def executeAction(self, parameters_file=None, ws=None, azure_credentials=None, azure_computeTarget=None): try: azure_credentials = json.loads(azure_credentials) except JSONDecodeError: print( "::error::Please paste output of `az ad sp create-for-rbac --name <your-sp-name> --role contributor --scopes /subscriptions/<your-subscriptionId>/resourceGroups/<your-rg> --sdk-auth` as value of secret variable: AZURE_CREDENTIALS" ) raise AMLConfigurationException( f"Incorrect or poorly formed output from azure credentials saved in AZURE_CREDENTIALS secret. See setup in https://github.com/Azure/aml-compute/blob/master/README.md" ) # Checking provided parameters print("::debug::Checking provided parameters") required_parameters_provided( parameters=azure_credentials, keys=["tenantId", "clientId", "clientSecret"], message= "Required parameter(s) not found in your azure credentials saved in AZURE_CREDENTIALS secret for logging in to the workspace. Please provide a value for the following key(s): " ) compute_target = ComputeTarget(workspace=ws, name=azure_computeTarget) print( f"::debug::Found compute target with same name. Not updating the compute target: {compute_target.serialize()}" ) print( "::debug::Successfully finished Azure Machine Learning Compute Action" ) return compute_target
def test_required_parameters_provided_valid_inputs(): """ Unit test to check the required_parameters_provided function with valid inputs """ parameters = {} keys = [] required_parameters_provided( parameters=parameters, keys=keys )
def executeAction(self,parameters_file,azure_credentials,azureml_workSpaceName,azureml_createWSIfNotExist): try: azure_credentials = json.loads(azure_credentials) except JSONDecodeError: print("::error::Please paste output of `az ad sp create-for-rbac --name <your-sp-name> --role contributor --scopes /subscriptions/<your-subscriptionId>/resourceGroups/<your-rg> --sdk-auth` as value of secret variable: AZURE_CREDENTIALS. The JSON should include the following keys: 'tenantId', 'clientId', 'clientSecret' and 'subscriptionId'.") raise AMLConfigurationException(f"Incorrect or poorly formed output from azure credentials saved in AZURE_CREDENTIALS secret. See setup in https://github.com/Azure/aml-workspace/blob/master/README.md") # Checking provided parameters print("::debug::Checking provided parameters") required_parameters_provided( parameters=azure_credentials, keys=["tenantId", "clientId", "clientSecret", "subscriptionId"], message="Required parameter(s) not found in your azure credentials saved in AZURE_CREDENTIALS secret for logging in to the workspace. Please provide a value for the following key(s): " ) if (azureml_workSpaceName == None) or len(azureml_workSpaceName) == 0: raise AMLConfigurationException("WorkSpace Name must be provided") # Loading Workspace sp_auth = ServicePrincipalAuthentication( tenant_id=azure_credentials.get("tenantId", ""), service_principal_id=azure_credentials.get("clientId", ""), service_principal_password=azure_credentials.get("clientSecret", "") ) try: print("::debug::Loading existing Workspace") ws = Workspace.get( name=azureml_workSpaceName, subscription_id=azure_credentials.get("subscriptionId", ""), auth=sp_auth ) print("::debug::Successfully loaded existing Workspace") print(ws) except AuthenticationException as exception: print(f"::error::Could not retrieve user token. Please paste output of `az ad sp create-for-rbac --name <your-sp-name> --role contributor --scopes /subscriptions/<your-subscriptionId>/resourceGroups/<your-rg> --sdk-auth` as value of secret variable: AZURE_CREDENTIALS: {exception}") raise AuthenticationException except AuthenticationError as exception: print(f"::error::Microsoft REST Authentication Error: {exception}") raise AuthenticationException except AdalError as exception: print(f"::error::Active Directory Authentication Library Error: {exception}") raise AdalError except ProjectSystemException as exception: print(f"::error::Workspace authorizationfailed: {exception}") raise ProjectSystemException except WorkspaceException as exception: print(f"::debug::Loading existing Workspace failed: {exception}") return ws;
def test_required_parameters_provided_invalid_keys(): """ Unit test to check the required_parameters_provided function with invalid keys """ parameters = {} keys = ["test"] with pytest.raises(AMLConfigurationException): assert required_parameters_provided( parameters=parameters, keys=keys )
def main(): # # Loading input values # print("::debug::Loading input values") template_file = os.environ.get("INPUT_ARMTEMPLATE_FILE", default="arm_deploy.json") template_params_file = os.environ.get("INPUT_ARMTEMPLATEPARAMS_FILE", default="") azure_credentials = os.environ.get("INPUT_AZURE_CREDENTIALS", default="{}") resource_group = os.environ.get("INPUT_RESOURCE_GROUP", default=None) mapped_params = os.environ.get("INPUT_MAPPED_PARAMS", default="{}") deployment_mode = os.environ.get("INPUT_DEPLOYMENT_MODE", default="Incremental") deploy_enum = get_deploy_mode_obj(deployment_mode) try: azure_credentials = json.loads(azure_credentials) except JSONDecodeError: print( "::error::Please paste output of `az ad sp create-for-rbac --name <your-sp-name> --role contributor --scopes /subscriptions/<your-subscriptionId>/resourceGroups/<your-rg> --sdk-auth` as value of secret variable: AZURE_CREDENTIALS" ) raise AMLConfigurationException( f"Incorrect or poorly formed output from azure credentials saved in AZURE_CREDENTIALS secret. See setup in https://github.com/Azure/aml-workspace/blob/master/README.md" ) try: mapped_params = json.loads(mapped_params) except JSONDecodeError: print( "::error::Incorrect mapped parameters Format , please put mapped parameters strings like this {\"patToken\":\"${{secrets.PAT_TOKEN}}\", .... }" ) raise AMLConfigurationException( f"Incorrect or poorly formed mapped params. See setup in https://github.com/Azure/aml_configure/blob/master/README.md" ) if not resource_group: raise AMLConfigurationException(f"A resource group must be provided") # Checking provided parameters print("::debug::Checking provided parameters") required_parameters_provided( parameters=azure_credentials, keys=["tenantId", "clientId", "clientSecret"], message= "Required parameter(s) not found in your azure credentials saved in AZURE_CREDENTIALS secret for logging in to the workspace. Please provide a value for the following key(s): " ) # # Loading parameters file # print("::debug::Loading parameters file") template_file_file_path = os.path.join(".cloud", ".azure", template_file) # Mask values print("::debug::Masking parameters") mask_parameter(parameter=azure_credentials.get("tenantId", "")) mask_parameter(parameter=azure_credentials.get("clientId", "")) mask_parameter(parameter=azure_credentials.get("clientSecret", "")) #mask_parameter(parameter=azure_credentials.get("subscriptionId", "")) # Login User on CLI tenant_id = azure_credentials.get("tenantId", "") service_principal_id = azure_credentials.get("clientId", "") service_principal_password = azure_credentials.get("clientSecret", "") subscriptionId = azure_credentials.get("subscriptionId", "") parameters = get_template_parameters(template_params_file, mapped_params) credentials = None try: credentials = ServicePrincipalCredentials( client_id=service_principal_id, secret=service_principal_password, tenant=tenant_id) except Exception as ex: raise CredentialsVerificationError(ex) client = None try: client = ResourceManagementClient(credentials, subscriptionId) except Exception as ex: raise ResourceManagementError(ex) template = None with open(template_file_file_path, 'r') as template_file_fd: template = json.load(template_file_fd) deployment_properties = { 'properties': { 'mode': deploy_enum, 'template': template, 'parameters': parameters } } deployment_async_operation = None try: validate = client.deployments.validate(resource_group, "azure-sample", deployment_properties) validate.wait() except Exception as ex: raise ActionDeploymentError(ex) try: deployment_async_operation = client.deployments.create_or_update( resource_group, 'azure-sample', deployment_properties) deployment_async_operation.wait() except Exception as ex: raise ActionDeploymentError(ex) print("Deployment done") print(deployment_async_operation) print("next----------") print(deployment_async_operation.result()) print("next----------") print(deployment_async_operation.result().properties)
def main(): # # Loading input values # print("::debug::Loading input values") template_file = os.environ.get("INPUT_ARMTEMPLATE_FILE", default="deploy.json") template_params_file = os.environ.get("INPUT_ARMTEMPLATEPARAMS_FILE", default="deploy.params.json") azure_credentials = os.environ.get("INPUT_AZURE_CREDENTIALS", default="{}") resource_group = os.environ.get("INPUT_RESOURCE_GROUP", default="newresource_group") repo_PatToken = os.environ.get("INPUT_PATTOKEN", default="") self_repoName = os.environ.get("INPUT_GITREPO", default="") try: azure_credentials = json.loads(azure_credentials) except JSONDecodeError: print( "::error::Please paste output of `az ad sp create-for-rbac --name <your-sp-name> --role contributor --scopes /subscriptions/<your-subscriptionId>/resourceGroups/<your-rg> --sdk-auth` as value of secret variable: AZURE_CREDENTIALS" ) raise AMLConfigurationException( f"Incorrect or poorly formed output from azure credentials saved in AZURE_CREDENTIALS secret. See setup in https://github.com/Azure/aml-workspace/blob/master/README.md" ) # Checking provided parameters print("::debug::Checking provided parameters") required_parameters_provided( parameters=azure_credentials, keys=["tenantId", "clientId", "clientSecret"], message= "Required parameter(s) not found in your azure credentials saved in AZURE_CREDENTIALS secret for logging in to the workspace. Please provide a value for the following key(s): " ) # # Loading parameters file # print("::debug::Loading parameters file") template_file_file_path = os.path.join(".cloud", ".azure", template_file) template_params_file_path = os.path.join(".cloud", ".azure", template_params_file) # Mask values print("::debug::Masking parameters") mask_parameter(parameter=azure_credentials.get("tenantId", "")) mask_parameter(parameter=azure_credentials.get("clientId", "")) mask_parameter(parameter=azure_credentials.get("clientSecret", "")) #mask_parameter(parameter=azure_credentials.get("subscriptionId", "")) # Login User on CLI tenant_id = azure_credentials.get("tenantId", "") service_principal_id = azure_credentials.get("clientId", "") service_principal_password = azure_credentials.get("clientSecret", "") subscriptionId = azure_credentials.get("subscriptionId", "") command = ( "az login --service-principal --username {APP_ID} --password \"{PASSWORD}\" --tenant {TENANT_ID}" ).format(APP_ID=service_principal_id, PASSWORD=service_principal_password, TENANT_ID=tenant_id) try: login_result = subprocess.check_output(command, shell=True) print(login_result) except Exception as ex: print(ex) return success = False try: jsonobject = None with open(template_params_file_path, "r") as f: jsonobject = json.load(f) jsonobject["parameters"]["subscriptionID"]["value"] = subscriptionId jsonobject["parameters"]["repo_name"]["value"] = self_repoName jsonobject["parameters"]["pat_token"]["value"] = repo_PatToken with open(template_params_file_path, "w") as f: json.dump(jsonobject, f) success = True except Exception as ex: print("error while updating parameters") return if success: print( deploy_functionApp(template_file_file_path, template_params_file_path, resource_group))
def test_required_credential_parameters_specified(): parameters = get_sample_credentials(), keys = ["tenantId", "WrongclientId", "clientSecret"], message = "Test Message" with pytest.raises(AMLConfigurationException): required_parameters_provided(parameters, keys, message)
def main(): # # Loading input values print("::debug::Loading input values") template_file = os.environ.get("INPUT_ARMTEMPLATE_FILE", default="deploy.json") template_params_file = os.environ.get("INPUT_ARMTEMPLATEPARAMS_FILE", default="deploy.params.json") azure_credentials = os.environ.get("INPUT_AZURE_CREDENTIALS", default="{}") resource_group = os.environ.get("INPUT_RESOURCE_GROUP", default="newresource_group") print(azure_credentials) print("0--------------------------------------") try: azure_credentials = json.loads(azure_credentials) print(azure_credentials) except JSONDecodeError: print( "::error::Please paste output of `az ad sp create-for-rbac --name <your-sp-name> --role contributor --scopes /subscriptions/<your-subscriptionId>/resourceGroups/<your-rg> --sdk-auth` as value of secret variable: AZURE_CREDENTIALS" ) raise AMLConfigurationException( f"Incorrect or poorly formed output from azure credentials saved in AZURE_CREDENTIALS secret. See setup in https://github.com/Azure/aml-workspace/blob/master/README.md" ) print("1--------------------------------------") # Checking provided parameters print("::debug::Checking provided parameters") required_parameters_provided( parameters=azure_credentials, keys=["tenantId", "clientId", "clientSecret"], message= "Required parameter(s) not found in your azure credentials saved in AZURE_CREDENTIALS secret for logging in to the workspace. Please provide a value for the following key(s): " ) print("2--------------------------------------") # Mask values print("::debug::Masking parameters") mask_parameter(parameter=azure_credentials.get("tenantId", "")) mask_parameter(parameter=azure_credentials.get("clientId", "")) mask_parameter(parameter=azure_credentials.get("clientSecret", "")) mask_parameter(parameter=azure_credentials.get("subscriptionId", "")) print("3--------------------------------------") # Loading parameters file print("::debug::Loading parameters file") template_file_file_path = os.path.join(".cloud", ".azure", template_file) template_params_file_path = os.path.join(".cloud", ".azure", template_params_file) print("4--------------------------------------") tenant_id = azure_credentials.get("tenantId", "") service_principal_id = azure_credentials.get("clientId", "") service_principal_password = azure_credentials.get("clientSecret", "") print(service_principal_password) #command = ('az login --service-principal --username {APP_ID} --password {PASSWORD} --tenant {TENANT_ID}').format( # APP_ID=service_principal_id, PASSWORD=service_principal_password, TENANT_ID=tenant_id) command = 'az login --service-principal --username "ab96606e-49a7-45d3-a575-5172e11fdb7f" --password "^s:e6b4uCMXxN168t+i?[f](`E~8YeAP" --tenant "2d1aba9c-5938-402b-90b9-72a284a4bced"' try: app_create = subprocess.check_output(command, shell=True) print(app_create) except Exception as ex: print(ex) print( deploy_functionApp(template_file_file_path, template_params_file_path, resource_group))
def main(): # Loading azure credentials print("::debug::Loading azure credentials") azure_credentials = os.environ.get("INPUT_AZURE_CREDENTIALS", default="{}") try: azure_credentials = json.loads(azure_credentials) except JSONDecodeError: print( "::error::Please paste output of `az ad sp create-for-rbac --name <your-sp-name> --role contributor --scopes /subscriptions/<your-subscriptionId>/resourceGroups/<your-rg> --sdk-auth` as value of secret variable: AZURE_CREDENTIALS. The JSON should include the following keys: 'tenantId', 'clientId', 'clientSecret' and 'subscriptionId'." ) raise AMLConfigurationException( "Incorrect or poorly formed output from azure credentials saved in AZURE_CREDENTIALS secret. See setup in https://github.com/Azure/aml-workspace/blob/master/README.md" ) # Checking provided parameters print("::debug::Checking provided parameters") validate_json(data=azure_credentials, schema=azure_credentials_schema, input_name="AZURE_CREDENTIALS") # Mask values print("::debug::Masking parameters") mask_parameter(parameter=azure_credentials.get("tenantId", "")) mask_parameter(parameter=azure_credentials.get("clientId", "")) mask_parameter(parameter=azure_credentials.get("clientSecret", "")) mask_parameter(parameter=azure_credentials.get("subscriptionId", "")) # Loading parameters file print("::debug::Loading parameters file") parameters_file = os.environ.get("INPUT_PARAMETERS_FILE", default="compute.json") parameters_file_path = os.path.join(".cloud", ".azure", parameters_file) try: with open(parameters_file_path) as f: parameters = json.load(f) except FileNotFoundError: print( f"::debug::Could not find parameter file in {parameters_file_path}. Please provide a parameter file in your repository if you do not want to use default settings (e.g. .cloud/.azure/compute.json)." ) parameters = {} # Checking provided parameters print("::debug::Checking provided parameters") validate_json(data=parameters, schema=parameters_schema, input_name="PARAMETERS_FILE") # Define target cloud if azure_credentials.get( "resourceManagerEndpointUrl", "").startswith("https://management.usgovcloudapi.net"): cloud = "AzureUSGovernment" elif azure_credentials.get( "resourceManagerEndpointUrl", "").startswith("https://management.chinacloudapi.cn"): cloud = "AzureChinaCloud" else: cloud = "AzureCloud" # Loading Workspace print("::debug::Loading AML Workspace") sp_auth = ServicePrincipalAuthentication( tenant_id=azure_credentials.get("tenantId", ""), service_principal_id=azure_credentials.get("clientId", ""), service_principal_password=azure_credentials.get("clientSecret", ""), cloud=cloud) config_file_path = os.environ.get("GITHUB_WORKSPACE", default=".cloud/.azure") config_file_name = "aml_arm_config.json" try: ws = Workspace.from_config(path=config_file_path, _file_name=config_file_name, auth=sp_auth) except AuthenticationException as exception: print( f"::error::Could not retrieve user token. Please paste output of `az ad sp create-for-rbac --name <your-sp-name> --role contributor --scopes /subscriptions/<your-subscriptionId>/resourceGroups/<your-rg> --sdk-auth` as value of secret variable: AZURE_CREDENTIALS: {exception}" ) raise AuthenticationException except AuthenticationError as exception: print(f"::error::Microsoft REST Authentication Error: {exception}") raise AuthenticationError except AdalError as exception: print( f"::error::Active Directory Authentication Library Error: {exception}" ) raise AdalError except ProjectSystemException as exception: print(f"::error::Workspace authorizationfailed: {exception}") raise ProjectSystemException # Loading compute target try: # Default compute target name repository_name = os.environ.get("GITHUB_REPOSITORY").split( "/")[-1][:16] # names can be max 16 characters print("::debug::Loading existing compute target") compute_target = ComputeTarget(workspace=ws, name=parameters.get( "name", repository_name)) print( f"::debug::Found compute target with same name. Not updating the compute target: {compute_target.serialize()}" ) except ComputeTargetException: print( "::debug::Could not find existing compute target with provided name" ) # Checking provided parameters print("::debug::Checking provided parameters") required_parameters_provided( parameters=parameters, keys=["compute_type"], message= "Required parameter(s) not found in your parameters file for creating a compute target. Please provide a value for the following key(s): " ) print("::debug::Creating new compute target") compute_type = parameters.get("compute_type", "") print(f"::debug::Compute type listed is{compute_type}") if compute_type == "amlcluster": compute_target = create_aml_cluster(workspace=ws, parameters=parameters) print( f"::debug::Successfully created AML cluster: {compute_target.serialize()}" ) elif compute_type == "akscluster": compute_target = create_aks_cluster(workspace=ws, parameters=parameters) print( f"::debug::Successfully created AKS cluster: {compute_target.serialize()}" ) else: print(f"::error::Compute type '{compute_type}' is not supported") raise AMLConfigurationException( f"Compute type '{compute_type}' is not supported.") print( "::debug::Successfully finished Azure Machine Learning Compute Action")
def executeAction(self, parameters_file, azure_credentials, azureml_workSpaceName, azureml_createWSIfNotExist): try: azure_credentials = json.loads(azure_credentials) except JSONDecodeError: print( "::error::Please paste output of `az ad sp create-for-rbac --name <your-sp-name> --role contributor --scopes /subscriptions/<your-subscriptionId>/resourceGroups/<your-rg> --sdk-auth` as value of secret variable: AZURE_CREDENTIALS. The JSON should include the following keys: 'tenantId', 'clientId', 'clientSecret' and 'subscriptionId'." ) raise AMLConfigurationException( f"Incorrect or poorly formed output from azure credentials saved in AZURE_CREDENTIALS secret. See setup in https://github.com/Azure/aml-workspace/blob/master/README.md" ) # Checking provided parameters print("::debug::Checking provided parameters") required_parameters_provided( parameters=azure_credentials, keys=["tenantId", "clientId", "clientSecret", "subscriptionId"], message= "Required parameter(s) not found in your azure credentials saved in AZURE_CREDENTIALS secret for logging in to the workspace. Please provide a value for the following key(s): " ) # # Loading parameters file # print("::debug::Loading parameters file") print("::debug::Loading parameters file") parameters_file_path = os.path.join(".ml", ".azure", parameters_file) print(os.path.abspath(parameters_file_path)) try: with open(parameters_file_path) as f: parameters = json.load(f) except FileNotFoundError: print(" workspace file is not found, parameters will be empty") parameters = {} # Checking provided parameters if it's user provided config if parameters != {}: print("::debug::Checking provided parameters") required_parameters_provided( parameters=parameters, keys=["name", "resource_group"], message= "Required parameter(s) not found in your parameters file for loading a workspace. Please provide a value for the following key(s): " ) azureml_workSpaceName = parameters["name"] # over rider , if in workflow it is false but configuration over rides it or other way round azureml_createWSIfNotExist = azureml_createWSIfNotExist or parameters.get( "create_workspace", False) if (azureml_workSpaceName == None) or len(azureml_workSpaceName) == 0: raise AMLConfigurationException("WorkSpace Name must be provided") # Loading Workspace sp_auth = ServicePrincipalAuthentication( tenant_id=azure_credentials.get("tenantId", ""), service_principal_id=azure_credentials.get("clientId", ""), service_principal_password=azure_credentials.get( "clientSecret", "")) try: print("::debug::Loading existing Workspace") ws = Workspace.get(name=azureml_workSpaceName, subscription_id=azure_credentials.get( "subscriptionId", ""), auth=sp_auth) print("::debug::Successfully loaded existing Workspace") print(ws) except AuthenticationException as exception: print( f"::error::Could not retrieve user token. Please paste output of `az ad sp create-for-rbac --name <your-sp-name> --role contributor --scopes /subscriptions/<your-subscriptionId>/resourceGroups/<your-rg> --sdk-auth` as value of secret variable: AZURE_CREDENTIALS: {exception}" ) raise AuthenticationException except AuthenticationError as exception: print(f"::error::Microsoft REST Authentication Error: {exception}") raise AuthenticationException except AdalError as exception: print( f"::error::Active Directory Authentication Library Error: {exception}" ) raise AdalError except ProjectSystemException as exception: print(f"::error::Workspace authorizationfailed: {exception}") raise ProjectSystemException except WorkspaceException as exception: print(f"::debug::Loading existing Workspace failed: {exception}") if azureml_createWSIfNotExist: try: print("::debug::Creating new Workspace") ws = Workspace.create( name=azureml_workSpaceName, subscription_id=azure_credentials.get( "subscriptionId", ""), resource_group=parameters.get( "resource_group", azureml_workSpaceName + "_rsgrp"), location=parameters.get("location", "southcentralUS"), create_resource_group=parameters.get( "create_resource_group", True), sku=parameters.get("sku", "basic"), friendly_name=parameters.get("friendly_name", None), storage_account=parameters.get("storage_account", None), key_vault=parameters.get("key_vault", None), app_insights=parameters.get("app_insights", None), container_registry=parameters.get( "container_registry", None), cmk_keyvault=parameters.get("cmk_key_vault", None), resource_cmk_uri=parameters.get( "resource_cmk_uri", None), hbi_workspace=parameters.get("hbi_workspace", None), auth=sp_auth, exist_ok=True, show_output=True) except WorkspaceException as exception: print( f"::error::Creating new Workspace failed: {exception}") raise AMLConfigurationException( f"Creating new Workspace failed with 'WorkspaceException': {exception}." ) else: print( f"::error::Loading existing Workspace failed with 'WorkspaceException' and new Workspace will not be created because parameter 'createWorkspace' was not defined or set to false in your parameter file: {exception}" ) raise AMLConfigurationException( "Loading existing Workspace failed with 'WorkspaceException' and new Workspace will not be created because parameter 'createWorkspace' was not defined or set to false in your parameter file." ) # Write Workspace ARM properties to config file # print("::debug::Writing Workspace ARM properties to config file") # config_file_path = os.environ.get("GITHUB_WORKSPACE", default=".ml") # print(config_file_path) # config_file_name = "aml_arm_config.json" # ws.write_config( # file_name=config_file_name # ) return ws
def main(): # # Loading input values # print("::debug::Loading input values") azure_credentials = os.environ.get("INPUT_AZURE_CREDENTIALS", default='{}') resource_group = os.environ.get("INPUT_RESOURCE_GROUP", default="") pattoken = os.environ.get("INPUT_PATTOKEN", default="") provider_type = os.environ.get("INPUT_PROVIDER_TYPE", default="") events_to_subscribe = os.environ.get("INPUT_EVENTS_TO_SUBSCRIBE", default="") try: azure_credentials = json.loads(azure_credentials) except JSONDecodeError: print( "::error::Please paste output of `az ad sp create-for-rbac --name <your-sp-name> --role contributor --scopes /subscriptions/<your-subscriptionId>/resourceGroups/<your-rg> --sdk-auth` as value of secret variable: AZURE_CREDENTIALS" ) raise AMLConfigurationException( f"Incorrect or poorly formed output from azure credentials saved in AZURE_CREDENTIALS secret. See setup in https://github.com/Azure/aml-workspace/blob/master/README.md" ) if not resource_group: raise AMLConfigurationException(f"A resource group must be provided") # Checking provided parameters print("::debug::Checking provided parameters") required_parameters_provided( parameters=azure_credentials, keys=["tenantId", "clientId", "clientSecret"], message= "Required parameter(s) not found in your azure credentials saved in AZURE_CREDENTIALS secret for logging in to the workspace. Please provide a value for the following key(s): " ) # # Loading parameters file # print("::debug::Loading parameters file") template_file_file_path = os.path.join("/code", "func_deploy.json") # Mask values print("::debug::Masking parameters") mask_parameter(parameter=azure_credentials.get("tenantId", "")) mask_parameter(parameter=azure_credentials.get("clientId", "")) mask_parameter(parameter=azure_credentials.get("clientSecret", "")) mask_parameter(parameter=azure_credentials.get("subscriptionId", "")) # Login User on CLI tenant_id = azure_credentials.get("tenantId", "") service_principal_id = azure_credentials.get("clientId", "") service_principal_password = azure_credentials.get("clientSecret", "") subscriptionId = azure_credentials.get("subscriptionId", "") credentials = None try: credentials = ServicePrincipalCredentials( client_id=service_principal_id, secret=service_principal_password, tenant=tenant_id) except Exception as ex: raise CredentialsVerificationError(ex) ####################### Authentication Done ################################### # repository name repository_name = os.environ.get("GITHUB_REPOSITORY", "azureeventgridsample") functionAppName = repository_name.replace( "/", "") # create a unique function-AppName functionAppName = functionAppName.replace("_", "").replace("-", "")[:32] functionFolder = 'fappdeploy' functionGitHubURL = "https://github.com/Ayaz43/function_app.git" functionGitHubBranch = "master" functionName = "generic_triggers" patToken = pattoken parameters = { 'functionAppName': functionAppName, 'functionFolder': functionFolder, 'functionGitHubURL': functionGitHubURL, 'functionGitHubBranch': functionGitHubBranch, 'patToken': patToken, 'ownerName': functionAppName } parameters = {k: {'value': v} for k, v in parameters.items()} client = None try: client = ResourceManagementClient(credentials, subscriptionId) except Exception as ex: raise ResourceManagementError(ex) template = None with open(template_file_file_path, 'r') as template_file_fd: template = json.load(template_file_fd) deployment_properties = { 'properties': { 'mode': DeploymentMode.incremental, 'template': template, 'parameters': parameters } } try: validate = client.deployments.validate(resource_group, "azure-sample", deployment_properties) validate.wait() except Exception as ex: raise ActionDeploymentError(ex) try: deployment_async_operation = client.deployments.create_or_update( resource_group, 'azure-sample', deployment_properties) deployment_async_operation.wait() except Exception as ex: raise ActionDeploymentError(ex) deploymemnt_result = deployment_async_operation.result() # parameters code = deploymemnt_result.properties.outputs['hostKey']['value'] functionAppName = deploymemnt_result.properties.outputs['functionAppName'][ 'value'] function_url = "https://{}.azurewebsites.net/api/{}?code={}&repoName={}".format( functionAppName, functionName, code, repository_name) resource_id = "/subscriptions/{}/resourceGroups/{}/providers/{}".format( subscriptionId, resource_group, provider_type) event_grid_client = EventGridManagementClient(credentials, subscriptionId) event_subscription_name = 'EventSubscription1' destination = WebHookEventSubscriptionDestination( endpoint_url=function_url) included_events = get_events_list(events_to_subscribe) filter = EventSubscriptionFilter( # By default, "All" event types are included included_event_types=included_events, is_subject_case_sensitive=False, subject_begins_with='', subject_ends_with='') event_subscription_info = EventSubscription(destination=destination, filter=filter) event_subscription_async_poller = event_grid_client.event_subscriptions.create_or_update( resource_id, event_subscription_name, event_subscription_info, ) event_subscription = event_subscription_async_poller.result( ) # type: EventSubscription print( f"::set-output name=destination_url::{event_subscription.destination.endpoint_base_url}" )
def main(): # Loading input values print("::debug::Loading input values") parameters_file = os.environ.get("INPUT_PARAMETERS_FILE", default="run.json") azure_credentials = os.environ.get("INPUT_AZURE_CREDENTIALS", default="{}") try: azure_credentials = json.loads(azure_credentials) except JSONDecodeError: print("::error::Please paste output of `az ad sp create-for-rbac --name <your-sp-name> --role contributor --scopes /subscriptions/<your-subscriptionId>/resourceGroups/<your-rg> --sdk-auth` as value of secret variable: AZURE_CREDENTIALS") raise AMLConfigurationException(f"Incorrect or poorly formed output from azure credentials saved in AZURE_CREDENTIALS secret. See setup in https://github.com/Azure/aml-workspace/blob/master/README.md") # Checking provided parameters print("::debug::Checking provided parameters") required_parameters_provided( parameters=azure_credentials, keys=["tenantId", "clientId", "clientSecret"], message="Required parameter(s) not found in your azure credentials saved in AZURE_CREDENTIALS secret for logging in to the workspace. Please provide a value for the following key(s): " ) # Mask values print("::debug::Masking parameters") mask_parameter(parameter=azure_credentials.get("tenantId", "")) mask_parameter(parameter=azure_credentials.get("clientId", "")) mask_parameter(parameter=azure_credentials.get("clientSecret", "")) mask_parameter(parameter=azure_credentials.get("subscriptionId", "")) # Loading parameters file print("::debug::Loading parameters file") parameters_file_path = os.path.join(".cloud", ".azure", parameters_file) try: with open(parameters_file_path) as f: parameters = json.load(f) except FileNotFoundError: print(f"::debug::Could not find parameter file in {parameters_file_path}. Please provide a parameter file in your repository if you do not want to use default settings (e.g. .cloud/.azure/run.json).") parameters = [{}] # we want to run atleast once with default values. # Loading Workspace print("::debug::Loading AML Workspace") sp_auth = ServicePrincipalAuthentication( tenant_id=azure_credentials.get("tenantId", ""), service_principal_id=azure_credentials.get("clientId", ""), service_principal_password=azure_credentials.get("clientSecret", "") ) config_file_path = os.environ.get("GITHUB_WORKSPACE", default=".cloud/.azure") config_file_name = "aml_arm_config.json" try: ws = Workspace.from_config( path=config_file_path, _file_name=config_file_name, auth=sp_auth ) except AuthenticationException as exception: print(f"::error::Could not retrieve user token. Please paste output of `az ad sp create-for-rbac --name <your-sp-name> --role contributor --scopes /subscriptions/<your-subscriptionId>/resourceGroups/<your-rg> --sdk-auth` as value of secret variable: AZURE_CREDENTIALS: {exception}") raise AuthenticationException except AuthenticationError as exception: print(f"::error::Microsoft REST Authentication Error: {exception}") raise AuthenticationError except AdalError as exception: print(f"::error::Active Directory Authentication Library Error: {exception}") raise AdalError except ProjectSystemException as exception: print(f"::error::Workspace authorizationfailed: {exception}") raise ProjectSystemException submittedRuns_for_wait = [] for parameter in parameters: run, wait_for_completion = submitRun(ws, parameter) # add a list of tuple to be used later, we will use it to wait. if wait_for_completion is True: submittedRuns_for_wait.append(run) postRun(submittedRuns_for_wait) print("submission over")
def main(): # Loading input values print("::debug::Loading input values") parameters_file = os.environ.get("INPUT_PARAMETERS_FILE", default="workspace.json") azure_credentials = os.environ.get("INPUT_AZURE_CREDENTIALS", default="{}") try: azure_credentials = json.loads(azure_credentials) except JSONDecodeError: print( "::error::Please paste output of `az ad sp create-for-rbac --name <your-sp-name> --role contributor --scopes /subscriptions/<your-subscriptionId>/resourceGroups/<your-rg> --sdk-auth` as value of secret variable: AZURE_CREDENTIALS. The JSON should include the following keys: 'tenantId', 'clientId', 'clientSecret' and 'subscriptionId'." ) raise AMLConfigurationException( f"Incorrect or poorly formed output from azure credentials saved in AZURE_CREDENTIALS secret. See setup in https://github.com/Azure/aml-workspace/blob/master/README.md" ) # Checking provided parameters print("::debug::Checking provided parameters") required_parameters_provided( parameters=azure_credentials, keys=["tenantId", "clientId", "clientSecret", "subscriptionId"], message= "Required parameter(s) not found in your azure credentials saved in AZURE_CREDENTIALS secret for logging in to the workspace. Please provide a value for the following key(s): " ) # Mask values print("::debug::Masking parameters") mask_parameter(parameter=azure_credentials.get("tenantId", "")) mask_parameter(parameter=azure_credentials.get("clientId", "")) mask_parameter(parameter=azure_credentials.get("clientSecret", "")) mask_parameter(parameter=azure_credentials.get("subscriptionId", "")) # Loading parameters file print("::debug::Loading parameters file") parameters_file_path = os.path.join(".cloud", ".azure", parameters_file) try: with open(parameters_file_path) as f: parameters = json.load(f) except FileNotFoundError: print( f"::debug::Could not find parameter file in {parameters_file_path}. Please provide a parameter file in your repository if you do not want to use default settings (e.g. .cloud/.azure/workspace.json)." ) parameters = {} # Loading Workspace sp_auth = ServicePrincipalAuthentication( tenant_id=azure_credentials.get("tenantId", ""), service_principal_id=azure_credentials.get("clientId", ""), service_principal_password=azure_credentials.get("clientSecret", "")) try: print("::debug::Loading existing Workspace") # Default workspace and resource group name repository_name = os.environ.get("GITHUB_REPOSITORY").split("/")[-1] ws = Workspace.get( name=parameters.get("name", repository_name), subscription_id=azure_credentials.get("subscriptionId", ""), resource_group=parameters.get("resource_group", repository_name), auth=sp_auth) print("::debug::Successfully loaded existing Workspace") except AuthenticationException as exception: print( f"::error::Could not retrieve user token. Please paste output of `az ad sp create-for-rbac --name <your-sp-name> --role contributor --scopes /subscriptions/<your-subscriptionId>/resourceGroups/<your-rg> --sdk-auth` as value of secret variable: AZURE_CREDENTIALS: {exception}" ) raise AuthenticationException except AuthenticationError as exception: print(f"::error::Microsoft REST Authentication Error: {exception}") raise AuthenticationException except AdalError as exception: print( f"::error::Active Directory Authentication Library Error: {exception}" ) raise AdalError except ProjectSystemException as exception: print(f"::debug::Loading existing Workspace failed: {exception}") if parameters.get("create_workspace", False): try: print("::debug::Creating new Workspace") ws = Workspace.create( name=parameters.get("name", repository_name), subscription_id=azure_credentials.get( "subscriptionId", ""), resource_group=parameters.get("resource_group", repository_name), location=parameters.get("location", None), create_resource_group=parameters.get( "create_resource_group", True), sku=parameters.get("sku", "basic"), friendly_name=parameters.get("friendly_name", None), storage_account=parameters.get("storage_account", None), key_vault=parameters.get("key_vault", None), app_insights=parameters.get("app_insights", None), container_registry=parameters.get("container_registry", None), cmk_keyvault=parameters.get("cmk_key_vault", None), resource_cmk_uri=parameters.get("resource_cmk_uri", None), hbi_workspace=parameters.get("hbi_workspace", None), auth=sp_auth, exist_ok=True, show_output=True) except WorkspaceException as exception: print(f"::error::Creating new Workspace failed: {exception}") raise AMLConfigurationException( f"Creating new Workspace failed with 'WorkspaceException': {exception}." ) else: print( f"::error::Loading existing Workspace failed with 'WorkspaceException' and new Workspace will not be created because parameter 'create_workspace' was not defined or set to false in your parameter file: {exception}" ) raise AMLConfigurationException( "Loading existing Workspace failed with 'WorkspaceException' and new Workspace will not be created because parameter 'create_workspace' was not defined or set to false in your parameter file." ) except WorkspaceException as exception: print(f"::debug::Loading existing Workspace failed: {exception}") if parameters.get("create_workspace", False): try: print("::debug::Creating new Workspace") ws = Workspace.create( name=parameters.get("name", repository_name), subscription_id=azure_credentials.get( "subscriptionId", ""), resource_group=parameters.get("resource_group", repository_name), location=parameters.get("location", None), create_resource_group=parameters.get( "create_resource_group", True), sku=parameters.get("sku", "basic"), friendly_name=parameters.get("friendly_name", None), storage_account=parameters.get("storage_account", None), key_vault=parameters.get("key_vault", None), app_insights=parameters.get("app_insights", None), container_registry=parameters.get("container_registry", None), cmk_keyvault=parameters.get("cmk_key_vault", None), resource_cmk_uri=parameters.get("resource_cmk_uri", None), hbi_workspace=parameters.get("hbi_workspace", None), auth=sp_auth, exist_ok=True, show_output=True) except WorkspaceException as exception: print(f"::error::Creating new Workspace failed: {exception}") raise AMLConfigurationException( f"Creating new Workspace failed with 'WorkspaceException': {exception}." ) else: print( f"::error::Loading existing Workspace failed with 'WorkspaceException' and new Workspace will not be created because parameter 'create_workspace' was not defined or set to false in your parameter file: {exception}" ) raise AMLConfigurationException( "Loading existing Workspace failed with 'WorkspaceException' and new Workspace will not be created because parameter 'create_workspace' was not defined or set to false in your parameter file." ) # Write Workspace ARM properties to config file print("::debug::Writing Workspace ARM properties to config file") config_file_path = os.environ.get("GITHUB_WORKSPACE", default=".cloud/.azure") config_file_name = "aml_arm_config.json" ws.write_config(path=config_file_path, file_name=config_file_name) print( "::debug::Successfully finished Azure Machine Learning Workspace Action" )