in bicep/files-to-load/cyclecloud_install.py [0:0]
def cyclecloud_account_setup(vm_metadata, use_managed_identity, tenant_id, application_id, application_secret,
admin_user, azure_cloud, accept_terms, password, storageAccount, no_default_account,
webserver_port, storage_managed_identity, accept_marketplace_terms):
print("Setting up azure account in CycleCloud and initializing cyclecloud CLI")
if not accept_terms:
print("Accept terms was FALSE !!!!! Over-riding for now...")
accept_terms = True
# if path.isfile(cycle_root + "/config/data/account_data.json.imported"):
# print 'Azure account is already configured in CycleCloud. Skipping...'
# return
subscription_id = vm_metadata["compute"]["subscriptionId"]
location = vm_metadata["compute"]["location"]
resource_group = vm_metadata["compute"]["resourceGroupName"]
random_suffix = ''.join(random.SystemRandom().choice(
ascii_lowercase) for _ in range(14))
cyclecloud_admin_pw = ""
if password:
print('Password specified, using it as the admin password')
cyclecloud_admin_pw = password
else:
cyclecloud_admin_pw = generate_password_string()
if storageAccount:
print('Storage account specified, using it as the default locker')
storage_account_name = storageAccount
else:
storage_account_name = 'cyclecloud{}'.format(random_suffix)
azure_data = {
"Environment": azure_cloud,
"AzureRMUseManagedIdentity": use_managed_identity,
"AzureResourceGroup": resource_group,
"AzureRMApplicationId": application_id,
"AzureRMApplicationSecret": application_secret,
"AzureRMSubscriptionId": subscription_id,
"AzureRMTenantId": tenant_id,
"DefaultAccount": True,
"Location": location,
"Name": "azure",
"Provider": "azure",
"ProviderId": subscription_id,
"RMStorageAccount": storage_account_name,
"RMStorageContainer": "cyclecloud",
"AcceptMarketplaceTerms": accept_marketplace_terms
}
distribution_method ={
"Category": "system",
"Status": "internal",
"AdType": "Application.Setting",
"Description": "CycleCloud distribution method e.g. marketplace, container, manual.",
"Value": "container",
"Name": "distribution_method"
}
if use_managed_identity:
azure_data["AzureRMUseManagedIdentity"] = True
if storage_managed_identity:
azure_data["LockerIdentity"] = storage_managed_identity
azure_data["LockerAuthMode"] = "ManagedIdentity"
else:
azure_data["LockerAuthMode"] = "SharedAccessKey"
app_setting_installation = {
"AdType": "Application.Setting",
"Name": "cycleserver.installation.complete",
"Value": True
}
initial_user = {
"AdType": "Application.Setting",
"Name": "cycleserver.installation.initial_user",
"Value": admin_user
}
account_data = [
initial_user,
distribution_method,
app_setting_installation
]
if accept_terms:
# Terms accepted, auto-create login user account as well
login_user = {
"AdType": "AuthenticatedUser",
"Name": admin_user,
"RawPassword": cyclecloud_admin_pw,
"Superuser": True
}
account_data.append(login_user)
account_data_file = tmpdir + "/account_data.json"
with open(account_data_file, 'w') as fp:
json.dump(account_data, fp)
config_path = os.path.join(cycle_root, "config/data/")
_catch_sys_error(["chown", "cycle_server:cycle_server", account_data_file])
# Don't use copy2 here since ownership matters
# copy2(account_data_file, config_path)
_catch_sys_error(["mv", account_data_file, config_path])
sleep(5)
if not accept_terms:
# reset the installation status so the splash screen re-appears
print("Resetting installation")
sql_statement = 'update Application.Setting set Value = false where name ==\"cycleserver.installation.complete\"'
_catch_sys_error(
["/opt/cycle_server/cycle_server", "execute", sql_statement])
# If using a random password, we need to reset it on each container restart (since we regenerated it above)
# But do is AFTER user is created in CC
if not password:
cyclecloud_admin_pw = reset_cyclecloud_pw(admin_user)
initialize_cyclecloud_cli(admin_user, cyclecloud_admin_pw, webserver_port)
if no_default_account:
print("Skipping default account creation (--noDefaultAccount).")
else:
output = _catch_sys_error(["/usr/local/bin/cyclecloud", "account", "show", "azure"])
if 'Credentials: azure' in str(output):
print("Account \"azure\" already exists. Skipping account setup...")
else:
azure_data_file = tmpdir + "/azure_data.json"
with open(azure_data_file, 'w') as fp:
json.dump(azure_data, fp)
print("CycleCloud account data:")
print(json.dumps(azure_data))
# wait until Managed Identity is ready for use before creating the Account
if use_managed_identity:
get_vm_managed_identity()
# create the cloud provide account
print("Registering Azure subscription in CycleCloud")
_catch_sys_error(["/usr/local/bin/cyclecloud", "account",
"create", "-f", azure_data_file])