Create files

.azure/backendTemplate.tf

@@ -0,0 +1,10 @@
+terraform {
+  backend "azurerm" {
+    resource_group_name  = "runyutestiac"
+    storage_account_name = "runyutestiacsa"
+    container_name       = "runyutestiaccontainer"
+    key                  = "{{.GroupName}}.tfstate"
+    use_azuread_auth     = true
+    subscription_id      = "de3c4d5e-af08-451a-a873-438d86ab6f4b"
+  }
+}

.azure/hooks/export

@@ -0,0 +1,7 @@
+#!/bin/bash
+group_paths=$(python -c "import json; print('\n'.join([x['groupPath'] for x in json.load(open('./.azure/export.json'))]))")
+
+for path in $group_paths
+do
+    mkdir -p $path
+done

.azure/hooks/generate

@@ -0,0 +1,88 @@
+#!/bin/bash
+set -e
+
+echo "Generating deployment pipeline"
+
+sed -i $'s/\r$//' ./.stages
+readarray -t stages < ./.stages
+
+groupTemplate='
+    {{.GroupName}}:
+        uses: ./.github/workflows/site-cd-workflow.yml
+        with:
+            working-directory: {{.Stage}}/{{.GroupName}}
+        secrets: inherit
+        needs: [{{.Stage}}]
+'
+
+stageTemplate='
+    {{.Stage}}:
+        name: {{.Stage}}
+        needs: [{{.GroupList}}]
+        runs-on: ubuntu-latest
+        steps:
+         - run: echo "running {{.Stage}} stage"
+'
+
+workflow='name: Terraform apply infra change
+
+on:
+  push:
+    branches: ["main"]
+  workflow_dispatch:
+
+permissions:
+  id-token: write
+  contents: read
+
+jobs:'
+backendTemplate=$(<.azure/backendTemplate.tf)
+
+for count in "${!stages[@]}"; do
+    stage=${stages[$count]}
+
+    if [ $count -eq 0 ]; then
+        stagejob=$(echo "$stageTemplate" | sed "s/{{.Stage}}/$stage/g" | grep -v 'needs: \[.*\]')
+        workflow+="$stagejob"
+    else
+        groupList=${stages[$count-1]}
+        pushd ./${stages[$count-1]} > /dev/null
+        for d in */ ; do
+            if [[ $d == "*/" ]]; then
+                break
+            fi
+            group=$(echo "$d" | sed 's/\///g' | sed 's/ /_/g')
+            groupList="$groupList,$group"
+        done
+        stagejob=$(echo "$stageTemplate" | sed "s/{{.Stage}}/$stage/g" | sed "s/{{.GroupList}}/$groupList/g")
+        workflow+="$stagejob"
+        popd > /dev/null
+    fi
+
+    pushd ./$stage > /dev/null
+    for d in */ ; do
+        if [[ $d == "*/" ]]; then
+            break
+        fi
+        group=$(echo "$d" | sed 's/\///g' | sed 's/ /_/g')
+        groupjob=$(echo "$groupTemplate" | sed "s/{{.GroupName}}/$group/g" | sed "s/{{.Stage}}/$stage/g")
+        workflow+="$groupjob"
+
+        #generate backend config file
+        backendConfigFile="./${group}/backend.tf"
+        echo $backendConfigFile
+        echo "$backendTemplate" | sed "s/{{.GroupName}}/$group/g" > "$backendConfigFile"
+        git add $backendConfigFile
+    done
+    popd > /dev/null
+done
+
+# create a workflow file
+workflowfile="./.github/workflows/deploy-infra.yml"
+if [ -f "$workflowfile" ]; then
+    rm "$workflowfile"
+fi  
+echo "$workflow" > "$workflowfile"
+git add $workflowfile
+
+echo "Generated deployment pipeline"

.azure/hooks/pre-commit

@@ -0,0 +1,12 @@
+#!/bin/bash
+set -e
+
+if [ -f ./.azure/scale.csv ]; then
+    ./.azure/hooks/scale
+fi
+
+if [ -f ./.azure/export.json ]; then
+    ./.azure/hooks/export
+fi
+
+./.azure/hooks/generate

.azure/hooks/scale

@@ -0,0 +1,23 @@
+#/bin/bash
+set -e
+
+gawk -v RS='"' 'NR % 2 == 0 { gsub(/\n/, "") } { printf("%s%s", $0, RT) }' ./.azure/scale.csv > ./.azure/scale.csv.tmp
+echo "" >> ./.azure/scale.csv.tmp
+
+skip_headers=2
+
+while IFS=, read -r stage siteId others 
+do
+    if ((skip_headers))
+    then
+        ((skip_headers--))
+    else
+        siteId=$(echo $siteId | tr -d '"')
+        echo "Stage:$stage, SiteId: $siteId"
+        # create folder if site id is not empty
+        if [ ! -z "$siteId" ]
+        then
+            mkdir -p ./$stage/$siteId
+        fi
+    fi
+done < ./.azure/scale.csv.tmp

.gitattributes

@@ -0,0 +1,7 @@
+* text=auto
+
+*.exe binary
+*.png binary
+*.jpg binary
+*.jpeg binary
+*.pdf binary

.github/workflows/export.yml

@@ -0,0 +1,115 @@
+name: Export Azure resource into config
+
+on:
+  push:
+    branches:
+      - '**'
+      - '!main'
+    paths:
+      - '.azure/export.json'
+  workflow_call:
+    inputs:
+      branch:
+        required: true
+        type: string
+
+permissions:
+  contents: write
+  id-token: write
+
+env:
+  ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
+  ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+  ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
+  ARM_USE_OIDC: true
+  TF_VAR_tenant: ${{ secrets.AZURE_TENANT_ID }}
+  TF_VAR_subscriptionId: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+  TF_VAR_localAdminUser: ${{ secrets.localAdminUser }}
+  TF_VAR_localAdminPassword: ${{ secrets.localAdminPassword }}
+  TF_VAR_domainAdminUser: ${{ secrets.domainAdminUser }}
+  TF_VAR_domainAdminPassword: ${{ secrets.domainAdminPassword }}
+  TF_VAR_deploymentUserName: ${{ secrets.deploymentUserName }}
+  TF_VAR_deploymentUserPassword: ${{ secrets.deploymentUserPassword }}
+  TF_VAR_servicePrincipalId: ${{ secrets.servicePrincipalId }}
+  TF_VAR_servicePrincipalSecret: ${{ secrets.servicePrincipalSecret }}
+  TF_VAR_rpServicePrincipalObjectId: ${{ secrets.rpServicePrincipalObjectId }}
+  TF_VAR_vmAdminPassword: ${{ secrets.vmAdminPassword }}
+  TF_VAR_domainJoinPassword: ${{ secrets.domainJoinPassword }}
+  HCI_RP_SP_ID: ${{ secrets.rpServicePrincipalObjectId }}
+
+jobs:
+  export:
+    environment: terraform
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v4
+    # checkout to input branch when input branch is not empty
+    - name: Checkout to input branch
+      if: ${{ inputs.branch != '' }}
+      run: |
+        git fetch origin ${{ inputs.branch }}
+        git checkout ${{ inputs.branch }}
+    # Install node
+    - uses: actions/setup-node@v4
+      with:
+        node-version: latest
+    - run: node --version
+    # Install the latest version of Terraform CLI
+    - name: Setup Terraform
+      uses: hashicorp/setup-terraform@v2
+      with:
+        terraform_wrapper: false
+    # check terraform version
+    - name: Check terraform version
+      run: terraform version
+    # az login
+    - name: Log in to Azure using OIDC
+      uses: azure/login@v1
+      with:
+        client-id: ${{ secrets.AZURE_CLIENT_ID }}
+        tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+        subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+    # check first 18 characters of az account user name
+    - name: Check az account
+      run: az account show --query user.name --output tsv | cut -c 1-18
+    # Download az-edge-module-export
+    - name: Download az-edge-module-export
+      run: |
+        wget "https://aka.ms/az-edge-module-export-linux-amd64" -O az-edge-module-export
+        chmod +x az-edge-module-export
+        ./az-edge-module-export -v
+    # Download az-edge-site-scale
+    - name: Download az-edge-site-scale
+      run: |
+        wget "https://aka.ms/az-edge-site-scale-linux-amd64" -O az-edge-site-scale
+        chmod +x az-edge-site-scale
+        ./az-edge-site-scale -v
+    # Run az-edge-module-export
+    - name: Run az-edge-module-export
+      run: |
+        ./az-edge-module-export -c ./.azure/export.json -b ./.azure/backendTemplate.tf
+        rm ./az-edge-module-export
+    # Generate sample csv file to scale
+    - name: Run az-edge-site-scale generate
+      run: |
+        mkdir -p ./.azure/scale
+        cat ./.azure/export.json | jq -r '.[]|[.baseModulePath, .groupPath] | @tsv' |
+          while IFS=$'\t' read -r baseModulePath groupPath; do
+              name=$(echo $baseModulePath | rev | cut -d '/' -f 1 | rev)
+              ./az-edge-site-scale generate -c ./.azure/scale/$name.csv -s $groupPath
+          done
+        rm ./az-edge-site-scale
+    - name: Clean up
+      run: |
+        rm ./.azure/export.json
+    # Commit and push the changes
+    - name: Commit and push the changes
+      if: always()
+      run: |
+        git config --global user.email "[email protected]"
+        git config --global user.name "IaC Exporter"
+        git add .
+        git commit -m "Export Azure resource into config"
+        git push
+    

.github/workflows/scale.yml

@@ -0,0 +1,71 @@
+name: Scale Edge Sites
+
+on:
+  push:
+    branches:
+      - '**'
+      - '!main'
+    paths:
+      - '.azure/scale.csv'
+  workflow_call:
+    inputs:
+      branch:
+        required: true
+        type: string
+
+permissions:
+  contents: write
+  id-token: write
+
+jobs:
+  scale:
+    environment: terraform
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v4
+    # checkout to input branch when input branch is not empty
+    - name: Checkout to input branch
+      if: ${{ inputs.branch != '' }}
+      run: |
+        git fetch origin ${{ inputs.branch }}
+        git checkout ${{ inputs.branch }}
+    # Install node
+    - uses: actions/setup-node@v4
+      with:
+        node-version: latest
+    - run: node --version
+    # az login
+    - name: Log in to Azure using OIDC
+      uses: azure/login@v1
+      with:
+        client-id: ${{ secrets.AZURE_CLIENT_ID }}
+        tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+        subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+    # check first 18 characters of az account user name
+    - name: Check az account
+      run: az account show --query user.name --output tsv | cut -c 1-18
+    # Download az-edge-site-scale
+    - name: Download az-edge-site-scale
+      run: |
+        wget "https://aka.ms/az-edge-site-scale-linux-amd64" -O az-edge-site-scale
+        chmod +x az-edge-site-scale
+        ./az-edge-site-scale -v
+    # Run az-edge-site-scale scale
+    - name: Run az-edge-site-scale scale
+      run: |
+        ./az-edge-site-scale scale -c ./.azure/scale.csv
+        rm ./az-edge-site-scale
+    - name: Clean up
+      run: |
+        rm ./.azure/scale.csv
+    # Commit and push the changes
+    - name: Commit and push the changes
+      if: always()
+      run: |
+        git config --global user.email "[email protected]"
+        git config --global user.name "IaC Scaler"
+        git add .
+        git commit -m "Scale more sites according to .azure/scale.csv"
+        git push
+