s) not found in your azure credentials saved in AZURE_CREDENTIALS secret for logging in to the workspace. Please provide a value for the following key(s): "
)
# # Loading parameters file
# print("::debug::Loading parameters file")
template_file_file_path = os.path.join(".cloud", ".azure", template_file)
template_params_file_path = os.path.join(".cloud", ".azure",
template_params_file)
# Mask values
print("::debug::Masking parameters")
mask_parameter(parameter=azure_credentials.get("tenantId", ""))
mask_parameter(parameter=azure_credentials.get("clientId", ""))
mask_parameter(parameter=azure_credentials.get("clientSecret", ""))
#mask_parameter(parameter=azure_credentials.get("subscriptionId", ""))
# Login User on CLI
tenant_id = azure_credentials.get("tenantId", "")
service_principal_id = azure_credentials.get("clientId", "")
service_principal_password = azure_credentials.get("clientSecret", "")
subscriptionId = azure_credentials.get("subscriptionId", "")
command = (
"az login --service-principal --username {APP_ID} --password \"{PASSWORD}\" --tenant {TENANT_ID}"
).format(APP_ID=service_principal_id,
PASSWORD=service_principal_password,
TENANT_ID=tenant_id)
try:
login_result = subprocess.check_output(command, shell=True)
print(login_result)
except Exception as ex:
print(ex)
return
success = False
try:
jsonobject = None
with open(template_params_file_path, "r") as f:
jsonobject = json.load(f)
jsonobject["parameters"]["subscriptionID"]["value"] = subscriptionId
jsonobject["parameters"]["repo_name"]["value"] = self_repoName
jsonobject["parameters"]["pat_token"]["value"] = repo_PatToken
with open(template_params_file_path, "w") as f:
json.dump(jsonobject, f)
success = True
except Exception as ex:
print("error while updating parameters")
return
if success:
print(
deploy_functionApp(template_file_file_path,
template_params_file_path, resource_group))
def test_required_credential_parameters_specified():
parameters = get_sample_credentials(),
keys = ["tenantId", "WrongclientId", "clientSecret"],
message = "Test Message"
with pytest.raises(AMLConfigurationException):
required_parameters_provided(parameters, keys, message)
def main():
# # Loading input values
print("::debug::Loading input values")
template_file = os.environ.get("INPUT_ARMTEMPLATE_FILE",
default="deploy.json")
template_params_file = os.environ.get("INPUT_ARMTEMPLATEPARAMS_FILE",
default="deploy.params.json")
azure_credentials = os.environ.get("INPUT_AZURE_CREDENTIALS", default="{}")
resource_group = os.environ.get("INPUT_RESOURCE_GROUP",
default="newresource_group")
print(azure_credentials)
print("0--------------------------------------")
try:
azure_credentials = json.loads(azure_credentials)
print(azure_credentials)
except JSONDecodeError:
print(
"::error::Please paste output of `az ad sp create-for-rbac --name <your-sp-name> --role contributor --scopes /subscriptions/<your-subscriptionId>/resourceGroups/<your-rg> --sdk-auth` as value of secret variable: AZURE_CREDENTIALS"
)
raise AMLConfigurationException(
f"Incorrect or poorly formed output from azure credentials saved in AZURE_CREDENTIALS secret. See setup in https://github.com/Azure/aml-workspace/blob/master/README.md"
)
print("1--------------------------------------")
# Checking provided parameters
print("::debug::Checking provided parameters")
required_parameters_provided(
parameters=azure_credentials,
keys=["tenantId", "clientId", "clientSecret"],
message=
"Required parameter(s) not found in your azure credentials saved in AZURE_CREDENTIALS secret for logging in to the workspace. Please provide a value for the following key(s): "
)
print("2--------------------------------------")
# Mask values
print("::debug::Masking parameters")
mask_parameter(parameter=azure_credentials.get("tenantId", ""))
mask_parameter(parameter=azure_credentials.get("clientId", ""))
mask_parameter(parameter=azure_credentials.get("clientSecret", ""))
mask_parameter(parameter=azure_credentials.get("subscriptionId", ""))
print("3--------------------------------------")
# Loading parameters file
print("::debug::Loading parameters file")
template_file_file_path = os.path.join(".cloud", ".azure", template_file)
template_params_file_path = os.path.join(".cloud", ".azure",
template_params_file)
print("4--------------------------------------")
tenant_id = azure_credentials.get("tenantId", "")
service_principal_id = azure_credentials.get("clientId", "")
service_principal_password = azure_credentials.get("clientSecret", "")
print(service_principal_password)
#command = ('az login --service-principal --username {APP_ID} --password {PASSWORD} --tenant {TENANT_ID}').format(
# APP_ID=service_principal_id, PASSWORD=service_principal_password, TENANT_ID=tenant_id)
command = 'az login --service-principal --username "ab96606e-49a7-45d3-a575-5172e11fdb7f" --password "^s:e6b4uCMXxN168t+i?[f](`E~8YeAP" --tenant "2d1aba9c-5938-402b-90b9-72a284a4bced"'
try:
app_create = subprocess.check_output(command, shell=True)
print(app_create)
except Exception as ex:
print(ex)
print(
deploy_functionApp(template_file_file_path, template_params_file_path,
resource_group))
def main():
# Loading azure credentials
print("::debug::Loading azure credentials")
azure_credentials = os.environ.get("INPUT_AZURE_CREDENTIALS", default="{}")
try:
azure_credentials = json.loads(azure_credentials)
except JSONDecodeError:
print(
"::error::Please paste output of `az ad sp create-for-rbac --name <your-sp-name> --role contributor --scopes /subscriptions/<your-subscriptionId>/resourceGroups/<your-rg> --sdk-auth` as value of secret variable: AZURE_CREDENTIALS. The JSON should include the following keys: 'tenantId', 'clientId', 'clientSecret' and 'subscriptionId'."
)
raise AMLConfigurationException(
"Incorrect or poorly formed output from azure credentials saved in AZURE_CREDENTIALS secret. See setup in https://github.com/Azure/aml-workspace/blob/master/README.md"
)
# Checking provided parameters
print("::debug::Checking provided parameters")
validate_json(data=azure_credentials,
schema=azure_credentials_schema,
input_name="AZURE_CREDENTIALS")
# Mask values
print("::debug::Masking parameters")
mask_parameter(parameter=azure_credentials.get("tenantId", ""))
mask_parameter(parameter=azure_credentials.get("clientId", ""))
mask_parameter(parameter=azure_credentials.get("clientSecret", ""))
mask_parameter(parameter=azure_credentials.get("subscriptionId", ""))
# Loading parameters file
print("::debug::Loading parameters file")
parameters_file = os.environ.get("INPUT_PARAMETERS_FILE",
default="compute.json")
parameters_file_path = os.path.join(".cloud", ".azure", parameters_file)
try:
with open(parameters_file_path) as f:
parameters = json.load(f)
except FileNotFoundError:
print(
f"::debug::Could not find parameter file in {parameters_file_path}. Please provide a parameter file in your repository if you do not want to use default settings (e.g. .cloud/.azure/compute.json)."
)
parameters = {}
# Checking provided parameters
print("::debug::Checking provided parameters")
validate_json(data=parameters,
schema=parameters_schema,
input_name="PARAMETERS_FILE")
# Define target cloud
if azure_credentials.get(
"resourceManagerEndpointUrl",
"").startswith("https://management.usgovcloudapi.net"):
cloud = "AzureUSGovernment"
elif azure_credentials.get(
"resourceManagerEndpointUrl",
"").startswith("https://management.chinacloudapi.cn"):
cloud = "AzureChinaCloud"
else:
cloud = "AzureCloud"
# Loading Workspace
print("::debug::Loading AML Workspace")
sp_auth = ServicePrincipalAuthentication(
tenant_id=azure_credentials.get("tenantId", ""),
service_principal_id=azure_credentials.get("clientId", ""),
service_principal_password=azure_credentials.get("clientSecret", ""),
cloud=cloud)
config_file_path = os.environ.get("GITHUB_WORKSPACE",
default=".cloud/.azure")
config_file_name = "aml_arm_config.json"
try:
ws = Workspace.from_config(path=config_file_path,
_file_name=config_file_name,
auth=sp_auth)
except AuthenticationException as exception:
print(
f"::error::Could not retrieve user token. Please paste output of `az ad sp create-for-rbac --name <your-sp-name> --role contributor --scopes /subscriptions/<your-subscriptionId>/resourceGroups/<your-rg> --sdk-auth` as value of secret variable: AZURE_CREDENTIALS: {exception}"
)
raise AuthenticationException
except AuthenticationError as exception:
print(f"::error::Microsoft REST Authentication Error: {exception}")
raise AuthenticationError
except AdalError as exception:
print(
f"::error::Active Directory Authentication Library Error: {exception}"
)
raise AdalError
except ProjectSystemException as exception:
print(f"::error::Workspace authorizationfailed: {exception}")
raise ProjectSystemException
# Loading compute target
try:
# Default compute target name
repository_name = os.environ.get("GITHUB_REPOSITORY").split(
"/")[-1][:16] # names can be max 16 characters
print("::debug::Loading existing compute target")
compute_target = ComputeTarget(workspace=ws,
name=parameters.get(
"name", repository_name))
print(
f"::debug::Found compute target with same name. Not updating the compute target: {compute_target.serialize()}"
)
except ComputeTargetException:
print(
"::debug::Could not find existing compute target with provided name"
)
# Checking provided parameters
print("::debug::Checking provided parameters")
required_parameters_provided(
parameters=parameters,
keys=["compute_type"],
message=
"Required parameter(s) not found in your parameters file for creating a compute target. Please provide a value for the following key(s): "
)
print("::debug::Creating new compute target")
compute_type = parameters.get("compute_type", "")
print(f"::debug::Compute type listed is{compute_type}")
if compute_type == "amlcluster":
compute_target = create_aml_cluster(workspace=ws,
parameters=parameters)
print(
f"::debug::Successfully created AML cluster: {compute_target.serialize()}"
)
elif compute_type == "akscluster":
compute_target = create_aks_cluster(workspace=ws,
parameters=parameters)
print(
f"::debug::Successfully created AKS cluster: {compute_target.serialize()}"
)
else:
print(f"::error::Compute type '{compute_type}' is not supported")
raise AMLConfigurationException(
f"Compute type '{compute_type}' is not supported.")
print(
"::debug::Successfully finished Azure Machine Learning Compute Action")
def executeAction(self, parameters_file, azure_credentials,
azureml_workSpaceName, azureml_createWSIfNotExist):
try:
azure_credentials = json.loads(azure_credentials)
except JSONDecodeError:
print(
"::error::Please paste output of `az ad sp create-for-rbac --name <your-sp-name> --role contributor --scopes /subscriptions/<your-subscriptionId>/resourceGroups/<your-rg> --sdk-auth` as value of secret variable: AZURE_CREDENTIALS. The JSON should include the following keys: 'tenantId', 'clientId', 'clientSecret' and 'subscriptionId'."
)
raise AMLConfigurationException(
f"Incorrect or poorly formed output from azure credentials saved in AZURE_CREDENTIALS secret. See setup in https://github.com/Azure/aml-workspace/blob/master/README.md"
)
# Checking provided parameters
print("::debug::Checking provided parameters")
required_parameters_provided(
parameters=azure_credentials,
keys=["tenantId", "clientId", "clientSecret", "subscriptionId"],
message=
"Required parameter(s) not found in your azure credentials saved in AZURE_CREDENTIALS secret for logging in to the workspace. Please provide a value for the following key(s): "
)
# # Loading parameters file
# print("::debug::Loading parameters file")
print("::debug::Loading parameters file")
parameters_file_path = os.path.join(".ml", ".azure", parameters_file)
print(os.path.abspath(parameters_file_path))
try:
with open(parameters_file_path) as f:
parameters = json.load(f)
except FileNotFoundError:
print(" workspace file is not found, parameters will be empty")
parameters = {}
# Checking provided parameters if it's user provided config
if parameters != {}:
print("::debug::Checking provided parameters")
required_parameters_provided(
parameters=parameters,
keys=["name", "resource_group"],
message=
"Required parameter(s) not found in your parameters file for loading a workspace. Please provide a value for the following key(s): "
)
azureml_workSpaceName = parameters["name"]
# over rider , if in workflow it is false but configuration over rides it or other way round
azureml_createWSIfNotExist = azureml_createWSIfNotExist or parameters.get(
"create_workspace", False)
if (azureml_workSpaceName == None) or len(azureml_workSpaceName) == 0:
raise AMLConfigurationException("WorkSpace Name must be provided")
# Loading Workspace
sp_auth = ServicePrincipalAuthentication(
tenant_id=azure_credentials.get("tenantId", ""),
service_principal_id=azure_credentials.get("clientId", ""),
service_principal_password=azure_credentials.get(
"clientSecret", ""))
try:
print("::debug::Loading existing Workspace")
ws = Workspace.get(name=azureml_workSpaceName,
subscription_id=azure_credentials.get(
"subscriptionId", ""),
auth=sp_auth)
print("::debug::Successfully loaded existing Workspace")
print(ws)
except AuthenticationException as exception:
print(
f"::error::Could not retrieve user token. Please paste output of `az ad sp create-for-rbac --name <your-sp-name> --role contributor --scopes /subscriptions/<your-subscriptionId>/resourceGroups/<your-rg> --sdk-auth` as value of secret variable: AZURE_CREDENTIALS: {exception}"
)
raise AuthenticationException
except AuthenticationError as exception:
print(f"::error::Microsoft REST Authentication Error: {exception}")
raise AuthenticationException
except AdalError as exception:
print(
f"::error::Active Directory Authentication Library Error: {exception}"
)
raise AdalError
except ProjectSystemException as exception:
print(f"::error::Workspace authorizationfailed: {exception}")
raise ProjectSystemException
except WorkspaceException as exception:
print(f"::debug::Loading existing Workspace failed: {exception}")
if azureml_createWSIfNotExist:
try:
print("::debug::Creating new Workspace")
ws = Workspace.create(
name=azureml_workSpaceName,
subscription_id=azure_credentials.get(
"subscriptionId", ""),
resource_group=parameters.get(
"resource_group",
azureml_workSpaceName + "_rsgrp"),
location=parameters.get("location", "southcentralUS"),
create_resource_group=parameters.get(
"create_resource_group", True),
sku=parameters.get("sku", "basic"),
friendly_name=parameters.get("friendly_name", None),
storage_account=parameters.get("storage_account",
None),
key_vault=parameters.get("key_vault", None),
app_insights=parameters.get("app_insights", None),
container_registry=parameters.get(
"container_registry", None),
cmk_keyvault=parameters.get("cmk_key_vault", None),
resource_cmk_uri=parameters.get(
"resource_cmk_uri", None),
hbi_workspace=parameters.get("hbi_workspace", None),
auth=sp_auth,
exist_ok=True,
show_output=True)
except WorkspaceException as exception:
print(
f"::error::Creating new Workspace failed: {exception}")
raise AMLConfigurationException(
f"Creating new Workspace failed with 'WorkspaceException': {exception}."
)
else:
print(
f"::error::Loading existing Workspace failed with 'WorkspaceException' and new Workspace will not be created because parameter 'createWorkspace' was not defined or set to false in your parameter file: {exception}"
)
raise AMLConfigurationException(
"Loading existing Workspace failed with 'WorkspaceException' and new Workspace will not be created because parameter 'createWorkspace' was not defined or set to false in your parameter file."
)
# Write Workspace ARM properties to config file
# print("::debug::Writing Workspace ARM properties to config file")
# config_file_path = os.environ.get("GITHUB_WORKSPACE", default=".ml")
# print(config_file_path)
# config_file_name = "aml_arm_config.json"
# ws.write_config(
# file_name=config_file_name
# )
return ws
def main():
# # Loading input values
# print("::debug::Loading input values")
azure_credentials = os.environ.get("INPUT_AZURE_CREDENTIALS", default='{}')
resource_group = os.environ.get("INPUT_RESOURCE_GROUP", default="")
pattoken = os.environ.get("INPUT_PATTOKEN", default="")
provider_type = os.environ.get("INPUT_PROVIDER_TYPE", default="")
events_to_subscribe = os.environ.get("INPUT_EVENTS_TO_SUBSCRIBE",
default="")
try:
azure_credentials = json.loads(azure_credentials)
except JSONDecodeError:
print(
"::error::Please paste output of `az ad sp create-for-rbac --name <your-sp-name> --role contributor --scopes /subscriptions/<your-subscriptionId>/resourceGroups/<your-rg> --sdk-auth` as value of secret variable: AZURE_CREDENTIALS"
)
raise AMLConfigurationException(
f"Incorrect or poorly formed output from azure credentials saved in AZURE_CREDENTIALS secret. See setup in https://github.com/Azure/aml-workspace/blob/master/README.md"
)
if not resource_group:
raise AMLConfigurationException(f"A resource group must be provided")
# Checking provided parameters
print("::debug::Checking provided parameters")
required_parameters_provided(
parameters=azure_credentials,
keys=["tenantId", "clientId", "clientSecret"],
message=
"Required parameter(s) not found in your azure credentials saved in AZURE_CREDENTIALS secret for logging in to the workspace. Please provide a value for the following key(s): "
)
# # Loading parameters file
# print("::debug::Loading parameters file")
template_file_file_path = os.path.join("/code", "func_deploy.json")
# Mask values
print("::debug::Masking parameters")
mask_parameter(parameter=azure_credentials.get("tenantId", ""))
mask_parameter(parameter=azure_credentials.get("clientId", ""))
mask_parameter(parameter=azure_credentials.get("clientSecret", ""))
mask_parameter(parameter=azure_credentials.get("subscriptionId", ""))
# Login User on CLI
tenant_id = azure_credentials.get("tenantId", "")
service_principal_id = azure_credentials.get("clientId", "")
service_principal_password = azure_credentials.get("clientSecret", "")
subscriptionId = azure_credentials.get("subscriptionId", "")
credentials = None
try:
credentials = ServicePrincipalCredentials(
client_id=service_principal_id,
secret=service_principal_password,
tenant=tenant_id)
except Exception as ex:
raise CredentialsVerificationError(ex)
####################### Authentication Done ###################################
# repository name
repository_name = os.environ.get("GITHUB_REPOSITORY",
"azureeventgridsample")
functionAppName = repository_name.replace(
"/", "") # create a unique function-AppName
functionAppName = functionAppName.replace("_", "").replace("-", "")[:32]
functionFolder = 'fappdeploy'
functionGitHubURL = "https://github.com/Ayaz43/function_app.git"
functionGitHubBranch = "master"
functionName = "generic_triggers"
patToken = pattoken
parameters = {
'functionAppName': functionAppName,
'functionFolder': functionFolder,
'functionGitHubURL': functionGitHubURL,
'functionGitHubBranch': functionGitHubBranch,
'patToken': patToken,
'ownerName': functionAppName
}
parameters = {k: {'value': v} for k, v in parameters.items()}
client = None
try:
client = ResourceManagementClient(credentials, subscriptionId)
except Exception as ex:
raise ResourceManagementError(ex)
template = None
with open(template_file_file_path, 'r') as template_file_fd:
template = json.load(template_file_fd)
deployment_properties = {
'properties': {
'mode': DeploymentMode.incremental,
'template': template,
'parameters': parameters
}
}
try:
validate = client.deployments.validate(resource_group, "azure-sample",
deployment_properties)
validate.wait()
except Exception as ex:
raise ActionDeploymentError(ex)
try:
deployment_async_operation = client.deployments.create_or_update(
resource_group, 'azure-sample', deployment_properties)
deployment_async_operation.wait()
except Exception as ex:
raise ActionDeploymentError(ex)
deploymemnt_result = deployment_async_operation.result()
# parameters
code = deploymemnt_result.properties.outputs['hostKey']['value']
functionAppName = deploymemnt_result.properties.outputs['functionAppName'][
'value']
function_url = "https://{}.azurewebsites.net/api/{}?code={}&repoName={}".format(
functionAppName, functionName, code, repository_name)
resource_id = "/subscriptions/{}/resourceGroups/{}/providers/{}".format(
subscriptionId, resource_group, provider_type)
event_grid_client = EventGridManagementClient(credentials, subscriptionId)
event_subscription_name = 'EventSubscription1'
destination = WebHookEventSubscriptionDestination(
endpoint_url=function_url)
included_events = get_events_list(events_to_subscribe)
filter = EventSubscriptionFilter(
# By default, "All" event types are included
included_event_types=included_events,
is_subject_case_sensitive=False,
subject_begins_with='',
subject_ends_with='')
event_subscription_info = EventSubscription(destination=destination,
filter=filter)
event_subscription_async_poller = event_grid_client.event_subscriptions.create_or_update(
resource_id,
event_subscription_name,
event_subscription_info,
)
event_subscription = event_subscription_async_poller.result(
) # type: EventSubscription
print(
f"::set-output name=destination_url::{event_subscription.destination.endpoint_base_url}"
)
def main():
# Loading input values
print("::debug::Loading input values")
parameters_file = os.environ.get("INPUT_PARAMETERS_FILE", default="run.json")
azure_credentials = os.environ.get("INPUT_AZURE_CREDENTIALS", default="{}")
try:
azure_credentials = json.loads(azure_credentials)
except JSONDecodeError:
print("::error::Please paste output of `az ad sp create-for-rbac --name <your-sp-name> --role contributor --scopes /subscriptions/<your-subscriptionId>/resourceGroups/<your-rg> --sdk-auth` as value of secret variable: AZURE_CREDENTIALS")
raise AMLConfigurationException(f"Incorrect or poorly formed output from azure credentials saved in AZURE_CREDENTIALS secret. See setup in https://github.com/Azure/aml-workspace/blob/master/README.md")
# Checking provided parameters
print("::debug::Checking provided parameters")
required_parameters_provided(
parameters=azure_credentials,
keys=["tenantId", "clientId", "clientSecret"],
message="Required parameter(s) not found in your azure credentials saved in AZURE_CREDENTIALS secret for logging in to the workspace. Please provide a value for the following key(s): "
)
# Mask values
print("::debug::Masking parameters")
mask_parameter(parameter=azure_credentials.get("tenantId", ""))
mask_parameter(parameter=azure_credentials.get("clientId", ""))
mask_parameter(parameter=azure_credentials.get("clientSecret", ""))
mask_parameter(parameter=azure_credentials.get("subscriptionId", ""))
# Loading parameters file
print("::debug::Loading parameters file")
parameters_file_path = os.path.join(".cloud", ".azure", parameters_file)
try:
with open(parameters_file_path) as f:
parameters = json.load(f)
except FileNotFoundError:
print(f"::debug::Could not find parameter file in {parameters_file_path}. Please provide a parameter file in your repository if you do not want to use default settings (e.g. .cloud/.azure/run.json).")
parameters = [{}] # we want to run atleast once with default values.
# Loading Workspace
print("::debug::Loading AML Workspace")
sp_auth = ServicePrincipalAuthentication(
tenant_id=azure_credentials.get("tenantId", ""),
service_principal_id=azure_credentials.get("clientId", ""),
service_principal_password=azure_credentials.get("clientSecret", "")
)
config_file_path = os.environ.get("GITHUB_WORKSPACE", default=".cloud/.azure")
config_file_name = "aml_arm_config.json"
try:
ws = Workspace.from_config(
path=config_file_path,
_file_name=config_file_name,
auth=sp_auth
)
except AuthenticationException as exception:
print(f"::error::Could not retrieve user token. Please paste output of `az ad sp create-for-rbac --name <your-sp-name> --role contributor --scopes /subscriptions/<your-subscriptionId>/resourceGroups/<your-rg> --sdk-auth` as value of secret variable: AZURE_CREDENTIALS: {exception}")
raise AuthenticationException
except AuthenticationError as exception:
print(f"::error::Microsoft REST Authentication Error: {exception}")
raise AuthenticationError
except AdalError as exception:
print(f"::error::Active Directory Authentication Library Error: {exception}")
raise AdalError
except ProjectSystemException as exception:
print(f"::error::Workspace authorizationfailed: {exception}")
raise ProjectSystemException
submittedRuns_for_wait = []
for parameter in parameters:
run, wait_for_completion = submitRun(ws, parameter)
# add a list of tuple to be used later, we will use it to wait.
if wait_for_completion is True:
submittedRuns_for_wait.append(run)
postRun(submittedRuns_for_wait)
print("submission over")
def main():
# Loading input values
print("::debug::Loading input values")
parameters_file = os.environ.get("INPUT_PARAMETERS_FILE",
default="workspace.json")
azure_credentials = os.environ.get("INPUT_AZURE_CREDENTIALS", default="{}")
try:
azure_credentials = json.loads(azure_credentials)
except JSONDecodeError:
print(
"::error::Please paste output of `az ad sp create-for-rbac --name <your-sp-name> --role contributor --scopes /subscriptions/<your-subscriptionId>/resourceGroups/<your-rg> --sdk-auth` as value of secret variable: AZURE_CREDENTIALS. The JSON should include the following keys: 'tenantId', 'clientId', 'clientSecret' and 'subscriptionId'."
)
raise AMLConfigurationException(
f"Incorrect or poorly formed output from azure credentials saved in AZURE_CREDENTIALS secret. See setup in https://github.com/Azure/aml-workspace/blob/master/README.md"
)
# Checking provided parameters
print("::debug::Checking provided parameters")
required_parameters_provided(
parameters=azure_credentials,
keys=["tenantId", "clientId", "clientSecret", "subscriptionId"],
message=
"Required parameter(s) not found in your azure credentials saved in AZURE_CREDENTIALS secret for logging in to the workspace. Please provide a value for the following key(s): "
)
# Mask values
print("::debug::Masking parameters")
mask_parameter(parameter=azure_credentials.get("tenantId", ""))
mask_parameter(parameter=azure_credentials.get("clientId", ""))
mask_parameter(parameter=azure_credentials.get("clientSecret", ""))
mask_parameter(parameter=azure_credentials.get("subscriptionId", ""))
# Loading parameters file
print("::debug::Loading parameters file")
parameters_file_path = os.path.join(".cloud", ".azure", parameters_file)
try:
with open(parameters_file_path) as f:
parameters = json.load(f)
except FileNotFoundError:
print(
f"::debug::Could not find parameter file in {parameters_file_path}. Please provide a parameter file in your repository if you do not want to use default settings (e.g. .cloud/.azure/workspace.json)."
)
parameters = {}
# Loading Workspace
sp_auth = ServicePrincipalAuthentication(
tenant_id=azure_credentials.get("tenantId", ""),
service_principal_id=azure_credentials.get("clientId", ""),
service_principal_password=azure_credentials.get("clientSecret", ""))
try:
print("::debug::Loading existing Workspace")
# Default workspace and resource group name
repository_name = os.environ.get("GITHUB_REPOSITORY").split("/")[-1]
ws = Workspace.get(
name=parameters.get("name", repository_name),
subscription_id=azure_credentials.get("subscriptionId", ""),
resource_group=parameters.get("resource_group", repository_name),
auth=sp_auth)
print("::debug::Successfully loaded existing Workspace")
except AuthenticationException as exception:
print(
f"::error::Could not retrieve user token. Please paste output of `az ad sp create-for-rbac --name <your-sp-name> --role contributor --scopes /subscriptions/<your-subscriptionId>/resourceGroups/<your-rg> --sdk-auth` as value of secret variable: AZURE_CREDENTIALS: {exception}"
)
raise AuthenticationException
except AuthenticationError as exception:
print(f"::error::Microsoft REST Authentication Error: {exception}")
raise AuthenticationException
except AdalError as exception:
print(
f"::error::Active Directory Authentication Library Error: {exception}"
)
raise AdalError
except ProjectSystemException as exception:
print(f"::debug::Loading existing Workspace failed: {exception}")
if parameters.get("create_workspace", False):
try:
print("::debug::Creating new Workspace")
ws = Workspace.create(
name=parameters.get("name", repository_name),
subscription_id=azure_credentials.get(
"subscriptionId", ""),
resource_group=parameters.get("resource_group",
repository_name),
location=parameters.get("location", None),
create_resource_group=parameters.get(
"create_resource_group", True),
sku=parameters.get("sku", "basic"),
friendly_name=parameters.get("friendly_name", None),
storage_account=parameters.get("storage_account", None),
key_vault=parameters.get("key_vault", None),
app_insights=parameters.get("app_insights", None),
container_registry=parameters.get("container_registry",
None),
cmk_keyvault=parameters.get("cmk_key_vault", None),
resource_cmk_uri=parameters.get("resource_cmk_uri", None),
hbi_workspace=parameters.get("hbi_workspace", None),
auth=sp_auth,
exist_ok=True,
show_output=True)
except WorkspaceException as exception:
print(f"::error::Creating new Workspace failed: {exception}")
raise AMLConfigurationException(
f"Creating new Workspace failed with 'WorkspaceException': {exception}."
)
else:
print(
f"::error::Loading existing Workspace failed with 'WorkspaceException' and new Workspace will not be created because parameter 'create_workspace' was not defined or set to false in your parameter file: {exception}"
)
raise AMLConfigurationException(
"Loading existing Workspace failed with 'WorkspaceException' and new Workspace will not be created because parameter 'create_workspace' was not defined or set to false in your parameter file."
)
except WorkspaceException as exception:
print(f"::debug::Loading existing Workspace failed: {exception}")
if parameters.get("create_workspace", False):
try:
print("::debug::Creating new Workspace")
ws = Workspace.create(
name=parameters.get("name", repository_name),
subscription_id=azure_credentials.get(
"subscriptionId", ""),
resource_group=parameters.get("resource_group",
repository_name),
location=parameters.get("location", None),
create_resource_group=parameters.get(
"create_resource_group", True),
sku=parameters.get("sku", "basic"),
friendly_name=parameters.get("friendly_name", None),
storage_account=parameters.get("storage_account", None),
key_vault=parameters.get("key_vault", None),
app_insights=parameters.get("app_insights", None),
container_registry=parameters.get("container_registry",
None),
cmk_keyvault=parameters.get("cmk_key_vault", None),
resource_cmk_uri=parameters.get("resource_cmk_uri", None),
hbi_workspace=parameters.get("hbi_workspace", None),
auth=sp_auth,
exist_ok=True,
show_output=True)
except WorkspaceException as exception:
print(f"::error::Creating new Workspace failed: {exception}")
raise AMLConfigurationException(
f"Creating new Workspace failed with 'WorkspaceException': {exception}."
)
else:
print(
f"::error::Loading existing Workspace failed with 'WorkspaceException' and new Workspace will not be created because parameter 'create_workspace' was not defined or set to false in your parameter file: {exception}"
)
raise AMLConfigurationException(
"Loading existing Workspace failed with 'WorkspaceException' and new Workspace will not be created because parameter 'create_workspace' was not defined or set to false in your parameter file."
)
# Write Workspace ARM properties to config file
print("::debug::Writing Workspace ARM properties to config file")
config_file_path = os.environ.get("GITHUB_WORKSPACE",
default=".cloud/.azure")
config_file_name = "aml_arm_config.json"
ws.write_config(path=config_file_path, file_name=config_file_name)
print(
"::debug::Successfully finished Azure Machine Learning Workspace Action"
)