Skip to content

Commit 4ceff5e

Browse files
author
Florian Wagner
authored
Update to support PowerShell Core & Linux (#14)
Signed-off-by: Florian Wagner <[email protected]>
1 parent 8f9aad8 commit 4ceff5e

19 files changed

+410
-233
lines changed

Deploy/.gitignore

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,4 +3,6 @@ body.json
33
# Ignore zip file for publish
44
botnotselfcontained.zip
55
# Ignore Terraform tfvars
6-
*.tfvars.*
6+
*.tfvars.*
7+
# Ignore Terraform plan files (we just use this notation since internet search didn't brought any ideas)
8+
*.tfplan

Deploy/ActivateSSL.ps1

Lines changed: 29 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -23,51 +23,57 @@ param(
2323
[Parameter(HelpMessage="KeyVault certificate name")]
2424
[string] $KEYVAULT_CERT_NAME = "SSLcert"
2525
)
26+
# Import Helper functions
27+
. "$($MyInvocation.MyCommand.Path -replace($MyInvocation.MyCommand.Name))\HelperFunctions.ps1"
2628
# Helper var
2729
$success = $True
28-
$webAppsVariableFile = "webAppVariable.tfvars.json"
29-
# Tell who you are
30-
Write-Host "`n`n# Executing $($MyInvocation.MyCommand.Name)"
30+
$terraformFolder = "SSLActivation"
31+
$iaCFolder = "IaC"
32+
$webAppsVariableFile = "$(Get-ScriptPath)/$terraformFolder/webAppVariable.tfvars.json"
33+
34+
# Tell who you are (See HelperFunction.ps1)
35+
Write-WhoIAm
3136

3237
# 1. Read values from Terraform IaC run (Bot deployment scripts)
3338
Write-Host "## 1. Read values from Terraform IaC run (Bot deployment scripts)"
34-
$content = '{ "azure_webApps" : ' + $(terraform output -state=".\IaC\terraform.tfstate" -json webAppAccounts) + '}'
35-
Set-Content -Path ".\SSLActivation\$webAppsVariableFile" -Value $content
36-
$KeyVault = terraform output -state=".\IaC\terraform.tfstate" -json keyVault | ConvertFrom-Json
37-
$TrafficManager = terraform output -state=".\IaC\terraform.tfstate" -json trafficManager | ConvertFrom-Json
38-
$Bot = terraform output -state=".\IaC\terraform.tfstate" -json bot | ConvertFrom-Json
39+
$content = '{ "azure_webApps" : ' + $(terraform output -state="$(Get-ScriptPath)/$iaCFolder/terraform.tfstate" -json webAppAccounts) + '}'
40+
$success = $success -and $?
41+
$KeyVault = terraform output -state="$(Get-ScriptPath)/$iaCFolder/terraform.tfstate" -json keyVault | ConvertFrom-Json
42+
$success = $success -and $?
43+
$TrafficManager = terraform output -state="$(Get-ScriptPath)/$iaCFolder/terraform.tfstate" -json trafficManager | ConvertFrom-Json
44+
$success = $success -and $?
45+
$Bot = terraform output -state="$(Get-ScriptPath)/$iaCFolder/terraform.tfstate" -json bot | ConvertFrom-Json
46+
$success = $success -and $?
47+
48+
# Set Variable File for webApps
49+
Set-Content -Path "$webAppsVariableFile" -Value $content
50+
3951

4052
# 2. Terraform execution to activate certificate and map TrafficManager endpoints
4153
Write-Host "## 2. Terraform execution to activate certificate and map TrafficManager endpoints"
42-
if ($AUTOAPPROVE -eq $True)
43-
{
44-
$AUTOFLAG = "-auto-approve"
45-
} else {
46-
$AUTOFLAG = ""
47-
}
48-
4954
if ($YOUR_DOMAIN -eq "")
5055
{
5156
$YOUR_DOMAIN = $TrafficManager.fqdn
5257
}
5358

54-
Set-Location SSLActivation
55-
terraform init
59+
# Terraform init
60+
terraform init "$(Get-ScriptPath)/$terraformFolder"
61+
# Terraform apply
5662
terraform apply -var "keyVault_name=$($KeyVault.name)" -var "keyVault_rg=$($KeyVault.resource_group)" `
57-
-var "your_domain=$YOUR_DOMAIN" `
58-
-var "trafficmanager_name=$($TrafficManager.name)" -var "trafficmanager_rg=$($TrafficManager.resource_group)" `
59-
-var-file="$webAppsVariableFile" `
60-
-var "keyVault_cert_name=$KEYVAULT_CERT_NAME" $AUTOFLAG
63+
-var "your_domain=$YOUR_DOMAIN" -var "trafficmanager_name=$($TrafficManager.name)" `
64+
-var "trafficmanager_rg=$($TrafficManager.resource_group)" `
65+
-var-file="$webAppsVariableFile" -var "keyVault_cert_name=$KEYVAULT_CERT_NAME" `
66+
-state="$(Get-ScriptPath)/$terraformFolder/terraform.tfstate" $(Get-TerraformAutoApproveFlag $AUTOAPPROVE) "$(Get-ScriptPathTerraformApply)/$terraformFolder"
6167
$success = $success -and $?
62-
Set-Location ..
6368

6469
# CleanUp
65-
Remove-Item -Path ".\SSLActivation\$webAppsVariableFile"
70+
Remove-Item -Path "$webAppsVariableFile"
6671

6772
# 3. Update Bot Endpoint
6873
Write-Host "## 3. Update Bot Endpoint"
6974
az bot update --resource-group $Bot.resource_group --name $Bot.name --endpoint "https://$YOUR_DOMAIN/api/messages"
7075
$success = $success -and $?
7176

7277
# Return execution status
78+
Write-ExecutionStatus -success $success
7379
exit $success

Deploy/CheckExistingSSL.ps1

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -15,12 +15,14 @@ param(
1515
[Parameter(HelpMessage="KeyVault certificate name")]
1616
[string] $KEYVAULT_CERT_NAME = "SSLcert"
1717
)
18-
# Tell who you are
19-
Write-Host "`n`n# Executing $($MyInvocation.MyCommand.Name)"
18+
# Import Helper functions
19+
. "$($MyInvocation.MyCommand.Path -replace($MyInvocation.MyCommand.Name))\HelperFunctions.ps1"
20+
# Tell who you are (See HelperFunction.ps1)
21+
Write-WhoIAm
2022

2123
# 1. Read values from Terraform IaC run (Bot deployment scripts)
2224
Write-Host "## 1. Read values from Terraform IaC run (Bot deployment scripts)"
23-
$KeyVault = terraform output -state=".\IaC\terraform.tfstate" -json keyVault | ConvertFrom-Json
25+
$KeyVault = terraform output -state="$(Get-ScriptPath)/IaC/terraform.tfstate" -json keyVault | ConvertFrom-Json
2426

2527
# 2. Check if certificate exists in Key Vault
2628
Write-Host "## 2. Check if certificate exists in Key Vault"

Deploy/CheckServiceAvailability.ps1

Lines changed: 0 additions & 24 deletions
This file was deleted.

Deploy/CreateOrImportSSL.ps1

Lines changed: 15 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -25,6 +25,10 @@ param(
2525
[Parameter(HelpMessage="The domain (CN) name for the SSL certificate")]
2626
[string] $YOUR_DOMAIN,
2727

28+
# Only needed in Issuing Mode
29+
[Parameter(HelpMessage="`$True -> Use Let's Encrypt staging for script testing (Bot cannot be reached from Bot Framework Service) - Default: `$False")]
30+
[string] $LETS_ENCRYPT_STAGING = $False,
31+
2832
[Parameter(HelpMessage="SSL CERT (PFX Format) file location")]
2933
[string] $PFX_FILE_LOCATION,
3034

@@ -46,20 +50,22 @@ param(
4650
[Parameter(HelpMessage="To change existing infrastructure, e.g. skips DNS check. `$False -> first run/no infrastructure, `$True -> subsequent run, existing infrastructure")]
4751
[bool] $RERUN = $False
4852
)
49-
# Tell who you are
50-
Write-Host "`n`n# Executing $($MyInvocation.MyCommand.Name)"
53+
# Import Helper functions
54+
. "$($MyInvocation.MyCommand.Path -replace($MyInvocation.MyCommand.Name))\HelperFunctions.ps1"
55+
# Tell who you are (See HelperFunction.ps1)
56+
Write-WhoIAm
5157

5258
# Helper Variable
5359
$success = $True
5460
$sslexists = $False
5561

5662
# Validate Input parameter combination
57-
$validationresult = .\ValidateParameter.ps1 -YOUR_CERTIFICATE_EMAIL $YOUR_CERTIFICATE_EMAIL -YOUR_DOMAIN $YOUR_DOMAIN -PFX_FILE_LOCATION $PFX_FILE_LOCATION -PFX_FILE_PASSWORD $PFX_FILE_PASSWORD -AUTOAPPROVE $AUTOAPPROVE -ALREADYCONFIRMED $ALREADYCONFIRMED
63+
$validationresult = & "$(Get-ScriptPath)\ValidateParameter.ps1" -YOUR_CERTIFICATE_EMAIL $YOUR_CERTIFICATE_EMAIL -YOUR_DOMAIN $YOUR_DOMAIN -PFX_FILE_LOCATION $PFX_FILE_LOCATION -PFX_FILE_PASSWORD $PFX_FILE_PASSWORD -AUTOAPPROVE $AUTOAPPROVE -ALREADYCONFIRMED $ALREADYCONFIRMED
5864

5965
# Check if SSL Certificate exists
6066
if ($FORCE -eq $False)
6167
{
62-
$sslexists = .\CheckExistingSSL.ps1 -KEYVAULT_CERT_NAME $KEYVAULT_CERT_NAME
68+
$sslexists = & "$(Get-ScriptPath)\CheckExistingSSL.ps1" -KEYVAULT_CERT_NAME $KEYVAULT_CERT_NAME
6369
}
6470

6571
if ($validationresult -and (-not $sslexists))
@@ -68,7 +74,7 @@ if ($validationresult -and (-not $sslexists))
6874
if ($FORCE -eq $True)
6975
{
7076
Write-Host "## 0. Deactivate SSL Endpoints"
71-
.\DeactivateSSL.ps1
77+
& "$(Get-ScriptPath)\DeactivateSSL.ps1"
7278
$success = $success -and $LASTEXITCODE
7379
}
7480

@@ -79,13 +85,13 @@ if ($validationresult -and (-not $sslexists))
7985
# Import Mode
8086
Write-Host "### Import Mode, load local PFX file"
8187
# Execute Import Script
82-
.\ImportSSL.ps1 -PFX_FILE_LOCATION $PFX_FILE_LOCATION -PFX_FILE_PASSWORD $PFX_FILE_PASSWORD -KEYVAULT_CERT_NAME $KEYVAULT_CERT_NAME
88+
& "$(Get-ScriptPath)\ImportSSL.ps1" -PFX_FILE_LOCATION $PFX_FILE_LOCATION -PFX_FILE_PASSWORD $PFX_FILE_PASSWORD -KEYVAULT_CERT_NAME $KEYVAULT_CERT_NAME
8389
$success = $success -and $LASTEXITCODE
8490
}
8591
else {
8692
# Issuing Mode
8793
Write-Host "### Issuing Mode, issue new certificate and directly upload it to KeyVault from within a container"
88-
.\CreateSSL.ps1 -YOUR_CERTIFICATE_EMAIL $YOUR_CERTIFICATE_EMAIL -YOUR_DOMAIN $YOUR_DOMAIN -KEYVAULT_CERT_NAME $KEYVAULT_CERT_NAME -AUTOAPPROVE $AUTOAPPROVE
94+
& "$(Get-ScriptPath)\CreateSSL.ps1" -YOUR_CERTIFICATE_EMAIL $YOUR_CERTIFICATE_EMAIL -YOUR_DOMAIN $YOUR_DOMAIN -LETS_ENCRYPT_STAGING $LETS_ENCRYPT_STAGING -KEYVAULT_CERT_NAME $KEYVAULT_CERT_NAME -AUTOAPPROVE $AUTOAPPROVE
8995
$success = $success -and $LASTEXITCODE
9096
}
9197

@@ -98,9 +104,10 @@ if ((($success -eq $True) -and ($validationresult -eq $True)) -or ($RERUN -eq $T
98104
{
99105
# 2. Activate SSL Endpoint
100106
Write-Host "## 2. Activate SSL Endpoints"
101-
.\ActivateSSL.ps1 -YOUR_DOMAIN $YOUR_DOMAIN -AUTOAPPROVE $AUTOAPPROVE
107+
& "$(Get-ScriptPath)\ActivateSSL.ps1" -YOUR_DOMAIN $YOUR_DOMAIN -AUTOAPPROVE $AUTOAPPROVE
102108
$success = $success -and $LASTEXITCODE
103109
}
104110

105111
# Return execution status
112+
Write-ExecutionStatus -success $success
106113
exit $success

Deploy/CreateRegionVariableFile.ps1

Lines changed: 0 additions & 39 deletions
This file was deleted.

Deploy/CreateSSL.ps1

Lines changed: 35 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -21,8 +21,8 @@ param(
2121
[Parameter(HelpMessage="The domain (CN) name for the SSL certificate")]
2222
[string] $YOUR_DOMAIN,
2323

24-
[Parameter(HelpMessage="Flag if production or stage of Let's Encrypt will be used. 0 -> Staging 1 -> Production")]
25-
[int] $PRODUCTION = 1,
24+
[Parameter(HelpMessage="`$True -> Use Let's Encrypt staging for script testing (Bot cannot be reached from Bot Framework Service) - Default: `$False")]
25+
[string] $LETS_ENCRYPT_STAGING = $False,
2626

2727
[Parameter(HelpMessage="Terraform Automation Flag. `$False -> Interactive, Approval `$True -> Automatic Approval")]
2828
[bool] $AUTOAPPROVE = $False,
@@ -38,25 +38,28 @@ $success = $True
3838
$loopcount = 0
3939
$waitretrysec = 10
4040
$loopmax = (60 * $MAX_WAIT_TIME_MIN ) / $waitretrysec
41-
42-
# Tell who you are
43-
Write-Host "`n`n# Executing $($MyInvocation.MyCommand.Name)"
41+
$terraformFolder = "SSLIssuing"
42+
$iaCFolder = "IaC"
43+
if ($LETS_ENCRYPT_STAGING) {
44+
$PRODUCTION = 0
45+
} else {
46+
$PRODUCTION = 1
47+
}
48+
# Import Helper functions
49+
. "$($MyInvocation.MyCommand.Path -replace($MyInvocation.MyCommand.Name))\HelperFunctions.ps1"
50+
# Tell who you are (See HelperFunction.ps1)
51+
Write-WhoIAm
4452

4553
# 1. Read values from Terraform IaC run (Bot deployment scripts)
4654
Write-Host "## 1. Read values from Terraform IaC run (Bot deployment scripts)"
47-
$KeyVault = terraform output -state=".\IaC\terraform.tfstate" -json keyVault | ConvertFrom-Json
48-
$TrafficManager = terraform output -state=".\IaC\terraform.tfstate" -json trafficManager | ConvertFrom-Json
55+
$KeyVault = terraform output -state="$(Get-ScriptPath)/$iaCFolder/terraform.tfstate" -json keyVault | ConvertFrom-Json
56+
$success = $success -and $?
57+
$TrafficManager = terraform output -state="$(Get-ScriptPath)/$iaCFolder/terraform.tfstate" -json trafficManager | ConvertFrom-Json
58+
$success = $success -and $?
4959

5060
# 2. Apply Terraform for SSLIssuing
5161
Write-Host "## 2. Apply Terraform for SSLIssuing"
5262

53-
if ($AUTOAPPROVE -eq $True)
54-
{
55-
$AUTOFLAG = "-auto-approve"
56-
} else {
57-
$AUTOFLAG = ""
58-
}
59-
6063
if ($YOUR_DOMAIN -eq "")
6164
{
6265
# If no custom domain is given use DNS of Traffic Manager Profile
@@ -68,31 +71,34 @@ elseif ($YOUR_DOMAIN -ne $TrafficManager.fqdn) {
6871
az network traffic-manager endpoint create --profile-name $TrafficManager.name --resource-group $TrafficManager.resource_group --name dummy --type externalEndpoints --endpoint-location koreacentral --target www.bing.com > $null
6972

7073
# If a custom domain is set check if CNAME to TrafficManager FQDN is set
71-
$resolved = Resolve-DnsName -Name $YOUR_DOMAIN -DnsOnly 2> $null
72-
73-
while ((($? -eq $False) -or (($resolved.NameHost | Where-Object -FilterScript { $_ -eq $TrafficManager.fqdn }) -ne $TrafficManager.fqdn)) -and ($loopcount -le $loopmax))
74+
# Not working in PowerShellCore: $resolved = Resolve-DnsName -Name $YOUR_DOMAIN -DnsOnly 2> $null
75+
# Changing to nslookup
76+
$resolved = nslookup $FQDN 2> $null
77+
while (((($resolved | Select-String $TrafficManager.fqdn).Length -eq 0)) -and ($loopcount -le $loopmax))
7478
{
7579
$loopcount++
7680
Write-Host "### WARNING, there is no CNAME entry for domain '$YOUR_DOMAIN' pointing to '$($TrafficManager.fqdn)'."
7781
Write-Host "### Please check your DNS entry, or create the missing CNAME entry. Sleeping for $waitretrysec seconds and try again..."
7882
Start-Sleep -s $waitretrysec
79-
$resolved = Resolve-DnsName -Name $YOUR_DOMAIN -DnsOnly 2> $null
83+
#$resolved = Resolve-DnsName -Name $YOUR_DOMAIN -DnsOnly 2> $null
84+
$resolved = nslookup $FQDN 2> $null
8085
}
8186

8287
# delete dummy endpoint again
8388
az network traffic-manager endpoint delete --name dummy --type externalEndpoints --profile-name $TrafficManager.name --resource-group $TrafficManager.resource_group > $null
8489
# TrafficManager healthcheck profile will be changed back in SSLActivate Terraform (ActivateSSL.ps1)
8590
}
8691

87-
Set-Location SSLIssuing
88-
terraform init
92+
# Terraform Init
93+
terraform init "$(Get-ScriptPath)/$terraformFolder"
94+
# Terraform Apply
8995
terraform apply -var "keyVault_name=$($KeyVault.name)" -var "keyVault_rg=$($KeyVault.resource_group)" `
9096
-var "your_certificate_email=$YOUR_CERTIFICATE_EMAIL" -var "your_domain=$YOUR_DOMAIN" `
9197
-var "trafficmanager_name=$($TrafficManager.name)" -var "trafficmanager_rg=$($TrafficManager.resource_group)" `
9298
-var "aci_rg=$($KeyVault.resource_group)" -var "aci_location=$($KeyVault.location)" `
93-
-var "keyVault_cert_name=$KEYVAULT_CERT_NAME" -var "production=$PRODUCTION" $AUTOFLAG
99+
-var "keyVault_cert_name=$KEYVAULT_CERT_NAME" `
100+
-var "production=$PRODUCTION" -state="$(Get-ScriptPath)/$terraformFolder/terraform.tfstate" $(Get-TerraformAutoApproveFlag $AUTOAPPROVE) "$(Get-ScriptPathTerraformApply)/$terraformFolder"
94101
$success = $success -and $?
95-
Set-Location ..
96102

97103
# 3. Check for creation of certificate
98104
Write-Host "## 3. Check for availability of certificate"
@@ -110,15 +116,18 @@ Write-Host "## Certificate found!"
110116

111117
# 4. Destroy Terraform SSLIssuing
112118
Write-Host "## 4. Destroy unneccessary infrastructure again"
113-
Set-Location SSLIssuing
114-
terraform init
119+
120+
# Terraform Init (should not be needed)
121+
terraform init "$(Get-ScriptPath)/$terraformFolder"
122+
# Terraform Destroy
115123
terraform destroy -var "keyVault_name=$($KeyVault.name)" -var "keyVault_rg=$($KeyVault.resource_group)" `
116124
-var "your_certificate_email=$YOUR_CERTIFICATE_EMAIL" -var "your_domain=$YOUR_DOMAIN" `
117125
-var "trafficmanager_name=$($TrafficManager.name)" -var "trafficmanager_rg=$($TrafficManager.resource_group)" `
118126
-var "aci_rg=$($KeyVault.resource_group)" -var "aci_location=$($KeyVault.location)" `
119-
-var "keyVault_cert_name=$KEYVAULT_CERT_NAME" -var "production=$PRODUCTION" $AUTOFLAG
127+
-var "keyVault_cert_name=$KEYVAULT_CERT_NAME" `
128+
-var "production=$PRODUCTION" -state="$(Get-ScriptPath)/$terraformFolder/terraform.tfstate" $(Get-TerraformAutoApproveFlag $AUTOAPPROVE) "$(Get-ScriptPathTerraformApply)/$terraformFolder"
120129
$success = $success -and $?
121-
Set-Location ..
122130

123131
# Return execution status
132+
Write-ExecutionStatus -success $success
124133
exit $success

Deploy/DeactivateSSL.ps1

Lines changed: 8 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -14,13 +14,16 @@ param(
1414
)
1515
# Helper var
1616
$success = $True
17-
18-
# Tell who you are
19-
Write-Host "`n`n# Executing $($MyInvocation.MyCommand.Name)"
17+
$iaCFolder = "IaC"
18+
# Import Helper functions
19+
. "$($MyInvocation.MyCommand.Path -replace($MyInvocation.MyCommand.Name))\HelperFunctions.ps1"
20+
# Tell who you are (See HelperFunction.ps1)
21+
Write-WhoIAm
2022

2123
# 1. Read values from Terraform IaC run (Bot deployment scripts)
2224
Write-Host "## 1. Read values from Terraform IaC run (Bot deployment scripts)"
23-
$TrafficManager = terraform output -state=".\IaC\terraform.tfstate" -json trafficManager | ConvertFrom-Json
25+
$TrafficManager = terraform output -state="$(Get-ScriptPath)/$iaCFolder/terraform.tfstate" -json trafficManager | ConvertFrom-Json
26+
$success = $success -and $?
2427

2528
# 2. Delete all TrafficManager endpoints
2629
Write-Host "## 2. Delete all TrafficManager endpoints"
@@ -36,4 +39,5 @@ $endpoints.foreach({
3639
})
3740

3841
# Return execution status
42+
Write-ExecutionStatus -success $success
3943
exit $success

0 commit comments

Comments
 (0)