async Task <string> CreateVmSettingsString(string region, int vmId, int studyId, int sandboxId, VirtualMachineCreateDto userInput) { var vmSettings = _mapper.Map <VmSettingsDto>(userInput); var availableOs = await _virtualMachineOperatingSystemService.AvailableOperatingSystems(region); vmSettings.OperatingSystemCategory = AzureVmUtil.GetOsCategory(availableOs, vmSettings.OperatingSystem); vmSettings.Password = await StoreNewVmPasswordAsKeyVaultSecretAndReturnReference(studyId, sandboxId, vmSettings.Password); var diagStorageResource = await CloudResourceQueries.GetDiagStorageAccountEntry(_db, sandboxId); vmSettings.DiagnosticStorageAccountName = diagStorageResource.ResourceName; var networkResource = await CloudResourceQueries.GetNetworkEntry(_db, sandboxId); vmSettings.NetworkName = networkResource.ResourceName; var networkSetting = CloudResourceConfigStringSerializer.NetworkSettings(networkResource.ConfigString); vmSettings.SubnetName = networkSetting.SandboxSubnetName; vmSettings.Rules = VmRuleUtils.CreateInitialVmRules(vmId); return(CloudResourceConfigStringSerializer.Serialize(vmSettings)); }
async Task ScheduleCreationOfSandboxResourceGroupRoleAssignments(SandboxResourceCreationAndSchedulingDto dto, ProvisioningQueueParentDto queueParentItem) { var desiredState = CloudResourceConfigStringSerializer.Serialize(new CloudResourceOperationStateForRoleUpdate(dto.StudyId)); var resourceGroupCreateOperation = dto.ResourceGroup.Operations.FirstOrDefault().Id; var updateOpId = await _cloudResourceOperationCreateService.CreateUpdateOperationAsync(dto.ResourceGroup.Id, CloudResourceOperationType.ENSURE_ROLES, dependsOn : resourceGroupCreateOperation, desiredState : desiredState); queueParentItem.Children.Add(new ProvisioningQueueChildDto() { ResourceOperationId = updateOpId.Id }); }
public static string TranslateAllowedIpsToOperationDesiredState(List <DatasetFirewallRule> datasetFirewallRules) { if (datasetFirewallRules.Count == 0) { return(null); } var translated = TranslateAllowedIpsToGenericFirewallRule(datasetFirewallRules); return(CloudResourceConfigStringSerializer.Serialize(translated)); }
async Task ScheduleResourceGroupRoleAssignments(Study study, CloudResource resourceGroup, ProvisioningQueueParentDto queueParentItem) { var participants = await _db.StudyParticipants.Include(sp => sp.User).Where(p => p.StudyId == study.Id).ToListAsync(); var desiredState = CloudResourceConfigStringSerializer.Serialize(new CloudResourceOperationStateForRoleUpdate(study.Id)); var resourceGroupCreateOperation = CloudResourceOperationUtil.GetCreateOperation(resourceGroup); var roleAssignmentUpdateOperation = await _cloudResourceOperationCreateService.CreateUpdateOperationAsync(resourceGroup.Id, CloudResourceOperationType.ENSURE_ROLES, dependsOn : resourceGroupCreateOperation.Id, desiredState : desiredState); ProvisioningQueueUtil.CreateChildAndAdd(queueParentItem, roleAssignmentUpdateOperation); }
protected async Task CreateRoleUpdateOperationsAsync(int studyId) { var resourcesToUpdate = await _cloudResourceReadService.GetDatasetResourceGroupIdsForStudy(studyId); resourcesToUpdate.AddRange(await _cloudResourceReadService.GetSandboxResourceGroupIdsForStudy(studyId)); foreach (var currentResourceId in resourcesToUpdate) { var desiredState = CloudResourceConfigStringSerializer.Serialize(new CloudResourceOperationStateForRoleUpdate(studyId)); var updateOperation = await _cloudResourceOperationCreateService.CreateUpdateOperationAsync(currentResourceId, CloudResourceOperationType.ENSURE_ROLES, desiredState : desiredState); await _provisioningQueueService.CreateItemAndEnqueue(updateOperation); } }
async Task ScheduleCreationOfVirtualNetwork(SandboxResourceCreationAndSchedulingDto dto, ProvisioningQueueParentDto queueParentItem) { var networkName = AzureResourceNameUtil.VNet(dto.StudyName, dto.SandboxName); var sandboxSubnetName = AzureResourceNameUtil.SubNet(dto.StudyName, dto.SandboxName); var networkSettings = new NetworkSettingsDto() { SandboxSubnetName = sandboxSubnetName }; var networkSettingsString = CloudResourceConfigStringSerializer.Serialize(networkSettings); var nsgCreateOperation = dto.NetworkSecurityGroup.Operations.FirstOrDefault().Id; var resourceEntry = await CreateResourceEntryAndAddToQueue(dto, queueParentItem, AzureResourceType.VirtualNetwork, resourceName : networkName, configString : networkSettingsString, dependsOn : nsgCreateOperation); dto.Network = resourceEntry; }
static string CreateVmSettingsString(string size = VirtualMachineConstants.SIZE, string osCategory = "windows", string os = "win2019datacenter") { var vmSettings = new VmSettingsDto() { DiagnosticStorageAccountName = "diagstorageaccountname", NetworkName = "networkName", SubnetName = "subnetname", Size = size, Rules = VmRuleUtils.CreateInitialVmRules(1), OperatingSystemCategory = osCategory, OperatingSystem = os, Username = VirtualMachineConstants.USERNAME, Password = "******", }; return(CloudResourceConfigStringSerializer.Serialize(vmSettings)); }
public async Task <List <VmRuleDto> > SetRules(int vmId, List <VmRuleDto> updatedRuleSet, CancellationToken cancellationToken = default) { var vm = await GetVirtualMachineResourceEntry(vmId, UserOperation.Study_Crud_Sandbox); //Get config string var vmSettings = CloudResourceConfigStringSerializer.VmSettings(vm.ConfigString); await ValidateRuleUpdateInputThrowIfNot(vm, vmSettings.Rules, updatedRuleSet); bool saveAfterwards = false; if (updatedRuleSet == null || updatedRuleSet != null && updatedRuleSet.Count == 0) //Easy, all rules should be deleted { vmSettings.Rules = null; saveAfterwards = true; } else { var newRules = updatedRuleSet.Where(r => String.IsNullOrWhiteSpace(r.Name)).ToList(); var rulesThatShouldExistAllready = updatedRuleSet.Where(r => !String.IsNullOrWhiteSpace(r.Name)).ToList(); //Check that the new rules does not have a duplicate in existing rules foreach (var curNew in newRules) { ThrowIfRuleExists(rulesThatShouldExistAllready, curNew); } foreach (var curRule in updatedRuleSet) { if (curRule.Direction == RuleDirection.Inbound) { if (curRule.Action == RuleAction.Deny) { throw new ArgumentException("Inbound rules can only have Action: Allow"); } if (String.IsNullOrWhiteSpace(curRule.Name)) { curRule.Name = AzureResourceNameUtil.NsgRuleNameForVm(vmId); //curRule.Priority = AzureVmUtil.GetNextVmRulePriority(updatedRuleSet, curRule.Direction); } } else { if (String.IsNullOrWhiteSpace(curRule.Name) || !curRule.Name.Contains(AzureVmConstants.RulePresets.OPEN_CLOSE_INTERNET)) { throw new ArgumentException("Custom outbound rules are not allowed"); } } } vmSettings.Rules = updatedRuleSet; saveAfterwards = true; } if (saveAfterwards) { vm.ConfigString = CloudResourceConfigStringSerializer.Serialize(vmSettings); await _db.SaveChangesAsync(); await CreateUpdateOperationAndAddQueueItem(vm, "Updated rules"); } return(updatedRuleSet != null ? updatedRuleSet : new List <VmRuleDto>()); }