protected async Task <AzureResourceGroup> GetResourceGroupAsync()
{
if (ResourceGroupSubscriptionId.HasValue)
{
var resourceGroup = await AzureResourceService
.GetResourceGroupAsync(ResourceGroupSubscriptionId.Value, ResourceGroupName)
.ConfigureAwait(false);
if (resourceGroup is null)
{
var subscription = await AzureResourceService
.GetSubscriptionAsync(ResourceGroupSubscriptionId.Value, true)
.ConfigureAwait(false);
resourceGroup = await subscription
.CreateResourceGroupAsync(ResourceGroupName, AzureResourceLocation)
.ConfigureAwait(false);
}
await resourceGroup
.SetTagAsync("Test", Test.DisplayName)
.ConfigureAwait(false);
if (ProviderServicePrincipalId.HasValue)
{
var roleAssignments = await resourceGroup
.GetRoleAssignmentsAsync(ProviderServicePrincipalId.ToString())
.ConfigureAwait(false);
if (!roleAssignments.Contains(AzureRoleDefinition.Contributor))
{
await resourceGroup
.AddRoleAssignmentAsync(ProviderServicePrincipalId.ToString(), AzureRoleDefinition.Contributor)
.ConfigureAwait(false);
}
}
return(new AzureResourceGroup()
{
Id = resourceGroup.ResourceId.ToString(),
Name = ResourceGroupName,
Region = ResourceGroupLocation,
SubscriptionId = ResourceGroupSubscriptionId.GetValueOrDefault()
});
}
else
{
throw new NotSupportedException("Missing configuration value 'subscriptionId'");
}
}
private async Task EnsureResourceGroupAccessAsync(Project project, Guid principalId)
{
var resourceGroup = await azureResourceService
.GetResourceGroupAsync(project.ResourceGroup.SubscriptionId, project.ResourceGroup.Name, throwIfNotExists : true)
.ConfigureAwait(false);
if (resourceGroup != null)
{
var roleAssignments = await resourceGroup
.GetRoleAssignmentsAsync(principalId.ToString())
.ConfigureAwait(false);
if (!roleAssignments.Contains(AzureRoleDefinition.Contributor))
{
await resourceGroup
.AddRoleAssignmentAsync(principalId.ToString(), AzureRoleDefinition.Contributor)
.ConfigureAwait(false);
}
if (!roleAssignments.Contains(AzureRoleDefinition.UserAccessAdministrator))
{
await resourceGroup
.AddRoleAssignmentAsync(principalId.ToString(), AzureRoleDefinition.UserAccessAdministrator)
.ConfigureAwait(false);
}
}
}
public async Task RunActivity(
[ActivityTrigger] IDurableActivityContext activityContext,
ILogger log)
{
if (activityContext == null)
{
throw new ArgumentNullException(nameof(activityContext));
}
var project = activityContext.GetInput <ProjectDocument>();
if (!string.IsNullOrEmpty(project.ResourceGroup?.Id))
{
var resourceGroup = await azureResourceService
.GetResourceGroupAsync(project.ResourceGroup.SubscriptionId, project.ResourceGroup.Name)
.ConfigureAwait(false);
if (resourceGroup is null)
{
log.LogWarning($"Could not find resource group '{project.ResourceGroup.Name}' in subscription '{project.ResourceGroup.SubscriptionId}' for tagging.");
}
else
{
await resourceGroup
.SetTagsAsync(project.Tags)
.ConfigureAwait(false);
}
}
}
public async Task <string> RunActivity(
[ActivityTrigger] IDurableActivityContext activityContext,
ILogger log)
{
if (activityContext is null)
{
throw new ArgumentNullException(nameof(activityContext));
}
var resourceId = activityContext.GetInput <string>();
try
{
var resourceIdentifier = AzureResourceIdentifier.Parse(resourceId);
if (string.IsNullOrEmpty(resourceIdentifier.ResourceGroup))
{
throw new RetryCanceledException($"Resource id must include resource group information: {resourceId}");
}
else if (resourceIdentifier.ResourceTypes?.Any() ?? false)
{
throw new RetryCanceledException($"Resource id must not include resource type information: {resourceId}");
}
else
{
var resourceGroup = await azureResourceService
.GetResourceGroupAsync(resourceIdentifier.SubscriptionId, resourceIdentifier.ResourceGroup)
.ConfigureAwait(false);
if (resourceGroup is null)
{
return(default);
public async Task RunActivity(
[ActivityTrigger] Project project)
{
if (project == null)
{
throw new ArgumentNullException(nameof(project));
}
var resourceGroup = await azureResourceService
.GetResourceGroupAsync(project.ResourceGroup.SubscriptionId, project.ResourceGroup.ResourceGroupName, throwIfNotExists : true)
.ConfigureAwait(false);
await resourceGroup
.SetTagsAsync(project.Tags)
.ConfigureAwait(false);
}
public async Task RunActivity(
[ActivityTrigger] IDurableActivityContext functionContext)
{
if (functionContext is null)
{
throw new ArgumentNullException(nameof(functionContext));
}
var(projectId, principalId) = functionContext.GetInput <(string, Guid)>();
var project = await projectsRepository
.GetAsync(projectId)
.ConfigureAwait(false);
if (project is null)
{
throw new RetryCanceledException($"Could not find project '{projectId}'");
}
if (!string.IsNullOrEmpty(project.ResourceGroup?.Id))
{
var resourceGroup = await azureResourceService
.GetResourceGroupAsync(project.ResourceGroup.SubscriptionId, project.ResourceGroup.Name, throwIfNotExists : true)
.ConfigureAwait(false);
if (resourceGroup != null)
{
var roleAssignments = await resourceGroup
.GetRoleAssignmentsAsync(principalId.ToString())
.ConfigureAwait(false);
if (!roleAssignments.Contains(AzureRoleDefinition.Contributor))
{
await resourceGroup
.AddRoleAssignmentAsync(principalId.ToString(), AzureRoleDefinition.Contributor)
.ConfigureAwait(false);
}
if (!roleAssignments.Contains(AzureRoleDefinition.UserAccessAdministrator))
{
await resourceGroup
.AddRoleAssignmentAsync(principalId.ToString(), AzureRoleDefinition.UserAccessAdministrator)
.ConfigureAwait(false);
}
}
}
}
public async Task RunActivity(
[ActivityTrigger] IDurableActivityContext functionContext,
ILogger log)
{
if (functionContext is null)
{
throw new ArgumentNullException(nameof(functionContext));
}
var resourceId = functionContext.GetInput <string>();
try
{
var resourceIdentifier = AzureResourceIdentifier.Parse(resourceId);
if (string.IsNullOrEmpty(resourceIdentifier.ResourceGroup))
{
throw new RetryCanceledException($"Resource id must include resource group information: {resourceId}");
}
else if (resourceIdentifier.ResourceTypes?.Any() ?? false)
{
throw new RetryCanceledException($"Resource id must not include resource type information: {resourceId}");
}
else
{
var resourceGroup = await azureResourceService
.GetResourceGroupAsync(resourceIdentifier.SubscriptionId, resourceIdentifier.ResourceGroup)
.ConfigureAwait(false);
await(resourceGroup?.DeleteAsync(true) ?? Task.CompletedTask)
.ConfigureAwait(false);
}
}
catch (Exception exc)
{
log.LogError(exc, $"Activity '{nameof(ResourceGroupDeleteActivity)} failed: {exc.Message}");
throw exc.AsSerializable();
}
}
public async Task <IEnumerable <string> > RunActivity(
[ActivityTrigger] Project project,
ILogger log)
{
if (project is null)
{
throw new ArgumentNullException(nameof(project));
}
if (project.ResourceGroup is null)
{
return(Enumerable.Empty <string>());
}
using (log.BeginProjectScope(project))
{
try
{
var resourceGroup = await azureResourceService
.GetResourceGroupAsync(project.ResourceGroup.SubscriptionId, project.ResourceGroup.Name, throwIfNotExists : true)
.ConfigureAwait(false);
var resources = resourceGroup
.GetResourcesByTypeAsync("Microsoft.DevTestLab/labs");
return(await resources
.SelectAwait(resource => new ValueTask <string>(resource.ResourceId.ToString()))
.ToArrayAsync()
.ConfigureAwait(false));
}
catch (Exception exc)
{
log.LogError(exc, $"{nameof(ProjectResourceListActivity)} failed: {exc.Message}");
throw exc.AsSerializable();
}
}
}
protected override async Task <Component> UpdateComponentAsync(Component component, Organization componentOrganization, DeploymentScope componentDeploymentScope, Project componentProject, User contextUser, IAsyncCollector <ICommand> commandQueue)
{
if (component is null)
{
throw new ArgumentNullException(nameof(component));
}
if (AzureResourceIdentifier.TryParse(component.ResourceId, out var componentResourceId))
{
var tasks = new Task[] {
UpdateComponentRoleAssignmentsAsync(),
UpdateComponentTagsAsync()
};
await Task.WhenAll(tasks).ConfigureAwait(false);
}
return(component);
async Task UpdateComponentRoleAssignmentsAsync()
{
var roleAssignmentMap = await GetRoleAssignmentsAsync(component)
.ConfigureAwait(false);
if (AzureResourceIdentifier.TryParse(component.IdentityId, out var identityResourceId))
{
var session = await azureResourceService.AzureSessionService
.CreateSessionAsync(identityResourceId.SubscriptionId)
.ConfigureAwait(false);
var identity = await session.Identities
.GetByIdAsync(identityResourceId.ToString())
.ConfigureAwait(false);
roleAssignmentMap
.Add(identity.PrincipalId, Enumerable.Repeat(AzureRoleDefinition.Contributor, 1));
}
if (string.IsNullOrEmpty(componentResourceId.ResourceGroup))
{
var subscription = await azureResourceService
.GetSubscriptionAsync(componentResourceId.SubscriptionId, throwIfNotExists : true)
.ConfigureAwait(false);
if (subscription is not null)
{
await subscription.SetRoleAssignmentsAsync(roleAssignmentMap).ConfigureAwait(false);
}
}
else
{
var resourceGroup = await azureResourceService
.GetResourceGroupAsync(componentResourceId.SubscriptionId, componentResourceId.ResourceGroup, throwIfNotExists : true)
.ConfigureAwait(false);
if (resourceGroup is not null)
{
await resourceGroup.SetRoleAssignmentsAsync(roleAssignmentMap).ConfigureAwait(false);
}
}
}
async Task UpdateComponentTagsAsync()
{
var tenantId = await azureResourceService.AzureSessionService
.GetTenantIdAsync()
.ConfigureAwait(false);
var organization = await organizationRepository
.GetAsync(tenantId.ToString(), component.Organization, true)
.ConfigureAwait(false);
var project = await projectRepository
.GetAsync(component.Organization, component.ProjectId, true)
.ConfigureAwait(false);
var tags = organization.Tags
.Union(project.Tags)
.GroupBy(kvp => kvp.Key)
.ToDictionary(g => g.Key, g => g.First().Value);
if (string.IsNullOrEmpty(componentResourceId.ResourceGroup))
{
var subscription = await azureResourceService
.GetSubscriptionAsync(componentResourceId.SubscriptionId)
.ConfigureAwait(false);
if (subscription is not null)
{
await subscription.SetTagsAsync(tags, true).ConfigureAwait(false);
}
}
else
{
var resourceGroup = await azureResourceService
.GetResourceGroupAsync(componentResourceId.SubscriptionId, componentResourceId.ResourceGroup)
.ConfigureAwait(false);
if (resourceGroup is not null)
{
await resourceGroup.SetTagsAsync(tags, true).ConfigureAwait(false);
}
}
}
}
