From 8b9d545daeb6e742c9bef6f43ff38d3828709f86 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Tue, 19 Jul 2022 18:23:35 -0400 Subject: [PATCH 001/141] Update azuredeploy.json Removed vmss profile values --- Azure-ARM/azuredeploy.json | 16 +--------------- 1 file changed, 1 insertion(+), 15 deletions(-) diff --git a/Azure-ARM/azuredeploy.json b/Azure-ARM/azuredeploy.json index 2cf3ff29..3a190015 100644 --- a/Azure-ARM/azuredeploy.json +++ b/Azure-ARM/azuredeploy.json @@ -498,21 +498,7 @@ "osType": "Windows", "vnetSubnetID": "[if(not(empty(variables('KubernetesVnetResourceGroup'))),variables('vnetId'),json('null'))]" } - ], - "linuxProfile": { - "adminUsername": "azureuser", - "ssh": { - "publicKeys": [ - { - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDOJtY73a8o8/+lSlrEycIchV77zZJeXHZT1+Lvhf97yrmPIU5hiVDLm3z8gD8sxi5VSQ7K3KvTbI7ssNUruXCVSWziDl2jTxOVfGo9faneP1dXGDnU7sRvRHHZ+9xwzh4zGdX4eMWZf1Szh8868f7KBn93mZJZt4Z3uQKJJZuDIveAeYMNQrOi1KGwRPNIOpK3Mu/TzDPo0q51mOYM7KoB0HsZmgWVVMY7vFnwWZGnBOS3QJEZKd369mFgDZ42h3p3gDkcMN76naApSnfCqTZMJ9jr1w0wSNw21IKMFCHph2t5kOPMNQCTq3uA4tbkWHMHyxrXgqBOKHgmVXNFF2BT" - } - ] - } - }, - "windowsProfile": { - "adminUsername": "winadmin", - "adminPassword": "Ple@seCh@ngeMe1234!" - }, + ], "nodeResourceGroup": "[variables('KubenetesInfrastructureResourceGroupName')]", "enableRBAC": true, "networkProfile": { From f8e78ef3b020f0494c762ad23d823582f21147bc Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Tue, 19 Jul 2022 18:52:44 -0400 Subject: [PATCH 002/141] Update prereqcheck.sh Improved the descriptions of all steps. --- Azure-ARM/prereqcheck.sh | 46 ++++++++++++++++++++-------------------- 1 file changed, 23 insertions(+), 23 deletions(-) diff --git a/Azure-ARM/prereqcheck.sh b/Azure-ARM/prereqcheck.sh index 2fe30985..4f3ea9f6 100644 --- a/Azure-ARM/prereqcheck.sh +++ b/Azure-ARM/prereqcheck.sh @@ -52,7 +52,7 @@ echo "Running az identity show -g $mirg -n $miname --query principalId -o tsv" currentIdentityId=$(az identity show -g $mirg -n $miname --query principalId -o tsv) if [ -z "$currentIdentityId" ]; then - err="Unable to query Managed Identity to get principal id. Exiting with error." + err="Unable to query the Deployment Managed Identity to get principal id. Exiting with error." echo $err set_resultAndReturn; fi @@ -60,30 +60,30 @@ fi #Check to make sure you have effective contributor access to the resource group. at RG or sub levl #check subscription level -echo "Checking contributor level for subscription" +echo "Is the Deployment Managed Identity assigned the Contributor Role at the Subscription or at the Resource Group level?" subscriptionContributor=$(az role assignment list --all --assignee $currentIdentityId --output json --include-inherited --query "[?roleDefinitionName=='Contributor' && scope=='/subscriptions/$SUBSCRIPTIONID'].roleDefinitionName" --output tsv) if [ -z "$subscriptionContributor" ]; then - echo "Managed Identity is NOT contributor at subscription level, checking resource group" + echo "The Deployment Managed Identity is NOT assigned the Contributor role at the Subscription level, checking the Resource Group level now." #not subscription level, check resource group level rgContributor=$(az role assignment list --all --assignee $currentIdentityId --output json --include-inherited --query "[?roleDefinitionName=='Contributor' && scope=='/subscriptions/$SUBSCRIPTIONID/resourceGroups/$RESOURCEGROUPNAME'].roleDefinitionName" --output tsv) if [ -z "$rgContributor" ]; then - err="Managed Identity is not Contributor to resource group. Exiting with error." + err="The Deployment Managed Identity is NOT assigned the Contributor Role at the Resource Group level. Exiting with error." echo $err set_resultAndReturn; else - echo "Managed Identity is Contributor to resource group." + echo "The Deployment Managed Identity is assigned the Contributor role at the Resource Group level." fi #If updating dns, check to make sure you have effective contributor access to the dns resource group if [ "$UPDATEDNS" = "Yes" ]; then - echo "Checking contributor for DNS resource group" - dnsrgContributor=$(az role assignment list --all --assignee $currentIdentityId --output json --include-inherited --query "[?roleDefinitionName=='Contributor' && scope=='/subscriptions/$SUBSCRIPTIONID/resourceGroups/$DOMAINNAMERESOURCEGROUP'].roleDefinitionName" --output tsv) + echo "Is the Deployment Managed Identity assigned the DNS Zone Contributor role to the DNS zone resource?" + dnsrgContributor=$(az role assignment list --all --assignee $currentIdentityId --output json --include-inherited --query "[?roleDefinitionName=='DNS Zone Contributor' && scope=='/subscriptions/$SUBSCRIPTIONID/resourceGroups/$DOMAINNAMERESOURCEGROUP'].roleDefinitionName" --output tsv) if [ -z "$dnsrgContributor" ]; then - err="Managed Identity is not Contributor to DNS resource group. Exiting with error." + err="The Deployment Managed Identity is NOT assigned the DNS Zone Contributor role to the DNS zone resource. Exiting with error." echo $err set_resultAndReturn; else - echo "Managed Identity is Contributor to DNS resource group." + echo "The Deployment Managed Identity is assigned the DNZ Zone Contributor role to the DNS zone resource." fi fi @@ -102,7 +102,7 @@ if [ -z "$subscriptionContributor" ]; then # fi else - echo "Managed Identity is Contributor at subscription level." + echo "The Managed Identity is assigned the Contributor role at Subscription level." fi # If using Purview, check for the following: @@ -113,60 +113,60 @@ if [ "$USEPURVIEW" = "Yes" ]; then #User.Read if [[ $purviewClientPermissions != *"e1fe6dd8-ba31-4d61-89e7-88639da4683d"* ]]; then - echo "Missing User.Read application permission. Some governance features may not function until this permission is added." + echo "The Purview Azure AD application registration is missing the Microsoft Graph API User.Read delegated permission. Some governance features may not function until this permission is granted." fi #User.Read.All if [[ $purviewClientPermissions != *"df021288-bdef-4463-88db-98f22de89214"* ]]; then - echo "Missing User.Read.All application permission. Some governance features may not function until this permission is added." + echo "The Purview Azure AD application registration is missing the Microsoft Graph API User.Read.All application permission. Some governance features may not function until this permission is granted. This permission requires an Azure AD Global Admin consent." fi #Group.Read.All if [[ $purviewClientPermissions != *"5b567255-7703-4780-807c-7be8301ae99b"* ]]; then - echo "Missing Group.Read.All application permission. Some governance features may not function until this permission is added." + echo "The Purview Azure AD application registration is missing the Microsoft Graph API Group.Read.All application permission. Some governance features may not function until this permission is granted. This permission requires an Azure AD Global Admin consent." fi #GroupMember.Read.All if [[ $purviewClientPermissions != *"98830695-27a2-44f7-8c18-0c3ebc9698f6"* ]]; then - echo "Missing GroupMember.Read.All application permission. Some governance features may not function until this permission is added." + echo "The Purview Azure AD application registration is missing the Microsoft Graph API GroupMember.Read.All application permission. Some governance features may not function until this permission is granted. This permission requires an Azure AD Global Admin consent." fi fi #If using keyvault, check to make sure you have Managed Identity Contributor role AND User Access Administrator if [ "$USEKEYVAULT" = "Yes" ]; then echo "In KeyVault checks" - echo "Checking Managed Identity Contributor at subscription level." + echo "Is the Deployment Managed Identity assigned the Managed Identity Contributor role at the Subscription level?" subscriptionMIContributor=$(az role assignment list --all --assignee $currentIdentityId --output json --include-inherited --query "[?roleDefinitionName=='Managed Identity Contributor' && scope=='/subscriptions/$SUBSCRIPTIONID'].roleDefinitionName" --output tsv) if [ -z "$subscriptionMIContributor" ]; then - err="Managed Identity is not Managed Identity Contributor at subscription level. Exiting with error." + err="The Deployment Managed Identity is NOT assigned the Managed Identity Contributor role to the Subscription. Exiting with error." echo $err set_resultAndReturn; else - echo "Managed Identity is Managed Identity Contributor at subscription level." + echo "The Deployment Managed Identity is assigned the Managed Identity Contributor role at the Subscription level." fi - echo "Checking User Access Administrator at subscription level." + echo "Is the Deployment Managed Identity assigned the User Access Administrator role at Subscription level?" subscriptionUAAContributor=$(az role assignment list --all --assignee $currentIdentityId --output json --include-inherited --query "[?roleDefinitionName=='User Access Administrator' && scope=='/subscriptions/$SUBSCRIPTIONID'].roleDefinitionName" --output tsv) if [ -z "$subscriptionUAAContributor" ]; then - err="Managed Identity is not User Access Administrator at subscription level. Exiting with error." + err="The Deployment Managed Identity is NOT assigned the User Access Administrator at subscription level. Exiting with error." echo $err set_resultAndReturn; else - echo "Managed Identity is User Access Administrator at subscription level." + echo "The Deployment Managed Identity is assigned the User Access Administrator role at subscription level." fi fi #If updating AAD, make sure you have Application Administrator role if [ "$UPDATEAAD" = "Yes" ]; then - echo "Checking Application Administrator Role" + echo "Is the Deployment Managed Identity assigned the Application Administrator Role in Azure Active Directory?" appDevRoleId=$(az rest --method get --url https://graph.microsoft.com/v1.0/directoryRoles/ | jq -r '.value[] | select(.displayName | contains("Application Administrator")).id') minameinrole=$(az rest --method GET --uri "https://graph.microsoft.com/beta/directoryRoles/$appDevRoleId/members" | jq -r '.value[] | select(.displayName | contains("'"$miname"'")).displayName') if [ -z "$minameinrole" ]; then - err="Managed Identity is not in Application Administrator role. Exiting with error." + err="The Deployment Managed Identity is NOT assigned the Application Administrator role in Azure Active Directory. Exiting with error." echo $err set_resultAndReturn; else - echo "Managed Identity is in Application Administrator role." + echo "The Deployment Managed Identity is assigned the Application Administrator role in Azure Active Directory." fi fi From 01a76103c74fe177f844252c6f94454c1bafdac8 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Wed, 20 Jul 2022 10:40:22 -0400 Subject: [PATCH 003/141] Update azuredeploy.json Update vars --- Azure-ARM/azuredeploy.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Azure-ARM/azuredeploy.json b/Azure-ARM/azuredeploy.json index 3a190015..a9847299 100644 --- a/Azure-ARM/azuredeploy.json +++ b/Azure-ARM/azuredeploy.json @@ -165,8 +165,8 @@ }, "variables": { - "ScriptURL":"https://raw.githubusercontent.com/profiseedev/kubernetes/master/Azure-ARM/deployprofisee.sh", - "PreReqCheckScriptURL":"https://raw.githubusercontent.com/profiseedev/kubernetes/master/Azure-ARM/prereqcheck.sh", + "ScriptURL":"https://raw.githubusercontent.com/profiseeadmin/kubernetes/master/Azure-ARM/deployprofisee.sh", + "PreReqCheckScriptURL":"https://raw.githubusercontent.com/profiseeadmin/kubernetes/master/Azure-ARM/prereqcheck.sh", "KubernetesVnetResourceGroup":"[parameters('KubernetesVnetResourceGroup')]", "vnetId":"[resourceId(parameters('KubernetesVnetResourceGroup'),'Microsoft.Network/virtualNetworks/subnets',parameters('KubernetesVnetName'),parameters('KubernetesSubnetName'))]", "PROFISEEVERSION":"[parameters('ProfiseeVersion')]", From f3fd4855882c8fb0ac9cf504c588c263bda7be6d Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Wed, 20 Jul 2022 10:41:03 -0400 Subject: [PATCH 004/141] Update azuredeploy.parameters.json update default version --- Azure-ARM/azuredeploy.parameters.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Azure-ARM/azuredeploy.parameters.json b/Azure-ARM/azuredeploy.parameters.json index 22e38318..2df72609 100644 --- a/Azure-ARM/azuredeploy.parameters.json +++ b/Azure-ARM/azuredeploy.parameters.json @@ -3,7 +3,7 @@ "contentVersion": "1.0.0.0", "parameters": { "ProfiseeVersion": { - "value": "profiseeplatform:2021R3.0" + "value": "profiseeplatform:2022r1.0" }, "ProfiseeAdminUserAccount": { "value": "" @@ -133,4 +133,4 @@ "value": "" } } -} \ No newline at end of file +} From 99e42ba3724f7c360cb60adfde131fa1e8e27984 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Wed, 20 Jul 2022 10:42:09 -0400 Subject: [PATCH 005/141] Update deployprofisee.sh update repo name --- Azure-ARM/deployprofisee.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index 9d5e4fcc..8586f636 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -13,7 +13,7 @@ if [ -f "$FILE" ]; then exit 1; fi -REPONAME="profiseedev" +REPONAME="profiseeadmin" REPOURL="https://raw.githubusercontent.com/$REPONAME/kubernetes/master"; HELMREPOURL="https://$REPONAME.github.io/kubernetes"; echo $"REPOURL is $REPOURL"; From 0d02af702d84e5ef8977f5af96f264d253711fb2 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Wed, 20 Jul 2022 10:49:37 -0400 Subject: [PATCH 006/141] Update index.yaml updated link --- index.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.yaml b/index.yaml index 5fcb4681..4306d505 100644 --- a/index.yaml +++ b/index.yaml @@ -9,6 +9,6 @@ entries: name: profisee-platform type: application urls: - - https://profiseedev.github.io/kubernetes/profisee-platform-0.1.19.tgz + - https://profiseeadmin.github.io/kubernetes/profisee-platform-0.1.19.tgz version: 0.1.19 generated: "2022-06-30T00:00:00.0-05:00" From 3011717b5eac78c52cffa7850240e0fb7f885a88 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Wed, 20 Jul 2022 10:59:24 -0400 Subject: [PATCH 007/141] Update README.md updated deploy button --- Azure-ARM/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Azure-ARM/README.md b/Azure-ARM/README.md index fdb7682c..51de0ec0 100644 --- a/Azure-ARM/README.md +++ b/Azure-ARM/README.md @@ -3,7 +3,7 @@ This ARM template deploys Profisee platform into a Azure Kubernetes Service cluster. -[![Deploy to Azure](https://aka.ms/deploytoazurebutton)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2Fprofiseedev%2Fkubernetes%2Fmaster%2FAzure-ARM%2Fazuredeploy.json/createUIDefinitionUri/https%3A%2F%2Fraw.githubusercontent.com%2Fprofiseedev%2Fkubernetes%2Fmaster%2FAzure-ARM%2FcreateUIDefinition.json) +[![Deploy to Azure](https://aka.ms/deploytoazurebutton)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2Fprofiseeadmin%2Fkubernetes%2Fmaster%2FAzure-ARM%2Fazuredeploy.json/createUIDefinitionUri/https%3A%2F%2Fraw.githubusercontent.com%2Fprofiseeadmin%2Fkubernetes%2Fmaster%2FAzure-ARM%2FcreateUIDefinition.json) ## Prerequisites @@ -18,4 +18,4 @@ Click the "Deploy to Azure" button at the beginning of this document. ## Troubleshooting -All troubleshooting is in the [Wiki](https://github.com/profiseedev/kubernetes/wiki) +All troubleshooting is in the [Wiki](https://github.com/profiseeadmin/kubernetes/wiki) From a7d4097ad10e06ae4bc24a6e33b308a23f041f1d Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Wed, 20 Jul 2022 16:51:00 -0400 Subject: [PATCH 008/141] Update prereqcheck.sh description wording --- Azure-ARM/prereqcheck.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Azure-ARM/prereqcheck.sh b/Azure-ARM/prereqcheck.sh index 4f3ea9f6..86536f1d 100644 --- a/Azure-ARM/prereqcheck.sh +++ b/Azure-ARM/prereqcheck.sh @@ -63,11 +63,11 @@ fi echo "Is the Deployment Managed Identity assigned the Contributor Role at the Subscription or at the Resource Group level?" subscriptionContributor=$(az role assignment list --all --assignee $currentIdentityId --output json --include-inherited --query "[?roleDefinitionName=='Contributor' && scope=='/subscriptions/$SUBSCRIPTIONID'].roleDefinitionName" --output tsv) if [ -z "$subscriptionContributor" ]; then - echo "The Deployment Managed Identity is NOT assigned the Contributor role at the Subscription level, checking the Resource Group level now." + echo "Role is NOT assigned at Subscription level, checking Resource Group level assignment now." #not subscription level, check resource group level rgContributor=$(az role assignment list --all --assignee $currentIdentityId --output json --include-inherited --query "[?roleDefinitionName=='Contributor' && scope=='/subscriptions/$SUBSCRIPTIONID/resourceGroups/$RESOURCEGROUPNAME'].roleDefinitionName" --output tsv) if [ -z "$rgContributor" ]; then - err="The Deployment Managed Identity is NOT assigned the Contributor Role at the Resource Group level. Exiting with error." + err="Role is NOT assigned at either Subscription or Resource Group level. Exiting with error." echo $err set_resultAndReturn; else @@ -102,7 +102,7 @@ if [ -z "$subscriptionContributor" ]; then # fi else - echo "The Managed Identity is assigned the Contributor role at Subscription level." + echo "Yes, it is, continuing checks." fi # If using Purview, check for the following: From 167d222954bf11ec17097aa72c5f34b97ee38a63 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Wed, 20 Jul 2022 16:57:11 -0400 Subject: [PATCH 009/141] Update deployprofisee.sh add sleep after app reg creation --- Azure-ARM/deployprofisee.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index 8586f636..e04e98f6 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -296,6 +296,8 @@ if [ "$UPDATEAAD" = "Yes" ]; then echo $"CLIENTID is $CLIENTID"; fi echo "Creating app registration finished" + echo "Sleeping for 20 seconds to wait for app registration to be ready." + sleep 20; echo "Updating app registration permissions step 1 started" #add a Graph API permission of "Sign in and read user profile" From 5eb0c7fe9c72284b87c86473c1f8d809094f3d1b Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Wed, 20 Jul 2022 18:10:35 -0400 Subject: [PATCH 010/141] Update prereqcheck.sh Updated wording and provided links to documentation --- Azure-ARM/prereqcheck.sh | 47 ++++++++++++++++++++-------------------- 1 file changed, 23 insertions(+), 24 deletions(-) diff --git a/Azure-ARM/prereqcheck.sh b/Azure-ARM/prereqcheck.sh index 86536f1d..fe2754a5 100644 --- a/Azure-ARM/prereqcheck.sh +++ b/Azure-ARM/prereqcheck.sh @@ -44,46 +44,46 @@ IFS='/' read -r -a miparts <<< "$AZ_SCRIPTS_USER_ASSIGNED_IDENTITY" #splits the mirg=${miparts[4]} miname=${miparts[8]} -#remove white space +#Remove white space miname=$(echo $miname | xargs) -#get the id of the current user (MI) +#Get the ID of the current user (MI) echo "Running az identity show -g $mirg -n $miname --query principalId -o tsv" currentIdentityId=$(az identity show -g $mirg -n $miname --query principalId -o tsv) if [ -z "$currentIdentityId" ]; then - err="Unable to query the Deployment Managed Identity to get principal id. Exiting with error." + err="Unable to query the Deployment Managed Identity to get principal id. Exiting with error." echo $err set_resultAndReturn; fi -#Check to make sure you have effective contributor access to the resource group. at RG or sub levl -#check subscription level +#Check to make sure you have effective Contributor access at either Resource group or Subscription level. +#Checking Subscription level first. echo "Is the Deployment Managed Identity assigned the Contributor Role at the Subscription or at the Resource Group level?" subscriptionContributor=$(az role assignment list --all --assignee $currentIdentityId --output json --include-inherited --query "[?roleDefinitionName=='Contributor' && scope=='/subscriptions/$SUBSCRIPTIONID'].roleDefinitionName" --output tsv) if [ -z "$subscriptionContributor" ]; then echo "Role is NOT assigned at Subscription level, checking Resource Group level assignment now." - #not subscription level, check resource group level + #DMInot subscription level, check resource group level rgContributor=$(az role assignment list --all --assignee $currentIdentityId --output json --include-inherited --query "[?roleDefinitionName=='Contributor' && scope=='/subscriptions/$SUBSCRIPTIONID/resourceGroups/$RESOURCEGROUPNAME'].roleDefinitionName" --output tsv) if [ -z "$rgContributor" ]; then - err="Role is NOT assigned at either Subscription or Resource Group level. Exiting with error." + err="Role is NOT assigned at either Subscription or Resource Group level. Exiting with error. Please assign the Contributor role to the Deployment Managed Identity at either Subscription or Resource Group level. Please visit https://support.profisee.com/wikis/2022_r1_support/planning_your_managed_identity_configuration for more information." echo $err set_resultAndReturn; else - echo "The Deployment Managed Identity is assigned the Contributor role at the Resource Group level." + echo "Role is assigned at Resource level. Continuing checks." fi - #If updating dns, check to make sure you have effective contributor access to the dns resource group + #If updating , check to make sure you have effective contributor access to the dns resource group if [ "$UPDATEDNS" = "Yes" ]; then echo "Is the Deployment Managed Identity assigned the DNS Zone Contributor role to the DNS zone resource?" dnsrgContributor=$(az role assignment list --all --assignee $currentIdentityId --output json --include-inherited --query "[?roleDefinitionName=='DNS Zone Contributor' && scope=='/subscriptions/$SUBSCRIPTIONID/resourceGroups/$DOMAINNAMERESOURCEGROUP'].roleDefinitionName" --output tsv) if [ -z "$dnsrgContributor" ]; then - err="The Deployment Managed Identity is NOT assigned the DNS Zone Contributor role to the DNS zone resource. Exiting with error." + err="Role is NOT assigned. Exiting with error. Please assign the DNS Zone Contributor role to the Deployment Managed Identity for the DNS zone you want updated. Please visit https://support.profisee.com/wikis/2022_r1_support/planning_your_managed_identity_configuration for more information." echo $err set_resultAndReturn; else - echo "The Deployment Managed Identity is assigned the DNZ Zone Contributor role to the DNS zone resource." + echo "Role is assigned. Continuing checks." fi fi @@ -102,47 +102,46 @@ if [ -z "$subscriptionContributor" ]; then # fi else - echo "Yes, it is, continuing checks." + echo "Role is assigned at Subsciption level. Continuing checks." fi # If using Purview, check for the following: -# 1. For the Purview client to have the Data Curator role. If not, error out. -# 2. That the Purview client has proper permissions. If not, output warnings and continue. +# 1. Has the Purview Application Registration been added to the Data Curators role in the Purview account. If not, exit with error. +# 2. Does the Purview Application Registartion have the proper permissions. If not, output warnings and continue. if [ "$USEPURVIEW" = "Yes" ]; then purviewClientPermissions=$(az ad app permission list --id $PURVIEWCLIENTID --output tsv --query [].resourceAccess[].id) #User.Read if [[ $purviewClientPermissions != *"e1fe6dd8-ba31-4d61-89e7-88639da4683d"* ]]; then - echo "The Purview Azure AD application registration is missing the Microsoft Graph API User.Read delegated permission. Some governance features may not function until this permission is granted." + echo "The Purview Azure AD application registration is missing the Microsoft Graph API User.Read delegated permission. Some governance features may not function until this permission is granted. This permissions might require an Azure AD Global Admin consent. Please visit https://support.profisee.com/wikis/2022_r1_support/prerequisites_for_integrating_with_purview for more information. " fi #User.Read.All if [[ $purviewClientPermissions != *"df021288-bdef-4463-88db-98f22de89214"* ]]; then - echo "The Purview Azure AD application registration is missing the Microsoft Graph API User.Read.All application permission. Some governance features may not function until this permission is granted. This permission requires an Azure AD Global Admin consent." + echo "The Purview Azure AD application registration is missing the Microsoft Graph API User.Read.All application permission. Some governance features may not function until this permission is granted. This permission requires an Azure AD Global Admin consent. Please visit https://support.profisee.com/wikis/2022_r1_support/prerequisites_for_integrating_with_purview for more information." fi #Group.Read.All if [[ $purviewClientPermissions != *"5b567255-7703-4780-807c-7be8301ae99b"* ]]; then - echo "The Purview Azure AD application registration is missing the Microsoft Graph API Group.Read.All application permission. Some governance features may not function until this permission is granted. This permission requires an Azure AD Global Admin consent." + echo "The Purview Azure AD application registration is missing the Microsoft Graph API Group.Read.All application permission. Some governance features may not function until this permission is granted. This permission requires an Azure AD Global Admin consent. Please visit https://support.profisee.com/wikis/2022_r1_support/prerequisites_for_integrating_with_purview for more information." fi #GroupMember.Read.All if [[ $purviewClientPermissions != *"98830695-27a2-44f7-8c18-0c3ebc9698f6"* ]]; then - echo "The Purview Azure AD application registration is missing the Microsoft Graph API GroupMember.Read.All application permission. Some governance features may not function until this permission is granted. This permission requires an Azure AD Global Admin consent." + echo "The Purview Azure AD application registration is missing the Microsoft Graph API GroupMember.Read.All application permission. Some governance features may not function until this permission is granted. This permission requires an Azure AD Global Admin consent. Please visit https://support.profisee.com/wikis/2022_r1_support/prerequisites_for_integrating_with_purview for more information." fi fi -#If using keyvault, check to make sure you have Managed Identity Contributor role AND User Access Administrator +#If using keyvault, checks to make sure that the Deployment Managed Identity has been assigned the Managed Identity Contributor role AND User Access Administrator as Subscription level. if [ "$USEKEYVAULT" = "Yes" ]; then - echo "In KeyVault checks" echo "Is the Deployment Managed Identity assigned the Managed Identity Contributor role at the Subscription level?" subscriptionMIContributor=$(az role assignment list --all --assignee $currentIdentityId --output json --include-inherited --query "[?roleDefinitionName=='Managed Identity Contributor' && scope=='/subscriptions/$SUBSCRIPTIONID'].roleDefinitionName" --output tsv) if [ -z "$subscriptionMIContributor" ]; then - err="The Deployment Managed Identity is NOT assigned the Managed Identity Contributor role to the Subscription. Exiting with error." + err="Role is NOT assigned. Exiting with error. " echo $err set_resultAndReturn; else - echo "The Deployment Managed Identity is assigned the Managed Identity Contributor role at the Subscription level." + echo "Role is assigned. Continuing checks." fi echo "Is the Deployment Managed Identity assigned the User Access Administrator role at Subscription level?" @@ -152,7 +151,7 @@ if [ "$USEKEYVAULT" = "Yes" ]; then echo $err set_resultAndReturn; else - echo "The Deployment Managed Identity is assigned the User Access Administrator role at subscription level." + echo "Role is assigned. Continuing checks." fi fi @@ -166,7 +165,7 @@ if [ "$UPDATEAAD" = "Yes" ]; then echo $err set_resultAndReturn; else - echo "The Deployment Managed Identity is assigned the Application Administrator role in Azure Active Directory." + echo "Role is assigned." fi fi From 7aa62918f2d8aee6404f893c60a5ad80c122a0f8 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Thu, 21 Jul 2022 20:04:29 -0400 Subject: [PATCH 011/141] Update deployprofisee.sh Improve logging descriptions. --- Azure-ARM/deployprofisee.sh | 54 ++++++++++++++++++------------------- 1 file changed, 27 insertions(+), 27 deletions(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index e04e98f6..558fa3e9 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -31,20 +31,20 @@ printenv; #az login --identity -#get the aks creds, this allows us to use kubectl commands if needed +#Get AKS credentials, this allows us to use kubectl commands, if neededI az aks get-credentials --resource-group $RESOURCEGROUPNAME --name $CLUSTERNAME --overwrite-existing; -#install dotnet core -echo $"Installing dotnet core started"; +#Install dotnet core. +echo $"Installation of dotnet core started."; curl -fsSL -o dotnet-install.sh https://dot.net/v1/dotnet-install.sh -#set permisssions +#Set permisssions for installation script. chmod 755 ./dotnet-install.sh -#install dotnet +#Install dotnet. ./dotnet-install.sh -c Current -echo $"Installing dotnet core finished"; +echo $"Installation of dotnet core finished."; -#Downloadind and extracting license reader -echo $"Downloading and extracting license reader started"; +#Downloadind and extracting Proisee license reader. +echo $"Download and extraction of Profisee license reader started."; curl -fsSL -o LicenseReader.tar.001 "$REPOURL/Utilities/LicenseReader/LicenseReader.tar.001" curl -fsSL -o LicenseReader.tar.002 "$REPOURL/Utilities/LicenseReader/LicenseReader.tar.002" curl -fsSL -o LicenseReader.tar.003 "$REPOURL/Utilities/LicenseReader/LicenseReader.tar.003" @@ -54,15 +54,15 @@ rm LicenseReader.tar.001 rm LicenseReader.tar.002 rm LicenseReader.tar.003 rm LicenseReader.tar.004 -echo $"Downloading and extracting license reader finished"; +echo $"Download and extraction of Profisee license reader finished."; -echo $"Cleaning license string to remove and unwanted characters - linebreaks, spaces, etc..."; +echo $"Clean Profisee license string of any unwanted characters such as linebreaks, spaces, etc..."; LICENSEDATA=$(echo $LICENSEDATA|tr -d '\n') -echo $"Getting values from license started"; +echo $"Search Profisee license for the fully qualified domain name value..."; EXTERNALDNSURLLICENSE=$(./LicenseReader "ExternalDnsUrl" $LICENSEDATA) -#use whats in the license otherwise use whats passed in which is a generated hostname +#Use FQDN that is in license, otherwise use the Azure generated FQDN. #EXTERNALDNSURLLICENSE=$( Date: Fri, 22 Jul 2022 14:56:25 -0400 Subject: [PATCH 012/141] Update deployprofisee.sh updated info --- Azure-ARM/deployprofisee.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index 558fa3e9..538189e9 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -31,7 +31,7 @@ printenv; #az login --identity -#Get AKS credentials, this allows us to use kubectl commands, if neededI +#Get AKS credentials, this allows us to use kubectl commands, if needed. az aks get-credentials --resource-group $RESOURCEGROUPNAME --name $CLUSTERNAME --overwrite-existing; #Install dotnet core. From b566535160177afd6db98283111af5c368fa2634 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Fri, 22 Jul 2022 15:56:39 -0400 Subject: [PATCH 013/141] Update prereqcheck.sh Improved log descriptions. --- Azure-ARM/prereqcheck.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/Azure-ARM/prereqcheck.sh b/Azure-ARM/prereqcheck.sh index fe2754a5..14220d43 100644 --- a/Azure-ARM/prereqcheck.sh +++ b/Azure-ARM/prereqcheck.sh @@ -137,7 +137,7 @@ if [ "$USEKEYVAULT" = "Yes" ]; then echo "Is the Deployment Managed Identity assigned the Managed Identity Contributor role at the Subscription level?" subscriptionMIContributor=$(az role assignment list --all --assignee $currentIdentityId --output json --include-inherited --query "[?roleDefinitionName=='Managed Identity Contributor' && scope=='/subscriptions/$SUBSCRIPTIONID'].roleDefinitionName" --output tsv) if [ -z "$subscriptionMIContributor" ]; then - err="Role is NOT assigned. Exiting with error. " + err="Role is NOT assigned. Exiting with error. If using Key Vault, this role is required so that the Deployment Managed Identity can create the Managed Identity that will be used to communicated with Key Vault." echo $err set_resultAndReturn; else @@ -147,7 +147,7 @@ if [ "$USEKEYVAULT" = "Yes" ]; then echo "Is the Deployment Managed Identity assigned the User Access Administrator role at Subscription level?" subscriptionUAAContributor=$(az role assignment list --all --assignee $currentIdentityId --output json --include-inherited --query "[?roleDefinitionName=='User Access Administrator' && scope=='/subscriptions/$SUBSCRIPTIONID'].roleDefinitionName" --output tsv) if [ -z "$subscriptionUAAContributor" ]; then - err="The Deployment Managed Identity is NOT assigned the User Access Administrator at subscription level. Exiting with error." + err="The Deployment Managed Identity is NOT assigned the User Access Administrator at subscription level. Exiting with error. If using Key Vault, this role is required so that the Deployment Managed Identity can assign the Key Vault Secrets User role (if using RBAC KV), OR the Get policies (if using policy based KV) to the Key Vault Specific Managed Identity." echo $err set_resultAndReturn; else @@ -155,17 +155,17 @@ if [ "$USEKEYVAULT" = "Yes" ]; then fi fi -#If updating AAD, make sure you have Application Administrator role +#If Deployment Managed Identity will be creating the Azure AD application registration, make sure that the Application Administrator role is assigned to it. if [ "$UPDATEAAD" = "Yes" ]; then echo "Is the Deployment Managed Identity assigned the Application Administrator Role in Azure Active Directory?" appDevRoleId=$(az rest --method get --url https://graph.microsoft.com/v1.0/directoryRoles/ | jq -r '.value[] | select(.displayName | contains("Application Administrator")).id') minameinrole=$(az rest --method GET --uri "https://graph.microsoft.com/beta/directoryRoles/$appDevRoleId/members" | jq -r '.value[] | select(.displayName | contains("'"$miname"'")).displayName') if [ -z "$minameinrole" ]; then - err="The Deployment Managed Identity is NOT assigned the Application Administrator role in Azure Active Directory. Exiting with error." + err="The Deployment Managed Identity is NOT assigned the Application Administrator role in Azure Active Directory. Exiting with error. This role is required so that the Deployment Managed Identity can create the Azure AD Application registration. For more information please visit https://support.profisee.com/wikis/2022_r1_support/planning_your_managed_identity_configuration." echo $err set_resultAndReturn; else - echo "Role is assigned." + echo "Role is assigned. All checks completed." fi fi From 97d8f2d92d66bac2f9e69f23ad044df44432dca1 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Fri, 22 Jul 2022 17:48:34 -0400 Subject: [PATCH 014/141] Update deployprofisee.sh Updated echos --- Azure-ARM/deployprofisee.sh | 21 +++++++++------------ 1 file changed, 9 insertions(+), 12 deletions(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index 538189e9..413ba16d 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -122,27 +122,27 @@ if [ "$USEKEYVAULT" = "Yes" ]; then #We are not but if this is to run on a windows node, then you use this --set windows.enabled=true --set secrets-store-csi-driver.windows.enabled=true helm install --namespace profisee csi-secrets-store-provider-azure csi-secrets-store-provider-azure/csi-secrets-store-provider-azure --set secrets-store-csi-driver.syncSecret.enabled=true - echo $"Installing keyvault csi driver - finished" + echo $"Installation of Key Vault Container Storage Interface (CSI) driver finished." - echo $"Installing keyvault aad pod identity - started" - #Install the Azure Active Directory (Azure AD) identity into AKS. + echo $"Installation of Key Vault Azure Active Directory Pod Identity driver started." + #Install AAD pod identity into AKS. helm repo add aad-pod-identity https://raw.githubusercontent.com/Azure/aad-pod-identity/master/charts helm install --namespace profisee pod-identity aad-pod-identity/aad-pod-identity - echo $"Installing keyvault aad pod identity - finished" + echo $"Installation of Key Vault Azure Active Directory Pod Identity driver finished." - #Assign roles needed for kv - echo $"Managing Identity configuration for KV access - started" + #Assign AAD roles to the AKS AgentPool Managed Identity needed to access the Key Vault. + echo $"AKS Managed Identity configuration for Key Vault access started." - echo $"Managing Identity configuration for KV access - step 1 started" + echo $"AKS AgentPool Managed Identity configuration for Key Vault access step 1 started." echo "Running az role assignment create --role "Managed Identity Operator" --assignee $KUBERNETESCLIENTID --scope /subscriptions/$SUBSCRIPTIONID/resourcegroups/$RESOURCEGROUPNAME" az role assignment create --role "Managed Identity Operator" --assignee $KUBERNETESCLIENTID --scope /subscriptions/$SUBSCRIPTIONID/resourcegroups/$RESOURCEGROUPNAME echo "Running az role assignment create --role "Managed Identity Operator" --assignee $KUBERNETESCLIENTID --scope /subscriptions/$SUBSCRIPTIONID/resourcegroups/$AKSINFRARESOURCEGROUPNAME" az role assignment create --role "Managed Identity Operator" --assignee $KUBERNETESCLIENTID --scope /subscriptions/$SUBSCRIPTIONID/resourcegroups/$AKSINFRARESOURCEGROUPNAME echo "Running az role assignment create --role "Virtual Machine Contributor" --assignee $KUBERNETESCLIENTID --scope /subscriptions/$SUBSCRIPTIONID/resourcegroups/$AKSINFRARESOURCEGROUPNAME" az role assignment create --role "Virtual Machine Contributor" --assignee $KUBERNETESCLIENTID --scope /subscriptions/$SUBSCRIPTIONID/resourcegroups/$AKSINFRARESOURCEGROUPNAME - echo $"Managing Identity configuration for KV access - step 1 finished" + echo $"AKS AgentPool Managed Identity configuration for Key Vault access step 1 finished." - #Create AD Identity, get clientid and principalid to assign the reader role to (next command) + #Create Azure AD Managed Identity specifically for Key Vault, get its ClientiId and PrincipalId so we can assign to it the Reader role in steps 3a, 3b and 3c to. echo $"Managing Identity configuration for KV access - step 2 started" identityName="AKSKeyVaultUser" akskvidentityClientId=$(az identity create -g $AKSINFRARESOURCEGROUPNAME -n $identityName --query 'clientId' -o tsv); @@ -158,13 +158,10 @@ if [ "$USEKEYVAULT" = "Yes" ]; then keyVaultName=${kv[-1]} keyVaultResourceGroup=${kv[4]} keyVaultSubscriptionId=${kv[2]} - echo $"principalId is $principalId" echo $"KEYVAULT is $KEYVAULT" echo $"keyVaultName is $keyVaultName" echo $"akskvidentityClientId is $akskvidentityClientId" - #echo $"Managing Identity configuration for KV access - step 4a started" - #az role assignment create --role "Reader" --assignee $principalId --scope $KEYVAULT rbacEnabled=$(az keyvault show --name $keyVaultName --subscription $keyVaultSubscriptionId --query "properties.enableRbacAuthorization") #if rabc, add to rile, if not (policy based) - add policies From da7ecaf8205f0e2cd6a6660727af661231044964 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Fri, 22 Jul 2022 17:52:58 -0400 Subject: [PATCH 015/141] Update deployprofisee.sh Test OiD vs CiD --- Azure-ARM/deployprofisee.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index 413ba16d..b7b17d12 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -167,21 +167,21 @@ if [ "$USEKEYVAULT" = "Yes" ]; then #if rabc, add to rile, if not (policy based) - add policies if [ "$rbacEnabled" = true ]; then echo $"Setting rbac role." - echo "Running az role assignment create --role 'Key Vault Secrets Officer' --assignee $akskvidentityClientId --scope $KEYVAULT" - az role assignment create --role "Key Vault Secrets Officer" --assignee $akskvidentityClientId --scope $KEYVAULT + echo "Running az role assignment create --role 'Key Vault Secrets Officer' --assignee $principalId --scope $KEYVAULT" + az role assignment create --role "Key Vault Secrets Officer" --assignee $principalId --scope $KEYVAULT else echo $"Setting policies." echo $"Managing Identity configuration for KV access - step 3a started" echo "Running az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --secret-permissions get --spn $akskvidentityClientId --query id" - az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --secret-permissions get --spn $akskvidentityClientId --query id + az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --secret-permissions get --spn $principalId --query id echo $"Managing Identity configuration for KV access - step 3b started" echo "Running az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --key-permissions get --spn $akskvidentityClientId --query id" - az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --key-permissions get --spn $akskvidentityClientId --query id + az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --key-permissions get --spn $principalId --query id echo $"Managing Identity configuration for KV access - step 3c started" echo "Running az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --certificate-permissions get --spn $akskvidentityClientId --query id" - az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --certificate-permissions get --spn $akskvidentityClientId --query id + az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --certificate-permissions get --spn $principalId --query id echo $"Managing Identity configuration for KV access - step 3 finished" echo $"Managing Identity configuration for KV access - finished" From 9045cddcc7389042a2008a8d3f6626c98613d8e0 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Fri, 22 Jul 2022 18:02:53 -0400 Subject: [PATCH 016/141] Update prereqcheck.sh Updated to check DNS Zone resources vs RG itself --- Azure-ARM/prereqcheck.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Azure-ARM/prereqcheck.sh b/Azure-ARM/prereqcheck.sh index 14220d43..ac56f315 100644 --- a/Azure-ARM/prereqcheck.sh +++ b/Azure-ARM/prereqcheck.sh @@ -28,7 +28,7 @@ function set_resultAndReturn () { echo $result > $AZ_SCRIPTS_OUTPUT_PATH exit 1 } - +echo $"DNSDomainName is $DNSDOMAINNAME echo $"RESOURCEGROUPNAME is $RESOURCEGROUPNAME" echo $"SUBSCRIPTIONID is $SUBSCRIPTIONID" echo $"DOMAINNAMERESOURCEGROUP is $DOMAINNAMERESOURCEGROUP" @@ -76,8 +76,8 @@ if [ -z "$subscriptionContributor" ]; then #If updating , check to make sure you have effective contributor access to the dns resource group if [ "$UPDATEDNS" = "Yes" ]; then - echo "Is the Deployment Managed Identity assigned the DNS Zone Contributor role to the DNS zone resource?" - dnsrgContributor=$(az role assignment list --all --assignee $currentIdentityId --output json --include-inherited --query "[?roleDefinitionName=='DNS Zone Contributor' && scope=='/subscriptions/$SUBSCRIPTIONID/resourceGroups/$DOMAINNAMERESOURCEGROUP'].roleDefinitionName" --output tsv) + echo "Is the Deployment Managed Identity assigned the DNS Zone Contributor role to the DNS zone itself?" + dnsrgContributor=$(az role assignment list --all --assignee $currentIdentityId --output json --include-inherited --query "[?roleDefinitionName=='DNS Zone Contributor' && scope=='/subscriptions/$SUBSCRIPTIONID/resourceGroups/$DOMAINNAMERESOURCEGROUP/$DNSDOMAINNAME'].roleDefinitionName" --output tsv) if [ -z "$dnsrgContributor" ]; then err="Role is NOT assigned. Exiting with error. Please assign the DNS Zone Contributor role to the Deployment Managed Identity for the DNS zone you want updated. Please visit https://support.profisee.com/wikis/2022_r1_support/planning_your_managed_identity_configuration for more information." echo $err From b4b1b211bb8906a26ab107db023b11df10b5c4a1 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Fri, 22 Jul 2022 18:14:07 -0400 Subject: [PATCH 017/141] Update prereqcheck.sh Removed brackets --- Azure-ARM/prereqcheck.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Azure-ARM/prereqcheck.sh b/Azure-ARM/prereqcheck.sh index ac56f315..d729168b 100644 --- a/Azure-ARM/prereqcheck.sh +++ b/Azure-ARM/prereqcheck.sh @@ -147,7 +147,7 @@ if [ "$USEKEYVAULT" = "Yes" ]; then echo "Is the Deployment Managed Identity assigned the User Access Administrator role at Subscription level?" subscriptionUAAContributor=$(az role assignment list --all --assignee $currentIdentityId --output json --include-inherited --query "[?roleDefinitionName=='User Access Administrator' && scope=='/subscriptions/$SUBSCRIPTIONID'].roleDefinitionName" --output tsv) if [ -z "$subscriptionUAAContributor" ]; then - err="The Deployment Managed Identity is NOT assigned the User Access Administrator at subscription level. Exiting with error. If using Key Vault, this role is required so that the Deployment Managed Identity can assign the Key Vault Secrets User role (if using RBAC KV), OR the Get policies (if using policy based KV) to the Key Vault Specific Managed Identity." + err="The Deployment Managed Identity is NOT assigned the User Access Administrator at subscription level. Exiting with error. If using Key Vault, this role is required so that the Deployment Managed Identity can assign the Key Vault Secrets User role, if using RBAC KV, OR the Get policies, if using policy based KV, to the Key Vault Specific Managed Identity." echo $err set_resultAndReturn; else From c30681d73eda449e65aadf771941638842986858 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Fri, 22 Jul 2022 18:20:32 -0400 Subject: [PATCH 018/141] Update prereqcheck.sh Missed quote --- Azure-ARM/prereqcheck.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Azure-ARM/prereqcheck.sh b/Azure-ARM/prereqcheck.sh index d729168b..26c580ea 100644 --- a/Azure-ARM/prereqcheck.sh +++ b/Azure-ARM/prereqcheck.sh @@ -28,7 +28,7 @@ function set_resultAndReturn () { echo $result > $AZ_SCRIPTS_OUTPUT_PATH exit 1 } -echo $"DNSDomainName is $DNSDOMAINNAME +echo $"DNSDomainName is $DNSDOMAINNAME" echo $"RESOURCEGROUPNAME is $RESOURCEGROUPNAME" echo $"SUBSCRIPTIONID is $SUBSCRIPTIONID" echo $"DOMAINNAMERESOURCEGROUP is $DOMAINNAMERESOURCEGROUP" From e5b96889359e762039130bef821555f1d583a00c Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Fri, 22 Jul 2022 18:39:05 -0400 Subject: [PATCH 019/141] Update prereqcheck.sh Corrected DNS zone resource id --- Azure-ARM/prereqcheck.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Azure-ARM/prereqcheck.sh b/Azure-ARM/prereqcheck.sh index 26c580ea..43b1e8b0 100644 --- a/Azure-ARM/prereqcheck.sh +++ b/Azure-ARM/prereqcheck.sh @@ -77,7 +77,7 @@ if [ -z "$subscriptionContributor" ]; then #If updating , check to make sure you have effective contributor access to the dns resource group if [ "$UPDATEDNS" = "Yes" ]; then echo "Is the Deployment Managed Identity assigned the DNS Zone Contributor role to the DNS zone itself?" - dnsrgContributor=$(az role assignment list --all --assignee $currentIdentityId --output json --include-inherited --query "[?roleDefinitionName=='DNS Zone Contributor' && scope=='/subscriptions/$SUBSCRIPTIONID/resourceGroups/$DOMAINNAMERESOURCEGROUP/$DNSDOMAINNAME'].roleDefinitionName" --output tsv) + dnsrgContributor=$(az role assignment list --all --assignee $currentIdentityId --output json --include-inherited --query "[?roleDefinitionName=='DNS Zone Contributor' && scope=='/subscriptions/$SUBSCRIPTIONID/resourceGroups/$DOMAINNAMERESOURCEGROUP/providers/Microsoft.Network/dnszones/$DNSDOMAINNAME'].roleDefinitionName" --output tsv) if [ -z "$dnsrgContributor" ]; then err="Role is NOT assigned. Exiting with error. Please assign the DNS Zone Contributor role to the Deployment Managed Identity for the DNS zone you want updated. Please visit https://support.profisee.com/wikis/2022_r1_support/planning_your_managed_identity_configuration for more information." echo $err From 55c3f1de17164a063301c7947eb5df7d49254788 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Fri, 22 Jul 2022 18:43:26 -0400 Subject: [PATCH 020/141] Update prereqcheck.sh update dnsdomainame --- Azure-ARM/prereqcheck.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Azure-ARM/prereqcheck.sh b/Azure-ARM/prereqcheck.sh index 43b1e8b0..404246dd 100644 --- a/Azure-ARM/prereqcheck.sh +++ b/Azure-ARM/prereqcheck.sh @@ -28,7 +28,7 @@ function set_resultAndReturn () { echo $result > $AZ_SCRIPTS_OUTPUT_PATH exit 1 } -echo $"DNSDomainName is $DNSDOMAINNAME" +echo $"DNSDOMAINNAME is $DNSDOMAINNAME" echo $"RESOURCEGROUPNAME is $RESOURCEGROUPNAME" echo $"SUBSCRIPTIONID is $SUBSCRIPTIONID" echo $"DOMAINNAMERESOURCEGROUP is $DOMAINNAMERESOURCEGROUP" From 506e9242873f25921c55d6025e8b4010ea31959a Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Fri, 22 Jul 2022 19:40:54 -0400 Subject: [PATCH 021/141] Update azuredeploy.parameters.json updated vm sizes --- Azure-ARM/azuredeploy.parameters.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Azure-ARM/azuredeploy.parameters.json b/Azure-ARM/azuredeploy.parameters.json index 2df72609..1b0f2317 100644 --- a/Azure-ARM/azuredeploy.parameters.json +++ b/Azure-ARM/azuredeploy.parameters.json @@ -37,13 +37,13 @@ "value": "ProfiseeAKSCluster" }, "KubernetesLinuxNodeSize": { - "value": "Standard_D2s_v3" + "value": "Standard_D2_v5" }, "KubernetesLinuxNodeCount": { "value": 1 }, "KubernetesWindowsNodeSize": { - "value": "Standard_D4s_v3" + "value": "Standard_D4_v5" }, "KubernetesWindowsNodeCount": { "value": 1 From bbc652c30a374cd98df9a96fc0224fa00a0dd820 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Fri, 22 Jul 2022 20:39:47 -0400 Subject: [PATCH 022/141] Update createUIDefinition.json Updated definitions --- Azure-ARM/createUIDefinition.json | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/Azure-ARM/createUIDefinition.json b/Azure-ARM/createUIDefinition.json index dc54c6e9..bf60c220 100644 --- a/Azure-ARM/createUIDefinition.json +++ b/Azure-ARM/createUIDefinition.json @@ -30,7 +30,7 @@ "label": "Managed Identity", "toolTip": { "systemAssignedIdentity": "", - "userAssignedIdentity": " The identity used to run the Profisee deployment" + "userAssignedIdentity": " The Managed Identity used to run the Profisee deployment." }, "defaultValue": { "systemAssignedIdentity": "OffOnly" @@ -50,8 +50,8 @@ "visible": true, "options": { "icon": "Info", - "text": "Click here to learn more about managed identities.", - "uri": "https://support.profisee.com/wikis/2020_r2_support/planning_your_managed_identity_configuration" + "text": "Click here to learn more about the use of Managed Identities by Profisee.", + "uri": "https://support.profisee.com/wikis/2022_r1_support/planning_your_managed_identity_configuration" } } @@ -66,7 +66,7 @@ "type": "Microsoft.Common.OptionsGroup", "label": "Use Key Vault?", "defaultValue": "No, I will supply them.", - "toolTip": "", + "toolTip": "Profisee can pull SQL Username, SQL Password and Profisee License as Key Vault secrets and a TLS certificate as Key Vault certificate.", "constraints": { "allowedValues": [ { @@ -100,7 +100,7 @@ "type": "Microsoft.Common.DropDown", "label": "Version", "defaultValue": "2022R1.0", - "toolTip": "Which release of the Profisee Platform to start with.", + "toolTip": "Which release of the Profisee Platform to deploy.", "constraints": { "required": true, "allowedValues": [ @@ -159,7 +159,7 @@ { "name": "ProfiseeAdminUserAccount", "type": "Microsoft.Common.TextBox", - "label": "Admin User Account", + "label": "SuperAdmin User Account", "defaultValue": "", "placeholder": "first.last@company.com", "toolTip": "The first Super User, who will be able to login and add other users.", @@ -174,7 +174,7 @@ "name": "ProfiseeLicense", "type": "Microsoft.Common.FileUpload", "label": "License", - "toolTip": "", + "toolTip": "This file will be provided by Profisee Support.", "constraints": { "required": true, "accept": ".txt" @@ -193,7 +193,7 @@ "label": "License", "defaultValue": "", "placeholder": "License secret name in KeyVault", - "toolTip": "", + "toolTip": "Ex. profisee-license", "constraints": { "required": true, "regex": "", @@ -204,8 +204,8 @@ { "name": "ActiveDirectoryCreateApp", "type": "Microsoft.Common.OptionsGroup", - "label": "Do you want the deployment to create a new Azure Active Directory app registration for you?", - "defaultValue": "Yes, create and configure a new Azure Active Directory app registration", + "label": "The Deployment Managed Identity can create a new Azure Active Directory app registration for you?", + "defaultValue": "Yes, create and configure a new Azure Active Directory app registration.", "toolTip": "", "constraints": { "allowedValues": [ From f2f3d4a17ec2a65cd4bf3454149ba56f0ed945d9 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Fri, 22 Jul 2022 22:26:18 -0400 Subject: [PATCH 023/141] Updated labels, tooltips and a few variables. Updated template tooltips, labels, placeholders and some variables. --- Azure-ARM/createUIDefinition.json | 144 +++++++++++++++--------------- 1 file changed, 72 insertions(+), 72 deletions(-) diff --git a/Azure-ARM/createUIDefinition.json b/Azure-ARM/createUIDefinition.json index bf60c220..2b4b71ae 100644 --- a/Azure-ARM/createUIDefinition.json +++ b/Azure-ARM/createUIDefinition.json @@ -30,7 +30,7 @@ "label": "Managed Identity", "toolTip": { "systemAssignedIdentity": "", - "userAssignedIdentity": " The Managed Identity used to run the Profisee deployment." + "userAssignedIdentity": " The Managed Identity that will run the Profisee deployment." }, "defaultValue": { "systemAssignedIdentity": "OffOnly" @@ -50,7 +50,7 @@ "visible": true, "options": { "icon": "Info", - "text": "Click here to learn more about the use of Managed Identities by Profisee.", + "text": "Click here to learn how Profisee uses a Managed Identities.", "uri": "https://support.profisee.com/wikis/2022_r1_support/planning_your_managed_identity_configuration" } } @@ -66,7 +66,7 @@ "type": "Microsoft.Common.OptionsGroup", "label": "Use Key Vault?", "defaultValue": "No, I will supply them.", - "toolTip": "Profisee can pull SQL Username, SQL Password and Profisee License as Key Vault secrets and a TLS certificate as Key Vault certificate.", + "toolTip": "Profisee can pull a TLS certificate and these secrets: SQL Username, SQL Password and Profisee License.", "constraints": { "allowedValues": [ { @@ -204,17 +204,17 @@ { "name": "ActiveDirectoryCreateApp", "type": "Microsoft.Common.OptionsGroup", - "label": "The Deployment Managed Identity can create a new Azure Active Directory app registration for you?", - "defaultValue": "Yes, create and configure a new Azure Active Directory app registration.", - "toolTip": "", + "label": "Create a new Azure AD application registration for you?", + "defaultValue": "Yes, create and configure it for me.", + "toolTip": "An Azure AD application registration will be used for authentication via ID tokens.", "constraints": { "allowedValues": [ { - "label": "Yes, create and configure a new Azure Active Directory app registration", + "label": "Yes, create and configure it for me.", "value": "Yes" }, { - "label": "No, I will specify the client ID for an existing Azure Active Directory app registration", + "label": "No, I will specify the client ID of an existing Azure Active Directory app registration.", "value": "No" } ], @@ -225,17 +225,17 @@ { "name": "UsePurview", "type": "Microsoft.Common.OptionsGroup", - "label": "Use Purview?", - "defaultValue": "No, I don't want to use Purview for this configuration", - "toolTip": "", + "label": "Integrate Profisee with Microsoft Purview?", + "defaultValue": "No, no need at this point.", + "toolTip": "Profisee can integrate with Microsoft Purview during initial configuration or at a later time.", "constraints": { "allowedValues": [ { - "label": "Yes, configure using Purview", + "label": "Yes, integrate with Microsoft Purview.", "value": "Yes" }, { - "label": "No, I don't want to use Purview for this configuration", + "label": "No, not at this time.", "value": "No" } ], @@ -253,7 +253,7 @@ "type": "Microsoft.Common.TextBox", "label": "Application Registration Client Id", "defaultValue": "", - "toolTip": "ClientId of existing Azure Active Directory App Registration which will be used by the Profisee platform for authentication.", + "toolTip": "Please provide the client ID of the Azure AD application to be used by Profisee for authentication.", "constraints": { "required": "[equals(steps('profisee').ActiveDirectoryCreateApp,'No')]", "regex": "", @@ -289,10 +289,10 @@ { "name": "PurviewClientID", "type": "Microsoft.Common.TextBox", - "label": "Purview Service Principal ID", + "label": "Purview application client ID", "defaultValue": "", "placeholder": "", - "toolTip": "", + "toolTip": "A Purview specific Azure AD application client ID. This application registration must be added as Data Curator to Purview and have the appropriate permissions assigned to it by a Global Admin.", "constraints": { "required": true, "regex": "", @@ -303,10 +303,10 @@ { "name": "PurviewClientSecret", "type": "Microsoft.Common.TextBox", - "label": "Purview Service Principal Secret", + "label": "Purview application secret", "defaultValue": "", "placeholder": "", - "toolTip": "", + "toolTip": "Please generate a secret in the Purview specific application and paste its value here.", "constraints": { "required": true, "regex": "", @@ -337,9 +337,9 @@ { "name": "KubernetesClusterName", "type": "Microsoft.Common.TextBox", - "label": "Cluster Name", + "label": " AKS Cluster Name", "defaultValue": "ProfiseeAKSCluster", - "toolTip": "Can only contain letters, numbers, underscores, and hyphens, must start and end with a letter or number, and must be unique in the current resource group", + "toolTip": "Can only contain letters, numbers, underscores, and hyphens, must start and end with a letter or number, and must be unique in the current resource group.", "constraints": { "required": true, "regex": "", @@ -352,7 +352,7 @@ "type": "Microsoft.Common.TextBox", "label": "Infrastructure Resource Group Name", "defaultValue": "", - "toolTip": "Set blank for default of MC_resourcegroupname_clustername_location, or enter the resouce group name you want to use. It must be new, cannot already exist.", + "toolTip": "Leave blank for default of MC_resourcegroupname_clustername_location, or enter the resouce group name you want to use. It must be new, cannot already exist.", "constraints": { "required": false, "regex": "", @@ -365,7 +365,7 @@ "type": "Microsoft.Common.TextBox", "label": "Version", "defaultValue": "", - "toolTip": "Set blank for latest version, or enter the specific version you want to use.", + "toolTip": "Leave blank for latest AKS version, or enter the specific version you want to use.", "constraints": { "required": false, "regex": "", @@ -376,15 +376,15 @@ { "name": "KubernetesLinuxNodeSizeSection", "type": "Microsoft.Common.Section", - "label": "Linux VM", + "label": "Linux Nodepool", "elements": [ { "name": "KubernetesLinuxNodeSize", "type": "Microsoft.Compute.SizeSelector", "label": "Size", - "toolTip": "", + "toolTip": "Pick VM size for the instances in the Linux nodepool. An 's' in the size will result in use of a Premium SSD. Ex. Standard_D2s_v5 will use Premium SSD, Standard_D2_v5 will use HDD.", "recommendedSizes": [ - "Standard_D2s_v3" + "Standard_D2_v5" ], "constraints": { "allowedSizes": [] @@ -417,15 +417,15 @@ { "name": "KubernetesWindowsNodeSizeSection", "type": "Microsoft.Common.Section", - "label": "Windows VM", + "label": "Windows Nodepool", "elements": [ { "name": "KubernetesWindowsNodeSize", "type": "Microsoft.Compute.SizeSelector", "label": "Size", - "toolTip": "", + "toolTip": "Pick VM size for the instances in the Windows nodepool. An 's' in the size will result in use of a Premium SSD. Ex. Standard_D2s_v5 will use Premium SSD, Standard_D2_v5 will use HDD.", "recommendedSizes": [ - "Standard_D4s_v3" + "Standard_D4_v5" ], "constraints": { "allowedSizes": [] @@ -454,7 +454,7 @@ "subLabel": "", "defaultValue": 1, "showStepMarkers": false, - "toolTip": "", + "toolTip": "Equal to the number of server licenses for Profisee.", "constraints": { "required": false }, @@ -465,7 +465,7 @@ "type": "Microsoft.Common.OptionsGroup", "label": "Configure advanced Kubernetes networking settings?", "defaultValue": "No, use default settings", - "toolTip": "", + "toolTip": "If you do not plan to peer the AKS VNet, then defaults will be fine. If you will, you must configure these.", "constraints": { "allowedValues": [ { @@ -484,7 +484,7 @@ { "name": "KubernetesAdvanced", "type": "Microsoft.Common.Section", - "label": "Advanced kubernetes settings", + "label": "Advanced Kubernetes settings", "elements": [ { "name": "KubernetesVnetName", @@ -526,9 +526,9 @@ { "name": "KubernetesServiceCidr", "type": "Microsoft.Common.TextBox", - "label": "Service Cidr", - "defaultValue": "10.0.0.0/16", - "toolTip": "A CIDR notation IP range from which to assign service cluster IPs.", + "label": "Service CIDR", + "defaultValue": "10.0.0.0/24", + "toolTip": "A CIDR notation IP range from which to assign IP addresses for cluster services. This range must differ from the AKS subnet.", "constraints": { "required": false, "regex": "", @@ -541,7 +541,7 @@ "type": "Microsoft.Common.TextBox", "label": "DNS Service IP", "defaultValue": "10.0.0.10", - "toolTip": "Containers DNS server IP address.", + "toolTip": "IP address of the cluster DNS service discovery. Do not use the first IP in the address range.", "constraints": { "required": false, "regex": "", @@ -552,9 +552,9 @@ { "name": "KubernetesDockerBridgeCidr", "type": "Microsoft.Common.TextBox", - "label": "Docker Bridge Cidr", + "label": "Docker Bridge CIDR", "defaultValue": "172.17.0.1/16", - "toolTip": "A CIDR notation IP for Docker bridge.", + "toolTip": "A CIDR notation IP for Docker bridge. This is not used in Azure CNI. Leave as is.", "constraints": { "required": false, "regex": "", @@ -575,18 +575,18 @@ { "name": "SQLServerCreateNew", "type": "Microsoft.Common.OptionsGroup", - "label": "Create a new SQL Server? ", - "defaultValue": "Yes, create a new SQL Server", + "label": "Create a new SQL Server?", + "defaultValue": "Yes, create a new SQL Server.", "toolTip": "", "constraints": { "required": true, "allowedValues": [ { - "label": "Yes, create a new SQL Server", + "label": "Yes, create a new SQL Server.", "value": "Yes" }, { - "label": "No, use an existing Azure SQL Server", + "label": "No, use an existing Azure SQL Server.", "value": "No" } ] @@ -636,7 +636,7 @@ "type": "Microsoft.Common.TextBox", "label": "User", "defaultValue": "sqladmin", - "toolTip": "Administrator SQL login name to create with the new SQL Server or to use to connect to existing SQL Server. Your login name must not contain a SQL Identifier or a typical system name (like admin, administrator, sa, root, dbmanager, loginmanager, etc.) or a built-in database user or role (like dbo, guest, public, etc.). Your login name must not include non-alphanumeric characters. Your login name must not start with numbers or symbols", + "toolTip": "Administrator SQL login name to create with the new SQL Server or to use to connect to existing SQL Server. Your login name must not contain a SQL Identifier or a typical system name (like admin, administrator, sa, root, dbmanager, loginmanager, etc.) or a built-in database user or role (like dbo, guest, public, etc.). Your login name must not include non-alphanumeric characters. Your login name must not start with numbers or symbols.", "constraints": { "required": true, "regex": "", @@ -648,8 +648,8 @@ "name": "SQLServerUserSecret", "type": "Microsoft.Common.TextBox", "label": "User", - "placeholder": "SQL server username secret name in KeyVault", - "toolTip": "Administrator SQL login name to create with the new SQL Server or to use to connect to existing SQL Server. Your login name must not contain a SQL Identifier or a typical system name (like admin, administrator, sa, root, dbmanager, loginmanager, etc.) or a built-in database user or role (like dbo, guest, public, etc.). Your login name must not include non-alphanumeric characters. Your login name must not start with numbers or symbols", + "placeholder": "Key Vault secret name for the SQL username. Ex. profisee-sql-username", + "toolTip": "Administrator SQL login name to create with the new SQL Server or to use to connect to existing SQL Server. Your login name must not contain a SQL Identifier or a typical system name (like admin, administrator, sa, root, dbmanager, loginmanager, etc.) or a built-in database user or role (like dbo, guest, public, etc.). Your login name must not include non-alphanumeric characters. Your login name must not start with numbers or symbols.", "constraints": { "required": true, "regex": "", @@ -680,7 +680,7 @@ "type": "Microsoft.Common.TextBox", "label": "Password", "defaultValue": "", - "placeholder": "SQL server password secret name in KeyVault", + "placeholder": "Key Vault secret name for the SQL server password. Ex. profisee-sql-password", "toolTip": "", "constraints": { "required": true, @@ -721,7 +721,7 @@ "name": "StorageAccountName", "type": "Microsoft.Storage.StorageAccountSelector", "label": "Storage account", - "toolTip": "", + "toolTip": "Create new or pick an existing storage account.", "defaultValue": { "name": "", "type": "Standard_LRS" @@ -750,7 +750,7 @@ "name": "StorageAccountAccessKey", "type": "Microsoft.Common.DropDown", "label": "Access Keys", - "toolTip": "", + "toolTip": "Pick which storage account access key to use.", "constraints": { "allowedValues": "[map(steps('storage').GetStorageAccessKeysRestApiResponse.keys, (item) => parse(concat('{\"label\":\"', item.keyName, '\",\"value\":\"', item.value, '\"}')))]", "required": true @@ -770,7 +770,7 @@ "name": "StorageAccountFileShareName", "type": "Microsoft.Common.DropDown", "label": "File share", - "toolTip": "", + "toolTip": "A file share must be created in the storage account.", "constraints": { "allowedValues": "[map(steps('storage').GetStorageFileSharesRestApiResponse.value, (item) => parse(concat('{\"label\":\"', item.name, '\",\"value\":\"', item.name, '\"}')))]", "required": true @@ -787,8 +787,8 @@ "name": "DNSUpdate", "type": "Microsoft.Common.OptionsGroup", "label": "Use default Azure DNS?", - "defaultValue": "Yes, use default Azure DNS and Let’s Encrypt for certificates (ex. https://[profisee name].[region].cloudapp.azure.com/profisee)", - "toolTip": "", + "defaultValue": "Yes, use default Azure DNS and Let’s Encrypt certificate (ex. https://[profisee].[region].cloudapp.azure.com/profisee)", + "toolTip": "Profisee will configure Let's Encrypt to generate and auto-renew a TLS certificate for use with Azure hosted DNS. Ex. profisee.eastus2.cloudapp.azure.com/{web app name}.", "constraints": { "allowedValues": [ { @@ -796,7 +796,7 @@ "value": "No" }, { - "label": "No, I’ll use my own DNS host name and domain", + "label": "No, I will provide my own DNS hostname and domain.", "value": "Yes" } ], @@ -812,17 +812,17 @@ { "name": "DNSUpdate2", "type": "Microsoft.Common.OptionsGroup", - "label": "Is your DNS in Azure?", - "defaultValue": "Yes, use new DNS hostname with existing domain name that is in Azure.", - "toolTip": "", + "label": "Are your domain DNS records hosted in an Azure Public DNS Zone?", + "defaultValue": "Yes, I use an Azure Public DNS zone for my domain.", + "toolTip": "You have an Azure DNS zone for your domain. The Name Servers of your domain are set as the Azure DNS zone ones.", "constraints": { "allowedValues": [ { - "label": "Yes, use new DNS hostname with existing domain name that is in Azure.", + "label": "Yes, I use an Azure Public DNS zone for my domain.", "value": "Yes" }, { - "label": "No, use existing DNS hostname and domain name that is outside of Azure.", + "label": "No, my domain and DNS records are hosted outside of Azure.", "value": "No" } ], @@ -835,8 +835,8 @@ "type": "Microsoft.Common.TextBox", "label": "DNS Host Name", "defaultValue": "", - "placeholder": "myprofiseehostname", - "toolTip": "", + "placeholder": "profiseemdm", + "toolTip": "This is the subdomain part of your domain. Ex. If you will access Profisee at https://profiseemdm.mydomain.com/profisee you need to enter profiseemdm in this field.", "constraints": { "required": true, "regex": "", @@ -861,10 +861,10 @@ { "name": "DNSDomainResourceGroup", "type": "Microsoft.Common.TextBox", - "label": "DNS Domain Resource Group", + "label": "DNS Zone Resource Group", "defaultValue": "", "placeholder": "mydnszoneresourcegroup", - "toolTip": "", + "toolTip": "Please type the name of the Azure Resource group that contains your Azure DNS Zone.", "constraints": { "required": true, "regex": "", @@ -879,16 +879,16 @@ "name": "HttpsConfigure", "type": "Microsoft.Common.OptionsGroup", "label": "Use Let’s Encrypt?", - "defaultValue": "Yes, use Let’s Encrypt for certificates", - "toolTip": "", + "defaultValue": "Yes, use Let’s Encrypt for certificates.", + "toolTip": "If yes, Profisee will configure Let's Encrypt to generate, use and auto-renew a free TLS certificate.", "constraints": { "allowedValues": [ { - "label": "Yes, use Let’s Encrypt for certificates", + "label": "Yes, use Let’s Encrypt for certificates.", "value": "No" }, { - "label": "No, I’ll use my own certificates", + "label": "No, I will provide my certificate.", "value": "Yes" } ], @@ -899,13 +899,13 @@ { "name": "UserDefinedHTTPS", "type": "Microsoft.Common.Section", - "label": "User defined https", + "label": "User provided TLS certificate", "elements": [ { "name": "HttpsCertificate", "type": "Microsoft.Common.FileUpload", - "label": "Https Certificate", - "toolTip": "", + "label": "TLS Certificate", + "toolTip": "Please provide a certificate in either txt or crt format.", "constraints": { "required": true, "accept": ".txt,.crt" @@ -921,10 +921,10 @@ { "name": "HttpsCertificateSecret", "type": "Microsoft.Common.TextBox", - "label": "Https Certificate", + "label": "TLS Certificate", "defaultValue": "", - "placeholder": "Https Certificate name in KeyVault", - "toolTip": "", + "placeholder": "TLS Certificate name in KeyVault", + "toolTip": "Name of the certificate as stored in Key Vault. Ex. profisee-tls-certificate", "constraints": { "required": true, "regex": "", @@ -935,8 +935,8 @@ { "name": "HttpsCertificatePrivateKey", "type": "Microsoft.Common.FileUpload", - "label": "Https Certificate Private Key", - "toolTip": "", + "label": "TLS Certificate Private Key", + "toolTip": "Please provide the certificate's private key in either .txt or .key formats.", "constraints": { "required": true, "accept": ".txt,.key" From cda8e95a18685eaaa53c5030df5a2c7e61bf260d Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Fri, 22 Jul 2022 22:56:08 -0400 Subject: [PATCH 024/141] Update deployprofisee.sh update notes --- Azure-ARM/deployprofisee.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index b7b17d12..93fe657b 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -76,7 +76,7 @@ echo $"EXTERNALDNSURL is $EXTERNALDNSURL"; echo $"EXTERNALDNSNAME is $EXTERNALDNSNAME"; echo $"DNSHOSTNAME is $DNSHOSTNAME"; -#If ACR credentials are passed in via legacy script use those. Otherwise, pull ACR credentials from license. +#If ACR credentials are passed in via legacy script, use those. Otherwise, pull ACR credentials from license. if [ "$ACRUSER" = "" ]; then echo $"ACR credentials were not passed in, will use values from license." #ACRUSER=$( Date: Fri, 22 Jul 2022 23:53:29 -0400 Subject: [PATCH 025/141] Update prereqcheck.sh Changed DNS zone check vs resource group check. --- Azure-ARM/prereqcheck.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Azure-ARM/prereqcheck.sh b/Azure-ARM/prereqcheck.sh index 404246dd..55255c5b 100644 --- a/Azure-ARM/prereqcheck.sh +++ b/Azure-ARM/prereqcheck.sh @@ -77,8 +77,8 @@ if [ -z "$subscriptionContributor" ]; then #If updating , check to make sure you have effective contributor access to the dns resource group if [ "$UPDATEDNS" = "Yes" ]; then echo "Is the Deployment Managed Identity assigned the DNS Zone Contributor role to the DNS zone itself?" - dnsrgContributor=$(az role assignment list --all --assignee $currentIdentityId --output json --include-inherited --query "[?roleDefinitionName=='DNS Zone Contributor' && scope=='/subscriptions/$SUBSCRIPTIONID/resourceGroups/$DOMAINNAMERESOURCEGROUP/providers/Microsoft.Network/dnszones/$DNSDOMAINNAME'].roleDefinitionName" --output tsv) - if [ -z "$dnsrgContributor" ]; then + dnsznContributor=$(az role assignment list --all --assignee $currentIdentityId --output json --include-inherited --query "[?roleDefinitionName=='DNS Zone Contributor' && scope=='/subscriptions/$SUBSCRIPTIONID/resourceGroups/$DOMAINNAMERESOURCEGROUP/providers/Microsoft.Network/dnszones/$DNSDOMAINNAME'].roleDefinitionName" --output tsv) + if [ -z "$dnsznContributor" ]; then err="Role is NOT assigned. Exiting with error. Please assign the DNS Zone Contributor role to the Deployment Managed Identity for the DNS zone you want updated. Please visit https://support.profisee.com/wikis/2022_r1_support/planning_your_managed_identity_configuration for more information." echo $err set_resultAndReturn; From 9e63fb5ba29847260f36897031abd04700045a7e Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Mon, 25 Jul 2022 16:17:02 -0400 Subject: [PATCH 026/141] Update azuredeploy.json Added DNSDomainName var to be passed into container --- Azure-ARM/azuredeploy.json | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/Azure-ARM/azuredeploy.json b/Azure-ARM/azuredeploy.json index a9847299..bd0f0d27 100644 --- a/Azure-ARM/azuredeploy.json +++ b/Azure-ARM/azuredeploy.json @@ -263,6 +263,10 @@ "name": "UPDATEDNS", "value": "[variables('DNSUpdate')]" }, + { + "name": "DNSDOMAINNAME", + "value": "[variables('DNSDomainName')]" + }, { "name": "UPDATEAAD", "value": "[variables('UPDATEAAD')]" From 18208c7e52e3d6259a478e64b124b6a1f518c27c Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Mon, 25 Jul 2022 21:09:02 -0400 Subject: [PATCH 027/141] Update createUIDefinition.json Updated tooltips --- Azure-ARM/createUIDefinition.json | 56 +++++++++++++++---------------- 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/Azure-ARM/createUIDefinition.json b/Azure-ARM/createUIDefinition.json index 2b4b71ae..fa4a4bee 100644 --- a/Azure-ARM/createUIDefinition.json +++ b/Azure-ARM/createUIDefinition.json @@ -30,7 +30,7 @@ "label": "Managed Identity", "toolTip": { "systemAssignedIdentity": "", - "userAssignedIdentity": " The Managed Identity that will run the Profisee deployment." + "userAssignedIdentity": "The Managed Identity that will run the Profisee deployment." }, "defaultValue": { "systemAssignedIdentity": "OffOnly" @@ -50,7 +50,7 @@ "visible": true, "options": { "icon": "Info", - "text": "Click here to learn how Profisee uses a Managed Identities.", + "text": "Click here to learn how Profisee uses Managed Identities.", "uri": "https://support.profisee.com/wikis/2022_r1_support/planning_your_managed_identity_configuration" } } @@ -65,8 +65,8 @@ "name": "UseKeyVault", "type": "Microsoft.Common.OptionsGroup", "label": "Use Key Vault?", - "defaultValue": "No, I will supply them.", - "toolTip": "Profisee can pull a TLS certificate and these secrets: SQL Username, SQL Password and Profisee License.", + "defaultValue": "No, I will supply the required values.", + "toolTip": "Profisee can pull a TLS certificate from a Key Vault, as well as these secrets: SQL Username, SQL Password and Profisee License.", "constraints": { "allowedValues": [ { @@ -74,7 +74,7 @@ "value": "Yes" }, { - "label": "No, I will supply them.", + "label": "No, I will supply the required values.", "value": "No" } ], @@ -98,7 +98,7 @@ { "name": "ProfiseeVersion", "type": "Microsoft.Common.DropDown", - "label": "Version", + "label": "Profisee version", "defaultValue": "2022R1.0", "toolTip": "Which release of the Profisee Platform to deploy.", "constraints": { @@ -159,7 +159,7 @@ { "name": "ProfiseeAdminUserAccount", "type": "Microsoft.Common.TextBox", - "label": "SuperAdmin User Account", + "label": "Super Admin Account", "defaultValue": "", "placeholder": "first.last@company.com", "toolTip": "The first Super User, who will be able to login and add other users.", @@ -173,8 +173,8 @@ { "name": "ProfiseeLicense", "type": "Microsoft.Common.FileUpload", - "label": "License", - "toolTip": "This file will be provided by Profisee Support.", + "label": "Profisee license", + "toolTip": "This file will be provided by Profisee Support. Please provide the file in txt format.", "constraints": { "required": true, "accept": ".txt" @@ -192,8 +192,8 @@ "type": "Microsoft.Common.TextBox", "label": "License", "defaultValue": "", - "placeholder": "License secret name in KeyVault", - "toolTip": "Ex. profisee-license", + "placeholder": "License secret name in Key Vault", + "toolTip": "This file will be provided by Profisee Support. Please provide the name of the secret that holds the Profisee license: ex. profisee-license", "constraints": { "required": true, "regex": "", @@ -206,7 +206,7 @@ "type": "Microsoft.Common.OptionsGroup", "label": "Create a new Azure AD application registration for you?", "defaultValue": "Yes, create and configure it for me.", - "toolTip": "An Azure AD application registration will be used for authentication via ID tokens.", + "toolTip": "An Azure AD application registration will be used for authentication via ID tokens. For more information please visit https://support.profisee.com/wikis/2022_r1_support/deploying_the_AKS_cluster_with_the_arm_template.", "constraints": { "allowedValues": [ { @@ -352,7 +352,7 @@ "type": "Microsoft.Common.TextBox", "label": "Infrastructure Resource Group Name", "defaultValue": "", - "toolTip": "Leave blank for default of MC_resourcegroupname_clustername_location, or enter the resouce group name you want to use. It must be new, cannot already exist.", + "toolTip": "Leave blank for default of MC_ResourceGroupName_ClusterName_Location, or enter the resouce group name you want to use. You can only specify the name, you can NOT precreate it.", "constraints": { "required": false, "regex": "", @@ -381,7 +381,7 @@ { "name": "KubernetesLinuxNodeSize", "type": "Microsoft.Compute.SizeSelector", - "label": "Size", + "label": "VM Size", "toolTip": "Pick VM size for the instances in the Linux nodepool. An 's' in the size will result in use of a Premium SSD. Ex. Standard_D2s_v5 will use Premium SSD, Standard_D2_v5 will use HDD.", "recommendedSizes": [ "Standard_D2_v5" @@ -422,7 +422,7 @@ { "name": "KubernetesWindowsNodeSize", "type": "Microsoft.Compute.SizeSelector", - "label": "Size", + "label": "VM Size", "toolTip": "Pick VM size for the instances in the Windows nodepool. An 's' in the size will result in use of a Premium SSD. Ex. Standard_D2s_v5 will use Premium SSD, Standard_D2_v5 will use HDD.", "recommendedSizes": [ "Standard_D4_v5" @@ -465,7 +465,7 @@ "type": "Microsoft.Common.OptionsGroup", "label": "Configure advanced Kubernetes networking settings?", "defaultValue": "No, use default settings", - "toolTip": "If you do not plan to peer the AKS VNet, then defaults will be fine. If you will, you must configure these.", + "toolTip": "Kubernetes might fail deploying if the default settings overlap with any vnets in your tenant. It is recommended that you configure these.", "constraints": { "allowedValues": [ { @@ -528,7 +528,7 @@ "type": "Microsoft.Common.TextBox", "label": "Service CIDR", "defaultValue": "10.0.0.0/24", - "toolTip": "A CIDR notation IP range from which to assign IP addresses for cluster services. This range must differ from the AKS subnet.", + "toolTip": "A CIDR notation IP range from which to assign IP addresses for cluster services. This range MUST differ from the AKS subnet selected above. This range can be reused between clusters.", "constraints": { "required": false, "regex": "", @@ -634,9 +634,9 @@ { "name": "SQLServerUser", "type": "Microsoft.Common.TextBox", - "label": "User", + "label": "SQL Username", "defaultValue": "sqladmin", - "toolTip": "Administrator SQL login name to create with the new SQL Server or to use to connect to existing SQL Server. Your login name must not contain a SQL Identifier or a typical system name (like admin, administrator, sa, root, dbmanager, loginmanager, etc.) or a built-in database user or role (like dbo, guest, public, etc.). Your login name must not include non-alphanumeric characters. Your login name must not start with numbers or symbols.", + "toolTip": "Administrator SQL login name to create with the new SQL Server OR provide the login to connect to an existing SQL Server. Your login name must not contain a SQL Identifier or a typical system name (like admin, administrator, sa, root, dbmanager, loginmanager, etc.) or a built-in database user or role (like dbo, guest, public, etc.). Your login name must not include non-alphanumeric characters. Your login name must not start with numbers or symbols.", "constraints": { "required": true, "regex": "", @@ -647,9 +647,9 @@ { "name": "SQLServerUserSecret", "type": "Microsoft.Common.TextBox", - "label": "User", - "placeholder": "Key Vault secret name for the SQL username. Ex. profisee-sql-username", - "toolTip": "Administrator SQL login name to create with the new SQL Server or to use to connect to existing SQL Server. Your login name must not contain a SQL Identifier or a typical system name (like admin, administrator, sa, root, dbmanager, loginmanager, etc.) or a built-in database user or role (like dbo, guest, public, etc.). Your login name must not include non-alphanumeric characters. Your login name must not start with numbers or symbols.", + "label": "SQL Username", + "placeholder": "Key Vault secret name: ex. profisee-sql-username", + "toolTip": "Administrator SQL login name to create with the new SQL Server OR provide the login to connect to existing SQL Server. Your login name must not contain a SQL Identifier or a typical system name (like admin, administrator, sa, root, dbmanager, loginmanager, etc.) or a built-in database user or role (like dbo, guest, public, etc.). Your login name must not include non-alphanumeric characters. Your login name must not start with numbers or symbols.", "constraints": { "required": true, "regex": "", @@ -661,7 +661,7 @@ "name": "SQLServerPassword", "type": "Microsoft.Common.PasswordBox", "label": { - "password": "Password", + "password": " SQL Password", "confirmPassword": "Confirm password" }, "toolTip": "", @@ -678,9 +678,9 @@ { "name": "SQLServerPasswordSecret", "type": "Microsoft.Common.TextBox", - "label": "Password", + "label": "SQL Password", "defaultValue": "", - "placeholder": "Key Vault secret name for the SQL server password. Ex. profisee-sql-password", + "placeholder": "Key Vault secret name: ex. profisee-sql-password", "toolTip": "", "constraints": { "required": true, @@ -814,11 +814,11 @@ "type": "Microsoft.Common.OptionsGroup", "label": "Are your domain DNS records hosted in an Azure Public DNS Zone?", "defaultValue": "Yes, I use an Azure Public DNS zone for my domain.", - "toolTip": "You have an Azure DNS zone for your domain. The Name Servers of your domain are set as the Azure DNS zone ones.", + "toolTip": "You have an Azure DNS zone for your domain. The Name Servers of your domain at your domain registrar (ex. Google, Cloudflare, GoDaddy) are set as the Azure Public DNS zone ones.", "constraints": { "allowedValues": [ { - "label": "Yes, I use an Azure Public DNS zone for my domain.", + "label": "Yes, I use Azure Public DNS zone to host my domain records.", "value": "Yes" }, { @@ -936,7 +936,7 @@ "name": "HttpsCertificatePrivateKey", "type": "Microsoft.Common.FileUpload", "label": "TLS Certificate Private Key", - "toolTip": "Please provide the certificate's private key in either .txt or .key formats.", + "toolTip": "Please provide the certificate's private key in either .txt or .key format.", "constraints": { "required": true, "accept": ".txt,.key" From fbdd78768ee187f02396c8d9c4d431437e0c0985 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Mon, 25 Jul 2022 21:14:03 -0400 Subject: [PATCH 028/141] Update createUIDefinition.json missed a tooltip --- Azure-ARM/createUIDefinition.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Azure-ARM/createUIDefinition.json b/Azure-ARM/createUIDefinition.json index fa4a4bee..024e0288 100644 --- a/Azure-ARM/createUIDefinition.json +++ b/Azure-ARM/createUIDefinition.json @@ -162,7 +162,7 @@ "label": "Super Admin Account", "defaultValue": "", "placeholder": "first.last@company.com", - "toolTip": "The first Super User, who will be able to login and add other users.", + "toolTip": "The first Super User, who will be able to log in and add other users.", "constraints": { "required": true, "regex": "", @@ -190,7 +190,7 @@ { "name": "ProfiseeLicenseSecret", "type": "Microsoft.Common.TextBox", - "label": "License", + "label": " Profisee License", "defaultValue": "", "placeholder": "License secret name in Key Vault", "toolTip": "This file will be provided by Profisee Support. Please provide the name of the secret that holds the Profisee license: ex. profisee-license", From e78ba1a040dddcd169de3e4aed74fea2706b4bc2 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Tue, 26 Jul 2022 14:25:39 -0400 Subject: [PATCH 029/141] Update createUIDefinition.json updated tooltip info --- Azure-ARM/createUIDefinition.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Azure-ARM/createUIDefinition.json b/Azure-ARM/createUIDefinition.json index 024e0288..84bc1e0f 100644 --- a/Azure-ARM/createUIDefinition.json +++ b/Azure-ARM/createUIDefinition.json @@ -849,8 +849,8 @@ "type": "Microsoft.Common.TextBox", "label": "DNS Domain Name", "defaultValue": "", - "placeholder":"mydomain.com", - "toolTip": "", + "placeholder":"This value is CaSe SeNSitiVe! mydomain.com", + "toolTip": "This value is CaSe SeNSitiVe!", "constraints": { "required": true, "regex": "", @@ -863,8 +863,8 @@ "type": "Microsoft.Common.TextBox", "label": "DNS Zone Resource Group", "defaultValue": "", - "placeholder": "mydnszoneresourcegroup", - "toolTip": "Please type the name of the Azure Resource group that contains your Azure DNS Zone.", + "placeholder": "This value is CaSe SeNSitiVe! mydnszoneresourcegroup", + "toolTip": "This value is CaSe SeNSitiVe! Please type the name of the Azure Resource group that contains your Azure DNS Zone.", "constraints": { "required": true, "regex": "", From 1a58beeced2b69e75c7d6ec5c6b7f1a3f8b4d52b Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Tue, 26 Jul 2022 22:24:56 -0400 Subject: [PATCH 030/141] Update createUIDefinition.json --- Azure-ARM/createUIDefinition.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Azure-ARM/createUIDefinition.json b/Azure-ARM/createUIDefinition.json index 84bc1e0f..2543aa02 100644 --- a/Azure-ARM/createUIDefinition.json +++ b/Azure-ARM/createUIDefinition.json @@ -30,7 +30,7 @@ "label": "Managed Identity", "toolTip": { "systemAssignedIdentity": "", - "userAssignedIdentity": "The Managed Identity that will run the Profisee deployment." + "userAssignedIdentity": "Pick the Managed Identity that will run the Profisee deployment." }, "defaultValue": { "systemAssignedIdentity": "OffOnly" From 13f14c1c7078d0f2c17b9cda55feb5ec271601a2 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Wed, 27 Jul 2022 16:49:57 -0400 Subject: [PATCH 031/141] Update deployprofisee.sh Reduced permissions from KV Secrets Officer to User --- Azure-ARM/deployprofisee.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index 93fe657b..8d9f04be 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -167,8 +167,8 @@ if [ "$USEKEYVAULT" = "Yes" ]; then #if rabc, add to rile, if not (policy based) - add policies if [ "$rbacEnabled" = true ]; then echo $"Setting rbac role." - echo "Running az role assignment create --role 'Key Vault Secrets Officer' --assignee $principalId --scope $KEYVAULT" - az role assignment create --role "Key Vault Secrets Officer" --assignee $principalId --scope $KEYVAULT + echo "Running az role assignment create --role 'Key Vault Secrets User' --assignee $principalId --scope $KEYVAULT" + az role assignment create --role "Key Vault Secrets User" --assignee $principalId --scope $KEYVAULT else echo $"Setting policies." echo $"Managing Identity configuration for KV access - step 3a started" From b6fc84dc0190e05e668e367e17d5ee010323c662 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Wed, 27 Jul 2022 17:00:24 -0400 Subject: [PATCH 032/141] Update README.md updated Readme --- Azure-ARM/README.md | 38 ++++++++++++++++++++++++++++---------- 1 file changed, 28 insertions(+), 10 deletions(-) diff --git a/Azure-ARM/README.md b/Azure-ARM/README.md index 51de0ec0..4de6dd73 100644 --- a/Azure-ARM/README.md +++ b/Azure-ARM/README.md @@ -1,21 +1,39 @@ # DEVELOPMENT. INTERNAL USE ONLY -# Deploy Profisee platform on to AKS using ARM template +# Deploying Profisee Platform on AKS using the ARM template -This ARM template deploys Profisee platform into a Azure Kubernetes Service cluster. - -[![Deploy to Azure](https://aka.ms/deploytoazurebutton)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2Fprofiseeadmin%2Fkubernetes%2Fmaster%2FAzure-ARM%2Fazuredeploy.json/createUIDefinitionUri/https%3A%2F%2Fraw.githubusercontent.com%2Fprofiseeadmin%2Fkubernetes%2Fmaster%2FAzure-ARM%2FcreateUIDefinition.json) ## Prerequisites -1. Managed Identity - - A user assigned managed identity configured ahead of time. The managed identity must have Contributor role for the resource group, and the DNS zone resource group if updating Azure DNS. This can be done by assigning the contributor role to each individual resource group, or assigning the subscription level resource group. If creating an Azure Active Directory application registration, the managed identity must have the Application Developer role assigned to it. Click [here](https://support.profisee.com/wikis/2020_r2_support/planning_your_managed_identity_configuration) for more information. -2. License - - Profisee license associated with the dns for the environment. +Please **DO** review the guide and links below **before** you run the Azure ARM template. We have a pre-requisites script that runs before the deployment to check on the permissions needed. + +Click [here](https://support.profisee.com/wikis/2022_r1_support/deploying_the_AKS_cluster_with_the_arm_template) for a detailed deployment guide for Profisee ver. 2022R1 and [here](https://support.profisee.com/lms/courseinfo?id=00u00000000002b00aM&mode=browsecourses) for video training course and slide deck. + + +Here's **what** you will need. You will need a license tied to the DNS URL that will be used by the environment (ex. customer.eastus2.cloudapp.azure.com OR YourOwnEnvironment.Customer.com) This license can be acquired from [Profisee Support](https://support.profisee.com/aspx/ProfiseeCustomerHome). + +Here's **what** will be deployed, or used if available, by the ARM template: +1. An AKS Cluster with a **publicly** accessible Management API. +2. Two Public IPs for Ingress and Egress +3. A Load Balancer needed for Nginx +4. A SQL Server, or use one that you already have. You can either pre-create the database or let the Managed Identity create one for you. +5. A Storage account, or use one that you already have. +6. A DNS entry into a zone, assuming the necessary permissions are there. If using external DNS, you'd have to update/create the record with the Egress IP. +7. A free Let's Encrypt certificate, if you choose that option. Please be aware that if you plan to use your own domain with Let's Encrypt you'll need to make sure that if there is a [CAA record set](https://letsencrypt.org/docs/caa/) on your domain it allows Let's Encrypt as the Issuing Authority. + +Here's **how** it will be deployed. You must have a Managed Identity created to run the deployment. This Managed Identity must have the following permissions ONLY when running a deployment. After it is done, the Managed Identity can be deleted. Based on your ARM template choices, you will need some or all of the following permissions assigned to your Managed Identity: +1. **Contributor** role to the Resource Group where AKS will be deployed. This can either be assigned directly to the Resource Group OR at Subscription level. +2. **DNS Zone Contributor** role to the particular DNS zone where the entry will be created OR **Contributor** role to the DNS Zone Resource Group.This is needed only if updating DNS hosted in Azure. To follow best practice for least access, the DNS Zone Contributor on the zone itself is the recommended option. +3. **Application Administrator** role in Azure Active Directory so the Application registration can be created by the Deployment Managed Identity and the required permissions can be assigned to it. +4. **Managed Identity Contributor** and **User Access Administrator** at the Subscription level. These two are needed in order for the ARM template Deployment Managed Identity to be able to create the Key Vault specific Managed Identity that will be used by Profisee to pull the values stored in the Key Vault, as well as to assign the AKSCluster-agentpool the Managed Identity Operator roles (to the Resource and Infrastructure Resource groups) and Virtual Machine Operator (to the Infrastructure Resource group). If Key Vault will not be used, these roles are not required. + +If Purview will be configured, the Purview specific Application Registration will need to be assigned the **Data Curator Role** in the Purview account. + ## Deployment steps -Click the "Deploy to Azure" button at the beginning of this document. +[![Deploy to Azure](https://aka.ms/deploytoazurebutton)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2Fprofisee%2Fkubernetes%2Fmaster%2FAzure-ARM%2Fazuredeploy.json/createUIDefinitionUri/https%3A%2F%2Fraw.githubusercontent.com%2Fprofisee%2Fkubernetes%2Fmaster%2FAzure-ARM%2FcreateUIDefinition.json) ## Troubleshooting -All troubleshooting is in the [Wiki](https://github.com/profiseeadmin/kubernetes/wiki) +All troubleshooting is in the [Wiki](https://github.com/profisee/kubernetes/wiki) + From 40037f6a26b64f31541bc11e187bda20ad799130 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Thu, 28 Jul 2022 10:42:54 -0400 Subject: [PATCH 033/141] Update README.md typos --- Azure-ARM/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Azure-ARM/README.md b/Azure-ARM/README.md index 4de6dd73..2c59b081 100644 --- a/Azure-ARM/README.md +++ b/Azure-ARM/README.md @@ -24,7 +24,7 @@ Here's **how** it will be deployed. You must have a Managed Identity created to 1. **Contributor** role to the Resource Group where AKS will be deployed. This can either be assigned directly to the Resource Group OR at Subscription level. 2. **DNS Zone Contributor** role to the particular DNS zone where the entry will be created OR **Contributor** role to the DNS Zone Resource Group.This is needed only if updating DNS hosted in Azure. To follow best practice for least access, the DNS Zone Contributor on the zone itself is the recommended option. 3. **Application Administrator** role in Azure Active Directory so the Application registration can be created by the Deployment Managed Identity and the required permissions can be assigned to it. -4. **Managed Identity Contributor** and **User Access Administrator** at the Subscription level. These two are needed in order for the ARM template Deployment Managed Identity to be able to create the Key Vault specific Managed Identity that will be used by Profisee to pull the values stored in the Key Vault, as well as to assign the AKSCluster-agentpool the Managed Identity Operator roles (to the Resource and Infrastructure Resource groups) and Virtual Machine Operator (to the Infrastructure Resource group). If Key Vault will not be used, these roles are not required. +4. **Managed Identity Contributor** and **User Access Administrator** at the Subscription level. These two are needed in order for the ARM template Deployment Managed Identity to be able to create the Key Vault specific Managed Identity that will be used by Profisee to pull the values stored in the Key Vault, as well as to assign the AKSCluster-agentpool the Managed Identity Operator role (to the Resource and Infrastructure Resource groups) and Virtual Machine Operator role (to the Infrastructure Resource group). If Key Vault will not be used, these roles are not required. If Purview will be configured, the Purview specific Application Registration will need to be assigned the **Data Curator Role** in the Purview account. From 1ec5282e914af473d6a2e1536be674e0c5e331e6 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Thu, 28 Jul 2022 16:08:49 -0400 Subject: [PATCH 034/141] Update README.md Grammar, punctuation. --- Azure-ARM/README.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/Azure-ARM/README.md b/Azure-ARM/README.md index 2c59b081..3d53e3e9 100644 --- a/Azure-ARM/README.md +++ b/Azure-ARM/README.md @@ -13,17 +13,17 @@ Here's **what** you will need. You will need a license tied to the DNS URL that Here's **what** will be deployed, or used if available, by the ARM template: 1. An AKS Cluster with a **publicly** accessible Management API. -2. Two Public IPs for Ingress and Egress -3. A Load Balancer needed for Nginx -4. A SQL Server, or use one that you already have. You can either pre-create the database or let the Managed Identity create one for you. -5. A Storage account, or use one that you already have. -6. A DNS entry into a zone, assuming the necessary permissions are there. If using external DNS, you'd have to update/create the record with the Egress IP. -7. A free Let's Encrypt certificate, if you choose that option. Please be aware that if you plan to use your own domain with Let's Encrypt you'll need to make sure that if there is a [CAA record set](https://letsencrypt.org/docs/caa/) on your domain it allows Let's Encrypt as the Issuing Authority. +2. Two Public IPs for Ingress and Egress. +3. A Load Balancer needed for Nginx. +4. A SQL Server, or we'll use one that you already have. You can either pre-create the database or let the Managed Identity create one for you. +5. A Storage account, or use one that you already have. If you precreate the storage account, please make sure to precreate the files share that you'd like to use. +6. A DNS entry into a zone, assuming the necessary permissions are there. If you use external DNS, you'd have to update/create the record to match the Egress IP. +7. A free Let's Encrypt certificate, if you choose that option. Please be aware that if you plan on using your own domain with Let's Encrypt you'll need to make sure that if there is a [CAA record set](https://letsencrypt.org/docs/caa/) on your domain it allows Let's Encrypt as the Issuing Authority. Here's **how** it will be deployed. You must have a Managed Identity created to run the deployment. This Managed Identity must have the following permissions ONLY when running a deployment. After it is done, the Managed Identity can be deleted. Based on your ARM template choices, you will need some or all of the following permissions assigned to your Managed Identity: 1. **Contributor** role to the Resource Group where AKS will be deployed. This can either be assigned directly to the Resource Group OR at Subscription level. 2. **DNS Zone Contributor** role to the particular DNS zone where the entry will be created OR **Contributor** role to the DNS Zone Resource Group.This is needed only if updating DNS hosted in Azure. To follow best practice for least access, the DNS Zone Contributor on the zone itself is the recommended option. -3. **Application Administrator** role in Azure Active Directory so the Application registration can be created by the Deployment Managed Identity and the required permissions can be assigned to it. +3. **Application Administrator** role in Azure Active Directory, so the Application registration can be created by the Deployment Managed Identity and the required permissions can be assigned to it. 4. **Managed Identity Contributor** and **User Access Administrator** at the Subscription level. These two are needed in order for the ARM template Deployment Managed Identity to be able to create the Key Vault specific Managed Identity that will be used by Profisee to pull the values stored in the Key Vault, as well as to assign the AKSCluster-agentpool the Managed Identity Operator role (to the Resource and Infrastructure Resource groups) and Virtual Machine Operator role (to the Infrastructure Resource group). If Key Vault will not be used, these roles are not required. If Purview will be configured, the Purview specific Application Registration will need to be assigned the **Data Curator Role** in the Purview account. From b87d56f397c74630e51e10b0adc5ab80cd28627d Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Thu, 28 Jul 2022 17:36:29 -0400 Subject: [PATCH 035/141] Update README.md updated deploy button --- Azure-ARM/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Azure-ARM/README.md b/Azure-ARM/README.md index 3d53e3e9..2313d4c5 100644 --- a/Azure-ARM/README.md +++ b/Azure-ARM/README.md @@ -31,7 +31,7 @@ If Purview will be configured, the Purview specific Application Registration wil ## Deployment steps -[![Deploy to Azure](https://aka.ms/deploytoazurebutton)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2Fprofisee%2Fkubernetes%2Fmaster%2FAzure-ARM%2Fazuredeploy.json/createUIDefinitionUri/https%3A%2F%2Fraw.githubusercontent.com%2Fprofisee%2Fkubernetes%2Fmaster%2FAzure-ARM%2FcreateUIDefinition.json) +[![Deploy to Azure](https://aka.ms/deploytoazurebutton)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2Fprofiseeadmin%2Fkubernetes%2Fmaster%2FAzure-ARM%2Fazuredeploy.json/createUIDefinitionUri/https%3A%2F%2Fraw.githubusercontent.com%2Fprofiseeadmin%2Fkubernetes%2Fmaster%2FAzure-ARM%2FcreateUIDefinition.json) ## Troubleshooting From 2ae3d1e418cac9b1e7692806c0ef04d788cf156b Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Thu, 28 Jul 2022 21:40:27 -0400 Subject: [PATCH 036/141] Update Settings.yaml updated wording --- Azure-ARM/Settings.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Azure-ARM/Settings.yaml b/Azure-ARM/Settings.yaml index 4f5aa9ab..6f3292d6 100644 --- a/Azure-ARM/Settings.yaml +++ b/Azure-ARM/Settings.yaml @@ -66,7 +66,7 @@ cloud: isProvider: true useKeyVault: $USEKEYVAULT keyVault: - identity: #must be created in the aks node resource group and have reader ploicy's on keyvault + identity: #must be created in the AKS node resource group and have Get policies for key vault or Key Vault Secrets User for an RBAC key vault. clientId: "$KEYVAULTIDENTITCLIENTID" resourceId: $KEYVAULTIDENTITYRESOURCEID secrets: @@ -78,7 +78,7 @@ cloud: resourceGroup: "$KEYVAULTRESOURCEGROUP" subscriptionId: "$AZURESUBSCRIPTIONID" tenantId: "$AZURETENANTID" - clusterClientId: "$KUBERNETESCLIENTID" #clientid of the aks cluster; Roles must be assigned ot it; role to main RG: "Managed Identity Operator"; roles to node RG: "Managed Identity Operator", "Virtual Machine Contributor" + clusterClientId: "$KUBERNETESCLIENTID" #principalId of the AKSCluster-agentpool identity; The "Managed Identity Operator" role must be assigned to the RG and Node RG; "Virtual Machine Contributor" role must be assigned to the Node RG. useManagedIdentity: false managedIdentity: name: "" @@ -92,4 +92,4 @@ cloud: aws: isProvider: false google: - isProvider: false \ No newline at end of file + isProvider: false From 936adfcbecd5817aeabaf48bd3b83bd50a9098fa Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Thu, 28 Jul 2022 21:48:33 -0400 Subject: [PATCH 037/141] Update Settings.yaml corrected notes --- Azure-ARM/Settings.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Azure-ARM/Settings.yaml b/Azure-ARM/Settings.yaml index 6f3292d6..ceffa938 100644 --- a/Azure-ARM/Settings.yaml +++ b/Azure-ARM/Settings.yaml @@ -78,7 +78,7 @@ cloud: resourceGroup: "$KEYVAULTRESOURCEGROUP" subscriptionId: "$AZURESUBSCRIPTIONID" tenantId: "$AZURETENANTID" - clusterClientId: "$KUBERNETESCLIENTID" #principalId of the AKSCluster-agentpool identity; The "Managed Identity Operator" role must be assigned to the RG and Node RG; "Virtual Machine Contributor" role must be assigned to the Node RG. + clusterClientId: "$KUBERNETESCLIENTID" #clientId of the AKSCluster-agentpool identity; The "Managed Identity Operator" role must be assigned to the RG and Node RG; "Virtual Machine Contributor" role must be assigned to the Node RG. useManagedIdentity: false managedIdentity: name: "" From e4b2bbe9271c1e1bdeb2a901e550608186f87135 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Thu, 28 Jul 2022 22:03:52 -0400 Subject: [PATCH 038/141] Update deployprofisee.sh added and corrected echos for principalId, --- Azure-ARM/deployprofisee.sh | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index 8d9f04be..d068a67e 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -161,6 +161,7 @@ if [ "$USEKEYVAULT" = "Yes" ]; then echo $"KEYVAULT is $KEYVAULT" echo $"keyVaultName is $keyVaultName" echo $"akskvidentityClientId is $akskvidentityClientId" + echo $"principalId is $principalId" rbacEnabled=$(az keyvault show --name $keyVaultName --subscription $keyVaultSubscriptionId --query "properties.enableRbacAuthorization") @@ -172,15 +173,15 @@ if [ "$USEKEYVAULT" = "Yes" ]; then else echo $"Setting policies." echo $"Managing Identity configuration for KV access - step 3a started" - echo "Running az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --secret-permissions get --spn $akskvidentityClientId --query id" + echo "Running az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --secret-permissions get --spn $principalId --query id" az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --secret-permissions get --spn $principalId --query id echo $"Managing Identity configuration for KV access - step 3b started" - echo "Running az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --key-permissions get --spn $akskvidentityClientId --query id" + echo "Running az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --key-permissions get --spn $principalId --query id" az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --key-permissions get --spn $principalId --query id echo $"Managing Identity configuration for KV access - step 3c started" - echo "Running az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --certificate-permissions get --spn $akskvidentityClientId --query id" + echo "Running az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --certificate-permissions get --spn $principalId --query id" az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --certificate-permissions get --spn $principalId --query id echo $"Managing Identity configuration for KV access - step 3 finished" From 39c148c0f0221c496b4a7a7660caa6e96e54b37e Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Thu, 28 Jul 2022 22:26:28 -0400 Subject: [PATCH 039/141] Update createUIDefinition.json updated node sizes --- Azure-ARM/createUIDefinition.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Azure-ARM/createUIDefinition.json b/Azure-ARM/createUIDefinition.json index 2543aa02..a0157479 100644 --- a/Azure-ARM/createUIDefinition.json +++ b/Azure-ARM/createUIDefinition.json @@ -384,7 +384,7 @@ "label": "VM Size", "toolTip": "Pick VM size for the instances in the Linux nodepool. An 's' in the size will result in use of a Premium SSD. Ex. Standard_D2s_v5 will use Premium SSD, Standard_D2_v5 will use HDD.", "recommendedSizes": [ - "Standard_D2_v5" + "Standard_B2s" ], "constraints": { "allowedSizes": [] @@ -425,7 +425,7 @@ "label": "VM Size", "toolTip": "Pick VM size for the instances in the Windows nodepool. An 's' in the size will result in use of a Premium SSD. Ex. Standard_D2s_v5 will use Premium SSD, Standard_D2_v5 will use HDD.", "recommendedSizes": [ - "Standard_D4_v5" + "Standard_B4ms" ], "constraints": { "allowedSizes": [] From b8c6b215aa4628480b610f116a6d44efa3faf426 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Thu, 28 Jul 2022 22:30:14 -0400 Subject: [PATCH 040/141] Update README.md updated purview requirements --- Azure-ARM/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Azure-ARM/README.md b/Azure-ARM/README.md index 2313d4c5..0d813cdb 100644 --- a/Azure-ARM/README.md +++ b/Azure-ARM/README.md @@ -26,7 +26,7 @@ Here's **how** it will be deployed. You must have a Managed Identity created to 3. **Application Administrator** role in Azure Active Directory, so the Application registration can be created by the Deployment Managed Identity and the required permissions can be assigned to it. 4. **Managed Identity Contributor** and **User Access Administrator** at the Subscription level. These two are needed in order for the ARM template Deployment Managed Identity to be able to create the Key Vault specific Managed Identity that will be used by Profisee to pull the values stored in the Key Vault, as well as to assign the AKSCluster-agentpool the Managed Identity Operator role (to the Resource and Infrastructure Resource groups) and Virtual Machine Operator role (to the Infrastructure Resource group). If Key Vault will not be used, these roles are not required. -If Purview will be configured, the Purview specific Application Registration will need to be assigned the **Data Curator Role** in the Purview account. +If Purview will be configured, the Purview specific Application Registration will need to be assigned the **Data Curator Role** in the Purview account. It will also have to be assigned, as minimum, the User.Read delegated permission. For full Purview functionality and integration with Profisee, the User.Read.All, Group.Read.All and GroupMember.Read.All application permissions will need to be added and consented to by an Azure Global Admin. ## Deployment steps From d34934198c37947a30d1d079461463fe29649d18 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Thu, 28 Jul 2022 22:32:55 -0400 Subject: [PATCH 041/141] Update README.md Purview wording updated --- Azure-ARM/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Azure-ARM/README.md b/Azure-ARM/README.md index 0d813cdb..15d866a5 100644 --- a/Azure-ARM/README.md +++ b/Azure-ARM/README.md @@ -26,7 +26,7 @@ Here's **how** it will be deployed. You must have a Managed Identity created to 3. **Application Administrator** role in Azure Active Directory, so the Application registration can be created by the Deployment Managed Identity and the required permissions can be assigned to it. 4. **Managed Identity Contributor** and **User Access Administrator** at the Subscription level. These two are needed in order for the ARM template Deployment Managed Identity to be able to create the Key Vault specific Managed Identity that will be used by Profisee to pull the values stored in the Key Vault, as well as to assign the AKSCluster-agentpool the Managed Identity Operator role (to the Resource and Infrastructure Resource groups) and Virtual Machine Operator role (to the Infrastructure Resource group). If Key Vault will not be used, these roles are not required. -If Purview will be configured, the Purview specific Application Registration will need to be assigned the **Data Curator Role** in the Purview account. It will also have to be assigned, as minimum, the User.Read delegated permission. For full Purview functionality and integration with Profisee, the User.Read.All, Group.Read.All and GroupMember.Read.All application permissions will need to be added and consented to by an Azure Global Admin. +If Profisee will be configured to integrate with Microsoft Purview, a Purview specific Application Registration will need to be created and have the **Data Curator Role** assigned in the Purview account. It will also have to be assigned, at minimum, the User.Read **delegated** permission. For full Microsoft Purview functionality and integration with Profisee, the User.Read.All, Group.Read.All and GroupMember.Read.All **application** permissions will need to be added and consented to by an Azure Global Admin. ## Deployment steps From 5a43fe1633fbf7c34736efbf2b4c05aa0ca13141 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Thu, 28 Jul 2022 22:45:51 -0400 Subject: [PATCH 042/141] updated node sizes --- Azure-ARM/azuredeploy.parameters.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Azure-ARM/azuredeploy.parameters.json b/Azure-ARM/azuredeploy.parameters.json index 1b0f2317..97eaefca 100644 --- a/Azure-ARM/azuredeploy.parameters.json +++ b/Azure-ARM/azuredeploy.parameters.json @@ -37,13 +37,13 @@ "value": "ProfiseeAKSCluster" }, "KubernetesLinuxNodeSize": { - "value": "Standard_D2_v5" + "value": "Standard_B2s" }, "KubernetesLinuxNodeCount": { "value": 1 }, "KubernetesWindowsNodeSize": { - "value": "Standard_D4_v5" + "value": "Standard_B4ms" }, "KubernetesWindowsNodeCount": { "value": 1 From 364c7ad3efae7bb03dcb7bb57587ae22abdb2716 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Fri, 29 Jul 2022 14:25:43 -0400 Subject: [PATCH 043/141] Create the service principal Added the creation of the service principal --- Azure-ARM/deployprofisee.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index d068a67e..88535eaa 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -300,6 +300,7 @@ if [ "$UPDATEAAD" = "Yes" ]; then echo "Updating app registration permissions step 1 started" #add a Graph API permission of "Sign in and read user profile" az ad app permission add --id $CLIENTID --api 00000003-0000-0000-c000-000000000000 --api-permissions e1fe6dd8-ba31-4d61-89e7-88639da4683d=Scope + az ad sp create --id $CLIENTID echo "Updating app registration permissions step 1 finished" echo "Updating app registration permissions step 2 started" From 5c7225ceb0c71b960278e3df4d24a710045657c8 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Fri, 29 Jul 2022 15:21:45 -0400 Subject: [PATCH 044/141] Updated nginx and profisee check Check for nginx and profisee helm installation and, if present, uninstall. If not present, install them --- Azure-ARM/deployprofisee.sh | 46 ++++++++++++++++++++++++------------- 1 file changed, 30 insertions(+), 16 deletions(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index 88535eaa..10757993 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -143,14 +143,14 @@ if [ "$USEKEYVAULT" = "Yes" ]; then echo $"AKS AgentPool Managed Identity configuration for Key Vault access step 1 finished." #Create Azure AD Managed Identity specifically for Key Vault, get its ClientiId and PrincipalId so we can assign to it the Reader role in steps 3a, 3b and 3c to. - echo $"Managing Identity configuration for KV access - step 2 started" + echo $"Key Vault Specific Managed Identity configuration for Key Vault access step 2 started." identityName="AKSKeyVaultUser" akskvidentityClientId=$(az identity create -g $AKSINFRARESOURCEGROUPNAME -n $identityName --query 'clientId' -o tsv); akskvidentityClientResourceId=$(az identity show -g $AKSINFRARESOURCEGROUPNAME -n $identityName --query 'id' -o tsv) principalId=$(az identity show -g $AKSINFRARESOURCEGROUPNAME -n $identityName --query 'principalId' -o tsv) - echo $"Managing Identity configuration for KV access - step 2 finished" + echo $"Key VAult Specific Managed Identity configuration for Key Vault access step 2 finished." - echo $"Managing Identity configuration for KV access - step 3 started" + echo $"Key Vault Specific Managed Identity configuration for KV access step 3 started." echo "Sleeping for 60 seconds to wait for MI to be ready" sleep 60; #KEYVAULT looks like this this /subscriptions/$SUBID/resourceGroups/$kvresourceGroup/providers/Microsoft.KeyVault/vaults/$kvname @@ -165,40 +165,48 @@ if [ "$USEKEYVAULT" = "Yes" ]; then rbacEnabled=$(az keyvault show --name $keyVaultName --subscription $keyVaultSubscriptionId --query "properties.enableRbacAuthorization") - #if rabc, add to rile, if not (policy based) - add policies + #If Key Vault is RBAC based, assign Key Vault Secrets User role to the Key Vault Specific Managed Identity, otherwise assign Get policies for Keys, Secrets and Certificates. if [ "$rbacEnabled" = true ]; then - echo $"Setting rbac role." + echo $"Setting Key Vault Secrets User RBAC role to the Key Vault Specific Managed Idenity." echo "Running az role assignment create --role 'Key Vault Secrets User' --assignee $principalId --scope $KEYVAULT" az role assignment create --role "Key Vault Secrets User" --assignee $principalId --scope $KEYVAULT else - echo $"Setting policies." - echo $"Managing Identity configuration for KV access - step 3a started" + echo $"Setting Key Vault access policies to the Key Vault Specific Managed Identity." + echo $"Key Vault Specific Managed Identity configuration for KV access step 3a started. Assigning Get access policy for secrets." echo "Running az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --secret-permissions get --spn $principalId --query id" az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --secret-permissions get --spn $principalId --query id + echo $"Key Vault Specific Managed Identity configuration for KV access step 3a finished. Assignment completed." - echo $"Managing Identity configuration for KV access - step 3b started" + echo $"Key Vault Specific Managed Identity configuration for KV access step 3b started. Assigning Get access policy for keys." echo "Running az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --key-permissions get --spn $principalId --query id" az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --key-permissions get --spn $principalId --query id + echo $"Key Vault Specific Managed Identity configuration for KV access step 3b finished. Assignment completed." - echo $"Managing Identity configuration for KV access - step 3c started" + echo $"Key Vault Specific Managed Identity configuration for KV access step 3c started. Assigning Get access policy for certificates." echo "Running az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --certificate-permissions get --spn $principalId --query id" az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --certificate-permissions get --spn $principalId --query id + eecho $"Key Vault Specific Managed Identity configuration for KV access step 3c finished. Assignment completed." - echo $"Managing Identity configuration for KV access - step 3 finished" - echo $"Managing Identity configuration for KV access - finished" + echo $"Key Vault Specific Managed Identity setup is now finished." fi fi -#install nginx -echo $"Installing nginx started"; +#Install nginx +echo $"Installation of nginx ingress started."; helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx -#get profisee nginx settings +#Get profisee nginx settings curl -fsSL -o nginxSettings.yaml "$REPOURL/Azure-ARM/nginxSettings.yaml"; -helm uninstall --namespace profisee nginx +#If nginx is present, uninstall it. If not, proceeed to installation. +nginxpresent=$(helm list -n profisee -f nginx -o table --short) +if [ "$nginxpresent" = "nginx" ]; then + helm uninstall -n profisee nginx; +fi + +#Install nginx whether if [ "$USELETSENCRYPT" = "Yes" ]; then echo $"Installing nginx for Lets Encrypt and setting the dns name for its IP." helm install --namespace profisee nginx ingress-nginx/ingress-nginx --values nginxSettings.yaml --set controller.service.loadBalancerIP=$nginxip --set controller.service.annotations."service\.beta\.kubernetes\.io/azure-dns-label-name"=$DNSHOSTNAME; @@ -427,7 +435,13 @@ kubectl create secret generic profisee-settings --namespace profisee --from-file echo "Install Profisee started $(date +"%Y-%m-%d %T")"; helm repo add profisee $HELMREPOURL helm repo update -helm uninstall --namespace profisee profiseeplatform + +#If Profisee is present, uninstall it. If not, proceeed to installation. +profiseepresent=$(helm list -n profisee -f profiseeplatform -o table --short) +if [ "$profiseepresent" = "profiseeplatform" ]; then + helm -n profisee uninstall profiseeplatform; +fi + helm install --namespace profisee profiseeplatform profisee/profisee-platform --values Settings.yaml kubectl delete secret profisee-deploymentlog --namespace profisee --ignore-not-found From e60a848dc11bb9a08eefa4891a7774d34094fb1d Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Fri, 29 Jul 2022 16:31:28 -0400 Subject: [PATCH 045/141] Improved notices --- Azure-ARM/deployprofisee.sh | 129 ++++++++++++++++++------------------ 1 file changed, 66 insertions(+), 63 deletions(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index 10757993..9a62b8a2 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -109,7 +109,7 @@ echo $"Creation of profisee namespace in cluster started."; kubectl create namespace profisee echo $"Creation of profisee namespace in cluster finished."; -#Download settings.yaml file from Profisee repo. +#Download Settings.yaml file from Profisee repo. curl -fsSL -o Settings.yaml "$REPOURL/Azure-ARM/Settings.yaml"; #Installation of Key Vault Container Storage Interface (CSI) driver started. @@ -162,7 +162,9 @@ if [ "$USEKEYVAULT" = "Yes" ]; then echo $"keyVaultName is $keyVaultName" echo $"akskvidentityClientId is $akskvidentityClientId" echo $"principalId is $principalId" - + + #Check if Key Vault is RBAC or policy based. + echo $"Checking if Key Vauls is RBAC based or policy based" rbacEnabled=$(az keyvault show --name $keyVaultName --subscription $keyVaultSubscriptionId --query "properties.enableRbacAuthorization") #If Key Vault is RBAC based, assign Key Vault Secrets User role to the Key Vault Specific Managed Identity, otherwise assign Get policies for Keys, Secrets and Certificates. @@ -192,7 +194,7 @@ if [ "$USEKEYVAULT" = "Yes" ]; then fi -#Install nginx +#Installation of nginx echo $"Installation of nginx ingress started."; helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx @@ -200,43 +202,43 @@ helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx #Get profisee nginx settings curl -fsSL -o nginxSettings.yaml "$REPOURL/Azure-ARM/nginxSettings.yaml"; -#If nginx is present, uninstall it. If not, proceeed to installation. +#If nginx is present, uninstall it. nginxpresent=$(helm list -n profisee -f nginx -o table --short) if [ "$nginxpresent" = "nginx" ]; then helm uninstall -n profisee nginx; fi -#Install nginx whether +#Install nginx either with or without Let's Encrypt +echo $"Installation of nginx started."; if [ "$USELETSENCRYPT" = "Yes" ]; then - echo $"Installing nginx for Lets Encrypt and setting the dns name for its IP." + echo $"Install nginx ready to integrate with Let's Encrypt's automatic certificate provisioning and renewal, and set the DNS FQDN to the load balancer's ingress public IP address." helm install --namespace profisee nginx ingress-nginx/ingress-nginx --values nginxSettings.yaml --set controller.service.loadBalancerIP=$nginxip --set controller.service.annotations."service\.beta\.kubernetes\.io/azure-dns-label-name"=$DNSHOSTNAME; else - echo $"Installing nginx not for Lets Encrypt and not setting the dns name for its IP." + echo $"Install nginx without integration with Let's Encrypt's automatic certificate provisioning and renewal, also do not set the DNS FQDN to the load balancer's ingress public IP address." helm install --namespace profisee nginx ingress-nginx/ingress-nginx --values nginxSettings.yaml --set controller.service.loadBalancerIP=$nginxip fi -echo $"Installing nginx finished, sleeping for 30s to wait for its IP"; - -##wait for the ip to be available. usually a few seconds +echo $"Installation of nginx finished, sleeping for 30 seconds to wait for the load balancer's public IP to become available."; sleep 30; -##get ip for nginx + +#Get the load balancer's public IP so it can be used later on. nginxip=$(kubectl --namespace profisee get services nginx-ingress-nginx-controller --output="jsonpath={.status.loadBalancer.ingress[0].ip}"); # if [ -z "$nginxip" ]; then #try again - echo $"nginx is not configure properly because the LB IP is null, trying again in 60 seconds"; + echo $"Nginx is not configured properly because the load balancer's public IP is null, will wait for another minute."; sleep 60; nginxip=$(kubectl --namespace profisee get services nginx-ingress-nginx-controller --output="jsonpath={.status.loadBalancer.ingress[0].ip}"); if [ -z "$nginxip" ]; then - echo $"nginx is not configure properly because the LB IP is null. Exiting with error"; + echo $"Nginx is not configured properly because the load balancer's public IP is null. Exiting with error."; exit 1 fi fi -echo $"nginx LB IP is $nginxip"; +echo $"The load balancer's public IP is $nginxip"; -#fix tls variables -echo $"fix tls variables started"; -#cert +#Fix the TLS variables +echo $"Correction of TLS variables started."; +#This is for the certificate if [ "$CONFIGUREHTTPS" = "Yes" ]; then printf '%s\n' "$TLSCERT" | sed 's/- /-\n/g; s/ -/\n-/g' | sed '/CERTIFICATE/! s/ /\n/g' >> a.cert; sed -e 's/^/ /' a.cert > tls.cert; @@ -245,7 +247,7 @@ else fi rm -f a.cert -#key +#This is for the key if [ "$CONFIGUREHTTPS" = "Yes" ]; then printf '%s\n' "$TLSKEY" | sed 's/- /-\n/g; s/ -/\n-/g' | sed '/PRIVATE/! s/ /\n/g' >> a.key; sed -e 's/^/ /' a.key > tls.key; @@ -254,22 +256,22 @@ else fi rm -f a.key -#set dns +#Set the DNS record in the DNS zone. If present, remove it. if [ "$UPDATEDNS" = "Yes" ]; then - echo "Update DNS started"; - echo "Delete existing A record - started"; + echo "Update of DNS record started."; + echo "Deletion of existing A record started."; az network dns record-set a delete -g $DOMAINNAMERESOURCEGROUP -z $DNSDOMAINNAME -n $DNSHOSTNAME --yes; - echo "Delete existing A record - finished" - echo "Create new A record - started"; + echo "Deletion of existing A record finished." + echo "Creation of new A record started."; az network dns record-set a add-record -g $DOMAINNAMERESOURCEGROUP -z $DNSDOMAINNAME -n $DNSHOSTNAME -a $nginxip --ttl 5; - echo "Create new A record - finished"; - echo "Update DNS finished"; + echo "Creation of new A record finished."; + echo "Update of DNS record finished."; fi -echo $"fix tls variables finished"; +echo $"Correction of TLS variables finished."; -#install profisee platform -echo $"install profisee platform statrted"; -#set profisee helm chart settings +#Installation of Profisee platform +echo $"Installation of Profisee platform statrted."; +#Configure Profisee helm chart settings auth="$(echo -n "$ACRUSER:$ACRUSERPASSWORD" | base64)" sed -i -e 's/$ACRUSER/'"$ACRUSER"'/g' Settings.yaml sed -i -e 's/$ACRPASSWORD/'"$ACRUSERPASSWORD"'/g' Settings.yaml @@ -285,15 +287,15 @@ echo $"WEBAPPNAME is $WEBAPPNAME"; WEBAPPNAME="${WEBAPPNAME,,}" echo $"WEBAPPNAME is now lower $WEBAPPNAME"; -#create the azure app id (clientid) +#Create the Azure app id (clientid) azureAppReplyUrl="${EXTERNALDNSURL}/${WEBAPPNAME}/auth/signin-microsoft" if [ "$UPDATEAAD" = "Yes" ]; then - echo "Update AAD started"; + echo "Update of Azure Active Directory started. Now we will create the Azure AD Application registration."; azureClientName="${RESOURCEGROUPNAME}_${CLUSTERNAME}"; echo $"azureClientName is $azureClientName"; echo $"azureAppReplyUrl is $azureAppReplyUrl"; - echo "Creating app registration started" + echo "Creation of the Azure Active Directory application registration started." CLIENTID=$(az ad app create --display-name $azureClientName --reply-urls $azureAppReplyUrl --query 'appId' -o tsv); echo $"CLIENTID is $CLIENTID"; if [ -z "$CLIENTID" ]; then @@ -301,57 +303,58 @@ if [ "$UPDATEAAD" = "Yes" ]; then CLIENTID=$(az ad app list --display-name $azureClientName --query [0].appId -o tsv) echo $"CLIENTID is $CLIENTID"; fi - echo "Creating app registration finished" - echo "Sleeping for 20 seconds to wait for app registration to be ready." + echo "Creation of the Azure Active Directory application registration finished." + echo "Sleeping for 20 seconds to wait for the app registration to be ready." sleep 20; - echo "Updating app registration permissions step 1 started" - #add a Graph API permission of "Sign in and read user profile" + echo "Update of the application registration's permissions, step 1 started." + #Add a Graph API permission to "Sign in and read user profile" az ad app permission add --id $CLIENTID --api 00000003-0000-0000-c000-000000000000 --api-permissions e1fe6dd8-ba31-4d61-89e7-88639da4683d=Scope + echo "Creation of the service principal started." az ad sp create --id $CLIENTID - echo "Updating app registration permissions step 1 finished" + echo "Creation of the service principal finished." + echo "Update of the application registration's permissions, step 1 finished." - echo "Updating app registration permissions step 2 started" + echo "Update of the application registration's permissions, step 2 started." az ad app permission grant --id $CLIENTID --api 00000003-0000-0000-c000-000000000000 - - echo "Updating app registration permissions step 2 finished" - echo "Update AAD finished"; + echo "Update of the application registration's permissions, step 2 finished." + echo "Update of Azure Active Directory finished."; fi -#get storage account pw - if not supplied +#If not supplied, acquire storage account credentials. if [ "$FILEREPOPASSWORD" = "" ]; then - echo $"FILEREPOPASSWORD was not passed in, getting it from the storage acount." + echo $"FILEREPOPASSWORD was not passed in, acquiring credentials from the storage account." FILEREPOPASSWORD=$(az storage account keys list --resource-group $RESOURCEGROUPNAME --account-name $STORAGEACCOUNTNAME --query '[0].value'); #clean file repo password - remove quotes FILEREPOPASSWORD=$(echo "$FILEREPOPASSWORD" | tr -d '"') else - echo $"FILEREPOPASSWORD was passed in, using it." + echo $"FILEREPOPASSWORD was passed in, we'll use it." fi -#If creating a new sql database, create firewall rule for sql server - add outbound ip of aks cluster +#If deployment of a new SQL database has been selected, we will create a SQL firewall rule to allow traffic from the AKS cluster's egress IP. if [ "$SQLSERVERCREATENEW" = "Yes" ]; then - echo "Adding firewall rule to sql started"; + echo "Addition of a SQL firewall rule started."; #strip off .database.windows.net IFS='.' read -r -a sqlString <<< "$SQLNAME" echo "SQLNAME is $SQLNAME" sqlServerName=${sqlString[0],,}; #lowercase is the ,, echo "sqlServerName is $sqlServerName" - echo "Getting ip address from $AKSINFRARESOURCEGROUPNAME" + echo "Acquiring the IP address from $AKSINFRARESOURCEGROUPNAME" OutIP=$(az network public-ip list -g $AKSINFRARESOURCEGROUPNAME --query "[0].ipAddress" -o tsv); - echo "OutIP is $OutIP" + echo "The load balancer's egress public IP is $OutIP" az sql server firewall-rule create --resource-group $RESOURCEGROUPNAME --server $sqlServerName --name "aks lb ip" --start-ip-address $OutIP --end-ip-address $OutIP - echo "Adding firewall rule to sql finished"; + echo "Addition of the SQL firewall rule finished."; fi -echo "about to set vars in settings.yaml" -#storage vars +echo "The variables will now be set in the Settings.yaml file" +#Setting storage related variables FILEREPOUSERNAME="Azure\\\\\\\\${STORAGEACCOUNTNAME}" FILEREPOURL="\\\\\\\\\\\\\\\\${STORAGEACCOUNTNAME}.file.core.windows.net\\\\\\\\${STORAGEACCOUNTFILESHARENAME}" -#PROFISEEVERSION looks like this profiseeplatform:2020R1.0 -#The repo is profiseeplatform or something like it, its everything to the left of the : +#PROFISEEVERSION looks like this profiseeplatform:2022R1.0 +#The repository name is profiseeplatform, it is everything to the left of the colon sign : #The label is everything to the right of the : IFS=':' read -r -a repostring <<< "$PROFISEEVERSION" @@ -360,7 +363,7 @@ IFS=':' read -r -a repostring <<< "$PROFISEEVERSION" ACRREPONAME="${repostring[0],,}"; ACRREPOLABEL="${repostring[1],,}" -#set values in Settings.yaml +#Setting values in the Settings.yaml sed -i -e 's/$SQLNAME/'"$SQLNAME"'/g' Settings.yaml sed -i -e 's/$SQLDBNAME/'"$SQLDBNAME"'/g' Settings.yaml sed -i -e 's/$SQLUSERNAME/'"$SQLUSERNAME"'/g' Settings.yaml @@ -410,29 +413,29 @@ fi if [ "$USELETSENCRYPT" = "Yes" ]; then #################################Lets Encrypt Start ##################################### # Label the namespace to disable resource validation - echo "Lets Encrypt started"; + echo "Let's Encrypt installation started"; kubectl label namespace profisee cert-manager.io/disable-validation=true helm repo add jetstack https://charts.jetstack.io # Update your local Helm chart repository cache helm repo update # Install the cert-manager Helm chart helm install cert-manager jetstack/cert-manager --namespace profisee --set installCRDs=true --set nodeSelector."kubernetes\.io/os"=linux --set webhook.nodeSelector."kubernetes\.io/os"=linux --set cainjector.nodeSelector."kubernetes\.io/os"=linux --set startupapicheck.nodeSelector."kubernetes\.io/os"=linux - #wait for the cert manager to be ready - echo $"Lets Encrypt, waiting for certificate manager to be ready, sleeping for 30s"; + # Wait for the cert manager to be ready + echo $"Let's Encrypt is waiting for certificate manager to be ready, sleeping for 30 seconds."; sleep 30; sed -i -e 's/$USELETSENCRYPT/'true'/g' Settings.yaml - echo "Lets Encrypt finshed"; + echo "Let's Encrypt installation finshed"; #################################Lets Encrypt End ####################################### else sed -i -e 's/$USELETSENCRYPT/'false'/g' Settings.yaml fi -#Add settings.yaml as a secret so its always available after the deployment +#Adding Settings.yaml as a secret generated only from the initial deployment of Profisee. Future updates, such as license changes via the profisee-license secret, or SQL credentials updates via the profisee-sql-password secret, will NOT be reflected in this secret. Proceed with caution! kubectl delete secret profisee-settings --namespace profisee --ignore-not-found kubectl create secret generic profisee-settings --namespace profisee --from-file=Settings.yaml #################################Install Profisee Start ####################################### -echo "Install Profisee started $(date +"%Y-%m-%d %T")"; +echo "Installation of Profisee platform started $(date +"%Y-%m-%d %T")"; helm repo add profisee $HELMREPOURL helm repo update @@ -450,14 +453,14 @@ kubectl create secret generic profisee-deploymentlog --namespace profisee --from #Make sure it installed, if not return error profiseeinstalledname=$(echo $(helm list --filter 'profisee+' --namespace profisee -o json)| jq '.[].name') if [ -z "$profiseeinstalledname" ]; then - echo "Profisee did not get installed. Exiting with error"; + echo "Profisee did not get installed. Exiting with error"; exit 1 else - echo "Install Profisee finished $(date +"%Y-%m-%d %T")"; + echo "Installation of Profisee finished $(date +"%Y-%m-%d %T")"; fi; #################################Install Profisee End ####################################### -#wait for pod to be ready (downloaded) +#Wait for pod to be ready (downloaded) echo "Waiting for pod to be downloaded and be ready..$(date +"%Y-%m-%d %T")"; sleep 30; kubectl wait --timeout=1800s --for=condition=ready pod/profisee-0 --namespace profisee From 35a8966ba6e8523051e3e58b2e238f6c93fb7647 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Fri, 29 Jul 2022 18:06:25 -0400 Subject: [PATCH 046/141] Added sleep Added 60 sec sleep after uninstall of nginx and 30 sec after profisee uninstall. --- Azure-ARM/deployprofisee.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index 9a62b8a2..6b2c74d6 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -206,6 +206,8 @@ curl -fsSL -o nginxSettings.yaml "$REPOURL/Azure-ARM/nginxSettings.yaml"; nginxpresent=$(helm list -n profisee -f nginx -o table --short) if [ "$nginxpresent" = "nginx" ]; then helm uninstall -n profisee nginx; + echo $"Will sleep for a minute to allow clean uninstall of nginx." + sleep 60; fi #Install nginx either with or without Let's Encrypt @@ -443,6 +445,7 @@ helm repo update profiseepresent=$(helm list -n profisee -f profiseeplatform -o table --short) if [ "$profiseepresent" = "profiseeplatform" ]; then helm -n profisee uninstall profiseeplatform; + sleep 30; fi helm install --namespace profisee profiseeplatform profisee/profisee-platform --values Settings.yaml From c61feb720abe501ca4dd86f931a6cc1c52acdec7 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Thu, 11 Aug 2022 20:26:12 -0400 Subject: [PATCH 047/141] Added checks for uninstall Added checks for uninstall of AAD Pod Identity and for Key Vault CSI driver. If detected, will be uninstalled and then freshly installed. --- Azure-ARM/deployprofisee.sh | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index 6b2c74d6..f69dc60c 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -118,12 +118,28 @@ if [ "$USEKEYVAULT" = "Yes" ]; then #Install the Secrets Store CSI driver and the Azure Key Vault provider for the driver helm repo add csi-secrets-store-provider-azure https://raw.githubusercontent.com/Azure/secrets-store-csi-driver-provider-azure/master/charts + #If Key Vault CSI driver is present, uninstall it. + kvcsipresent=$(helm list -n profisee -f csi-secrets-store-provider-azure -o table --short) + if [ "$kvcsipresent" = "csi-secrets-store-provider-azure" ]; then + helm uninstall -n profisee csi-secrets-store-provider-azure; + echo $"Will sleep for 30 seconds to allow clean uninstall of Key Vault CSI driver." + sleep 30; + fi + #https://github.com/Azure/secrets-store-csi-driver-provider-azure/releases/tag/0.0.16 #The behavior changed so now you have to enable the secrets-store-csi-driver.syncSecret.enabled=true #We are not but if this is to run on a windows node, then you use this --set windows.enabled=true --set secrets-store-csi-driver.windows.enabled=true helm install --namespace profisee csi-secrets-store-provider-azure csi-secrets-store-provider-azure/csi-secrets-store-provider-azure --set secrets-store-csi-driver.syncSecret.enabled=true echo $"Installation of Key Vault Container Storage Interface (CSI) driver finished." + #If AAD Pod Identity is present, uninstall it. + aadpodpresent=$(helm list -n profisee -f pod-identity -o table --short) + if [ "$aadpodpresent" = "pod-identity" ]; then + helm uninstall -n profisee pod-identity; + echo $"Will sleep for 30 seconds to allow clean uninstall of AAD Pod Identity." + sleep 30; + fi + #Install AAD pod identity into AKS. echo $"Installation of Key Vault Azure Active Directory Pod Identity driver started." helm repo add aad-pod-identity https://raw.githubusercontent.com/Azure/aad-pod-identity/master/charts @@ -420,6 +436,13 @@ if [ "$USELETSENCRYPT" = "Yes" ]; then helm repo add jetstack https://charts.jetstack.io # Update your local Helm chart repository cache helm repo update + #If cert-manager is present, uninstall it. + certmgrpresent=$(helm list -n profisee -f cert-manager -o table --short) + if [ "$certmgrpresent" = "cert-manager" ]; then + helm uninstall -n profisee cert-manager; + echo $"Will sleep for 20 seconds to allow clean uninstall of cert-manager." + sleep 20; + fi # Install the cert-manager Helm chart helm install cert-manager jetstack/cert-manager --namespace profisee --set installCRDs=true --set nodeSelector."kubernetes\.io/os"=linux --set webhook.nodeSelector."kubernetes\.io/os"=linux --set cainjector.nodeSelector."kubernetes\.io/os"=linux --set startupapicheck.nodeSelector."kubernetes\.io/os"=linux # Wait for the cert manager to be ready From 171afef215bed8bbcf9791c04380c7a1cf998751 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Thu, 11 Aug 2022 22:52:26 -0400 Subject: [PATCH 048/141] Added check for User.Read permissions If app reg user.read permission is present do not add it again. --- Azure-ARM/deployprofisee.sh | 31 +++++++++++++++++++------------ 1 file changed, 19 insertions(+), 12 deletions(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index f69dc60c..82d3a367 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -325,18 +325,25 @@ if [ "$UPDATEAAD" = "Yes" ]; then echo "Sleeping for 20 seconds to wait for the app registration to be ready." sleep 20; - echo "Update of the application registration's permissions, step 1 started." - #Add a Graph API permission to "Sign in and read user profile" - az ad app permission add --id $CLIENTID --api 00000003-0000-0000-c000-000000000000 --api-permissions e1fe6dd8-ba31-4d61-89e7-88639da4683d=Scope - echo "Creation of the service principal started." - az ad sp create --id $CLIENTID - echo "Creation of the service principal finished." - echo "Update of the application registration's permissions, step 1 finished." - - echo "Update of the application registration's permissions, step 2 started." - az ad app permission grant --id $CLIENTID --api 00000003-0000-0000-c000-000000000000 - echo "Update of the application registration's permissions, step 2 finished." - echo "Update of Azure Active Directory finished."; + #If Azure Application Registration User.Read permission is present, skip adding it. + appregpermissionspresent=$(az ad app permission list --id $CLIENTID --query "[].resourceAccess[].id" -o tsv) + if [ "$appregpermissionspresent" = "e1fe6dd8-ba31-4d61-89e7-88639da4683d" ]; then + echo $"User.Read permissions already present, no need to add it." + else + + echo "Update of the application registration's permissions, step 1 started." + #Add a Graph API permission to "Sign in and read user profile" + az ad app permission add --id $CLIENTID --api 00000003-0000-0000-c000-000000000000 --api-permissions e1fe6dd8-ba31-4d61-89e7-88639da4683d=Scope + echo "Creation of the service principal started." + az ad sp create --id $CLIENTID + echo "Creation of the service principal finished." + echo "Update of the application registration's permissions, step 1 finished." + + echo "Update of the application registration's permissions, step 2 started." + az ad app permission grant --id $CLIENTID --api 00000003-0000-0000-c000-000000000000 + echo "Update of the application registration's permissions, step 2 finished." + echo "Update of Azure Active Directory finished."; + fi fi #If not supplied, acquire storage account credentials. From 32e14c85b43da1d84177c66dce11a0d6bfcf41a3 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Thu, 11 Aug 2022 23:35:59 -0400 Subject: [PATCH 049/141] Updated CSI store driver chart URL CSI driver has moved to https://azure.github.io/secrets-store-csi-driver-provider-azure/charts --- Azure-ARM/deployprofisee.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index 82d3a367..8ca9b1b4 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -116,7 +116,7 @@ curl -fsSL -o Settings.yaml "$REPOURL/Azure-ARM/Settings.yaml"; if [ "$USEKEYVAULT" = "Yes" ]; then echo $"Installation of Key Vault Container Storage Interface (CSI) driver started." #Install the Secrets Store CSI driver and the Azure Key Vault provider for the driver - helm repo add csi-secrets-store-provider-azure https://raw.githubusercontent.com/Azure/secrets-store-csi-driver-provider-azure/master/charts + helm repo add csi-secrets-store-provider-azure https://azure.github.io/secrets-store-csi-driver-provider-azure/charts #If Key Vault CSI driver is present, uninstall it. kvcsipresent=$(helm list -n profisee -f csi-secrets-store-provider-azure -o table --short) From 51607ee0e1df64f88792aca228c24074ae083d2b Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Fri, 12 Aug 2022 00:55:04 -0400 Subject: [PATCH 050/141] Added echos and namespace check and skip If namespace is present, skip creating it. --- Azure-ARM/deployprofisee.sh | 28 +++++++++++++++++++++++----- 1 file changed, 23 insertions(+), 5 deletions(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index 8ca9b1b4..c202d01b 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -105,8 +105,15 @@ install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl echo $"Installation of kubectl finished."; #Create profisee namespace in AKS cluster. -echo $"Creation of profisee namespace in cluster started."; +echo $"Creation of profisee namespace in cluster started. If present, we skip creation and use it."; + +#If namespace exists, skip creating it. +namespacepresent=$(kubectl get namespace -o jsonpath='{.items[?(@.metadata.name=="profisee")].metadata.name}') +if [ "$namespacepresent" = "profisee" ]; then + echo $"Namespace is already created, continuing." +else kubectl create namespace profisee +fi echo $"Creation of profisee namespace in cluster finished."; #Download Settings.yaml file from Profisee repo. @@ -114,7 +121,7 @@ curl -fsSL -o Settings.yaml "$REPOURL/Azure-ARM/Settings.yaml"; #Installation of Key Vault Container Storage Interface (CSI) driver started. if [ "$USEKEYVAULT" = "Yes" ]; then - echo $"Installation of Key Vault Container Storage Interface (CSI) driver started." + echo $"Installation of Key Vault Container Storage Interface (CSI) driver started. If present, we uninstall and reinstall it." #Install the Secrets Store CSI driver and the Azure Key Vault provider for the driver helm repo add csi-secrets-store-provider-azure https://azure.github.io/secrets-store-csi-driver-provider-azure/charts @@ -132,6 +139,9 @@ if [ "$USEKEYVAULT" = "Yes" ]; then helm install --namespace profisee csi-secrets-store-provider-azure csi-secrets-store-provider-azure/csi-secrets-store-provider-azure --set secrets-store-csi-driver.syncSecret.enabled=true echo $"Installation of Key Vault Container Storage Interface (CSI) driver finished." + + #Install AAD pod identity into AKS. + echo $"Installation of Key Vault Azure Active Directory Pod Identity driver started. If present, we uninstall and reinstall it." #If AAD Pod Identity is present, uninstall it. aadpodpresent=$(helm list -n profisee -f pod-identity -o table --short) if [ "$aadpodpresent" = "pod-identity" ]; then @@ -140,8 +150,6 @@ if [ "$USEKEYVAULT" = "Yes" ]; then sleep 30; fi - #Install AAD pod identity into AKS. - echo $"Installation of Key Vault Azure Active Directory Pod Identity driver started." helm repo add aad-pod-identity https://raw.githubusercontent.com/Azure/aad-pod-identity/master/charts helm install --namespace profisee pod-identity aad-pod-identity/aad-pod-identity echo $"Installation of Key Vault Azure Active Directory Pod Identity driver finished." @@ -212,13 +220,15 @@ fi #Installation of nginx echo $"Installation of nginx ingress started."; - +echo $"Adding ingress-nginx repo." helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx #Get profisee nginx settings +echo $"Acquiring nginxSettings.yaml file from Profisee repo." curl -fsSL -o nginxSettings.yaml "$REPOURL/Azure-ARM/nginxSettings.yaml"; #If nginx is present, uninstall it. +echo "If nginx is installed, we'll uninstall it first." nginxpresent=$(helm list -n profisee -f nginx -o table --short) if [ "$nginxpresent" = "nginx" ]; then helm uninstall -n profisee nginx; @@ -240,6 +250,7 @@ echo $"Installation of nginx finished, sleeping for 30 seconds to wait for the l sleep 30; #Get the load balancer's public IP so it can be used later on. +echo $"Let's see if the the load balancer's IP address is available." nginxip=$(kubectl --namespace profisee get services nginx-ingress-nginx-controller --output="jsonpath={.status.loadBalancer.ingress[0].ip}"); # if [ -z "$nginxip" ]; then @@ -326,6 +337,7 @@ if [ "$UPDATEAAD" = "Yes" ]; then sleep 20; #If Azure Application Registration User.Read permission is present, skip adding it. + echo $"Let's check to see if the User.Read permission is granted, skip if has been. appregpermissionspresent=$(az ad app permission list --id $CLIENTID --query "[].resourceAccess[].id" -o tsv) if [ "$appregpermissionspresent" = "e1fe6dd8-ba31-4d61-89e7-88639da4683d" ]; then echo $"User.Read permissions already present, no need to add it." @@ -472,12 +484,18 @@ helm repo add profisee $HELMREPOURL helm repo update #If Profisee is present, uninstall it. If not, proceeed to installation. +echo "If profisee is installed, uninstall it first." profiseepresent=$(helm list -n profisee -f profiseeplatform -o table --short) if [ "$profiseepresent" = "profiseeplatform" ]; then helm -n profisee uninstall profiseeplatform; + echo "Will sleep for 30 seconds to allow clean uninstall." sleep 30; fi +echo "If we are using Key Vault and Profisee was uninstalled, then the profisee-license and other secrets are missing. We need to restart the key-vault pod so that we can re-pull and mount the secrets." +#Find and delete the key-vault pod + +echo "Now let's install Profisee." helm install --namespace profisee profiseeplatform profisee/profisee-platform --values Settings.yaml kubectl delete secret profisee-deploymentlog --namespace profisee --ignore-not-found From b21f13d3c966a421116df1efb7f6ca5739ef4340 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Fri, 12 Aug 2022 07:39:28 -0400 Subject: [PATCH 051/141] Key vault remount secrets If using Key Vault to store secrets, added option during reinstall of Profisee, to find and delete the profisee-keyvault-xxxxx pod so that upon restart it re-mounts the Key Vault secrets. Otherwise the profisee-0 would not start, necessitating manually restarting the key vault pod and then profisee-0. Also change --namespace to -n --- Azure-ARM/deployprofisee.sh | 49 ++++++++++++++++++++++--------------- 1 file changed, 29 insertions(+), 20 deletions(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index c202d01b..baa96864 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -136,7 +136,7 @@ if [ "$USEKEYVAULT" = "Yes" ]; then #https://github.com/Azure/secrets-store-csi-driver-provider-azure/releases/tag/0.0.16 #The behavior changed so now you have to enable the secrets-store-csi-driver.syncSecret.enabled=true #We are not but if this is to run on a windows node, then you use this --set windows.enabled=true --set secrets-store-csi-driver.windows.enabled=true - helm install --namespace profisee csi-secrets-store-provider-azure csi-secrets-store-provider-azure/csi-secrets-store-provider-azure --set secrets-store-csi-driver.syncSecret.enabled=true + helm install -n profisee csi-secrets-store-provider-azure csi-secrets-store-provider-azure/csi-secrets-store-provider-azure --set secrets-store-csi-driver.syncSecret.enabled=true echo $"Installation of Key Vault Container Storage Interface (CSI) driver finished." @@ -151,7 +151,7 @@ if [ "$USEKEYVAULT" = "Yes" ]; then fi helm repo add aad-pod-identity https://raw.githubusercontent.com/Azure/aad-pod-identity/master/charts - helm install --namespace profisee pod-identity aad-pod-identity/aad-pod-identity + helm install -n profisee pod-identity aad-pod-identity/aad-pod-identity echo $"Installation of Key Vault Azure Active Directory Pod Identity driver finished." #Assign AAD roles to the AKS AgentPool Managed Identity. The Pod identity communicates with the AgentPool MI, which in turn communicates with the Key Vault specific Managed Identity. @@ -240,10 +240,10 @@ fi echo $"Installation of nginx started."; if [ "$USELETSENCRYPT" = "Yes" ]; then echo $"Install nginx ready to integrate with Let's Encrypt's automatic certificate provisioning and renewal, and set the DNS FQDN to the load balancer's ingress public IP address." - helm install --namespace profisee nginx ingress-nginx/ingress-nginx --values nginxSettings.yaml --set controller.service.loadBalancerIP=$nginxip --set controller.service.annotations."service\.beta\.kubernetes\.io/azure-dns-label-name"=$DNSHOSTNAME; + helm install -n profisee nginx ingress-nginx/ingress-nginx --values nginxSettings.yaml --set controller.service.loadBalancerIP=$nginxip --set controller.service.annotations."service\.beta\.kubernetes\.io/azure-dns-label-name"=$DNSHOSTNAME; else echo $"Install nginx without integration with Let's Encrypt's automatic certificate provisioning and renewal, also do not set the DNS FQDN to the load balancer's ingress public IP address." - helm install --namespace profisee nginx ingress-nginx/ingress-nginx --values nginxSettings.yaml --set controller.service.loadBalancerIP=$nginxip + helm install -n profisee nginx ingress-nginx/ingress-nginx --values nginxSettings.yaml --set controller.service.loadBalancerIP=$nginxip fi echo $"Installation of nginx finished, sleeping for 30 seconds to wait for the load balancer's public IP to become available."; @@ -251,13 +251,13 @@ sleep 30; #Get the load balancer's public IP so it can be used later on. echo $"Let's see if the the load balancer's IP address is available." -nginxip=$(kubectl --namespace profisee get services nginx-ingress-nginx-controller --output="jsonpath={.status.loadBalancer.ingress[0].ip}"); +nginxip=$(kubectl -n profisee get services nginx-ingress-nginx-controller --output="jsonpath={.status.loadBalancer.ingress[0].ip}"); # if [ -z "$nginxip" ]; then #try again echo $"Nginx is not configured properly because the load balancer's public IP is null, will wait for another minute."; sleep 60; - nginxip=$(kubectl --namespace profisee get services nginx-ingress-nginx-controller --output="jsonpath={.status.loadBalancer.ingress[0].ip}"); + nginxip=$(kubectl -n profisee get services nginx-ingress-nginx-controller --output="jsonpath={.status.loadBalancer.ingress[0].ip}"); if [ -z "$nginxip" ]; then echo $"Nginx is not configured properly because the load balancer's public IP is null. Exiting with error."; exit 1 @@ -463,7 +463,7 @@ if [ "$USELETSENCRYPT" = "Yes" ]; then sleep 20; fi # Install the cert-manager Helm chart - helm install cert-manager jetstack/cert-manager --namespace profisee --set installCRDs=true --set nodeSelector."kubernetes\.io/os"=linux --set webhook.nodeSelector."kubernetes\.io/os"=linux --set cainjector.nodeSelector."kubernetes\.io/os"=linux --set startupapicheck.nodeSelector."kubernetes\.io/os"=linux + helm install cert-manager jetstack/cert-manager -n profisee --set installCRDs=true --set nodeSelector."kubernetes\.io/os"=linux --set webhook.nodeSelector."kubernetes\.io/os"=linux --set cainjector.nodeSelector."kubernetes\.io/os"=linux --set startupapicheck.nodeSelector."kubernetes\.io/os"=linux # Wait for the cert manager to be ready echo $"Let's Encrypt is waiting for certificate manager to be ready, sleeping for 30 seconds."; sleep 30; @@ -475,8 +475,8 @@ else fi #Adding Settings.yaml as a secret generated only from the initial deployment of Profisee. Future updates, such as license changes via the profisee-license secret, or SQL credentials updates via the profisee-sql-password secret, will NOT be reflected in this secret. Proceed with caution! -kubectl delete secret profisee-settings --namespace profisee --ignore-not-found -kubectl create secret generic profisee-settings --namespace profisee --from-file=Settings.yaml +kubectl delete secret profisee-settings -n profisee --ignore-not-found +kubectl create secret generic profisee-settings -n profisee --from-file=Settings.yaml #################################Install Profisee Start ####################################### echo "Installation of Profisee platform started $(date +"%Y-%m-%d %T")"; @@ -492,17 +492,26 @@ if [ "$profiseepresent" = "profiseeplatform" ]; then sleep 30; fi -echo "If we are using Key Vault and Profisee was uninstalled, then the profisee-license and other secrets are missing. We need to restart the key-vault pod so that we can re-pull and mount the secrets." +echo "If we are using Key Vault and Profisee was uninstalled, then the profisee-license, profisee-sql-username, profisee-sql-password and profisee-tls-ingress secrets are missing. We need to find and restart the key-vault pod so that we can re-pull and re-mount the secrets." #Find and delete the key-vault pod - -echo "Now let's install Profisee." -helm install --namespace profisee profiseeplatform profisee/profisee-platform --values Settings.yaml - -kubectl delete secret profisee-deploymentlog --namespace profisee --ignore-not-found -kubectl create secret generic profisee-deploymentlog --namespace profisee --from-file=$logfile +if [ "$USEKEYVAULT" = "Yes" ]; then + findkvpod=$(kubectl get pods -n profisee -o jsonpath='{.items[?(@.metadata.labels.app=="profisee-keyvault")].metadata.name}') + if [ "$findkvpod" = "$findkvpod" ]; then + echo $"Profisee Key Vault pod name is $findkvpod, deleting it." + kubectl delete pod -n profisee $findkvpod --force --grace-period=0 + echo "Now let's install Profisee." + helm install -n profisee profiseeplatform profisee/profisee-platform --values Settings.yaml + fi +else + echo "Now let's install Profisee." + helm install -n profisee profiseeplatform profisee/profisee-platform --values Settings.yaml +fi + +kubectl delete secret profisee-deploymentlog -n profisee --ignore-not-found +kubectl create secret generic profisee-deploymentlog -n profisee --from-file=$logfile #Make sure it installed, if not return error -profiseeinstalledname=$(echo $(helm list --filter 'profisee+' --namespace profisee -o json)| jq '.[].name') +profiseeinstalledname=$(echo $(helm list --filter 'profisee+' -n profisee -o json)| jq '.[].name') if [ -z "$profiseeinstalledname" ]; then echo "Profisee did not get installed. Exiting with error"; exit 1 @@ -514,7 +523,7 @@ fi; #Wait for pod to be ready (downloaded) echo "Waiting for pod to be downloaded and be ready..$(date +"%Y-%m-%d %T")"; sleep 30; -kubectl wait --timeout=1800s --for=condition=ready pod/profisee-0 --namespace profisee +kubectl wait --timeout=1800s --for=condition=ready pod/profisee-0 -n profisee echo $"Profisee deploymented finished $(date +"%Y-%m-%d %T")"; @@ -533,7 +542,7 @@ result="{\"Result\":[\ echo $result -kubectl delete secret profisee-deploymentlog --namespace profisee --ignore-not-found -kubectl create secret generic profisee-deploymentlog --namespace profisee --from-file=$logfile +kubectl delete secret profisee-deploymentlog -n profisee --ignore-not-found +kubectl create secret generic profisee-deploymentlog -n profisee --from-file=$logfile echo $result > $AZ_SCRIPTS_OUTPUT_PATH From 3f19c2e33eb91931ae0a9d3d7f7d9c5c7747aab0 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Fri, 12 Aug 2022 08:42:11 -0400 Subject: [PATCH 052/141] Updated API version from v1alpha1 to v1 --- .../templates/azuresecretproviderclass-profisee.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/profisee-platform/templates/azuresecretproviderclass-profisee.yaml b/profisee-platform/templates/azuresecretproviderclass-profisee.yaml index 16db5f5d..3ee7ade7 100644 --- a/profisee-platform/templates/azuresecretproviderclass-profisee.yaml +++ b/profisee-platform/templates/azuresecretproviderclass-profisee.yaml @@ -1,5 +1,5 @@ {{- if .Values.cloud.azure.useKeyVault -}} -apiVersion: secrets-store.csi.x-k8s.io/v1alpha1 +apiVersion: secrets-store.csi.x-k8s.io/v1 kind: SecretProviderClass metadata: name: azure-kvname @@ -59,4 +59,4 @@ spec: resourceGroup: {{.Values.cloud.azure.keyVault.resourceGroup }} subscriptionId: {{.Values.cloud.azure.keyVault.subscriptionId }} tenantId: {{.Values.cloud.azure.keyVault.tenantId }} -{{- end }} \ No newline at end of file +{{- end }} From 4a4e0e710f12eda81c009db73f78721c92c55e91 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Fri, 12 Aug 2022 12:18:37 -0400 Subject: [PATCH 053/141] Missing quotes Well, it only takes ONE set of quotes to go missing. --- Azure-ARM/deployprofisee.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index baa96864..852ee0b1 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -337,7 +337,7 @@ if [ "$UPDATEAAD" = "Yes" ]; then sleep 20; #If Azure Application Registration User.Read permission is present, skip adding it. - echo $"Let's check to see if the User.Read permission is granted, skip if has been. + echo $"Let's check to see if the User.Read permission is granted, skip if has been." appregpermissionspresent=$(az ad app permission list --id $CLIENTID --query "[].resourceAccess[].id" -o tsv) if [ "$appregpermissionspresent" = "e1fe6dd8-ba31-4d61-89e7-88639da4683d" ]; then echo $"User.Read permissions already present, no need to add it." From 68a2f1715762edd9d2a19275c14562944e27cab3 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Fri, 12 Aug 2022 16:18:58 -0400 Subject: [PATCH 054/141] Updated readme for Contributor role Clarification for Contributor role --- Azure-ARM/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Azure-ARM/README.md b/Azure-ARM/README.md index 15d866a5..94a8c344 100644 --- a/Azure-ARM/README.md +++ b/Azure-ARM/README.md @@ -21,7 +21,7 @@ Here's **what** will be deployed, or used if available, by the ARM template: 7. A free Let's Encrypt certificate, if you choose that option. Please be aware that if you plan on using your own domain with Let's Encrypt you'll need to make sure that if there is a [CAA record set](https://letsencrypt.org/docs/caa/) on your domain it allows Let's Encrypt as the Issuing Authority. Here's **how** it will be deployed. You must have a Managed Identity created to run the deployment. This Managed Identity must have the following permissions ONLY when running a deployment. After it is done, the Managed Identity can be deleted. Based on your ARM template choices, you will need some or all of the following permissions assigned to your Managed Identity: -1. **Contributor** role to the Resource Group where AKS will be deployed. This can either be assigned directly to the Resource Group OR at Subscription level. +1. **Contributor** role to the Resource Group where AKS will be deployed. This can either be assigned directly to the Resource Group OR at Subscription level. **Note:** If you want to allow the Deployment Managed Identity to create the resource group for you, then this permissions would have to be at Subscription level. 2. **DNS Zone Contributor** role to the particular DNS zone where the entry will be created OR **Contributor** role to the DNS Zone Resource Group.This is needed only if updating DNS hosted in Azure. To follow best practice for least access, the DNS Zone Contributor on the zone itself is the recommended option. 3. **Application Administrator** role in Azure Active Directory, so the Application registration can be created by the Deployment Managed Identity and the required permissions can be assigned to it. 4. **Managed Identity Contributor** and **User Access Administrator** at the Subscription level. These two are needed in order for the ARM template Deployment Managed Identity to be able to create the Key Vault specific Managed Identity that will be used by Profisee to pull the values stored in the Key Vault, as well as to assign the AKSCluster-agentpool the Managed Identity Operator role (to the Resource and Infrastructure Resource groups) and Virtual Machine Operator role (to the Infrastructure Resource group). If Key Vault will not be used, these roles are not required. From 84f29cdfefdaea3a2ff9ed11e91164ca96eb774e Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Fri, 12 Aug 2022 16:19:29 -0400 Subject: [PATCH 055/141] Update README.md --- Azure-ARM/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Azure-ARM/README.md b/Azure-ARM/README.md index 94a8c344..cb24e7f2 100644 --- a/Azure-ARM/README.md +++ b/Azure-ARM/README.md @@ -21,7 +21,7 @@ Here's **what** will be deployed, or used if available, by the ARM template: 7. A free Let's Encrypt certificate, if you choose that option. Please be aware that if you plan on using your own domain with Let's Encrypt you'll need to make sure that if there is a [CAA record set](https://letsencrypt.org/docs/caa/) on your domain it allows Let's Encrypt as the Issuing Authority. Here's **how** it will be deployed. You must have a Managed Identity created to run the deployment. This Managed Identity must have the following permissions ONLY when running a deployment. After it is done, the Managed Identity can be deleted. Based on your ARM template choices, you will need some or all of the following permissions assigned to your Managed Identity: -1. **Contributor** role to the Resource Group where AKS will be deployed. This can either be assigned directly to the Resource Group OR at Subscription level. **Note:** If you want to allow the Deployment Managed Identity to create the resource group for you, then this permissions would have to be at Subscription level. +1. **Contributor** role to the Resource Group where AKS will be deployed. This can either be assigned directly to the Resource Group OR at Subscription level. **Note:** If you want to allow the Deployment Managed Identity to create the resource group for you, then this permission would have to be at Subscription level. 2. **DNS Zone Contributor** role to the particular DNS zone where the entry will be created OR **Contributor** role to the DNS Zone Resource Group.This is needed only if updating DNS hosted in Azure. To follow best practice for least access, the DNS Zone Contributor on the zone itself is the recommended option. 3. **Application Administrator** role in Azure Active Directory, so the Application registration can be created by the Deployment Managed Identity and the required permissions can be assigned to it. 4. **Managed Identity Contributor** and **User Access Administrator** at the Subscription level. These two are needed in order for the ARM template Deployment Managed Identity to be able to create the Key Vault specific Managed Identity that will be used by Profisee to pull the values stored in the Key Vault, as well as to assign the AKSCluster-agentpool the Managed Identity Operator role (to the Resource and Infrastructure Resource groups) and Virtual Machine Operator role (to the Infrastructure Resource group). If Key Vault will not be used, these roles are not required. From 25c541ecd983ddd8e495a4a537050e0784d7388b Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Fri, 12 Aug 2022 16:44:49 -0400 Subject: [PATCH 056/141] Update deployprofisee.sh --- Azure-ARM/deployprofisee.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index 852ee0b1..2a8165b4 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -112,7 +112,7 @@ namespacepresent=$(kubectl get namespace -o jsonpath='{.items[?(@.metadata.name= if [ "$namespacepresent" = "profisee" ]; then echo $"Namespace is already created, continuing." else -kubectl create namespace profisee + kubectl create namespace profisee fi echo $"Creation of profisee namespace in cluster finished."; @@ -442,7 +442,6 @@ if [ "$USEKEYVAULT" = "Yes" ]; then sed -i -e 's/$AZURESUBSCRIPTIONID/'"$keyVaultSubscriptionId"'/g' Settings.yaml sed -i -e 's/$AZURETENANTID/'"$TENANTID"'/g' Settings.yaml - $SUBSCRIPTIONID else sed -i -e 's/$USEKEYVAULT/'false'/g' Settings.yaml fi From 0b37673c24bb84d97e7ac45ae616f5bac14c0e27 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Fri, 12 Aug 2022 16:51:24 -0400 Subject: [PATCH 057/141] Update chart to 0.1.20 Updated the csi api from v1alpha1 to v1 --- index.yaml | 4 ++-- profisee-platform-0.1.19.tgz | Bin 5543 -> 0 bytes profisee-platform-0.1.20.tgz | Bin 0 -> 5536 bytes profisee-platform/Chart.yaml | 2 +- profisee-platform/package.ps1 | 2 +- 5 files changed, 4 insertions(+), 4 deletions(-) delete mode 100644 profisee-platform-0.1.19.tgz create mode 100644 profisee-platform-0.1.20.tgz diff --git a/index.yaml b/index.yaml index 4306d505..6cfe2e55 100644 --- a/index.yaml +++ b/index.yaml @@ -9,6 +9,6 @@ entries: name: profisee-platform type: application urls: - - https://profiseeadmin.github.io/kubernetes/profisee-platform-0.1.19.tgz - version: 0.1.19 + - https://profiseeadmin.github.io/kubernetes/profisee-platform-0.1.20.tgz + version: 0.1.20 generated: "2022-06-30T00:00:00.0-05:00" diff --git a/profisee-platform-0.1.19.tgz b/profisee-platform-0.1.19.tgz deleted file mode 100644 index 2ed46adc8710b65817a1495c11121d7e96e44348..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 5543 zcmV;Y6Dc zVQyr3R8em|NM&qo0PH<~bKAC(`CBvk4mde8Y2Q3ilq}mlcHZ5oveJ6uI6lis@7;8! z1Cg+V8Uh#ql`vkjC;chH+zqZx2y8qsI>6!W0fFl1d zAPJDzrU0nn|DzN8ILH4-UAw#I|6PFiOvZ>W5O+Yc0RR9I!?s?J|NH!6@P5>ao_bKi z2^8oeEj|6gC=UeUM%l;l=*lSdp%6>PJ)`t;FdqN>;p(*2Z0IF;70_!uM^1wA97!>v zF2DDs173d|kIqNeYta_Q6=cjF&(%r3#e4c2dD4PE(XKlhmRN6M*laMpey7v zfhFVjaR*`hsHvv>?b-S0YIOObh#@~lT{Ab({9tu8W3;*&VN*u0Ln+w0K+7RV9-fETIhBlr-j!eqNKMk%%23hD%B2FPWrQ#ze4rmph>*k~XxmF`OKfM?m z2$pCv@cp=sUJ}SB?EZ{SITGS3Ajkod2Pi7U;u6BK`GjH5HD*3uW`o}Yj=;c`c!9tv z=EzlV$QU0Cfmyc%8S z-mW5QNFbg&pf!`ycRC&6&d?kR>uyd2gTBT1w6heQo^2m>?4u42Uz)t{xT=}xC=5BI zXWr9MM$c|A;+a>^MYwdIhJT6|i00@fa2uFKz;k%f9AdJy8Fon^B;ps$L&Hb{bej$1 zVZ7W3o?|JJwdeYQ1G=_t>j!f*S5g6V?O3XC^f^GH(4<)3w%_ZKH5+&ir@BjyrdUW- zsimcx1=Uh_xrJFvS4t$35?#Y9#oY$eNjNnM&Idn?^vYLE;ebEVdHs_93IJ%Sa?x_K zPgOw~F~w@Cre=qh6H=h$T%QgR}GUYKs22*5KpyPpy2N zhs*=xuZL!XU>8w=-eQ7Ip@a^2eSS6^U5rPkgX@9XY|t6SavZ9(QHA03AOC1Jd?sXh ziIQ9?x_H*V=+_>1D~T8)E|c=t*XQHm=;}Hwd57*Z1@A`xR83vN0xw=M;R{I?92S?H zEwHDy?)@8~bo*O$zfc{SufUMPnRlhps*?1%2*t5* z%$nje`Iv66tz6M%x}|1{;z`Fh%7!R3j8{VTF)j3Lv=*<;SZ}XQQ9bF2>h` zi{U7z-6pIvFDq z-iq6W#?fjvgpah15c!8}ttrL($f*Oqd?}+V|Cicp;HT`3Mn_ zNAcAQh_(5Df~kk;^f78c?f!3{QGe;2Tm{r`t(?X2Mcu(!6)ymqqJOmqW- z*`bNCM0tozOA>kztB|&JrLU7=w+tKe|0C3Z`u)FK;QzzpJ^$|lcDesoi-C>QfORCq zhI&O-er(wItCb|R{2zJi{MZ-a5-7x`0-%Qf`@Q3Sp8t>fd;5PU@Ywx7cH*{$WE@$p zz}8(m;eJT`8BAnAYrU`a%JO0GTKZNNhME-HlEdZdBKz3%`? zglh7v_+2jbd`9xDVsgZ1($>d6=Ing%;b(nj@#HBn-2Zucb?nhNtx`j+KGk|oYV|or z1+}_L1-0?v#j_C_1 zC^Co-IdqjZJaV~nm4s}48nxEgGh022r3XmQQ6cBhJimCdP>G;zp45V^vTceliX@2| z6iXAaZ63yCd3;;6mUF<92;B-%B|_wdi7K+-lL*pqeTXo?uDO_iEbfieI;i{ilX1{XZ7EScm}e$2$Mlu>Vhv4)gy1!`|Uu z|KA1V_PAUurj?Dt1bHjKMO?NcqnKw6|6#Ot&cd}*s_qjc1&Z(*+CFrX2v8BnrOu@E zh12P%qV~e>Sa)1bYpK}IFWgBg>I6a zzl6S!9!3_a9@Gx$vb$!$O=KuI+0Ym$gahal(>wFI&%EoH(VT2}li|=vfie$`wR55v zGS$i&Buum%KrjvNYQ<(H|1)}nr*r5(f%jk4^Z(&-KkxtR9vgaFX9XP-g5G)agq#dhtMVx8mS{Y7lJlEsY zC@(#cH%{x_K2xJ~&x9O?M|i*Xo}wi<8t20%HspN$~@)tJ(&04vs&=V7%V zAo<`UdgcuorN~X(f8s4B$N_I$=NHAqzcB2%)^CE*H(4|vu;wmj|N5_BozA((a(`2cX+Iq<DDF>)F8gaeL~yGRvw-bx!Uxmw{eDj}w+jT+ghD_=p1JG#3B zJm%g;hCIO&4*7it5+76K99k!Z>X!i_myBTd-T?!$g!cku3|}^%L+a%Q(FUCfrX4ZM zKW??%R^i!lh6w_KAmoF?W83~7cnmn|e~MaBEwjxc42yrSbY4;DH=2dav1J=mf+@`fhxlw6V73DSiTp=EEWjy_l5+{iqR!`-5I zAR8UWW^0!dYf?3k(G?JspF(}?nmNeLpW5!7v|kxi?fxtf2GI#mxUD~2+v zVg#pH8#ci)~c@4hYY@5liyy9L&67Tnw*t{ZlH-`%!0YbqSj z>Vw|V@g@yL(pvYtCW6SKY|p|=pE=@>`x?VR6^faZey=@;ckLUDh?flgc*E8)4V%pz zfqaVEWus8@_#H^cP(KU5s#pGN)cV)L9Mo`4l>Hz%@2u*Lqb0`@wWXq6I-v8qn|5KI z&ac&R$#G4nHRO(I;)A_*bh1}+)M0jRsOmD-o!el>();o4_54oCj85Y$>tn5WK#&cj4-cLHRQO(J5avQM z6u!u9c*)TXHcpWy(7i=D6YtKy}1 zu03o6s`Nj#YJ?A6^t|VPcDJ9u|JOY{-1~oa0tfj6z=KG2yU_2x**Gw?w}YZIi617e zm4irdWIQV`J<2_-f-3%xcIkHFR?=B*HkAT({NFpy+kd^|-roM(36!7zkK@3@vS|0n zNf^b3{3aN!w(bgx$A}cL@~BJ|FZ3~nr*hyAFgflc>hAT9?ZX=Ue}f51b5$h~|LaSE zI{rV*=YQ=To}BFO|L+9W;eUPcpo-5|EE0p;pD{2akr3bykQ}PM^vr%8usQ$hcz`YP ze=mRk@9?C*-~V?4&&2=fMXR;>|B)eKCA|OAbNV&Gn*1+jkU!V?k9}n4^M7^i?*9Jo zPM{+GBh5fp4F7nls0i1SAsnKs=8|zZMR8K*d{%%Od0?b+PDMiGM=e1fUUqzfp7EEt zkhBK>V~S;Tjq8yDpw|9B$?yN&-hThz4Qz|4(?w$51@M`Ws>Jd|H^Xm*WVI4M;N3b?Loa*b((Nvg56u$EaeWmqc>nH5-z8q#Xa6$;Xt zE|N9)-%RuQ9QVKN!(#rQqy6_kb^|Zv|I6l%El7g3Q|CNo?eAf2{@*<4$ACxhfB$%Y z{=XA=N&c@05?VVQ*Pj2M25a!YaWC(A{D1wEV*bCq{l6R7l>bZW*IYtfTWpjh)vuBu znd_oSr8tMZDKz5j+4-oTIGcX1<~wx1D$3_CDOalbKfEUT-1#5u!^2|yUw`la-wCW@ z%=m(EZjqd2S@pp0JBcC(LTt*ylJ-jSQ3RS?VzlosJ z42O+e{f7fC7)5^>9(_)z7^s$6F})0vv;c2sEOy5Q_L zSI>DZS!5I-51k9cg9B&&0bXgck9ZW;!t%gB1x$Ryg9#L?aO) zMl`+dGoK_*r-)Nk!_06I+9Vgg`Jz^)e=8kGN#|i*^=QNUJnGM}ZkG;}JC=-R^QJ^IQu=kGrLc^T_-DW1awDR2EmYo!4TmvhY)UqN;nR?H z1r`!fd5XntW*EL#{#ly1v#E=sabzcc{gHT7MET+!lM^6!XSo!IdGVbr2}>+oEu_PY z;-tAcrDZ;$W!giW#j^F~3&`Fg*LTms!$YT}P_IGo@Zc1RC7gnXhgPnalH`{mq}2#s zAc}-~lauVSLU)A^Jd`KPjP&Fs;$nsfDVF_5JO2y-eDlpWKO)(VHTYzfzO~eL9thAz zpTV1}fKp7SZ@&G)kqkI3;;|nP5$KDYakd0+v|CPZ#{di9u_b+zSuRSfVMtC9f%nEH zVw-g&o+B2>r1&VaQdjLiD|35R?k1U3p2H~NxLLX?8D^!7&m%2V*i?{La(1RS*ZJjb zu}WFasLf>L&M2r7Z_hylqKmhj%`@x8)t|O7zxWct%5Pg3_)6B^iVyo~Sg0AukpYqo z^&Pq|5>iG?;p>GaRDED@C9#*8Pd9FxSib~&Ik81L^2AnM8QwniE3YzF4rDzV*B#mO zy_=PZ8Xh&e`gdmres6y?xv=xfF_crXn%;5Y>w8<;NSV5(Z;(1|Gi)5^z_xTq5M)cON_L9h>KLyQY>pj1_>rYf>EmeZ&xRCzc^@FVa zllX(IsJ`X;LDu#GV2lqgMvzh{gjtMX&Y!Z3%F`fP$a73WQ3lwH9 zHl9Q3DGU@%Lyt4~#t-uuBM&UGoPmG))&j~J2aJYI6;Z%P91u*A)ofU&<6lD`okB8X z^Esp7({Kzt%tfD098a5#zx|(T_X%>$0s+oWM~aHrf!%Ca*h8=rH{$HKX2V(tmwBl3 z=MtAi{*Pa`<%{l?`lyZn>F4hMb^9m1{+|DL0SAHaL5YAngFL$48Oj0ba-^(1AZIAf z0S;`dYuz;)2a*AoBh^S1%IWW*4b+|y;ZV&3pD^e(8)GEf`kRuVu+o~1uvNU?fCbtf zu&iI2jb`J3vSo}V>;#uIZ{Jz!pXy&SFvW5fOn|^r$%lAQQBx1yMFV5htfpGc-~s^w p=LjsKLr^_dD1e+{@#o^zJ?vo*d)OxYe*gdg|Nkb&q)Y&=001foBRT*8 diff --git a/profisee-platform-0.1.20.tgz b/profisee-platform-0.1.20.tgz new file mode 100644 index 0000000000000000000000000000000000000000..ba9c3554de93ad44ada022388dfaf0edbf5cda44 GIT binary patch literal 5536 zcmV;R6<_KfiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PKDLZ{xO-`2K9b{{uhH0^2@3%d%rTg^KsNa~*FRY&M&Vv)g-z z0tGEGHXDi5l9ZivoBP`jlthX8V#!V%r`viK*d!u398#PiXE-zR8NI!`@NIF;CR?Kd#}uHe|X$~1PssIvE!PORp$uHc z>jzxM>jzK*-UTzn2oi`l2=tHz3ahLk?tNqd==(0Vp~T%-s(wwQYxK;TNE(Jgh{|`>gVUGU?U2|~Y|9t@e>`oC|B4&YR0{{RbhHbr`{@3}%=>4P>J$0af zGsw|JT6+3}RvvJ~w6c%W$(2^>L(W%}Ia=xEXgdA*!_{f4*-%UHDj?U`Lso+E90@)l zHoNzQ1zvxgPR=LS)5*p7>fe{wQ6=bjn2cF~5Xxsz0IFv9+0xm)Yp|fFUrl1zsX> ziW#!y8`8!H1F@hCi+f4jhqKdhcKEi75fNwMWRK6!CKuOdr-kAvvKbNzK~!xz8DCAV zb8lA?HFhEPEYMmA;ai;!w-?BR+_>{xPN8p5Ht(!>r)QdjjydSy@TH0SjxC$M2d zdgeSGW%TR@BbIsfjE772Y53=OiAaua7w!Tx4_FQ_@*sA1Hp8|XaDmtbb+AFBcye_emb^pvnSytdf6Jz}O9LlfG2shI798f6 zj4rVwx8+oXhVtYcy8i?NS6JW%x;!blRgcrjP@H3dBQM|r%n+~{f&w`J6Cf4{z*`Oo zbr4{P(}39s%oz=Q0Eq(@a4DZd2QlEg6x;W2xIEk6qWh)nNPh*I6wbUWg;tiN&v_`0 zxuw_SpWTn?_S(u7U8Y-VrYN3td?R&;Lc@3^WFM144~obi<gn*-HdawiNO)~9q#qYrtbrA>Z1wqd7oFE5K0kHTUFzO;8DDWUA;Oa*UwBADk z=g0wP@!JI-e8ixjtQFPfvU>PZYpVYfv_4@b0_cMG&|YAIz?c%j@GOwU+LDWLoF(fi zv+}%LY1LepEfhasON>@l>D0a+{m;j%$@S!7RJyb8V&lhz3rOtb0CoBC>eJce=d+9H z_2^15|9)?19{7JBu$TS+hiL7r;s3C=wojdQve(R1 z1C80Cj~s7-=pXKX_X3aI|6?O=n+wX2 zVRLNUwF}%I+252MYb@7Jj`{Ty!0l50rE#>M7{I~`@=?_7huLq)jxER)14#7wm{=og zFOIps9V5NSda4MQw{dj2sVf_|iEE1-s&ILFKdx-tZ9qf%E-J*@W~710ux|n3a@pir z@!L$O`HUo4#pLkMZd+aa=(F>|ho9AL#gnH*GyLc2RbEHav`P)N>OSi^sZ}=^71XLK z71YMp7SBd#j6Y9gBGY{r+adQs20bJYLT7m^A_5b+vzHm>_3Juqqi^wRx z-cVIGu*KzWR1&h)J=8{H&usEEmL4FzL4}M#{pRAyLM4K>en$&-%C;%K$cH3qP%KRZ zwtfwh6^#n_LvscqzRm>f(pK{Z6fHJ5$|Hq;ia~>e}SmXZ&`v1w`IB)+y?wuUY z|NDU4PM7n=G_qcpAg=}3h>3Qj6tnEne;loyvvBQ{9{OD*IEwIUXMSiW9-ut-OI--z zbF0&lMeU{8GoX(Rt##-z<|yC6sBP$IWC0%dK4s!RleKG8FRI`(yo5q3IFXWag>I7l zzl6S!9_lXB(@;C4%k1h7H<7wvWnE(+=N2GyOz!mOK6S2RMzgZ+O`1U?1wtJ(RmO>; z%Tz0?mQdcZfQw0RS8JK5Yu(!#DpP z`fF@;scMCUz+}#w4Xuu*?6o`e?Hk2pzn@}lv6IDMd(ap-cRNmjJJ8*;vaIruPy6yO2SHzimu9e|bDs(+g zg>sZ}cu#TW<+kn^Up_%2A)vkR5D}?o{CVPTz8-Vdm)=kw>e)_?s(LA#=bBy~G5PCy zE_)+2y+7hLl}>Kr@V~|E#%;>q;Y9iGUra-vwDowi5dh`be%74)*JDaU0oJT5$H8(z zK=*@>$eA;ygdjUH0`j-mMHYBtTfayq{)J-4Hh$xjyvd^ZfE~Mzl(6l3DI!sf((r*A zJV~Iznw2cErEZ-y$dp^a7V9;|ue=sF>LaSW`O1{te9VSA)bx`Hj95R@AN5d&4N%5) z*CTwJ3vZ~wnT>{6kM)cj*<{J}qyf@Fh z|5u&=q6i-;#oEf+_NW73&H1m_JuaO8hTY@C`EMWaX#Wr2=bE~AnkY4kv% z=J2dq<3V9B&fyHXsUih^zZ6FpL*rr_@;E$4WL2u%*%bgci?<4MTpr(V$Jfmp`jr&a zIDwdlNqA8DkwF_>B8I6mMK&c4x4z#Plq(`TL8>q!wCpX_(Pwj<8=1p!xLXu2 zWTWfYZ0&Mlb*e@p3IRd+DO8uQnd{vA-R)QF2l01>s{KEfh6o~!vb_j{K6Atm`wGKR6^exrey{DpyY>x6u9FOXxMk~@hV5p~ zg=~)6WuuVu_#H^cP(KU5%2)nt)cV)L9Mo`4l>H#N^{ncRp%uddwS}ZzSfKN|n|7h! z(Qnjo$#qS5YRFyF#20(*=w`3vszdKwJF1KL?A!(mn#RYsH?uoQH9GaPtoOKLfs6F+ zHZ*VP-Gmti)G5Y?Vv(L{wtIt;20uIzcD^zG@vV*oxtWXnq~0bLw1>6?6fT|uZzh+>cV_k;{%{lj z*MO??pIkNEhc#OMyE6 zKhEcW?H!+-9OD1?0-Nx^3O}gg^EHb^a=hy35` z7x;g0*#Gwe&&2;}xYfq||45gx65fC5IsKYoL;mLr$e!!|#~hgX{9j$OcgX*>7pU<6 zNHfqC-9MfxD#G=o35O`uTu=t*C{D_p&k9f@542RysYr@9OD1?0z2h@m9?aT`yUb9c8~(k2pjUhO2zi5@50sce>b21w|jDY@c-Eh z?2`YJMWRW7B)(T?dHstzS)1BRPsiU5HsJsG11-;||DW{p_J8wm{@)Y4fc-ySPbJ5M z%cvxm%Rr||t;K-3rN@E-uIrkNV+vuCaBL&2WtvPG)=EWY4c6ibX+7qO1JZ^jk`4G@ zPxkp7@!#fgG5^ot@cobdz)RWxvKeFxl3?T1IZs*p2iTbZw|Dx{;1T@aKRMk0?*(3x z|0|q?HcrQN;Qyz=2K=wZ)0>gQ^{L-*^veEyPhrJDc4Fwy7E|6m>;7ybYG2mAkCU>#$|0m7AA zcp60<2mi&vANXA_S`WzuW5;{C|7h-a-H03smHEo5rtyimH>kX#${{ z|F_Nb7PSe5O#X{5spv^Fz^%Vhj0M95bsOiNdml5Q1cT?XrNovBP`a;n==p_c1{(ch3QP%fuM z_&thjJ~H+3oMNW*im&Nx*EDyfl_fvp@0t)=#9Nx_L~9JzBqUj5h}RR1M1*MG^s3K% zk~ozjPF4*w!$oM5T=@EnTATi@bRZ?2hjrznE#rCQpHtN?9cD2jO8G>s_}0?|SA60^ zF0lQBOYPgKpe&m=C7O}aZxpS#p?$jlFW%BQ0Wy1$OL3SN-^r3N_|jHFI?O2UHrJ=L z%qO%=dx*1Gw!VA;*(h=qdk!8RIwgf_4T6UUt57W996UU~m{|o?p^UXIuBGHad@X0KFYsl?9;Gm5@gEvXBUAOTR~pQ*_qyK>zB91DrGsN zwv&;2qo7K>JqHnpEZ;KfW!8(WK5e0Y@g;(_-?q^3m8`urpZ8O+lrxYc10);jJ9J+p zq>PxtHw<;C`pn>3VlOivaNISqehKz+VvBU-iLDA5-aYkeLzycFvKft=j_mo~&Dul_ zj~ZS5yVD)NcR!k(+j->}$|+e-@3im@z8%tB{J>u&#d%sDzsVGRZFWDx#KWg@bY&E* zp;CGAyfCRnGS<-hd<%Xndh1tviRaOug66XIp5NWohbpt0s*62bNdIp8L011s>_J9U z-?054tNQ@pA&;{Ans!m8Y*U6l2Z(P&gle%p8A;0`A*s1Nefx<%b(yihYg$b-^Xt{E zvW#9YZNxmlqoHX3Hx|hC@SIS#tF(=E_kV+7F8;qeFb4l_QZ2ZIED_{PY z!CU!5c;R1^;d!(1kN=hJK0$_Qz`@z+L{bqOu$v77I|z2-MvVT}Y#2*!QwMeaT;j6G z|MBZKeBRwrAGQ8JdH=s||K#|<|9gR>z;~cPz+ONWg?EN>fY=O4Z4ZbAigSPi)94y^ z&Bl?Sz-CA`l7(XaJ7@#BXGAz;^T2m0l*~RwqOCqE2?|TC*$A7(3l12d?Eu60rP*jU zjtE`FXu@7_N%QudA^%AN1O;;}7QqZ~ETn*lM-?@7&|Ne#O7v>7)dDUN;Lt;08Qp@a i!9oti0`or?vmW382ROhE;r{{v0RR72E{SRYt^fe_HyFGC literal 0 HcmV?d00001 diff --git a/profisee-platform/Chart.yaml b/profisee-platform/Chart.yaml index d52a9401..756d4d3c 100644 --- a/profisee-platform/Chart.yaml +++ b/profisee-platform/Chart.yaml @@ -3,4 +3,4 @@ appVersion: 1.16.0 description: A Helm chart for Profisee Platform on Kubernetes name: profisee-platform type: application -version: 0.1.19 +version: 0.1.20 diff --git a/profisee-platform/package.ps1 b/profisee-platform/package.ps1 index daaed667..3f3de3ae 100644 --- a/profisee-platform/package.ps1 +++ b/profisee-platform/package.ps1 @@ -1,6 +1,6 @@ #update chart.yaml to increment the number 0.1.x #to create the tgz - helm chart to upload -Set-Location profisee-platform +#Set-Location profisee-platform helm package . -d ..\ #now upload the in profisee-platform-x.x.x.tgz to github site From 544aed805f6f8bc359e765378219cf5172610dd9 Mon Sep 17 00:00:00 2001 From: ProfiseeAdmin <91691686+ProfiseeAdmin@users.noreply.github.com> Date: Tue, 16 Aug 2022 16:50:51 -0400 Subject: [PATCH 058/141] Update prereqcheck.sh updated Resource group check. --- Azure-ARM/prereqcheck.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Azure-ARM/prereqcheck.sh b/Azure-ARM/prereqcheck.sh index 55255c5b..ff3981b2 100644 --- a/Azure-ARM/prereqcheck.sh +++ b/Azure-ARM/prereqcheck.sh @@ -63,7 +63,7 @@ fi echo "Is the Deployment Managed Identity assigned the Contributor Role at the Subscription or at the Resource Group level?" subscriptionContributor=$(az role assignment list --all --assignee $currentIdentityId --output json --include-inherited --query "[?roleDefinitionName=='Contributor' && scope=='/subscriptions/$SUBSCRIPTIONID'].roleDefinitionName" --output tsv) if [ -z "$subscriptionContributor" ]; then - echo "Role is NOT assigned at Subscription level, checking Resource Group level assignment now." + echo "Role is NOT assigned at Subscription level, checking Resource Group level assignment now. Please bear in mind that if you plan on having the Deployment Managed Identity create the Resource Group for you, then you will need to grant Contributor role at Subscription level." #DMInot subscription level, check resource group level rgContributor=$(az role assignment list --all --assignee $currentIdentityId --output json --include-inherited --query "[?roleDefinitionName=='Contributor' && scope=='/subscriptions/$SUBSCRIPTIONID/resourceGroups/$RESOURCEGROUPNAME'].roleDefinitionName" --output tsv) if [ -z "$rgContributor" ]; then From 56fd05755c9310df9784fcbb9097e57b403a94cb Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Sat, 20 Aug 2022 07:55:04 -0400 Subject: [PATCH 059/141] update to 0.1.21 Minor improvements and liveness probe watches for stopped state --- Azure-ARM/README.md | 2 ++ Azure-ARM/createUIDefinition.json | 12 ++++---- Azure-ARM/deployprofisee.sh | 14 ++++----- Azure-ARM/prereqcheck.sh | 28 +++++++++--------- index.yaml | 4 +-- profisee-platform-0.1.20.tgz | Bin 5536 -> 0 bytes profisee-platform-0.1.21.tgz | Bin 0 -> 5534 bytes profisee-platform/Chart.yaml | 2 +- .../templates/statefullset-profisee.yaml | 2 +- 9 files changed, 33 insertions(+), 31 deletions(-) delete mode 100644 profisee-platform-0.1.20.tgz create mode 100644 profisee-platform-0.1.21.tgz diff --git a/Azure-ARM/README.md b/Azure-ARM/README.md index cb24e7f2..b51c0455 100644 --- a/Azure-ARM/README.md +++ b/Azure-ARM/README.md @@ -25,6 +25,8 @@ Here's **how** it will be deployed. You must have a Managed Identity created to 2. **DNS Zone Contributor** role to the particular DNS zone where the entry will be created OR **Contributor** role to the DNS Zone Resource Group.This is needed only if updating DNS hosted in Azure. To follow best practice for least access, the DNS Zone Contributor on the zone itself is the recommended option. 3. **Application Administrator** role in Azure Active Directory, so the Application registration can be created by the Deployment Managed Identity and the required permissions can be assigned to it. 4. **Managed Identity Contributor** and **User Access Administrator** at the Subscription level. These two are needed in order for the ARM template Deployment Managed Identity to be able to create the Key Vault specific Managed Identity that will be used by Profisee to pull the values stored in the Key Vault, as well as to assign the AKSCluster-agentpool the Managed Identity Operator role (to the Resource and Infrastructure Resource groups) and Virtual Machine Operator role (to the Infrastructure Resource group). If Key Vault will not be used, these roles are not required. +5. **Key Vault requirements**. If you are using a Key Vault, please make sure that your Access Policy page has a checkmark on "Azure Resource Manager for template deployment". Otherwise, MS will not be able to validate the ARM template's access against your Key Vault and will result in validation failure in the ARM template before it begins deployment. + If Profisee will be configured to integrate with Microsoft Purview, a Purview specific Application Registration will need to be created and have the **Data Curator Role** assigned in the Purview account. It will also have to be assigned, at minimum, the User.Read **delegated** permission. For full Microsoft Purview functionality and integration with Profisee, the User.Read.All, Group.Read.All and GroupMember.Read.All **application** permissions will need to be added and consented to by an Azure Global Admin. diff --git a/Azure-ARM/createUIDefinition.json b/Azure-ARM/createUIDefinition.json index a0157479..5b53411d 100644 --- a/Azure-ARM/createUIDefinition.json +++ b/Azure-ARM/createUIDefinition.json @@ -235,7 +235,7 @@ "value": "Yes" }, { - "label": "No, not at this time.", + "label": "No, no need at this point.", "value": "No" } ], @@ -787,12 +787,12 @@ "name": "DNSUpdate", "type": "Microsoft.Common.OptionsGroup", "label": "Use default Azure DNS?", - "defaultValue": "Yes, use default Azure DNS and Let’s Encrypt certificate (ex. https://[profisee].[region].cloudapp.azure.com/profisee)", + "defaultValue": "Yes, use default Azure DNS and Let’s Encrypt for certificates (ex. https://[profisee].[region].cloudapp.azure.com/profisee)", "toolTip": "Profisee will configure Let's Encrypt to generate and auto-renew a TLS certificate for use with Azure hosted DNS. Ex. profisee.eastus2.cloudapp.azure.com/{web app name}.", "constraints": { "allowedValues": [ { - "label": "Yes, use default Azure DNS and Let’s Encrypt for certificates (ex. https://[profisee name].[region].cloudapp.azure.com/profisee)", + "label": "Yes, use default Azure DNS and Let’s Encrypt for certificates (ex. https://[profisee].[region].cloudapp.azure.com/profisee)", "value": "No" }, { @@ -813,12 +813,12 @@ "name": "DNSUpdate2", "type": "Microsoft.Common.OptionsGroup", "label": "Are your domain DNS records hosted in an Azure Public DNS Zone?", - "defaultValue": "Yes, I use an Azure Public DNS zone for my domain.", + "defaultValue": "Yes, I use an Azure Public DNS zone to host my domain records.", "toolTip": "You have an Azure DNS zone for your domain. The Name Servers of your domain at your domain registrar (ex. Google, Cloudflare, GoDaddy) are set as the Azure Public DNS zone ones.", "constraints": { "allowedValues": [ { - "label": "Yes, I use Azure Public DNS zone to host my domain records.", + "label": "Yes, I use an Azure Public DNS zone to host my domain records.", "value": "Yes" }, { @@ -864,7 +864,7 @@ "label": "DNS Zone Resource Group", "defaultValue": "", "placeholder": "This value is CaSe SeNSitiVe! mydnszoneresourcegroup", - "toolTip": "This value is CaSe SeNSitiVe! Please type the name of the Azure Resource group that contains your Azure DNS Zone.", + "toolTip": "This value is CaSe SeNSitiVe! Please type the name of the Azure Resource group that contains your Azure DNS Zone. Check for case sensitivity by looking in Resource Groups in Azure vs which Resource Group the DNS zone itself belongs to.", "constraints": { "required": true, "regex": "", diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index 2a8165b4..414f825d 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -199,19 +199,19 @@ if [ "$USEKEYVAULT" = "Yes" ]; then else echo $"Setting Key Vault access policies to the Key Vault Specific Managed Identity." echo $"Key Vault Specific Managed Identity configuration for KV access step 3a started. Assigning Get access policy for secrets." - echo "Running az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --secret-permissions get --spn $principalId --query id" - az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --secret-permissions get --spn $principalId --query id + echo "Running az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --secret-permissions get --object-id $principalId --query id" + az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --secret-permissions get --object-id $principalId --query id echo $"Key Vault Specific Managed Identity configuration for KV access step 3a finished. Assignment completed." echo $"Key Vault Specific Managed Identity configuration for KV access step 3b started. Assigning Get access policy for keys." - echo "Running az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --key-permissions get --spn $principalId --query id" - az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --key-permissions get --spn $principalId --query id + echo "Running az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --key-permissions get --object-id $principalId --query id" + az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --key-permissions get --object-id $principalId --query id echo $"Key Vault Specific Managed Identity configuration for KV access step 3b finished. Assignment completed." echo $"Key Vault Specific Managed Identity configuration for KV access step 3c started. Assigning Get access policy for certificates." - echo "Running az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --certificate-permissions get --spn $principalId --query id" - az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --certificate-permissions get --spn $principalId --query id - eecho $"Key Vault Specific Managed Identity configuration for KV access step 3c finished. Assignment completed." + echo "Running az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --certificate-permissions get --object-id $principalId --query id" + az keyvault set-policy -n $keyVaultName --subscription $keyVaultSubscriptionId --certificate-permissions get --object-id $principalId --query id + echo $"Key Vault Specific Managed Identity configuration for KV access step 3c finished. Assignment completed." echo $"Key Vault Specific Managed Identity setup is now finished." fi diff --git a/Azure-ARM/prereqcheck.sh b/Azure-ARM/prereqcheck.sh index ff3981b2..8dc98ad2 100644 --- a/Azure-ARM/prereqcheck.sh +++ b/Azure-ARM/prereqcheck.sh @@ -52,7 +52,7 @@ echo "Running az identity show -g $mirg -n $miname --query principalId -o tsv" currentIdentityId=$(az identity show -g $mirg -n $miname --query principalId -o tsv) if [ -z "$currentIdentityId" ]; then - err="Unable to query the Deployment Managed Identity to get principal id. Exiting with error." + err="Unable to query the Deployment Managed Identity to get principal id. Exiting with error. IF the Deployment Managed Identity has just been created, this issue is most likely intermittent. Please retry your deployment." echo $err set_resultAndReturn; fi @@ -63,8 +63,8 @@ fi echo "Is the Deployment Managed Identity assigned the Contributor Role at the Subscription or at the Resource Group level?" subscriptionContributor=$(az role assignment list --all --assignee $currentIdentityId --output json --include-inherited --query "[?roleDefinitionName=='Contributor' && scope=='/subscriptions/$SUBSCRIPTIONID'].roleDefinitionName" --output tsv) if [ -z "$subscriptionContributor" ]; then - echo "Role is NOT assigned at Subscription level, checking Resource Group level assignment now. Please bear in mind that if you plan on having the Deployment Managed Identity create the Resource Group for you, then you will need to grant Contributor role at Subscription level." - #DMInot subscription level, check resource group level + echo "Role is NOT assigned at Subscription level, checking Resource Group level assignment now. Please bear in mind that if you plan to have the Deployment Managed Identity create the Resource Group for you, then you will need to grant it Contributor role at Subscription level." + #Deployment MAnaged Identity is not granted Contributor at Subscription level, checking Resource Group level. rgContributor=$(az role assignment list --all --assignee $currentIdentityId --output json --include-inherited --query "[?roleDefinitionName=='Contributor' && scope=='/subscriptions/$SUBSCRIPTIONID/resourceGroups/$RESOURCEGROUPNAME'].roleDefinitionName" --output tsv) if [ -z "$rgContributor" ]; then err="Role is NOT assigned at either Subscription or Resource Group level. Exiting with error. Please assign the Contributor role to the Deployment Managed Identity at either Subscription or Resource Group level. Please visit https://support.profisee.com/wikis/2022_r1_support/planning_your_managed_identity_configuration for more information." @@ -74,7 +74,7 @@ if [ -z "$subscriptionContributor" ]; then echo "Role is assigned at Resource level. Continuing checks." fi - #If updating , check to make sure you have effective contributor access to the dns resource group + #If updating DNS, check to make sure you have effective contributor access to the DNS zone itself. if [ "$UPDATEDNS" = "Yes" ]; then echo "Is the Deployment Managed Identity assigned the DNS Zone Contributor role to the DNS zone itself?" dnsznContributor=$(az role assignment list --all --assignee $currentIdentityId --output json --include-inherited --query "[?roleDefinitionName=='DNS Zone Contributor' && scope=='/subscriptions/$SUBSCRIPTIONID/resourceGroups/$DOMAINNAMERESOURCEGROUP/providers/Microsoft.Network/dnszones/$DNSDOMAINNAME'].roleDefinitionName" --output tsv) @@ -111,28 +111,28 @@ fi if [ "$USEPURVIEW" = "Yes" ]; then purviewClientPermissions=$(az ad app permission list --id $PURVIEWCLIENTID --output tsv --query [].resourceAccess[].id) - #User.Read + #Check if User.Read permission has been granted to the Purview specific Azure Application Registration. if [[ $purviewClientPermissions != *"e1fe6dd8-ba31-4d61-89e7-88639da4683d"* ]]; then - echo "The Purview Azure AD application registration is missing the Microsoft Graph API User.Read delegated permission. Some governance features may not function until this permission is granted. This permissions might require an Azure AD Global Admin consent. Please visit https://support.profisee.com/wikis/2022_r1_support/prerequisites_for_integrating_with_purview for more information. " + echo "The Purview Azure AD application registration is missing the Microsoft Graph API User.Read delegated permission. Some governance features may not function until this permission is granted. This permission might require an Azure AD Global Admin consent. Please visit https://support.profisee.com/wikis/2022_r1_support/prerequisites_for_integrating_with_purview for more information. " fi - #User.Read.All + #Check if User.Read.All permission has been granted to the Purview specific Azure Application Registration. if [[ $purviewClientPermissions != *"df021288-bdef-4463-88db-98f22de89214"* ]]; then - echo "The Purview Azure AD application registration is missing the Microsoft Graph API User.Read.All application permission. Some governance features may not function until this permission is granted. This permission requires an Azure AD Global Admin consent. Please visit https://support.profisee.com/wikis/2022_r1_support/prerequisites_for_integrating_with_purview for more information." + echo "The Purview Azure AD application registration is missing the Microsoft Graph API User.Read.All application permission. Some governance features will not function until this permission is granted. This permission requires an Azure AD Global Admin consent. Please visit https://support.profisee.com/wikis/2022_r1_support/prerequisites_for_integrating_with_purview for more information." fi - #Group.Read.All + #Check if Group.Read.All permission has been granted to the Purview specific Azure Application Registration. if [[ $purviewClientPermissions != *"5b567255-7703-4780-807c-7be8301ae99b"* ]]; then - echo "The Purview Azure AD application registration is missing the Microsoft Graph API Group.Read.All application permission. Some governance features may not function until this permission is granted. This permission requires an Azure AD Global Admin consent. Please visit https://support.profisee.com/wikis/2022_r1_support/prerequisites_for_integrating_with_purview for more information." + echo "The Purview Azure AD application registration is missing the Microsoft Graph API Group.Read.All application permission. Some governance features will not function until this permission is granted. This permission requires an Azure AD Global Admin consent. Please visit https://support.profisee.com/wikis/2022_r1_support/prerequisites_for_integrating_with_purview for more information." fi - #GroupMember.Read.All + #Check if GroupMember.Read.All permission has been granted to the Purview specific Azure Application Registration. if [[ $purviewClientPermissions != *"98830695-27a2-44f7-8c18-0c3ebc9698f6"* ]]; then - echo "The Purview Azure AD application registration is missing the Microsoft Graph API GroupMember.Read.All application permission. Some governance features may not function until this permission is granted. This permission requires an Azure AD Global Admin consent. Please visit https://support.profisee.com/wikis/2022_r1_support/prerequisites_for_integrating_with_purview for more information." + echo "The Purview Azure AD application registration is missing the Microsoft Graph API GroupMember.Read.All application permission. Some governance features will not function until this permission is granted. This permission requires an Azure AD Global Admin consent. Please visit https://support.profisee.com/wikis/2022_r1_support/prerequisites_for_integrating_with_purview for more information." fi fi -#If using keyvault, checks to make sure that the Deployment Managed Identity has been assigned the Managed Identity Contributor role AND User Access Administrator as Subscription level. +#If using Key Vault, checks to make sure that the Deployment Managed Identity has been assigned the Managed Identity Contributor role AND User Access Administrator as Subscription level. if [ "$USEKEYVAULT" = "Yes" ]; then echo "Is the Deployment Managed Identity assigned the Managed Identity Contributor role at the Subscription level?" subscriptionMIContributor=$(az role assignment list --all --assignee $currentIdentityId --output json --include-inherited --query "[?roleDefinitionName=='Managed Identity Contributor' && scope=='/subscriptions/$SUBSCRIPTIONID'].roleDefinitionName" --output tsv) @@ -176,4 +176,4 @@ echo $"Profisee pre-req check finished $(date +"%Y-%m-%d %T")"; result="{\"Result\":[\ {\"SUCCESS\":\"$success\"} ]}" -echo $result > $AZ_SCRIPTS_OUTPUT_PATH +echo $result > $AZ_SCRIPTS_OUTPUT_PATH \ No newline at end of file diff --git a/index.yaml b/index.yaml index 6cfe2e55..dfa91560 100644 --- a/index.yaml +++ b/index.yaml @@ -9,6 +9,6 @@ entries: name: profisee-platform type: application urls: - - https://profiseeadmin.github.io/kubernetes/profisee-platform-0.1.20.tgz - version: 0.1.20 + - https://profiseedev.github.io/kubernetes/profisee-platform-0.1.21.tgz + version: 0.1.21 generated: "2022-06-30T00:00:00.0-05:00" diff --git a/profisee-platform-0.1.20.tgz b/profisee-platform-0.1.20.tgz deleted file mode 100644 index ba9c3554de93ad44ada022388dfaf0edbf5cda44..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 5536 zcmV;R6<_KfiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PKDLZ{xO-`2K9b{{uhH0^2@3%d%rTg^KsNa~*FRY&M&Vv)g-z z0tGEGHXDi5l9ZivoBP`jlthX8V#!V%r`viK*d!u398#PiXE-zR8NI!`@NIF;CR?Kd#}uHe|X$~1PssIvE!PORp$uHc z>jzxM>jzK*-UTzn2oi`l2=tHz3ahLk?tNqd==(0Vp~T%-s(wwQYxK;TNE(Jgh{|`>gVUGU?U2|~Y|9t@e>`oC|B4&YR0{{RbhHbr`{@3}%=>4P>J$0af zGsw|JT6+3}RvvJ~w6c%W$(2^>L(W%}Ia=xEXgdA*!_{f4*-%UHDj?U`Lso+E90@)l zHoNzQ1zvxgPR=LS)5*p7>fe{wQ6=bjn2cF~5Xxsz0IFv9+0xm)Yp|fFUrl1zsX> ziW#!y8`8!H1F@hCi+f4jhqKdhcKEi75fNwMWRK6!CKuOdr-kAvvKbNzK~!xz8DCAV zb8lA?HFhEPEYMmA;ai;!w-?BR+_>{xPN8p5Ht(!>r)QdjjydSy@TH0SjxC$M2d zdgeSGW%TR@BbIsfjE772Y53=OiAaua7w!Tx4_FQ_@*sA1Hp8|XaDmtbb+AFBcye_emb^pvnSytdf6Jz}O9LlfG2shI798f6 zj4rVwx8+oXhVtYcy8i?NS6JW%x;!blRgcrjP@H3dBQM|r%n+~{f&w`J6Cf4{z*`Oo zbr4{P(}39s%oz=Q0Eq(@a4DZd2QlEg6x;W2xIEk6qWh)nNPh*I6wbUWg;tiN&v_`0 zxuw_SpWTn?_S(u7U8Y-VrYN3td?R&;Lc@3^WFM144~obi<gn*-HdawiNO)~9q#qYrtbrA>Z1wqd7oFE5K0kHTUFzO;8DDWUA;Oa*UwBADk z=g0wP@!JI-e8ixjtQFPfvU>PZYpVYfv_4@b0_cMG&|YAIz?c%j@GOwU+LDWLoF(fi zv+}%LY1LepEfhasON>@l>D0a+{m;j%$@S!7RJyb8V&lhz3rOtb0CoBC>eJce=d+9H z_2^15|9)?19{7JBu$TS+hiL7r;s3C=wojdQve(R1 z1C80Cj~s7-=pXKX_X3aI|6?O=n+wX2 zVRLNUwF}%I+252MYb@7Jj`{Ty!0l50rE#>M7{I~`@=?_7huLq)jxER)14#7wm{=og zFOIps9V5NSda4MQw{dj2sVf_|iEE1-s&ILFKdx-tZ9qf%E-J*@W~710ux|n3a@pir z@!L$O`HUo4#pLkMZd+aa=(F>|ho9AL#gnH*GyLc2RbEHav`P)N>OSi^sZ}=^71XLK z71YMp7SBd#j6Y9gBGY{r+adQs20bJYLT7m^A_5b+vzHm>_3Juqqi^wRx z-cVIGu*KzWR1&h)J=8{H&usEEmL4FzL4}M#{pRAyLM4K>en$&-%C;%K$cH3qP%KRZ zwtfwh6^#n_LvscqzRm>f(pK{Z6fHJ5$|Hq;ia~>e}SmXZ&`v1w`IB)+y?wuUY z|NDU4PM7n=G_qcpAg=}3h>3Qj6tnEne;loyvvBQ{9{OD*IEwIUXMSiW9-ut-OI--z zbF0&lMeU{8GoX(Rt##-z<|yC6sBP$IWC0%dK4s!RleKG8FRI`(yo5q3IFXWag>I7l zzl6S!9_lXB(@;C4%k1h7H<7wvWnE(+=N2GyOz!mOK6S2RMzgZ+O`1U?1wtJ(RmO>; z%Tz0?mQdcZfQw0RS8JK5Yu(!#DpP z`fF@;scMCUz+}#w4Xuu*?6o`e?Hk2pzn@}lv6IDMd(ap-cRNmjJJ8*;vaIruPy6yO2SHzimu9e|bDs(+g zg>sZ}cu#TW<+kn^Up_%2A)vkR5D}?o{CVPTz8-Vdm)=kw>e)_?s(LA#=bBy~G5PCy zE_)+2y+7hLl}>Kr@V~|E#%;>q;Y9iGUra-vwDowi5dh`be%74)*JDaU0oJT5$H8(z zK=*@>$eA;ygdjUH0`j-mMHYBtTfayq{)J-4Hh$xjyvd^ZfE~Mzl(6l3DI!sf((r*A zJV~Iznw2cErEZ-y$dp^a7V9;|ue=sF>LaSW`O1{te9VSA)bx`Hj95R@AN5d&4N%5) z*CTwJ3vZ~wnT>{6kM)cj*<{J}qyf@Fh z|5u&=q6i-;#oEf+_NW73&H1m_JuaO8hTY@C`EMWaX#Wr2=bE~AnkY4kv% z=J2dq<3V9B&fyHXsUih^zZ6FpL*rr_@;E$4WL2u%*%bgci?<4MTpr(V$Jfmp`jr&a zIDwdlNqA8DkwF_>B8I6mMK&c4x4z#Plq(`TL8>q!wCpX_(Pwj<8=1p!xLXu2 zWTWfYZ0&Mlb*e@p3IRd+DO8uQnd{vA-R)QF2l01>s{KEfh6o~!vb_j{K6Atm`wGKR6^exrey{DpyY>x6u9FOXxMk~@hV5p~ zg=~)6WuuVu_#H^cP(KU5%2)nt)cV)L9Mo`4l>H#N^{ncRp%uddwS}ZzSfKN|n|7h! z(Qnjo$#qS5YRFyF#20(*=w`3vszdKwJF1KL?A!(mn#RYsH?uoQH9GaPtoOKLfs6F+ zHZ*VP-Gmti)G5Y?Vv(L{wtIt;20uIzcD^zG@vV*oxtWXnq~0bLw1>6?6fT|uZzh+>cV_k;{%{lj z*MO??pIkNEhc#OMyE6 zKhEcW?H!+-9OD1?0-Nx^3O}gg^EHb^a=hy35` z7x;g0*#Gwe&&2;}xYfq||45gx65fC5IsKYoL;mLr$e!!|#~hgX{9j$OcgX*>7pU<6 zNHfqC-9MfxD#G=o35O`uTu=t*C{D_p&k9f@542RysYr@9OD1?0z2h@m9?aT`yUb9c8~(k2pjUhO2zi5@50sce>b21w|jDY@c-Eh z?2`YJMWRW7B)(T?dHstzS)1BRPsiU5HsJsG11-;||DW{p_J8wm{@)Y4fc-ySPbJ5M z%cvxm%Rr||t;K-3rN@E-uIrkNV+vuCaBL&2WtvPG)=EWY4c6ibX+7qO1JZ^jk`4G@ zPxkp7@!#fgG5^ot@cobdz)RWxvKeFxl3?T1IZs*p2iTbZw|Dx{;1T@aKRMk0?*(3x z|0|q?HcrQN;Qyz=2K=wZ)0>gQ^{L-*^veEyPhrJDc4Fwy7E|6m>;7ybYG2mAkCU>#$|0m7AA zcp60<2mi&vANXA_S`WzuW5;{C|7h-a-H03smHEo5rtyimH>kX#${{ z|F_Nb7PSe5O#X{5spv^Fz^%Vhj0M95bsOiNdml5Q1cT?XrNovBP`a;n==p_c1{(ch3QP%fuM z_&thjJ~H+3oMNW*im&Nx*EDyfl_fvp@0t)=#9Nx_L~9JzBqUj5h}RR1M1*MG^s3K% zk~ozjPF4*w!$oM5T=@EnTATi@bRZ?2hjrznE#rCQpHtN?9cD2jO8G>s_}0?|SA60^ zF0lQBOYPgKpe&m=C7O}aZxpS#p?$jlFW%BQ0Wy1$OL3SN-^r3N_|jHFI?O2UHrJ=L z%qO%=dx*1Gw!VA;*(h=qdk!8RIwgf_4T6UUt57W996UU~m{|o?p^UXIuBGHad@X0KFYsl?9;Gm5@gEvXBUAOTR~pQ*_qyK>zB91DrGsN zwv&;2qo7K>JqHnpEZ;KfW!8(WK5e0Y@g;(_-?q^3m8`urpZ8O+lrxYc10);jJ9J+p zq>PxtHw<;C`pn>3VlOivaNISqehKz+VvBU-iLDA5-aYkeLzycFvKft=j_mo~&Dul_ zj~ZS5yVD)NcR!k(+j->}$|+e-@3im@z8%tB{J>u&#d%sDzsVGRZFWDx#KWg@bY&E* zp;CGAyfCRnGS<-hd<%Xndh1tviRaOug66XIp5NWohbpt0s*62bNdIp8L011s>_J9U z-?054tNQ@pA&;{Ans!m8Y*U6l2Z(P&gle%p8A;0`A*s1Nefx<%b(yihYg$b-^Xt{E zvW#9YZNxmlqoHX3Hx|hC@SIS#tF(=E_kV+7F8;qeFb4l_QZ2ZIED_{PY z!CU!5c;R1^;d!(1kN=hJK0$_Qz`@z+L{bqOu$v77I|z2-MvVT}Y#2*!QwMeaT;j6G z|MBZKeBRwrAGQ8JdH=s||K#|<|9gR>z;~cPz+ONWg?EN>fY=O4Z4ZbAigSPi)94y^ z&Bl?Sz-CA`l7(XaJ7@#BXGAz;^T2m0l*~RwqOCqE2?|TC*$A7(3l12d?Eu60rP*jU zjtE`FXu@7_N%QudA^%AN1O;;}7QqZ~ETn*lM-?@7&|Ne#O7v>7)dDUN;Lt;08Qp@a i!9oti0`or?vmW382ROhE;r{{v0RR72E{SRYt^fe_HyFGC diff --git a/profisee-platform-0.1.21.tgz b/profisee-platform-0.1.21.tgz new file mode 100644 index 0000000000000000000000000000000000000000..9a2a860e1d275a4f59c88f0683d43b304ba69d74 GIT binary patch literal 5534 zcmV;P6=CWhiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PKDLZ`(Mscz-tF|A8N;Kz9#kS$4iHbhyuZUdP=Fnx=Vi+I{!1 zz=D=0Ha9YL3&n z^H=th`zj9Z8vz`UPrwCX)IsxJ0|!C+XV>bUSa!n$;c^nl=vg2A1N<3s)fz#!jH9b$ z{h+I4{UAosyKoGgf&|f^cm@tCt+Ix^55Pe<2z=sVg}X7={n}R7>UA40Ju`m}DD(du z`yq&J3V;>-e|&166!`zxKI!fGe-|J=`y=3U;0|gw5JD(s*w*XOe_dSm-w#{yQx8i# z#sV(0(z73p@=yRb%07;U*G6f8g;+4|8KqbK(dg$7*JrI}LodPWklv6PI4Q;pkYY$( zeji8&z5X~FUJP$W!^^?-Kd)}$O4yqb+IL+RQmK&l&)%P3_6LIxA1`l={%?s7*AOs4 zB;)r<2T}XDsiyqx`Ni;hc=e%-p*TievoO%&V0ATPw7QzlCXC)hQm}Oiivb4@s3h1I zxk|Bc%yoHvVboAV8%;3>ld{o2`qx8)EchaUQ|zBn@saxuYL%bs=EMKKQ6suIyBrw^ z7BKDyK~hIA2?%_4e@-VHgt!iUaFFC7#Dzp$VLURQFygt!%qPpN|9i**^<7EkfX)a9 zSG^%)d^nU-#)-UF#CXgIhY-W1-h zB5L4cGILOCDrMkwI>Md83=8Ya%ohv?7UPr7LUekzecZ8+J0yB(^1kD$W}>4o6p)^K zPe&O)yCuMLubzu&={^nrgv@~!==Sk8FpH2E@WKoee`_=B`k|1(FPR5}SORpL4dY?5 z+MpkkYw1dM!`k@$Dv;NiYXlQM>eltvtJQHEmbaBPX4JX zs3N9ZP1V%w&~hRQl$>k*wW^{PcS*%m(p6TD-hWba_`ZLBQC&^ZpVaDqy!l6~Smz=4 z!1(K-+3<-ARKQ!}!x@&?L9Z{)2gA$J@T`B+SDOu-QzA#vkv6U{nEd_k%|^h4tS(WK zD?^ve`d9thlWwIi2Eb)n{`%%(G#FmrL?!RwK3DK=_)pc;^;zg8D<*m&>4GETinBTK z)V7?7&`6%VgZoc7^reGtu`kk+JN-DD49z(XI+%q*qA?(s1D4<+LXn&T!gm5u<^kd$ zSjb&K6VAc_Vd|kNo~!5B1C9cp5%>O$P-pu)xSy+z%vWGY;oQ5@XjMt}TtwnnIA%@p z+5ebrudPDSRko$(ijqkuw@Qa7HB44Q{xL1}po#oR4Lx5Z!f~qm6h|k4;_{di=`%1U z1RccFLp;Q8(`ipC{taC-9|Y1b2n#_b6gf`b4-4v5($kcSgwb5r}N>@=a-|K{^ej; zINhm3aD0Z+6@ToHhS{M6FGM95=cWwC;uG`38JIIMVQk`8i-26?i3@RK%`B+-1YNnT z|4Eps-$8UDnWUvi`)=M&w~x(~!&Ua5qm$#j{@3d%m2j{B?Et=hZ6k7vtWUAlA8kqT z>A*5J8`OSyXf{k+5yoD?JiR!qyB~x_SZCgCHtq=Z926bwwM=L>W+1WBA)TC(iSNYS zT;pgp8zKO$BgFP0Tc4DYedNqRU%yt-s<%HYr6}8b(8Gg1FGezB10-6?L@3l$0ad@h z^h?_!tk3^5@?89X+&d}q|Hsk^Z%GokI>0ujsYw8fBUq+|3|&U<30cH0(P?h{}`{GCHx=t)()80PWPIzZeTDw zHZfKl9%9wfk1U9FNZY#7x5=3E5yybl`+v8@|J~C)|L+2Jx&POTfsKv<>qv+V z&lP$3v0>wHR+6mb|JYg=B(@0G$3ko>09Nq-QSZbq^8ayffB(A^c;%+~Te*-tMAlD2a)#nppt-QTB z;re!h^fK?MB7M;&@#UteY}}=;Eo!LJ7uo%|wsE%+i|D(o5o_y_hGN6MgQPE1lV`>6 za;fJtmSi=PBR>0Weeq+?&W8Yh*0&W;o)W|GU!+%i9gVUoE2!1?SHFesaB` ztE^#*E8M80Wb1pVwZ@*?r-nFXIjkS-ijm#IUsgIZ%O;N+;4w~Qq>oGXaT)y_`F zg{#n2Bh6J$v1B)UE86Rdg~RnzZo2kR1$F2DMD!9NLg0@z{;#3`pB^6;?f-}N(f<6u z3n=V#1z$`n?}dqqT7U~&wqvE3=a2q_cv&7-Nx~b`oUX9|TfS(EV z*h2I}IaS(*_N0CjDJ5^>>IW6NS#_7%`&)O14hTg)k-)LvP7ZcuoSElZ6;7=}ug0lS z_Hz#J8P1~IHXY-uC#WwacBeC-GV_eTNZrksW6t~1TiQcC-^oE;FIDrrqL)WZ{<5B{ z-pGpHAMu(hCpUHY-(Yr=Hr4NNsQvdZN0Cq3a=iHnfNE?%8&3YqF=e3uOV*X=5w#$& z{~-W+?hP2F;HE}E@s{}Dpf|4bi(=wm81Y=|H^JzeJem*0b61fPwOuYn6pDTpKCl8$ z8fdU&B`a*1TjvU7+AUy%^_t<=UW;q>5m#P+WvXsI=0hD;^pgvWSU%Gq%}|FmP$qSk zBYay3Z&-md9}Te_?FHThYc3FCIntpK*RTR(76Oq+H~8@W$`8e_6IbtxMuGc4Wd1s;Q+DN;BHDsePd5DLzrby})^75e@a^ND-!puWGr_X6bJDgjRd_ckn2+-k)ZT}5<3_0q53az-7*=8QO#lKf)UQy~do`u}CWt&i+P$;U? zGlk#^%c+A}of(y#T%%Gj5(n&kp#FV6Qip?*D>6Spx-cfR>MgCJ&lRLFGLMsJw)hhq?KkTO@n?m){Xem1J<4i=p_8)r*SYqes5=rEP8OI_CZkM%Puj_NWwJGar4W%2Rt_3Tbcjn4cmS9@IX&;w*q7k~%x(d|;d`)1?7IK3T|rAhKIHLV=P zf+J^HdFfH^VHwo%f4ob#Q?ruJYO|>nSjGRnlcN6DJF)lr-%g_LXuWn5Ce90m)xcwO&Gg1kG{y^!a>Pye;w*i~;zxD^%BLDY} zO8np3@Bcf2XX5`X+-hz9f22!T1@FJ~oPJBNCjW~m=FfHiV;|ea{9pFz=|2D0PN2sB zBg;TncK>*)sEF2+AspgRbICZKK$4WXm=$1!JTOu@XCfiCqgEh~LLQ%R&iJNd{!Lhe z{|O~B4(58K09dL2pBDH3Zg0Q;?*_KT)Y&32V*vstq$;rj(arH&DcNqqssV?}`o*lh z`&hs&!5aLZM5{jjix4Z%|8`OTw~zMv|85}J|0$E3`+z=0UZhzLGFf3JATXJ~kkNY| z5xh-UgZ~-v+_uhP{TL~*a{n*c|GURWhkO3t1#F9-bBm-x>wi@E%-*i|?65BX$G<<% z{eSPYnE$KWJKV?r?*z8W|2k_)4fj7HxNR>5o)OmMf1Qf$QQw7I$^YGA{@?CtcklnR z6WAvIr;Egp0BL-$$@1nGb@Dc~m!6J49jw9s$p>1VPyatXD%t<{=l>nS3)ugY^;B_8 zxQa^(xeQF2^jZwLUwJGj;ksFoaZDpj6OOHgwMvtz!dk1yEWuhnAuY#Tb3j_tM6w3| zo5?<(BmUbyEa(3@+JFCJH}F#SzkCMSk|bC=bs)Lz$eP94L(Ko2lCkhxQQ+~v!t0fwwac$Dka?_&bo}2cuqM}dd=5#HfvhA(#n&c^LI@NE#s}sbYe6{OA?YSF~pmRMq)w?Z+hKl zF-e?G5vQs~nc-rzX)b*8MJ-MLRymN0&ZD~O(T4Fn>d%pGmkqO=5v6*f7GmRR!V59< zv5>_5(P!@6NHU(!n-b4R$?# z84-86VFX_F$7zzzCN9L|$WQ$GBk`z+^Tj(RCt&VQ3n>nZ;yYaumYBO*NJkmP{pRwN zmc@jYSr17T%huPgC?7?xW6#mUL#LupuR-+i;FO9bo}h<^R-u=QjA(6sS!By%|Xs z1mL~-{woI=a$3e?KY%abtDJJSKyS2JPH)GE2;{K^eUn=*N~{s=pMj6>jZMTh>qs&K z7Rt2vIJZ)l?LSL%d)DqIxm2EmIN`Wix-1!Ht&A@sEmhc5kk@i{t~b~D3&f>4y3a?#qN! z5mWkxp$T=L8C**2Rqg|h+a@-sz+O#knT{f{bs@vsr+#TDbL~LZqjBAlJ>R=onyBGX zqg(y%Ovmr-kEY;uUOR?rN|w_*Dt&`*i!_%%@K;N5k(S4AGG$+z?T;|^@TnbL6$MME z)LuL%w2Ld{n{xOZg4l!z-C}bx(w1dHGIM+O_EUZ8DrbK;w3>M4m#bS< z8NFWGh`EPHL)rdsO~Id$31xg+X&YDF{~ezc;{UtHc5mu}b#-W;rfzPmF_7TXo{-`7>EwyGNYL+ZGWTCc)EbEtMquDs1 zY>}XedLb3f+g~j8PZ1y)nh-e+$4C&V1Vl2bxTyzU;*l|GR#UB}cn(P58K8N53#tc; g1(H)D{- - if((Get-Service profisee).Status -eq 'Running'){return + if((Get-Service profisee).Status -ne 'Stopped'){return 0}else{throw 'Profisee service is down'} initialDelaySeconds: 600 timeoutSeconds: 5 From 777ca09f46e2b3f4d2b299dfc13dc6ee9785d284 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Thu, 1 Sep 2022 21:27:43 -0400 Subject: [PATCH 060/141] Purview Collection check and selection --- Azure-ARM/Settings.yaml | 3 +- Azure-ARM/azuredeploy.json | 21 + Azure-ARM/azuredeploy.parameters.json | 6 + Azure-ARM/createUIDefinition.json | 1913 +++++++++-------- Azure-ARM/deployprofisee.sh | 14 + Azure-ARM/prereqcheck.sh | 14 + index.yaml | 4 +- profisee-platform-0.1.22.tgz | Bin 0 -> 5569 bytes profisee-platform/Chart.yaml | 2 +- .../templates/secret-purview.yaml | 1 + .../templates/statefullset-profisee.yaml | 5 + 11 files changed, 1030 insertions(+), 953 deletions(-) create mode 100644 profisee-platform-0.1.22.tgz diff --git a/Azure-ARM/Settings.yaml b/Azure-ARM/Settings.yaml index ceffa938..08a80c16 100644 --- a/Azure-ARM/Settings.yaml +++ b/Azure-ARM/Settings.yaml @@ -88,7 +88,8 @@ cloud: clientId: "$PURVIEWCLIENTID" clientSecret: "$PURVIEWCLIENTSECRET" tenantId: "$PURVIEWTENANTID" - url: "$PURVIEWURL" + url: "$PURVIEWURL" + purviewCollectionId: "$PURVIEWCOLLECTIONNAME" aws: isProvider: false google: diff --git a/Azure-ARM/azuredeploy.json b/Azure-ARM/azuredeploy.json index bd0f0d27..a12ba981 100644 --- a/Azure-ARM/azuredeploy.json +++ b/Azure-ARM/azuredeploy.json @@ -29,6 +29,10 @@ "defaultValue": "", "type": "String" }, + "PurviewCollectionName": { + "defaultValue": "", + "type": "String" + }, "PurviewClientId": { "defaultValue": "", "type": "String" @@ -226,6 +230,7 @@ "UsePurview":"[parameters('UsePurview')]", "PurviewUrl":"[parameters('PurviewUrl')]", + "PurviewCollectionName":"[parameters('PurviewCollectionName')]", "PurviewClientId":"[parameters('PurviewClientId')]", "PurviewClientSecret":"[parameters('PurviewClientSecret')]", "PurviewAccountResourceGroup":"[parameters('PurviewAccountResourceGroup')]" @@ -255,6 +260,10 @@ "name": "SUBSCRIPTIONID", "value": "[subscription().subscriptionId]" }, + { + "name": "TENANTID", + "value": "[subscription().tenantId]" + }, { "name": "DOMAINNAMERESOURCEGROUP", "value": "[variables('DOMAINNAMERESOURCEGROUP')]" @@ -287,9 +296,17 @@ "name": "PURVIEWURL", "value": "[variables('PurviewUrl')]" }, + { + "name": "PURVIEWCOLLECTIONNAME", + "value": "[variables('PurviewCollectionName')]" + }, { "name": "PURVIEWCLIENTID", "value": "[variables('PurviewClientId')]" + }, + { + "name": "PURVIEWCLIENTSECRET", + "value": "[variables('PurviewClientId')]" } ] } @@ -752,6 +769,10 @@ "name": "PURVIEWURL", "value": "[variables('PurviewUrl')]" }, + { + "name": "PURVIEWCOLLECTIONNAME", + "value": "[variables('PurviewCollectionName')]" + }, { "name": "PURVIEWCLIENTID", "value": "[variables('PurviewClientId')]" diff --git a/Azure-ARM/azuredeploy.parameters.json b/Azure-ARM/azuredeploy.parameters.json index 97eaefca..477f9d45 100644 --- a/Azure-ARM/azuredeploy.parameters.json +++ b/Azure-ARM/azuredeploy.parameters.json @@ -14,6 +14,9 @@ "ProfiseeWebAppName": { "value": "" }, + "TenantId": { + "value": "" + }, "ActiveDirectoryCreateApp": { "value": "Yes" }, @@ -23,6 +26,9 @@ "PurviewUrl": { "value": "" }, + "PurviewCollectionName": { + "value": "" + }, "PurviewClientId": { "value": "" }, diff --git a/Azure-ARM/createUIDefinition.json b/Azure-ARM/createUIDefinition.json index 5b53411d..3200428d 100644 --- a/Azure-ARM/createUIDefinition.json +++ b/Azure-ARM/createUIDefinition.json @@ -1,1016 +1,1031 @@ { - "$schema": "https://schema.management.azure.com/schemas/0.1.2-preview/CreateUIDefinition.MultiVm.json#", - "handler": "Microsoft.Azure.CreateUIDef", - "version": "0.1.2-preview", - "parameters": { - "resourceTypes": [ - "microsoft.containerservice/managedclusters", - "microsoft.sql/servers", - "microsoft.storage/storageaccounts", - "microsoft.resources/deploymentscripts", - "microsoft.resources/resourcegroups" - ], - "basics": [ + "$schema": "https://schema.management.azure.com/schemas/0.1.2-preview/CreateUIDefinition.MultiVm.json#", + "handler": "Microsoft.Azure.CreateUIDef", + "version": "0.1.2-preview", +"parameters": { + "resourceTypes": [ + "microsoft.containerservice/managedclusters", + "microsoft.sql/servers", + "microsoft.storage/storageaccounts", + "microsoft.resources/deploymentscripts", + "microsoft.resources/resourcegroups" + ], + "basics": [ - { - "name": "text2", - "type": "Microsoft.Common.TextBlock", - "visible": true, - "options": { - "text": " ", - "link": { - "label": "", - "uri": "" - } + { + "name": "text2", + "type": "Microsoft.Common.TextBlock", + "visible": true, + "options": { + "text": " ", + "link": { + "label": "", + "uri": "" } + } + }, + { + "name": "ManagedIdentityName", + "type": "Microsoft.ManagedIdentity.IdentitySelector", + "label": "Managed Identity", + "toolTip": { + "systemAssignedIdentity": "", + "userAssignedIdentity": "Pick the Managed Identity that will run the Profisee deployment." }, - { - "name": "ManagedIdentityName", - "type": "Microsoft.ManagedIdentity.IdentitySelector", - "label": "Managed Identity", - "toolTip": { - "systemAssignedIdentity": "", - "userAssignedIdentity": "Pick the Managed Identity that will run the Profisee deployment." - }, - "defaultValue": { - "systemAssignedIdentity": "OffOnly" - }, - "options": { - "hideSystemAssignedIdentity": true, - "hideUserAssignedIdentity": false - }, - "constraints": { - "required": true - }, - "visible": true + "defaultValue": { + "systemAssignedIdentity": "OffOnly" }, - { - "name": "text1", - "type": "Microsoft.Common.InfoBox", - "visible": true, - "options": { - "icon": "Info", - "text": "Click here to learn how Profisee uses Managed Identities.", - "uri": "https://support.profisee.com/wikis/2022_r1_support/planning_your_managed_identity_configuration" - } + "options": { + "hideSystemAssignedIdentity": true, + "hideUserAssignedIdentity": false + }, + "constraints": { + "required": true + }, + "visible": true + }, + { + "name": "text1", + "type": "Microsoft.Common.InfoBox", + "visible": true, + "options": { + "icon": "Info", + "text": "Click here to learn how Profisee uses Managed Identities.", + "uri": "https://support.profisee.com/wikis/2022_r1_support/planning_your_managed_identity_configuration" } + } - ], - "steps": [ - { - "name": "profisee", - "label": "Profisee", - "elements": [ - { - "name": "UseKeyVault", - "type": "Microsoft.Common.OptionsGroup", - "label": "Use Key Vault?", - "defaultValue": "No, I will supply the required values.", - "toolTip": "Profisee can pull a TLS certificate from a Key Vault, as well as these secrets: SQL Username, SQL Password and Profisee License.", - "constraints": { - "allowedValues": [ - { - "label": "Yes, pull sensitive information from Key Vault.", - "value": "Yes" - }, - { - "label": "No, I will supply the required values.", - "value": "No" - } - ], - "required": true - }, - "visible": true - }, - { - "name": "KeyVault", - "type": "Microsoft.Solutions.ResourceSelector", - "label": "Key Vault", - "resourceType": "Microsoft.KeyVault/vaults", - "options": { - "filter": { - "subscription": "All", - "location": "All" - } - }, - "visible": "[equals(steps('profisee').UseKeyVault,'Yes')]" - }, - { - "name": "ProfiseeVersion", - "type": "Microsoft.Common.DropDown", - "label": "Profisee version", - "defaultValue": "2022R1.0", - "toolTip": "Which release of the Profisee Platform to deploy.", - "constraints": { - "required": true, - "allowedValues": [ - { - "label": "2020R1.0", - "value": "profiseeplatform:2020r1.0" - }, - { - "label": "2020R1.1", - "value": "profiseeplatform:2020r1.1" - }, - { - "label": "2020R2.0", - "value": "profiseeplatform:2020r2.0" - }, - { - "label": "2021R1.0", - "value": "profiseeplatform:2021r1.0" - }, - { - "label": "2021R2.0", - "value": "profiseeplatform:2021r2.0" - }, - { - "label": "2021R2.1", - "value": "profiseeplatform:2021r2.1" - }, - { - "label": "2021R3.0", - "value": "profiseeplatform:2021r3.0" - }, - { - "label": "2021R3.0.saas", - "value": "profiseeplatform:2021r3.0.saas" - }, - { - "label": "2022R1.0", - "value": "profiseeplatform:2022r1.preview" - }, - { - "label": "2022R2.preview", - "value": "profiseeplatform:2022r2.preview" - }, - { - "label": "2022R2.preview-history", - "value": "profiseeplatform:2022r2.preview-history" - }, - { - "label": "2022R2.preview-matching", - "value": "profiseeplatform:2022r2.preview-matching" - } - ] - }, - "visible": true - }, - { - "name": "ProfiseeAdminUserAccount", - "type": "Microsoft.Common.TextBox", - "label": "Super Admin Account", - "defaultValue": "", - "placeholder": "first.last@company.com", - "toolTip": "The first Super User, who will be able to log in and add other users.", - "constraints": { - "required": true, - "regex": "", - "validationMessage": "" - }, - "visible": true - }, - { - "name": "ProfiseeLicense", - "type": "Microsoft.Common.FileUpload", - "label": "Profisee license", - "toolTip": "This file will be provided by Profisee Support. Please provide the file in txt format.", - "constraints": { - "required": true, - "accept": ".txt" - }, - "options": { - "multiple": false, - "uploadMode": "file", - "openMode": "text", - "encoding": "UTF-8" - }, - "visible": "[equals(steps('profisee').UseKeyVault,'No')]" - }, - { - "name": "ProfiseeLicenseSecret", - "type": "Microsoft.Common.TextBox", - "label": " Profisee License", - "defaultValue": "", - "placeholder": "License secret name in Key Vault", - "toolTip": "This file will be provided by Profisee Support. Please provide the name of the secret that holds the Profisee license: ex. profisee-license", - "constraints": { - "required": true, - "regex": "", - "validationMessage": "" - }, - "visible": "[equals(steps('profisee').UseKeyVault,'Yes')]" - }, - { - "name": "ActiveDirectoryCreateApp", - "type": "Microsoft.Common.OptionsGroup", - "label": "Create a new Azure AD application registration for you?", - "defaultValue": "Yes, create and configure it for me.", - "toolTip": "An Azure AD application registration will be used for authentication via ID tokens. For more information please visit https://support.profisee.com/wikis/2022_r1_support/deploying_the_AKS_cluster_with_the_arm_template.", - "constraints": { - "allowedValues": [ - { - "label": "Yes, create and configure it for me.", - "value": "Yes" - }, - { - "label": "No, I will specify the client ID of an existing Azure Active Directory app registration.", - "value": "No" - } - ], - "required": true - }, - "visible": true - }, - { - "name": "UsePurview", - "type": "Microsoft.Common.OptionsGroup", - "label": "Integrate Profisee with Microsoft Purview?", - "defaultValue": "No, no need at this point.", - "toolTip": "Profisee can integrate with Microsoft Purview during initial configuration or at a later time.", - "constraints": { - "allowedValues": [ - { - "label": "Yes, integrate with Microsoft Purview.", - "value": "Yes" - }, - { - "label": "No, no need at this point.", - "value": "No" - } - ], - "required": true - }, - "visible": "[or(equals(steps('profisee').ProfiseeVersion,'profiseeplatform:2022r1.preview'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2021r3.0'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r2.preview-history'))]" - }, - { - "name": "UserSuppliedClientyId", - "type": "Microsoft.Common.Section", - "label": "", - "elements": [ + ], + "steps": [ + { + "name": "profisee", + "label": "Profisee", + "elements": [ + { + "name": "UseKeyVault", + "type": "Microsoft.Common.OptionsGroup", + "label": "Use Key Vault?", + "defaultValue": "No, I will supply the required values.", + "toolTip": "Profisee can pull a TLS certificate from a Key Vault, as well as these secrets: SQL Username, SQL Password and Profisee License.", + "constraints": { + "allowedValues": [ + { + "label": "Yes, pull sensitive information from Key Vault.", + "value": "Yes" + }, { - "name": "ActiveDirectoryClientId", - "type": "Microsoft.Common.TextBox", - "label": "Application Registration Client Id", - "defaultValue": "", - "toolTip": "Please provide the client ID of the Azure AD application to be used by Profisee for authentication.", - "constraints": { - "required": "[equals(steps('profisee').ActiveDirectoryCreateApp,'No')]", - "regex": "", - "validationMessage": "" - }, - "visible": true + "label": "No, I will supply the required values.", + "value": "No" } ], - "visible": "[equals(steps('profisee').ActiveDirectoryCreateApp,'No')]" - }, - { - "name": "PurviewAccountName", - "type": "Microsoft.Solutions.ResourceSelector", - "label": "Select Purview Account", - "resourceType": "Microsoft.Purview/accounts", - "options": { - "filter": { - "subscription": "All", - "location": "All" - } - }, - "visible": "[equals(steps('profisee').UsePurview,'Yes')]" - }, - { - "name":"GetPurviewUrlRestApiResponse", - "type":"Microsoft.Solutions.ArmApiControl", - "request":{ - "method": "GET", - "path": "[concat(subscription().id,'/resourceGroups/',last(take(split(steps('profisee').PurviewAccountName.id, '/'), 5)),'/providers/Microsoft.Purview/accounts/',steps('profisee').PurviewAccountName.name,'?api-version=2020-12-01-preview')]", - "body": "" + "required": true + }, + "visible": true + }, + { + "name": "KeyVault", + "type": "Microsoft.Solutions.ResourceSelector", + "label": "Key Vault", + "resourceType": "Microsoft.KeyVault/vaults", + "options": { + "filter": { + "subscription": "All", + "location": "All" } }, - { - "name": "PurviewClientID", - "type": "Microsoft.Common.TextBox", - "label": "Purview application client ID", - "defaultValue": "", - "placeholder": "", - "toolTip": "A Purview specific Azure AD application client ID. This application registration must be added as Data Curator to Purview and have the appropriate permissions assigned to it by a Global Admin.", - "constraints": { - "required": true, - "regex": "", - "validationMessage": "" - }, - "visible": "[equals(steps('profisee').UsePurview,'Yes')]" - }, - { - "name": "PurviewClientSecret", - "type": "Microsoft.Common.TextBox", - "label": "Purview application secret", - "defaultValue": "", - "placeholder": "", - "toolTip": "Please generate a secret in the Purview specific application and paste its value here.", - "constraints": { - "required": true, - "regex": "", - "validationMessage": "" - }, - "visible": "[equals(steps('profisee').UsePurview,'Yes')]" - }, - { - "name": "ProfiseeWebAppName", - "type": "Microsoft.Common.TextBox", - "label": "Web app name", - "defaultValue": "profisee", - "placeholder": "", - "toolTip": "https://host.domain.com/{webAppName}", - "constraints": { - "required": true, - "regex": "", - "validationMessage": "" - }, - "visible": true - } - ] - }, - { - "name": "kubernetes", - "label": "Kubernetes", - "elements": [ - { - "name": "KubernetesClusterName", - "type": "Microsoft.Common.TextBox", - "label": " AKS Cluster Name", - "defaultValue": "ProfiseeAKSCluster", - "toolTip": "Can only contain letters, numbers, underscores, and hyphens, must start and end with a letter or number, and must be unique in the current resource group.", - "constraints": { - "required": true, - "regex": "", - "validationMessage": "" - }, - "visible": true - }, - { - "name": "KubenetesInfrastructureResourceGroupName", - "type": "Microsoft.Common.TextBox", - "label": "Infrastructure Resource Group Name", - "defaultValue": "", - "toolTip": "Leave blank for default of MC_ResourceGroupName_ClusterName_Location, or enter the resouce group name you want to use. You can only specify the name, you can NOT precreate it.", - "constraints": { - "required": false, - "regex": "", - "validationMessage": "" - }, - "visible": true - }, - { - "name": "KubernetesVersion", - "type": "Microsoft.Common.TextBox", - "label": "Version", - "defaultValue": "", - "toolTip": "Leave blank for latest AKS version, or enter the specific version you want to use.", - "constraints": { - "required": false, - "regex": "", - "validationMessage": "" - }, - "visible": true + "visible": "[equals(steps('profisee').UseKeyVault,'Yes')]" + }, + { + "name": "ProfiseeVersion", + "type": "Microsoft.Common.DropDown", + "label": "Profisee version", + "defaultValue": "2022R1.0", + "toolTip": "Which release of the Profisee Platform to deploy.", + "constraints": { + "required": true, + "allowedValues": [ + { + "label": "2020R1.0", + "value": "profiseeplatform:2020r1.0" + }, + { + "label": "2020R1.1", + "value": "profiseeplatform:2020r1.1" + }, + { + "label": "2020R2.0", + "value": "profiseeplatform:2020r2.0" + }, + { + "label": "2021R1.0", + "value": "profiseeplatform:2021r1.0" + }, + { + "label": "2021R2.0", + "value": "profiseeplatform:2021r2.0" + }, + { + "label": "2021R2.1", + "value": "profiseeplatform:2021r2.1" + }, + { + "label": "2021R3.0", + "value": "profiseeplatform:2021r3.0" + }, + { + "label": "2021R3.0.saas", + "value": "profiseeplatform:2021r3.0.saas" + }, + { + "label": "2022R1.0", + "value": "profiseeplatform:2022r1.preview" + }, + { + "label": "2022R2.preview", + "value": "profiseeplatform:2022r2.preview" + }, + { + "label": "2022R2.preview-history", + "value": "profiseeplatform:2022r2.preview-history" + }, + { + "label": "2022R2.preview-matching", + "value": "profiseeplatform:2022r2.preview-matching" + } + ] + }, + "visible": true + }, + { + "name": "ProfiseeAdminUserAccount", + "type": "Microsoft.Common.TextBox", + "label": "Super Admin Account", + "defaultValue": "", + "placeholder": "first.last@company.com", + "toolTip": "The first Super User, who will be able to log in and add other users.", + "constraints": { + "required": true, + "regex": "", + "validationMessage": "" }, - { - "name": "KubernetesLinuxNodeSizeSection", - "type": "Microsoft.Common.Section", - "label": "Linux Nodepool", - "elements": [ + "visible": true + }, + { + "name": "ProfiseeLicense", + "type": "Microsoft.Common.FileUpload", + "label": "Profisee license", + "toolTip": "This file will be provided by Profisee Support. Please provide the file in txt format.", + "constraints": { + "required": true, + "accept": ".txt" + }, + "options": { + "multiple": false, + "uploadMode": "file", + "openMode": "text", + "encoding": "UTF-8" + }, + "visible": "[equals(steps('profisee').UseKeyVault,'No')]" + }, + { + "name": "ProfiseeLicenseSecret", + "type": "Microsoft.Common.TextBox", + "label": " Profisee License", + "defaultValue": "", + "placeholder": "License secret name in Key Vault", + "toolTip": "This file will be provided by Profisee Support. Please provide the name of the secret that holds the Profisee license: ex. profisee-license", + "constraints": { + "required": true, + "regex": "", + "validationMessage": "" + }, + "visible": "[equals(steps('profisee').UseKeyVault,'Yes')]" + }, + { + "name": "ActiveDirectoryCreateApp", + "type": "Microsoft.Common.OptionsGroup", + "label": "Create a new Azure AD application registration for you?", + "defaultValue": "Yes, create and configure it for me.", + "toolTip": "An Azure AD application registration will be used for authentication via ID tokens. For more information please visit https://support.profisee.com/wikis/2022_r1_support/deploying_the_AKS_cluster_with_the_arm_template.", + "constraints": { + "allowedValues": [ { - "name": "KubernetesLinuxNodeSize", - "type": "Microsoft.Compute.SizeSelector", - "label": "VM Size", - "toolTip": "Pick VM size for the instances in the Linux nodepool. An 's' in the size will result in use of a Premium SSD. Ex. Standard_D2s_v5 will use Premium SSD, Standard_D2_v5 will use HDD.", - "recommendedSizes": [ - "Standard_B2s" - ], - "constraints": { - "allowedSizes": [] - }, - "options": { - "hideDiskTypeFilter": false - }, - "osPlatform": "Linux", - "count": 1, - "visible": true + "label": "Yes, create and configure it for me.", + "value": "Yes" + }, + { + "label": "No, I will specify the client ID of an existing Azure Active Directory app registration.", + "value": "No" } ], - "visible": true - }, - { - "name": "KubernetesLinuxNodeCount", - "type": "Microsoft.Common.Slider", - "min": 1, - "max": 12, - "label": "Linux node count", - "subLabel": "", - "defaultValue": 1, - "showStepMarkers": false, - "toolTip": "", - "constraints": { - "required": false - }, - "visible": true + "required": true }, - { - "name": "KubernetesWindowsNodeSizeSection", - "type": "Microsoft.Common.Section", - "label": "Windows Nodepool", - "elements": [ + "visible": true + }, + { + "name": "UserSuppliedClientyId", + "type": "Microsoft.Common.Section", + "label": "", + "elements": [ + { + "name": "ActiveDirectoryClientId", + "type": "Microsoft.Common.TextBox", + "label": "Application Registration Client Id", + "defaultValue": "", + "toolTip": "Please provide the client ID of the Azure AD application to be used by Profisee for authentication.", + "constraints": { + "required": "[equals(steps('profisee').ActiveDirectoryCreateApp,'No')]", + "regex": "", + "validationMessage": "" + }, + "visible": true + } + ], + "visible": "[equals(steps('profisee').ActiveDirectoryCreateApp,'No')]" + }, + { + "name": "UsePurview", + "type": "Microsoft.Common.OptionsGroup", + "label": "Integrate Profisee with Microsoft Purview?", + "defaultValue": "No, no need at this point.", + "toolTip": "Profisee can integrate with Microsoft Purview during initial configuration or at a later time.", + "constraints": { + "allowedValues": [ { - "name": "KubernetesWindowsNodeSize", - "type": "Microsoft.Compute.SizeSelector", - "label": "VM Size", - "toolTip": "Pick VM size for the instances in the Windows nodepool. An 's' in the size will result in use of a Premium SSD. Ex. Standard_D2s_v5 will use Premium SSD, Standard_D2_v5 will use HDD.", - "recommendedSizes": [ - "Standard_B4ms" - ], - "constraints": { - "allowedSizes": [] - }, - "options": { - "hideDiskTypeFilter": false - }, - "osPlatform": "Windows", - "imageReference": { - "publisher": "MicrosoftWindowsServer", - "offer": "WindowsServer", - "sku": "2019-Datacenter" - }, - "count": 1, - "visible": true + "label": "Yes, integrate with Microsoft Purview.", + "value": "Yes" + }, + { + "label": "No, no need at this point.", + "value": "No" } ], - "visible": true - }, - { - "name": "KubernetesWindowsNodeCount", - "type": "Microsoft.Common.Slider", - "min": 1, - "max": 12, - "label": "Windows node count", - "subLabel": "", - "defaultValue": 1, - "showStepMarkers": false, - "toolTip": "Equal to the number of server licenses for Profisee.", - "constraints": { - "required": false - }, - "visible": true - }, - { - "name": "KubernetesAdvancedYesNo", - "type": "Microsoft.Common.OptionsGroup", - "label": "Configure advanced Kubernetes networking settings?", - "defaultValue": "No, use default settings", - "toolTip": "Kubernetes might fail deploying if the default settings overlap with any vnets in your tenant. It is recommended that you configure these.", - "constraints": { - "allowedValues": [ - { - "label": "No, use default settings", - "value": "No" - }, - { - "label": "Yes, configure advanced settings", - "value": "Yes" - } + "required": true + }, + "visible": "[or(equals(steps('profisee').ProfiseeVersion,'profiseeplatform:2022r1.preview'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2021r3.0'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r2.preview'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r2.preview-history'))]" + }, + { + "name": "PurviewAccountName", + "type": "Microsoft.Solutions.ResourceSelector", + "label": "Select Purview Account", + "resourceType": "Microsoft.Purview/accounts", + "options": { + "filter": { + "subscription": "All", + "location": "All" + } + }, + "visible": "[equals(steps('profisee').UsePurview,'Yes')]" + }, + { + "name":"GetPurviewUrlRestApiResponse", + "type":"Microsoft.Solutions.ArmApiControl", + "request":{ + "method": "GET", + "path": "[concat(subscription().id,'/resourceGroups/',last(take(split(steps('profisee').PurviewAccountName.id, '/'), 5)),'/providers/Microsoft.Purview/accounts/',steps('profisee').PurviewAccountName.name,'?api-version=2020-12-01-preview')]", + "body": "" + } + }, + { + "name": "PurviewCollectionName", + "type": "Microsoft.Common.TextBox", + "label": "Purview Collection Friendly Name", + "defaultValue": "", + "placeholder": "tHiS iS CaSe SenSiTiVe!", + "toolTip": "Please provide the Purview Collection Friendly Name that you see in your Purview account. Profisee will deploy to that collection.", + "constraints": { + "required": true, + "regex": "", + "validationMessage": "" + }, + "visible": "[equals(steps('profisee').UsePurview,'Yes')]" + }, + { + "name": "PurviewClientID", + "type": "Microsoft.Common.TextBox", + "label": "Purview application client ID", + "defaultValue": "", + "placeholder": "", + "toolTip": "A Purview specific Azure AD application client ID. This application registration must be added as Data Curator to Purview and have the appropriate permissions assigned to it by a Global Admin.", + "constraints": { + "required": true, + "regex": "", + "validationMessage": "" + }, + "visible": "[equals(steps('profisee').UsePurview,'Yes')]" + }, + { + "name": "PurviewClientSecret", + "type": "Microsoft.Common.TextBox", + "label": "Purview application secret", + "defaultValue": "", + "placeholder": "", + "toolTip": "Please generate a secret in the Purview specific application and paste its value here.", + "constraints": { + "required": true, + "regex": "", + "validationMessage": "" + }, + "visible": "[equals(steps('profisee').UsePurview,'Yes')]" + }, + { + "name": "ProfiseeWebAppName", + "type": "Microsoft.Common.TextBox", + "label": "Web app name", + "defaultValue": "profisee", + "placeholder": "", + "toolTip": "https://host.domain.com/{webAppName}", + "constraints": { + "required": true, + "regex": "", + "validationMessage": "" + }, + "visible": true + } + ] + }, + { + "name": "kubernetes", + "label": "Kubernetes", + "elements": [ + { + "name": "KubernetesClusterName", + "type": "Microsoft.Common.TextBox", + "label": " AKS Cluster Name", + "defaultValue": "ProfiseeAKSCluster", + "toolTip": "Can only contain letters, numbers, underscores, and hyphens, must start and end with a letter or number, and must be unique in the current resource group.", + "constraints": { + "required": true, + "regex": "", + "validationMessage": "" + }, + "visible": true + }, + { + "name": "KubenetesInfrastructureResourceGroupName", + "type": "Microsoft.Common.TextBox", + "label": "Infrastructure Resource Group Name", + "defaultValue": "", + "toolTip": "Leave blank for default of MC_ResourceGroupName_ClusterName_Location, or enter the resouce group name you want to use. You can only specify the name, you can NOT precreate it.", + "constraints": { + "required": false, + "regex": "", + "validationMessage": "" + }, + "visible": true + }, + { + "name": "KubernetesVersion", + "type": "Microsoft.Common.TextBox", + "label": "Version", + "defaultValue": "", + "toolTip": "Leave blank for latest AKS version, or enter the specific version you want to use.", + "constraints": { + "required": false, + "regex": "", + "validationMessage": "" + }, + "visible": true + }, + { + "name": "KubernetesLinuxNodeSizeSection", + "type": "Microsoft.Common.Section", + "label": "Linux Nodepool", + "elements": [ + { + "name": "KubernetesLinuxNodeSize", + "type": "Microsoft.Compute.SizeSelector", + "label": "VM Size", + "toolTip": "Pick VM size for the instances in the Linux nodepool. An 's' in the size will result in use of a Premium SSD. Ex. Standard_D2s_v5 will use Premium SSD, Standard_D2_v5 will use HDD.", + "recommendedSizes": [ + "Standard_B2s" ], - "required": true - }, - "visible": true + "constraints": { + "allowedSizes": [] + }, + "options": { + "hideDiskTypeFilter": false + }, + "osPlatform": "Linux", + "count": 1, + "visible": true + } + ], + "visible": true + }, + { + "name": "KubernetesLinuxNodeCount", + "type": "Microsoft.Common.Slider", + "min": 1, + "max": 12, + "label": "Linux node count", + "subLabel": "", + "defaultValue": 1, + "showStepMarkers": false, + "toolTip": "", + "constraints": { + "required": false }, - { - "name": "KubernetesAdvanced", - "type": "Microsoft.Common.Section", - "label": "Advanced Kubernetes settings", - "elements": [ - { - "name": "KubernetesVnetName", - "type": "Microsoft.Network.VirtualNetworkCombo", - "label": { - "virtualNetwork": "Virtual network", - "subnets": "Subnets" - }, - "toolTip": { - "virtualNetwork": "", - "subnets": "" - }, - "defaultValue": { - "name": "vnet01", - "addressPrefixSize": "/24" - }, - "constraints": { - "minAddressPrefixSize": "/28" - }, - "options": { - "hideExisting": false - }, - "subnets": { - "subnet1": { - "label": "Subnet", - "defaultValue": { - "name": "subnet-1", - "addressPrefixSize": "/24" - }, - "constraints": { - "minAddressPrefixSize": "/24", - "minAddressCount": 12, - "requireContiguousAddresses": true - } - } - }, - "visible": true + "visible": true + }, + { + "name": "KubernetesWindowsNodeSizeSection", + "type": "Microsoft.Common.Section", + "label": "Windows Nodepool", + "elements": [ + { + "name": "KubernetesWindowsNodeSize", + "type": "Microsoft.Compute.SizeSelector", + "label": "VM Size", + "toolTip": "Pick VM size for the instances in the Windows nodepool. An 's' in the size will result in use of a Premium SSD. Ex. Standard_D2s_v5 will use Premium SSD, Standard_D2_v5 will use HDD.", + "recommendedSizes": [ + "Standard_B4ms" + ], + "constraints": { + "allowedSizes": [] }, - { - "name": "KubernetesServiceCidr", - "type": "Microsoft.Common.TextBox", - "label": "Service CIDR", - "defaultValue": "10.0.0.0/24", - "toolTip": "A CIDR notation IP range from which to assign IP addresses for cluster services. This range MUST differ from the AKS subnet selected above. This range can be reused between clusters.", - "constraints": { - "required": false, - "regex": "", - "validationMessage": "" - }, - "visible": true + "options": { + "hideDiskTypeFilter": false + }, + "osPlatform": "Windows", + "imageReference": { + "publisher": "MicrosoftWindowsServer", + "offer": "WindowsServer", + "sku": "2019-Datacenter" }, + "count": 1, + "visible": true + } + ], + "visible": true + }, + { + "name": "KubernetesWindowsNodeCount", + "type": "Microsoft.Common.Slider", + "min": 1, + "max": 12, + "label": "Windows node count", + "subLabel": "", + "defaultValue": 1, + "showStepMarkers": false, + "toolTip": "Equal to the number of server licenses for Profisee.", + "constraints": { + "required": false + }, + "visible": true + }, + { + "name": "KubernetesAdvancedYesNo", + "type": "Microsoft.Common.OptionsGroup", + "label": "Configure advanced Kubernetes networking settings?", + "defaultValue": "No, use default settings", + "toolTip": "Kubernetes might fail deploying if the default settings overlap with any vnets in your tenant. It is recommended that you configure these.", + "constraints": { + "allowedValues": [ { - "name": "KubernetesDNSServiceIP", - "type": "Microsoft.Common.TextBox", - "label": "DNS Service IP", - "defaultValue": "10.0.0.10", - "toolTip": "IP address of the cluster DNS service discovery. Do not use the first IP in the address range.", - "constraints": { - "required": false, - "regex": "", - "validationMessage": "" - }, - "visible": true + "label": "No, use default settings", + "value": "No" }, { - "name": "KubernetesDockerBridgeCidr", - "type": "Microsoft.Common.TextBox", - "label": "Docker Bridge CIDR", - "defaultValue": "172.17.0.1/16", - "toolTip": "A CIDR notation IP for Docker bridge. This is not used in Azure CNI. Leave as is.", - "constraints": { - "required": false, - "regex": "", - "validationMessage": "" - }, - "visible": true + "label": "Yes, configure advanced settings", + "value": "Yes" } ], - "visible": "[equals(steps('kubernetes').KubernetesAdvancedYesNo,'Yes')]" - } - - ] - }, - { - "name": "sql", - "label": "SQL", - "elements": [ - { - "name": "SQLServerCreateNew", - "type": "Microsoft.Common.OptionsGroup", - "label": "Create a new SQL Server?", - "defaultValue": "Yes, create a new SQL Server.", - "toolTip": "", - "constraints": { - "required": true, - "allowedValues": [ - { - "label": "Yes, create a new SQL Server.", - "value": "Yes" - }, - { - "label": "No, use an existing Azure SQL Server.", - "value": "No" - } - ] - }, - "visible": true - }, - { - "name": "SQLServerNameExisting", - "type": "Microsoft.Solutions.ResourceSelector", - "label": "Select SQL Server", - "resourceType": "Microsoft.Sql/servers", - "options": { - "filter": { - "subscription": "All", - "location": "All" - } - }, - "visible": "[equals(steps('sql').SQLServerCreateNew,'No')]" - }, - { - "name": "CheckSqlNameRestApiResponse", - "type": "Microsoft.Solutions.ArmApiControl", - "request": { - "method": "POST", - "path": "[concat(subscription().id,'/providers/Microsoft.Sql/checkNameAvailability?api-version=2014-04-01')]", - "body": "[parse(concat('{\"name\":\"',steps('sql').SQLServerName,'\",\"type\":\"Microsoft.Sql/servers\"}'))]" - } + "required": true }, - { - "name": "SQLServerName", - "type": "Microsoft.Common.TextBox", - "label": "Server Name", - "toolTip": "Enter a globally unique Azure SQL Server name. Name can contain only lowercase letters, numbers, and hyphens. The name cannot start or end with a hyphen or contain more than 63 characters.", - "constraints": { - "required": true, - "validations": [ - { - "isValid": "[equals(steps('sql').CheckSqlNameRestApiResponse.available,true)]", - "message": "[steps('sql').CheckSqlNameRestApiResponse.message]" + "visible": true + }, + { + "name": "KubernetesAdvanced", + "type": "Microsoft.Common.Section", + "label": "Advanced Kubernetes settings", + "elements": [ + { + "name": "KubernetesVnetName", + "type": "Microsoft.Network.VirtualNetworkCombo", + "label": { + "virtualNetwork": "Virtual network", + "subnets": "Subnets" + }, + "toolTip": { + "virtualNetwork": "", + "subnets": "" + }, + "defaultValue": { + "name": "vnet01", + "addressPrefixSize": "/24" + }, + "constraints": { + "minAddressPrefixSize": "/28" + }, + "options": { + "hideExisting": false + }, + "subnets": { + "subnet1": { + "label": "Subnet", + "defaultValue": { + "name": "subnet-1", + "addressPrefixSize": "/24" + }, + "constraints": { + "minAddressPrefixSize": "/24", + "minAddressCount": 12, + "requireContiguousAddresses": true + } } - ] - }, - "visible": "[equals(steps('sql').SQLServerCreateNew,'Yes')]" - }, - { - "name": "SQLServerUser", - "type": "Microsoft.Common.TextBox", - "label": "SQL Username", - "defaultValue": "sqladmin", - "toolTip": "Administrator SQL login name to create with the new SQL Server OR provide the login to connect to an existing SQL Server. Your login name must not contain a SQL Identifier or a typical system name (like admin, administrator, sa, root, dbmanager, loginmanager, etc.) or a built-in database user or role (like dbo, guest, public, etc.). Your login name must not include non-alphanumeric characters. Your login name must not start with numbers or symbols.", - "constraints": { - "required": true, - "regex": "", - "validationMessage": "" - }, - "visible": "[equals(steps('profisee').UseKeyVault,'No')]" - }, - { - "name": "SQLServerUserSecret", - "type": "Microsoft.Common.TextBox", - "label": "SQL Username", - "placeholder": "Key Vault secret name: ex. profisee-sql-username", - "toolTip": "Administrator SQL login name to create with the new SQL Server OR provide the login to connect to existing SQL Server. Your login name must not contain a SQL Identifier or a typical system name (like admin, administrator, sa, root, dbmanager, loginmanager, etc.) or a built-in database user or role (like dbo, guest, public, etc.). Your login name must not include non-alphanumeric characters. Your login name must not start with numbers or symbols.", - "constraints": { - "required": true, - "regex": "", - "validationMessage": "" - }, - "visible": "[equals(steps('profisee').UseKeyVault,'Yes')]" - }, - { - "name": "SQLServerPassword", - "type": "Microsoft.Common.PasswordBox", - "label": { - "password": " SQL Password", - "confirmPassword": "Confirm password" - }, - "toolTip": "", - "constraints": { - "required": true, - "regex": "^((?=.*[A-Z])(?=.*\\d)(?=.*[~`!@#$%^&*()\\-_+={[}\\]|\\\\:;\"'<,>.?\\\/])|(?=.*[a-z])(?=.*\\d)(?=.*[~`!@#$%^&*()\\-_+={[}\\]|\\\\:;\"'<,>.?\\\/])|(?=.*[a-z])(?=.*\\d)(?=.*[A-Z])|(?=.*[a-z])(?=.*[~`!@#$%^&*()\\-_+={[}\\]|\\\\:;\"'<,>.?\\\/])(?=.*[A-Z]))[\\w~`!@#$%^&*()\\-+={[}\\]|\\\\:;\"'<,>.?\\\/]{8,128}$", - "validationMessage": "Your password must be at least 8 characters in length. Your password must be no more than 128 characters in length. Your password must contain characters from three of the following categories – English uppercase letters, English lowercase letters, numbers (0-9), and non-alphanumeric characters (!, $, #, %, etc.). Your password cannot contain all or part of the login name. Part of a login name is defined as three or more consecutive alphanumeric characters." - }, - "options": { - "hideConfirmation": false + }, + "visible": true }, - "visible": "[equals(steps('profisee').UseKeyVault,'No')]" - }, - { - "name": "SQLServerPasswordSecret", - "type": "Microsoft.Common.TextBox", - "label": "SQL Password", - "defaultValue": "", - "placeholder": "Key Vault secret name: ex. profisee-sql-password", - "toolTip": "", - "constraints": { - "required": true, - "regex": "", - "validationMessage": "" + { + "name": "KubernetesServiceCidr", + "type": "Microsoft.Common.TextBox", + "label": "Service CIDR", + "defaultValue": "10.0.0.0/24", + "toolTip": "A CIDR notation IP range from which to assign IP addresses for cluster services. This range MUST differ from the AKS subnet selected above. This range can be reused between clusters.", + "constraints": { + "required": false, + "regex": "", + "validationMessage": "" + }, + "visible": true }, - "visible": "[equals(steps('profisee').UseKeyVault,'Yes')]" - }, - { - "name": "SQLServerDatabaseName", - "type": "Microsoft.Common.TextBox", - "label": "Database Name", - "defaultValue": "Profisee", - "toolTip": "Cannot contain special characters or reserved words. Should be less than 128 characters and unique within the SQL Server.", - "constraints": { - "required": true, - "regex": "", - "validationMessage": "" + { + "name": "KubernetesDNSServiceIP", + "type": "Microsoft.Common.TextBox", + "label": "DNS Service IP", + "defaultValue": "10.0.0.10", + "toolTip": "IP address of the cluster DNS service discovery. Do not use the first IP in the address range.", + "constraints": { + "required": false, + "regex": "", + "validationMessage": "" + }, + "visible": true }, - "visible": true - } - - - - ] - }, - { - "name": "storage", - "label": "Storage", - "elements": [ + { + "name": "KubernetesDockerBridgeCidr", + "type": "Microsoft.Common.TextBox", + "label": "Docker Bridge CIDR", + "defaultValue": "172.17.0.1/16", + "toolTip": "A CIDR notation IP for Docker bridge. This is not used in Azure CNI. Leave as is.", + "constraints": { + "required": false, + "regex": "", + "validationMessage": "" + }, + "visible": true + } + ], + "visible": "[equals(steps('kubernetes').KubernetesAdvancedYesNo,'Yes')]" + } - { - "name": "StorageAccountNameSection", - "type": "Microsoft.Common.Section", - "label": "Storage Account Name", - "elements": [ + ] + }, + { + "name": "sql", + "label": "SQL", + "elements": [ + { + "name": "SQLServerCreateNew", + "type": "Microsoft.Common.OptionsGroup", + "label": "Create a new SQL Server?", + "defaultValue": "Yes, create a new SQL Server.", + "toolTip": "", + "constraints": { + "required": true, + "allowedValues": [ + { + "label": "Yes, create a new SQL Server.", + "value": "Yes" + }, { - "name": "StorageAccountName", - "type": "Microsoft.Storage.StorageAccountSelector", - "label": "Storage account", - "toolTip": "Create new or pick an existing storage account.", - "defaultValue": { - "name": "", - "type": "Standard_LRS" - }, - "constraints": { - "allowedTypes": [] - }, - "options": { - "hideExisting": false - }, - "visible": true + "label": "No, use an existing Azure SQL Server.", + "value": "No" } - ], - "visible": true - }, - { - "name":"GetStorageAccessKeysRestApiResponse", - "type":"Microsoft.Solutions.ArmApiControl", - "request":{ - "method": "POST", - "path": "[concat(subscription().id,'/resourceGroups/',steps('storage').StorageAccountNameSection.StorageAccountName.resourceGroup,'/providers/Microsoft.Storage/storageAccounts/',steps('storage').StorageAccountNameSection.StorageAccountName.name,'/listKeys?api-version=2019-06-01')]", - "body": "" - } + ] }, - { - "name": "StorageAccountAccessKey", - "type": "Microsoft.Common.DropDown", - "label": "Access Keys", - "toolTip": "Pick which storage account access key to use.", - "constraints": { - "allowedValues": "[map(steps('storage').GetStorageAccessKeysRestApiResponse.keys, (item) => parse(concat('{\"label\":\"', item.keyName, '\",\"value\":\"', item.value, '\"}')))]", - "required": true - }, - "visible": "[equals(steps('storage').StorageAccountNameSection.StorageAccountName.newOrExisting, 'existing')]" - }, - { - "name":"GetStorageFileSharesRestApiResponse", - "type":"Microsoft.Solutions.ArmApiControl", - "request":{ - "method": "GET", - "path": "[concat(subscription().id,'/resourceGroups/',steps('storage').StorageAccountNameSection.StorageAccountName.resourceGroup,'/providers/Microsoft.Storage/storageAccounts/',steps('storage').StorageAccountNameSection.StorageAccountName.name,'/fileServices/default/shares?api-version=2019-06-01')]", - "body": "" + "visible": true + }, + { + "name": "SQLServerNameExisting", + "type": "Microsoft.Solutions.ResourceSelector", + "label": "Select SQL Server", + "resourceType": "Microsoft.Sql/servers", + "options": { + "filter": { + "subscription": "All", + "location": "All" } }, - { - "name": "StorageAccountFileShareName", - "type": "Microsoft.Common.DropDown", - "label": "File share", - "toolTip": "A file share must be created in the storage account.", - "constraints": { - "allowedValues": "[map(steps('storage').GetStorageFileSharesRestApiResponse.value, (item) => parse(concat('{\"label\":\"', item.name, '\",\"value\":\"', item.name, '\"}')))]", - "required": true - }, - "visible": "[equals(steps('storage').StorageAccountNameSection.StorageAccountName.newOrExisting, 'existing')]" + "visible": "[equals(steps('sql').SQLServerCreateNew,'No')]" + }, + { + "name": "CheckSqlNameRestApiResponse", + "type": "Microsoft.Solutions.ArmApiControl", + "request": { + "method": "POST", + "path": "[concat(subscription().id,'/providers/Microsoft.Sql/checkNameAvailability?api-version=2014-04-01')]", + "body": "[parse(concat('{\"name\":\"',steps('sql').SQLServerName,'\",\"type\":\"Microsoft.Sql/servers\"}'))]" } - ] - }, - { - "name": "networking", - "label": "Networking", - "elements": [ - { - "name": "DNSUpdate", - "type": "Microsoft.Common.OptionsGroup", - "label": "Use default Azure DNS?", - "defaultValue": "Yes, use default Azure DNS and Let’s Encrypt for certificates (ex. https://[profisee].[region].cloudapp.azure.com/profisee)", - "toolTip": "Profisee will configure Let's Encrypt to generate and auto-renew a TLS certificate for use with Azure hosted DNS. Ex. profisee.eastus2.cloudapp.azure.com/{web app name}.", - "constraints": { - "allowedValues": [ - { - "label": "Yes, use default Azure DNS and Let’s Encrypt for certificates (ex. https://[profisee].[region].cloudapp.azure.com/profisee)", - "value": "No" - }, - { - "label": "No, I will provide my own DNS hostname and domain.", - "value": "Yes" - } - ], - "required": true - }, - "visible": true - }, - { - "name": "UserDefinedDNS", - "type": "Microsoft.Common.Section", - "label": "User Defined DNS", - "elements": [ + }, + { + "name": "SQLServerName", + "type": "Microsoft.Common.TextBox", + "label": "Server Name", + "toolTip": "Enter a globally unique Azure SQL Server name. Name can contain only lowercase letters, numbers, and hyphens. The name cannot start or end with a hyphen or contain more than 63 characters.", + "constraints": { + "required": true, + "validations": [ { - "name": "DNSUpdate2", - "type": "Microsoft.Common.OptionsGroup", - "label": "Are your domain DNS records hosted in an Azure Public DNS Zone?", - "defaultValue": "Yes, I use an Azure Public DNS zone to host my domain records.", - "toolTip": "You have an Azure DNS zone for your domain. The Name Servers of your domain at your domain registrar (ex. Google, Cloudflare, GoDaddy) are set as the Azure Public DNS zone ones.", - "constraints": { - "allowedValues": [ - { - "label": "Yes, I use an Azure Public DNS zone to host my domain records.", - "value": "Yes" - }, - { - "label": "No, my domain and DNS records are hosted outside of Azure.", - "value": "No" - } - ], - "required": true - }, - "visible": true + "isValid": "[equals(steps('sql').CheckSqlNameRestApiResponse.available,true)]", + "message": "[steps('sql').CheckSqlNameRestApiResponse.message]" + } + ] + }, + "visible": "[equals(steps('sql').SQLServerCreateNew,'Yes')]" + }, + { + "name": "SQLServerUser", + "type": "Microsoft.Common.TextBox", + "label": "SQL Username", + "defaultValue": "sqladmin", + "toolTip": "Administrator SQL login name to create with the new SQL Server OR provide the login to connect to an existing SQL Server. Your login name must not contain a SQL Identifier or a typical system name (like admin, administrator, sa, root, dbmanager, loginmanager, etc.) or a built-in database user or role (like dbo, guest, public, etc.). Your login name must not include non-alphanumeric characters. Your login name must not start with numbers or symbols.", + "constraints": { + "required": true, + "regex": "", + "validationMessage": "" + }, + "visible": "[equals(steps('profisee').UseKeyVault,'No')]" + }, + { + "name": "SQLServerUserSecret", + "type": "Microsoft.Common.TextBox", + "label": "SQL Username", + "placeholder": "Key Vault secret name: ex. profisee-sql-username", + "toolTip": "Administrator SQL login name to create with the new SQL Server OR provide the login to connect to existing SQL Server. Your login name must not contain a SQL Identifier or a typical system name (like admin, administrator, sa, root, dbmanager, loginmanager, etc.) or a built-in database user or role (like dbo, guest, public, etc.). Your login name must not include non-alphanumeric characters. Your login name must not start with numbers or symbols.", + "constraints": { + "required": true, + "regex": "", + "validationMessage": "" + }, + "visible": "[equals(steps('profisee').UseKeyVault,'Yes')]" + }, + { + "name": "SQLServerPassword", + "type": "Microsoft.Common.PasswordBox", + "label": { + "password": " SQL Password", + "confirmPassword": "Confirm password" + }, + "toolTip": "", + "constraints": { + "required": true, + "regex": "^((?=.*[A-Z])(?=.*\\d)(?=.*[~`!@#$%^&*()\\-_+={[}\\]|\\\\:;\"'<,>.?\\\/])|(?=.*[a-z])(?=.*\\d)(?=.*[~`!@#$%^&*()\\-_+={[}\\]|\\\\:;\"'<,>.?\\\/])|(?=.*[a-z])(?=.*\\d)(?=.*[A-Z])|(?=.*[a-z])(?=.*[~`!@#$%^&*()\\-_+={[}\\]|\\\\:;\"'<,>.?\\\/])(?=.*[A-Z]))[\\w~`!@#$%^&*()\\-+={[}\\]|\\\\:;\"'<,>.?\\\/]{8,128}$", + "validationMessage": "Your password must be at least 8 characters in length. Your password must be no more than 128 characters in length. Your password must contain characters from three of the following categories – English uppercase letters, English lowercase letters, numbers (0-9), and non-alphanumeric characters (!, $, #, %, etc.). Your password cannot contain all or part of the login name. Part of a login name is defined as three or more consecutive alphanumeric characters." + }, + "options": { + "hideConfirmation": false + }, + "visible": "[equals(steps('profisee').UseKeyVault,'No')]" + }, + { + "name": "SQLServerPasswordSecret", + "type": "Microsoft.Common.TextBox", + "label": "SQL Password", + "defaultValue": "", + "placeholder": "Key Vault secret name: ex. profisee-sql-password", + "toolTip": "", + "constraints": { + "required": true, + "regex": "", + "validationMessage": "" + }, + "visible": "[equals(steps('profisee').UseKeyVault,'Yes')]" + }, + { + "name": "SQLServerDatabaseName", + "type": "Microsoft.Common.TextBox", + "label": "Database Name", + "defaultValue": "Profisee", + "toolTip": "Cannot contain special characters or reserved words. Should be less than 128 characters and unique within the SQL Server.", + "constraints": { + "required": true, + "regex": "", + "validationMessage": "" + }, + "visible": true + } + + + + ] + }, + { + "name": "storage", + "label": "Storage", + "elements": [ + + { + "name": "StorageAccountNameSection", + "type": "Microsoft.Common.Section", + "label": "Storage Account Name", + "elements": [ + { + "name": "StorageAccountName", + "type": "Microsoft.Storage.StorageAccountSelector", + "label": "Storage account", + "toolTip": "Create new or pick an existing storage account.", + "defaultValue": { + "name": "", + "type": "Standard_LRS" }, - { - "name": "DNSHostName", - "type": "Microsoft.Common.TextBox", - "label": "DNS Host Name", - "defaultValue": "", - "placeholder": "profiseemdm", - "toolTip": "This is the subdomain part of your domain. Ex. If you will access Profisee at https://profiseemdm.mydomain.com/profisee you need to enter profiseemdm in this field.", - "constraints": { - "required": true, - "regex": "", - "validationMessage": "" - }, - "visible": true + "constraints": { + "allowedTypes": [] }, + "options": { + "hideExisting": false + }, + "visible": true + } + ], + "visible": true + }, + { + "name":"GetStorageAccessKeysRestApiResponse", + "type":"Microsoft.Solutions.ArmApiControl", + "request":{ + "method": "POST", + "path": "[concat(subscription().id,'/resourceGroups/',steps('storage').StorageAccountNameSection.StorageAccountName.resourceGroup,'/providers/Microsoft.Storage/storageAccounts/',steps('storage').StorageAccountNameSection.StorageAccountName.name,'/listKeys?api-version=2019-06-01')]", + "body": "" + } + }, + { + "name": "StorageAccountAccessKey", + "type": "Microsoft.Common.DropDown", + "label": "Access Keys", + "toolTip": "Pick which storage account access key to use.", + "constraints": { + "allowedValues": "[map(steps('storage').GetStorageAccessKeysRestApiResponse.keys, (item) => parse(concat('{\"label\":\"', item.keyName, '\",\"value\":\"', item.value, '\"}')))]", + "required": true + }, + "visible": "[equals(steps('storage').StorageAccountNameSection.StorageAccountName.newOrExisting, 'existing')]" + }, + { + "name":"GetStorageFileSharesRestApiResponse", + "type":"Microsoft.Solutions.ArmApiControl", + "request":{ + "method": "GET", + "path": "[concat(subscription().id,'/resourceGroups/',steps('storage').StorageAccountNameSection.StorageAccountName.resourceGroup,'/providers/Microsoft.Storage/storageAccounts/',steps('storage').StorageAccountNameSection.StorageAccountName.name,'/fileServices/default/shares?api-version=2019-06-01')]", + "body": "" + } + }, + { + "name": "StorageAccountFileShareName", + "type": "Microsoft.Common.DropDown", + "label": "File share", + "toolTip": "A file share must be created in the storage account.", + "constraints": { + "allowedValues": "[map(steps('storage').GetStorageFileSharesRestApiResponse.value, (item) => parse(concat('{\"label\":\"', item.name, '\",\"value\":\"', item.name, '\"}')))]", + "required": true + }, + "visible": "[equals(steps('storage').StorageAccountNameSection.StorageAccountName.newOrExisting, 'existing')]" + } + ] + }, + { + "name": "networking", + "label": "Networking", + "elements": [ + { + "name": "DNSUpdate", + "type": "Microsoft.Common.OptionsGroup", + "label": "Use default Azure DNS?", + "defaultValue": "Yes, use default Azure DNS and Let’s Encrypt for certificates (ex. https://[profisee].[region].cloudapp.azure.com/profisee)", + "toolTip": "Profisee will configure Let's Encrypt to generate and auto-renew a TLS certificate for use with Azure hosted DNS. Ex. profisee.eastus2.cloudapp.azure.com/{web app name}.", + "constraints": { + "allowedValues": [ { - "name": "DNSDomainName", - "type": "Microsoft.Common.TextBox", - "label": "DNS Domain Name", - "defaultValue": "", - "placeholder":"This value is CaSe SeNSitiVe! mydomain.com", - "toolTip": "This value is CaSe SeNSitiVe!", - "constraints": { - "required": true, - "regex": "", - "validationMessage": "" - }, - "visible": true + "label": "Yes, use default Azure DNS and Let’s Encrypt for certificates (ex. https://[profisee].[region].cloudapp.azure.com/profisee)", + "value": "No" }, { - "name": "DNSDomainResourceGroup", - "type": "Microsoft.Common.TextBox", - "label": "DNS Zone Resource Group", - "defaultValue": "", - "placeholder": "This value is CaSe SeNSitiVe! mydnszoneresourcegroup", - "toolTip": "This value is CaSe SeNSitiVe! Please type the name of the Azure Resource group that contains your Azure DNS Zone. Check for case sensitivity by looking in Resource Groups in Azure vs which Resource Group the DNS zone itself belongs to.", - "constraints": { - "required": true, - "regex": "", - "validationMessage": "" - }, - "visible": "[equals(steps('networking').UserDefinedDNS.DNSUpdate2, 'Yes')]" + "label": "No, I will provide my own DNS hostname and domain.", + "value": "Yes" } ], - "visible": "[equals(steps('networking').DNSUpdate,'Yes')]" - }, - { - "name": "HttpsConfigure", - "type": "Microsoft.Common.OptionsGroup", - "label": "Use Let’s Encrypt?", - "defaultValue": "Yes, use Let’s Encrypt for certificates.", - "toolTip": "If yes, Profisee will configure Let's Encrypt to generate, use and auto-renew a free TLS certificate.", - "constraints": { - "allowedValues": [ - { - "label": "Yes, use Let’s Encrypt for certificates.", - "value": "No" - }, - { - "label": "No, I will provide my certificate.", - "value": "Yes" - } - ], - "required": true - }, - "visible": "[equals(steps('networking').DNSUpdate,'Yes')]" + "required": true }, - { - "name": "UserDefinedHTTPS", - "type": "Microsoft.Common.Section", - "label": "User provided TLS certificate", - "elements": [ - { - "name": "HttpsCertificate", - "type": "Microsoft.Common.FileUpload", - "label": "TLS Certificate", - "toolTip": "Please provide a certificate in either txt or crt format.", - "constraints": { - "required": true, - "accept": ".txt,.crt" - }, - "options": { - "multiple": false, - "uploadMode": "file", - "openMode": "text", - "encoding": "UTF-8" - }, - "visible": "[equals(steps('profisee').UseKeyVault,'No')]" + "visible": true + }, + { + "name": "UserDefinedDNS", + "type": "Microsoft.Common.Section", + "label": "User Defined DNS", + "elements": [ + { + "name": "DNSUpdate2", + "type": "Microsoft.Common.OptionsGroup", + "label": "Are your domain DNS records hosted in an Azure Public DNS Zone?", + "defaultValue": "Yes, I use an Azure Public DNS zone to host my domain records.", + "toolTip": "You have an Azure DNS zone for your domain. The Name Servers of your domain at your domain registrar (ex. Google, Cloudflare, GoDaddy) are set as the Azure Public DNS zone ones.", + "constraints": { + "allowedValues": [ + { + "label": "Yes, I use an Azure Public DNS zone to host my domain records.", + "value": "Yes" + }, + { + "label": "No, my domain and DNS records are hosted outside of Azure.", + "value": "No" + } + ], + "required": true + }, + "visible": true + }, + { + "name": "DNSHostName", + "type": "Microsoft.Common.TextBox", + "label": "DNS Host Name", + "defaultValue": "", + "placeholder": "profiseemdm", + "toolTip": "This is the subdomain part of your domain. Ex. If you will access Profisee at https://profiseemdm.mydomain.com/profisee you need to enter profiseemdm in this field.", + "constraints": { + "required": true, + "regex": "", + "validationMessage": "" + }, + "visible": true + }, + { + "name": "DNSDomainName", + "type": "Microsoft.Common.TextBox", + "label": "DNS Domain Name", + "defaultValue": "", + "placeholder":"This value is CaSe SeNSitiVe! mydomain.com", + "toolTip": "This value is CaSe SeNSitiVe!", + "constraints": { + "required": true, + "regex": "", + "validationMessage": "" + }, + "visible": true + }, + { + "name": "DNSDomainResourceGroup", + "type": "Microsoft.Common.TextBox", + "label": "DNS Zone Resource Group", + "defaultValue": "", + "placeholder": "This value is CaSe SeNSitiVe! mydnszoneresourcegroup", + "toolTip": "This value is CaSe SeNSitiVe! Please type the name of the Azure Resource group that contains your Azure DNS Zone. Check for case sensitivity by looking in Resource Groups in Azure vs which Resource Group the DNS zone itself belongs to.", + "constraints": { + "required": true, + "regex": "", + "validationMessage": "" }, + "visible": "[equals(steps('networking').UserDefinedDNS.DNSUpdate2, 'Yes')]" + } + ], + "visible": "[equals(steps('networking').DNSUpdate,'Yes')]" + }, + { + "name": "HttpsConfigure", + "type": "Microsoft.Common.OptionsGroup", + "label": "Use Let’s Encrypt?", + "defaultValue": "Yes, use Let’s Encrypt for certificates.", + "toolTip": "If yes, Profisee will configure Let's Encrypt to generate, use and auto-renew a free TLS certificate.", + "constraints": { + "allowedValues": [ { - "name": "HttpsCertificateSecret", - "type": "Microsoft.Common.TextBox", - "label": "TLS Certificate", - "defaultValue": "", - "placeholder": "TLS Certificate name in KeyVault", - "toolTip": "Name of the certificate as stored in Key Vault. Ex. profisee-tls-certificate", - "constraints": { - "required": true, - "regex": "", - "validationMessage": "" - }, - "visible": "[equals(steps('profisee').UseKeyVault,'Yes')]" + "label": "Yes, use Let’s Encrypt for certificates.", + "value": "No" }, { - "name": "HttpsCertificatePrivateKey", - "type": "Microsoft.Common.FileUpload", - "label": "TLS Certificate Private Key", - "toolTip": "Please provide the certificate's private key in either .txt or .key format.", - "constraints": { - "required": true, - "accept": ".txt,.key" - }, - "options": { - "multiple": false, - "uploadMode": "file", - "openMode": "text", - "encoding": "UTF-8" - }, - "visible": "[equals(steps('profisee').UseKeyVault,'No')]" + "label": "No, I will provide my certificate.", + "value": "Yes" } ], - "visible": "[equals(steps('networking').HttpsConfigure,'Yes')]" - } + "required": true + }, + "visible": "[equals(steps('networking').DNSUpdate,'Yes')]" + }, + { + "name": "UserDefinedHTTPS", + "type": "Microsoft.Common.Section", + "label": "User provided TLS certificate", + "elements": [ + { + "name": "HttpsCertificate", + "type": "Microsoft.Common.FileUpload", + "label": "TLS Certificate", + "toolTip": "Please provide a certificate in either txt or crt format.", + "constraints": { + "required": true, + "accept": ".txt,.crt" + }, + "options": { + "multiple": false, + "uploadMode": "file", + "openMode": "text", + "encoding": "UTF-8" + }, + "visible": "[equals(steps('profisee').UseKeyVault,'No')]" + }, + { + "name": "HttpsCertificateSecret", + "type": "Microsoft.Common.TextBox", + "label": "TLS Certificate", + "defaultValue": "", + "placeholder": "TLS Certificate name in KeyVault", + "toolTip": "Name of the certificate as stored in Key Vault. Ex. profisee-tls-certificate", + "constraints": { + "required": true, + "regex": "", + "validationMessage": "" + }, + "visible": "[equals(steps('profisee').UseKeyVault,'Yes')]" + }, + { + "name": "HttpsCertificatePrivateKey", + "type": "Microsoft.Common.FileUpload", + "label": "TLS Certificate Private Key", + "toolTip": "Please provide the certificate's private key in either .txt or .key format.", + "constraints": { + "required": true, + "accept": ".txt,.key" + }, + "options": { + "multiple": false, + "uploadMode": "file", + "openMode": "text", + "encoding": "UTF-8" + }, + "visible": "[equals(steps('profisee').UseKeyVault,'No')]" + } + ], + "visible": "[equals(steps('networking').HttpsConfigure,'Yes')]" + } - ] + ] - } - ], - "outputs": { - "ManagedIdentityName": "[basics('ManagedIdentityName')]", + } + ], + "outputs": { + "ManagedIdentityName": "[basics('ManagedIdentityName')]", - "ProfiseeVersion": "[steps('profisee').ProfiseeVersion]", - "ProfiseeAdminUserAccount": "[steps('profisee').ProfiseeAdminUserAccount]", - "ProfiseeLicense": "[if(equals(steps('profisee').UseKeyVault, 'Yes'), steps('profisee').ProfiseeLicenseSecret, steps('profisee').ProfiseeLicense)]", - "ActiveDirectoryCreateApp": "[steps('profisee').ActiveDirectoryCreateApp]", - "ActiveDirectoryClientId": "[steps('profisee').UserSuppliedClientyId.ActiveDirectoryClientId]", + "ProfiseeVersion": "[steps('profisee').ProfiseeVersion]", + "ProfiseeAdminUserAccount": "[steps('profisee').ProfiseeAdminUserAccount]", + "ProfiseeLicense": "[if(equals(steps('profisee').UseKeyVault, 'Yes'), steps('profisee').ProfiseeLicenseSecret, steps('profisee').ProfiseeLicense)]", + "ActiveDirectoryCreateApp": "[steps('profisee').ActiveDirectoryCreateApp]", + "ActiveDirectoryClientId": "[steps('profisee').UserSuppliedClientyId.ActiveDirectoryClientId]", - "KubernetesClusterName": "[steps('kubernetes').KubernetesClusterName]", - "KubernetesVersion": "[steps('kubernetes').KubernetesVersion]", - "KubenetesInfrastructureResourceGroupName": "[steps('kubernetes').KubenetesInfrastructureResourceGroupName]", - "KubernetesLinuxNodeSize": "[steps('kubernetes').KubernetesLinuxNodeSizeSection.KubernetesLinuxNodeSize]", - "KubernetesLinuxNodeCount": "[steps('kubernetes').KubernetesLinuxNodeCount]", - "KubernetesWindowsNodeSize": "[steps('kubernetes').KubernetesWindowsNodeSizeSection.KubernetesWindowsNodeSize]", - "KubernetesWindowsNodeCount": "[steps('kubernetes').KubernetesWindowsNodeCount]", + "KubernetesClusterName": "[steps('kubernetes').KubernetesClusterName]", + "KubernetesVersion": "[steps('kubernetes').KubernetesVersion]", + "KubenetesInfrastructureResourceGroupName": "[steps('kubernetes').KubenetesInfrastructureResourceGroupName]", + "KubernetesLinuxNodeSize": "[steps('kubernetes').KubernetesLinuxNodeSizeSection.KubernetesLinuxNodeSize]", + "KubernetesLinuxNodeCount": "[steps('kubernetes').KubernetesLinuxNodeCount]", + "KubernetesWindowsNodeSize": "[steps('kubernetes').KubernetesWindowsNodeSizeSection.KubernetesWindowsNodeSize]", + "KubernetesWindowsNodeCount": "[steps('kubernetes').KubernetesWindowsNodeCount]", - "KubernetesVnetName": "[steps('kubernetes').KubernetesAdvanced.KubernetesVnetName.name]", - "KubernetesVnetResourceGroup": "[steps('kubernetes').KubernetesAdvanced.KubernetesVnetName.resourceGroup]", - "KubernetesSubnetName": "[steps('kubernetes').KubernetesAdvanced.KubernetesVnetName.subnets.subnet1.name]", + "KubernetesVnetName": "[steps('kubernetes').KubernetesAdvanced.KubernetesVnetName.name]", + "KubernetesVnetResourceGroup": "[steps('kubernetes').KubernetesAdvanced.KubernetesVnetName.resourceGroup]", + "KubernetesSubnetName": "[steps('kubernetes').KubernetesAdvanced.KubernetesVnetName.subnets.subnet1.name]", - "KubernetesServiceCidr": "[steps('kubernetes').KubernetesAdvanced.KubernetesServiceCidr]", - "KubernetesDNSServiceIP": "[steps('kubernetes').KubernetesAdvanced.KubernetesDNSServiceIP]", - "KubernetesDockerBridgeCidr": "[steps('kubernetes').KubernetesAdvanced.KubernetesDockerBridgeCidr]", + "KubernetesServiceCidr": "[steps('kubernetes').KubernetesAdvanced.KubernetesServiceCidr]", + "KubernetesDNSServiceIP": "[steps('kubernetes').KubernetesAdvanced.KubernetesDNSServiceIP]", + "KubernetesDockerBridgeCidr": "[steps('kubernetes').KubernetesAdvanced.KubernetesDockerBridgeCidr]", - "SQLServerCreateNew": "[steps('sql').SQLServerCreateNew]", - "SQLServerName": "[if(equals(steps('sql').SQLServerCreateNew, 'Yes'), steps('sql').SQLServerName, steps('sql').SQLServerNameExisting.name)]", - "SQLServerUser": "[if(equals(steps('profisee').UseKeyVault, 'Yes'), steps('sql').SQLServerUserSecret, steps('sql').SQLServerUser)]", - "SQLServerPassword": "[if(equals(steps('profisee').UseKeyVault, 'Yes'), steps('sql').SQLServerPasswordSecret, steps('sql').SQLServerPassword)]", - "SQLServerDatabaseName": "[steps('sql').SQLServerDatabaseName]", - "StorageAccountCreateNew": "[if(equals(steps('storage').StorageAccountNameSection.StorageAccountName.newOrExisting, 'new'), 'Yes', 'No')]", - "StorageAccountName": "[steps('storage').StorageAccountNameSection.StorageAccountName.name]", - "StorageAccountResourceGroupName": "[coalesce(steps('storage').StorageAccountNameSection.StorageAccountName.resourceGroup,resourceGroup().name)]", - "StorageAccountAccessKey": "[steps('storage').StorageAccountAccessKey]", - "StorageAccountType": "[steps('storage').StorageAccountNameSection.StorageAccountName.type]", - "StorageAccountFileShareName": "files", + "SQLServerCreateNew": "[steps('sql').SQLServerCreateNew]", + "SQLServerName": "[if(equals(steps('sql').SQLServerCreateNew, 'Yes'), steps('sql').SQLServerName, steps('sql').SQLServerNameExisting.name)]", + "SQLServerUser": "[if(equals(steps('profisee').UseKeyVault, 'Yes'), steps('sql').SQLServerUserSecret, steps('sql').SQLServerUser)]", + "SQLServerPassword": "[if(equals(steps('profisee').UseKeyVault, 'Yes'), steps('sql').SQLServerPasswordSecret, steps('sql').SQLServerPassword)]", + "SQLServerDatabaseName": "[steps('sql').SQLServerDatabaseName]", + "StorageAccountCreateNew": "[if(equals(steps('storage').StorageAccountNameSection.StorageAccountName.newOrExisting, 'new'), 'Yes', 'No')]", + "StorageAccountName": "[steps('storage').StorageAccountNameSection.StorageAccountName.name]", + "StorageAccountResourceGroupName": "[coalesce(steps('storage').StorageAccountNameSection.StorageAccountName.resourceGroup,resourceGroup().name)]", + "StorageAccountAccessKey": "[steps('storage').StorageAccountAccessKey]", + "StorageAccountType": "[steps('storage').StorageAccountNameSection.StorageAccountName.type]", + "StorageAccountFileShareName": "files", - "DNSUpdate": "[if(equals(steps('networking').DNSUpdate, 'No'), 'No', steps('networking').UserDefinedDNS.DNSUpdate2)]", - "DNSHostName": "[steps('networking').UserDefinedDNS.DNSHostName]", - "DNSDomainName": "[steps('networking').UserDefinedDNS.DNSDomainName]", - "DNSDomainResourceGroup": "[steps('networking').UserDefinedDNS.DNSDomainResourceGroup]", - "HttpsConfigure": "[coalesce(steps('networking').HttpsConfigure,'No')]", - "UseLetsEncrypt": "[if(equals(coalesce(steps('networking').HttpsConfigure,'No'),'No'),'Yes','No')]", - "HttpsCertificate": "[if(equals(steps('profisee').UseKeyVault, 'Yes'), steps('networking').UserDefinedHTTPS.HttpsCertificateSecret, steps('networking').UserDefinedHTTPS.HttpsCertificate)]", + "DNSUpdate": "[if(equals(steps('networking').DNSUpdate, 'No'), 'No', steps('networking').UserDefinedDNS.DNSUpdate2)]", + "DNSHostName": "[steps('networking').UserDefinedDNS.DNSHostName]", + "DNSDomainName": "[steps('networking').UserDefinedDNS.DNSDomainName]", + "DNSDomainResourceGroup": "[steps('networking').UserDefinedDNS.DNSDomainResourceGroup]", + "HttpsConfigure": "[coalesce(steps('networking').HttpsConfigure,'No')]", + "UseLetsEncrypt": "[if(equals(coalesce(steps('networking').HttpsConfigure,'No'),'No'),'Yes','No')]", + "HttpsCertificate": "[if(equals(steps('profisee').UseKeyVault, 'Yes'), steps('networking').UserDefinedHTTPS.HttpsCertificateSecret, steps('networking').UserDefinedHTTPS.HttpsCertificate)]", - "HttpsCertificatePrivateKey": "[steps('networking').UserDefinedHTTPS.HttpsCertificatePrivateKey]", - "UseKeyVault":"[steps('profisee').UseKeyVault]", - "KeyVault":"[steps('profisee').KeyVault.id]", - "UsePurview":"[steps('profisee').UsePurview]", - "PurviewUrl":"[steps('profisee').GetPurviewUrlRestApiResponse.properties.endpoints.catalog]", - "PurviewClientId":"[steps('profisee').PurviewClientID]", - "PurviewClientSecret":"[steps('profisee').PurviewClientSecret]", - "PurviewAccountResourceGroup":"[last(take(split(steps('profisee').PurviewAccountName.id, '/'), 5))]", - "ProfiseeWebAppName":"[steps('profisee').ProfiseeWebAppName]" - } + "HttpsCertificatePrivateKey": "[steps('networking').UserDefinedHTTPS.HttpsCertificatePrivateKey]", + "UseKeyVault":"[steps('profisee').UseKeyVault]", + "KeyVault":"[steps('profisee').KeyVault.id]", + "UsePurview":"[steps('profisee').UsePurview]", + "PurviewUrl":"[steps('profisee').GetPurviewUrlRestApiResponse.properties.endpoints.catalog]", + "PurviewClientId":"[steps('profisee').PurviewClientID]", + "PurviewCollectionName":"[steps('profisee').PurviewCollectionName]", + "PurviewClientSecret":"[steps('profisee').PurviewClientSecret]", + "PurviewAccountResourceGroup":"[last(take(split(steps('profisee').PurviewAccountName.id, '/'), 5))]", + "ProfiseeWebAppName":"[steps('profisee').ProfiseeWebAppName]" } } +} diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index 414f825d..de9bed5f 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -368,6 +368,7 @@ else echo $"FILEREPOPASSWORD was passed in, we'll use it." fi +echo $"Correction of TLS variables finished."; #If deployment of a new SQL database has been selected, we will create a SQL firewall rule to allow traffic from the AKS cluster's egress IP. if [ "$SQLSERVERCREATENEW" = "Yes" ]; then @@ -385,6 +386,18 @@ if [ "$SQLSERVERCREATENEW" = "Yes" ]; then echo "Addition of the SQL firewall rule finished."; fi +#Acquire the collection id from the collection name +if [ "$USEPURVIEW" = "Yes" ]; then + echo "Obtain collection id from provided collection friendly name started."; + echo "Grab a token." + purviewtoken=$(curl --location --request GET "https://login.microsoftonline.com/$TENANTID/oauth2/token" --header 'Content-Type: application/x-www-form-urlencoded' --data-urlencode "client_id=$PURVIEWCLIENTID" --data-urlencode "client_secret=$PURVIEWCLIENTSECRET" --data-urlencode 'grant_type=client_credentials' --data-urlencode 'resource=https://purview.azure.net' | jq --raw-output '.access_token'); + echo "Token acquired." + echo "Find collection Id."; + COLLECTIONID=$(curl --location --request GET "$PURVIEWURL/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="'$PURVIEWCOLLECTIONNAME'") | .name'); + echo $"Collection id is $COLLECTIONID, using that."; + echo "Obtain collection id from provided collection friendly name completed."; +fi + echo "The variables will now be set in the Settings.yaml file" #Setting storage related variables FILEREPOUSERNAME="Azure\\\\\\\\${STORAGEACCOUNTNAME}" @@ -421,6 +434,7 @@ sed -i -e 's/$ACRREPONAME/'"$ACRREPONAME"'/g' Settings.yaml sed -i -e 's/$ACRREPOLABEL/'"$ACRREPOLABEL"'/g' Settings.yaml sed -i -e 's~$PURVIEWURL~'"$PURVIEWURL"'~g' Settings.yaml sed -i -e 's/$PURVIEWTENANTID/'"$TENANTID"'/g' Settings.yaml +sed -i -e 's/$PURVIEWCOLLECTIONNAME/'"$COLLECTIONID"'/g' Settings.yaml sed -i -e 's/$PURVIEWCLIENTID/'"$PURVIEWCLIENTID"'/g' Settings.yaml sed -i -e 's/$PURVIEWCLIENTSECRET/'"$PURVIEWCLIENTSECRET"'/g' Settings.yaml sed -i -e 's/$WEBAPPNAME/'"$WEBAPPNAME"'/g' Settings.yaml diff --git a/Azure-ARM/prereqcheck.sh b/Azure-ARM/prereqcheck.sh index 8dc98ad2..c0bd24b5 100644 --- a/Azure-ARM/prereqcheck.sh +++ b/Azure-ARM/prereqcheck.sh @@ -38,7 +38,10 @@ echo $"USEKEYVAULT is $USEKEYVAULT" echo $"KEYVAULT is $KEYVAULT" echo $"USEPURVIEW is $USEPURVIEW" echo $"PURVIEWURL is $PURVIEWURL" +echo $"PURVIEWCOLLECTIONNAME is $PURVIEWCOLLECTIONNAME" echo $"PURVIEWCLIENTID is $PURVIEWCLIENTID" +echo $"PURVIEWCLIENTSECRET is $PURVIEWCLIENTSECRET" +echo $"TENANTID is $TENANTID" IFS='/' read -r -a miparts <<< "$AZ_SCRIPTS_USER_ASSIGNED_IDENTITY" #splits the mi on slashes mirg=${miparts[4]} @@ -130,6 +133,17 @@ if [ "$USEPURVIEW" = "Yes" ]; then if [[ $purviewClientPermissions != *"98830695-27a2-44f7-8c18-0c3ebc9698f6"* ]]; then echo "The Purview Azure AD application registration is missing the Microsoft Graph API GroupMember.Read.All application permission. Some governance features will not function until this permission is granted. This permission requires an Azure AD Global Admin consent. Please visit https://support.profisee.com/wikis/2022_r1_support/prerequisites_for_integrating_with_purview for more information." fi + #Check if the provided Purview Collection name exists. + #Acquire token + echo "Checking if provided Purview collection name exists." + purviewtoken=$(curl --location --request GET "https://login.microsoftonline.com/$TENANTID/oauth2/token" --header 'Content-Type: application/x-www-form-urlencoded' --data-urlencode "client_id=$PURVIEWCLIENTID" --data-urlencode "client_secret=$PURVIEWCLIENTSECRET" --data-urlencode 'grant_type=client_credentials' --data-urlencode 'resource=https://purview.azure.net' | jq --raw-output '.access_token'); + collectionnamenotfound=$(curl --location --request GET "$PURVIEWURL/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="'$PURVIEWCOLLECTIONNAME'") | .name'); + if [ -z "$collectionnamenotfound" ]; then + err=$"The $PURVIEWCOLLECTIONNAME provided could NOT be found. Exiting with error." + echo $err + else + echo $" The $PURVIEWCOLLECTIONNAME provided was found. Continuing checks." + fi fi #If using Key Vault, checks to make sure that the Deployment Managed Identity has been assigned the Managed Identity Contributor role AND User Access Administrator as Subscription level. diff --git a/index.yaml b/index.yaml index dfa91560..7bfd26d6 100644 --- a/index.yaml +++ b/index.yaml @@ -9,6 +9,6 @@ entries: name: profisee-platform type: application urls: - - https://profiseedev.github.io/kubernetes/profisee-platform-0.1.21.tgz - version: 0.1.21 + - https://profiseedev.github.io/kubernetes/profisee-platform-0.1.22.tgz + version: 0.1.22 generated: "2022-06-30T00:00:00.0-05:00" diff --git a/profisee-platform-0.1.22.tgz b/profisee-platform-0.1.22.tgz new file mode 100644 index 0000000000000000000000000000000000000000..daf5dc6fb933b6275f805767f6876a4666782c42 GIT binary patch literal 5569 zcmV;y6+Y@8iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PKDLZ{xO-`2K9b{{uhH0^2@3%d+Dng^KsNa~*FRY&M&Vv)g-z z0tGEGHXEAMl9ZivoBP`jlthX8V#!V%r`viK*d*d`IQ%k0ayT6NoZVo7P}?U^-Y`Dz z3}=u_>mJU@t1W?T+xBt4AO5s$JO9(}9rj*z`-gVF*Xy11?N@fUf86W60`|5TsDeO9 z$Y0q{E-PQTuLPivKOrtKqYhZ~8qoKXKf6}<*s>cQ5-!KS48IM)Pl(KctHubpVH{k> z;|E;E;|DMb-USoHDUwJuD4Zh)6h>J?-uuV_(Dw;;p`zVb=yGkVYxR1Kmu{KA2NdOh z0ZD+wHWfgP{2!gz$2s{wvQG~8^1llZpUD{U1>z29HUI!164=)3@qe9P4Bn4g(N_;j zIDrCPq^YMr80mpP+(`R49$gu!J``ffxM!qZ4#wl3KU|%*nhiY!uL63F=g3JYo+Bwn z)aCcSbinJ6Izocp9Mgg8vVclOd~o{y>|!t+e)xECZIpk53A#c) z6Ie2S9~ThjkFsjc-=3Y1u11$1iWKs7)R?)7<}0hwjM{26!lsN~hgz_8ftEv#JVYgi zL}ZX6<(Mh*>fFFkRU6MBMijh2sx+2HqpBQS6!ULbIa zIdWAG8TEsKoH35&y<+ae+37G_eV1TF6? zcNJ4Z0`c4dt(la*)9DCzhUQRMcXJ{b^ex7xou%mXZ2PEVA9ZlpY4X0~s%)a8DCCHq zc~2)9eY?SkXS$w?aOggb{uD0|&GAj(HYkgL=jft2#AItN?2WJs(fh&Kc{!TmKgJq-y#A?`$9c$n zF#dXIHVAeR73eJ{=oCumfY;||!_mcfbUL^msL2MMQ7p&dk~TsZPXG0n4@XzmVahvnpGkN(`nSsJ5*B#zhzUC+8E{x!a<;&p znwC=)8tRjG=>8K7h;+aWBqB+<)t}SG(30bTgLxn%m>}SC1SRqSra;aRfVTor<{`k5 zU;%d#m~s~Q08$Uk;6iMlgj(C*qWgs^$m{|`3upRDlT|6{cM+;%;h31> zGx?ZKudQ6tWjdv1lHx|kH);=2$QX}=>}OgiK{NTIs(Lm_1e0X%ldqjb6c+0oYoDRf zAmAWs9_#^jlQesb_&vB{1PP!!2nvCx6nTJ2faUjqGlGC*U=A?_S3f$S^&V0lTR)j4Sdf2Ho=>G(*PngR967U|nGfWW}GAcQq1S;7WaxsmwWISa?-aMCD z)z)PL#Si!bqoq^Yw66#M^YLnQJ-Qf_&g|Qm_%Rg{Qa4#ZU4Fd!bT<0=>|%U9xEPLd zt2?y_j@D2b@rS{9lrBo(Qj|(@rpeGmd}1V+BeNx@j7>?o3dm%hx+u!5g#|R9uvaeb z|0J5L-;wBqI!SAh_U)pbOdp$V4(sec{o|wT{;$_N>7MNOf4hJ$U)liQ0P9n<>kp@- zXmwy2lMQG;JTx1otq4NTXPzD$*6nw~!mP9CHXFB?dJYH|_F5-28*?O~+Cw^-O(wh* zw+l_9)ochK={-VZAF}mIDV|489q{E#8LxW!vl5Qdxd%Kv==EZ#Gd3WiwM+ag>7h1gU9)X0CocWme7|LAak{<{-+?ED`aaoa*Njx1MT z>#kjp{>c8O?N~!Kc5=dRt^jTq>Muj0{lowkBB)PMu^%SCAvd-lS5zR`&&SMKS$lCT z_3fDGMb=YA64A!d;ikFSxJ_JJR8=Jr>G`;}akl{r`Mao4YwNKFBE!A|BoQjhv(k6D z)a@B*vWmtLpGjLE{Ftrt!H1vqX~mP9#4!Bl`PE)W;}oTaTYaAOoZRXYj0$cwN(Hy^ zvBk478q?1+ndo$%U^kRL$l)AG#6{|namkERfR^L|O8q}Ry)T>-v_iwR;UY4Kk2f^R z8n(FHiAut@K8ISX?wLuR#o7a;C#aBfXr5d=S*b+OHqU6mR>d}@7x|Dx8H%Zi!Zwd# zvNFCcUdtumNsMlVsS+jf!b}xK@JS5m#1VCwS`<5=HGu*h_gh)ZSbV}+!(;|KT^Z+& zLhEXpK~JcpCwn#dHDYdY{gjigJ(NM!`af2^Scm}e#~T0F*#Dm#9p>%-hux$7`hORY zo9S}Cm{!&c6XbURF51wDQ@@02Thnr}-;ACB6pb!qAQ%vv7?>_UcV?lGW?oEb4BL&JlG}gw6qRUh( zyDed&nnqS-KTjQx)GEl;QW#Nj+#l>hNLU=r!&fsyevb~rE3YPzGBllUmm&zO2_ zDF%U@sojS5q<#}_O5Q~12PJ#6@*=hOw=NDGURK} zG7j%4&Ai?=9plRzXdoqYXLCel>KT8YxSOx0ob{!*w1;}Okb|mH%G$Z6lt(oFs*=lk zq^9&obW>^LCJz4_v~HZIybnj(fB#|}`lPL2#2W8BpQ z-{!72)X>b{hFDGZ9Bx82a}i=S(UEblp@w351tLps_~HE}3B<2cSI?PmY|xp%dFJ`Q zYW)}8@KIW;-BRV&t^klM-73m)dVIbeA2+Y*S5nx< zNyO)vh6|-1Idst_;+T13(M)Ce(+ond992+3i>B2l01>s`)>*XFbvSQ*ZyVPkQ5%H3$A8(jD=3%pz zBalx~yQ~(f9lrx<9qL=*SJmaeM!A12v_Xy3M9~kDQ_rf>I9hTnQClkBr2{&zyJ->T z8U0!XmmJrGtA^Y$O?kK-|Dou;&JfHw zW+-}*+3=F18*H2+O`v;=a!YK1_yW86Go^ynK19mm_>4;j6b_z(`9uwo@9gY3{Qe~V zuK`u-KQ(HE4_)-U=YMv$pTGatJv`joe|7=~`2)a%Xz6yL`@Y#YFjj8|MQsv)OiU{W zk>bc$R$jW6dsqck@*mC8?Zm94quOk$1?uF#cbwn<^^SY{{ohWY{QQ3$yC0VMyhldD z$T#FS!D#jFt}u8EPXQ}W%3R`wHpcK&4*UTo$9+WI{kmiOu!j8KV1m+ERf*sK`dXk) z{txrlfs|zn}ki0?#D>>2<5M<^Pc`VI{Kv(rx-R!J6_fW{^ME`Hy{M=i`5MZF?X8YbQ|Q z|B*(ZE4qI?RaJ!J$xsf_RddNWoT4}=b3Q6SjXp3!Ij1TivZIy|53f8vVV&_+-}yIT z4f)3u%jh!KBNagH{{JLD|95-)`F}UCEul^aiFp^mXF{qJ%NN~@ycL4&#-i$TREnRE z+Pl9CxFuLa{^Q%KkAD%OcKvVX_y2Z(zyIG2#PdI8a&sThr|63$%0a3t%m4(Y@aH0W z?{5Te6V{M_hCR2fV^}{%3)Ig41^a*Z=%~M!|6RbgpeTHEC12& z&vX9YJITlY>h}8k`~N$Et;)ZST2dkXkGR~n*8cOq7#bkC-)oAz`JztNruNd!@wbCDQD zQ^_*nGD^wCGBA14V=>^QbXicKHDrV!S7Ju1BD86;ZU%e360U1vnrYfeNVE0$F4-%U za$L1lT0ynA23t+JVhOf4!u$nb4gGHhdwq`k|Mp=q{?pO^{g>UqOWA+35rhjf!P=pd z_L}Kwu%`TP?(}8ABjmq-wDo2KSs^vet zCj8v-KkUQ9qW|aN-u|-_SS6V81@X!$JiSF8U;d15k7uran(w(VF7=K6=(hQHao{VT zGs#>=9B@6nEC~u$ps8QR&|#*-Os@XJ0T+y-zl@ANCsfM6gc98Zga{;`q6DhtzuW8E z`T4)s?e6FQoj^rQzj56CV^kf~&rkr>^1o@MzbH?rWb!Ziq^c*40J!={IaUl8%tJ#K zP#G@(YJvq8YYA#Y2sSfstgQX8o*D0>5OQ#Xr|A9wge?&_$;E4yB=X8O!xEN-BwR*O zx527dcRJFYYU*~BXv8|<>^I~}l#6K+zDJUcN2ec8Dn`n$cui@uthpo2Ec+RM=Y-KB z-O@-mMrN=gAkB({7&FjJ#E5a5LYJ8j5~xE2D%3DCU_>@~3&HHDmEr$ND^gN;h^szr zc%MuCIoA2oY8E5nlsD8;Y}`z6DMkbeiQOLvb8p9z@oe0js6|TOs9FjOO~j`N!OOnm zb0eZ~JyhO^4XZI_Y)Uro@M$Qz0t<<#JjLQRQw`rMKl+Lbo4P2fN4DYDuZc%R^j?5t zN&@8WEEnQ3ufCHZVTpySm2?M;l& z9-Kn5gj4YF(8`rk68toT6pi2oqDZKooMeX;x+^^JQ64NcS|=|N7c)diG421i^WOl# zH{X2oBa-cS1)sFix0agD0|D9;fj48xd>?slzWu_H3^*;)u^$i-=!=|jwghjqSx!&K z01M!;C4G|_E=sLoNKO%f_r@e*n>Z5B5esCJe3TiftLC4Tv0W=?lT0YrVH9xQOkEWW zwNl6Di53txRpgbDohi+AetBC&DT^7lnU35U2UY6rIha6n@s_iBX1uuiX%q9sp9ogI zZDPXu_I!P_GEm2(YFFQPrsMziYm>WnP+5m^PFC|fF1*3GMV^Zf zJXUg?=jHK}OwreB`!!5Fyeex~#=#0MvtC>;%j&ArTVl(yB7DpBgY3QyfH|5oeqWO>Lds_4 z=yQO?CQRrYo3oMREHaWF6{NkN>;*3~X9vcPENc1HTg9?ybT4gyePJlt|E(D!b3CPt zZ!2tP-TB|qaW4Kt_sBln`~U0&4!|Xp5^*YkWFYExu$&ZU_ZCi(u$qkn za6Q99KdUN0XqW&~!X}Y5AJgeS0Y?N%yg*^(YU4Yko}xg}G_*K_Z~QQxHS)j`%Nh88 z-&#QJ#sQ;YR>c(X5eEcQWHlSs>G;>sMyH4j*?i6@_%s{?4|CCMSW_%J(T}JS&4xAk zop+)i$*0-06aJrk5DVHd2u`4T8~D){wAuKFC6>PWF@d-0hn$ChF^;Fr#y|d7<@*FV zW`O`_rz6EhY`|_dEbJlJi8FEbTeD#;gv&hC`E#k9qWs6*ZTX_Rr7~*$fAao+-Tp~; zFaJA%gTVKoM8KUv9$oJZ^#FA_QoB7MXDE&V4{WPz-8CBrk^z?^l}RPa>F=No)SMB~ zP}u{YFsOumjAUCsDhdiit=R~(#RCplpzQ(6`lZ=uHV!CT#$>`$a7p&|ou&RM1|$Ph zEN8(42rQL?h-(#P_0U~ZGe%7`m1_nU2naYwU=f{y>dHa^n=Di0I&c66$}q% literal 0 HcmV?d00001 diff --git a/profisee-platform/Chart.yaml b/profisee-platform/Chart.yaml index a64cf542..d00d3808 100644 --- a/profisee-platform/Chart.yaml +++ b/profisee-platform/Chart.yaml @@ -3,4 +3,4 @@ appVersion: 1.16.0 description: A Helm chart for Profisee Platform on Kubernetes name: profisee-platform type: application -version: 0.1.21 +version: 0.1.22 diff --git a/profisee-platform/templates/secret-purview.yaml b/profisee-platform/templates/secret-purview.yaml index 1eb87ffe..ccec5247 100644 --- a/profisee-platform/templates/secret-purview.yaml +++ b/profisee-platform/templates/secret-purview.yaml @@ -6,6 +6,7 @@ metadata: name: profisee-purview data: ProfiseePurviewUrl: {{.Values.cloud.azure.purview.url | b64enc | quote}} + ProfiseePurviewCollectionName: {{.Values.cloud.azure.purview.collectionName | b64enc | quote}} ProfiseePurviewTenantId: {{.Values.cloud.azure.purview.tenantId | b64enc | quote}} ProfiseePurviewClientId: {{.Values.cloud.azure.purview.clientId | b64enc | quote}} ProfiseePurviewClientSecret: {{.Values.cloud.azure.purview.clientSecret | b64enc | quote}} diff --git a/profisee-platform/templates/statefullset-profisee.yaml b/profisee-platform/templates/statefullset-profisee.yaml index fbb2da02..f0359ce8 100644 --- a/profisee-platform/templates/statefullset-profisee.yaml +++ b/profisee-platform/templates/statefullset-profisee.yaml @@ -128,6 +128,11 @@ spec: secretKeyRef: name: profisee-purview key: ProfiseePurviewUrl + - name: ProfiseePurviewCollectionName + valueFrom: + secretKeyRef: + name: profisee-purview + key: ProfiseePurviewCollectionName - name: ProfiseePurviewTenantId valueFrom: secretKeyRef: From 775e8d74ac9fc8cd6f5219a51a74356cdbc76019 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Thu, 1 Sep 2022 21:47:57 -0400 Subject: [PATCH 061/141] Update prereqcheck.sh --- Azure-ARM/prereqcheck.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Azure-ARM/prereqcheck.sh b/Azure-ARM/prereqcheck.sh index c0bd24b5..d92d1bea 100644 --- a/Azure-ARM/prereqcheck.sh +++ b/Azure-ARM/prereqcheck.sh @@ -139,10 +139,10 @@ if [ "$USEPURVIEW" = "Yes" ]; then purviewtoken=$(curl --location --request GET "https://login.microsoftonline.com/$TENANTID/oauth2/token" --header 'Content-Type: application/x-www-form-urlencoded' --data-urlencode "client_id=$PURVIEWCLIENTID" --data-urlencode "client_secret=$PURVIEWCLIENTSECRET" --data-urlencode 'grant_type=client_credentials' --data-urlencode 'resource=https://purview.azure.net' | jq --raw-output '.access_token'); collectionnamenotfound=$(curl --location --request GET "$PURVIEWURL/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="'$PURVIEWCOLLECTIONNAME'") | .name'); if [ -z "$collectionnamenotfound" ]; then - err=$"The $PURVIEWCOLLECTIONNAME provided could NOT be found. Exiting with error." + err=$"The $PURVIEWCOLLECTIONNAME collection name provided could NOT be found. Exiting with error." echo $err else - echo $" The $PURVIEWCOLLECTIONNAME provided was found. Continuing checks." + echo $" The $PURVIEWCOLLECTIONNAME collection name provided was found. Continuing checks." fi fi From 423ed70251bb52d657ea5c02197905ef024ba185 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Thu, 1 Sep 2022 21:54:40 -0400 Subject: [PATCH 062/141] Update prereqcheck.sh --- Azure-ARM/prereqcheck.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Azure-ARM/prereqcheck.sh b/Azure-ARM/prereqcheck.sh index d92d1bea..3f131564 100644 --- a/Azure-ARM/prereqcheck.sh +++ b/Azure-ARM/prereqcheck.sh @@ -136,13 +136,15 @@ if [ "$USEPURVIEW" = "Yes" ]; then #Check if the provided Purview Collection name exists. #Acquire token echo "Checking if provided Purview collection name exists." + echo $"curl --location --request GET "https://login.microsoftonline.com/$TENANTID/oauth2/token" --header 'Content-Type: application/x-www-form-urlencoded' --data-urlencode "client_id=$PURVIEWCLIENTID" --data-urlencode "client_secret=$PURVIEWCLIENTSECRET" --data-urlencode 'grant_type=client_credentials' --data-urlencode 'resource=https://purview.azure.net' | jq --raw-output '.access_token'" purviewtoken=$(curl --location --request GET "https://login.microsoftonline.com/$TENANTID/oauth2/token" --header 'Content-Type: application/x-www-form-urlencoded' --data-urlencode "client_id=$PURVIEWCLIENTID" --data-urlencode "client_secret=$PURVIEWCLIENTSECRET" --data-urlencode 'grant_type=client_credentials' --data-urlencode 'resource=https://purview.azure.net' | jq --raw-output '.access_token'); + echo $"curl --location --request GET "$PURVIEWURL/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="'$PURVIEWCOLLECTIONNAME'") | .name'" collectionnamenotfound=$(curl --location --request GET "$PURVIEWURL/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="'$PURVIEWCOLLECTIONNAME'") | .name'); if [ -z "$collectionnamenotfound" ]; then err=$"The $PURVIEWCOLLECTIONNAME collection name provided could NOT be found. Exiting with error." echo $err else - echo $" The $PURVIEWCOLLECTIONNAME collection name provided was found. Continuing checks." + echo $"The $PURVIEWCOLLECTIONNAME collection name provided was found. Continuing checks." fi fi From 33a5b8492922441c42b32a9292c40b588b3fb623 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Thu, 1 Sep 2022 22:09:40 -0400 Subject: [PATCH 063/141] Update prereqcheck.sh --- Azure-ARM/prereqcheck.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Azure-ARM/prereqcheck.sh b/Azure-ARM/prereqcheck.sh index 3f131564..816026f8 100644 --- a/Azure-ARM/prereqcheck.sh +++ b/Azure-ARM/prereqcheck.sh @@ -138,11 +138,13 @@ if [ "$USEPURVIEW" = "Yes" ]; then echo "Checking if provided Purview collection name exists." echo $"curl --location --request GET "https://login.microsoftonline.com/$TENANTID/oauth2/token" --header 'Content-Type: application/x-www-form-urlencoded' --data-urlencode "client_id=$PURVIEWCLIENTID" --data-urlencode "client_secret=$PURVIEWCLIENTSECRET" --data-urlencode 'grant_type=client_credentials' --data-urlencode 'resource=https://purview.azure.net' | jq --raw-output '.access_token'" purviewtoken=$(curl --location --request GET "https://login.microsoftonline.com/$TENANTID/oauth2/token" --header 'Content-Type: application/x-www-form-urlencoded' --data-urlencode "client_id=$PURVIEWCLIENTID" --data-urlencode "client_secret=$PURVIEWCLIENTSECRET" --data-urlencode 'grant_type=client_credentials' --data-urlencode 'resource=https://purview.azure.net' | jq --raw-output '.access_token'); - echo $"curl --location --request GET "$PURVIEWURL/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="'$PURVIEWCOLLECTIONNAME'") | .name'" + echo $"Token is $purviewtoken." + echo $"curl --location --request GET "$PURVIEWURL/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="`$PURVIEWCOLLECTIONNAME`") | .name'" collectionnamenotfound=$(curl --location --request GET "$PURVIEWURL/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="'$PURVIEWCOLLECTIONNAME'") | .name'); if [ -z "$collectionnamenotfound" ]; then err=$"The $PURVIEWCOLLECTIONNAME collection name provided could NOT be found. Exiting with error." echo $err + set_resultAndReturn; else echo $"The $PURVIEWCOLLECTIONNAME collection name provided was found. Continuing checks." fi From cf4859b84ce75e201cc36c573403952ac5f7cfd9 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Thu, 1 Sep 2022 22:16:36 -0400 Subject: [PATCH 064/141] Update azuredeploy.json --- Azure-ARM/azuredeploy.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Azure-ARM/azuredeploy.json b/Azure-ARM/azuredeploy.json index a12ba981..c201238c 100644 --- a/Azure-ARM/azuredeploy.json +++ b/Azure-ARM/azuredeploy.json @@ -306,7 +306,7 @@ }, { "name": "PURVIEWCLIENTSECRET", - "value": "[variables('PurviewClientId')]" + "value": "[variables('PurviewClientSecret')]" } ] } From 839cac1d77d491cee52869ef28c36ca099a7b4c5 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Thu, 1 Sep 2022 22:38:34 -0400 Subject: [PATCH 065/141] Update prereqcheck.sh --- Azure-ARM/prereqcheck.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Azure-ARM/prereqcheck.sh b/Azure-ARM/prereqcheck.sh index 816026f8..55939667 100644 --- a/Azure-ARM/prereqcheck.sh +++ b/Azure-ARM/prereqcheck.sh @@ -136,11 +136,11 @@ if [ "$USEPURVIEW" = "Yes" ]; then #Check if the provided Purview Collection name exists. #Acquire token echo "Checking if provided Purview collection name exists." - echo $"curl --location --request GET "https://login.microsoftonline.com/$TENANTID/oauth2/token" --header 'Content-Type: application/x-www-form-urlencoded' --data-urlencode "client_id=$PURVIEWCLIENTID" --data-urlencode "client_secret=$PURVIEWCLIENTSECRET" --data-urlencode 'grant_type=client_credentials' --data-urlencode 'resource=https://purview.azure.net' | jq --raw-output '.access_token'" purviewtoken=$(curl --location --request GET "https://login.microsoftonline.com/$TENANTID/oauth2/token" --header 'Content-Type: application/x-www-form-urlencoded' --data-urlencode "client_id=$PURVIEWCLIENTID" --data-urlencode "client_secret=$PURVIEWCLIENTSECRET" --data-urlencode 'grant_type=client_credentials' --data-urlencode 'resource=https://purview.azure.net' | jq --raw-output '.access_token'); - echo $"Token is $purviewtoken." - echo $"curl --location --request GET "$PURVIEWURL/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="`$PURVIEWCOLLECTIONNAME`") | .name'" - collectionnamenotfound=$(curl --location --request GET "$PURVIEWURL/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="'$PURVIEWCOLLECTIONNAME'") | .name'); + #Strip /catalog from end of Purview URL + PURVIEWACCOUNTFQDN=${PURVIEWURL::-8} + echo $"curl --location --request GET "$PURVIEWACCOUNTFQDN/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="`$PURVIEWCOLLECTIONNAME`") | .name'" + collectionnamenotfound=$(curl --location --request GET "$PURVIEWACCOUNTFQDN/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="'$PURVIEWCOLLECTIONNAME'") | .name'); if [ -z "$collectionnamenotfound" ]; then err=$"The $PURVIEWCOLLECTIONNAME collection name provided could NOT be found. Exiting with error." echo $err From a5dbd480b89b31c803946a6412ee018105eafa54 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Fri, 2 Sep 2022 08:04:51 -0400 Subject: [PATCH 066/141] Fixed App admin search --- Azure-ARM/prereqcheck.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Azure-ARM/prereqcheck.sh b/Azure-ARM/prereqcheck.sh index 55939667..ce31bd28 100644 --- a/Azure-ARM/prereqcheck.sh +++ b/Azure-ARM/prereqcheck.sh @@ -142,11 +142,11 @@ if [ "$USEPURVIEW" = "Yes" ]; then echo $"curl --location --request GET "$PURVIEWACCOUNTFQDN/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="`$PURVIEWCOLLECTIONNAME`") | .name'" collectionnamenotfound=$(curl --location --request GET "$PURVIEWACCOUNTFQDN/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="'$PURVIEWCOLLECTIONNAME'") | .name'); if [ -z "$collectionnamenotfound" ]; then - err=$"The $PURVIEWCOLLECTIONNAME collection name provided could NOT be found. Exiting with error." + err=$"The "$PURVIEWCOLLECTIONNAME" collection name provided could NOT be found. Exiting with error." echo $err set_resultAndReturn; else - echo $"The $PURVIEWCOLLECTIONNAME collection name provided was found. Continuing checks." + echo $"The "$PURVIEWCOLLECTIONNAME" collection name provided was found. Continuing checks." fi fi @@ -176,7 +176,7 @@ fi #If Deployment Managed Identity will be creating the Azure AD application registration, make sure that the Application Administrator role is assigned to it. if [ "$UPDATEAAD" = "Yes" ]; then echo "Is the Deployment Managed Identity assigned the Application Administrator Role in Azure Active Directory?" - appDevRoleId=$(az rest --method get --url https://graph.microsoft.com/v1.0/directoryRoles/ | jq -r '.value[] | select(.displayName | contains("Application Administrator")).id') + appDevRoleId=$(az rest --method get --url https://graph.microsoft.com/v1.0/directoryRoles/ | jq -r '.value[] | select(.displayName == "Application Administrator").id') minameinrole=$(az rest --method GET --uri "https://graph.microsoft.com/beta/directoryRoles/$appDevRoleId/members" | jq -r '.value[] | select(.displayName | contains("'"$miname"'")).displayName') if [ -z "$minameinrole" ]; then err="The Deployment Managed Identity is NOT assigned the Application Administrator role in Azure Active Directory. Exiting with error. This role is required so that the Deployment Managed Identity can create the Azure AD Application registration. For more information please visit https://support.profisee.com/wikis/2022_r1_support/planning_your_managed_identity_configuration." From 549e2ed566beee959eed3d943e1238da738c1a6d Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Fri, 2 Sep 2022 10:23:16 -0400 Subject: [PATCH 067/141] Update prereqcheck.sh --- Azure-ARM/prereqcheck.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/Azure-ARM/prereqcheck.sh b/Azure-ARM/prereqcheck.sh index ce31bd28..6e346a69 100644 --- a/Azure-ARM/prereqcheck.sh +++ b/Azure-ARM/prereqcheck.sh @@ -139,7 +139,6 @@ if [ "$USEPURVIEW" = "Yes" ]; then purviewtoken=$(curl --location --request GET "https://login.microsoftonline.com/$TENANTID/oauth2/token" --header 'Content-Type: application/x-www-form-urlencoded' --data-urlencode "client_id=$PURVIEWCLIENTID" --data-urlencode "client_secret=$PURVIEWCLIENTSECRET" --data-urlencode 'grant_type=client_credentials' --data-urlencode 'resource=https://purview.azure.net' | jq --raw-output '.access_token'); #Strip /catalog from end of Purview URL PURVIEWACCOUNTFQDN=${PURVIEWURL::-8} - echo $"curl --location --request GET "$PURVIEWACCOUNTFQDN/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="`$PURVIEWCOLLECTIONNAME`") | .name'" collectionnamenotfound=$(curl --location --request GET "$PURVIEWACCOUNTFQDN/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="'$PURVIEWCOLLECTIONNAME'") | .name'); if [ -z "$collectionnamenotfound" ]; then err=$"The "$PURVIEWCOLLECTIONNAME" collection name provided could NOT be found. Exiting with error." From fb943fc0afc3b8ac57010fbcdd657585ee6d4bbd Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Fri, 2 Sep 2022 14:12:40 -0400 Subject: [PATCH 068/141] Remove b64enc for oidcproviders --- index.yaml | 4 ++-- profisee-platform-0.1.23.tgz | Bin 0 -> 5566 bytes profisee-platform/Chart.yaml | 2 +- .../templates/secret-oidcproviders.yaml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) create mode 100644 profisee-platform-0.1.23.tgz diff --git a/index.yaml b/index.yaml index 7bfd26d6..7c8bd76a 100644 --- a/index.yaml +++ b/index.yaml @@ -9,6 +9,6 @@ entries: name: profisee-platform type: application urls: - - https://profiseedev.github.io/kubernetes/profisee-platform-0.1.22.tgz - version: 0.1.22 + - https://profiseedev.github.io/kubernetes/profisee-platform-0.1.23.tgz + version: 0.1.23 generated: "2022-06-30T00:00:00.0-05:00" diff --git a/profisee-platform-0.1.23.tgz b/profisee-platform-0.1.23.tgz new file mode 100644 index 0000000000000000000000000000000000000000..cd62e62da86a8dd01198d62b6eaa5f5b385f34f1 GIT binary patch literal 5566 zcmV;v6+!ABiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PKBzZ{s$T`2KCc-+@18fo&huviuUKQ1SfkT*uo6o6Y9p?Dn2R zfr6G8n+;8BNy<*T&3*O*B~hYYEZd3Wbo+P~*d*d`IDDBQIUEjs&Tguz3y@UqedC&UG2)B%f54f=laXWMG`ExYC+;d1QD@Y?|VjL00gYK(vz#=&Jg ze!yisegLE3T`)nMB8fze!Z~t4VU*S6y^kCKeV6ZETfTH{_ zAPJDzr2<$Z|HmhGKPUgkZTsXP|N8*(nT!!%Ant&A4FCWlfo;4V|JV7&;Qgo(ef6M( z6DZI{ntJ-9ksb)djkJ&B(UpBZO} zutbxA@5eZLNFblE`!hP_NQkR|AO}bupePZGO9;p27lu98X!&@U4gLr?0s~j#1p=p- zBUkm1Q9l^S8RJ;qE9O3&oes0rcL_#Ro`sD)JU<&l4X>1R8$u`H)JQlV{5aAhUkQZ+{!H8TOZqDSprO)5!^wVC z31!R_(G;c@hlUe!p!8hhyD~(r?qbA5)0HBJ{U2kF-Ve^s%h447G1lPY_0Nqw&O_#d z@z+DWMzD*hKyNWYr%*x%ygol0jxNTd)4}yXO*ZI^VmS_%v=PE^`pyC91Ob;LD3J#+1#*S}ycK{l4*`w@ z3%HBGl(WDGka}PS7wS9o5C=YC*u8%v)Y|?Q-7i!@W)~P*IMY{}tV&70i%=a4$HWw$ z$;WhhZRCfB? zC(&H}jzlZeNm`3EZx_vE`q*xBxX%95>mO(Lf1S=rw|m(C?E}7iX##u$tWVLdKb(@H z)q!P9HlX?NP_LP`A_zU7d3tbIx8Dm3v(}Rcpf=*z?Uy&yz1%CN;pdA9`Nv>*NdUf*n)`GG9d}oREVnI zU%JzF2%F3Q96y)*A9wl%`EMWWzk7jd`OnS#&!Yy)g)z6RuoP}6hL2Ygd6JJ%5qT0{ zy@J?S{wJ7vm`)$F3|Kq=+b22s?{)f}gZ%FU_A>wf7>%73@*kGg^qJR8=9-DlU|3Uhg3P`+$AU|J7<>t7X6@8e+?J zMOJ@onfa^LBx~hAvex;rEy5*Gh;0?X8u{;a`gUIak9&vn-@U+N=l|G<+Z2*u#~P}!lM{Y(1#r7ie;E?(CkC((L4Asf{V@3*xv>Sgq5{c&K4#X++KXeU zZ^lF~vYslEh$fB>H_gq)ZQ|OZsw#;{&&Rcmy9rpx-$jL5+l)038TK6@iBMUdmA=cR zZqG=QRWy$HOq%-O$84PsKK!gtE1ujWhT%WYul70`rzmT<)#q8y$*n%YsNhzkRB#&~ zTRa=1G5tJ~iB9(kc0=id9L|wMT%;Zum&`Z?Xh`K6DUx>*T`DN;uFp_OlGjtm2vJU zbX`p|=n0kdWN%G=jhI_pKjozB0A*0M{*P5J79v3WvBv)m_Wvix-Msz3+if4#|NDU4 zOqcV;w6b29AioQ65tq$qQ_QnV|6w$C&cd-%y67iJ3KY>b*8I>-JU~V4mpYTu7f!3C zl9~&V3!VtQwO_nCJc3!0O4Z!!!TDNyF2u{KT=U8Wk@ zZ3z<%2M|nyyS0{yO8IB>22bbEe}e44S}*_IelKtTYj=+i`~ST_=Ke=2y#7BXC!PH|* zF$m;L?KZS0^_y^0@+Lw*D%qQr7pc9!b#dSbQ$Vmp9Fk_duq)C`J=e-;>MitonwsPw zAxZy)ez{}106#&+*C87ifFy=0W7w+E7K zj>v9n=1{t`b2vdH-AF;-FQpOQp&{6XBEFs@vsx13j9f-N;edW}7pY>Ow{nk{T&-{!l@QZ(j~eY$S9U>4JG#3B zJm%g;8+n2!9P;}XBtE9d=~^cR^vi&dOGdDJ?|=bW!g~QS8(%h`L+a%!(FCmtrY$kc ze{MA0M&a9Xh6w_KAmoE?-?o1M9s`d0pQ1*DW#(CgZt?HcnpYIcjangdY}v$=V2bkF z>A50s3FXWIjn3u4W#`;cQVn zkd2OGv)JX#np_QJbOi+En@}IVW{z|7XSZLiAH=^aRL%dfJ?n|qpY`@1`=pbf|Ly+4 z|7$O>#{OHl!8@E^zl4Z8t0&KBIkPr1 zV}_y^nGG*Fy1~XN(geDTU19JTo&r{$l)1zUZH(cm9QYGV`aMM5!@6Vluz~#FV1m+ERf*sK=2~E# z{CD&5Upw8Clf(W0y}%~&udg3e$@z*wVo3WlI%Xsq0{jV*L)DjV*{=h(mw)XKutWLp z^a}ESe3<|D0?#D>>2<4(<^Pc`VI{Kv(rx-R!G`iLW{^ME`Hy{U=i`61?am?o*IuB) z|09h+S9Je)s;UUblc5}Vm=T?utMNX)wcJ`+-j_n}-PlFBQ-?*3gJoew-NiqIo_i+DfFR-or zm*B6tguJoZD0y0;N`qvs3nxhNO9rOWh-0Ydy~5%*6>^yG(ETbeufL^Ush0onn(%YS z|FD&?=lwsA5B8tEz$(FvFNjx8;pr{%`0{6bdpvXX(|pf`aj9?gN4L$tj{{%%oJr;~ z;(+VnWl2!50!{rgh7L0wW^(l(4!B?x{cU9QIiXViC6wqUAVeVf6eUnC|LsoC&d>jy zcIPnv?*%Gi`i+K>fXa9Q zuqIewv6f(M2*G;hjg^fb)-&UM6haPe@f6*kfUqUvCb@Xcl0;tFWmv+pkc7)9>NZ#v z>rO|yQ%&8B5{+0Voc)emiE=Sb!uLqB@#ys9NySL{6|X66mo;~!nPorY@0>7Nq+1&4 z#>fm-1f*GU5Mu_Ki5M|%Q|L1DK>~G%K!qAc28_riZy}f+wKDu)X+=s34{_C}E$?%w zKgT*>TFqiaobrZRimjUoF2#sIA+h@-Veai%GMu zmT(Fl9vZn)N`jw;kfIU1KokkplauVQLU)A+KFWioM(gAy;$nsfDW?7ZX8s!h_~x5$ zenPStui%qb`qom@c_2WOBJgG`neQX-&9`4Tk^!ehI`#u10)3G)&X(YfHp}Vh7+?WB zwxn+|!$qkz49O`X@ZOk2Y!gS~IbwlKl8-YZb=CZ{GPY~wY?2A(I*bC&o2jdUp;qen zJkbKewu-z`vNNT*&aZEaC}lCjw$qV&Z_!Gg(w@nOs zC1Y>J^Nt!8ss(avfMh~_hwh7vlrd9y!_tJRXC_xNdzpE_bJxuJCDhBAE%K3Pw(83G z?zvximA$eeoAJ15&7QAsRtD;LRPEOHo$2_$``YBL9aPq#oRii3jtg%v?vUr=1CNy) z=XrVjBvbUY+I9O!OnG*+&O z#5PRm9NV*z!MGiL|Jjx1{V)mz1~Xml@afPG;o+W)N?B6B>YjPELJ z=eqO1<9;swL;Ki1KKTFa1&+WaloD|&fMg)*cCefw3MK(29;Q>^L-!U=k+ABuBXB*# zLO-i2Kxmi%Q^F>ZH6PRIcYq@TC0?K~a<%atQcqE!Xc}6a!8d*w&l-7PiRBFZzi%y| zcH@B2Fsot;_=p37DYEJ{>va5EXrog^hHO4(6nq+vfrq)M*Q_a)t>{NoiF(bN{J~q% zkL1&A+6w8$_aOg! zfuq3pphUo(K^|T24fOzZIa0elAZI9!0S|1eZQa#tN0I@TBb7-d%IP1V3Dles(NNg~ zpD?I|eT-yNKPn0eL#`1g6hgb0ptvezm~8b-~b0Wzz*U60ssL2 M|GoW Date: Fri, 2 Sep 2022 17:14:48 -0400 Subject: [PATCH 069/141] Reverted change --- index.yaml | 4 ++-- profisee-platform-0.1.23.tgz | Bin 5566 -> 0 bytes profisee-platform/Chart.yaml | 2 +- .../templates/secret-oidcproviders.yaml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) delete mode 100644 profisee-platform-0.1.23.tgz diff --git a/index.yaml b/index.yaml index 7c8bd76a..7bfd26d6 100644 --- a/index.yaml +++ b/index.yaml @@ -9,6 +9,6 @@ entries: name: profisee-platform type: application urls: - - https://profiseedev.github.io/kubernetes/profisee-platform-0.1.23.tgz - version: 0.1.23 + - https://profiseedev.github.io/kubernetes/profisee-platform-0.1.22.tgz + version: 0.1.22 generated: "2022-06-30T00:00:00.0-05:00" diff --git a/profisee-platform-0.1.23.tgz b/profisee-platform-0.1.23.tgz deleted file mode 100644 index cd62e62da86a8dd01198d62b6eaa5f5b385f34f1..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 5566 zcmV;v6+!ABiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PKBzZ{s$T`2KCc-+@18fo&huviuUKQ1SfkT*uo6o6Y9p?Dn2R zfr6G8n+;8BNy<*T&3*O*B~hYYEZd3Wbo+P~*d*d`IDDBQIUEjs&Tguz3y@UqedC&UG2)B%f54f=laXWMG`ExYC+;d1QD@Y?|VjL00gYK(vz#=&Jg ze!yisegLE3T`)nMB8fze!Z~t4VU*S6y^kCKeV6ZETfTH{_ zAPJDzr2<$Z|HmhGKPUgkZTsXP|N8*(nT!!%Ant&A4FCWlfo;4V|JV7&;Qgo(ef6M( z6DZI{ntJ-9ksb)djkJ&B(UpBZO} zutbxA@5eZLNFblE`!hP_NQkR|AO}bupePZGO9;p27lu98X!&@U4gLr?0s~j#1p=p- zBUkm1Q9l^S8RJ;qE9O3&oes0rcL_#Ro`sD)JU<&l4X>1R8$u`H)JQlV{5aAhUkQZ+{!H8TOZqDSprO)5!^wVC z31!R_(G;c@hlUe!p!8hhyD~(r?qbA5)0HBJ{U2kF-Ve^s%h447G1lPY_0Nqw&O_#d z@z+DWMzD*hKyNWYr%*x%ygol0jxNTd)4}yXO*ZI^VmS_%v=PE^`pyC91Ob;LD3J#+1#*S}ycK{l4*`w@ z3%HBGl(WDGka}PS7wS9o5C=YC*u8%v)Y|?Q-7i!@W)~P*IMY{}tV&70i%=a4$HWw$ z$;WhhZRCfB? zC(&H}jzlZeNm`3EZx_vE`q*xBxX%95>mO(Lf1S=rw|m(C?E}7iX##u$tWVLdKb(@H z)q!P9HlX?NP_LP`A_zU7d3tbIx8Dm3v(}Rcpf=*z?Uy&yz1%CN;pdA9`Nv>*NdUf*n)`GG9d}oREVnI zU%JzF2%F3Q96y)*A9wl%`EMWWzk7jd`OnS#&!Yy)g)z6RuoP}6hL2Ygd6JJ%5qT0{ zy@J?S{wJ7vm`)$F3|Kq=+b22s?{)f}gZ%FU_A>wf7>%73@*kGg^qJR8=9-DlU|3Uhg3P`+$AU|J7<>t7X6@8e+?J zMOJ@onfa^LBx~hAvex;rEy5*Gh;0?X8u{;a`gUIak9&vn-@U+N=l|G<+Z2*u#~P}!lM{Y(1#r7ie;E?(CkC((L4Asf{V@3*xv>Sgq5{c&K4#X++KXeU zZ^lF~vYslEh$fB>H_gq)ZQ|OZsw#;{&&Rcmy9rpx-$jL5+l)038TK6@iBMUdmA=cR zZqG=QRWy$HOq%-O$84PsKK!gtE1ujWhT%WYul70`rzmT<)#q8y$*n%YsNhzkRB#&~ zTRa=1G5tJ~iB9(kc0=id9L|wMT%;Zum&`Z?Xh`K6DUx>*T`DN;uFp_OlGjtm2vJU zbX`p|=n0kdWN%G=jhI_pKjozB0A*0M{*P5J79v3WvBv)m_Wvix-Msz3+if4#|NDU4 zOqcV;w6b29AioQ65tq$qQ_QnV|6w$C&cd-%y67iJ3KY>b*8I>-JU~V4mpYTu7f!3C zl9~&V3!VtQwO_nCJc3!0O4Z!!!TDNyF2u{KT=U8Wk@ zZ3z<%2M|nyyS0{yO8IB>22bbEe}e44S}*_IelKtTYj=+i`~ST_=Ke=2y#7BXC!PH|* zF$m;L?KZS0^_y^0@+Lw*D%qQr7pc9!b#dSbQ$Vmp9Fk_duq)C`J=e-;>MitonwsPw zAxZy)ez{}106#&+*C87ifFy=0W7w+E7K zj>v9n=1{t`b2vdH-AF;-FQpOQp&{6XBEFs@vsx13j9f-N;edW}7pY>Ow{nk{T&-{!l@QZ(j~eY$S9U>4JG#3B zJm%g;8+n2!9P;}XBtE9d=~^cR^vi&dOGdDJ?|=bW!g~QS8(%h`L+a%!(FCmtrY$kc ze{MA0M&a9Xh6w_KAmoE?-?o1M9s`d0pQ1*DW#(CgZt?HcnpYIcjangdY}v$=V2bkF z>A50s3FXWIjn3u4W#`;cQVn zkd2OGv)JX#np_QJbOi+En@}IVW{z|7XSZLiAH=^aRL%dfJ?n|qpY`@1`=pbf|Ly+4 z|7$O>#{OHl!8@E^zl4Z8t0&KBIkPr1 zV}_y^nGG*Fy1~XN(geDTU19JTo&r{$l)1zUZH(cm9QYGV`aMM5!@6Vluz~#FV1m+ERf*sK=2~E# z{CD&5Upw8Clf(W0y}%~&udg3e$@z*wVo3WlI%Xsq0{jV*L)DjV*{=h(mw)XKutWLp z^a}ESe3<|D0?#D>>2<4(<^Pc`VI{Kv(rx-R!G`iLW{^ME`Hy{U=i`61?am?o*IuB) z|09h+S9Je)s;UUblc5}Vm=T?utMNX)wcJ`+-j_n}-PlFBQ-?*3gJoew-NiqIo_i+DfFR-or zm*B6tguJoZD0y0;N`qvs3nxhNO9rOWh-0Ydy~5%*6>^yG(ETbeufL^Ush0onn(%YS z|FD&?=lwsA5B8tEz$(FvFNjx8;pr{%`0{6bdpvXX(|pf`aj9?gN4L$tj{{%%oJr;~ z;(+VnWl2!50!{rgh7L0wW^(l(4!B?x{cU9QIiXViC6wqUAVeVf6eUnC|LsoC&d>jy zcIPnv?*%Gi`i+K>fXa9Q zuqIewv6f(M2*G;hjg^fb)-&UM6haPe@f6*kfUqUvCb@Xcl0;tFWmv+pkc7)9>NZ#v z>rO|yQ%&8B5{+0Voc)emiE=Sb!uLqB@#ys9NySL{6|X66mo;~!nPorY@0>7Nq+1&4 z#>fm-1f*GU5Mu_Ki5M|%Q|L1DK>~G%K!qAc28_riZy}f+wKDu)X+=s34{_C}E$?%w zKgT*>TFqiaobrZRimjUoF2#sIA+h@-Veai%GMu zmT(Fl9vZn)N`jw;kfIU1KokkplauVQLU)A+KFWioM(gAy;$nsfDW?7ZX8s!h_~x5$ zenPStui%qb`qom@c_2WOBJgG`neQX-&9`4Tk^!ehI`#u10)3G)&X(YfHp}Vh7+?WB zwxn+|!$qkz49O`X@ZOk2Y!gS~IbwlKl8-YZb=CZ{GPY~wY?2A(I*bC&o2jdUp;qen zJkbKewu-z`vNNT*&aZEaC}lCjw$qV&Z_!Gg(w@nOs zC1Y>J^Nt!8ss(avfMh~_hwh7vlrd9y!_tJRXC_xNdzpE_bJxuJCDhBAE%K3Pw(83G z?zvximA$eeoAJ15&7QAsRtD;LRPEOHo$2_$``YBL9aPq#oRii3jtg%v?vUr=1CNy) z=XrVjBvbUY+I9O!OnG*+&O z#5PRm9NV*z!MGiL|Jjx1{V)mz1~Xml@afPG;o+W)N?B6B>YjPELJ z=eqO1<9;swL;Ki1KKTFa1&+WaloD|&fMg)*cCefw3MK(29;Q>^L-!U=k+ABuBXB*# zLO-i2Kxmi%Q^F>ZH6PRIcYq@TC0?K~a<%atQcqE!Xc}6a!8d*w&l-7PiRBFZzi%y| zcH@B2Fsot;_=p37DYEJ{>va5EXrog^hHO4(6nq+vfrq)M*Q_a)t>{NoiF(bN{J~q% zkL1&A+6w8$_aOg! zfuq3pphUo(K^|T24fOzZIa0elAZI9!0S|1eZQa#tN0I@TBb7-d%IP1V3Dles(NNg~ zpD?I|eT-yNKPn0eL#`1g6hgb0ptvezm~8b-~b0Wzz*U60ssL2 M|GoW Date: Fri, 2 Sep 2022 17:34:14 -0400 Subject: [PATCH 070/141] typo --- Azure-ARM/deployprofisee.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index de9bed5f..50b0b560 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -172,7 +172,7 @@ if [ "$USEKEYVAULT" = "Yes" ]; then akskvidentityClientId=$(az identity create -g $AKSINFRARESOURCEGROUPNAME -n $identityName --query 'clientId' -o tsv); akskvidentityClientResourceId=$(az identity show -g $AKSINFRARESOURCEGROUPNAME -n $identityName --query 'id' -o tsv) principalId=$(az identity show -g $AKSINFRARESOURCEGROUPNAME -n $identityName --query 'principalId' -o tsv) - echo $"Key VAult Specific Managed Identity configuration for Key Vault access step 2 finished." + echo $"Key VAult Specific Managed Identity configuration for Key Vault access step 2 finished." echo $"Key Vault Specific Managed Identity configuration for KV access step 3 started." echo "Sleeping for 60 seconds to wait for MI to be ready" @@ -193,7 +193,7 @@ if [ "$USEKEYVAULT" = "Yes" ]; then #If Key Vault is RBAC based, assign Key Vault Secrets User role to the Key Vault Specific Managed Identity, otherwise assign Get policies for Keys, Secrets and Certificates. if [ "$rbacEnabled" = true ]; then - echo $"Setting Key Vault Secrets User RBAC role to the Key Vault Specific Managed Idenity." + echo $"Setting Key Vault Secrets User RBAC role to the Key Vault Specific Managed Identity." echo "Running az role assignment create --role 'Key Vault Secrets User' --assignee $principalId --scope $KEYVAULT" az role assignment create --role "Key Vault Secrets User" --assignee $principalId --scope $KEYVAULT else From f5ee168da69a81050020ae119872810ad2e1d401 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Fri, 2 Sep 2022 17:50:56 -0400 Subject: [PATCH 071/141] remove keyvault pod check It's part of the install, no need to find and delete it. --- Azure-ARM/deployprofisee.sh | 17 +++-------------- 1 file changed, 3 insertions(+), 14 deletions(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index 50b0b560..af4eed9c 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -505,20 +505,9 @@ if [ "$profiseepresent" = "profiseeplatform" ]; then sleep 30; fi -echo "If we are using Key Vault and Profisee was uninstalled, then the profisee-license, profisee-sql-username, profisee-sql-password and profisee-tls-ingress secrets are missing. We need to find and restart the key-vault pod so that we can re-pull and re-mount the secrets." -#Find and delete the key-vault pod -if [ "$USEKEYVAULT" = "Yes" ]; then - findkvpod=$(kubectl get pods -n profisee -o jsonpath='{.items[?(@.metadata.labels.app=="profisee-keyvault")].metadata.name}') - if [ "$findkvpod" = "$findkvpod" ]; then - echo $"Profisee Key Vault pod name is $findkvpod, deleting it." - kubectl delete pod -n profisee $findkvpod --force --grace-period=0 - echo "Now let's install Profisee." - helm install -n profisee profiseeplatform profisee/profisee-platform --values Settings.yaml - fi -else - echo "Now let's install Profisee." - helm install -n profisee profiseeplatform profisee/profisee-platform --values Settings.yaml -fi +echo "Now let's install Profisee." +helm install -n profisee profiseeplatform profisee/profisee-platform --values Settings.yaml + kubectl delete secret profisee-deploymentlog -n profisee --ignore-not-found kubectl create secret generic profisee-deploymentlog -n profisee --from-file=$logfile From 717703431f8c766c01ed5ba69f05ada6d976b9c7 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Fri, 2 Sep 2022 17:59:16 -0400 Subject: [PATCH 072/141] fixed collection id --- Azure-ARM/deployprofisee.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index af4eed9c..105a8177 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -393,7 +393,10 @@ if [ "$USEPURVIEW" = "Yes" ]; then purviewtoken=$(curl --location --request GET "https://login.microsoftonline.com/$TENANTID/oauth2/token" --header 'Content-Type: application/x-www-form-urlencoded' --data-urlencode "client_id=$PURVIEWCLIENTID" --data-urlencode "client_secret=$PURVIEWCLIENTSECRET" --data-urlencode 'grant_type=client_credentials' --data-urlencode 'resource=https://purview.azure.net' | jq --raw-output '.access_token'); echo "Token acquired." echo "Find collection Id."; - COLLECTIONID=$(curl --location --request GET "$PURVIEWURL/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="'$PURVIEWCOLLECTIONNAME'") | .name'); + echo $"Stripping /catalog from $PURVIEWURL." + PURVIEWACCOUNTFQDN=${PURVIEWURL::-8} + echo $"Purview account name is $PURVIEWACCOUNTFQDN. Using it." + COLLECTIONID=$(curl --location --request GET "$PURVIEWACCOUNTFQDN/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="'$PURVIEWCOLLECTIONNAME'") | .name') echo $"Collection id is $COLLECTIONID, using that."; echo "Obtain collection id from provided collection friendly name completed."; fi From 3f424d63da3bacaeaf403f85247d21c28f60e497 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Fri, 2 Sep 2022 18:36:02 -0400 Subject: [PATCH 073/141] Update deployprofisee.sh --- Azure-ARM/deployprofisee.sh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index 105a8177..c523849f 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -506,10 +506,12 @@ if [ "$profiseepresent" = "profiseeplatform" ]; then helm -n profisee uninstall profiseeplatform; echo "Will sleep for 30 seconds to allow clean uninstall." sleep 30; +else + echo "Profisee is not installed, proceeding to install it." + helm -n profisee install profiseeplatform profisee/profisee-platform --values Settings.yaml + fi -echo "Now let's install Profisee." -helm install -n profisee profiseeplatform profisee/profisee-platform --values Settings.yaml kubectl delete secret profisee-deploymentlog -n profisee --ignore-not-found From aa18c216f137dc620450d962bdf738eb15449883 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Fri, 2 Sep 2022 18:36:29 -0400 Subject: [PATCH 074/141] Update deployprofisee.sh --- Azure-ARM/deployprofisee.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index c523849f..7df9532f 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -511,8 +511,6 @@ else helm -n profisee install profiseeplatform profisee/profisee-platform --values Settings.yaml fi - - kubectl delete secret profisee-deploymentlog -n profisee --ignore-not-found kubectl create secret generic profisee-deploymentlog -n profisee --from-file=$logfile From 9e4e4d0bdf7379cc0a1d43bd5ab259bda40047a0 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Fri, 2 Sep 2022 18:39:32 -0400 Subject: [PATCH 075/141] fixed repo --- index.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.yaml b/index.yaml index 7bfd26d6..f7056045 100644 --- a/index.yaml +++ b/index.yaml @@ -9,6 +9,6 @@ entries: name: profisee-platform type: application urls: - - https://profiseedev.github.io/kubernetes/profisee-platform-0.1.22.tgz + - https://profiseeadmin.github.io/kubernetes/profisee-platform-0.1.22.tgz version: 0.1.22 generated: "2022-06-30T00:00:00.0-05:00" From c03ec2759f9441c62390c108061c8035872207ca Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Sat, 3 Sep 2022 06:36:15 -0400 Subject: [PATCH 076/141] tweaks to naming convention --- Azure-ARM/Settings.yaml | 2 +- Azure-ARM/azuredeploy.json | 12 ++++++------ Azure-ARM/azuredeploy.parameters.json | 2 +- Azure-ARM/createUIDefinition.json | 4 ++-- Azure-ARM/deployprofisee.sh | 4 ++-- Azure-ARM/prereqcheck.sh | 8 ++++---- index.yaml | 4 ++-- profisee-platform-0.1.23.tgz | Bin 0 -> 5579 bytes profisee-platform/Chart.yaml | 2 +- profisee-platform/templates/secret-purview.yaml | 2 +- .../templates/statefullset-profisee.yaml | 4 ++-- 11 files changed, 22 insertions(+), 22 deletions(-) create mode 100644 profisee-platform-0.1.23.tgz diff --git a/Azure-ARM/Settings.yaml b/Azure-ARM/Settings.yaml index 08a80c16..014f2ba0 100644 --- a/Azure-ARM/Settings.yaml +++ b/Azure-ARM/Settings.yaml @@ -89,7 +89,7 @@ cloud: clientSecret: "$PURVIEWCLIENTSECRET" tenantId: "$PURVIEWTENANTID" url: "$PURVIEWURL" - purviewCollectionId: "$PURVIEWCOLLECTIONNAME" + purviewCollectionId: "$PURVIEWCOLLECTIONID" aws: isProvider: false google: diff --git a/Azure-ARM/azuredeploy.json b/Azure-ARM/azuredeploy.json index c201238c..0c07ee88 100644 --- a/Azure-ARM/azuredeploy.json +++ b/Azure-ARM/azuredeploy.json @@ -29,7 +29,7 @@ "defaultValue": "", "type": "String" }, - "PurviewCollectionName": { + "PurviewCollectionFriendlyName": { "defaultValue": "", "type": "String" }, @@ -230,7 +230,7 @@ "UsePurview":"[parameters('UsePurview')]", "PurviewUrl":"[parameters('PurviewUrl')]", - "PurviewCollectionName":"[parameters('PurviewCollectionName')]", + "PurviewCollectionFriendlyName":"[parameters('PurviewCollectionFriendlyName')]", "PurviewClientId":"[parameters('PurviewClientId')]", "PurviewClientSecret":"[parameters('PurviewClientSecret')]", "PurviewAccountResourceGroup":"[parameters('PurviewAccountResourceGroup')]" @@ -297,8 +297,8 @@ "value": "[variables('PurviewUrl')]" }, { - "name": "PURVIEWCOLLECTIONNAME", - "value": "[variables('PurviewCollectionName')]" + "name": "PURVIEWCOLLECTIONFFRIENDLYNAME", + "value": "[variables('PurviewCollectionFriendlyName')]" }, { "name": "PURVIEWCLIENTID", @@ -770,8 +770,8 @@ "value": "[variables('PurviewUrl')]" }, { - "name": "PURVIEWCOLLECTIONNAME", - "value": "[variables('PurviewCollectionName')]" + "name": "PURVIEWCOLLECTIONFRIENDLYNAME", + "value": "[variables('PurviewCollectionFriendlyName')]" }, { "name": "PURVIEWCLIENTID", diff --git a/Azure-ARM/azuredeploy.parameters.json b/Azure-ARM/azuredeploy.parameters.json index 477f9d45..51957084 100644 --- a/Azure-ARM/azuredeploy.parameters.json +++ b/Azure-ARM/azuredeploy.parameters.json @@ -26,7 +26,7 @@ "PurviewUrl": { "value": "" }, - "PurviewCollectionName": { + "PurviewCollectionFriendlyName": { "value": "" }, "PurviewClientId": { diff --git a/Azure-ARM/createUIDefinition.json b/Azure-ARM/createUIDefinition.json index 3200428d..b9100b77 100644 --- a/Azure-ARM/createUIDefinition.json +++ b/Azure-ARM/createUIDefinition.json @@ -287,7 +287,7 @@ } }, { - "name": "PurviewCollectionName", + "name": "PurviewCollectionFriendlyName", "type": "Microsoft.Common.TextBox", "label": "Purview Collection Friendly Name", "defaultValue": "", @@ -1022,7 +1022,7 @@ "UsePurview":"[steps('profisee').UsePurview]", "PurviewUrl":"[steps('profisee').GetPurviewUrlRestApiResponse.properties.endpoints.catalog]", "PurviewClientId":"[steps('profisee').PurviewClientID]", - "PurviewCollectionName":"[steps('profisee').PurviewCollectionName]", + "PurviewCollectionFriendlyName":"[steps('profisee').PurviewCollectionFriendlyName]", "PurviewClientSecret":"[steps('profisee').PurviewClientSecret]", "PurviewAccountResourceGroup":"[last(take(split(steps('profisee').PurviewAccountName.id, '/'), 5))]", "ProfiseeWebAppName":"[steps('profisee').ProfiseeWebAppName]" diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index 7df9532f..259f7897 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -396,7 +396,7 @@ if [ "$USEPURVIEW" = "Yes" ]; then echo $"Stripping /catalog from $PURVIEWURL." PURVIEWACCOUNTFQDN=${PURVIEWURL::-8} echo $"Purview account name is $PURVIEWACCOUNTFQDN. Using it." - COLLECTIONID=$(curl --location --request GET "$PURVIEWACCOUNTFQDN/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="'$PURVIEWCOLLECTIONNAME'") | .name') + COLLECTIONID=$(curl --location --request GET "$PURVIEWACCOUNTFQDN/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="'$PURVIEWCOLLECTIONFRIENDLYNAME'") | .name') echo $"Collection id is $COLLECTIONID, using that."; echo "Obtain collection id from provided collection friendly name completed."; fi @@ -437,7 +437,7 @@ sed -i -e 's/$ACRREPONAME/'"$ACRREPONAME"'/g' Settings.yaml sed -i -e 's/$ACRREPOLABEL/'"$ACRREPOLABEL"'/g' Settings.yaml sed -i -e 's~$PURVIEWURL~'"$PURVIEWURL"'~g' Settings.yaml sed -i -e 's/$PURVIEWTENANTID/'"$TENANTID"'/g' Settings.yaml -sed -i -e 's/$PURVIEWCOLLECTIONNAME/'"$COLLECTIONID"'/g' Settings.yaml +sed -i -e 's/$PURVIEWCOLLECTIONID/'"$COLLECTIONID"'/g' Settings.yaml sed -i -e 's/$PURVIEWCLIENTID/'"$PURVIEWCLIENTID"'/g' Settings.yaml sed -i -e 's/$PURVIEWCLIENTSECRET/'"$PURVIEWCLIENTSECRET"'/g' Settings.yaml sed -i -e 's/$WEBAPPNAME/'"$WEBAPPNAME"'/g' Settings.yaml diff --git a/Azure-ARM/prereqcheck.sh b/Azure-ARM/prereqcheck.sh index 6e346a69..f6527bea 100644 --- a/Azure-ARM/prereqcheck.sh +++ b/Azure-ARM/prereqcheck.sh @@ -38,7 +38,7 @@ echo $"USEKEYVAULT is $USEKEYVAULT" echo $"KEYVAULT is $KEYVAULT" echo $"USEPURVIEW is $USEPURVIEW" echo $"PURVIEWURL is $PURVIEWURL" -echo $"PURVIEWCOLLECTIONNAME is $PURVIEWCOLLECTIONNAME" +echo $"PURVIEWCOLLECTIONFRIENDLYNAME is $PURVIEWCOLLECTIONFRIENDLYNAME" echo $"PURVIEWCLIENTID is $PURVIEWCLIENTID" echo $"PURVIEWCLIENTSECRET is $PURVIEWCLIENTSECRET" echo $"TENANTID is $TENANTID" @@ -135,17 +135,17 @@ if [ "$USEPURVIEW" = "Yes" ]; then fi #Check if the provided Purview Collection name exists. #Acquire token - echo "Checking if provided Purview collection name exists." + echo "Checking if provided Purview collection friendly name exists." purviewtoken=$(curl --location --request GET "https://login.microsoftonline.com/$TENANTID/oauth2/token" --header 'Content-Type: application/x-www-form-urlencoded' --data-urlencode "client_id=$PURVIEWCLIENTID" --data-urlencode "client_secret=$PURVIEWCLIENTSECRET" --data-urlencode 'grant_type=client_credentials' --data-urlencode 'resource=https://purview.azure.net' | jq --raw-output '.access_token'); #Strip /catalog from end of Purview URL PURVIEWACCOUNTFQDN=${PURVIEWURL::-8} collectionnamenotfound=$(curl --location --request GET "$PURVIEWACCOUNTFQDN/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="'$PURVIEWCOLLECTIONNAME'") | .name'); if [ -z "$collectionnamenotfound" ]; then - err=$"The "$PURVIEWCOLLECTIONNAME" collection name provided could NOT be found. Exiting with error." + err=$"The "$PURVIEWCOLLECTIONFRIENDLYNAME" collection name provided could NOT be found. Exiting with error." echo $err set_resultAndReturn; else - echo $"The "$PURVIEWCOLLECTIONNAME" collection name provided was found. Continuing checks." + echo $"The "$PURVIEWCOLLECTIONFRIENDLYNAME" collection name provided was found. Continuing checks." fi fi diff --git a/index.yaml b/index.yaml index f7056045..61e8f95a 100644 --- a/index.yaml +++ b/index.yaml @@ -9,6 +9,6 @@ entries: name: profisee-platform type: application urls: - - https://profiseeadmin.github.io/kubernetes/profisee-platform-0.1.22.tgz - version: 0.1.22 + - https://profiseeadmin.github.io/kubernetes/profisee-platform-0.1.23.tgz + version: 0.1.23 generated: "2022-06-30T00:00:00.0-05:00" diff --git a/profisee-platform-0.1.23.tgz b/profisee-platform-0.1.23.tgz new file mode 100644 index 0000000000000000000000000000000000000000..0cb8cf88bb010af1f198abd11515f1ee29eb3d57 GIT binary patch literal 5579 zcmV;+6*TG}iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PKDLZ`(Mscz-tF|A8N;Kz9#kS+)~rp~HRN^E&Qc&@|19)9$;6 z1s1f#*xb;hN>X;S-Mqj3fs!auUo6>)<6Lh&1)4-8hr=&3@}e8Cx3RW?!dAe9uh9cz6`$&!9NgL09VZsaLYKj zisuiwisuht6ub+jh*KnyXi&I74k*mBhP?NY1EB8{>_UaRvDEe2R@dtF8!z26e-0?} z{}Pe_iCqeS8vZ{ywFf!=Kk0Vu1OM*>#Ah-=e2KUNnhgK|h#0o@dh%Zvm&5ntR`k__ z5>BB&muc$Rk4AbR5I533PR7?pst<)&G42_uSHsEV=MUFst!6_{!RvtD;01CLj2B3X zF?IR9FCFmu<79j>zL|_KN7w(nx`{GDZ-MF1by+~ALOwiue||X}jXr$5yfNy(#ROd= zp9w4(zmF>j%SS~uK=J@ZiCA1gI5EF4?72qI$J1>1d%zJGx)LuD zIKv#dYJ`mT!9dO#$MRkg_u>3(lx@CCFrxB2?CjCS`S|kY{H%~XK`uv9BZ#t1#-r=; zO>T4*Q6mEJ!U3(hl)lsH2zQPaP*`6UL@?-EjL$kN(dpUtNyk3v;Be67eaBVBL`PxB zAwBn=jxzdoixJNZJs08BeH#85ULu;Ko4{RQ76H%UMGJ_@&U)A-fslw_G7pU+3D9je zjF0hjBY1(ONamjF2M*}kwyi%b&_YQC(6wW!!qMjdi9(TLe%pSpTh?sg1)S+BIhtW1 zRi>7fZWdHi-Q^Z$EuATmNJ?~#t`&D1Oef*YNVpjOIMy>?F@*#ENc;6``YQmSrP4*q z$$nJ{WyBP-shpY}T24rTl5?%UmSxo9F3y-py3)+y_{TZN?}z6X<=GVdajxOVn}4+O zc^)z!jK3b54T4=n1$v7KI)f5A;Pu7%XnZ*tpABz@YOz7*6w67trHwL-W`F;Cv*9x# z%Ttu(O3}r={#6fqT&*Nxgt$!7U*B9zM&s+7Fy$S(&m_DX|5Fup2@AY<#)JcsOgJpA zI9p;*Ez7A04dux@bpHtkL^|LW5|O0b>Cb6rXwGrK(IOBMOc8K7f)aTEQy}LEz&imb z^AO-juzpi4! zhCFZ{k1qJ&BMv3wtthup*~3At$^KW+`h>X*AOY{8JI54(5u=jhX`qsgDHr27Pv%o* z<}GrmRefDHQT%`}FB_!~g&$KPA$5}t)YZr9Pv_&G&o3u8 z!^_b)x4ToD;Ajt}GyXW7jMGgCT!~UH&U6`?icgFL3uN}hjIkLh7Xg{VGZ#gLHM4-` z6LjUG{wL8w{f+T0(Vb)o8n~gh6JqLsvdo2^1jRlfW>5xuF z$%J>}ZmDs!nhoJ2ts_MCAzSa1;&tTA0bjqC(W;j}E1@V|d%(kk-Y z0fX70iLqq!5UG|Vv>;X?ZRc8O?N}oMw(%{lowkW>BA^YClYWLvCzAu4q7_&&R}C zS$lEJ_3aqxW!6(g64A!d;ijo<+$F9ps;QEQ^n6^~xZ8k*^j%hnwarKakzwBfk_c7g zS@FAE>i&!*Sw-iF&!nvne$3wa;KR@QwBpHKVi^AO^lGo8Nt&gGT791NoYd+Qj0$RX zmI`X)V~b}aG{&DNGLh*%!EVTXki!L%h>O%CP_l=^>sdS5svXoZGr!$o8m zA8+U^8`$D$@2KFXf5Y}ClR_6qDq9w3lmjj!6y-<6UWqLYE$fh))WdfIBsPvWAO=R4Uw7L z>CQNJ6k6BPO!fpzda_qjUT4g0uAg$!b$~Lc+W*I*7Yh*}{#fJx2KxW$Nk4D@@ArF$ z{r^57x6?hUpjcyU)Cvn9-c9dy`?%NP#jBO|)^M z=rYyHswGUc96&G)zSLSKD*2z$TRdAp{|UVRs-FM*gX6sYuiGCS^#8p;=Ke>@z2V5e zhyEH{U8-6kDKVXiX2Zy1=sViCJYDV+hx2e#{>SHlNu;+2M!~b#;k>-4>5g8G;-f%6 zW9qS$7zT2#v<>Y^{U%gO-bC4tN_4aGDz*2wt_~bw3J8{nL(+~nc14`2=UN#~twPu1 z)F_7;hxZg`UT&L?@#P&floGo01)?(bjK4_S&DUej`qEq4Lp@u`QB^Hv{ajPaBRYRw z&1EA}Q~M)^skCzwhyN{lH!f2?hGXr&e>n+#($?e6-T)}a_Os#SzaCS16=2Q0@;t02 z1SB7PM9;kuqZGM`5m3Cv1UcZ1>-?ga_!ovf*ZNH``X-C!1NPiHQo^$9rHDc?Os@~r z;7KkTteMFQTk6(XgG{>xY%yO`{Mu`AqdKC@o6k&D&ByFjhnjja7bDj9^hfim!v-kh zyz3FZ&0TM(!I`}cu^#OO+y-mrBE)*6W8+>!4aW2eL>ArX!}}`|h+k)}UNhg=ptE@M z% zBx;Vxsx=EJ-T4KaB9ban(DzGmgm-8NcApIM*_d<8ZYo z9>_+=vDw_^#F|tMWpo7u<-1THzGjYd^Jll;tRKXm6{^<%*q-%7>rcJ?$3E@l*MEC( z@c-Hi)YyLum%IxmV2b35@jFasMenb3?LSeqB`};UAf-%(tE3h_*)=cDY88#DN0k{v z8Pzd@jkIS_q7{sd#UUO`m&s!CIs0@i6S8~*0R&H$7WxRK8gE>p@$G11LJ1I3f^|P$^xZ(jp zW_25yx6Eq72m^W-<3l-5_cYs$prXMKcZ8kqtiOD3B0(f`ke}q+#Dezl(D@IA?{x-Y z&M`ybi_C^s9Nl8$6ln_GJCxgE3&fY$&7Ub1toC81Y#yI+>43t)Q?Qt-De{AzJ%>M> z#Q%Fh)&5V-8sS41J@5IS-966V|LgXT5B8tEz)}7H@F?24UFxxKHja$l+fh-P#2*vW z%26aZGM1H>Zsh^iK^6Z;t8_atE9s~<+e(2t{_hR)`d@F*Kj?pZf%5bJN$h@D=JOsI z2_xT--vp!8+FfDt7@h)F9+kPp3vGKK|GmH_{I9PcRPp(mNn&vOGdgA@5(4}Il0(&(?%8hxw&#EC53oc2 z?;RKT|Kza#?**QT|I_PM8}t7oUBXIu|E2r%TY?SwU(6wYuJa%J#Lmb6>e{_S{I9)0 zh5ttyfv)KO@l;U}&L=}SL|4rv<8X%Jpv?KG05$T!2<4oLgvgFsf;_zP_=J7NH+|>d zgbnx~Q!Jy)T#pn0wfg^Qe*N$E4(tDZU{_3?P7?DjfX{?fDV8s~8Gb7S+l^V(=cqJ) zK5FmbF5r$}1OAV1t3Likh}!+Xo!9^ETgR||j1;I{{|om2?#XHQ!2kPzUGZ~fl9XuukGei{u$Tm*lUxguJoXD0y0;N`hpr3n!W4mkdmy5yw!^dxgbsD&%s$L-*^v zy#6iaN;Ut7*My%t{)gS~7yUm^4(C66fpv@-Ul6Zc!qZ#i@#W9>_IT#%r}>@><5J(~ zk8Yd)5C^{UIg`v~!~r*>tCFB#1)Tb23>{`VEad7x9B|1f`nTcH=Y&fBmr$bHfDnP? zQ-nY@|95-Gh4SqXmYX09g(qB|26f*f2eNxerMgUxY zq#O%|OXi^w3#g1Y05!n^i>(B;Aq1P5H&!-&SkH|2Q3yG>#Zz>D0K!&?o9N;_OA>iy zmthIZLK3c`sM}y&tUDd)PIYxVN;G1faP}K=CCbG#3Ev~h#-r1ZClw>*SG=aQUD4c; zW|sVnzjH!p5pQXv8>28-6Od-jL5vw_CL+YRO`+?|2MN?60#(*9GGK%@c?-cDsI}q$ zN*hvAd6-vy+VVb^`g5YorOhlx#3}EnmDswQ;7W`M6cW2X66W4bB;(n*IZ=<4zEQOj z7MhArQ3fyjj?b-#!u3#jE4FOLjIkNne!yoT>k2F+qVf!jyG%2Dul&d>u59L_s2$mk z-@GLr714VEj>!p-yYpO#%e?qbri3Myt`^c^M0wI&AJQ}*&@`?vT0DSx1cRwN7j(6}$FMV&RIMw{jIatyEl9$V2jndzd$8iwQy5qNJbBDR@F;ss)XOp;GBGj-kivo^MCZ3(`QlFmYu`38@RiKHHP1V0SgIb#kpYqg^&Pq|5>iG?;SEa@s-Br#OYBwV0nc3% z>z80JC$>mOp4h4@5hHOUTrY(EEu~{3a<58`vA3M|WfA_7)T|203Lpdeu z>75kbVB8_i#RncMDbCaK_(i7ZYqk3pCLUgutt+Eo4VC3yTrW&`9Z_rAqW!~OnEE0a z>-zrLn0LG0uI1bkpSFJqn#*`Mzf;kVu4c7vf)}{(l!5C9SzRu%ZCO!%%k_h-9tXez zEf~MADHmnR7Uk%3fW$UL=n~tLk(4YFk{%tTqo3%8SDCW}Lqm&te!c2g7M<>;4YGTN zqW#~RBeK9V%J{CrcGjK$oeXmEAG#;@$-)0;FK`5|pp=MH0VD&_u!GecQ7{cK@i3hM zAG&vNhJ@8@9D$oT7W!FL0YbwBm=QLOtofME{t7rEP~s&DBUc;WA@vjnie{n38GPr5 z@vM;tR#?u#|NGtoN*f1^hD8-oz(*VqOp(=WSZ9-8LmQn!GGdDbqu|qM0zAw`vtiA! z>_k7JMl>7N^mpEgek7mfvrhPb@uJxtaIFbyw9H~Mo zQOj_=G{l>=Pv0`cY9(m}<>NSS+4!zyfU#Sk^DiMze85*(yd8)`Cll zx4&5GpCUjqFvD^lOo6~s35d8=QBe Date: Sat, 3 Sep 2022 06:56:38 -0400 Subject: [PATCH 077/141] Wording and links update --- Azure-ARM/prereqcheck.sh | 2 +- README.md | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Azure-ARM/prereqcheck.sh b/Azure-ARM/prereqcheck.sh index f6527bea..3c25d469 100644 --- a/Azure-ARM/prereqcheck.sh +++ b/Azure-ARM/prereqcheck.sh @@ -139,7 +139,7 @@ if [ "$USEPURVIEW" = "Yes" ]; then purviewtoken=$(curl --location --request GET "https://login.microsoftonline.com/$TENANTID/oauth2/token" --header 'Content-Type: application/x-www-form-urlencoded' --data-urlencode "client_id=$PURVIEWCLIENTID" --data-urlencode "client_secret=$PURVIEWCLIENTSECRET" --data-urlencode 'grant_type=client_credentials' --data-urlencode 'resource=https://purview.azure.net' | jq --raw-output '.access_token'); #Strip /catalog from end of Purview URL PURVIEWACCOUNTFQDN=${PURVIEWURL::-8} - collectionnamenotfound=$(curl --location --request GET "$PURVIEWACCOUNTFQDN/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="'$PURVIEWCOLLECTIONNAME'") | .name'); + collectionnamenotfound=$(curl --location --request GET "$PURVIEWACCOUNTFQDN/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="'$PURVIEWCOLLECTIONFRIENDLYNAME'") | .name'); if [ -z "$collectionnamenotfound" ]; then err=$"The "$PURVIEWCOLLECTIONFRIENDLYNAME" collection name provided could NOT be found. Exiting with error." echo $err diff --git a/README.md b/README.md index f09fc78c..7c99a98e 100644 --- a/README.md +++ b/README.md @@ -4,16 +4,16 @@ This repository contains all the ways to deploy the Profisee platform to Kuberne ## AWS-ELS-CLI -[Home](https://github.com/profiseedev/kubernetes/tree/master/AWS-EKS-CLI#deploy-profisee-platform-on-to-aws-elastic-kubernetes-services-eks) for all the scripts needed to deploy Profisee Platform to AWS EKS (Elastic Kubernetes services) via the aws cli. +[Home](https://github.com/profiseeadmin/kubernetes/tree/master/AWS-EKS-CLI#deploy-profisee-platform-on-to-aws-elastic-kubernetes-services-eks) for all the scripts needed to deploy Profisee Platform to AWS EKS (Elastic Kubernetes services) via the aws cli. ## Azure-ARM -[Home](https://github.com/profiseedev/kubernetes/blob/master/Azure-ARM/README.md#deploy-profisee-platform-on-to-aks-using-arm-template) for all the templates to deploy Profisee Platform to AKS via ARM templates. +[Home](https://github.com/profiseeadmin/kubernetes/blob/master/Azure-ARM/README.md#deploy-profisee-platform-on-to-aks-using-arm-template) for all the templates to deploy Profisee Platform to AKS via ARM templates. ## Azure-Powershell -[Home](https://github.com/profiseedev/kubernetes/tree/master/Azure-Powershell#deploy-profisee-platform-to-aks-using-powershell) for all the scripts needed to deploy Profisee Platform to AKS via Azure Powershell. +[Home](https://github.com/profiseeadmin/kubernetes/tree/master/Azure-Powershell#deploy-profisee-platform-to-aks-using-powershell) for all the scripts needed to deploy Profisee Platform to AKS via Azure Powershell. ## GCP-CLI -[Home](https://github.com/profiseedev/kubernetes/tree/master/GCP-CLI#deploy-profisee-platform-on-to-google-cloud-platform-gcp-kubernetes) for all the scripts needed to deploy Profisee Platform to Google Cloud Platform (GCP) Kubernetes via the gcp cli. +[Home](https://github.com/profiseeadmin/kubernetes/tree/master/GCP-CLI#deploy-profisee-platform-on-to-google-cloud-platform-gcp-kubernetes) for all the scripts needed to deploy Profisee Platform to Google Cloud Platform (GCP) Kubernetes via the gcp cli. From a2b18f3433b5466a1e4f050da82b47e9356540c2 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Sat, 3 Sep 2022 07:05:19 -0400 Subject: [PATCH 078/141] var typo --- Azure-ARM/azuredeploy.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Azure-ARM/azuredeploy.json b/Azure-ARM/azuredeploy.json index 0c07ee88..2f00d09f 100644 --- a/Azure-ARM/azuredeploy.json +++ b/Azure-ARM/azuredeploy.json @@ -297,7 +297,7 @@ "value": "[variables('PurviewUrl')]" }, { - "name": "PURVIEWCOLLECTIONFFRIENDLYNAME", + "name": "PURVIEWCOLLECTIONFRIENDLYNAME", "value": "[variables('PurviewCollectionFriendlyName')]" }, { From 63a32d80ac4713788ddbc832d2c2eb8e4af83b41 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Sat, 3 Sep 2022 07:41:52 -0400 Subject: [PATCH 079/141] Update Settings.yaml --- Azure-ARM/Settings.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Azure-ARM/Settings.yaml b/Azure-ARM/Settings.yaml index 014f2ba0..685f15f1 100644 --- a/Azure-ARM/Settings.yaml +++ b/Azure-ARM/Settings.yaml @@ -89,7 +89,7 @@ cloud: clientSecret: "$PURVIEWCLIENTSECRET" tenantId: "$PURVIEWTENANTID" url: "$PURVIEWURL" - purviewCollectionId: "$PURVIEWCOLLECTIONID" + collectionId: "$PURVIEWCOLLECTIONID" aws: isProvider: false google: From d532bbb27c0b764dfd9a1422489c863a3ae431cf Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Sat, 3 Sep 2022 07:55:54 -0400 Subject: [PATCH 080/141] Update README.md --- AWS-EKS-CLI/README.md | 72 +++++++++++++++++++++---------------------- 1 file changed, 36 insertions(+), 36 deletions(-) diff --git a/AWS-EKS-CLI/README.md b/AWS-EKS-CLI/README.md index efbcf6f5..98a26ee1 100644 --- a/AWS-EKS-CLI/README.md +++ b/AWS-EKS-CLI/README.md @@ -1,19 +1,19 @@ # Deploy Profisee platform on to AWS Elastic Kubernetes services (EKS) -This explains the process to deploy the Profisee platform onto a new AWS EKS cluster +The process below explains how to deploy the Profisee platform onto a new AWS EKS cluster. Profisee requires a Windows and a Linux node. Linux nodes are managed nodes ## Prerequisites -1. License - - Profisee license associated with the dns for the environment +1. The following will be provided by Profisee: + - Please decide on what DNS (FQDN) you will use to access Profisee at and we will generate a license for it. - ACR username, password and token -2. Https certificate and the private key +2. TLS certificate and the private key. -3. Choose your AWS region you want to use eg us-east-1 +3. Pick your AWS region, our sample script uses us-east-1. 4. SQL Server - - AWS RDS instance - https://aws.amazon.com/getting-started/hands-on/create-microsoft-sql-db/ + - An appropriately sized AWS RDS instance - https://aws.amazon.com/getting-started/hands-on/create-microsoft-sql-db/ - Goto https://console.aws.amazon.com/rds - Click create database @@ -30,9 +30,9 @@ This explains the process to deploy the Profisee platform onto a new AWS EKS clu - Public access yes (simpler to debug) - Change to fit your security needs when ready - Defaults for the rest of the options - Wait for database to be available - - CLI sample: aws rds create-db-instance --engine sqlserver-ex --db-instance-class db.t3.small --db-instance-identifier profiseedemo --master-username sqladmin --master-user-password Password123 --allocated-storage 20 + - CLI sample: aws rds create-db-instance --engine sqlserver-ex --db-instance-class db.t3.small --db-instance-identifier --master-username --master-user-password --allocated-storage 50 -5. Create EBS volume - must be created in the same region/zone as the eks cluster +5. You will need a storage account so please create an EBS volume. It must be created in the same region/zone as the EKS cluster - EBS volume - https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-creating-volume.html - https://console.aws.amazon.com/ec2 @@ -54,88 +54,88 @@ This explains the process to deploy the Profisee platform onto a new AWS EKS clu - Setup IAM - https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-quickstart.html#cli-configure-quickstart-creds 7. Configure DNS - - Choose a DNS host name that you want to use eg: profiseemdm.mycompany.com - - Register that hostname in your DNS provider with a CNAME that points to xxxxxx.elb..amazonaws.com (this will be updated later. + - Choose a fully qualified domain name that you would like to use, ex. https://profiseemdm.mycompany.com + - Create a CNAME record for the profiseemdm hostname with your domain DNS provider and map it to point to xxxxxx.elb..amazonaws.com (this will be updated later). ## Deployment -1. Make cluster.yaml and upload to cloudshell. +1. Edit the provided cluster.yaml to match your requirement and upload it to cloudshell. - Download the cluster.yaml - curl -fsSL -o cluster.yaml https://raw.githubusercontent.com/profiseedev/kubernetes/master/AWS-EKS-CLI/cluster.yaml; + curl -fsSL -o cluster.yaml https://raw.githubusercontent.com/profiseeadmin/kubernetes/master/AWS-EKS-CLI/cluster.yaml; - - Change the name, region and availabilityzones + - Change the name, region and availability zones - Change the instance type(s) to fit your needs. https://aws.amazon.com/ec2/pricing/on-demand/ - - For more complex deployments, including networking vpc and subnet configurations see https://eksctl.io/usage/schema/ + - For more complex deployments, including networking VPC and subnet configurations see https://eksctl.io/usage/schema/ -2. Create the EKS Clusterr +2. Using CLI, create the EKS Cluster. eksctl create cluster -f cluster.yaml --install-vpc-controllers --timeout 30m -3. Configure kubectl +3. Using CLI, configure kubectl to connect to the newly created cluster. - aws eks --region us-east-1 update-kubeconfig --name MyCluster + aws eks --region us-east-1 update-kubeconfig --name -4. Update the sql security group to allow the kubernetes nodes ips in - - Get the outbound IP's of the cluster. +4. Configure your SQL security group to permit inbound traffic from the cluster's subnet (you can further lock it down to just the kubernetes Windows node IPs. Note: As AWS implements a rolling deprecation of old Windows Server AMIs you will need to implement a maintenance window to update the underlying AMI in the Windows Nodegroup, so please make sure to update your SQL security group with those updated node IPs. + - Get the outbound IPs of the cluster. kubectl get nodes -o jsonpath='{.items[*].status.addresses[?(@.type == "ExternalIP")].address}' - - Click on sql instance + - Click on SQL instance - Click on VPC security group - Inbound rules - Edit inbound rules - - Add MSSQL for outbound IP's of cluster + - Add MSSQL for outbound IPs of cluster 5. Install nginx for AWS helm repo add stable https://charts.helm.sh/stable; curl -o nginxSettingsAWS.yaml https://raw.githubusercontent.com/Profisee/kubernetes/master/AWS-EKS-CLI/nginxSettingsAWS.yaml; kubectl create namespace profisee - helm install nginx stable/nginx-ingress --values nginxSettingsAWS.yaml --namespace profisee + helm install nginx stable/nginx-ingress --values nginxSettingsAWS.yaml -n profisee - - Wait for the load balancer to be provisioned. goto aws ec2/load balancing console and wait for the state to go from provisioning to active (3ish minutes) + - Wait for the load balancer to be provisioned. Go to AWS EC2 load balancing console and wait for the state to go from provisioning to active (approximately 3 minutes). 6. Get nginx IP - kubectl get services nginx-nginx-ingress-controller --namespace profisee + kubectl get services nginx-nginx-ingress-controller -n profisee #Note the external-ip and update the DNS hostname you created earlier and have it point to it (xxxxxx.elb..amazonaws.com) 7. (Optional) - Install cert-manager for Let's Encrypt - helm install --namespace profisee cert-manager jetstack/cert-manager --namespace default --version v0.16.1 --set installCRDs=true --set nodeSelector."beta\.kubernetes\.io/os"=linux --set webhook.nodeSelector."beta\.kubernetes\.io/os"=linux --set cainjector.nodeSelector."beta\.kubernetes\.io/os"=linux + helm install -n profisee cert-manager jetstack/cert-manager --set installCRDs=true --set nodeSelector."beta\.kubernetes\.io/os"=linux --set webhook.nodeSelector."beta\.kubernetes\.io/os"=linux --set cainjector.nodeSelector."beta\.kubernetes\.io/os"=linux - update Settings.yaml useLetsEncrypt flag to true + Set the Settings.yaml useLetsEncrypt flag to true. 8. Configue Authentication provider - - Create/configure an auth provider in your auth providr of choice. eg Azure Active Directory, OKTA - - Register redirect url http(s)://profiseemdm.mycompany.com/Profisee/auth/signin-microsoft + - Create/configure an auth provider in your auth provider of choice. eg Azure Active Directory, OKTA + - Register redirect url http(s)://profiseemdm.mycompany.com/Profisee/auth/signin-microsoft (or .../auth/signing-okta). Make sure that your URL in the the application registration matches. The /signin-microsoft part from the URL can be anything you like so long as the application registration redirect URL and the value in the Settings.yaml template match. - Note the clientid, secret and authority url. The authority url for AAD is https://login.microsoftonline.com/{tenantid} 9. Create Profisee Settings.yaml - Fetch the Settings.yaml template, download the yaml file so you can edit it locally - curl -fsSL -o Settings.yaml https://raw.githubusercontent.com/profiseedev/kubernetes/master/AWS-EKS-CLI/Settings.yaml; + curl -fsSL -o Settings.yaml https://raw.githubusercontent.com/profiseeadmin/kubernetes/master/AWS-EKS-CLI/Settings.yaml; - Update the values - Upload to cloudshell 10. Install Profisee - helm repo add profisee https://profiseedev.github.io/kubernetes - helm uninstall --namespace profisee profiseeplatform - helm install --namespace profisee profiseeplatform profisee/profisee-platform --values Settings.yaml + helm repo add profisee https://profiseeadmin.github.io/kubernetes + helm uninstall -n profisee profiseeplatform + helm install -n profisee profiseeplatform profisee/profisee-platform --values Settings.yaml # Verify and finalize: -1. The initial deploy will have to download the container which takes about 10 minutes. Verify its finished downloading the container: +1. The initial deployment will have to download the container which takes about 10 minutes. Verify it's finished downloading the container: #check status and wait for "Pulling" to finish - kubectl --namespace profisee describe pod profisee-0 + kubectl -n profisee describe pod profisee-0 -2. View the kubernetes logs and wait for it to finish successfully starting up. takes longer on the first time as it has to create all the objects in teh database +2. View the kubernetes logs and wait for it to finish successfully starting up. It takes longer on the first time as it has to create all the objects in the database. - kubectl logs profisee-0 --namespace profisee --follow + kubectl logs profisee-0 -n profisee --follow 3. Voila, goto Profisee Platform web portal - http(s)://FQDNThatPointsToClusterIP/Profisee From b2845c1c77a71d1a2777fb29ba741ce5641d805a Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Sat, 3 Sep 2022 08:19:58 -0400 Subject: [PATCH 081/141] Update secret-purview.yaml --- profisee-platform/templates/secret-purview.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/profisee-platform/templates/secret-purview.yaml b/profisee-platform/templates/secret-purview.yaml index e8721227..4bd8b1df 100644 --- a/profisee-platform/templates/secret-purview.yaml +++ b/profisee-platform/templates/secret-purview.yaml @@ -6,7 +6,7 @@ metadata: name: profisee-purview data: ProfiseePurviewUrl: {{.Values.cloud.azure.purview.url | b64enc | quote}} - ProfiseePurviewCollectionFriendlyName: {{.Values.cloud.azure.purview.collectionFriendlyName | b64enc | quote}} + ProfiseePurviewCollectionFriendlyName: {{.Values.cloud.azure.purview.collectionId | b64enc | quote}} ProfiseePurviewTenantId: {{.Values.cloud.azure.purview.tenantId | b64enc | quote}} ProfiseePurviewClientId: {{.Values.cloud.azure.purview.clientId | b64enc | quote}} ProfiseePurviewClientSecret: {{.Values.cloud.azure.purview.clientSecret | b64enc | quote}} From 01c94f648c52d05261698efd73a211e711e7b200 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Sat, 3 Sep 2022 08:51:04 -0400 Subject: [PATCH 082/141] Update values.yaml --- profisee-platform/values.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/profisee-platform/values.yaml b/profisee-platform/values.yaml index f24f355d..b94850f1 100644 --- a/profisee-platform/values.yaml +++ b/profisee-platform/values.yaml @@ -89,6 +89,7 @@ cloud: clientSecret: "$OIDCCLIENTSECRET" instanceName: "$PURVIEWINSTANCENAME" baseUrl: "$PURVIEWBASEURL" + collectionId: "$PURVIEWCOLLECTIONID" aws: isProvider: false ebsVolumeId: "" From 7909439caf383a07f0baeabe565394445787d8dc Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Sat, 3 Sep 2022 08:54:47 -0400 Subject: [PATCH 083/141] updated values.yaml --- index.yaml | 4 ++-- profisee-platform-0.1.24.tgz | Bin 0 -> 5593 bytes profisee-platform/Chart.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) create mode 100644 profisee-platform-0.1.24.tgz diff --git a/index.yaml b/index.yaml index 61e8f95a..705e5015 100644 --- a/index.yaml +++ b/index.yaml @@ -9,6 +9,6 @@ entries: name: profisee-platform type: application urls: - - https://profiseeadmin.github.io/kubernetes/profisee-platform-0.1.23.tgz - version: 0.1.23 + - https://profiseeadmin.github.io/kubernetes/profisee-platform-0.1.24.tgz + version: 0.1.24 generated: "2022-06-30T00:00:00.0-05:00" diff --git a/profisee-platform-0.1.24.tgz b/profisee-platform-0.1.24.tgz new file mode 100644 index 0000000000000000000000000000000000000000..36c836e143998b546a308b9f17ec28300279b026 GIT binary patch literal 5593 zcmV;~6(;H*iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PKDLZ{s$ycz-tF|A8N8fo%_GS#}(!(BVGsxsJCNG@Inb+3mZB z0tGEGHXEAMl9avaHt%nLpd?Dv7fW{HIJZ~N0-Hn}4u@Z6NDhZXpR+qG5Ni7b$~(pv zozWa}X+6LN`DRC8+qOOE_rssIZRda5z2n|D-TtxNAM{VVgYGwWw?8=UeFN-WF;E48 zkdS|4KfA1a<-QVtKK_Wfz>GRz*=s=GPyXy$-GOB{JS1F>eHnfmf`1^g0InJ%;Er){ z9giPy9giQtDEKLuB2JM+qCw#TIiN7g8uGzM4uHN-unQIK#!{DSTV1QyZ@hNP{5hZ~ z|4T>$BzCC)YUKaqbkNVq|4G+AJ;?t)Kzt$-#FvOWpxFQbfJk6lZzlhBaXEZHZbe@` zDB%e!jXnYc(5s2;Kzr7B7&KP`p4= zjH$~XeCdEUA133A@$F=MIlB4h^=*U%y#=O2*JS~fiumyC{rTl^G`jk5d25t^hY7kt zJ`-3n{ty=s=8v*!&flG1jBm!*S49f>I%>>ZMe~)_Xhv-{8eua=Z$mBEx z7z9>mI`sV*M-K_)6ZUXUXB-J}6AdTYZ;cMCEzd*rSW{@#XFLSs{6XT#lqB5TQ-Rqnq(< zu6GqvBLeZl0j;@|zSHRlca9cNSf3X}Fz8#1&pIp7>Dl&4$3E%cu+!v2$5q)xM^VTT zJ@=kZGWvFh5zllz7va!-9{m|!BAVlyz+F%l0ngDz3y8_iTG%ClkceM04~-%X&}}x1 zkMVFLc!8xz#-8g34(Qsptv@W#LTLriwPUTq(Wd~3LY5-FZNJwwYc}u#&UBF+&9IOP zsin1>1=Ub@xrJFvBPAM1sjktDl5RujB%B!u7sDUMdgLpiaKImFyM9T31pu^Ex@bAs zuPUL8nIf9P)Z)-`LJpLkYyGthQLDQcG0}9T$YKA-nB(`u^NVsc#ea-7{BZk^Rvzau z^TGJ*vDqNlMO2`7n4mK#p#$DroR7wrlkwT`cBm#BbWX9HgiG28VKn>u-5gHIRfxr0LnZB zI1()2E&?;o0v|x?fjL~N@6baW_=I8i;jK_>`+M}TR0Ww`U})h?Uum)`CH*c!bu1hc zQ+y&H(&@F8OS(>{)J#&`==e_UAqpAek&yjN3ngeKe^gb^CW&C0?0xdJlZe7%on!4Y zG8zONMa_df!0wV}j}iX{ZWuuV=njHH;2A|8U=m>YH^3P|Kr*m^n1Y)h9ng9YDV!k> zoX5Qju6)FyWV{t&3xytbY7P2dLF*&tGJpiUhwdCx1V)TXj;Dc2HileG<2)HpnUS~1 zrB=0d*+B6FzQkzdls4^~;s1QN8Q+dChov+7E+&3Vg@n{i7Esq8Za$ume?GsQ+zu~C z_C5#Z{CWA&Jj;<~)#-rQwtILE{xDur@pJ`w;6(1Q17RYS3 z8Dle2t}rs0XD*5|YtaJD%+9*F|C4B;en+Ac>Ljg2+V{(LGJR~fIjpn)^am%|{a>$l z+B@w3_5xqNv;n>Y*2ieqA5KZp>cBE48_<4yY&J|=5rm%4JUuw9`|pK?S!da8HtsR? z91t$-wN7X@7Dz(1hjcQVOn5KumzqYa*$_U`dxXe7Wb2huJdd0?;LDdXUiI{6B^;%5 z4|sgk>%~xKY(Ye8nUI8PDn!-quia@ogw5rDfnQ4gPkMub{C5xb-@QP!{O4x=mr(=d z!kAlDSPC~3!>22WJjo}hh&+j}UO{Xu|5HpoOlMD72Gq{~_GwQ3`@NIFLH_pvdzt@# zh{nzu`43BL`^;-6bInv|FoYeN6iXHl(bkfL7Q`x|ZH@GG3ha(yYx#e|GN69`?-u00 zZy)4;AF$8)zgi7!wG7xqLu|RO$m)+RGk>+3q*neTYn>lk7hD2`*j545$bY{#u=DbN z(my`P|32WU^M7o_Z41dbvRr|!&+UTrNA@>unHs6FlM{Y(1#rJqe;E?(Cnl{BL4Asf zy_)`p+}MI#QGsMXA2VxZ?ZvUww_~E0Sx*&7L>otko91TYK5=bPRh2}f=i}PO-3Bb= z@3KOzZN?gi4Eqj{M5rt;O5f#Dw`ZiuDjG+8B5i%}W46wf4?pSCif1>8VffGUtG$jU zDM}5u`aJ6;xz#5a72Il+3U1?Lix*=wrk`gr(djmP^317~Kg|B}(L#nJS9lvl!BeW9l-sD0V<= z3I!VUTUpCke8O47WClB38Rw2d>uQ=oPpG6Pdo}qrVs3HWJa~of7^>F)vFgP_1c*P? z_`kva|McWIZ~s5;ogCKx`+(d`m-EH6vR;@VzYA~?m+fd%%(F}XQ8aeW!?9Dk=qE@D z6wx)-{LoE2Kt=4AI+xNHPN$=i+Dp4ly=vZ~&cQ`q}*MGw(JQ zG$-rcWEeD3pv*%PZJa2&OtrGx5++&>AeaW9Yb_I%^3UiUo-LsN4B7vtUjB~<{k;9J zdwg=(|L+Ad_dinU4SW7Q^w-$x(ybMe64RMzHVhnNzoUK2)9F5OI1d-)e|!pGgpcI>|+YH6vM3OWitah-tTgEyim~UwbWXR7Qln`N&koe8^sP zs3|9NF=Bm7e=x5)Y(O%`T~F{`?s`KF&FpQ6^<*#LHdHegA=VQe8}}M&D5h5+vgAfr z@2^Q9ex12`&U|Zw&f@J0&;M2HzvzaK(qe6GZF|xJux9<&>mC=@e}iuKu>RWzJlX%l z_l2?DJ4=R2>0U1xW$EpKWSb+h+nNQG?)(By5lJ^v(DzGegm-8NcAS!c|*UF!ZuDKzQ8nGDE-Kxi>?vJ%$p#WQBOEvklaP8*ypX?<0V%s zTt+3tG~J^{`_#2vkkXFsE&-3Z_t8e4;3G z->WsRD3lwuLgv`AjVZwt<+sxdMc^9BxdU3A1(lslrov?;j-Yo%$wT(04o6C_$ZP}Y z#E8+dUaI5I6*yNjkK=H*C?3d0$FW)La%N4ghBCSWg7QtM4_`CKx%so(uhtLZ&k9xZ ze{9csruC=Z{$ro^^7FqvIQW0<1#0ZSg-hNA6EH<`#rQp@v!eIcx%Qu^S`rve7LZaV z!&y=*pX{6$qgq9y>QND0Yr<7S?wBS%*lR~8dnHF5X5q$CUB+wYHkh;Y zetdf~yOY{Rr+$|89#=dd$SiI{^Ojjm7-2xKVtgp)>6&J{9#lN|;fk>Ht@W4hOd^P6 z4)PPcO)O}SkDdQe^xk9$<{UE=y~u2M&Cwk;PLZb2y+^qvwm^J|-TawS!D=5OWpRAQ zr2`5FPr+iUhRFAJ_8k6j694Z3RqH=BYJ?A6^s?uFcDJ9u|JOb4AM8JSfusBZ;8C=6 zyVQN(Y#bS@x1*vqi9aT$m7_>;WGpMMUCRTkgDUxtX6bffR?<;zw$%c4^4}Ze_kX>? z@nQeB7brjfpTzEmWj^nbkudTN`Asldy}K(69>Y_>%9Apec%h9kJe31~fa#!*sC!s< z>>f6d|2s@j8mlVt``=s()XD#GKK^U(`1JH}|9>yAiTvy92UT*uW{?=t{(_DfiG~1w zfaFm1wOjV=9F#d96`)2R7@?d~ zl@QrcONfV89-pz!_^R*xo3MfWV~S;Tnd^xPpmzU%nxFr>y~F&!AJ~;pr-Q`23*a*$ zRf^?{Zbse;!FFR&^*JiV&qwV&+y&ebY#{&fZPlm02vNKKxAXgdyMNgK?+4=fpE9|< z59o9BMH1y8)fHv{0#o>N5xoyLf_DiU$UnoL+tx9xpP~h7=l_EJzk4$1ALM@@uq%1a z43d&v|C6rI9PD~84x7q<^!v-4|MyPw@xQvglf(W0y}(Z8Uq>yekp3rJZaZj!7laMv zUx#9Q(z|fA^54zJ|LvY0AN+sz0=ty|WRMsdAi3XbioE%vPS&RO+RgE&gAL?AexT*W z_W#{(H*f#9PfiZ&|GmH~*#G14RI*ICj#6^53{0N%SPVERT^1B*jgq%`-f@hmM;@vo zwQ2I^3qG5bb6XSHOjAw*n{CE@$&RU%->MDM8mh&W*m}wp3$cSK=BtJc^uHPG^(F5A z+sDQDPbY`>U-kp9W&h1a5H8FF8;4Fh=%nYthVs9?)0Y8HkpKSR;Qz4~cuo1Qa1z@% z9NR(up9dSrzi}_~W$eHG(_;L`gZ*beu&w-;;MZJ2-dJsvJgrcrK{D5c6QuYh15;_l zG1T*3Vey*^In1BX!#Xdoe@nemE&t&);g^p8VILnC{XhGM^Pj!II>C%Dh*wVG=`Hg3 z@@IT|JahHae9wh(sc-a0x6Qwg17G=^N#-)*fZNe^Nl>r?P5m;44l^BQa`hh$xMURl z+sNokLZ$pmDA8R&h(Pi=N}yW)yS;wl{kLAXcZmPI7pREoH;KD{f~tf18493U{}LJn^6 z6x|WzL|)ltSi-W9gsUj(Hdq(yPDi>^P2G+XjaVm~{f1nLaxqQ9_eiqw z==9@B#Yp)TuPJSpHFu<$Wk2KZoG@CXTN>%c$PCs5q*-$iV+NXu7%^^B=rZ#`0(FQ$ zg&IZ%jL0T$A($PtHvC^{MM??}an+|S?{ld?CpuqR&0<8H@`hT8t(yt1#F#)KvHJsI z?)^kEo{gImwMgk3RV!hksrVQnc-eP+?nD%>hsry#Wi@7u&B*p0J_|)xU?CBeXIR{4 zs^NR(M_zGZGZ#hm$Ts}uHSws3-V1O{Nr2p)=R#cO)ps%^EU|R8k`5!vlji!6rul%T zX$f%@)7FFslm|_>(q6LI)6?vs(XG(LOU)~i_%3_9Xrz7{q zL6v%Y2__I-zT<3>885DW+QfYECxW$an;7&;#@?Fe9W^Xf3*^`U$%Oh7dMGkd#!TT2 zOB1S|nOw{4b>;!jT{G*KP%me;$VZ;psw?BW=YH)~_R5NE#^a_nd%3<@8>r(+wX5$t z)A4`zwaHyOsH{UdC+qp06y9LmA6lMyVkCi+!F7$e+iz;WH-N3(T}cXcijXpaN#Kf*AKFL zxx}_*MfjHM2ibib01LEW{Gldagp|$7(Wd~3ZJ5wGwr3;BS!5(VI!Jpz*&AMG&Jv6r zTGaCEw~l4e>0a9)yJslc|E)P93p}HY?<#C(-TB|iAQ%6kdt&zw{y%$xBXA9+M4SpB z8HlY?;2Y$2#Z8rX5 ziIuN@OyRxyAs69ajN@6e@t6Nq`94C9Ss=jq*;sKA8?c)V3wsE5;!K?V)@)cy;W7_( z{vb z2e#FY>k3%@{S&RIWK(A|T)b nfn{_Gsw)cxkaH~lwS@Hm2ROh1b_o9$009600JqbW0I&c6Q#}VF literal 0 HcmV?d00001 diff --git a/profisee-platform/Chart.yaml b/profisee-platform/Chart.yaml index f8d5ad69..5f17dbec 100644 --- a/profisee-platform/Chart.yaml +++ b/profisee-platform/Chart.yaml @@ -3,4 +3,4 @@ appVersion: 1.16.0 description: A Helm chart for Profisee Platform on Kubernetes name: profisee-platform type: application -version: 0.1.23 +version: 0.1.24 From 8fa879c441ac3f092a3c716b9ecdfbc8f7f169f9 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Sat, 3 Sep 2022 09:17:36 -0400 Subject: [PATCH 084/141] Updated to 0.1.25 Chart and templates update for Purview Collections ID --- index.yaml | 4 ++-- profisee-platform-0.1.25.tgz | Bin 0 -> 5568 bytes profisee-platform/Chart.yaml | 2 +- profisee-platform/templates/secret-purview.yaml | 2 +- profisee-platform/values.yaml | 9 ++++----- 5 files changed, 8 insertions(+), 9 deletions(-) create mode 100644 profisee-platform-0.1.25.tgz diff --git a/index.yaml b/index.yaml index 705e5015..18898c49 100644 --- a/index.yaml +++ b/index.yaml @@ -9,6 +9,6 @@ entries: name: profisee-platform type: application urls: - - https://profiseeadmin.github.io/kubernetes/profisee-platform-0.1.24.tgz - version: 0.1.24 + - https://profiseeadmin.github.io/kubernetes/profisee-platform-0.1.25.tgz + version: 0.1.25 generated: "2022-06-30T00:00:00.0-05:00" diff --git a/profisee-platform-0.1.25.tgz b/profisee-platform-0.1.25.tgz new file mode 100644 index 0000000000000000000000000000000000000000..38083d3c1a05e0776ec9cf1377e88c30049d513c GIT binary patch literal 5568 zcmV;x6+h}9iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PH<~Z{xO-`?mpq2cEOQwhzy;>^MoG;@zF=c-vsJNiNQA?*Ro0 zTAJ8wWKl~}_NLq1XFpI9CF+MIJ8_(D>servh{NIV#|+8gaOg97OE^H=cd@voY~C5p zFcZc-p1ZHM1g2@4$Nhfz(=^TePqTN}d)4h9n*HOW?uprZWp?|=z2jHN+!g~>5O9In zEAz=^UXTCh{9^Ea)QY}3Sl|if zaFM2-{-C7?9GI5&VLZClQhm(%k}^k2y&8{+7+(MT>LxYKIKGE zb{`iI=8v)}&flJ$kFG~omqiNsIx5UuMe~(aXj*L*noFnDy9u>m>jIWT1`c?FV3%i* zBITGV^7>rEkX0McFaw>l@lS*6k;WE$7Qj60o_hQPb1l>=eplH?|9c~Abbfj<)(9+N zGVuKvM-2(^U3!1!O&M^09k^g2!2*a93BSU4tbd`zv9*?uhuPrwfB_oVf-C@?5(c*H zA+3Hm5Hre%xR=abo}CV})wf*&o;V8|dw6~}y0|$zEhLY@W*`)S2yHwXUXN~ay(^g- zx|qx@)S3z5Tb&NKXE4Xy_&j$x#lAt=w6o-$o@pL+%%ctoJ5AhoY?+OBB!wK&Gw10f zqi?qaSf=Y44~Op4=ugQ4yd2*y-UekJupC{OW8!YDg>5(B0@ww0U>IqDZnL3%jE9>` z=0xyh?Ad-`p{{9~>cbr7QY)aY8EX{=p90{8EJb|Ne6MQOY>+vgsv;Ro2^SKnrL>!Y zv~Leo22t2(@H7Z&}%|GNFu_ zBAUch;?S}}4y2xI{j&^Fsk<04(R8KAVgJXNqxXZe^KvxFe~dNwaPw0ukMofEp#AmG zY`DY*kHcHy!YLNmLa)!yhNFw|=yY&1kdqCZc|?rEC2fQ-oc`-y&4y38C{K}^DX49*(YW!jyM#pGkN(`nSw#yEJg(5fgSuGT;cmVst?qIW4Cu zG}I^W;Qk{HTw$SG?D8b#PJK=rLrIQ>4(0(DXadM)fCV^+cu33u;X95z>HuQEX~1ki zQ$_0O{{;Y?pCvN9$8&O>#~Egh48azCWg zYb%#@l}@Rdq`1+^t=vNtGR7kz``Ig$pqTtoRy~`@xgyvE#~!7NPgT6ZbTo6*G}M>7alM+zag)S#{lb}|%_@-ENM zN5h-5%Zr2(Uh+~&&NLfL_($pnbI@C3O6k-sR|A>MQyZepN?=g)k^AN1{!hSM{tmno z>LjH_+INd~GJR~eIjpn)^pB6S`@dfAq<6UA|Lp?4d}$+ci;R!au0NcTqSb++O*W|g z@X&1NwjzujpE_!A7v*_eaCat~=`HktU2-z^l4RPK4hwuQaq2GTIkD{GG5j6XCxe@a}RoWQ0v7|uWUd>X`+yXY%1{N?=RhHTZHxH ze@>oD{*QXc1^GAk_TQaAwfyI1{^wBx<-(X-Ru~dD6vM|Wi9E?isE9m?uU(Y;BbEX6^MAJ>|A+hYpPj%i=l^Oou+cJL9SyPJx+1GTHq89h zYLZ&{kF0fmY=^L2%=xAYpho`ty<;;k|3`->d->l5Ja+z%jks+tCbhxQ+HtrJF7Fku{^7MRM*|^(?hWuSrsI~Q2Ly=+MLc--T%d^tAnNaN+X|jsO z;h)^LI{49B=hDZY)M>?&n?y7G=lNA$N8=QwhFf)>^_<+Q6O0OO6-ouS@v+6TF&fj) zGnwdg-z9b^eVE}n2w*(*$he}~DL_lG08;;tkM9fT1g+3$t+|K{;^Pg4vW6`#ccPN8 ztL%i`Q}q zcoL&qVX8!lyf9Nm5quIuDskl5R4$4w)S6%p$Ng5;G8Uh3)-ajDPFKdcqtLpVX3!HV z=_y=IeubD@TtD`dYY(fSYW*LpUcz|*?6JoGHTM4}M~8X)|6#AYU;pm{ax-1d7t_dk zVWRvlzy>DT(WaPXm;S?O?3{&Tr*zTpg5VI*)zbNLNGc zkT0{VJKRLu1uN?sgE_a5HznR@{ku<{n^@4Stb3DY&`80f4vdv?qUbW!%5F<2Z&}DC zUhuirGEpi2)Vn3qIrg6*`>*Qd|M0kP9SstBbDB;=ig(0g{>~#T7eM6 zoAPEu!_oFT%C|h7?h}Xea8drpr+^Aj%L6UrY3y)bo>g~8FDLPV!_UNX=#mctF_XIu zFDWz8dR*WmhA#y-q_tFRN%o$S8 z13NJS^0&kV3%#+eU!)NKLWyG=zj5ll$&$Gwj$Ow}n0K`nkt7D`^?@2X$wh+|BUw^Q z-8yTCDYt+P#%oGnxiqd-Mufcn$dtu=$X<1*DJOF=Vs%S@(62hIK{Cc&P4I2*dP5D( z>}`nEWY6&?R5KSLRudg*_Zn&_rdJ@c3ohoCs&C!>P(2&;j{ebR@-hB zzAb0O1;kwd9~~Z>=J&{<$ddni(2B71Jd4mJ{=HoD@$D`bu>+r)E;2l?&vToSm# zVrHRMXYPqkCR5=u5(Dg9dhUJprVazCS46gfRAR(vSufS`XLFLPnZrmpTNDpuqvO~t zb~&>;R|64U0fBrIs>9dJac=(X_N(=S_`5>Y{2$x1o@o84xBr+Yz5M)d9_{_Vb^ zQ!HSKV`Fhh$545)lzc`%-?t~!xo>mwJ6Nb?w$R$yg4m*e_-Y|E}!)7h#Vm5_# zSuJEceuvUJ)VIQ~vde#sa{pRrgBq!cq8}uuo>iqWSTZ7@EhO*4LY>#$v79q%4k4nXpjd;3=3-fDyWkGXqIj#W+fHXW>YOtC;z?U{Qj?Z+}rQ}b^_(+|Kr&Gu*~N@G7?6j!$m`7$l{#V!R?&E*$1S$|1UHE-1rOh=VfcqXN|E11*$usuChQY64`@4W! zf;HqnzODNB7a?lb|7L#wZ}#{5|J^`5|9ezy?gRQ1eUU^tNOgrCfIt`iTtx5vjo@v< z8uCwxW4Bcd>&Iw;+WEg=|L-0hn|t}+1#C;6GlQgL*Z-*NGkd$PGFnz zp9~UB10?r*b&=O!)XCb^Ub;E{cCd#0#}BkT+y1}XHS_U*%%lEZ{&xZ|VE>QDQ^_*n zDoV-4GSGQaV=-WE>9U|eYnXYpr<$n#!q0ltZ))P1DauJWv-Nl`*(a6qTeVGELAAL4 zT1~lP`L#E|{6%05{jUdmeUAJ8=3z1Z)6xF@m)*ci*?+SUgbOpl+M$#7+UaSqru=X2 z^rgWgr*RAermJ2~zx$fvz;-80vYiu=q`d9OgT?U*+ZXm((lO@*iFke(v}m=HX${ z|Fge8|Jezw63qC5c;ytH-Xf1Lf5x}RGgm+L_gp9w>PCNb+x)vY@RiS~pf+_abThmv z2?|!Asb0oVVWz`Ow)(?D7u18ljEp`fRLZ}=0&WA>9-1T>{g|#cP%%^2#>D5|)J|Tt-p1(W+Q?D$<>7 z>UNZ<#X4d1H?RfdVw!~Sk!0i1smGIwk@72EQ`#(R?npDse#YN9VYEoMG}4Wh8LbFN zv*I8|4>S`oqTQxYW#)qfst|z^HH-`xkxkx0&^u~n_`lMMloTG~%1;~K=aPSpRlc;E z#fUiN4YlMOHxpj+k&C$?_75(#@5X|%Y}}lvMM~eOT5{9}aRWZ&_*TcfQ(@=Cd;Q~ByO88x-8opEhI8j{K)P|@Y*@j=gCXUCW_W~?k5-_u8xe%9m z^_>g}gD-5Qq{E2vZgX`=(|kbFw1hZ{Y3s`ul#L>wVh^B)hfYbN8iVNJ!73yRJVg%= ztz0Q3!B0a-(Oj|s54h~fNp@Jl=fVRY<-t;;b@CDzpMmQZ)Bdxa|Ar8`{pOn=LA2u) ze9}ta8ge=hIBI)<-i!tHeQ@4<`-OoBm{+7@K7h;NiF z$SWl~Q<`o4^0tUl7Bg%!9l0|Os?^(aFah4;Eu-_yc(K*fCi;s%5v+XMM59+S_EtRa zs9+&mAjbwuCe(LuUu2|=nZg^EI#fL~xsutd%mbd=X4WsEUe0Whk36$gSH`!`{mQHC zl@(c!$8~G=e0{SrP{*TcSKoKK0MS%-2?R`WY9yur9do{JAWR&t!@UOWthH+; zx5UrwPr-AU?B-W0>e1EguG=MZQh3V1_JizRF0pMH5x!yjL3SU9&>ZHJ-Ph!ckg{1B zdqLyF1bu5cc_tFO09YfLnZ_L1*lc`79 zw!(JSo&Oyj=i)zfkIeqw|7Ry~fUd9*z&wrwMNzk- zH#5T3v#K10h6yxv=_In|6L0!Y#K6UZEFg?rt$oLyBPn<=4K2>-8$XO^4GvloF+>0H zt%2lj98oXKDw#q)Fys;sjAp|)9se5I=p>OLozJOUG1SifN94WDU?4|p~Mx!Xfx25}5{WEx%LbF*}?ap2KqOeQRalw@yzHsn9afS_nf z#4MN~PJ~ntajl}P4t$PkMm-%(=9=LJAdcsN7SSoFsx0P6%n1K;3F{vAu!lWt5&k~_ O0RR6{rasaDumAw6E< Date: Sat, 3 Sep 2022 09:27:13 -0400 Subject: [PATCH 085/141] 0.1.26 update rearranged order of purview keys and values to be consistent --- Azure-ARM/Settings.yaml | 6 +++--- index.yaml | 4 ++-- profisee-platform-0.1.26.tgz | Bin 0 -> 5567 bytes profisee-platform/Chart.yaml | 2 +- profisee-platform/templates/secret-purview.yaml | 2 +- profisee-platform/values.yaml | 4 ++-- 6 files changed, 9 insertions(+), 9 deletions(-) create mode 100644 profisee-platform-0.1.26.tgz diff --git a/Azure-ARM/Settings.yaml b/Azure-ARM/Settings.yaml index 685f15f1..bb513fbc 100644 --- a/Azure-ARM/Settings.yaml +++ b/Azure-ARM/Settings.yaml @@ -85,11 +85,11 @@ cloud: clientId: "" resourceId: "" purview: - clientId: "$PURVIEWCLIENTID" - clientSecret: "$PURVIEWCLIENTSECRET" tenantId: "$PURVIEWTENANTID" url: "$PURVIEWURL" - collectionId: "$PURVIEWCOLLECTIONID" + collectionId: "$PURVIEWCOLLECTIONID" + clientId: "$PURVIEWCLIENTID" + clientSecret: "$PURVIEWCLIENTSECRET" aws: isProvider: false google: diff --git a/index.yaml b/index.yaml index 18898c49..13a91874 100644 --- a/index.yaml +++ b/index.yaml @@ -9,6 +9,6 @@ entries: name: profisee-platform type: application urls: - - https://profiseeadmin.github.io/kubernetes/profisee-platform-0.1.25.tgz - version: 0.1.25 + - https://profiseeadmin.github.io/kubernetes/profisee-platform-0.1.26.tgz + version: 0.1.26 generated: "2022-06-30T00:00:00.0-05:00" diff --git a/profisee-platform-0.1.26.tgz b/profisee-platform-0.1.26.tgz new file mode 100644 index 0000000000000000000000000000000000000000..e29f723412269b5d6015e13e44c2d3b46b57f922 GIT binary patch literal 5567 zcmV;w6+r4AiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PH<~Z{xO-`?mpq2cEOQwhzy;>^MoG;@zF=c-vsJNiNQA?*Ro0 zTAJ8wWKl~}_NLq1XFpI9CF+MIJ8_(D>servh{NIV#|+8gaOg97OE^H=cd@voY~C5p zFcZc-p1ZHM1g2@4$Nhfz(=^TePqTN}d)4h9n*HOWL(@EbWp?|=z1}NiZi|5`2)MxP zmHFhd@|F8a0Q=-4Fixmvp+&EOeLwlLYjlqdv*7@@8SzE>=zZkq9wW6;M7I=a= zT%@U|KWOOz2d1Tc7>};CR3CG`q|DJ$uLk4s&zIMyt!6_F!Rx@gA#<=2isvBs$g|nK zFD&%>!+3N)x*3lyhS&eTx`~jmGbi4_wrSuANqlhn{_J8f9A197xY5eLB`#cpPdO2k z-Nyxl`J=3g^S5W`qwCStWsyR@jtVnZ(R^hUnpRtd=F%zkZbB{Cx`5@7fdif(*yS0d zNI7PTygt`3WYxwq%s}UC{L|oiq_G8`1uzf0ryl>nTnn{|-&OX}|K7+Nou6KeH3CbR z417PvQ9}ZJm)@UwQwE%02QFAhumGY&!mltM>t85wY^~+vVK(?ZV1Nd;APYdJgn=!4 zNUI+X#Edc`?j>`VXQ#t#^=+4cC(gpg9-g0#E^f|F3&~@!83;unLK}~U*Q1+U?@FeI zE+%sewPr&2R;R=58O$*^KF?iFv2Rc|?JRkxXPQSH^Qc3@P80VXTV~@ONg+q{%y~M= z=-Vv;mg#!N!=d{$`ctw1FUPlww?UZ)EJqjSn7CVOVcQM30Cqtg7)BbP+iYkbaH68)S~Bsz?S?!i7X?DeY!p zIn-@t5ZY2miAIvDYj`cCTN65gr&_}K;D?bK`BEq>^hesRU(#O@LM@rjTUPd~OekZf zh$bMll1G+ilj*#9x+=>6dAyc|vPA7c$Z-2Bwa<2+BC7+nxYPRpqZ z4fV-8xc`U)S6Jv4yF5v`Q=ikuP?BSzgL%LOngFsHU;z#y9uhM^_>LowI)E5(8ZaBs zl+nOP*mKYfFXVUZ07Je@iGBZu%eDO-+%IH7dKYL~IMY{(tV~J2^H3dgOULA&+z;vW z+R7zerBiAqDQ8^0gD-;bNU*?K9LG1RX@p zLmWhJlV*<*zem^91&&k)Vb00a0|!xoi1;2c>H-oJ%`x%N^^X>6y~iG&f`iWD-bI%_ zFf1r*Mc7=Thn-r3{!i5UNSFw)i{4{Ip_BflSthTukFE8Bdv!H_xS3wRPD* z@dLIXu(V2>_Vv|=>yKxnpKnGNgWTL6gew_^kXsf|*9AN2Hib02JU<@|Z_X|+N>&M3 z%=)!N1~apqz)M~#$(d$@3I9mlU=Dg~OevkZnC*ofQaf-*2{PK?j(g7inm zGG)UW%CVCZetiXSw~&8n6746(uMk0gii*9Q{04SxL9VDkvY(HcHL~{NSnAs`(Tl97 zig0F+Lm5sZNXvp71g<4yWH53{4EhJnnvpg$(n+esPktVBX z9RA5|tAiiCbuNAUNu5?axk)s`f1Y3Ebu>;I>D&mR-sgI8y{Od8>2D( zJd=q|_g!L#(uWzIg8;@;kBlp-odUE33n2CX`1rnXPS6UC)|!jRAU@tuC~Mf_awjSY z+v*%@t-5C>c^YdEl%Aks#;|^J@noeEL0dngMOziylwRaR5@jf+CJI|WhRMqKws~v+EI|{9Lr{9z#eP-Ut|A&a&(xt{~vab_Ur#$KyIeX`C=Mb zFHDr*1=zquJK7Yp?9zW2jh(Y_?36D0T@V~1y4so_+ldD#kNr|-LipV3bYxO{VfGB{ z6GO`#dW<>BcQDEuIvQDs2fk04`0r%w+H@Wv_>3&DkQqnT)Pb=wP840HTG?$0-JKWdBvY{2w0o^Y*{)VSm5>-w9;yf27hI_WXP7udvmnTPqNP zcvIeNXgJz_NBNeg(|zJ_9xlrN_!Lk9YI&e#JdGXB%d_h4=;b6naQK;c4qfs=AZBv6 zp**SIgqxB#5&A*N-mJVx<^8RSLkGk|E)l@6+m07@MVhJSS{Y5Xg|4TmNDeX%?kvf1bFTucn;!r8ks^dbW^*s#40@xu%pyH2$iR%X*}y^hb14 zY2zji{~NS!oTt1GN6LTyVjTMQucn*50Z>luXU)lfHKp__z>0C@I7AKz>|XldojF75 zd0;0-K>n7vV4*j*^@|kZUnp^G<2O#dH(4^5#IfsG3G=SjB9g=)y*^MwC%I^_VkApy zsat0aG36Gp!FWySD;LAH%7~EHADOb4580~@HRWV3Myzh>5BgPyHAu#|s|mi%U2mwN znY|6Mn(R5=glgs@#A>1=?OsC-#qC;T;;6*qF!Hb3}Gam0PS!c}>5P!ZuC-n-ecw zDE-K=4OhSjb;e**&*2t2PVORA?DJOc@sg_*HuVH1Ub;t(_NgnoAf+AMT|y4E@1l*o zOC}7n`wn(};(>K&oD|Tn0@uBwF0t<|G;o*ro}^PvWHJ>lBQe0vrRUyfZ|X3RdPQU#NF_#$mi1B{e>Nw%nmLSwvqkYhHad>Y zVwW?kb2Sjr6%fcbp*noc9OvfGZogVTh`%dT&Hu4I>xtH%di#%g(#y~P=F#5&YbQ`+ z|1DhdE|`El5KGGLh&L^If1N4+iK-=m=463AkBV@XRLUni=f$W-(WrV*i5TjrjuvdB zJ;ef+I5rlCbPSazOUY;S^L=|lo%=Q?zk`KZW(%#IEx5e}rZRSW-`%w~%gQa(>Z9J# z@g^C0l3SI$CV^;2*`9@$K6A_;_Z5YMDiSjx{9b#GKeulQxK2{_;|+7iJZ#o-E@o3` zm(@bH<98^nLwzg!D!csGDEF_0HmH%BDEdKi>RDA9gC!#Z+CuU!EYx}3O^eXa=+`Q^ zprGnKyM9Sj$lnDzJ4xWPfL=KVf%(8abzqj zFI~$$tb!`}k7nt1VpdX7Z8p^cb@Jak&hP(v$G!djZzoWG{y&c056gVsBO_tt8}b{c zUiI#-FnBai0V7XJU*d%}#_&`Q{edROeemr4x?}sWhWy_W7t&Z&iQoVFTA)t;5A*R~ zdxs~-`}_Ypfpz3xT|cOj^A&?cllEtH%t$l@`U540sxRHLUk7Y1|H>a=i}K&=7v#Uc zpZ|9P&m{lpb*r`I|B)_XC9?n0ZTdCAn)1(Qm_66|k9lO~<9~Hcb07a}Cs5)4kw%{@ zx_>-XRfOY7Qx4Hpb3qxNLL8Ji9~GcRA84VRQ!2S010R&iJbD{OhoW{1cCe z=rY$M6+rF&|0F;EcYFK!e>bo#p-u;heiy)}T*wr|=iQ9F6@u-?qUtj!#m`6W-QNY= z609Nr@om+|zX(yg{x|dcf3v^e|L+Fk`QM{rb05&B=!+!EL8>eC00g@5=OTLVZv<}> z){uWn9J{SzSU*M!)Xx6}`+xW7sK1y0UBI^FIWtH~cKwgKKC`#$Jv*!`|IzQybN=5u z$;bcd_WJw#|2u)L%D;+QQX&11xZJka0?!C*%D)Q5_NaH^YURJ1kN?{}>Fxc0b^_a! z|74J88X&pftBbt;qE6PP_R`Jqw}Un0KYpO)+4le4u9=VjV;=SQ^1l;!0sDVEo=TPp zS5eAMO_VS-Ad?_rWebD?)m(&xGJ*kf*P}Jeyf0KuRDX+TP3k54q*BUN+oTm#i|en| zlq;5Bdjrg01lG|1da&2$xc_e+7UMr1?caad4ZM{7Hyc5?FcYjDI%%(+o(5~m|K?6# z8azV&`$v2KkDb6v%72BE*xKRP_VWKUSVR7`dzsH;|Lva?<3H~0Kf8fV<-Y{K<`VMS zYNO<7g(?k_xh|X_#V;A?N+XV;p7#oi-&Dw9zJvQ!US5Amy;3dz;Wgpsj{jjE9v1yS z5BKLkJAqY#8D9{uoWj#vZksm3uQvx=#Orje-{V7@);G>rmlr53O|9K}+ z5z}uRcmEiwgZgO-pj!Snjr14g36)I#MW0mlq!9pDA1TL*;et9aq=6^m1wc)(z+x>? zZ3w|;=8cuLAJ)_3eH20tZtxV{AIPOkU^=;Y&5}f3*=AV6vXF$!DC#y^73)q#x|2=a zjuN$4Cyf3Ewt!qrlkh!~Y&<&kcv3M^e#L7_n`O-%X=d5a_&XW+Fzk+Z3wIe2_pDB2c1+kpUyJ$y*3|N39J1S6Y#h!b4p7X~X+m^3So#msYbF z5vRPNmVD!8!b?7KF&D)C!KL=ySWuRYn-jH2=^Ir`Zoq_pj1ZjcJ3hBO3fJR_TfSj6 zrj$;xezk zlObX7g{_oy7*XDBt`2FM4``Z}5Jxd>effg2Q3O=%0rc?DDM?gg5IsCtg=B%J=;5K2 zE2Sj(X$UErOBUb(mpwVj4lDRvc;KTvSZcIRUIODYaNT0sf41}A5F)qVeDfoScD#a5 zTIpLuPUitfZ4c0!v7o*W&YN$)Fc1Orige5ea5;PtGe(!_jWWxr=@=1?9J=)0WQL1W zYXrNe;Np925;1igLFPaMkt82wM(V2hXJu^H%Go3n%5@k8oYzxV1w*aW@p+;JgiRHB zrDSJHv#np=7E#J#hHa)Jcg8`LdV3Bgz+1d!beXSV9f`1ZM9d6m7g zBJ1(EZq1&rZ&n8CcvS7``%ZWK-+pa!*A6P{P|nF}e#eD37`MoC@qx!mj`O@cev&DA zMQy)^iHBEZ?aDYzGjU1@~gLwWzp$g+911QDBAyx8Mt#Y^(fm` z*v`81zoX+^{D{yiLCj=oBk6qaIqi@2qRZ(-?8UN3LZ>Di!=Jh593*bgO)_h(0_bu zAh{by)C;pprjQQ|xx@pb*)UGWzlJtCNn}XpbLydw!!dFQa*+1sBD`A;$+D4G&6 z3nqvYAr(Yit0=1jpQD;lPe+rvW_SUJ<2j&3bPB2}i#ZZA!v9>tx`#dNVGmn`{|^8F N|No&np4b4e008?V9Y6p8 literal 0 HcmV?d00001 diff --git a/profisee-platform/Chart.yaml b/profisee-platform/Chart.yaml index 2040123f..cbfcb3e0 100644 --- a/profisee-platform/Chart.yaml +++ b/profisee-platform/Chart.yaml @@ -3,4 +3,4 @@ appVersion: 1.16.0 description: A Helm chart for Profisee Platform on Kubernetes name: profisee-platform type: application -version: 0.1.25 +version: 0.1.26 diff --git a/profisee-platform/templates/secret-purview.yaml b/profisee-platform/templates/secret-purview.yaml index 25779df2..2009a38c 100644 --- a/profisee-platform/templates/secret-purview.yaml +++ b/profisee-platform/templates/secret-purview.yaml @@ -5,9 +5,9 @@ type: Opaque metadata: name: profisee-purview data: + ProfiseePurviewTenantId: {{.Values.cloud.azure.purview.tenantId | b64enc | quote}} ProfiseePurviewUrl: {{.Values.cloud.azure.purview.url | b64enc | quote}} ProfiseePurviewCollectionId: {{.Values.cloud.azure.purview.collectionId | b64enc | quote}} - ProfiseePurviewTenantId: {{.Values.cloud.azure.purview.tenantId | b64enc | quote}} ProfiseePurviewClientId: {{.Values.cloud.azure.purview.clientId | b64enc | quote}} ProfiseePurviewClientSecret: {{.Values.cloud.azure.purview.clientSecret | b64enc | quote}} {{- end }} diff --git a/profisee-platform/values.yaml b/profisee-platform/values.yaml index 8bdc5b57..a0f45130 100644 --- a/profisee-platform/values.yaml +++ b/profisee-platform/values.yaml @@ -84,11 +84,11 @@ cloud: name: "" clientId: "" purview: - clientId: "$PURVIEWCLIENTID" - clientSecret: "$PURVIEWCLIENTSECRET" tenantId: "$PURVIEWTENANTID" url: "$PURVIEWURL" collectionId: "$PURVIEWCOLLECTIONID" + clientId: "$PURVIEWCLIENTID" + clientSecret: "$PURVIEWCLIENTSECRET" aws: isProvider: false ebsVolumeId: "" From 34000ee5f686c6fdf86276e1d5780ad3761bf7c1 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Sat, 3 Sep 2022 10:12:43 -0400 Subject: [PATCH 086/141] updated to 0.1.27 removed curl meter progress and fixed stateful set --- Azure-ARM/deployprofisee.sh | 4 ++-- Azure-ARM/prereqcheck.sh | 4 ++-- index.yaml | 4 ++-- profisee-platform-0.1.27.tgz | Bin 0 -> 5564 bytes profisee-platform/Chart.yaml | 2 +- .../templates/statefullset-profisee.yaml | 2 +- 6 files changed, 8 insertions(+), 8 deletions(-) create mode 100644 profisee-platform-0.1.27.tgz diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index 259f7897..138e6d83 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -390,13 +390,13 @@ fi if [ "$USEPURVIEW" = "Yes" ]; then echo "Obtain collection id from provided collection friendly name started."; echo "Grab a token." - purviewtoken=$(curl --location --request GET "https://login.microsoftonline.com/$TENANTID/oauth2/token" --header 'Content-Type: application/x-www-form-urlencoded' --data-urlencode "client_id=$PURVIEWCLIENTID" --data-urlencode "client_secret=$PURVIEWCLIENTSECRET" --data-urlencode 'grant_type=client_credentials' --data-urlencode 'resource=https://purview.azure.net' | jq --raw-output '.access_token'); + purviewtoken=$(curl --location --no-progress-meter --request GET "https://login.microsoftonline.com/$TENANTID/oauth2/token" --header 'Content-Type: application/x-www-form-urlencoded' --data-urlencode "client_id=$PURVIEWCLIENTID" --data-urlencode "client_secret=$PURVIEWCLIENTSECRET" --data-urlencode 'grant_type=client_credentials' --data-urlencode 'resource=https://purview.azure.net' | jq --raw-output '.access_token'); echo "Token acquired." echo "Find collection Id."; echo $"Stripping /catalog from $PURVIEWURL." PURVIEWACCOUNTFQDN=${PURVIEWURL::-8} echo $"Purview account name is $PURVIEWACCOUNTFQDN. Using it." - COLLECTIONID=$(curl --location --request GET "$PURVIEWACCOUNTFQDN/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="'$PURVIEWCOLLECTIONFRIENDLYNAME'") | .name') + COLLECTIONID=$(curl --location --no-progress-meter --request GET "$PURVIEWACCOUNTFQDN/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="'$PURVIEWCOLLECTIONFRIENDLYNAME'") | .name') echo $"Collection id is $COLLECTIONID, using that."; echo "Obtain collection id from provided collection friendly name completed."; fi diff --git a/Azure-ARM/prereqcheck.sh b/Azure-ARM/prereqcheck.sh index 3c25d469..4f57a92b 100644 --- a/Azure-ARM/prereqcheck.sh +++ b/Azure-ARM/prereqcheck.sh @@ -136,10 +136,10 @@ if [ "$USEPURVIEW" = "Yes" ]; then #Check if the provided Purview Collection name exists. #Acquire token echo "Checking if provided Purview collection friendly name exists." - purviewtoken=$(curl --location --request GET "https://login.microsoftonline.com/$TENANTID/oauth2/token" --header 'Content-Type: application/x-www-form-urlencoded' --data-urlencode "client_id=$PURVIEWCLIENTID" --data-urlencode "client_secret=$PURVIEWCLIENTSECRET" --data-urlencode 'grant_type=client_credentials' --data-urlencode 'resource=https://purview.azure.net' | jq --raw-output '.access_token'); + purviewtoken=$(curl --location --no-progress-meter --request GET "https://login.microsoftonline.com/$TENANTID/oauth2/token" --header 'Content-Type: application/x-www-form-urlencoded' --data-urlencode "client_id=$PURVIEWCLIENTID" --data-urlencode "client_secret=$PURVIEWCLIENTSECRET" --data-urlencode 'grant_type=client_credentials' --data-urlencode 'resource=https://purview.azure.net' | jq --raw-output '.access_token'); #Strip /catalog from end of Purview URL PURVIEWACCOUNTFQDN=${PURVIEWURL::-8} - collectionnamenotfound=$(curl --location --request GET "$PURVIEWACCOUNTFQDN/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="'$PURVIEWCOLLECTIONFRIENDLYNAME'") | .name'); + collectionnamenotfound=$(curl --location --no-progress-meter --request GET "$PURVIEWACCOUNTFQDN/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="'$PURVIEWCOLLECTIONFRIENDLYNAME'") | .name'); if [ -z "$collectionnamenotfound" ]; then err=$"The "$PURVIEWCOLLECTIONFRIENDLYNAME" collection name provided could NOT be found. Exiting with error." echo $err diff --git a/index.yaml b/index.yaml index 13a91874..701d20f3 100644 --- a/index.yaml +++ b/index.yaml @@ -9,6 +9,6 @@ entries: name: profisee-platform type: application urls: - - https://profiseeadmin.github.io/kubernetes/profisee-platform-0.1.26.tgz - version: 0.1.26 + - https://profiseeadmin.github.io/kubernetes/profisee-platform-0.1.27.tgz + version: 0.1.27 generated: "2022-06-30T00:00:00.0-05:00" diff --git a/profisee-platform-0.1.27.tgz b/profisee-platform-0.1.27.tgz new file mode 100644 index 0000000000000000000000000000000000000000..276e052f9d266ab312f7d370c245cb386272d1c1 GIT binary patch literal 5564 zcmV;t6+`MDiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PH<~Z{xO-`?mpq2cEOQwhzy;>^M%L;@w^9c-vsJNiNQA?*Ro0 zTAJ8wWKl~}_NLq1XFpI9CF+MIJ8_(D>servh{NIV#|+8gaOg97OE^H=cd@voY~C5p zFcZc-p1ZHM1g2@4gML5!X_{vKr`bE~z3TQ4&Hi9u_KwY0X171+4PGI0TMSe|zy)Tn z%qN$XuiRGx*e4%>aY8){EqV>?`^leOqdPFnh6CJY#24YW6Z8|fb7adgf^I28SMm5k zSMm5k)I;xr2`~=?@P>!yV4=b&YlwRvEQEdEB{r6{8w*vgX>^U=apR?1=I;ST`Cni+ z0KQEHP$U0G$KAaAADPGfz5MS2_$PM^Yyr$d%?3gUMFQJ;J^r8bi<9@GR`k`u0#7i9 zi!}B02Q59|z_hdvSNBAlsQ`J)ya7L^X2tvtJzRP@H+5r$Q-PM;yDOD@@#hR z3k$veFdm(cZpNdF;q||-ZXzV?%!zkm+cfZmBz|)G{_NspIK2FDaif)gOI)}HpK>B7 zyN?S9^G8_~=Wox>N7tjP%OZt*9TjG-qWQ`yG_AG@&81W7-Go}ObpgvE0|z`ou*)+@ zk#fuwd3~;7$f}KJn1RmO_@|TWk;WE$7Qj60o_hQPb1l>=eplH?|9c~Abbfj<)(9+N za^m|jjv5l+yY&9dn=;`1I&i^4f&~yI5`Km8SpPzaV{0uR53`fs0|w~C7GweFlrXSm z4{7zoftXQ7#Jyzh^6Ye&t-kFN@Wffz*u(R)(Z$W#X(4$GHUpsuL}=sD@OpHU>s`sz z(8XkKq1H?Y-|BR@J%c&s#^<@qDfSJ@rky44^i1=pV;*%#*lFUvW6Ny3BPryFo;gn^ z8GXAYz%pIWcsO*QMt@2c;N|#s@ir*)faU1I920kIEo{317r-v41H(uIbej$BV?5kk zGADv3W6$;j3w2G?R3GLrms$aJ%~-22_!IyyWGUjC=6hAMW`oS}R29i!O1O|nEv4NI zEQh+y3_@E9DbYw$bq%kjbZbH<@Kj4UKlx##M!pmZ3;mI{>zDLbgiuSS^OlwUDig|> zDWXYCB@QhsVIeLF`c3zGq`H!(qKHU7&%Hup_K4^bE zG#f6l!Q=3jxNwREw$SVIv*GAsJUTtOIgyhMoOwiy!zFEmFr5DDU(JS3xhPMOnkyw2 zxB3^=?QyZfEFJ|2#)Z^D#!aGyzdH~P2CYP&RW;t>;eNHX9EzhZPj962qg zDm2t5@8JF;4qRcOTkP^A=W`G4ah%bGE+zK;8!p%OcW}Ru1?gR&Y2i#?DY7yp{mw&m%q<<0e{w&h z(`zf2bd^r2nWVVU$*tT&6f(vmA^X`Yl%SaWQC2;h#Dht)_sQ2zfQO59jmy+zz%F`^?HTa^4XGy>nFKOf8*(v?vt&GFM&3M^TGiHN z1H}*6g22)$ZQ9pYAFe;1jefovU7Y0R_8?rzD1_XyfVwW&Nw+Da;pO@HXn1pWc~P=T z$YR#7B{GIQSrTVqP;)Gb#7naoogqRdKQQ1g-d<>LNNz+CV9v;Xu5N7?;fuXo%#-0%N(0bjnf5xGUi$7t6dPD#<~z|bZe z)P8tqHgsDN#*R-NH8_mB@3=u|XVGmo?uh4DC|uYpozQH|L14Luv@)Aae8=w=ibkv1 z;6A85LS!E@)k-OzM@}vDTBq5s$Jo)=eciI+V zefgi0=aT=U-k>1==HC9h6R4K|+|2(xYM@*gbIS@t;)Y`QcqNf1`3Mz}C-K!Qh_&T^ zLOh3f)5k0WYUh9RI4A%8-cfHa|GR*l%>O?`V`qi@ho!ZB>a>%&W}-4^!j5%{C5wk> zYw3m-#44g~h4gg_?3Q6;`G3SRpnm@E7UchMfBv%**ya3Rtp+w)2CSnYHe6R^^~Z*p zzgkUFEB}$T&X4U7wu?F6Q~}h;f4?^{^YVXmc)XYYUBF}K|JaDz=7KUXY)*{N?Sk}2 z#xiBY8p^Sg6MlUKaJP_uX%g)x#;*`Teu|2{ocsoMY(cK5K(e2YnKiQZ;#lh2G0}^x zr;2cSn?#43`ex%Uacz-R6)sQD$CZt{jcCZ%{q{7IcwJh@3U!+)M%<#jYpQEIqV=ULCmtvbP|;8vkja2p?6JR74i z{XCP2PWN46hth``o`V3!Q;&=*s+|I~1PdVb|M>X6a8A$)jnp-|Sa#pO;^ z61LSj)LM1VO!73=9wDCH_ zAl{TW8yb$b-%-Bh>2#ksoQI3@KRyLifLb1C8Bb$}^YW~^J9;^Z4;+3boq~Da5A|#z2UVq%wR24=k7)c=C71O`P3e#5 zrqaeu9R4?G-8fHqAC8p&{>3=->t9Vbdjp`H+RvJk|7uFz? z)bqejjDY+talt}wZ0i>(#J^DD*v4<1dT+91E{S8;u@dH8twkh>ll1yP4V~no!HSVA zsikh6HN=!#zy{+rrLSBJ*D51IUVmiDVm@TAI@FYtxfrp!r9bFb9o8TjqVcoV9bix8`cj%ZuR zkJMsqWo>)Z0E{UH9XP&NO@_N*sbf9mZ&=5a4S|C>j9|F4}u zjs3T9$-7_z_CPEtyCdGT=>2u3{3oiG1e%it_B<-WSyCyV?3@>)8bzb(K_z0SqdHo! zk@ge|SmM}N9MUmVo-8Gw(a-no33cwv#j^HVu1^Kaci2l z^kTvY18NoHV=+tDG@JFH{718NJ25M%s5YBwfjar`4f6ZH-k`VN|Lp|I&;Q4<`(c^Sdt@Yxd_#WY z)T`dz6$X#yDPZJD=}WxO#u%Q;p+C@M&iR*IoUa%pnzTQoV@9GO&>tu{RDJ1|{W@TC`B(k`Ta^D^zaanp z{rtZZcqaKzuUoAx|BrMDE0O(|Zqu&`)|7uf!|b`vf6OB@AOEXscK7kWb^;atA8GWt zqWi~FRYf?SH02OoH5ZiODa1jU^HBk6^nn)2IaLXf9kqmbc;)d4>x{4Z&c6<8$UpIj zh%R$IQUTQN|Bv(Yf48@v|91o166$o2=yw5p%7siZeBRB-TOrtPEUG?(Qv7_>-u+#` zEx{V{AKzAe{EHB^>wh!9|Chh+<$o6t&;K43oBM!1MPDRQ4pLpA2O!XeKNrz^e8=pmzQ**#Emn19LC`yMS%Ub7qi~?D`*deP(ahdv;h?{-fWY=loyF ze183Zw7>tq6WFT!tEeRv(*KCdZF?>7jIgHst59r@dKa!%{=513zun{B-v4JOuub_- z28pHtlKZ{7$m=iaWNm6M-5h^ASVR8f2U?zO|KIJJ`S?HPQGYN0JAoIl|HtF0WSMXk zrQFm+2~z_y2@+PeKqyenMMx+k7%+D|TEooyLe)g|w}{rHUb0UrrCha5T0ynA{#s4B zV)?ZUqOWA+35rhjf!P=pd_S)%bu%`TP?)0U> zBjmq7*!zF%1YT19E1bmE4#&2a|EIwk@~_>?d>;F6|F{_cac}?G4Qwj^CHOU$kk?il zB~L3OT@ zpa1LxRtaW&LA-JbPj8XOmp|j%`MV z&{QvDs4&xECR_bsp$qE4Uq(is6Ds9jU;(#*>v9lJQ3BQS-|ZFOf9!Sl??3MbDq{ML zyo-_jB>LcY?FP7Fet$stqC7 z%)GI(_QQI5ypKZ2!400G`vbXj2}~y!uUV4FE87f9SQe6S8AaVjt76@$NO!WS+fkwx z>x9wYz!s2;X%fCil8r~F9#1Mp%CC4$X|t@kBh4)P8Gq-5(IVZ_NH&4kOCD&D9}I^8roM65=SPtuJ3tHj03XJ%An_Iwgr}45EhztB@@46g@n&a;206 zKMf&8bIAfc;Ibzt*o6K;LYK>s` z6kL3-O(Ld_Bgh z92+Q^P~X9Qk&!ZH3U65IQ1#5@N@lMz4|r~yS-*sOIkQDR^2}CU8Q(tlE3dLwR%AUM z*R9#}_07sa9gnJAec$Ph|J$!k?%F|R9m+Xb&F{GI2ICfaEkLYj2xb6g2TLb0O_QE_D*;v)$&nB{)wQ;SymUy@Q zDR?fE*!=oLJ++$MYrAAl3J)0AevsY4B^E6s!Z&O`$nM?{n!}v3`NP9oo5ng3Z5VU<+)bgu0jAb$DUfK-%VoOXbk=ftd|91ih=n4w~%;QK<6m>gV&cH*HfVd9vrpU+k9i9R=nvDZ=Gb3C* ztIAPmm_SpPP9keQ@uvSo3|uV80>a4E+IQ?Zl7a`*(Bh1~@xyr5;GiWDGxQ(d8c6QO z5%t2Xk}2c^LoV^aXf}+~@votcP7)c?`J8&_<8X`|!g#Y`Oo`}3KcY%B8^+{!)`@;3 zpJvle_l_|&Bi|rzVzjf3BHp*#60|qGBRy8{_%e@-$%>{4LCYG z9Z4=?19r1v5C?E4&cx_%&4#hyHg%x$=TbIB`H#EX@OgJjWz_or%E~K@N5Qhw}-?G;u!GAG`hy;X5&CmWHXSNWTKe+S Date: Sat, 3 Sep 2022 18:08:59 -0400 Subject: [PATCH 087/141] v 0.1.28 Variable changes and updates. --- Azure-ARM/azuredeploy.json | 10 +++++----- Azure-ARM/deployprofisee.sh | 6 +++--- Azure-ARM/prereqcheck.sh | 8 ++++---- index.yaml | 4 ++-- profisee-platform-0.1.28.tgz | Bin 0 -> 5561 bytes profisee-platform/Chart.yaml | 2 +- .../templates/statefullset-profisee.yaml | 2 +- 7 files changed, 16 insertions(+), 16 deletions(-) create mode 100644 profisee-platform-0.1.28.tgz diff --git a/Azure-ARM/azuredeploy.json b/Azure-ARM/azuredeploy.json index 2f00d09f..2117a6cb 100644 --- a/Azure-ARM/azuredeploy.json +++ b/Azure-ARM/azuredeploy.json @@ -230,7 +230,7 @@ "UsePurview":"[parameters('UsePurview')]", "PurviewUrl":"[parameters('PurviewUrl')]", - "PurviewCollectionFriendlyName":"[parameters('PurviewCollectionFriendlyName')]", + "PurviewCollectionId":"[parameters('PurviewCollectionFriendlyName')]", "PurviewClientId":"[parameters('PurviewClientId')]", "PurviewClientSecret":"[parameters('PurviewClientSecret')]", "PurviewAccountResourceGroup":"[parameters('PurviewAccountResourceGroup')]" @@ -297,8 +297,8 @@ "value": "[variables('PurviewUrl')]" }, { - "name": "PURVIEWCOLLECTIONFRIENDLYNAME", - "value": "[variables('PurviewCollectionFriendlyName')]" + "name": "PURVIEWCOLLECTIONID", + "value": "[variables('PurviewCollectionId')]" }, { "name": "PURVIEWCLIENTID", @@ -770,8 +770,8 @@ "value": "[variables('PurviewUrl')]" }, { - "name": "PURVIEWCOLLECTIONFRIENDLYNAME", - "value": "[variables('PurviewCollectionFriendlyName')]" + "name": "PURVIEWCOLLECTIONID", + "value": "[variables('PurviewCollectionId')]" }, { "name": "PURVIEWCLIENTID", diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index 138e6d83..ac6198f1 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -396,8 +396,8 @@ if [ "$USEPURVIEW" = "Yes" ]; then echo $"Stripping /catalog from $PURVIEWURL." PURVIEWACCOUNTFQDN=${PURVIEWURL::-8} echo $"Purview account name is $PURVIEWACCOUNTFQDN. Using it." - COLLECTIONID=$(curl --location --no-progress-meter --request GET "$PURVIEWACCOUNTFQDN/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="'$PURVIEWCOLLECTIONFRIENDLYNAME'") | .name') - echo $"Collection id is $COLLECTIONID, using that."; + COLLECTIONTRUEID=$(curl --location --no-progress-meter --request GET "$PURVIEWACCOUNTFQDN/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="'$PURVIEWCOLLECTIONID'") | .name') + echo $"Collection id is $COLLECTIONTRUEID, using that."; echo "Obtain collection id from provided collection friendly name completed."; fi @@ -437,7 +437,7 @@ sed -i -e 's/$ACRREPONAME/'"$ACRREPONAME"'/g' Settings.yaml sed -i -e 's/$ACRREPOLABEL/'"$ACRREPOLABEL"'/g' Settings.yaml sed -i -e 's~$PURVIEWURL~'"$PURVIEWURL"'~g' Settings.yaml sed -i -e 's/$PURVIEWTENANTID/'"$TENANTID"'/g' Settings.yaml -sed -i -e 's/$PURVIEWCOLLECTIONID/'"$COLLECTIONID"'/g' Settings.yaml +sed -i -e 's/$PURVIEWCOLLECTIONID/'"$COLLECTIONTRUEID"'/g' Settings.yaml sed -i -e 's/$PURVIEWCLIENTID/'"$PURVIEWCLIENTID"'/g' Settings.yaml sed -i -e 's/$PURVIEWCLIENTSECRET/'"$PURVIEWCLIENTSECRET"'/g' Settings.yaml sed -i -e 's/$WEBAPPNAME/'"$WEBAPPNAME"'/g' Settings.yaml diff --git a/Azure-ARM/prereqcheck.sh b/Azure-ARM/prereqcheck.sh index 4f57a92b..fcd66871 100644 --- a/Azure-ARM/prereqcheck.sh +++ b/Azure-ARM/prereqcheck.sh @@ -38,7 +38,7 @@ echo $"USEKEYVAULT is $USEKEYVAULT" echo $"KEYVAULT is $KEYVAULT" echo $"USEPURVIEW is $USEPURVIEW" echo $"PURVIEWURL is $PURVIEWURL" -echo $"PURVIEWCOLLECTIONFRIENDLYNAME is $PURVIEWCOLLECTIONFRIENDLYNAME" +echo $"PURVIEWCOLLECTIONID is $PURVIEWCOLLECTIONID" echo $"PURVIEWCLIENTID is $PURVIEWCLIENTID" echo $"PURVIEWCLIENTSECRET is $PURVIEWCLIENTSECRET" echo $"TENANTID is $TENANTID" @@ -139,13 +139,13 @@ if [ "$USEPURVIEW" = "Yes" ]; then purviewtoken=$(curl --location --no-progress-meter --request GET "https://login.microsoftonline.com/$TENANTID/oauth2/token" --header 'Content-Type: application/x-www-form-urlencoded' --data-urlencode "client_id=$PURVIEWCLIENTID" --data-urlencode "client_secret=$PURVIEWCLIENTSECRET" --data-urlencode 'grant_type=client_credentials' --data-urlencode 'resource=https://purview.azure.net' | jq --raw-output '.access_token'); #Strip /catalog from end of Purview URL PURVIEWACCOUNTFQDN=${PURVIEWURL::-8} - collectionnamenotfound=$(curl --location --no-progress-meter --request GET "$PURVIEWACCOUNTFQDN/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="'$PURVIEWCOLLECTIONFRIENDLYNAME'") | .name'); + collectionnamenotfound=$(curl --location --no-progress-meter --request GET "$PURVIEWACCOUNTFQDN/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="'$PURVIEWCOLLECTIONID'") | .name'); if [ -z "$collectionnamenotfound" ]; then - err=$"The "$PURVIEWCOLLECTIONFRIENDLYNAME" collection name provided could NOT be found. Exiting with error." + err=$"The "$PURVIEWCOLLECTIONID" collection name provided could NOT be found. Exiting with error." echo $err set_resultAndReturn; else - echo $"The "$PURVIEWCOLLECTIONFRIENDLYNAME" collection name provided was found. Continuing checks." + echo $"The "$PURVIEWCOLLECTIONID" collection name provided was found. Continuing checks." fi fi diff --git a/index.yaml b/index.yaml index 701d20f3..6ce4244d 100644 --- a/index.yaml +++ b/index.yaml @@ -9,6 +9,6 @@ entries: name: profisee-platform type: application urls: - - https://profiseeadmin.github.io/kubernetes/profisee-platform-0.1.27.tgz - version: 0.1.27 + - https://profiseeadmin.github.io/kubernetes/profisee-platform-0.1.28.tgz + version: 0.1.28 generated: "2022-06-30T00:00:00.0-05:00" diff --git a/profisee-platform-0.1.28.tgz b/profisee-platform-0.1.28.tgz new file mode 100644 index 0000000000000000000000000000000000000000..c829112b5fdc5ae1c986801a93103e47daea40b3 GIT binary patch literal 5561 zcmV;q6-MeGiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PH<~Z`-(%{o8=Q1J5bY-G^sccATWp!@E1LB6-UAj` z(9*=_Miy0)vYYMZKKp@^C{aHw*@@$9cRdA~L>vx>KW0b{heMyyTfza_zKg{zW%JH( zhM6$#@!Wm2B`{6XJnr|ypQdT%f116+-m7l^(CnWanceR3E3?}_?j5~C=C&B9f`ALm zUYSoWD_^;91h7v&0po;v7FzTg*!Pn^yGHleFdGhVn-O1x-v;Pk;LedP#|XNm3|+2b4<^7o5WpKAo`Z!7qpTtBeXtPreV5o+(rzqNxu(%IdT$#q-7$l~4Z-WcyCHM15{l;__{g)_ zy)P{E`r~+XKDrr?E{50tzPgE!urnv#z_w}N2}yi#`r+(iFdSZfytvWIza=hQgHJgT zl-OYc|LnPgRi&ri2TL)Kc2b zz;dYD%pkO-kP?j~RoC!ZO1CC-0#CJs^T7`zHS(oUSm^h(UB9NkB7|Bpowuy)SD8@8 zOc70DDsgC8AqP^=wfEFJ|2#)Z^D%KaGyzdKl-=KYP&RW;t>;eNHX9EzhZPj962qg zDm2t5@8SLv4qRcOTkP^A=W`G4ah%bGE+zK;8!p%OcW}Ru1?gR&Y2i#?DY7yp{mw&m%q<<0e|A5n z(`zf2bd^r2nWVVU$*tT&6f(vmA^X`Yl%SaWQC2;h#Dht)_sQ2zfQO59j-#ItX)4rXDzm3Pi*|5Th<2LD3u&4_*Igq1FfN;VC%iEbd)& z=>x-pvQ~u6C3@JYHRyjwtxtrB0K4b|wr9ixG^CzjWD>|^ZOFwm&XVzz8F}+uYE@g8 z4HQ3M3j#~4v}s>oeZ2m3Hu~vibTP=y?LoMbQ3$zZ0d-xllWtQ;!^`vY(eUQ%@}gvw zkj1QDOJp!J%L%;XrIMU!Hkj~F)D7mKx5kvxsaviFGMT3~M46Sqpyng@%fTBq5s$Jo)=eciI+V zefgi0=aT=U-f=hsREy(}j{`_Yru*>W>XG zf3upTR{kSvogdpFY!`FBsRF2x|9YI(b#I;3MRk%DoA6GW+HliVa7Zqx4J=RcU*td{yxy~f@#H4a4F7q4mDkZYMXBLdoo78Kx9S9=f?I`B!EJnO@obF7 z^z%$6I^B1P9ZDZ&cn$&>PdzfOsCEj_5-fn!|Krn#!Z|@JG+JveB7^vNL!qo;i_4v; zBy6j5sI}^zndE7#Jy3driW$TD$;FeEN(62Fj23NGY*TuX4@s1vn3^bT{TL=In;C!94*X0X$haqcLzuBI9E zgi3m{SCd~M<`&nFJ>}ZNDyUlj$Eufb9sql+@qdl||H;u|-u{2sGxzKNT|jQ8%lTp& zSuaeK-v!vfL_69Pv+UA;7>%8?aO{*W`dttlBD&g|AKQrsD3AS8XF~Yg>U3mMdtvqr z>=Q%F9eRv8%6Blz8#)?UhzGt;nfUKy?Aml5A^40eu#g*^Xp?dcx5@lp!e7V_br;)LJGg<)3=DWID(G6J-BYz5E{@_w)9@?qPqw|KAB@?ti4x8}|GM?60uZrCTcy zf_PKjY-l*zen+PS8bM>PJblFNFeru0X2 zQ)%NS4*wgpZk(sQ4@b&>|6&~a^{=Lzy#Y{8?I+F2e>J7_D!__yUm%%MnL|KxL~0-w)L|V;-4vTY~xo>y*F7hm&CE_SPAp4)*_O`AiX|NLnpatuwo=j zYN=ai4Kd{wu)%mu=_?n*waSQ)*B_a(n2*`34mIUuE=H_w>5uwVhc!sXxT^`i%Uy4% zp_#o6v6}2T-h^uABE)K?660gv|o@O`dr_fC_cQo7emMp=4$Alc^d?6zi( zg*`jR6L8aw6!!g68sQxpm)Mxc*Kunkwh2zAC_Q_tZRI!^8)RqXRt?(veV6*lz*CSJNnjrOT4yC9_<-CaTsweO;h zyh|nwv-=Kqed2+2Xq*(#uL9S-qAs!TEi`bK_@1N8#+T0L*mH7~Xrs=AcpW~=e{Qwy zR^i)nMqEJL1@O_~v1$GTITTs)e-By_mY!!3y2O8wYhGR`H)@5^Q4!b|IMSl|JP2S z#{OHlv#j^HVu1^Kaci2l z^kTvY18NoHV=+tDG@JFHOJiD~5^QXCn} z%1hUB538U`{-asCotTwWRGUq;K%M;ej`RD!-f?fg|JwX`G)+; zsaL(bD-0gZQ^3fR(wBIljWIlxL%*ZRaUVQ;zwX#RtRerm#Dz3gRpR%*z80vH|HFLz z*WTgD@&5k*PGBARSJw}!?5HKg!z+(ZSZ93Gcm8!)L;i_J zM0A3_U`Wj zZVA?q|M<4*<6nfRUH_Z;{eKt|bT9uqfO!7*sMy>G^eOrxiE@zY3OxXUF8sNO-uoND z+k`dbpAyGzs~Fag(E_#ef5HCWJvuts%l|H5Tk@P4Bqh84M_r%U+x4Cu)|LP0_vbnP z@15l1e|39D`}_Ypfvw8Fids@3{g1fZw$}pB2y4o}3dQ!Qcj0Q~znhQ$+db*+{eN}> z+m!!gkZ2kpx!2|J|;ckN;yH_4o3>6L|Q_ zmI+r;%1up_Ff|~PAYo+-gaXxEgoHAJ0dv=*HO#y(R83TWi)c;iCHtgO%2nH>6;zAs zuho<*mS1}V%%23-(Eoa{*XOwZZypxoKOODgf7uPZl>IjwLAWpztQ|UOubrL-Ys&xT zPG1^4LjL>5d;gD}z)Q-1g_GFY;n?=_|1?-b{Fg?x6R+ifvr?P4zN{3NsyMveh3Jx}YBXX=L;{p;G<@7H}K5E(h@xB~UH@-QM9z;r-`sZy*18 zCr}a7Zyb037^;K%X$qiP{x^;E7v%|+O#VfmRQ04009PL=$BN;CIxwVxC*lP_O|ZaX zEm3UWzL|)luSi-W9gv%)EHd+=z(S;Mzq@$s?2%2hV=_CtQFhP6@xuRKs`5A18_no7xc7Bir!n*TnI7^j?6aO9E#0EEnQ3 zufCHZVeo~mlyn$T-fgZ9X_^mcnwAhpF>QVQin37zRO|ut@X#qqRAUf5JXnQffv4!< zp_MD8B=~6vDVj?b-~pFCImr$y_)>V_qdZt@v`$_E<1=vGV%mSU^WP96x8HsDBZzjq zf=^oMdqYm=0Y_~Q(3`QKz7Niu@4qq-0rQG<%m;8ed=)cBm*|Z$%c>(q6LIa z6?vs(XG*iJpWhWx%3_9XrXzR8L6v%Y4ko}`ykm5p885ba+C+cxCxVr4n`rb(#@>qO z9ThBO3*^{9$%OhI?u(3+F;jTMQirN%CRZ|hm3hE(+syhU)XSMI@{wn@>dN@`xnFse zy|NW@wAuKZ!I!@LF~N88hnR|pPP+lZ}oCv8P z;#x&n9rzN}jCwkn%r(OcKpf8jEuvFURawlDm=XTR64pKJVGn!QBK&^<00960FJ+74 H0I&c6I4M4Z literal 0 HcmV?d00001 diff --git a/profisee-platform/Chart.yaml b/profisee-platform/Chart.yaml index 8b8d79f7..986d59f8 100644 --- a/profisee-platform/Chart.yaml +++ b/profisee-platform/Chart.yaml @@ -3,4 +3,4 @@ appVersion: 1.16.0 description: A Helm chart for Profisee Platform on Kubernetes name: profisee-platform type: application -version: 0.1.27 +version: 0.1.28 diff --git a/profisee-platform/templates/statefullset-profisee.yaml b/profisee-platform/templates/statefullset-profisee.yaml index 98f3b82e..433cf028 100644 --- a/profisee-platform/templates/statefullset-profisee.yaml +++ b/profisee-platform/templates/statefullset-profisee.yaml @@ -128,7 +128,7 @@ spec: secretKeyRef: name: profisee-purview key: ProfiseePurviewUrl - - name: ProfiseePurviewCollectionFriendlyName + - name: ProfiseePurviewCollectionId valueFrom: secretKeyRef: name: profisee-purview From 8118190ad9be413999db44a3cf34e85022a1f27b Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Sat, 3 Sep 2022 18:14:00 -0400 Subject: [PATCH 088/141] Update createUIDefinition.json --- Azure-ARM/createUIDefinition.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Azure-ARM/createUIDefinition.json b/Azure-ARM/createUIDefinition.json index b9100b77..a2ed4dc0 100644 --- a/Azure-ARM/createUIDefinition.json +++ b/Azure-ARM/createUIDefinition.json @@ -292,7 +292,7 @@ "label": "Purview Collection Friendly Name", "defaultValue": "", "placeholder": "tHiS iS CaSe SenSiTiVe!", - "toolTip": "Please provide the Purview Collection Friendly Name that you see in your Purview account. Profisee will deploy to that collection.", + "toolTip": "Please provide the Purview Collection Friendly Name that you see in your Purview account. Profisee will deploy to that collection. If you would like to deploy in the root collection, please specify its friendly name.", "constraints": { "required": true, "regex": "", From c9055e996a3a9621ba406cb6a5f9ac42ac2e9afc Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Wed, 7 Sep 2022 06:57:51 -0400 Subject: [PATCH 089/141] Upgrade to 0.1.22 Upgrade to 0.1.22 to support Purview Collections --- index.yaml | 4 ++-- profisee-platform-0.1.21.tgz | Bin 5534 -> 0 bytes profisee-platform-0.1.22.tgz | Bin 5569 -> 0 bytes profisee-platform-0.1.23.tgz | Bin 5579 -> 0 bytes profisee-platform-0.1.24.tgz | Bin 5593 -> 0 bytes profisee-platform-0.1.25.tgz | Bin 5568 -> 0 bytes profisee-platform-0.1.26.tgz | Bin 5567 -> 0 bytes profisee-platform-0.1.27.tgz | Bin 5564 -> 0 bytes profisee-platform-0.1.28.tgz | Bin 5561 -> 0 bytes profisee-platform/Chart.yaml | 2 +- 10 files changed, 3 insertions(+), 3 deletions(-) delete mode 100644 profisee-platform-0.1.21.tgz delete mode 100644 profisee-platform-0.1.22.tgz delete mode 100644 profisee-platform-0.1.23.tgz delete mode 100644 profisee-platform-0.1.24.tgz delete mode 100644 profisee-platform-0.1.25.tgz delete mode 100644 profisee-platform-0.1.26.tgz delete mode 100644 profisee-platform-0.1.27.tgz delete mode 100644 profisee-platform-0.1.28.tgz diff --git a/index.yaml b/index.yaml index 6ce4244d..f7056045 100644 --- a/index.yaml +++ b/index.yaml @@ -9,6 +9,6 @@ entries: name: profisee-platform type: application urls: - - https://profiseeadmin.github.io/kubernetes/profisee-platform-0.1.28.tgz - version: 0.1.28 + - https://profiseeadmin.github.io/kubernetes/profisee-platform-0.1.22.tgz + version: 0.1.22 generated: "2022-06-30T00:00:00.0-05:00" diff --git a/profisee-platform-0.1.21.tgz b/profisee-platform-0.1.21.tgz deleted file mode 100644 index 9a2a860e1d275a4f59c88f0683d43b304ba69d74..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 5534 zcmV;P6=CWhiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PKDLZ`(Mscz-tF|A8N;Kz9#kS$4iHbhyuZUdP=Fnx=Vi+I{!1 zz=D=0Ha9YL3&n z^H=th`zj9Z8vz`UPrwCX)IsxJ0|!C+XV>bUSa!n$;c^nl=vg2A1N<3s)fz#!jH9b$ z{h+I4{UAosyKoGgf&|f^cm@tCt+Ix^55Pe<2z=sVg}X7={n}R7>UA40Ju`m}DD(du z`yq&J3V;>-e|&166!`zxKI!fGe-|J=`y=3U;0|gw5JD(s*w*XOe_dSm-w#{yQx8i# z#sV(0(z73p@=yRb%07;U*G6f8g;+4|8KqbK(dg$7*JrI}LodPWklv6PI4Q;pkYY$( zeji8&z5X~FUJP$W!^^?-Kd)}$O4yqb+IL+RQmK&l&)%P3_6LIxA1`l={%?s7*AOs4 zB;)r<2T}XDsiyqx`Ni;hc=e%-p*TievoO%&V0ATPw7QzlCXC)hQm}Oiivb4@s3h1I zxk|Bc%yoHvVboAV8%;3>ld{o2`qx8)EchaUQ|zBn@saxuYL%bs=EMKKQ6suIyBrw^ z7BKDyK~hIA2?%_4e@-VHgt!iUaFFC7#Dzp$VLURQFygt!%qPpN|9i**^<7EkfX)a9 zSG^%)d^nU-#)-UF#CXgIhY-W1-h zB5L4cGILOCDrMkwI>Md83=8Ya%ohv?7UPr7LUekzecZ8+J0yB(^1kD$W}>4o6p)^K zPe&O)yCuMLubzu&={^nrgv@~!==Sk8FpH2E@WKoee`_=B`k|1(FPR5}SORpL4dY?5 z+MpkkYw1dM!`k@$Dv;NiYXlQM>eltvtJQHEmbaBPX4JX zs3N9ZP1V%w&~hRQl$>k*wW^{PcS*%m(p6TD-hWba_`ZLBQC&^ZpVaDqy!l6~Smz=4 z!1(K-+3<-ARKQ!}!x@&?L9Z{)2gA$J@T`B+SDOu-QzA#vkv6U{nEd_k%|^h4tS(WK zD?^ve`d9thlWwIi2Eb)n{`%%(G#FmrL?!RwK3DK=_)pc;^;zg8D<*m&>4GETinBTK z)V7?7&`6%VgZoc7^reGtu`kk+JN-DD49z(XI+%q*qA?(s1D4<+LXn&T!gm5u<^kd$ zSjb&K6VAc_Vd|kNo~!5B1C9cp5%>O$P-pu)xSy+z%vWGY;oQ5@XjMt}TtwnnIA%@p z+5ebrudPDSRko$(ijqkuw@Qa7HB44Q{xL1}po#oR4Lx5Z!f~qm6h|k4;_{di=`%1U z1RccFLp;Q8(`ipC{taC-9|Y1b2n#_b6gf`b4-4v5($kcSgwb5r}N>@=a-|K{^ej; zINhm3aD0Z+6@ToHhS{M6FGM95=cWwC;uG`38JIIMVQk`8i-26?i3@RK%`B+-1YNnT z|4Eps-$8UDnWUvi`)=M&w~x(~!&Ua5qm$#j{@3d%m2j{B?Et=hZ6k7vtWUAlA8kqT z>A*5J8`OSyXf{k+5yoD?JiR!qyB~x_SZCgCHtq=Z926bwwM=L>W+1WBA)TC(iSNYS zT;pgp8zKO$BgFP0Tc4DYedNqRU%yt-s<%HYr6}8b(8Gg1FGezB10-6?L@3l$0ad@h z^h?_!tk3^5@?89X+&d}q|Hsk^Z%GokI>0ujsYw8fBUq+|3|&U<30cH0(P?h{}`{GCHx=t)()80PWPIzZeTDw zHZfKl9%9wfk1U9FNZY#7x5=3E5yybl`+v8@|J~C)|L+2Jx&POTfsKv<>qv+V z&lP$3v0>wHR+6mb|JYg=B(@0G$3ko>09Nq-QSZbq^8ayffB(A^c;%+~Te*-tMAlD2a)#nppt-QTB z;re!h^fK?MB7M;&@#UteY}}=;Eo!LJ7uo%|wsE%+i|D(o5o_y_hGN6MgQPE1lV`>6 za;fJtmSi=PBR>0Weeq+?&W8Yh*0&W;o)W|GU!+%i9gVUoE2!1?SHFesaB` ztE^#*E8M80Wb1pVwZ@*?r-nFXIjkS-ijm#IUsgIZ%O;N+;4w~Qq>oGXaT)y_`F zg{#n2Bh6J$v1B)UE86Rdg~RnzZo2kR1$F2DMD!9NLg0@z{;#3`pB^6;?f-}N(f<6u z3n=V#1z$`n?}dqqT7U~&wqvE3=a2q_cv&7-Nx~b`oUX9|TfS(EV z*h2I}IaS(*_N0CjDJ5^>>IW6NS#_7%`&)O14hTg)k-)LvP7ZcuoSElZ6;7=}ug0lS z_Hz#J8P1~IHXY-uC#WwacBeC-GV_eTNZrksW6t~1TiQcC-^oE;FIDrrqL)WZ{<5B{ z-pGpHAMu(hCpUHY-(Yr=Hr4NNsQvdZN0Cq3a=iHnfNE?%8&3YqF=e3uOV*X=5w#$& z{~-W+?hP2F;HE}E@s{}Dpf|4bi(=wm81Y=|H^JzeJem*0b61fPwOuYn6pDTpKCl8$ z8fdU&B`a*1TjvU7+AUy%^_t<=UW;q>5m#P+WvXsI=0hD;^pgvWSU%Gq%}|FmP$qSk zBYay3Z&-md9}Te_?FHThYc3FCIntpK*RTR(76Oq+H~8@W$`8e_6IbtxMuGc4Wd1s;Q+DN;BHDsePd5DLzrby})^75e@a^ND-!puWGr_X6bJDgjRd_ckn2+-k)ZT}5<3_0q53az-7*=8QO#lKf)UQy~do`u}CWt&i+P$;U? zGlk#^%c+A}of(y#T%%Gj5(n&kp#FV6Qip?*D>6Spx-cfR>MgCJ&lRLFGLMsJw)hhq?KkTO@n?m){Xem1J<4i=p_8)r*SYqes5=rEP8OI_CZkM%Puj_NWwJGar4W%2Rt_3Tbcjn4cmS9@IX&;w*q7k~%x(d|;d`)1?7IK3T|rAhKIHLV=P zf+J^HdFfH^VHwo%f4ob#Q?ruJYO|>nSjGRnlcN6DJF)lr-%g_LXuWn5Ce90m)xcwO&Gg1kG{y^!a>Pye;w*i~;zxD^%BLDY} zO8np3@Bcf2XX5`X+-hz9f22!T1@FJ~oPJBNCjW~m=FfHiV;|ea{9pFz=|2D0PN2sB zBg;TncK>*)sEF2+AspgRbICZKK$4WXm=$1!JTOu@XCfiCqgEh~LLQ%R&iJNd{!Lhe z{|O~B4(58K09dL2pBDH3Zg0Q;?*_KT)Y&32V*vstq$;rj(arH&DcNqqssV?}`o*lh z`&hs&!5aLZM5{jjix4Z%|8`OTw~zMv|85}J|0$E3`+z=0UZhzLGFf3JATXJ~kkNY| z5xh-UgZ~-v+_uhP{TL~*a{n*c|GURWhkO3t1#F9-bBm-x>wi@E%-*i|?65BX$G<<% z{eSPYnE$KWJKV?r?*z8W|2k_)4fj7HxNR>5o)OmMf1Qf$QQw7I$^YGA{@?CtcklnR z6WAvIr;Egp0BL-$$@1nGb@Dc~m!6J49jw9s$p>1VPyatXD%t<{=l>nS3)ugY^;B_8 zxQa^(xeQF2^jZwLUwJGj;ksFoaZDpj6OOHgwMvtz!dk1yEWuhnAuY#Tb3j_tM6w3| zo5?<(BmUbyEa(3@+JFCJH}F#SzkCMSk|bC=bs)Lz$eP94L(Ko2lCkhxQQ+~v!t0fwwac$Dka?_&bo}2cuqM}dd=5#HfvhA(#n&c^LI@NE#s}sbYe6{OA?YSF~pmRMq)w?Z+hKl zF-e?G5vQs~nc-rzX)b*8MJ-MLRymN0&ZD~O(T4Fn>d%pGmkqO=5v6*f7GmRR!V59< zv5>_5(P!@6NHU(!n-b4R$?# z84-86VFX_F$7zzzCN9L|$WQ$GBk`z+^Tj(RCt&VQ3n>nZ;yYaumYBO*NJkmP{pRwN zmc@jYSr17T%huPgC?7?xW6#mUL#LupuR-+i;FO9bo}h<^R-u=QjA(6sS!By%|Xs z1mL~-{woI=a$3e?KY%abtDJJSKyS2JPH)GE2;{K^eUn=*N~{s=pMj6>jZMTh>qs&K z7Rt2vIJZ)l?LSL%d)DqIxm2EmIN`Wix-1!Ht&A@sEmhc5kk@i{t~b~D3&f>4y3a?#qN! z5mWkxp$T=L8C**2Rqg|h+a@-sz+O#knT{f{bs@vsr+#TDbL~LZqjBAlJ>R=onyBGX zqg(y%Ovmr-kEY;uUOR?rN|w_*Dt&`*i!_%%@K;N5k(S4AGG$+z?T;|^@TnbL6$MME z)LuL%w2Ld{n{xOZg4l!z-C}bx(w1dHGIM+O_EUZ8DrbK;w3>M4m#bS< z8NFWGh`EPHL)rdsO~Id$31xg+X&YDF{~ezc;{UtHc5mu}b#-W;rfzPmF_7TXo{-`7>EwyGNYL+ZGWTCc)EbEtMquDs1 zY>}XedLb3f+g~j8PZ1y)nh-e+$4C&V1Vl2bxTyzU;*l|GR#UB}cn(P58K8N53#tc; g1(H)D{Dc zVQyr3R8em|NM&qo0PKDLZ{xO-`2K9b{{uhH0^2@3%d+Dng^KsNa~*FRY&M&Vv)g-z z0tGEGHXEAMl9ZivoBP`jlthX8V#!V%r`viK*d*d`IQ%k0ayT6NoZVo7P}?U^-Y`Dz z3}=u_>mJU@t1W?T+xBt4AO5s$JO9(}9rj*z`-gVF*Xy11?N@fUf86W60`|5TsDeO9 z$Y0q{E-PQTuLPivKOrtKqYhZ~8qoKXKf6}<*s>cQ5-!KS48IM)Pl(KctHubpVH{k> z;|E;E;|DMb-USoHDUwJuD4Zh)6h>J?-uuV_(Dw;;p`zVb=yGkVYxR1Kmu{KA2NdOh z0ZD+wHWfgP{2!gz$2s{wvQG~8^1llZpUD{U1>z29HUI!164=)3@qe9P4Bn4g(N_;j zIDrCPq^YMr80mpP+(`R49$gu!J``ffxM!qZ4#wl3KU|%*nhiY!uL63F=g3JYo+Bwn z)aCcSbinJ6Izocp9Mgg8vVclOd~o{y>|!t+e)xECZIpk53A#c) z6Ie2S9~ThjkFsjc-=3Y1u11$1iWKs7)R?)7<}0hwjM{26!lsN~hgz_8ftEv#JVYgi zL}ZX6<(Mh*>fFFkRU6MBMijh2sx+2HqpBQS6!ULbIa zIdWAG8TEsKoH35&y<+ae+37G_eV1TF6? zcNJ4Z0`c4dt(la*)9DCzhUQRMcXJ{b^ex7xou%mXZ2PEVA9ZlpY4X0~s%)a8DCCHq zc~2)9eY?SkXS$w?aOggb{uD0|&GAj(HYkgL=jft2#AItN?2WJs(fh&Kc{!TmKgJq-y#A?`$9c$n zF#dXIHVAeR73eJ{=oCumfY;||!_mcfbUL^msL2MMQ7p&dk~TsZPXG0n4@XzmVahvnpGkN(`nSsJ5*B#zhzUC+8E{x!a<;&p znwC=)8tRjG=>8K7h;+aWBqB+<)t}SG(30bTgLxn%m>}SC1SRqSra;aRfVTor<{`k5 zU;%d#m~s~Q08$Uk;6iMlgj(C*qWgs^$m{|`3upRDlT|6{cM+;%;h31> zGx?ZKudQ6tWjdv1lHx|kH);=2$QX}=>}OgiK{NTIs(Lm_1e0X%ldqjb6c+0oYoDRf zAmAWs9_#^jlQesb_&vB{1PP!!2nvCx6nTJ2faUjqGlGC*U=A?_S3f$S^&V0lTR)j4Sdf2Ho=>G(*PngR967U|nGfWW}GAcQq1S;7WaxsmwWISa?-aMCD z)z)PL#Si!bqoq^Yw66#M^YLnQJ-Qf_&g|Qm_%Rg{Qa4#ZU4Fd!bT<0=>|%U9xEPLd zt2?y_j@D2b@rS{9lrBo(Qj|(@rpeGmd}1V+BeNx@j7>?o3dm%hx+u!5g#|R9uvaeb z|0J5L-;wBqI!SAh_U)pbOdp$V4(sec{o|wT{;$_N>7MNOf4hJ$U)liQ0P9n<>kp@- zXmwy2lMQG;JTx1otq4NTXPzD$*6nw~!mP9CHXFB?dJYH|_F5-28*?O~+Cw^-O(wh* zw+l_9)ochK={-VZAF}mIDV|489q{E#8LxW!vl5Qdxd%Kv==EZ#Gd3WiwM+ag>7h1gU9)X0CocWme7|LAak{<{-+?ED`aaoa*Njx1MT z>#kjp{>c8O?N~!Kc5=dRt^jTq>Muj0{lowkBB)PMu^%SCAvd-lS5zR`&&SMKS$lCT z_3fDGMb=YA64A!d;ikFSxJ_JJR8=Jr>G`;}akl{r`Mao4YwNKFBE!A|BoQjhv(k6D z)a@B*vWmtLpGjLE{Ftrt!H1vqX~mP9#4!Bl`PE)W;}oTaTYaAOoZRXYj0$cwN(Hy^ zvBk478q?1+ndo$%U^kRL$l)AG#6{|namkERfR^L|O8q}Ry)T>-v_iwR;UY4Kk2f^R z8n(FHiAut@K8ISX?wLuR#o7a;C#aBfXr5d=S*b+OHqU6mR>d}@7x|Dx8H%Zi!Zwd# zvNFCcUdtumNsMlVsS+jf!b}xK@JS5m#1VCwS`<5=HGu*h_gh)ZSbV}+!(;|KT^Z+& zLhEXpK~JcpCwn#dHDYdY{gjigJ(NM!`af2^Scm}e#~T0F*#Dm#9p>%-hux$7`hORY zo9S}Cm{!&c6XbURF51wDQ@@02Thnr}-;ACB6pb!qAQ%vv7?>_UcV?lGW?oEb4BL&JlG}gw6qRUh( zyDed&nnqS-KTjQx)GEl;QW#Nj+#l>hNLU=r!&fsyevb~rE3YPzGBllUmm&zO2_ zDF%U@sojS5q<#}_O5Q~12PJ#6@*=hOw=NDGURK} zG7j%4&Ai?=9plRzXdoqYXLCel>KT8YxSOx0ob{!*w1;}Okb|mH%G$Z6lt(oFs*=lk zq^9&obW>^LCJz4_v~HZIybnj(fB#|}`lPL2#2W8BpQ z-{!72)X>b{hFDGZ9Bx82a}i=S(UEblp@w351tLps_~HE}3B<2cSI?PmY|xp%dFJ`Q zYW)}8@KIW;-BRV&t^klM-73m)dVIbeA2+Y*S5nx< zNyO)vh6|-1Idst_;+T13(M)Ce(+ond992+3i>B2l01>s`)>*XFbvSQ*ZyVPkQ5%H3$A8(jD=3%pz zBalx~yQ~(f9lrx<9qL=*SJmaeM!A12v_Xy3M9~kDQ_rf>I9hTnQClkBr2{&zyJ->T z8U0!XmmJrGtA^Y$O?kK-|Dou;&JfHw zW+-}*+3=F18*H2+O`v;=a!YK1_yW86Go^ynK19mm_>4;j6b_z(`9uwo@9gY3{Qe~V zuK`u-KQ(HE4_)-U=YMv$pTGatJv`joe|7=~`2)a%Xz6yL`@Y#YFjj8|MQsv)OiU{W zk>bc$R$jW6dsqck@*mC8?Zm94quOk$1?uF#cbwn<^^SY{{ohWY{QQ3$yC0VMyhldD z$T#FS!D#jFt}u8EPXQ}W%3R`wHpcK&4*UTo$9+WI{kmiOu!j8KV1m+ERf*sK`dXk) z{txrlfs|zn}ki0?#D>>2<5M<^Pc`VI{Kv(rx-R!J6_fW{^ME`Hy{M=i`5MZF?X8YbQ|Q z|B*(ZE4qI?RaJ!J$xsf_RddNWoT4}=b3Q6SjXp3!Ij1TivZIy|53f8vVV&_+-}yIT z4f)3u%jh!KBNagH{{JLD|95-)`F}UCEul^aiFp^mXF{qJ%NN~@ycL4&#-i$TREnRE z+Pl9CxFuLa{^Q%KkAD%OcKvVX_y2Z(zyIG2#PdI8a&sThr|63$%0a3t%m4(Y@aH0W z?{5Te6V{M_hCR2fV^}{%3)Ig41^a*Z=%~M!|6RbgpeTHEC12& z&vX9YJITlY>h}8k`~N$Et;)ZST2dkXkGR~n*8cOq7#bkC-)oAz`JztNruNd!@wbCDQD zQ^_*nGD^wCGBA14V=>^QbXicKHDrV!S7Ju1BD86;ZU%e360U1vnrYfeNVE0$F4-%U za$L1lT0ynA23t+JVhOf4!u$nb4gGHhdwq`k|Mp=q{?pO^{g>UqOWA+35rhjf!P=pd z_L}Kwu%`TP?(}8ABjmq-wDo2KSs^vet zCj8v-KkUQ9qW|aN-u|-_SS6V81@X!$JiSF8U;d15k7uran(w(VF7=K6=(hQHao{VT zGs#>=9B@6nEC~u$ps8QR&|#*-Os@XJ0T+y-zl@ANCsfM6gc98Zga{;`q6DhtzuW8E z`T4)s?e6FQoj^rQzj56CV^kf~&rkr>^1o@MzbH?rWb!Ziq^c*40J!={IaUl8%tJ#K zP#G@(YJvq8YYA#Y2sSfstgQX8o*D0>5OQ#Xr|A9wge?&_$;E4yB=X8O!xEN-BwR*O zx527dcRJFYYU*~BXv8|<>^I~}l#6K+zDJUcN2ec8Dn`n$cui@uthpo2Ec+RM=Y-KB z-O@-mMrN=gAkB({7&FjJ#E5a5LYJ8j5~xE2D%3DCU_>@~3&HHDmEr$ND^gN;h^szr zc%MuCIoA2oY8E5nlsD8;Y}`z6DMkbeiQOLvb8p9z@oe0js6|TOs9FjOO~j`N!OOnm zb0eZ~JyhO^4XZI_Y)Uro@M$Qz0t<<#JjLQRQw`rMKl+Lbo4P2fN4DYDuZc%R^j?5t zN&@8WEEnQ3ufCHZVTpySm2?M;l& z9-Kn5gj4YF(8`rk68toT6pi2oqDZKooMeX;x+^^JQ64NcS|=|N7c)diG421i^WOl# zH{X2oBa-cS1)sFix0agD0|D9;fj48xd>?slzWu_H3^*;)u^$i-=!=|jwghjqSx!&K z01M!;C4G|_E=sLoNKO%f_r@e*n>Z5B5esCJe3TiftLC4Tv0W=?lT0YrVH9xQOkEWW zwNl6Di53txRpgbDohi+AetBC&DT^7lnU35U2UY6rIha6n@s_iBX1uuiX%q9sp9ogI zZDPXu_I!P_GEm2(YFFQPrsMziYm>WnP+5m^PFC|fF1*3GMV^Zf zJXUg?=jHK}OwreB`!!5Fyeex~#=#0MvtC>;%j&ArTVl(yB7DpBgY3QyfH|5oeqWO>Lds_4 z=yQO?CQRrYo3oMREHaWF6{NkN>;*3~X9vcPENc1HTg9?ybT4gyePJlt|E(D!b3CPt zZ!2tP-TB|qaW4Kt_sBln`~U0&4!|Xp5^*YkWFYExu$&ZU_ZCi(u$qkn za6Q99KdUN0XqW&~!X}Y5AJgeS0Y?N%yg*^(YU4Yko}xg}G_*K_Z~QQxHS)j`%Nh88 z-&#QJ#sQ;YR>c(X5eEcQWHlSs>G;>sMyH4j*?i6@_%s{?4|CCMSW_%J(T}JS&4xAk zop+)i$*0-06aJrk5DVHd2u`4T8~D){wAuKFC6>PWF@d-0hn$ChF^;Fr#y|d7<@*FV zW`O`_rz6EhY`|_dEbJlJi8FEbTeD#;gv&hC`E#k9qWs6*ZTX_Rr7~*$fAao+-Tp~; zFaJA%gTVKoM8KUv9$oJZ^#FA_QoB7MXDE&V4{WPz-8CBrk^z?^l}RPa>F=No)SMB~ zP}u{YFsOumjAUCsDhdiit=R~(#RCplpzQ(6`lZ=uHV!CT#$>`$a7p&|ou&RM1|$Ph zEN8(42rQL?h-(#P_0U~ZGe%7`m1_nU2naYwU=f{y>dHa^n=Di0I&c66$}q% diff --git a/profisee-platform-0.1.23.tgz b/profisee-platform-0.1.23.tgz deleted file mode 100644 index 0cb8cf88bb010af1f198abd11515f1ee29eb3d57..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 5579 zcmV;+6*TG}iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PKDLZ`(Mscz-tF|A8N;Kz9#kS+)~rp~HRN^E&Qc&@|19)9$;6 z1s1f#*xb;hN>X;S-Mqj3fs!auUo6>)<6Lh&1)4-8hr=&3@}e8Cx3RW?!dAe9uh9cz6`$&!9NgL09VZsaLYKj zisuiwisuht6ub+jh*KnyXi&I74k*mBhP?NY1EB8{>_UaRvDEe2R@dtF8!z26e-0?} z{}Pe_iCqeS8vZ{ywFf!=Kk0Vu1OM*>#Ah-=e2KUNnhgK|h#0o@dh%Zvm&5ntR`k__ z5>BB&muc$Rk4AbR5I533PR7?pst<)&G42_uSHsEV=MUFst!6_{!RvtD;01CLj2B3X zF?IR9FCFmu<79j>zL|_KN7w(nx`{GDZ-MF1by+~ALOwiue||X}jXr$5yfNy(#ROd= zp9w4(zmF>j%SS~uK=J@ZiCA1gI5EF4?72qI$J1>1d%zJGx)LuD zIKv#dYJ`mT!9dO#$MRkg_u>3(lx@CCFrxB2?CjCS`S|kY{H%~XK`uv9BZ#t1#-r=; zO>T4*Q6mEJ!U3(hl)lsH2zQPaP*`6UL@?-EjL$kN(dpUtNyk3v;Be67eaBVBL`PxB zAwBn=jxzdoixJNZJs08BeH#85ULu;Ko4{RQ76H%UMGJ_@&U)A-fslw_G7pU+3D9je zjF0hjBY1(ONamjF2M*}kwyi%b&_YQC(6wW!!qMjdi9(TLe%pSpTh?sg1)S+BIhtW1 zRi>7fZWdHi-Q^Z$EuATmNJ?~#t`&D1Oef*YNVpjOIMy>?F@*#ENc;6``YQmSrP4*q z$$nJ{WyBP-shpY}T24rTl5?%UmSxo9F3y-py3)+y_{TZN?}z6X<=GVdajxOVn}4+O zc^)z!jK3b54T4=n1$v7KI)f5A;Pu7%XnZ*tpABz@YOz7*6w67trHwL-W`F;Cv*9x# z%Ttu(O3}r={#6fqT&*Nxgt$!7U*B9zM&s+7Fy$S(&m_DX|5Fup2@AY<#)JcsOgJpA zI9p;*Ez7A04dux@bpHtkL^|LW5|O0b>Cb6rXwGrK(IOBMOc8K7f)aTEQy}LEz&imb z^AO-juzpi4! zhCFZ{k1qJ&BMv3wtthup*~3At$^KW+`h>X*AOY{8JI54(5u=jhX`qsgDHr27Pv%o* z<}GrmRefDHQT%`}FB_!~g&$KPA$5}t)YZr9Pv_&G&o3u8 z!^_b)x4ToD;Ajt}GyXW7jMGgCT!~UH&U6`?icgFL3uN}hjIkLh7Xg{VGZ#gLHM4-` z6LjUG{wL8w{f+T0(Vb)o8n~gh6JqLsvdo2^1jRlfW>5xuF z$%J>}ZmDs!nhoJ2ts_MCAzSa1;&tTA0bjqC(W;j}E1@V|d%(kk-Y z0fX70iLqq!5UG|Vv>;X?ZRc8O?N}oMw(%{lowkW>BA^YClYWLvCzAu4q7_&&R}C zS$lEJ_3aqxW!6(g64A!d;ijo<+$F9ps;QEQ^n6^~xZ8k*^j%hnwarKakzwBfk_c7g zS@FAE>i&!*Sw-iF&!nvne$3wa;KR@QwBpHKVi^AO^lGo8Nt&gGT791NoYd+Qj0$RX zmI`X)V~b}aG{&DNGLh*%!EVTXki!L%h>O%CP_l=^>sdS5svXoZGr!$o8m zA8+U^8`$D$@2KFXf5Y}ClR_6qDq9w3lmjj!6y-<6UWqLYE$fh))WdfIBsPvWAO=R4Uw7L z>CQNJ6k6BPO!fpzda_qjUT4g0uAg$!b$~Lc+W*I*7Yh*}{#fJx2KxW$Nk4D@@ArF$ z{r^57x6?hUpjcyU)Cvn9-c9dy`?%NP#jBO|)^M z=rYyHswGUc96&G)zSLSKD*2z$TRdAp{|UVRs-FM*gX6sYuiGCS^#8p;=Ke>@z2V5e zhyEH{U8-6kDKVXiX2Zy1=sViCJYDV+hx2e#{>SHlNu;+2M!~b#;k>-4>5g8G;-f%6 zW9qS$7zT2#v<>Y^{U%gO-bC4tN_4aGDz*2wt_~bw3J8{nL(+~nc14`2=UN#~twPu1 z)F_7;hxZg`UT&L?@#P&floGo01)?(bjK4_S&DUej`qEq4Lp@u`QB^Hv{ajPaBRYRw z&1EA}Q~M)^skCzwhyN{lH!f2?hGXr&e>n+#($?e6-T)}a_Os#SzaCS16=2Q0@;t02 z1SB7PM9;kuqZGM`5m3Cv1UcZ1>-?ga_!ovf*ZNH``X-C!1NPiHQo^$9rHDc?Os@~r z;7KkTteMFQTk6(XgG{>xY%yO`{Mu`AqdKC@o6k&D&ByFjhnjja7bDj9^hfim!v-kh zyz3FZ&0TM(!I`}cu^#OO+y-mrBE)*6W8+>!4aW2eL>ArX!}}`|h+k)}UNhg=ptE@M z% zBx;Vxsx=EJ-T4KaB9ban(DzGmgm-8NcApIM*_d<8ZYo z9>_+=vDw_^#F|tMWpo7u<-1THzGjYd^Jll;tRKXm6{^<%*q-%7>rcJ?$3E@l*MEC( z@c-Hi)YyLum%IxmV2b35@jFasMenb3?LSeqB`};UAf-%(tE3h_*)=cDY88#DN0k{v z8Pzd@jkIS_q7{sd#UUO`m&s!CIs0@i6S8~*0R&H$7WxRK8gE>p@$G11LJ1I3f^|P$^xZ(jp zW_25yx6Eq72m^W-<3l-5_cYs$prXMKcZ8kqtiOD3B0(f`ke}q+#Dezl(D@IA?{x-Y z&M`ybi_C^s9Nl8$6ln_GJCxgE3&fY$&7Ub1toC81Y#yI+>43t)Q?Qt-De{AzJ%>M> z#Q%Fh)&5V-8sS41J@5IS-966V|LgXT5B8tEz)}7H@F?24UFxxKHja$l+fh-P#2*vW z%26aZGM1H>Zsh^iK^6Z;t8_atE9s~<+e(2t{_hR)`d@F*Kj?pZf%5bJN$h@D=JOsI z2_xT--vp!8+FfDt7@h)F9+kPp3vGKK|GmH_{I9PcRPp(mNn&vOGdgA@5(4}Il0(&(?%8hxw&#EC53oc2 z?;RKT|Kza#?**QT|I_PM8}t7oUBXIu|E2r%TY?SwU(6wYuJa%J#Lmb6>e{_S{I9)0 zh5ttyfv)KO@l;U}&L=}SL|4rv<8X%Jpv?KG05$T!2<4oLgvgFsf;_zP_=J7NH+|>d zgbnx~Q!Jy)T#pn0wfg^Qe*N$E4(tDZU{_3?P7?DjfX{?fDV8s~8Gb7S+l^V(=cqJ) zK5FmbF5r$}1OAV1t3Likh}!+Xo!9^ETgR||j1;I{{|om2?#XHQ!2kPzUGZ~fl9XuukGei{u$Tm*lUxguJoXD0y0;N`hpr3n!W4mkdmy5yw!^dxgbsD&%s$L-*^v zy#6iaN;Ut7*My%t{)gS~7yUm^4(C66fpv@-Ul6Zc!qZ#i@#W9>_IT#%r}>@><5J(~ zk8Yd)5C^{UIg`v~!~r*>tCFB#1)Tb23>{`VEad7x9B|1f`nTcH=Y&fBmr$bHfDnP? zQ-nY@|95-Gh4SqXmYX09g(qB|26f*f2eNxerMgUxY zq#O%|OXi^w3#g1Y05!n^i>(B;Aq1P5H&!-&SkH|2Q3yG>#Zz>D0K!&?o9N;_OA>iy zmthIZLK3c`sM}y&tUDd)PIYxVN;G1faP}K=CCbG#3Ev~h#-r1ZClw>*SG=aQUD4c; zW|sVnzjH!p5pQXv8>28-6Od-jL5vw_CL+YRO`+?|2MN?60#(*9GGK%@c?-cDsI}q$ zN*hvAd6-vy+VVb^`g5YorOhlx#3}EnmDswQ;7W`M6cW2X66W4bB;(n*IZ=<4zEQOj z7MhArQ3fyjj?b-#!u3#jE4FOLjIkNne!yoT>k2F+qVf!jyG%2Dul&d>u59L_s2$mk z-@GLr714VEj>!p-yYpO#%e?qbri3Myt`^c^M0wI&AJQ}*&@`?vT0DSx1cRwN7j(6}$FMV&RIMw{jIatyEl9$V2jndzd$8iwQy5qNJbBDR@F;ss)XOp;GBGj-kivo^MCZ3(`QlFmYu`38@RiKHHP1V0SgIb#kpYqg^&Pq|5>iG?;SEa@s-Br#OYBwV0nc3% z>z80JC$>mOp4h4@5hHOUTrY(EEu~{3a<58`vA3M|WfA_7)T|203Lpdeu z>75kbVB8_i#RncMDbCaK_(i7ZYqk3pCLUgutt+Eo4VC3yTrW&`9Z_rAqW!~OnEE0a z>-zrLn0LG0uI1bkpSFJqn#*`Mzf;kVu4c7vf)}{(l!5C9SzRu%ZCO!%%k_h-9tXez zEf~MADHmnR7Uk%3fW$UL=n~tLk(4YFk{%tTqo3%8SDCW}Lqm&te!c2g7M<>;4YGTN zqW#~RBeK9V%J{CrcGjK$oeXmEAG#;@$-)0;FK`5|pp=MH0VD&_u!GecQ7{cK@i3hM zAG&vNhJ@8@9D$oT7W!FL0YbwBm=QLOtofME{t7rEP~s&DBUc;WA@vjnie{n38GPr5 z@vM;tR#?u#|NGtoN*f1^hD8-oz(*VqOp(=WSZ9-8LmQn!GGdDbqu|qM0zAw`vtiA! z>_k7JMl>7N^mpEgek7mfvrhPb@uJxtaIFbyw9H~Mo zQOj_=G{l>=Pv0`cY9(m}<>NSS+4!zyfU#Sk^DiMze85*(yd8)`Cll zx4&5GpCUjqFvD^lOo6~s35d8=QBeDc zVQyr3R8em|NM&qo0PKDLZ{s$ycz-tF|A8N8fo%_GS#}(!(BVGsxsJCNG@Inb+3mZB z0tGEGHXEAMl9avaHt%nLpd?Dv7fW{HIJZ~N0-Hn}4u@Z6NDhZXpR+qG5Ni7b$~(pv zozWa}X+6LN`DRC8+qOOE_rssIZRda5z2n|D-TtxNAM{VVgYGwWw?8=UeFN-WF;E48 zkdS|4KfA1a<-QVtKK_Wfz>GRz*=s=GPyXy$-GOB{JS1F>eHnfmf`1^g0InJ%;Er){ z9giPy9giQtDEKLuB2JM+qCw#TIiN7g8uGzM4uHN-unQIK#!{DSTV1QyZ@hNP{5hZ~ z|4T>$BzCC)YUKaqbkNVq|4G+AJ;?t)Kzt$-#FvOWpxFQbfJk6lZzlhBaXEZHZbe@` zDB%e!jXnYc(5s2;Kzr7B7&KP`p4= zjH$~XeCdEUA133A@$F=MIlB4h^=*U%y#=O2*JS~fiumyC{rTl^G`jk5d25t^hY7kt zJ`-3n{ty=s=8v*!&flG1jBm!*S49f>I%>>ZMe~)_Xhv-{8eua=Z$mBEx z7z9>mI`sV*M-K_)6ZUXUXB-J}6AdTYZ;cMCEzd*rSW{@#XFLSs{6XT#lqB5TQ-Rqnq(< zu6GqvBLeZl0j;@|zSHRlca9cNSf3X}Fz8#1&pIp7>Dl&4$3E%cu+!v2$5q)xM^VTT zJ@=kZGWvFh5zllz7va!-9{m|!BAVlyz+F%l0ngDz3y8_iTG%ClkceM04~-%X&}}x1 zkMVFLc!8xz#-8g34(Qsptv@W#LTLriwPUTq(Wd~3LY5-FZNJwwYc}u#&UBF+&9IOP zsin1>1=Ub@xrJFvBPAM1sjktDl5RujB%B!u7sDUMdgLpiaKImFyM9T31pu^Ex@bAs zuPUL8nIf9P)Z)-`LJpLkYyGthQLDQcG0}9T$YKA-nB(`u^NVsc#ea-7{BZk^Rvzau z^TGJ*vDqNlMO2`7n4mK#p#$DroR7wrlkwT`cBm#BbWX9HgiG28VKn>u-5gHIRfxr0LnZB zI1()2E&?;o0v|x?fjL~N@6baW_=I8i;jK_>`+M}TR0Ww`U})h?Uum)`CH*c!bu1hc zQ+y&H(&@F8OS(>{)J#&`==e_UAqpAek&yjN3ngeKe^gb^CW&C0?0xdJlZe7%on!4Y zG8zONMa_df!0wV}j}iX{ZWuuV=njHH;2A|8U=m>YH^3P|Kr*m^n1Y)h9ng9YDV!k> zoX5Qju6)FyWV{t&3xytbY7P2dLF*&tGJpiUhwdCx1V)TXj;Dc2HileG<2)HpnUS~1 zrB=0d*+B6FzQkzdls4^~;s1QN8Q+dChov+7E+&3Vg@n{i7Esq8Za$ume?GsQ+zu~C z_C5#Z{CWA&Jj;<~)#-rQwtILE{xDur@pJ`w;6(1Q17RYS3 z8Dle2t}rs0XD*5|YtaJD%+9*F|C4B;en+Ac>Ljg2+V{(LGJR~fIjpn)^am%|{a>$l z+B@w3_5xqNv;n>Y*2ieqA5KZp>cBE48_<4yY&J|=5rm%4JUuw9`|pK?S!da8HtsR? z91t$-wN7X@7Dz(1hjcQVOn5KumzqYa*$_U`dxXe7Wb2huJdd0?;LDdXUiI{6B^;%5 z4|sgk>%~xKY(Ye8nUI8PDn!-quia@ogw5rDfnQ4gPkMub{C5xb-@QP!{O4x=mr(=d z!kAlDSPC~3!>22WJjo}hh&+j}UO{Xu|5HpoOlMD72Gq{~_GwQ3`@NIFLH_pvdzt@# zh{nzu`43BL`^;-6bInv|FoYeN6iXHl(bkfL7Q`x|ZH@GG3ha(yYx#e|GN69`?-u00 zZy)4;AF$8)zgi7!wG7xqLu|RO$m)+RGk>+3q*neTYn>lk7hD2`*j545$bY{#u=DbN z(my`P|32WU^M7o_Z41dbvRr|!&+UTrNA@>unHs6FlM{Y(1#rJqe;E?(Cnl{BL4Asf zy_)`p+}MI#QGsMXA2VxZ?ZvUww_~E0Sx*&7L>otko91TYK5=bPRh2}f=i}PO-3Bb= z@3KOzZN?gi4Eqj{M5rt;O5f#Dw`ZiuDjG+8B5i%}W46wf4?pSCif1>8VffGUtG$jU zDM}5u`aJ6;xz#5a72Il+3U1?Lix*=wrk`gr(djmP^317~Kg|B}(L#nJS9lvl!BeW9l-sD0V<= z3I!VUTUpCke8O47WClB38Rw2d>uQ=oPpG6Pdo}qrVs3HWJa~of7^>F)vFgP_1c*P? z_`kva|McWIZ~s5;ogCKx`+(d`m-EH6vR;@VzYA~?m+fd%%(F}XQ8aeW!?9Dk=qE@D z6wx)-{LoE2Kt=4AI+xNHPN$=i+Dp4ly=vZ~&cQ`q}*MGw(JQ zG$-rcWEeD3pv*%PZJa2&OtrGx5++&>AeaW9Yb_I%^3UiUo-LsN4B7vtUjB~<{k;9J zdwg=(|L+Ad_dinU4SW7Q^w-$x(ybMe64RMzHVhnNzoUK2)9F5OI1d-)e|!pGgpcI>|+YH6vM3OWitah-tTgEyim~UwbWXR7Qln`N&koe8^sP zs3|9NF=Bm7e=x5)Y(O%`T~F{`?s`KF&FpQ6^<*#LHdHegA=VQe8}}M&D5h5+vgAfr z@2^Q9ex12`&U|Zw&f@J0&;M2HzvzaK(qe6GZF|xJux9<&>mC=@e}iuKu>RWzJlX%l z_l2?DJ4=R2>0U1xW$EpKWSb+h+nNQG?)(By5lJ^v(DzGegm-8NcAS!c|*UF!ZuDKzQ8nGDE-Kxi>?vJ%$p#WQBOEvklaP8*ypX?<0V%s zTt+3tG~J^{`_#2vkkXFsE&-3Z_t8e4;3G z->WsRD3lwuLgv`AjVZwt<+sxdMc^9BxdU3A1(lslrov?;j-Yo%$wT(04o6C_$ZP}Y z#E8+dUaI5I6*yNjkK=H*C?3d0$FW)La%N4ghBCSWg7QtM4_`CKx%so(uhtLZ&k9xZ ze{9csruC=Z{$ro^^7FqvIQW0<1#0ZSg-hNA6EH<`#rQp@v!eIcx%Qu^S`rve7LZaV z!&y=*pX{6$qgq9y>QND0Yr<7S?wBS%*lR~8dnHF5X5q$CUB+wYHkh;Y zetdf~yOY{Rr+$|89#=dd$SiI{^Ojjm7-2xKVtgp)>6&J{9#lN|;fk>Ht@W4hOd^P6 z4)PPcO)O}SkDdQe^xk9$<{UE=y~u2M&Cwk;PLZb2y+^qvwm^J|-TawS!D=5OWpRAQ zr2`5FPr+iUhRFAJ_8k6j694Z3RqH=BYJ?A6^s?uFcDJ9u|JOb4AM8JSfusBZ;8C=6 zyVQN(Y#bS@x1*vqi9aT$m7_>;WGpMMUCRTkgDUxtX6bffR?<;zw$%c4^4}Ze_kX>? z@nQeB7brjfpTzEmWj^nbkudTN`Asldy}K(69>Y_>%9Apec%h9kJe31~fa#!*sC!s< z>>f6d|2s@j8mlVt``=s()XD#GKK^U(`1JH}|9>yAiTvy92UT*uW{?=t{(_DfiG~1w zfaFm1wOjV=9F#d96`)2R7@?d~ zl@QrcONfV89-pz!_^R*xo3MfWV~S;Tnd^xPpmzU%nxFr>y~F&!AJ~;pr-Q`23*a*$ zRf^?{Zbse;!FFR&^*JiV&qwV&+y&ebY#{&fZPlm02vNKKxAXgdyMNgK?+4=fpE9|< z59o9BMH1y8)fHv{0#o>N5xoyLf_DiU$UnoL+tx9xpP~h7=l_EJzk4$1ALM@@uq%1a z43d&v|C6rI9PD~84x7q<^!v-4|MyPw@xQvglf(W0y}(Z8Uq>yekp3rJZaZj!7laMv zUx#9Q(z|fA^54zJ|LvY0AN+sz0=ty|WRMsdAi3XbioE%vPS&RO+RgE&gAL?AexT*W z_W#{(H*f#9PfiZ&|GmH~*#G14RI*ICj#6^53{0N%SPVERT^1B*jgq%`-f@hmM;@vo zwQ2I^3qG5bb6XSHOjAw*n{CE@$&RU%->MDM8mh&W*m}wp3$cSK=BtJc^uHPG^(F5A z+sDQDPbY`>U-kp9W&h1a5H8FF8;4Fh=%nYthVs9?)0Y8HkpKSR;Qz4~cuo1Qa1z@% z9NR(up9dSrzi}_~W$eHG(_;L`gZ*beu&w-;;MZJ2-dJsvJgrcrK{D5c6QuYh15;_l zG1T*3Vey*^In1BX!#Xdoe@nemE&t&);g^p8VILnC{XhGM^Pj!II>C%Dh*wVG=`Hg3 z@@IT|JahHae9wh(sc-a0x6Qwg17G=^N#-)*fZNe^Nl>r?P5m;44l^BQa`hh$xMURl z+sNokLZ$pmDA8R&h(Pi=N}yW)yS;wl{kLAXcZmPI7pREoH;KD{f~tf18493U{}LJn^6 z6x|WzL|)ltSi-W9gsUj(Hdq(yPDi>^P2G+XjaVm~{f1nLaxqQ9_eiqw z==9@B#Yp)TuPJSpHFu<$Wk2KZoG@CXTN>%c$PCs5q*-$iV+NXu7%^^B=rZ#`0(FQ$ zg&IZ%jL0T$A($PtHvC^{MM??}an+|S?{ld?CpuqR&0<8H@`hT8t(yt1#F#)KvHJsI z?)^kEo{gImwMgk3RV!hksrVQnc-eP+?nD%>hsry#Wi@7u&B*p0J_|)xU?CBeXIR{4 zs^NR(M_zGZGZ#hm$Ts}uHSws3-V1O{Nr2p)=R#cO)ps%^EU|R8k`5!vlji!6rul%T zX$f%@)7FFslm|_>(q6LI)6?vs(XG(LOU)~i_%3_9Xrz7{q zL6v%Y2__I-zT<3>885DW+QfYECxW$an;7&;#@?Fe9W^Xf3*^`U$%Oh7dMGkd#!TT2 zOB1S|nOw{4b>;!jT{G*KP%me;$VZ;psw?BW=YH)~_R5NE#^a_nd%3<@8>r(+wX5$t z)A4`zwaHyOsH{UdC+qp06y9LmA6lMyVkCi+!F7$e+iz;WH-N3(T}cXcijXpaN#Kf*AKFL zxx}_*MfjHM2ibib01LEW{Gldagp|$7(Wd~3ZJ5wGwr3;BS!5(VI!Jpz*&AMG&Jv6r zTGaCEw~l4e>0a9)yJslc|E)P93p}HY?<#C(-TB|iAQ%6kdt&zw{y%$xBXA9+M4SpB z8HlY?;2Y$2#Z8rX5 ziIuN@OyRxyAs69ajN@6e@t6Nq`94C9Ss=jq*;sKA8?c)V3wsE5;!K?V)@)cy;W7_( z{vb z2e#FY>k3%@{S&RIWK(A|T)b nfn{_Gsw)cxkaH~lwS@Hm2ROh1b_o9$009600JqbW0I&c6Q#}VF diff --git a/profisee-platform-0.1.25.tgz b/profisee-platform-0.1.25.tgz deleted file mode 100644 index 38083d3c1a05e0776ec9cf1377e88c30049d513c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 5568 zcmV;x6+h}9iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PH<~Z{xO-`?mpq2cEOQwhzy;>^MoG;@zF=c-vsJNiNQA?*Ro0 zTAJ8wWKl~}_NLq1XFpI9CF+MIJ8_(D>servh{NIV#|+8gaOg97OE^H=cd@voY~C5p zFcZc-p1ZHM1g2@4$Nhfz(=^TePqTN}d)4h9n*HOW?uprZWp?|=z2jHN+!g~>5O9In zEAz=^UXTCh{9^Ea)QY}3Sl|if zaFM2-{-C7?9GI5&VLZClQhm(%k}^k2y&8{+7+(MT>LxYKIKGE zb{`iI=8v)}&flJ$kFG~omqiNsIx5UuMe~(aXj*L*noFnDy9u>m>jIWT1`c?FV3%i* zBITGV^7>rEkX0McFaw>l@lS*6k;WE$7Qj60o_hQPb1l>=eplH?|9c~Abbfj<)(9+N zGVuKvM-2(^U3!1!O&M^09k^g2!2*a93BSU4tbd`zv9*?uhuPrwfB_oVf-C@?5(c*H zA+3Hm5Hre%xR=abo}CV})wf*&o;V8|dw6~}y0|$zEhLY@W*`)S2yHwXUXN~ay(^g- zx|qx@)S3z5Tb&NKXE4Xy_&j$x#lAt=w6o-$o@pL+%%ctoJ5AhoY?+OBB!wK&Gw10f zqi?qaSf=Y44~Op4=ugQ4yd2*y-UekJupC{OW8!YDg>5(B0@ww0U>IqDZnL3%jE9>` z=0xyh?Ad-`p{{9~>cbr7QY)aY8EX{=p90{8EJb|Ne6MQOY>+vgsv;Ro2^SKnrL>!Y zv~Leo22t2(@H7Z&}%|GNFu_ zBAUch;?S}}4y2xI{j&^Fsk<04(R8KAVgJXNqxXZe^KvxFe~dNwaPw0ukMofEp#AmG zY`DY*kHcHy!YLNmLa)!yhNFw|=yY&1kdqCZc|?rEC2fQ-oc`-y&4y38C{K}^DX49*(YW!jyM#pGkN(`nSw#yEJg(5fgSuGT;cmVst?qIW4Cu zG}I^W;Qk{HTw$SG?D8b#PJK=rLrIQ>4(0(DXadM)fCV^+cu33u;X95z>HuQEX~1ki zQ$_0O{{;Y?pCvN9$8&O>#~Egh48azCWg zYb%#@l}@Rdq`1+^t=vNtGR7kz``Ig$pqTtoRy~`@xgyvE#~!7NPgT6ZbTo6*G}M>7alM+zag)S#{lb}|%_@-ENM zN5h-5%Zr2(Uh+~&&NLfL_($pnbI@C3O6k-sR|A>MQyZepN?=g)k^AN1{!hSM{tmno z>LjH_+INd~GJR~eIjpn)^pB6S`@dfAq<6UA|Lp?4d}$+ci;R!au0NcTqSb++O*W|g z@X&1NwjzujpE_!A7v*_eaCat~=`HktU2-z^l4RPK4hwuQaq2GTIkD{GG5j6XCxe@a}RoWQ0v7|uWUd>X`+yXY%1{N?=RhHTZHxH ze@>oD{*QXc1^GAk_TQaAwfyI1{^wBx<-(X-Ru~dD6vM|Wi9E?isE9m?uU(Y;BbEX6^MAJ>|A+hYpPj%i=l^Oou+cJL9SyPJx+1GTHq89h zYLZ&{kF0fmY=^L2%=xAYpho`ty<;;k|3`->d->l5Ja+z%jks+tCbhxQ+HtrJF7Fku{^7MRM*|^(?hWuSrsI~Q2Ly=+MLc--T%d^tAnNaN+X|jsO z;h)^LI{49B=hDZY)M>?&n?y7G=lNA$N8=QwhFf)>^_<+Q6O0OO6-ouS@v+6TF&fj) zGnwdg-z9b^eVE}n2w*(*$he}~DL_lG08;;tkM9fT1g+3$t+|K{;^Pg4vW6`#ccPN8 ztL%i`Q}q zcoL&qVX8!lyf9Nm5quIuDskl5R4$4w)S6%p$Ng5;G8Uh3)-ajDPFKdcqtLpVX3!HV z=_y=IeubD@TtD`dYY(fSYW*LpUcz|*?6JoGHTM4}M~8X)|6#AYU;pm{ax-1d7t_dk zVWRvlzy>DT(WaPXm;S?O?3{&Tr*zTpg5VI*)zbNLNGc zkT0{VJKRLu1uN?sgE_a5HznR@{ku<{n^@4Stb3DY&`80f4vdv?qUbW!%5F<2Z&}DC zUhuirGEpi2)Vn3qIrg6*`>*Qd|M0kP9SstBbDB;=ig(0g{>~#T7eM6 zoAPEu!_oFT%C|h7?h}Xea8drpr+^Aj%L6UrY3y)bo>g~8FDLPV!_UNX=#mctF_XIu zFDWz8dR*WmhA#y-q_tFRN%o$S8 z13NJS^0&kV3%#+eU!)NKLWyG=zj5ll$&$Gwj$Ow}n0K`nkt7D`^?@2X$wh+|BUw^Q z-8yTCDYt+P#%oGnxiqd-Mufcn$dtu=$X<1*DJOF=Vs%S@(62hIK{Cc&P4I2*dP5D( z>}`nEWY6&?R5KSLRudg*_Zn&_rdJ@c3ohoCs&C!>P(2&;j{ebR@-hB zzAb0O1;kwd9~~Z>=J&{<$ddni(2B71Jd4mJ{=HoD@$D`bu>+r)E;2l?&vToSm# zVrHRMXYPqkCR5=u5(Dg9dhUJprVazCS46gfRAR(vSufS`XLFLPnZrmpTNDpuqvO~t zb~&>;R|64U0fBrIs>9dJac=(X_N(=S_`5>Y{2$x1o@o84xBr+Yz5M)d9_{_Vb^ zQ!HSKV`Fhh$545)lzc`%-?t~!xo>mwJ6Nb?w$R$yg4m*e_-Y|E}!)7h#Vm5_# zSuJEceuvUJ)VIQ~vde#sa{pRrgBq!cq8}uuo>iqWSTZ7@EhO*4LY>#$v79q%4k4nXpjd;3=3-fDyWkGXqIj#W+fHXW>YOtC;z?U{Qj?Z+}rQ}b^_(+|Kr&Gu*~N@G7?6j!$m`7$l{#V!R?&E*$1S$|1UHE-1rOh=VfcqXN|E11*$usuChQY64`@4W! zf;HqnzODNB7a?lb|7L#wZ}#{5|J^`5|9ezy?gRQ1eUU^tNOgrCfIt`iTtx5vjo@v< z8uCwxW4Bcd>&Iw;+WEg=|L-0hn|t}+1#C;6GlQgL*Z-*NGkd$PGFnz zp9~UB10?r*b&=O!)XCb^Ub;E{cCd#0#}BkT+y1}XHS_U*%%lEZ{&xZ|VE>QDQ^_*n zDoV-4GSGQaV=-WE>9U|eYnXYpr<$n#!q0ltZ))P1DauJWv-Nl`*(a6qTeVGELAAL4 zT1~lP`L#E|{6%05{jUdmeUAJ8=3z1Z)6xF@m)*ci*?+SUgbOpl+M$#7+UaSqru=X2 z^rgWgr*RAermJ2~zx$fvz;-80vYiu=q`d9OgT?U*+ZXm((lO@*iFke(v}m=HX${ z|Fge8|Jezw63qC5c;ytH-Xf1Lf5x}RGgm+L_gp9w>PCNb+x)vY@RiS~pf+_abThmv z2?|!Asb0oVVWz`Ow)(?D7u18ljEp`fRLZ}=0&WA>9-1T>{g|#cP%%^2#>D5|)J|Tt-p1(W+Q?D$<>7 z>UNZ<#X4d1H?RfdVw!~Sk!0i1smGIwk@72EQ`#(R?npDse#YN9VYEoMG}4Wh8LbFN zv*I8|4>S`oqTQxYW#)qfst|z^HH-`xkxkx0&^u~n_`lMMloTG~%1;~K=aPSpRlc;E z#fUiN4YlMOHxpj+k&C$?_75(#@5X|%Y}}lvMM~eOT5{9}aRWZ&_*TcfQ(@=Cd;Q~ByO88x-8opEhI8j{K)P|@Y*@j=gCXUCW_W~?k5-_u8xe%9m z^_>g}gD-5Qq{E2vZgX`=(|kbFw1hZ{Y3s`ul#L>wVh^B)hfYbN8iVNJ!73yRJVg%= ztz0Q3!B0a-(Oj|s54h~fNp@Jl=fVRY<-t;;b@CDzpMmQZ)Bdxa|Ar8`{pOn=LA2u) ze9}ta8ge=hIBI)<-i!tHeQ@4<`-OoBm{+7@K7h;NiF z$SWl~Q<`o4^0tUl7Bg%!9l0|Os?^(aFah4;Eu-_yc(K*fCi;s%5v+XMM59+S_EtRa zs9+&mAjbwuCe(LuUu2|=nZg^EI#fL~xsutd%mbd=X4WsEUe0Whk36$gSH`!`{mQHC zl@(c!$8~G=e0{SrP{*TcSKoKK0MS%-2?R`WY9yur9do{JAWR&t!@UOWthH+; zx5UrwPr-AU?B-W0>e1EguG=MZQh3V1_JizRF0pMH5x!yjL3SU9&>ZHJ-Ph!ckg{1B zdqLyF1bu5cc_tFO09YfLnZ_L1*lc`79 zw!(JSo&Oyj=i)zfkIeqw|7Ry~fUd9*z&wrwMNzk- zH#5T3v#K10h6yxv=_In|6L0!Y#K6UZEFg?rt$oLyBPn<=4K2>-8$XO^4GvloF+>0H zt%2lj98oXKDw#q)Fys;sjAp|)9se5I=p>OLozJOUG1SifN94WDU?4|p~Mx!Xfx25}5{WEx%LbF*}?ap2KqOeQRalw@yzHsn9afS_nf z#4MN~PJ~ntajl}P4t$PkMm-%(=9=LJAdcsN7SSoFsx0P6%n1K;3F{vAu!lWt5&k~_ O0RR6{rasaDumAw6E<Dc zVQyr3R8em|NM&qo0PH<~Z{xO-`?mpq2cEOQwhzy;>^MoG;@zF=c-vsJNiNQA?*Ro0 zTAJ8wWKl~}_NLq1XFpI9CF+MIJ8_(D>servh{NIV#|+8gaOg97OE^H=cd@voY~C5p zFcZc-p1ZHM1g2@4$Nhfz(=^TePqTN}d)4h9n*HOWL(@EbWp?|=z1}NiZi|5`2)MxP zmHFhd@|F8a0Q=-4Fixmvp+&EOeLwlLYjlqdv*7@@8SzE>=zZkq9wW6;M7I=a= zT%@U|KWOOz2d1Tc7>};CR3CG`q|DJ$uLk4s&zIMyt!6_F!Rx@gA#<=2isvBs$g|nK zFD&%>!+3N)x*3lyhS&eTx`~jmGbi4_wrSuANqlhn{_J8f9A197xY5eLB`#cpPdO2k z-Nyxl`J=3g^S5W`qwCStWsyR@jtVnZ(R^hUnpRtd=F%zkZbB{Cx`5@7fdif(*yS0d zNI7PTygt`3WYxwq%s}UC{L|oiq_G8`1uzf0ryl>nTnn{|-&OX}|K7+Nou6KeH3CbR z417PvQ9}ZJm)@UwQwE%02QFAhumGY&!mltM>t85wY^~+vVK(?ZV1Nd;APYdJgn=!4 zNUI+X#Edc`?j>`VXQ#t#^=+4cC(gpg9-g0#E^f|F3&~@!83;unLK}~U*Q1+U?@FeI zE+%sewPr&2R;R=58O$*^KF?iFv2Rc|?JRkxXPQSH^Qc3@P80VXTV~@ONg+q{%y~M= z=-Vv;mg#!N!=d{$`ctw1FUPlww?UZ)EJqjSn7CVOVcQM30Cqtg7)BbP+iYkbaH68)S~Bsz?S?!i7X?DeY!p zIn-@t5ZY2miAIvDYj`cCTN65gr&_}K;D?bK`BEq>^hesRU(#O@LM@rjTUPd~OekZf zh$bMll1G+ilj*#9x+=>6dAyc|vPA7c$Z-2Bwa<2+BC7+nxYPRpqZ z4fV-8xc`U)S6Jv4yF5v`Q=ikuP?BSzgL%LOngFsHU;z#y9uhM^_>LowI)E5(8ZaBs zl+nOP*mKYfFXVUZ07Je@iGBZu%eDO-+%IH7dKYL~IMY{(tV~J2^H3dgOULA&+z;vW z+R7zerBiAqDQ8^0gD-;bNU*?K9LG1RX@p zLmWhJlV*<*zem^91&&k)Vb00a0|!xoi1;2c>H-oJ%`x%N^^X>6y~iG&f`iWD-bI%_ zFf1r*Mc7=Thn-r3{!i5UNSFw)i{4{Ip_BflSthTukFE8Bdv!H_xS3wRPD* z@dLIXu(V2>_Vv|=>yKxnpKnGNgWTL6gew_^kXsf|*9AN2Hib02JU<@|Z_X|+N>&M3 z%=)!N1~apqz)M~#$(d$@3I9mlU=Dg~OevkZnC*ofQaf-*2{PK?j(g7inm zGG)UW%CVCZetiXSw~&8n6746(uMk0gii*9Q{04SxL9VDkvY(HcHL~{NSnAs`(Tl97 zig0F+Lm5sZNXvp71g<4yWH53{4EhJnnvpg$(n+esPktVBX z9RA5|tAiiCbuNAUNu5?axk)s`f1Y3Ebu>;I>D&mR-sgI8y{Od8>2D( zJd=q|_g!L#(uWzIg8;@;kBlp-odUE33n2CX`1rnXPS6UC)|!jRAU@tuC~Mf_awjSY z+v*%@t-5C>c^YdEl%Aks#;|^J@noeEL0dngMOziylwRaR5@jf+CJI|WhRMqKws~v+EI|{9Lr{9z#eP-Ut|A&a&(xt{~vab_Ur#$KyIeX`C=Mb zFHDr*1=zquJK7Yp?9zW2jh(Y_?36D0T@V~1y4so_+ldD#kNr|-LipV3bYxO{VfGB{ z6GO`#dW<>BcQDEuIvQDs2fk04`0r%w+H@Wv_>3&DkQqnT)Pb=wP840HTG?$0-JKWdBvY{2w0o^Y*{)VSm5>-w9;yf27hI_WXP7udvmnTPqNP zcvIeNXgJz_NBNeg(|zJ_9xlrN_!Lk9YI&e#JdGXB%d_h4=;b6naQK;c4qfs=AZBv6 zp**SIgqxB#5&A*N-mJVx<^8RSLkGk|E)l@6+m07@MVhJSS{Y5Xg|4TmNDeX%?kvf1bFTucn;!r8ks^dbW^*s#40@xu%pyH2$iR%X*}y^hb14 zY2zji{~NS!oTt1GN6LTyVjTMQucn*50Z>luXU)lfHKp__z>0C@I7AKz>|XldojF75 zd0;0-K>n7vV4*j*^@|kZUnp^G<2O#dH(4^5#IfsG3G=SjB9g=)y*^MwC%I^_VkApy zsat0aG36Gp!FWySD;LAH%7~EHADOb4580~@HRWV3Myzh>5BgPyHAu#|s|mi%U2mwN znY|6Mn(R5=glgs@#A>1=?OsC-#qC;T;;6*qF!Hb3}Gam0PS!c}>5P!ZuC-n-ecw zDE-K=4OhSjb;e**&*2t2PVORA?DJOc@sg_*HuVH1Ub;t(_NgnoAf+AMT|y4E@1l*o zOC}7n`wn(};(>K&oD|Tn0@uBwF0t<|G;o*ro}^PvWHJ>lBQe0vrRUyfZ|X3RdPQU#NF_#$mi1B{e>Nw%nmLSwvqkYhHad>Y zVwW?kb2Sjr6%fcbp*noc9OvfGZogVTh`%dT&Hu4I>xtH%di#%g(#y~P=F#5&YbQ`+ z|1DhdE|`El5KGGLh&L^If1N4+iK-=m=463AkBV@XRLUni=f$W-(WrV*i5TjrjuvdB zJ;ef+I5rlCbPSazOUY;S^L=|lo%=Q?zk`KZW(%#IEx5e}rZRSW-`%w~%gQa(>Z9J# z@g^C0l3SI$CV^;2*`9@$K6A_;_Z5YMDiSjx{9b#GKeulQxK2{_;|+7iJZ#o-E@o3` zm(@bH<98^nLwzg!D!csGDEF_0HmH%BDEdKi>RDA9gC!#Z+CuU!EYx}3O^eXa=+`Q^ zprGnKyM9Sj$lnDzJ4xWPfL=KVf%(8abzqj zFI~$$tb!`}k7nt1VpdX7Z8p^cb@Jak&hP(v$G!djZzoWG{y&c056gVsBO_tt8}b{c zUiI#-FnBai0V7XJU*d%}#_&`Q{edROeemr4x?}sWhWy_W7t&Z&iQoVFTA)t;5A*R~ zdxs~-`}_Ypfpz3xT|cOj^A&?cllEtH%t$l@`U540sxRHLUk7Y1|H>a=i}K&=7v#Uc zpZ|9P&m{lpb*r`I|B)_XC9?n0ZTdCAn)1(Qm_66|k9lO~<9~Hcb07a}Cs5)4kw%{@ zx_>-XRfOY7Qx4Hpb3qxNLL8Ji9~GcRA84VRQ!2S010R&iJbD{OhoW{1cCe z=rY$M6+rF&|0F;EcYFK!e>bo#p-u;heiy)}T*wr|=iQ9F6@u-?qUtj!#m`6W-QNY= z609Nr@om+|zX(yg{x|dcf3v^e|L+Fk`QM{rb05&B=!+!EL8>eC00g@5=OTLVZv<}> z){uWn9J{SzSU*M!)Xx6}`+xW7sK1y0UBI^FIWtH~cKwgKKC`#$Jv*!`|IzQybN=5u z$;bcd_WJw#|2u)L%D;+QQX&11xZJka0?!C*%D)Q5_NaH^YURJ1kN?{}>Fxc0b^_a! z|74J88X&pftBbt;qE6PP_R`Jqw}Un0KYpO)+4le4u9=VjV;=SQ^1l;!0sDVEo=TPp zS5eAMO_VS-Ad?_rWebD?)m(&xGJ*kf*P}Jeyf0KuRDX+TP3k54q*BUN+oTm#i|en| zlq;5Bdjrg01lG|1da&2$xc_e+7UMr1?caad4ZM{7Hyc5?FcYjDI%%(+o(5~m|K?6# z8azV&`$v2KkDb6v%72BE*xKRP_VWKUSVR7`dzsH;|Lva?<3H~0Kf8fV<-Y{K<`VMS zYNO<7g(?k_xh|X_#V;A?N+XV;p7#oi-&Dw9zJvQ!US5Amy;3dz;Wgpsj{jjE9v1yS z5BKLkJAqY#8D9{uoWj#vZksm3uQvx=#Orje-{V7@);G>rmlr53O|9K}+ z5z}uRcmEiwgZgO-pj!Snjr14g36)I#MW0mlq!9pDA1TL*;et9aq=6^m1wc)(z+x>? zZ3w|;=8cuLAJ)_3eH20tZtxV{AIPOkU^=;Y&5}f3*=AV6vXF$!DC#y^73)q#x|2=a zjuN$4Cyf3Ewt!qrlkh!~Y&<&kcv3M^e#L7_n`O-%X=d5a_&XW+Fzk+Z3wIe2_pDB2c1+kpUyJ$y*3|N39J1S6Y#h!b4p7X~X+m^3So#msYbF z5vRPNmVD!8!b?7KF&D)C!KL=ySWuRYn-jH2=^Ir`Zoq_pj1ZjcJ3hBO3fJR_TfSj6 zrj$;xezk zlObX7g{_oy7*XDBt`2FM4``Z}5Jxd>effg2Q3O=%0rc?DDM?gg5IsCtg=B%J=;5K2 zE2Sj(X$UErOBUb(mpwVj4lDRvc;KTvSZcIRUIODYaNT0sf41}A5F)qVeDfoScD#a5 zTIpLuPUitfZ4c0!v7o*W&YN$)Fc1Orige5ea5;PtGe(!_jWWxr=@=1?9J=)0WQL1W zYXrNe;Np925;1igLFPaMkt82wM(V2hXJu^H%Go3n%5@k8oYzxV1w*aW@p+;JgiRHB zrDSJHv#np=7E#J#hHa)Jcg8`LdV3Bgz+1d!beXSV9f`1ZM9d6m7g zBJ1(EZq1&rZ&n8CcvS7``%ZWK-+pa!*A6P{P|nF}e#eD37`MoC@qx!mj`O@cev&DA zMQy)^iHBEZ?aDYzGjU1@~gLwWzp$g+911QDBAyx8Mt#Y^(fm` z*v`81zoX+^{D{yiLCj=oBk6qaIqi@2qRZ(-?8UN3LZ>Di!=Jh593*bgO)_h(0_bu zAh{by)C;pprjQQ|xx@pb*)UGWzlJtCNn}XpbLydw!!dFQa*+1sBD`A;$+D4G&6 z3nqvYAr(Yit0=1jpQD;lPe+rvW_SUJ<2j&3bPB2}i#ZZA!v9>tx`#dNVGmn`{|^8F N|No&np4b4e008?V9Y6p8 diff --git a/profisee-platform-0.1.27.tgz b/profisee-platform-0.1.27.tgz deleted file mode 100644 index 276e052f9d266ab312f7d370c245cb386272d1c1..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 5564 zcmV;t6+`MDiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PH<~Z{xO-`?mpq2cEOQwhzy;>^M%L;@w^9c-vsJNiNQA?*Ro0 zTAJ8wWKl~}_NLq1XFpI9CF+MIJ8_(D>servh{NIV#|+8gaOg97OE^H=cd@voY~C5p zFcZc-p1ZHM1g2@4gML5!X_{vKr`bE~z3TQ4&Hi9u_KwY0X171+4PGI0TMSe|zy)Tn z%qN$XuiRGx*e4%>aY8){EqV>?`^leOqdPFnh6CJY#24YW6Z8|fb7adgf^I28SMm5k zSMm5k)I;xr2`~=?@P>!yV4=b&YlwRvEQEdEB{r6{8w*vgX>^U=apR?1=I;ST`Cni+ z0KQEHP$U0G$KAaAADPGfz5MS2_$PM^Yyr$d%?3gUMFQJ;J^r8bi<9@GR`k`u0#7i9 zi!}B02Q59|z_hdvSNBAlsQ`J)ya7L^X2tvtJzRP@H+5r$Q-PM;yDOD@@#hR z3k$veFdm(cZpNdF;q||-ZXzV?%!zkm+cfZmBz|)G{_NspIK2FDaif)gOI)}HpK>B7 zyN?S9^G8_~=Wox>N7tjP%OZt*9TjG-qWQ`yG_AG@&81W7-Go}ObpgvE0|z`ou*)+@ zk#fuwd3~;7$f}KJn1RmO_@|TWk;WE$7Qj60o_hQPb1l>=eplH?|9c~Abbfj<)(9+N za^m|jjv5l+yY&9dn=;`1I&i^4f&~yI5`Km8SpPzaV{0uR53`fs0|w~C7GweFlrXSm z4{7zoftXQ7#Jyzh^6Ye&t-kFN@Wffz*u(R)(Z$W#X(4$GHUpsuL}=sD@OpHU>s`sz z(8XkKq1H?Y-|BR@J%c&s#^<@qDfSJ@rky44^i1=pV;*%#*lFUvW6Ny3BPryFo;gn^ z8GXAYz%pIWcsO*QMt@2c;N|#s@ir*)faU1I920kIEo{317r-v41H(uIbej$BV?5kk zGADv3W6$;j3w2G?R3GLrms$aJ%~-22_!IyyWGUjC=6hAMW`oS}R29i!O1O|nEv4NI zEQh+y3_@E9DbYw$bq%kjbZbH<@Kj4UKlx##M!pmZ3;mI{>zDLbgiuSS^OlwUDig|> zDWXYCB@QhsVIeLF`c3zGq`H!(qKHU7&%Hup_K4^bE zG#f6l!Q=3jxNwREw$SVIv*GAsJUTtOIgyhMoOwiy!zFEmFr5DDU(JS3xhPMOnkyw2 zxB3^=?QyZfEFJ|2#)Z^D#!aGyzdH~P2CYP&RW;t>;eNHX9EzhZPj962qg zDm2t5@8JF;4qRcOTkP^A=W`G4ah%bGE+zK;8!p%OcW}Ru1?gR&Y2i#?DY7yp{mw&m%q<<0e{w&h z(`zf2bd^r2nWVVU$*tT&6f(vmA^X`Yl%SaWQC2;h#Dht)_sQ2zfQO59jmy+zz%F`^?HTa^4XGy>nFKOf8*(v?vt&GFM&3M^TGiHN z1H}*6g22)$ZQ9pYAFe;1jefovU7Y0R_8?rzD1_XyfVwW&Nw+Da;pO@HXn1pWc~P=T z$YR#7B{GIQSrTVqP;)Gb#7naoogqRdKQQ1g-d<>LNNz+CV9v;Xu5N7?;fuXo%#-0%N(0bjnf5xGUi$7t6dPD#<~z|bZe z)P8tqHgsDN#*R-NH8_mB@3=u|XVGmo?uh4DC|uYpozQH|L14Luv@)Aae8=w=ibkv1 z;6A85LS!E@)k-OzM@}vDTBq5s$Jo)=eciI+V zefgi0=aT=U-k>1==HC9h6R4K|+|2(xYM@*gbIS@t;)Y`QcqNf1`3Mz}C-K!Qh_&T^ zLOh3f)5k0WYUh9RI4A%8-cfHa|GR*l%>O?`V`qi@ho!ZB>a>%&W}-4^!j5%{C5wk> zYw3m-#44g~h4gg_?3Q6;`G3SRpnm@E7UchMfBv%**ya3Rtp+w)2CSnYHe6R^^~Z*p zzgkUFEB}$T&X4U7wu?F6Q~}h;f4?^{^YVXmc)XYYUBF}K|JaDz=7KUXY)*{N?Sk}2 z#xiBY8p^Sg6MlUKaJP_uX%g)x#;*`Teu|2{ocsoMY(cK5K(e2YnKiQZ;#lh2G0}^x zr;2cSn?#43`ex%Uacz-R6)sQD$CZt{jcCZ%{q{7IcwJh@3U!+)M%<#jYpQEIqV=ULCmtvbP|;8vkja2p?6JR74i z{XCP2PWN46hth``o`V3!Q;&=*s+|I~1PdVb|M>X6a8A$)jnp-|Sa#pO;^ z61LSj)LM1VO!73=9wDCH_ zAl{TW8yb$b-%-Bh>2#ksoQI3@KRyLifLb1C8Bb$}^YW~^J9;^Z4;+3boq~Da5A|#z2UVq%wR24=k7)c=C71O`P3e#5 zrqaeu9R4?G-8fHqAC8p&{>3=->t9Vbdjp`H+RvJk|7uFz? z)bqejjDY+talt}wZ0i>(#J^DD*v4<1dT+91E{S8;u@dH8twkh>ll1yP4V~no!HSVA zsikh6HN=!#zy{+rrLSBJ*D51IUVmiDVm@TAI@FYtxfrp!r9bFb9o8TjqVcoV9bix8`cj%ZuR zkJMsqWo>)Z0E{UH9XP&NO@_N*sbf9mZ&=5a4S|C>j9|F4}u zjs3T9$-7_z_CPEtyCdGT=>2u3{3oiG1e%it_B<-WSyCyV?3@>)8bzb(K_z0SqdHo! zk@ge|SmM}N9MUmVo-8Gw(a-no33cwv#j^HVu1^Kaci2l z^kTvY18NoHV=+tDG@JFH{718NJ25M%s5YBwfjar`4f6ZH-k`VN|Lp|I&;Q4<`(c^Sdt@Yxd_#WY z)T`dz6$X#yDPZJD=}WxO#u%Q;p+C@M&iR*IoUa%pnzTQoV@9GO&>tu{RDJ1|{W@TC`B(k`Ta^D^zaanp z{rtZZcqaKzuUoAx|BrMDE0O(|Zqu&`)|7uf!|b`vf6OB@AOEXscK7kWb^;atA8GWt zqWi~FRYf?SH02OoH5ZiODa1jU^HBk6^nn)2IaLXf9kqmbc;)d4>x{4Z&c6<8$UpIj zh%R$IQUTQN|Bv(Yf48@v|91o166$o2=yw5p%7siZeBRB-TOrtPEUG?(Qv7_>-u+#` zEx{V{AKzAe{EHB^>wh!9|Chh+<$o6t&;K43oBM!1MPDRQ4pLpA2O!XeKNrz^e8=pmzQ**#Emn19LC`yMS%Ub7qi~?D`*deP(ahdv;h?{-fWY=loyF ze183Zw7>tq6WFT!tEeRv(*KCdZF?>7jIgHst59r@dKa!%{=513zun{B-v4JOuub_- z28pHtlKZ{7$m=iaWNm6M-5h^ASVR8f2U?zO|KIJJ`S?HPQGYN0JAoIl|HtF0WSMXk zrQFm+2~z_y2@+PeKqyenMMx+k7%+D|TEooyLe)g|w}{rHUb0UrrCha5T0ynA{#s4B zV)?ZUqOWA+35rhjf!P=pd_S)%bu%`TP?)0U> zBjmq7*!zF%1YT19E1bmE4#&2a|EIwk@~_>?d>;F6|F{_cac}?G4Qwj^CHOU$kk?il zB~L3OT@ zpa1LxRtaW&LA-JbPj8XOmp|j%`MV z&{QvDs4&xECR_bsp$qE4Uq(is6Ds9jU;(#*>v9lJQ3BQS-|ZFOf9!Sl??3MbDq{ML zyo-_jB>LcY?FP7Fet$stqC7 z%)GI(_QQI5ypKZ2!400G`vbXj2}~y!uUV4FE87f9SQe6S8AaVjt76@$NO!WS+fkwx z>x9wYz!s2;X%fCil8r~F9#1Mp%CC4$X|t@kBh4)P8Gq-5(IVZ_NH&4kOCD&D9}I^8roM65=SPtuJ3tHj03XJ%An_Iwgr}45EhztB@@46g@n&a;206 zKMf&8bIAfc;Ibzt*o6K;LYK>s` z6kL3-O(Ld_Bgh z92+Q^P~X9Qk&!ZH3U65IQ1#5@N@lMz4|r~yS-*sOIkQDR^2}CU8Q(tlE3dLwR%AUM z*R9#}_07sa9gnJAec$Ph|J$!k?%F|R9m+Xb&F{GI2ICfaEkLYj2xb6g2TLb0O_QE_D*;v)$&nB{)wQ;SymUy@Q zDR?fE*!=oLJ++$MYrAAl3J)0AevsY4B^E6s!Z&O`$nM?{n!}v3`NP9oo5ng3Z5VU<+)bgu0jAb$DUfK-%VoOXbk=ftd|91ih=n4w~%;QK<6m>gV&cH*HfVd9vrpU+k9i9R=nvDZ=Gb3C* ztIAPmm_SpPP9keQ@uvSo3|uV80>a4E+IQ?Zl7a`*(Bh1~@xyr5;GiWDGxQ(d8c6QO z5%t2Xk}2c^LoV^aXf}+~@votcP7)c?`J8&_<8X`|!g#Y`Oo`}3KcY%B8^+{!)`@;3 zpJvle_l_|&Bi|rzVzjf3BHp*#60|qGBRy8{_%e@-$%>{4LCYG z9Z4=?19r1v5C?E4&cx_%&4#hyHg%x$=TbIB`H#EX@OgJjWz_or%E~K@N5Qhw}-?G;u!GAG`hy;X5&CmWHXSNWTKe+SDc zVQyr3R8em|NM&qo0PH<~Z`-(%{o8=Q1J5bY-G^sccATWp!@E1LB6-UAj` z(9*=_Miy0)vYYMZKKp@^C{aHw*@@$9cRdA~L>vx>KW0b{heMyyTfza_zKg{zW%JH( zhM6$#@!Wm2B`{6XJnr|ypQdT%f116+-m7l^(CnWanceR3E3?}_?j5~C=C&B9f`ALm zUYSoWD_^;91h7v&0po;v7FzTg*!Pn^yGHleFdGhVn-O1x-v;Pk;LedP#|XNm3|+2b4<^7o5WpKAo`Z!7qpTtBeXtPreV5o+(rzqNxu(%IdT$#q-7$l~4Z-WcyCHM15{l;__{g)_ zy)P{E`r~+XKDrr?E{50tzPgE!urnv#z_w}N2}yi#`r+(iFdSZfytvWIza=hQgHJgT zl-OYc|LnPgRi&ri2TL)Kc2b zz;dYD%pkO-kP?j~RoC!ZO1CC-0#CJs^T7`zHS(oUSm^h(UB9NkB7|Bpowuy)SD8@8 zOc70DDsgC8AqP^=wfEFJ|2#)Z^D%KaGyzdKl-=KYP&RW;t>;eNHX9EzhZPj962qg zDm2t5@8SLv4qRcOTkP^A=W`G4ah%bGE+zK;8!p%OcW}Ru1?gR&Y2i#?DY7yp{mw&m%q<<0e|A5n z(`zf2bd^r2nWVVU$*tT&6f(vmA^X`Yl%SaWQC2;h#Dht)_sQ2zfQO59j-#ItX)4rXDzm3Pi*|5Th<2LD3u&4_*Igq1FfN;VC%iEbd)& z=>x-pvQ~u6C3@JYHRyjwtxtrB0K4b|wr9ixG^CzjWD>|^ZOFwm&XVzz8F}+uYE@g8 z4HQ3M3j#~4v}s>oeZ2m3Hu~vibTP=y?LoMbQ3$zZ0d-xllWtQ;!^`vY(eUQ%@}gvw zkj1QDOJp!J%L%;XrIMU!Hkj~F)D7mKx5kvxsaviFGMT3~M46Sqpyng@%fTBq5s$Jo)=eciI+V zefgi0=aT=U-f=hsREy(}j{`_Yru*>W>XG zf3upTR{kSvogdpFY!`FBsRF2x|9YI(b#I;3MRk%DoA6GW+HliVa7Zqx4J=RcU*td{yxy~f@#H4a4F7q4mDkZYMXBLdoo78Kx9S9=f?I`B!EJnO@obF7 z^z%$6I^B1P9ZDZ&cn$&>PdzfOsCEj_5-fn!|Krn#!Z|@JG+JveB7^vNL!qo;i_4v; zBy6j5sI}^zndE7#Jy3driW$TD$;FeEN(62Fj23NGY*TuX4@s1vn3^bT{TL=In;C!94*X0X$haqcLzuBI9E zgi3m{SCd~M<`&nFJ>}ZNDyUlj$Eufb9sql+@qdl||H;u|-u{2sGxzKNT|jQ8%lTp& zSuaeK-v!vfL_69Pv+UA;7>%8?aO{*W`dttlBD&g|AKQrsD3AS8XF~Yg>U3mMdtvqr z>=Q%F9eRv8%6Blz8#)?UhzGt;nfUKy?Aml5A^40eu#g*^Xp?dcx5@lp!e7V_br;)LJGg<)3=DWID(G6J-BYz5E{@_w)9@?qPqw|KAB@?ti4x8}|GM?60uZrCTcy zf_PKjY-l*zen+PS8bM>PJblFNFeru0X2 zQ)%NS4*wgpZk(sQ4@b&>|6&~a^{=Lzy#Y{8?I+F2e>J7_D!__yUm%%MnL|KxL~0-w)L|V;-4vTY~xo>y*F7hm&CE_SPAp4)*_O`AiX|NLnpatuwo=j zYN=ai4Kd{wu)%mu=_?n*waSQ)*B_a(n2*`34mIUuE=H_w>5uwVhc!sXxT^`i%Uy4% zp_#o6v6}2T-h^uABE)K?660gv|o@O`dr_fC_cQo7emMp=4$Alc^d?6zi( zg*`jR6L8aw6!!g68sQxpm)Mxc*Kunkwh2zAC_Q_tZRI!^8)RqXRt?(veV6*lz*CSJNnjrOT4yC9_<-CaTsweO;h zyh|nwv-=Kqed2+2Xq*(#uL9S-qAs!TEi`bK_@1N8#+T0L*mH7~Xrs=AcpW~=e{Qwy zR^i)nMqEJL1@O_~v1$GTITTs)e-By_mY!!3y2O8wYhGR`H)@5^Q4!b|IMSl|JP2S z#{OHlv#j^HVu1^Kaci2l z^kTvY18NoHV=+tDG@JFHOJiD~5^QXCn} z%1hUB538U`{-asCotTwWRGUq;K%M;ej`RD!-f?fg|JwX`G)+; zsaL(bD-0gZQ^3fR(wBIljWIlxL%*ZRaUVQ;zwX#RtRerm#Dz3gRpR%*z80vH|HFLz z*WTgD@&5k*PGBARSJw}!?5HKg!z+(ZSZ93Gcm8!)L;i_J zM0A3_U`Wj zZVA?q|M<4*<6nfRUH_Z;{eKt|bT9uqfO!7*sMy>G^eOrxiE@zY3OxXUF8sNO-uoND z+k`dbpAyGzs~Fag(E_#ef5HCWJvuts%l|H5Tk@P4Bqh84M_r%U+x4Cu)|LP0_vbnP z@15l1e|39D`}_Ypfvw8Fids@3{g1fZw$}pB2y4o}3dQ!Qcj0Q~znhQ$+db*+{eN}> z+m!!gkZ2kpx!2|J|;ckN;yH_4o3>6L|Q_ zmI+r;%1up_Ff|~PAYo+-gaXxEgoHAJ0dv=*HO#y(R83TWi)c;iCHtgO%2nH>6;zAs zuho<*mS1}V%%23-(Eoa{*XOwZZypxoKOODgf7uPZl>IjwLAWpztQ|UOubrL-Ys&xT zPG1^4LjL>5d;gD}z)Q-1g_GFY;n?=_|1?-b{Fg?x6R+ifvr?P4zN{3NsyMveh3Jx}YBXX=L;{p;G<@7H}K5E(h@xB~UH@-QM9z;r-`sZy*18 zCr}a7Zyb037^;K%X$qiP{x^;E7v%|+O#VfmRQ04009PL=$BN;CIxwVxC*lP_O|ZaX zEm3UWzL|)luSi-W9gv%)EHd+=z(S;Mzq@$s?2%2hV=_CtQFhP6@xuRKs`5A18_no7xc7Bir!n*TnI7^j?6aO9E#0EEnQ3 zufCHZVeo~mlyn$T-fgZ9X_^mcnwAhpF>QVQin37zRO|ut@X#qqRAUf5JXnQffv4!< zp_MD8B=~6vDVj?b-~pFCImr$y_)>V_qdZt@v`$_E<1=vGV%mSU^WP96x8HsDBZzjq zf=^oMdqYm=0Y_~Q(3`QKz7Niu@4qq-0rQG<%m;8ed=)cBm*|Z$%c>(q6LIa z6?vs(XG*iJpWhWx%3_9XrXzR8L6v%Y4ko}`ykm5p885ba+C+cxCxVr4n`rb(#@>qO z9ThBO3*^{9$%OhI?u(3+F;jTMQirN%CRZ|hm3hE(+syhU)XSMI@{wn@>dN@`xnFse zy|NW@wAuKZ!I!@LF~N88hnR|pPP+lZ}oCv8P z;#x&n9rzN}jCwkn%r(OcKpf8jEuvFURawlDm=XTR64pKJVGn!QBK&^<00960FJ+74 H0I&c6I4M4Z diff --git a/profisee-platform/Chart.yaml b/profisee-platform/Chart.yaml index 986d59f8..d00d3808 100644 --- a/profisee-platform/Chart.yaml +++ b/profisee-platform/Chart.yaml @@ -3,4 +3,4 @@ appVersion: 1.16.0 description: A Helm chart for Profisee Platform on Kubernetes name: profisee-platform type: application -version: 0.1.28 +version: 0.1.22 From 11226008ffde8d873d0e2d2df41bb94a09161c38 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Wed, 7 Sep 2022 06:58:26 -0400 Subject: [PATCH 090/141] Create profisee-platform-0.1.22.tgz --- profisee-platform-0.1.22.tgz | Bin 0 -> 5559 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 profisee-platform-0.1.22.tgz diff --git a/profisee-platform-0.1.22.tgz b/profisee-platform-0.1.22.tgz new file mode 100644 index 0000000000000000000000000000000000000000..fe746caf3a5c74d182bd655b6069a97feebd78d3 GIT binary patch literal 5559 zcmV;o6-eqIiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PH<~Z{xO-`?mpq2cEOQwhzy;>^MoG;@zF=c-vsJNiNQA?*Ro0 zTAJ8wWKl~}_NLq1XFpI9CF+MIJ8_(D>servh{NIV#|+8gaOg97OE^H=cd@voY~C5p zFcZc-p1ZHM1g2@4$Nhfz(=^TePqTN}d)4h9n#blz|EPQT%Ix-!dnd1uxh)2&Am9SC zSLTz;%2)0y0qm2Hz&N3vg%-UA_Wk6~uF*X<%!UKpX2ciaw*mSI+&Qx47(us`p{scO zpsRTNAnKua!33BG0(is2bFffhlr_Y?4;I3{?-CnJ+Kq)O*EG6Duh)3#mic=?QT`X$ z4S;V`0o2I<(MdNi|3~J@(O&*{0sNCY2DSiZp=JXigd%}$y&nJ1`NiP^?3a%pYY{oWDIgA6<{GE{hcMbyS$Sismb;(6rhrG?z}PcN1#C)&(qw3>@$T!7k4r zManT#JUbm`t8cpmJaHB__VD~{ba8WbT1Xy)%|Ivu5!!e(ydK@;dRHlke&tQ(Z@p z%!%O1*t7k>LS54|)rUFErB*;)GuA2$J_W!FS&I0k`Ciqm*&uT~RYfwG5-ucCOKCR) z%b{*FgV2^jN;HyGUBhcB-I~w|Jk=7;2S1F|$d^K4p+C}g{gVEQ5NgSE-mH&s9*4KYg;OlBgcp<-I2N?2QO6>bLT(0f!;C>+s(z`&@!kNBOWMxYFormg}TRJBH(y2a{y)ldqis4;SkkYoDRkAm|`! z9^xQ+n>2fj_&vI&E^wqe2y;%R9yo{!M8x-qQ5TS)XpV`8u79*p>pk}H6dZIG_b$5h zfnh;eE5hayJ?zvP^naq(N5VvaUGyH?GvWanQco~431qT1CQs;$cg ziXX5Afu&X2w6Cu|Tz@cKc z6Y3vxkbjuXxAT3Nzv-S&?Xzy zet2j$bXyU|j!zvmIE=gRxIt)V(QP*Fi04=+T-Ym}&}_^>V7Z61GMh|%$L|)3MyuK2 zKBzrHWFIosN-3U4PA&B1OBt_f`ZE%a(zypcJgD_zDCZjxQJNtnA)5+3`TI+E+7@Ab z`Ja>LlK-RLaY6pgz5RD5P%Zztng4mzK)EpHmKBD?4aM;BN+M745h@~2;;UB>Ys>$H zcnnC*ofQaf-*2{PK?j(g7inm zGG)UW%CVCZetiXSw~&8n6746(uMk0gii*9Q{04SxL9VDkvY(HcHL~{NSnAs`(Tl97 zig0F+Lm5sZNXvp71g<4yWH53{4EhJnnvpg$(n+esPktVBX z9RA5|tAiiCbuNAUNu5?axk)s`f1Y3Ebu>;I>D&mR-sgI8y{Od8>2D( zJd=q|_g!L#(uWzIg8;@;kBlp-odUE33n2CX`1rnXPS6UC)|!jRAU@tuC~Mf_awjSY z+v*%@t-5C>c^YdEl%Aks#;|^J@noeEL0dngMOziylwRaR5@jf+CJI|WhRMqKws~v+EI|{9Lr{9z#eP-Ut|A&a&(xt{~z{x`}O}WAUD(Hd@+rz z7beQ@0&HNS9c_wPcIiKi#?Dzdc1johE(i`0U2V;e?Zg9=$9}0ZA$)FiIx?xfFnb2} ziJ|2VJ;og6I~e5+9gQr+1K+1i{C6^TZ90z-d`1>n$PG@kNx6pGWd1MVFXV^1i*z;A z4*4>>y2DMhU9hsQF_?1;c~jzj*1!AIxrqhM%DOjc28|Rv>cChTCyFjpt?agh@|J~M z;su{;EfbaUPrX|*on!wAvj3`H{tu7)dHY}Y@MypP-w9;yf27hI_WXP7udvmnTPqNP zcvIeNXgJz_NBNeg(|zJ_9xlrN_!Lk9YI&e#JdGXB%d_h4=;b6naQK;c4qfs=AZBv6 zp**SIgqxB#5&A*N-mJVx<^8RSLkGk|E)l@6+m07@MVhJSS{Y5Xg|4TmNDeX%?kvf1bFTucn;!r8ks^dbW^*s#40@xu%pyH2$iR%X*}y^hb14 zY2zji{~NS!oTt1GN6LTyVjTMQucn*50Z>luXU)lfHKp__z>0C@I7AKz>|XldojF75 zd0;0-K>n7vV4*j*^@|kZUnp^G<2O#dH(4^5#IfsG3G=SjB9g=)y*^MwC%I^_VkApy zsat0aG36Gp!FWySD;LAH%7~EHADOb4580~@HRWV3Myzh>5BgPyHAu#|s|mi%U2mwN znY|6Mn(R5=glgs@#A>1=?OsC-#q9SwHYZ-V zQ2LQ!8?Jy6>Wsmrp2ID4oZLmK*ypX><0V%sZ0ZS2ymXHm?Ne8FK}tKiyM!ES-$fgF zmrNLD_Z{r|!~^TlI4PiC1+IHVU1Hx`Xy7jKJx7_1FP+b^=j1BUMx6=qI((M@+-lpc z!nfs&xPZ6|;G@H1)BGMe6j}0r4_XnHo@Wud#J`toUS23SYK6?PWt(^|@gTpQo=XB( zSj;Tc>dZaS$z&>AMq+@SOV7Q}-qc|r^@_+gkV=dgE$gK^{%lTiHFFpVXN%&2Y;+u( z#V%)7=V~CLDLUs6>InK?W-F~%x5Pw&wn*U>a))TEi_4Xh0q?e!n&7-~l*G{0u z{#&@@T`&QAAeNNf5pP=b{yJ0s6IDwB&B+3L9u?s%sgzH4&WllvqEYpr5;4?K9WB^M zdx`}tacnFO=@=?cmXgot=lk}AI`?f(eg_M+%obWZTX1^|Ol9o$zPoE}mX%wm)knRf z<4rR1B)2MgO#;!5vONngedd@y?kfrhRU~FY_`UWVe{SCraGj*;#~bF3dDyJwT+F7> zE~|xX$L~;Dhx%6dRd)HWQSM(0ZBQdMQS^i4)U&EI21`Z+w1wndSg7;5n--y;(XUl- z$#G4%YRDba#0Pur=wz?ts6#JYTdIqA?c7E)n%<9ZuV;6X+vwEKvfks01up2tt!duU ziwPqPs8x)Q#VlRZY}SL42R~d9cD^zG@vTk-+{{6Kg13$Z?ct&GUy|PI48fdZhNKsn z4X+s7673Xeg6%uVEwMSU1+nvIN(HNZh?K?gDH9ed96SZ{i5w!|nb~vr{Ym^^1FF`4 za@24i+wi>Se`dFzzyH@gJlxxVb^-_a1Hgl5>2{&|zS%g?R&NJIZ4!S>Oe+VG;>cK5 zUb>chSOrz`AI;M3#H^&E+H9%?>g2z7oZtWTj(hw4-%g@? zz3SavVen|40!E&czQhY{jNz#q`U6dl`{3F8b;tH$4f($%E~K%l62JfTwLqQxALiq~ z_6|>u_xJyI0_(`Xx_(e4=PL$@ChgDYn2~4*^an}~RbRSgzYf@3{*^z#7UjR!FUWs? zKmYFpo=N`G>sD*a|07+(N@V|~+w^OKHRYerFng}^AM?n}$N%b@-F^J8oj`^EM;d*u z=>G9kRS}LSO*uqY%>`w63UN^8d{lrMeV~PMPE|r=M=c>9UU_`NI^(Op^RL4i@=rV> zqRU*5Q~l9{6h9xecYhaf zOR$Fg$G24<{~|=~`rpj&|IPk>|GyiE=YNli&3!m0}$xKpNr_dzY)Am zSVR6PaqPB=Vf`2_P&@w@?El@PXcFlbJAM>ccm;ar>3)uhT@l>)* zxQbG4YNCXx0ht5|D_bBGsOBOhlo1S=yB@7!=6#`RqWW7zYf>-SCzVpJ+9s`_T3mmv zrd+Z7+8bd0BCv-3*Mq%2$Nhivuo(a8X#f7pZs4Wtzu5@Fg_&UO&`Epk^fXvg{x^5} z(%=#D-#^~_f9wQaQvNHP#MTbSwwM2>!5Z?f-OGF)`)~iG82@o^|Je;}D*q+;HJ6ar zRvRTxD^zKa%yr=eDSpX7R~m5)^}JVD{H8(<^Bvr;^78si>XmBw53dP7cl;0Y@UZCr z+25c4>;zT`W_&@satcpxk;j)mcL+|MxPTZyo-_jB>LcY?FP7Fet$ zstqC7%)GI(_QQI5ypKZ2!400G`vbXj2}~y!uUV4FE87f9SQe6S8AaVjt76@$NO!WS z+fkwx>x9wYz!s2;X%fCil8r~F9#1Mp%CC4$X|t@kBh4)P8Gq-5(IVZ_NH&4kOCD&D9}I^8roM65=SPtuJ3tHj03XJ%An_Iwgr}45EhztB@@46g@n& za;206KMf&8bIAfc;Ibzt*o6K;L zYK>s`6kL3-O(Ld_Bgh92+Q^P~X9Qk&!ZH3U65IQ1#5@N@lMz4|r~yS-*sOIkQDR^2}CU8Q(tlE3dLw zR%AUM*R9#}_07sa9gnJAec$Ph|J$!k?%F|R9m+Xb&F{GI2ICfaE7m&{4w*#g@Svir8gj%7snhV2L0JsU!Em{WFNlP^NbW@Ydx0KN$mD#zw* zBsq(Wq{jql?QT0>u$^`1e@Dl; z_z&G9v%mNM*$Et=D=Y*sk0U`*)a__F0}o9C;yT2eA|Km#cnaKTHV)9ujBxd=Do3GV z0!>{yiLCj=oBk6qaIqi@2qRZ(-?8UN3LZ>Di!=Jh593*bgO)_h(0_buAh{by)C;pp zrjQQ|xx@pb*)UGWzlJtCNn}XpbLydw!!dFQa*+1sBD`A;$+D4G&63nqvYAr(Yi zt0=1jpQD;lPe+rvW_SUJ<2j&3bPB2}i#ZZA!v9>tx`#dNVGmn`{|^8F|Nl(}Oiuu? F001EvBPaj> literal 0 HcmV?d00001 From cd371e5dfe66b235da4c8565b49d627e9bfad652 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Wed, 7 Sep 2022 07:03:11 -0400 Subject: [PATCH 091/141] Updated for 0.1.22 Added Purview info --- Azure-ARM/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Azure-ARM/README.md b/Azure-ARM/README.md index b51c0455..e94f0888 100644 --- a/Azure-ARM/README.md +++ b/Azure-ARM/README.md @@ -26,7 +26,7 @@ Here's **how** it will be deployed. You must have a Managed Identity created to 3. **Application Administrator** role in Azure Active Directory, so the Application registration can be created by the Deployment Managed Identity and the required permissions can be assigned to it. 4. **Managed Identity Contributor** and **User Access Administrator** at the Subscription level. These two are needed in order for the ARM template Deployment Managed Identity to be able to create the Key Vault specific Managed Identity that will be used by Profisee to pull the values stored in the Key Vault, as well as to assign the AKSCluster-agentpool the Managed Identity Operator role (to the Resource and Infrastructure Resource groups) and Virtual Machine Operator role (to the Infrastructure Resource group). If Key Vault will not be used, these roles are not required. 5. **Key Vault requirements**. If you are using a Key Vault, please make sure that your Access Policy page has a checkmark on "Azure Resource Manager for template deployment". Otherwise, MS will not be able to validate the ARM template's access against your Key Vault and will result in validation failure in the ARM template before it begins deployment. - +6. **Purview Integration requirements**. If you plan on integrating Profisee with Purview, you will now have to provide the Purview collection friendly name, as seen in the Purview web portal, regardless is this is a sub-collection or the root collection of Purview. If Profisee will be configured to integrate with Microsoft Purview, a Purview specific Application Registration will need to be created and have the **Data Curator Role** assigned in the Purview account. It will also have to be assigned, at minimum, the User.Read **delegated** permission. For full Microsoft Purview functionality and integration with Profisee, the User.Read.All, Group.Read.All and GroupMember.Read.All **application** permissions will need to be added and consented to by an Azure Global Admin. From e862728912a9e1964fb26a166cbccf7d57cd641e Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Wed, 14 Sep 2022 10:27:03 -0400 Subject: [PATCH 092/141] fixed tag --- Azure-ARM/createUIDefinition.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Azure-ARM/createUIDefinition.json b/Azure-ARM/createUIDefinition.json index a2ed4dc0..c7c90c5e 100644 --- a/Azure-ARM/createUIDefinition.json +++ b/Azure-ARM/createUIDefinition.json @@ -138,7 +138,7 @@ }, { "label": "2022R1.0", - "value": "profiseeplatform:2022r1.preview" + "value": "profiseeplatform:2022r1" }, { "label": "2022R2.preview", From 6383a0d2cbf836a06b15176b29183b5d61155784 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Wed, 14 Sep 2022 11:44:45 -0400 Subject: [PATCH 093/141] fixed tag --- Azure-ARM/createUIDefinition.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Azure-ARM/createUIDefinition.json b/Azure-ARM/createUIDefinition.json index c7c90c5e..70d69326 100644 --- a/Azure-ARM/createUIDefinition.json +++ b/Azure-ARM/createUIDefinition.json @@ -138,7 +138,7 @@ }, { "label": "2022R1.0", - "value": "profiseeplatform:2022r1" + "value": "profiseeplatform:2022r1.0" }, { "label": "2022R2.preview", From e471934c9583bc8880d54bb8341dde4142d20d20 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Tue, 20 Sep 2022 11:12:10 -0400 Subject: [PATCH 094/141] updates Purview availability --- Azure-ARM/createUIDefinition.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Azure-ARM/createUIDefinition.json b/Azure-ARM/createUIDefinition.json index 70d69326..c3578f34 100644 --- a/Azure-ARM/createUIDefinition.json +++ b/Azure-ARM/createUIDefinition.json @@ -262,7 +262,7 @@ ], "required": true }, - "visible": "[or(equals(steps('profisee').ProfiseeVersion,'profiseeplatform:2022r1.preview'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2021r3.0'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r2.preview'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r2.preview-history'))]" + "visible": "[or(equals(steps('profisee').ProfiseeVersion,'profiseeplatform:2022r1.preview'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2021r3.0'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r1.0'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2021r2.0'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2021r2.1'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r2.preview'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r2.preview-history'))]" }, { "name": "PurviewAccountName", @@ -298,7 +298,7 @@ "regex": "", "validationMessage": "" }, - "visible": "[equals(steps('profisee').UsePurview,'Yes')]" + "visible": "[and(equals(steps('profisee').UsePurview,'Yes'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r2.preview')]" }, { "name": "PurviewClientID", From 7dbeaf9f91ce479d8abbf8fd05ffc6a8da701938 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Tue, 20 Sep 2022 11:13:47 -0400 Subject: [PATCH 095/141] Update createUIDefinition.json --- Azure-ARM/createUIDefinition.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Azure-ARM/createUIDefinition.json b/Azure-ARM/createUIDefinition.json index c3578f34..e9a18197 100644 --- a/Azure-ARM/createUIDefinition.json +++ b/Azure-ARM/createUIDefinition.json @@ -298,7 +298,7 @@ "regex": "", "validationMessage": "" }, - "visible": "[and(equals(steps('profisee').UsePurview,'Yes'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r2.preview')]" + "visible": "[and(equals(steps('profisee').UsePurview,'Yes'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r2.preview'))]" }, { "name": "PurviewClientID", From 9131017e706c53f9956870f28b56c1a49d8299a3 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Tue, 20 Sep 2022 11:34:34 -0400 Subject: [PATCH 096/141] added some versions and ordered --- Azure-ARM/createUIDefinition.json | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/Azure-ARM/createUIDefinition.json b/Azure-ARM/createUIDefinition.json index e9a18197..f3e0411b 100644 --- a/Azure-ARM/createUIDefinition.json +++ b/Azure-ARM/createUIDefinition.json @@ -140,6 +140,10 @@ "label": "2022R1.0", "value": "profiseeplatform:2022r1.0" }, + { + "label": "2022R1-126062", + "value": "profiseeplatform:2022r1-126062" + }, { "label": "2022R2.preview", "value": "profiseeplatform:2022r2.preview" @@ -262,7 +266,7 @@ ], "required": true }, - "visible": "[or(equals(steps('profisee').ProfiseeVersion,'profiseeplatform:2022r1.preview'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2021r3.0'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r1.0'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2021r2.0'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2021r2.1'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r2.preview'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r2.preview-history'))]" + "visible": "or(equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2021r2.0'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2021r2.1'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2021r3.0'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r1.preview'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r1.0'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r1-126062'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r2.preview'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r2.preview-history'))]" }, { "name": "PurviewAccountName", From c0777b8b65ac473b54d24858f3407fadb7b626c3 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Tue, 27 Sep 2022 15:03:35 -0400 Subject: [PATCH 097/141] updated ingress for spec.ports.AppProtocol --- index.yaml | 4 ++-- profisee-platform-0.1.22.tgz | Bin 5559 -> 0 bytes profisee-platform-0.1.23.tgz | Bin 0 -> 5566 bytes profisee-platform/Chart.yaml | 2 +- .../templates/service-profisee.yaml | 1 + 5 files changed, 4 insertions(+), 3 deletions(-) delete mode 100644 profisee-platform-0.1.22.tgz create mode 100644 profisee-platform-0.1.23.tgz diff --git a/index.yaml b/index.yaml index f7056045..61e8f95a 100644 --- a/index.yaml +++ b/index.yaml @@ -9,6 +9,6 @@ entries: name: profisee-platform type: application urls: - - https://profiseeadmin.github.io/kubernetes/profisee-platform-0.1.22.tgz - version: 0.1.22 + - https://profiseeadmin.github.io/kubernetes/profisee-platform-0.1.23.tgz + version: 0.1.23 generated: "2022-06-30T00:00:00.0-05:00" diff --git a/profisee-platform-0.1.22.tgz b/profisee-platform-0.1.22.tgz deleted file mode 100644 index fe746caf3a5c74d182bd655b6069a97feebd78d3..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 5559 zcmV;o6-eqIiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PH<~Z{xO-`?mpq2cEOQwhzy;>^MoG;@zF=c-vsJNiNQA?*Ro0 zTAJ8wWKl~}_NLq1XFpI9CF+MIJ8_(D>servh{NIV#|+8gaOg97OE^H=cd@voY~C5p zFcZc-p1ZHM1g2@4$Nhfz(=^TePqTN}d)4h9n#blz|EPQT%Ix-!dnd1uxh)2&Am9SC zSLTz;%2)0y0qm2Hz&N3vg%-UA_Wk6~uF*X<%!UKpX2ciaw*mSI+&Qx47(us`p{scO zpsRTNAnKua!33BG0(is2bFffhlr_Y?4;I3{?-CnJ+Kq)O*EG6Duh)3#mic=?QT`X$ z4S;V`0o2I<(MdNi|3~J@(O&*{0sNCY2DSiZp=JXigd%}$y&nJ1`NiP^?3a%pYY{oWDIgA6<{GE{hcMbyS$Sismb;(6rhrG?z}PcN1#C)&(qw3>@$T!7k4r zManT#JUbm`t8cpmJaHB__VD~{ba8WbT1Xy)%|Ivu5!!e(ydK@;dRHlke&tQ(Z@p z%!%O1*t7k>LS54|)rUFErB*;)GuA2$J_W!FS&I0k`Ciqm*&uT~RYfwG5-ucCOKCR) z%b{*FgV2^jN;HyGUBhcB-I~w|Jk=7;2S1F|$d^K4p+C}g{gVEQ5NgSE-mH&s9*4KYg;OlBgcp<-I2N?2QO6>bLT(0f!;C>+s(z`&@!kNBOWMxYFormg}TRJBH(y2a{y)ldqis4;SkkYoDRkAm|`! z9^xQ+n>2fj_&vI&E^wqe2y;%R9yo{!M8x-qQ5TS)XpV`8u79*p>pk}H6dZIG_b$5h zfnh;eE5hayJ?zvP^naq(N5VvaUGyH?GvWanQco~431qT1CQs;$cg ziXX5Afu&X2w6Cu|Tz@cKc z6Y3vxkbjuXxAT3Nzv-S&?Xzy zet2j$bXyU|j!zvmIE=gRxIt)V(QP*Fi04=+T-Ym}&}_^>V7Z61GMh|%$L|)3MyuK2 zKBzrHWFIosN-3U4PA&B1OBt_f`ZE%a(zypcJgD_zDCZjxQJNtnA)5+3`TI+E+7@Ab z`Ja>LlK-RLaY6pgz5RD5P%Zztng4mzK)EpHmKBD?4aM;BN+M745h@~2;;UB>Ys>$H zcnnC*ofQaf-*2{PK?j(g7inm zGG)UW%CVCZetiXSw~&8n6746(uMk0gii*9Q{04SxL9VDkvY(HcHL~{NSnAs`(Tl97 zig0F+Lm5sZNXvp71g<4yWH53{4EhJnnvpg$(n+esPktVBX z9RA5|tAiiCbuNAUNu5?axk)s`f1Y3Ebu>;I>D&mR-sgI8y{Od8>2D( zJd=q|_g!L#(uWzIg8;@;kBlp-odUE33n2CX`1rnXPS6UC)|!jRAU@tuC~Mf_awjSY z+v*%@t-5C>c^YdEl%Aks#;|^J@noeEL0dngMOziylwRaR5@jf+CJI|WhRMqKws~v+EI|{9Lr{9z#eP-Ut|A&a&(xt{~z{x`}O}WAUD(Hd@+rz z7beQ@0&HNS9c_wPcIiKi#?Dzdc1johE(i`0U2V;e?Zg9=$9}0ZA$)FiIx?xfFnb2} ziJ|2VJ;og6I~e5+9gQr+1K+1i{C6^TZ90z-d`1>n$PG@kNx6pGWd1MVFXV^1i*z;A z4*4>>y2DMhU9hsQF_?1;c~jzj*1!AIxrqhM%DOjc28|Rv>cChTCyFjpt?agh@|J~M z;su{;EfbaUPrX|*on!wAvj3`H{tu7)dHY}Y@MypP-w9;yf27hI_WXP7udvmnTPqNP zcvIeNXgJz_NBNeg(|zJ_9xlrN_!Lk9YI&e#JdGXB%d_h4=;b6naQK;c4qfs=AZBv6 zp**SIgqxB#5&A*N-mJVx<^8RSLkGk|E)l@6+m07@MVhJSS{Y5Xg|4TmNDeX%?kvf1bFTucn;!r8ks^dbW^*s#40@xu%pyH2$iR%X*}y^hb14 zY2zji{~NS!oTt1GN6LTyVjTMQucn*50Z>luXU)lfHKp__z>0C@I7AKz>|XldojF75 zd0;0-K>n7vV4*j*^@|kZUnp^G<2O#dH(4^5#IfsG3G=SjB9g=)y*^MwC%I^_VkApy zsat0aG36Gp!FWySD;LAH%7~EHADOb4580~@HRWV3Myzh>5BgPyHAu#|s|mi%U2mwN znY|6Mn(R5=glgs@#A>1=?OsC-#q9SwHYZ-V zQ2LQ!8?Jy6>Wsmrp2ID4oZLmK*ypX><0V%sZ0ZS2ymXHm?Ne8FK}tKiyM!ES-$fgF zmrNLD_Z{r|!~^TlI4PiC1+IHVU1Hx`Xy7jKJx7_1FP+b^=j1BUMx6=qI((M@+-lpc z!nfs&xPZ6|;G@H1)BGMe6j}0r4_XnHo@Wud#J`toUS23SYK6?PWt(^|@gTpQo=XB( zSj;Tc>dZaS$z&>AMq+@SOV7Q}-qc|r^@_+gkV=dgE$gK^{%lTiHFFpVXN%&2Y;+u( z#V%)7=V~CLDLUs6>InK?W-F~%x5Pw&wn*U>a))TEi_4Xh0q?e!n&7-~l*G{0u z{#&@@T`&QAAeNNf5pP=b{yJ0s6IDwB&B+3L9u?s%sgzH4&WllvqEYpr5;4?K9WB^M zdx`}tacnFO=@=?cmXgot=lk}AI`?f(eg_M+%obWZTX1^|Ol9o$zPoE}mX%wm)knRf z<4rR1B)2MgO#;!5vONngedd@y?kfrhRU~FY_`UWVe{SCraGj*;#~bF3dDyJwT+F7> zE~|xX$L~;Dhx%6dRd)HWQSM(0ZBQdMQS^i4)U&EI21`Z+w1wndSg7;5n--y;(XUl- z$#G4%YRDba#0Pur=wz?ts6#JYTdIqA?c7E)n%<9ZuV;6X+vwEKvfks01up2tt!duU ziwPqPs8x)Q#VlRZY}SL42R~d9cD^zG@vTk-+{{6Kg13$Z?ct&GUy|PI48fdZhNKsn z4X+s7673Xeg6%uVEwMSU1+nvIN(HNZh?K?gDH9ed96SZ{i5w!|nb~vr{Ym^^1FF`4 za@24i+wi>Se`dFzzyH@gJlxxVb^-_a1Hgl5>2{&|zS%g?R&NJIZ4!S>Oe+VG;>cK5 zUb>chSOrz`AI;M3#H^&E+H9%?>g2z7oZtWTj(hw4-%g@? zz3SavVen|40!E&czQhY{jNz#q`U6dl`{3F8b;tH$4f($%E~K%l62JfTwLqQxALiq~ z_6|>u_xJyI0_(`Xx_(e4=PL$@ChgDYn2~4*^an}~RbRSgzYf@3{*^z#7UjR!FUWs? zKmYFpo=N`G>sD*a|07+(N@V|~+w^OKHRYerFng}^AM?n}$N%b@-F^J8oj`^EM;d*u z=>G9kRS}LSO*uqY%>`w63UN^8d{lrMeV~PMPE|r=M=c>9UU_`NI^(Op^RL4i@=rV> zqRU*5Q~l9{6h9xecYhaf zOR$Fg$G24<{~|=~`rpj&|IPk>|GyiE=YNli&3!m0}$xKpNr_dzY)Am zSVR6PaqPB=Vf`2_P&@w@?El@PXcFlbJAM>ccm;ar>3)uhT@l>)* zxQbG4YNCXx0ht5|D_bBGsOBOhlo1S=yB@7!=6#`RqWW7zYf>-SCzVpJ+9s`_T3mmv zrd+Z7+8bd0BCv-3*Mq%2$Nhivuo(a8X#f7pZs4Wtzu5@Fg_&UO&`Epk^fXvg{x^5} z(%=#D-#^~_f9wQaQvNHP#MTbSwwM2>!5Z?f-OGF)`)~iG82@o^|Je;}D*q+;HJ6ar zRvRTxD^zKa%yr=eDSpX7R~m5)^}JVD{H8(<^Bvr;^78si>XmBw53dP7cl;0Y@UZCr z+25c4>;zT`W_&@satcpxk;j)mcL+|MxPTZyo-_jB>LcY?FP7Fet$ zstqC7%)GI(_QQI5ypKZ2!400G`vbXj2}~y!uUV4FE87f9SQe6S8AaVjt76@$NO!WS z+fkwx>x9wYz!s2;X%fCil8r~F9#1Mp%CC4$X|t@kBh4)P8Gq-5(IVZ_NH&4kOCD&D9}I^8roM65=SPtuJ3tHj03XJ%An_Iwgr}45EhztB@@46g@n& za;206KMf&8bIAfc;Ibzt*o6K;L zYK>s`6kL3-O(Ld_Bgh92+Q^P~X9Qk&!ZH3U65IQ1#5@N@lMz4|r~yS-*sOIkQDR^2}CU8Q(tlE3dLw zR%AUM*R9#}_07sa9gnJAec$Ph|J$!k?%F|R9m+Xb&F{GI2ICfaE7m&{4w*#g@Svir8gj%7snhV2L0JsU!Em{WFNlP^NbW@Ydx0KN$mD#zw* zBsq(Wq{jql?QT0>u$^`1e@Dl; z_z&G9v%mNM*$Et=D=Y*sk0U`*)a__F0}o9C;yT2eA|Km#cnaKTHV)9ujBxd=Do3GV z0!>{yiLCj=oBk6qaIqi@2qRZ(-?8UN3LZ>Di!=Jh593*bgO)_h(0_buAh{by)C;pp zrjQQ|xx@pb*)UGWzlJtCNn}XpbLydw!!dFQa*+1sBD`A;$+D4G&63nqvYAr(Yi zt0=1jpQD;lPe+rvW_SUJ<2j&3bPB2}i#ZZA!v9>tx`#dNVGmn`{|^8F|Nl(}Oiuu? F001EvBPaj> diff --git a/profisee-platform-0.1.23.tgz b/profisee-platform-0.1.23.tgz new file mode 100644 index 0000000000000000000000000000000000000000..0f0cc765c156849ee89173522ffa4ff9af00094d GIT binary patch literal 5566 zcmV;v6+!ABiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PH<~Z{xO-`?mpq2cEOQwhzy;>^MoG;@zF=c-vsJNiNQA?*Ro0 zTAJ8wWKl~}_NLq1XFpI9CF+MIJ8_(D>servh{NIV#|+8gaOg97OE^H=cd@voY~C5p zFcZc-p1ZHM1g2@4$Nhfz(=^TePqTN}d)4h9cKgTuez$ABGQ0ibUhfq$x5Ype1YBVD z%6xKJ`O1AIfPL~27$?-T(4yDCzMuTrHM+-!*>Hf{jQAq_Hb6gtJ4d!0Bj}bgbQO;u zbQO;uL_PE_m;m!Y0B?AB4i+kmvWB?#!9v*gU1DQNyRlH^nnu^?9X4LNW&R#el>Y^G z1K`_K05$S|bkfbs|B-oO?&W_Mz(2WTU<+UtYBmr;C=%G#>+%1bUku)lTG3Yr3p~Lb zF4EM~AGGv<1Jlwzj7Qg6s*gEeQs!u>SA+5R=gaHUR!+vPdCcM}?WIXuh%vO{=X!bLo_NH=!16UBGh4zyVJX?D7m! zq#QFvUY~0ivTEZQW}tI6{%LSM(%6E}0+@&0Q;&aOu7z5~?<)J~e{W=s&QCAK8i6HD z2EHHTs38HqOYhITDFe>00~ahLSO8HX;a3=s^)Hk-w$}3TFdO_HFhB!akOiPq!oZe2 zq}2}xVn!Je_ma8Gv(sU=`nF5J6K7##56{m=7dL08h2$~V41^*Op^Znw>(NcFcO_Fp z7n8Y#S~DShtJC534Ca^{pXV;8*f%Jfc9y);GtHxpdDJ0cr-}QHEwk~Cq>v+e<~*Hb z^zD`a%XB^C;m~~={V7?1m*d;T+n~$?mZJ-EOx&%turHF5u?^Vs34Kl}5RV0Hc;X)#{ly)<) z9O^bR2yH2(L?cPnHN2M6tqGmLQ!U|q@WV)rd?^$b`Xg=EFX^ucp_WYNEi3y~CX_K# zM3b0G99mY$fz)%Yf0iLCbr&NhnywT%?Ee^Z^nP%5UXCXDkFf?HZhmUzaUL=sw7(vj z4VT#9ad=ByIK={6==J&8aC9*qoepjWaT`U(|`S|+3+bB^gF2uvjDuW!!B!_oCknDP$pGYRiT|CU*8mj+HeV!{qd1{~p6j4p^Hr{z?I zhWg|k+<(M@D=c)2U7n=esn2O+D9N$V!93ssO#s;pumA@U4~ZEde8-VT9Y72?4VVpR z%4pyt>^W$L7xFuHfFa+d#J+#S<=XxZ?iaEky$dugoark?R;Hxid8m%LrDO6>?uT@G zZRL`#(kV5Q6gN7#m3xRn#&{%TKYN7|6q7&7s%MjUFiG}4`PvEaaIwy@_8Dpof)1kQ zAr7LqNwdd@-=k~l0!ONYFz00IfrF?(M0}4JbpZ*A=9qZs`bP`3-eV6>!9izn@1jc| z7#5VZB5W?v!%nS1|0imFBuoU@MengaBOah3^#mi6KqhNLE~asojHk@Vo99xi+PZ9@ z_yJoGSX!k``}*p`^~bZ(&o`rsL2hmj!j+6d$Sn(~>w=whn?f31o}Z6~H)od@C98xi zX8l?sgPB=Q;3Y4W@{gny)NFbBOgrj$_etnDaG^1sfE6LDdSa5e@4PlI`^Q52en=d<$MDoN;8BcWK)4Be}Cyt+ajzl z|8w$O@_*DjF37*RxBu=0s^vd7^FNOoC>O@uvcizKp%^}1N#sdBLPg|BeDw-qZTX)N z&mrFQG0TA3`QJRr$$!7sKiFf6?PRW*s0^C0W1V8j;vw2v zx}gQJifCIQeVqckW!PB$AF&LmpZ~iB`9IvB|Lg>IIsaFyfsK{{>u87#*A-d)v0>(~ zR+H4qe`KxmV>^WHV$L^J05$U8?;V?Y`9C^5+{^zi;IZ?6Y{YGIK^Yh}C&uS?LHZ+O znX+LG<=DvyzrF&vTgbmOiS`rYSBM}#Ma5oDegiwUAXii%+0Vz!8d-aBEcNY}=tb63 zMYz08qQgynvvHTWw#cdqm#63B%EsMBH01B1LanXG8j1}277{L(S)P@?&4g;tNRw4G z4*%q~)xnS6I+s5Fq)scI+$5UeKhLl7IvS@aHQcK6tmoubonTaOt57PqjgKv!jnSBX zp2B9`qK>*{aN5&P^P61ki1(5oGe0*OxCuoI6Yt2Pu5Fc+Slr?N|xf7Ly zZFLT{R^2m`JdL#nN>5NRV^}}Ac(PK7psk^r=3R5LYIXcYS{|~!I`}O}WAUD(Hd@+rz z7beQ@0&HNS9c_wPcIiKi#?Dzdc1johE(i`0U2V;e?Zg9=$9}0ZA$)FiIx?xfFnb2} ziJ|2VJ;og6I~e5+9gQr+1K+1i{C6^TZ90z-d`1>n$PG@kNx6pGWd1MVFXV^1i*z;A z4*4>>y2DMhU9hsQF_?1;c~jzj*1!AIxrqhM%DOjc28|Rv>cChTCyFjpt?agh@|J~M z;su{;EfbaUPrX|*on!wAvj3`H{tu7)dHY}Yu)p8`?*uaUKT_!pd;UH4SJ>*(trZAC zyeV%sG#qWeqkPNL={|8d4;STsdk zP@dFp!cEDW2>qaBZ&qHU^8QxEp#$O}mk40kZO03{BF)rut&FDHLf6w&BnKIX_mpN{ zZ|jcnt~b=s z%-)7rP4*mbLN#*{Vl~l`cCVp^VtNH4OKy1i{>lybuTxvinQu(gnZJ4F`M+xY7v1oY zTCA8I%B@`ya3(eFwWf@xVGXP73H(f$LsTm)Q3f8n{b*&rxRMOXqX!Ik`%-QD;KD4xi;ex7v2A z@NGFGE+Fm#_~`K1G`~jEgI0v4=UId<@$coDmlw*7S|M|6*(RP#JjidS=aRq` z7BdUAI&)8SGMNgOkr-g-(sS>#H+2|Dy&|#=q!J@W%X+DfKbwE-8t^Jwq?wG*hZ z{}wKJ7fiq&h$Urr#G4kqzs{8ZMAec&bF#pmM@2YGD&>=%^I}w^XjDC@L=1IQM+-L6 zo?-z@92<*6I)=)VrQ|dE`My1&&V8Gc-@!sHvxU~q7Tn$fQyIIx@9tWgW#txX^-=HW zc$17g$*oFWlR&hiY|p|=pE>4_`-;Lr6^WS;ey=^ppWC+tTqmje@rJo$9yV(^7qcm} z%W5Ip@jH~(p}rM6608`MZm6#XDM^{gt5!IBXHZ6SFV7V5n2rbXyy^lKGd za$FOx8gj=p@xfj@I@v2Z>d*_)D;;HahjQtoOKLfeU(ZYnr$8 zV!{XmY8B&SF-zApoAsdN!4Fr2oo|ePe5(@yH*=7m;H_gpdwA&lm!$VPLonxHaze7pV{r_@BeiV5BK(;oxnl<0PrAMx?QNgZ#E9J)!RW)o5UXz)5<}lI5L)% zm#*a=Rza2gN3(Q0F)OL4Hk)dJI{EJ%=l6fTxCK6v(i-LZXGL;i1x3u&yX#P5H7El?-_hxz!g zy~C5^{r&%)z&i4;t{+s%`HDfJN&7Q8W+WN{{ehB0)t7GBuLCxhf8`IbMfvab3-aIJ z&;L7tXOjQ)y4Bk9|45gx64`(0HvO7lP5I|D%%1D~$2>Cg@xQvJxsU&~6R7b2NTbgc z-9MhHD#G!kDTnB)xu6VBAr8u%j|xzu542FusY;0Ks3pY1E00fDXMELn{&iSG{)tCK zbeZds3ZQoXf0Cd7yS@GVzZ=+=P^W`LzYE|~E@X<~^KM4o3c+?`QS}*=;^(9G?(YI_ z3D%JR__pffUxcV#|C{;!zuDjK|91oN{O?h*xew@5^hFZoAk`Im00Le3a}mAwH-fhb zYsfz(j@?!o*mYe|LFJUIsfmS z(Lr!-WRGSs=r0FCiRkiQYq!CZPE&=#r4-} z$`#A6y#eMg0&D1hJ=p7W-2XQZi}9b1_V2&!242ekn~fk`mZd7yYWd$Z(qEJ(R5JM&eNxqvMgUxWq#Ub&3+lj-2A+r) z05!n^i?u|xAq1P5H&)huSWl1lQ3yG>!Bcd9AeSzI>Ez-yOA>iyn_&sdLJ}^csM}~& ztUDFyPBwKrO4MSVF!~$V0&+1;!uLqB@#xg!NySL{6|X66mNj>znPorY@0>7Nq+1&4 zM$3#=1f*GU5Tgg0i5SstQ>ZfYK>}5XK#3Yg28_riZz1R%wKDu)X+=s34{_zE4exWw zKgTLxTFqiaobrZR@{OAbFZsyDToC&Qm)dt@L0L9#PShf$Z&WS00Tcc)LU6M0_}ua+ zT#qMi`G(b)QaW`v@9=3Tx}0zUo;W4^E>jKPDSwS+`G#h(aPzHOq> zD;aw$o_AERkS&m710@scJGd`0QpQZ-4ND!Wo|#<9>{aFg&uug7mryTfw#Y}G*{Un! z+vk4eRrbn?tjFWJHG96kSsAF~QMIe@JKgbr`?bkkJE*KfIVY?69T(nU+#=7#2OcXq z&hzs4Nv7x(wf!0<9$uBTE8}1Vm%6{z3$t6!$_l=fC)*42Tx4TaJ3pJCZq~-NQd;8E z_NU;vOiuHw67|4pc8BefIVn6_VEaLK-})_WFL5yIXBRDV^Pbm-X@ksqI+rM>z@FM_J3mr?wm|L%C;4@ zv+n%w=r|Yup?hQ=?)`su0te^{3jxgINKh1YJ6g`bLz95G4)LbQ$Mzkb0ymnC19USZ zTs^DGQD~SzQ^YKx2h-5vjK1;1c-G*cB@r|9AKw~C z?#2=I!mN@hQblMD!orbNtw z3F1UZ1rgUO%Id)9sAkmD(PXX}UI5~F4rmdbf~v}5j>L@cKbNrXVGn!Q!xrKH0{{U3 M|L~CySpcvA0Mhp>C;$Ke literal 0 HcmV?d00001 diff --git a/profisee-platform/Chart.yaml b/profisee-platform/Chart.yaml index d00d3808..f8d5ad69 100644 --- a/profisee-platform/Chart.yaml +++ b/profisee-platform/Chart.yaml @@ -3,4 +3,4 @@ appVersion: 1.16.0 description: A Helm chart for Profisee Platform on Kubernetes name: profisee-platform type: application -version: 0.1.22 +version: 0.1.23 diff --git a/profisee-platform/templates/service-profisee.yaml b/profisee-platform/templates/service-profisee.yaml index a0cdf8e4..0c43d90e 100644 --- a/profisee-platform/templates/service-profisee.yaml +++ b/profisee-platform/templates/service-profisee.yaml @@ -8,6 +8,7 @@ spec: ports: - port: 80 protocol: TCP + appProtocol: TCP selector: app: profisee type: ClusterIP From cc637a33c3643040a8575efeecf7caab369247d4 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Tue, 27 Sep 2022 15:31:51 -0400 Subject: [PATCH 098/141] Reverted --- index.yaml | 4 ++-- profisee-platform-0.1.22.tgz | Bin 0 -> 5559 bytes profisee-platform-0.1.23.tgz | Bin 5566 -> 0 bytes profisee-platform/Chart.yaml | 2 +- .../templates/service-profisee.yaml | 1 - 5 files changed, 3 insertions(+), 4 deletions(-) create mode 100644 profisee-platform-0.1.22.tgz delete mode 100644 profisee-platform-0.1.23.tgz diff --git a/index.yaml b/index.yaml index 61e8f95a..7bfd26d6 100644 --- a/index.yaml +++ b/index.yaml @@ -9,6 +9,6 @@ entries: name: profisee-platform type: application urls: - - https://profiseeadmin.github.io/kubernetes/profisee-platform-0.1.23.tgz - version: 0.1.23 + - https://profiseedev.github.io/kubernetes/profisee-platform-0.1.22.tgz + version: 0.1.22 generated: "2022-06-30T00:00:00.0-05:00" diff --git a/profisee-platform-0.1.22.tgz b/profisee-platform-0.1.22.tgz new file mode 100644 index 0000000000000000000000000000000000000000..fe746caf3a5c74d182bd655b6069a97feebd78d3 GIT binary patch literal 5559 zcmV;o6-eqIiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PH<~Z{xO-`?mpq2cEOQwhzy;>^MoG;@zF=c-vsJNiNQA?*Ro0 zTAJ8wWKl~}_NLq1XFpI9CF+MIJ8_(D>servh{NIV#|+8gaOg97OE^H=cd@voY~C5p zFcZc-p1ZHM1g2@4$Nhfz(=^TePqTN}d)4h9n#blz|EPQT%Ix-!dnd1uxh)2&Am9SC zSLTz;%2)0y0qm2Hz&N3vg%-UA_Wk6~uF*X<%!UKpX2ciaw*mSI+&Qx47(us`p{scO zpsRTNAnKua!33BG0(is2bFffhlr_Y?4;I3{?-CnJ+Kq)O*EG6Duh)3#mic=?QT`X$ z4S;V`0o2I<(MdNi|3~J@(O&*{0sNCY2DSiZp=JXigd%}$y&nJ1`NiP^?3a%pYY{oWDIgA6<{GE{hcMbyS$Sismb;(6rhrG?z}PcN1#C)&(qw3>@$T!7k4r zManT#JUbm`t8cpmJaHB__VD~{ba8WbT1Xy)%|Ivu5!!e(ydK@;dRHlke&tQ(Z@p z%!%O1*t7k>LS54|)rUFErB*;)GuA2$J_W!FS&I0k`Ciqm*&uT~RYfwG5-ucCOKCR) z%b{*FgV2^jN;HyGUBhcB-I~w|Jk=7;2S1F|$d^K4p+C}g{gVEQ5NgSE-mH&s9*4KYg;OlBgcp<-I2N?2QO6>bLT(0f!;C>+s(z`&@!kNBOWMxYFormg}TRJBH(y2a{y)ldqis4;SkkYoDRkAm|`! z9^xQ+n>2fj_&vI&E^wqe2y;%R9yo{!M8x-qQ5TS)XpV`8u79*p>pk}H6dZIG_b$5h zfnh;eE5hayJ?zvP^naq(N5VvaUGyH?GvWanQco~431qT1CQs;$cg ziXX5Afu&X2w6Cu|Tz@cKc z6Y3vxkbjuXxAT3Nzv-S&?Xzy zet2j$bXyU|j!zvmIE=gRxIt)V(QP*Fi04=+T-Ym}&}_^>V7Z61GMh|%$L|)3MyuK2 zKBzrHWFIosN-3U4PA&B1OBt_f`ZE%a(zypcJgD_zDCZjxQJNtnA)5+3`TI+E+7@Ab z`Ja>LlK-RLaY6pgz5RD5P%Zztng4mzK)EpHmKBD?4aM;BN+M745h@~2;;UB>Ys>$H zcnnC*ofQaf-*2{PK?j(g7inm zGG)UW%CVCZetiXSw~&8n6746(uMk0gii*9Q{04SxL9VDkvY(HcHL~{NSnAs`(Tl97 zig0F+Lm5sZNXvp71g<4yWH53{4EhJnnvpg$(n+esPktVBX z9RA5|tAiiCbuNAUNu5?axk)s`f1Y3Ebu>;I>D&mR-sgI8y{Od8>2D( zJd=q|_g!L#(uWzIg8;@;kBlp-odUE33n2CX`1rnXPS6UC)|!jRAU@tuC~Mf_awjSY z+v*%@t-5C>c^YdEl%Aks#;|^J@noeEL0dngMOziylwRaR5@jf+CJI|WhRMqKws~v+EI|{9Lr{9z#eP-Ut|A&a&(xt{~z{x`}O}WAUD(Hd@+rz z7beQ@0&HNS9c_wPcIiKi#?Dzdc1johE(i`0U2V;e?Zg9=$9}0ZA$)FiIx?xfFnb2} ziJ|2VJ;og6I~e5+9gQr+1K+1i{C6^TZ90z-d`1>n$PG@kNx6pGWd1MVFXV^1i*z;A z4*4>>y2DMhU9hsQF_?1;c~jzj*1!AIxrqhM%DOjc28|Rv>cChTCyFjpt?agh@|J~M z;su{;EfbaUPrX|*on!wAvj3`H{tu7)dHY}Y@MypP-w9;yf27hI_WXP7udvmnTPqNP zcvIeNXgJz_NBNeg(|zJ_9xlrN_!Lk9YI&e#JdGXB%d_h4=;b6naQK;c4qfs=AZBv6 zp**SIgqxB#5&A*N-mJVx<^8RSLkGk|E)l@6+m07@MVhJSS{Y5Xg|4TmNDeX%?kvf1bFTucn;!r8ks^dbW^*s#40@xu%pyH2$iR%X*}y^hb14 zY2zji{~NS!oTt1GN6LTyVjTMQucn*50Z>luXU)lfHKp__z>0C@I7AKz>|XldojF75 zd0;0-K>n7vV4*j*^@|kZUnp^G<2O#dH(4^5#IfsG3G=SjB9g=)y*^MwC%I^_VkApy zsat0aG36Gp!FWySD;LAH%7~EHADOb4580~@HRWV3Myzh>5BgPyHAu#|s|mi%U2mwN znY|6Mn(R5=glgs@#A>1=?OsC-#q9SwHYZ-V zQ2LQ!8?Jy6>Wsmrp2ID4oZLmK*ypX><0V%sZ0ZS2ymXHm?Ne8FK}tKiyM!ES-$fgF zmrNLD_Z{r|!~^TlI4PiC1+IHVU1Hx`Xy7jKJx7_1FP+b^=j1BUMx6=qI((M@+-lpc z!nfs&xPZ6|;G@H1)BGMe6j}0r4_XnHo@Wud#J`toUS23SYK6?PWt(^|@gTpQo=XB( zSj;Tc>dZaS$z&>AMq+@SOV7Q}-qc|r^@_+gkV=dgE$gK^{%lTiHFFpVXN%&2Y;+u( z#V%)7=V~CLDLUs6>InK?W-F~%x5Pw&wn*U>a))TEi_4Xh0q?e!n&7-~l*G{0u z{#&@@T`&QAAeNNf5pP=b{yJ0s6IDwB&B+3L9u?s%sgzH4&WllvqEYpr5;4?K9WB^M zdx`}tacnFO=@=?cmXgot=lk}AI`?f(eg_M+%obWZTX1^|Ol9o$zPoE}mX%wm)knRf z<4rR1B)2MgO#;!5vONngedd@y?kfrhRU~FY_`UWVe{SCraGj*;#~bF3dDyJwT+F7> zE~|xX$L~;Dhx%6dRd)HWQSM(0ZBQdMQS^i4)U&EI21`Z+w1wndSg7;5n--y;(XUl- z$#G4%YRDba#0Pur=wz?ts6#JYTdIqA?c7E)n%<9ZuV;6X+vwEKvfks01up2tt!duU ziwPqPs8x)Q#VlRZY}SL42R~d9cD^zG@vTk-+{{6Kg13$Z?ct&GUy|PI48fdZhNKsn z4X+s7673Xeg6%uVEwMSU1+nvIN(HNZh?K?gDH9ed96SZ{i5w!|nb~vr{Ym^^1FF`4 za@24i+wi>Se`dFzzyH@gJlxxVb^-_a1Hgl5>2{&|zS%g?R&NJIZ4!S>Oe+VG;>cK5 zUb>chSOrz`AI;M3#H^&E+H9%?>g2z7oZtWTj(hw4-%g@? zz3SavVen|40!E&czQhY{jNz#q`U6dl`{3F8b;tH$4f($%E~K%l62JfTwLqQxALiq~ z_6|>u_xJyI0_(`Xx_(e4=PL$@ChgDYn2~4*^an}~RbRSgzYf@3{*^z#7UjR!FUWs? zKmYFpo=N`G>sD*a|07+(N@V|~+w^OKHRYerFng}^AM?n}$N%b@-F^J8oj`^EM;d*u z=>G9kRS}LSO*uqY%>`w63UN^8d{lrMeV~PMPE|r=M=c>9UU_`NI^(Op^RL4i@=rV> zqRU*5Q~l9{6h9xecYhaf zOR$Fg$G24<{~|=~`rpj&|IPk>|GyiE=YNli&3!m0}$xKpNr_dzY)Am zSVR6PaqPB=Vf`2_P&@w@?El@PXcFlbJAM>ccm;ar>3)uhT@l>)* zxQbG4YNCXx0ht5|D_bBGsOBOhlo1S=yB@7!=6#`RqWW7zYf>-SCzVpJ+9s`_T3mmv zrd+Z7+8bd0BCv-3*Mq%2$Nhivuo(a8X#f7pZs4Wtzu5@Fg_&UO&`Epk^fXvg{x^5} z(%=#D-#^~_f9wQaQvNHP#MTbSwwM2>!5Z?f-OGF)`)~iG82@o^|Je;}D*q+;HJ6ar zRvRTxD^zKa%yr=eDSpX7R~m5)^}JVD{H8(<^Bvr;^78si>XmBw53dP7cl;0Y@UZCr z+25c4>;zT`W_&@satcpxk;j)mcL+|MxPTZyo-_jB>LcY?FP7Fet$ zstqC7%)GI(_QQI5ypKZ2!400G`vbXj2}~y!uUV4FE87f9SQe6S8AaVjt76@$NO!WS z+fkwx>x9wYz!s2;X%fCil8r~F9#1Mp%CC4$X|t@kBh4)P8Gq-5(IVZ_NH&4kOCD&D9}I^8roM65=SPtuJ3tHj03XJ%An_Iwgr}45EhztB@@46g@n& za;206KMf&8bIAfc;Ibzt*o6K;L zYK>s`6kL3-O(Ld_Bgh92+Q^P~X9Qk&!ZH3U65IQ1#5@N@lMz4|r~yS-*sOIkQDR^2}CU8Q(tlE3dLw zR%AUM*R9#}_07sa9gnJAec$Ph|J$!k?%F|R9m+Xb&F{GI2ICfaE7m&{4w*#g@Svir8gj%7snhV2L0JsU!Em{WFNlP^NbW@Ydx0KN$mD#zw* zBsq(Wq{jql?QT0>u$^`1e@Dl; z_z&G9v%mNM*$Et=D=Y*sk0U`*)a__F0}o9C;yT2eA|Km#cnaKTHV)9ujBxd=Do3GV z0!>{yiLCj=oBk6qaIqi@2qRZ(-?8UN3LZ>Di!=Jh593*bgO)_h(0_buAh{by)C;pp zrjQQ|xx@pb*)UGWzlJtCNn}XpbLydw!!dFQa*+1sBD`A;$+D4G&63nqvYAr(Yi zt0=1jpQD;lPe+rvW_SUJ<2j&3bPB2}i#ZZA!v9>tx`#dNVGmn`{|^8F|Nl(}Oiuu? F001EvBPaj> literal 0 HcmV?d00001 diff --git a/profisee-platform-0.1.23.tgz b/profisee-platform-0.1.23.tgz deleted file mode 100644 index 0f0cc765c156849ee89173522ffa4ff9af00094d..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 5566 zcmV;v6+!ABiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PH<~Z{xO-`?mpq2cEOQwhzy;>^MoG;@zF=c-vsJNiNQA?*Ro0 zTAJ8wWKl~}_NLq1XFpI9CF+MIJ8_(D>servh{NIV#|+8gaOg97OE^H=cd@voY~C5p zFcZc-p1ZHM1g2@4$Nhfz(=^TePqTN}d)4h9cKgTuez$ABGQ0ibUhfq$x5Ype1YBVD z%6xKJ`O1AIfPL~27$?-T(4yDCzMuTrHM+-!*>Hf{jQAq_Hb6gtJ4d!0Bj}bgbQO;u zbQO;uL_PE_m;m!Y0B?AB4i+kmvWB?#!9v*gU1DQNyRlH^nnu^?9X4LNW&R#el>Y^G z1K`_K05$S|bkfbs|B-oO?&W_Mz(2WTU<+UtYBmr;C=%G#>+%1bUku)lTG3Yr3p~Lb zF4EM~AGGv<1Jlwzj7Qg6s*gEeQs!u>SA+5R=gaHUR!+vPdCcM}?WIXuh%vO{=X!bLo_NH=!16UBGh4zyVJX?D7m! zq#QFvUY~0ivTEZQW}tI6{%LSM(%6E}0+@&0Q;&aOu7z5~?<)J~e{W=s&QCAK8i6HD z2EHHTs38HqOYhITDFe>00~ahLSO8HX;a3=s^)Hk-w$}3TFdO_HFhB!akOiPq!oZe2 zq}2}xVn!Je_ma8Gv(sU=`nF5J6K7##56{m=7dL08h2$~V41^*Op^Znw>(NcFcO_Fp z7n8Y#S~DShtJC534Ca^{pXV;8*f%Jfc9y);GtHxpdDJ0cr-}QHEwk~Cq>v+e<~*Hb z^zD`a%XB^C;m~~={V7?1m*d;T+n~$?mZJ-EOx&%turHF5u?^Vs34Kl}5RV0Hc;X)#{ly)<) z9O^bR2yH2(L?cPnHN2M6tqGmLQ!U|q@WV)rd?^$b`Xg=EFX^ucp_WYNEi3y~CX_K# zM3b0G99mY$fz)%Yf0iLCbr&NhnywT%?Ee^Z^nP%5UXCXDkFf?HZhmUzaUL=sw7(vj z4VT#9ad=ByIK={6==J&8aC9*qoepjWaT`U(|`S|+3+bB^gF2uvjDuW!!B!_oCknDP$pGYRiT|CU*8mj+HeV!{qd1{~p6j4p^Hr{z?I zhWg|k+<(M@D=c)2U7n=esn2O+D9N$V!93ssO#s;pumA@U4~ZEde8-VT9Y72?4VVpR z%4pyt>^W$L7xFuHfFa+d#J+#S<=XxZ?iaEky$dugoark?R;Hxid8m%LrDO6>?uT@G zZRL`#(kV5Q6gN7#m3xRn#&{%TKYN7|6q7&7s%MjUFiG}4`PvEaaIwy@_8Dpof)1kQ zAr7LqNwdd@-=k~l0!ONYFz00IfrF?(M0}4JbpZ*A=9qZs`bP`3-eV6>!9izn@1jc| z7#5VZB5W?v!%nS1|0imFBuoU@MengaBOah3^#mi6KqhNLE~asojHk@Vo99xi+PZ9@ z_yJoGSX!k``}*p`^~bZ(&o`rsL2hmj!j+6d$Sn(~>w=whn?f31o}Z6~H)od@C98xi zX8l?sgPB=Q;3Y4W@{gny)NFbBOgrj$_etnDaG^1sfE6LDdSa5e@4PlI`^Q52en=d<$MDoN;8BcWK)4Be}Cyt+ajzl z|8w$O@_*DjF37*RxBu=0s^vd7^FNOoC>O@uvcizKp%^}1N#sdBLPg|BeDw-qZTX)N z&mrFQG0TA3`QJRr$$!7sKiFf6?PRW*s0^C0W1V8j;vw2v zx}gQJifCIQeVqckW!PB$AF&LmpZ~iB`9IvB|Lg>IIsaFyfsK{{>u87#*A-d)v0>(~ zR+H4qe`KxmV>^WHV$L^J05$U8?;V?Y`9C^5+{^zi;IZ?6Y{YGIK^Yh}C&uS?LHZ+O znX+LG<=DvyzrF&vTgbmOiS`rYSBM}#Ma5oDegiwUAXii%+0Vz!8d-aBEcNY}=tb63 zMYz08qQgynvvHTWw#cdqm#63B%EsMBH01B1LanXG8j1}277{L(S)P@?&4g;tNRw4G z4*%q~)xnS6I+s5Fq)scI+$5UeKhLl7IvS@aHQcK6tmoubonTaOt57PqjgKv!jnSBX zp2B9`qK>*{aN5&P^P61ki1(5oGe0*OxCuoI6Yt2Pu5Fc+Slr?N|xf7Ly zZFLT{R^2m`JdL#nN>5NRV^}}Ac(PK7psk^r=3R5LYIXcYS{|~!I`}O}WAUD(Hd@+rz z7beQ@0&HNS9c_wPcIiKi#?Dzdc1johE(i`0U2V;e?Zg9=$9}0ZA$)FiIx?xfFnb2} ziJ|2VJ;og6I~e5+9gQr+1K+1i{C6^TZ90z-d`1>n$PG@kNx6pGWd1MVFXV^1i*z;A z4*4>>y2DMhU9hsQF_?1;c~jzj*1!AIxrqhM%DOjc28|Rv>cChTCyFjpt?agh@|J~M z;su{;EfbaUPrX|*on!wAvj3`H{tu7)dHY}Yu)p8`?*uaUKT_!pd;UH4SJ>*(trZAC zyeV%sG#qWeqkPNL={|8d4;STsdk zP@dFp!cEDW2>qaBZ&qHU^8QxEp#$O}mk40kZO03{BF)rut&FDHLf6w&BnKIX_mpN{ zZ|jcnt~b=s z%-)7rP4*mbLN#*{Vl~l`cCVp^VtNH4OKy1i{>lybuTxvinQu(gnZJ4F`M+xY7v1oY zTCA8I%B@`ya3(eFwWf@xVGXP73H(f$LsTm)Q3f8n{b*&rxRMOXqX!Ik`%-QD;KD4xi;ex7v2A z@NGFGE+Fm#_~`K1G`~jEgI0v4=UId<@$coDmlw*7S|M|6*(RP#JjidS=aRq` z7BdUAI&)8SGMNgOkr-g-(sS>#H+2|Dy&|#=q!J@W%X+DfKbwE-8t^Jwq?wG*hZ z{}wKJ7fiq&h$Urr#G4kqzs{8ZMAec&bF#pmM@2YGD&>=%^I}w^XjDC@L=1IQM+-L6 zo?-z@92<*6I)=)VrQ|dE`My1&&V8Gc-@!sHvxU~q7Tn$fQyIIx@9tWgW#txX^-=HW zc$17g$*oFWlR&hiY|p|=pE>4_`-;Lr6^WS;ey=^ppWC+tTqmje@rJo$9yV(^7qcm} z%W5Ip@jH~(p}rM6608`MZm6#XDM^{gt5!IBXHZ6SFV7V5n2rbXyy^lKGd za$FOx8gj=p@xfj@I@v2Z>d*_)D;;HahjQtoOKLfeU(ZYnr$8 zV!{XmY8B&SF-zApoAsdN!4Fr2oo|ePe5(@yH*=7m;H_gpdwA&lm!$VPLonxHaze7pV{r_@BeiV5BK(;oxnl<0PrAMx?QNgZ#E9J)!RW)o5UXz)5<}lI5L)% zm#*a=Rza2gN3(Q0F)OL4Hk)dJI{EJ%=l6fTxCK6v(i-LZXGL;i1x3u&yX#P5H7El?-_hxz!g zy~C5^{r&%)z&i4;t{+s%`HDfJN&7Q8W+WN{{ehB0)t7GBuLCxhf8`IbMfvab3-aIJ z&;L7tXOjQ)y4Bk9|45gx64`(0HvO7lP5I|D%%1D~$2>Cg@xQvJxsU&~6R7b2NTbgc z-9MhHD#G!kDTnB)xu6VBAr8u%j|xzu542FusY;0Ks3pY1E00fDXMELn{&iSG{)tCK zbeZds3ZQoXf0Cd7yS@GVzZ=+=P^W`LzYE|~E@X<~^KM4o3c+?`QS}*=;^(9G?(YI_ z3D%JR__pffUxcV#|C{;!zuDjK|91oN{O?h*xew@5^hFZoAk`Im00Le3a}mAwH-fhb zYsfz(j@?!o*mYe|LFJUIsfmS z(Lr!-WRGSs=r0FCiRkiQYq!CZPE&=#r4-} z$`#A6y#eMg0&D1hJ=p7W-2XQZi}9b1_V2&!242ekn~fk`mZd7yYWd$Z(qEJ(R5JM&eNxqvMgUxWq#Ub&3+lj-2A+r) z05!n^i?u|xAq1P5H&)huSWl1lQ3yG>!Bcd9AeSzI>Ez-yOA>iyn_&sdLJ}^csM}~& ztUDFyPBwKrO4MSVF!~$V0&+1;!uLqB@#xg!NySL{6|X66mNj>znPorY@0>7Nq+1&4 zM$3#=1f*GU5Tgg0i5SstQ>ZfYK>}5XK#3Yg28_riZz1R%wKDu)X+=s34{_zE4exWw zKgTLxTFqiaobrZR@{OAbFZsyDToC&Qm)dt@L0L9#PShf$Z&WS00Tcc)LU6M0_}ua+ zT#qMi`G(b)QaW`v@9=3Tx}0zUo;W4^E>jKPDSwS+`G#h(aPzHOq> zD;aw$o_AERkS&m710@scJGd`0QpQZ-4ND!Wo|#<9>{aFg&uug7mryTfw#Y}G*{Un! z+vk4eRrbn?tjFWJHG96kSsAF~QMIe@JKgbr`?bkkJE*KfIVY?69T(nU+#=7#2OcXq z&hzs4Nv7x(wf!0<9$uBTE8}1Vm%6{z3$t6!$_l=fC)*42Tx4TaJ3pJCZq~-NQd;8E z_NU;vOiuHw67|4pc8BefIVn6_VEaLK-})_WFL5yIXBRDV^Pbm-X@ksqI+rM>z@FM_J3mr?wm|L%C;4@ zv+n%w=r|Yup?hQ=?)`su0te^{3jxgINKh1YJ6g`bLz95G4)LbQ$Mzkb0ymnC19USZ zTs^DGQD~SzQ^YKx2h-5vjK1;1c-G*cB@r|9AKw~C z?#2=I!mN@hQblMD!orbNtw z3F1UZ1rgUO%Id)9sAkmD(PXX}UI5~F4rmdbf~v}5j>L@cKbNrXVGn!Q!xrKH0{{U3 M|L~CySpcvA0Mhp>C;$Ke diff --git a/profisee-platform/Chart.yaml b/profisee-platform/Chart.yaml index f8d5ad69..d00d3808 100644 --- a/profisee-platform/Chart.yaml +++ b/profisee-platform/Chart.yaml @@ -3,4 +3,4 @@ appVersion: 1.16.0 description: A Helm chart for Profisee Platform on Kubernetes name: profisee-platform type: application -version: 0.1.23 +version: 0.1.22 diff --git a/profisee-platform/templates/service-profisee.yaml b/profisee-platform/templates/service-profisee.yaml index 0c43d90e..a0cdf8e4 100644 --- a/profisee-platform/templates/service-profisee.yaml +++ b/profisee-platform/templates/service-profisee.yaml @@ -8,7 +8,6 @@ spec: ports: - port: 80 protocol: TCP - appProtocol: TCP selector: app: profisee type: ClusterIP From fc7e7e65cd2637ac5c8690afa459273ed00e062f Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Wed, 28 Sep 2022 16:09:22 -0400 Subject: [PATCH 099/141] TCP probes --- Azure-ARM/deployprofisee.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index ac6198f1..85d525cf 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -240,10 +240,10 @@ fi echo $"Installation of nginx started."; if [ "$USELETSENCRYPT" = "Yes" ]; then echo $"Install nginx ready to integrate with Let's Encrypt's automatic certificate provisioning and renewal, and set the DNS FQDN to the load balancer's ingress public IP address." - helm install -n profisee nginx ingress-nginx/ingress-nginx --values nginxSettings.yaml --set controller.service.loadBalancerIP=$nginxip --set controller.service.annotations."service\.beta\.kubernetes\.io/azure-dns-label-name"=$DNSHOSTNAME; + helm install -n profisee nginx ingress-nginx/ingress-nginx --values nginxSettings.yaml --set controller.service.loadBalancerIP=$nginxip --set controller.service.appProtocol=false --set controller.service.annotations."service\.beta\.kubernetes\.io/azure-dns-label-name"=$DNSHOSTNAME; else echo $"Install nginx without integration with Let's Encrypt's automatic certificate provisioning and renewal, also do not set the DNS FQDN to the load balancer's ingress public IP address." - helm install -n profisee nginx ingress-nginx/ingress-nginx --values nginxSettings.yaml --set controller.service.loadBalancerIP=$nginxip + helm install -n profisee nginx ingress-nginx/ingress-nginx --values nginxSettings.yaml --set controller.service.loadBalancerIP=$nginxip --set controller.service.appProtocol=false fi echo $"Installation of nginx finished, sleeping for 30 seconds to wait for the load balancer's public IP to become available."; From a84dd87694f5fc6ae3dba26492dde2dc69c95746 Mon Sep 17 00:00:00 2001 From: Naveenr04 <115646520+Naveenr04@users.noreply.github.com> Date: Thu, 27 Oct 2022 11:35:00 -0400 Subject: [PATCH 100/141] updated config file to have complus_gcserver value --- profisee-platform/templates/configmap-profisee.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/profisee-platform/templates/configmap-profisee.yaml b/profisee-platform/templates/configmap-profisee.yaml index de5b31d0..e8f228c7 100644 --- a/profisee-platform/templates/configmap-profisee.yaml +++ b/profisee-platform/templates/configmap-profisee.yaml @@ -25,4 +25,4 @@ data: ProfiseeOidcFirstNameClaim: {{.Values.profiseeRunTime.oidc.firstNameClaim|quote}} ProfiseeOidcLastNameClaim: {{.Values.profiseeRunTime.oidc.lastNameClaim|quote}} ProfiseeOidcEmailClaim: {{.Values.profiseeRunTime.oidc.emailClaim|quote}} - COMPlus_gcServer: '0 /m' \ No newline at end of file + COMPlus_gcServer: {{.Values.COMPlus_gcServer}} From 770c3ccad84c0ed7cc9d0c8a2d79cc2cb3357648 Mon Sep 17 00:00:00 2001 From: Naveenr04 <115646520+Naveenr04@users.noreply.github.com> Date: Thu, 27 Oct 2022 11:37:15 -0400 Subject: [PATCH 101/141] added COMPlus_gcServer value --- profisee-platform/values.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/profisee-platform/values.yaml b/profisee-platform/values.yaml index a0f45130..b1388bcb 100644 --- a/profisee-platform/values.yaml +++ b/profisee-platform/values.yaml @@ -54,6 +54,7 @@ image: licenseFileData: $LICENSEDATA preInitScriptData: Cg== postInitScriptData: Cg== +COMPlus_gcServer: '0 /m' oidcFileData: | { } From 5e7d2975472118751bce633e20880621f89c9b8c Mon Sep 17 00:00:00 2001 From: Naveenr04 <115646520+Naveenr04@users.noreply.github.com> Date: Thu, 27 Oct 2022 13:02:14 -0400 Subject: [PATCH 102/141] Update values.yaml --- profisee-platform/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/profisee-platform/values.yaml b/profisee-platform/values.yaml index b1388bcb..1e2f966b 100644 --- a/profisee-platform/values.yaml +++ b/profisee-platform/values.yaml @@ -54,7 +54,7 @@ image: licenseFileData: $LICENSEDATA preInitScriptData: Cg== postInitScriptData: Cg== -COMPlus_gcServer: '0 /m' +COMPlus_gcServer: '0' oidcFileData: | { } From 24d998679f75da3a60ef253982a57e7a3b60e755 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Fri, 28 Oct 2022 09:08:22 -0400 Subject: [PATCH 103/141] updated to 0.1.23 Added the Comgc_server value --- index.yaml | 4 ++-- profisee-platform-0.1.22.tgz | Bin 5559 -> 0 bytes profisee-platform-0.1.23.tgz | Bin 0 -> 5567 bytes profisee-platform/Chart.yaml | 2 +- 4 files changed, 3 insertions(+), 3 deletions(-) delete mode 100644 profisee-platform-0.1.22.tgz create mode 100644 profisee-platform-0.1.23.tgz diff --git a/index.yaml b/index.yaml index 7bfd26d6..7c8bd76a 100644 --- a/index.yaml +++ b/index.yaml @@ -9,6 +9,6 @@ entries: name: profisee-platform type: application urls: - - https://profiseedev.github.io/kubernetes/profisee-platform-0.1.22.tgz - version: 0.1.22 + - https://profiseedev.github.io/kubernetes/profisee-platform-0.1.23.tgz + version: 0.1.23 generated: "2022-06-30T00:00:00.0-05:00" diff --git a/profisee-platform-0.1.22.tgz b/profisee-platform-0.1.22.tgz deleted file mode 100644 index fe746caf3a5c74d182bd655b6069a97feebd78d3..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 5559 zcmV;o6-eqIiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PH<~Z{xO-`?mpq2cEOQwhzy;>^MoG;@zF=c-vsJNiNQA?*Ro0 zTAJ8wWKl~}_NLq1XFpI9CF+MIJ8_(D>servh{NIV#|+8gaOg97OE^H=cd@voY~C5p zFcZc-p1ZHM1g2@4$Nhfz(=^TePqTN}d)4h9n#blz|EPQT%Ix-!dnd1uxh)2&Am9SC zSLTz;%2)0y0qm2Hz&N3vg%-UA_Wk6~uF*X<%!UKpX2ciaw*mSI+&Qx47(us`p{scO zpsRTNAnKua!33BG0(is2bFffhlr_Y?4;I3{?-CnJ+Kq)O*EG6Duh)3#mic=?QT`X$ z4S;V`0o2I<(MdNi|3~J@(O&*{0sNCY2DSiZp=JXigd%}$y&nJ1`NiP^?3a%pYY{oWDIgA6<{GE{hcMbyS$Sismb;(6rhrG?z}PcN1#C)&(qw3>@$T!7k4r zManT#JUbm`t8cpmJaHB__VD~{ba8WbT1Xy)%|Ivu5!!e(ydK@;dRHlke&tQ(Z@p z%!%O1*t7k>LS54|)rUFErB*;)GuA2$J_W!FS&I0k`Ciqm*&uT~RYfwG5-ucCOKCR) z%b{*FgV2^jN;HyGUBhcB-I~w|Jk=7;2S1F|$d^K4p+C}g{gVEQ5NgSE-mH&s9*4KYg;OlBgcp<-I2N?2QO6>bLT(0f!;C>+s(z`&@!kNBOWMxYFormg}TRJBH(y2a{y)ldqis4;SkkYoDRkAm|`! z9^xQ+n>2fj_&vI&E^wqe2y;%R9yo{!M8x-qQ5TS)XpV`8u79*p>pk}H6dZIG_b$5h zfnh;eE5hayJ?zvP^naq(N5VvaUGyH?GvWanQco~431qT1CQs;$cg ziXX5Afu&X2w6Cu|Tz@cKc z6Y3vxkbjuXxAT3Nzv-S&?Xzy zet2j$bXyU|j!zvmIE=gRxIt)V(QP*Fi04=+T-Ym}&}_^>V7Z61GMh|%$L|)3MyuK2 zKBzrHWFIosN-3U4PA&B1OBt_f`ZE%a(zypcJgD_zDCZjxQJNtnA)5+3`TI+E+7@Ab z`Ja>LlK-RLaY6pgz5RD5P%Zztng4mzK)EpHmKBD?4aM;BN+M745h@~2;;UB>Ys>$H zcnnC*ofQaf-*2{PK?j(g7inm zGG)UW%CVCZetiXSw~&8n6746(uMk0gii*9Q{04SxL9VDkvY(HcHL~{NSnAs`(Tl97 zig0F+Lm5sZNXvp71g<4yWH53{4EhJnnvpg$(n+esPktVBX z9RA5|tAiiCbuNAUNu5?axk)s`f1Y3Ebu>;I>D&mR-sgI8y{Od8>2D( zJd=q|_g!L#(uWzIg8;@;kBlp-odUE33n2CX`1rnXPS6UC)|!jRAU@tuC~Mf_awjSY z+v*%@t-5C>c^YdEl%Aks#;|^J@noeEL0dngMOziylwRaR5@jf+CJI|WhRMqKws~v+EI|{9Lr{9z#eP-Ut|A&a&(xt{~z{x`}O}WAUD(Hd@+rz z7beQ@0&HNS9c_wPcIiKi#?Dzdc1johE(i`0U2V;e?Zg9=$9}0ZA$)FiIx?xfFnb2} ziJ|2VJ;og6I~e5+9gQr+1K+1i{C6^TZ90z-d`1>n$PG@kNx6pGWd1MVFXV^1i*z;A z4*4>>y2DMhU9hsQF_?1;c~jzj*1!AIxrqhM%DOjc28|Rv>cChTCyFjpt?agh@|J~M z;su{;EfbaUPrX|*on!wAvj3`H{tu7)dHY}Y@MypP-w9;yf27hI_WXP7udvmnTPqNP zcvIeNXgJz_NBNeg(|zJ_9xlrN_!Lk9YI&e#JdGXB%d_h4=;b6naQK;c4qfs=AZBv6 zp**SIgqxB#5&A*N-mJVx<^8RSLkGk|E)l@6+m07@MVhJSS{Y5Xg|4TmNDeX%?kvf1bFTucn;!r8ks^dbW^*s#40@xu%pyH2$iR%X*}y^hb14 zY2zji{~NS!oTt1GN6LTyVjTMQucn*50Z>luXU)lfHKp__z>0C@I7AKz>|XldojF75 zd0;0-K>n7vV4*j*^@|kZUnp^G<2O#dH(4^5#IfsG3G=SjB9g=)y*^MwC%I^_VkApy zsat0aG36Gp!FWySD;LAH%7~EHADOb4580~@HRWV3Myzh>5BgPyHAu#|s|mi%U2mwN znY|6Mn(R5=glgs@#A>1=?OsC-#q9SwHYZ-V zQ2LQ!8?Jy6>Wsmrp2ID4oZLmK*ypX><0V%sZ0ZS2ymXHm?Ne8FK}tKiyM!ES-$fgF zmrNLD_Z{r|!~^TlI4PiC1+IHVU1Hx`Xy7jKJx7_1FP+b^=j1BUMx6=qI((M@+-lpc z!nfs&xPZ6|;G@H1)BGMe6j}0r4_XnHo@Wud#J`toUS23SYK6?PWt(^|@gTpQo=XB( zSj;Tc>dZaS$z&>AMq+@SOV7Q}-qc|r^@_+gkV=dgE$gK^{%lTiHFFpVXN%&2Y;+u( z#V%)7=V~CLDLUs6>InK?W-F~%x5Pw&wn*U>a))TEi_4Xh0q?e!n&7-~l*G{0u z{#&@@T`&QAAeNNf5pP=b{yJ0s6IDwB&B+3L9u?s%sgzH4&WllvqEYpr5;4?K9WB^M zdx`}tacnFO=@=?cmXgot=lk}AI`?f(eg_M+%obWZTX1^|Ol9o$zPoE}mX%wm)knRf z<4rR1B)2MgO#;!5vONngedd@y?kfrhRU~FY_`UWVe{SCraGj*;#~bF3dDyJwT+F7> zE~|xX$L~;Dhx%6dRd)HWQSM(0ZBQdMQS^i4)U&EI21`Z+w1wndSg7;5n--y;(XUl- z$#G4%YRDba#0Pur=wz?ts6#JYTdIqA?c7E)n%<9ZuV;6X+vwEKvfks01up2tt!duU ziwPqPs8x)Q#VlRZY}SL42R~d9cD^zG@vTk-+{{6Kg13$Z?ct&GUy|PI48fdZhNKsn z4X+s7673Xeg6%uVEwMSU1+nvIN(HNZh?K?gDH9ed96SZ{i5w!|nb~vr{Ym^^1FF`4 za@24i+wi>Se`dFzzyH@gJlxxVb^-_a1Hgl5>2{&|zS%g?R&NJIZ4!S>Oe+VG;>cK5 zUb>chSOrz`AI;M3#H^&E+H9%?>g2z7oZtWTj(hw4-%g@? zz3SavVen|40!E&czQhY{jNz#q`U6dl`{3F8b;tH$4f($%E~K%l62JfTwLqQxALiq~ z_6|>u_xJyI0_(`Xx_(e4=PL$@ChgDYn2~4*^an}~RbRSgzYf@3{*^z#7UjR!FUWs? zKmYFpo=N`G>sD*a|07+(N@V|~+w^OKHRYerFng}^AM?n}$N%b@-F^J8oj`^EM;d*u z=>G9kRS}LSO*uqY%>`w63UN^8d{lrMeV~PMPE|r=M=c>9UU_`NI^(Op^RL4i@=rV> zqRU*5Q~l9{6h9xecYhaf zOR$Fg$G24<{~|=~`rpj&|IPk>|GyiE=YNli&3!m0}$xKpNr_dzY)Am zSVR6PaqPB=Vf`2_P&@w@?El@PXcFlbJAM>ccm;ar>3)uhT@l>)* zxQbG4YNCXx0ht5|D_bBGsOBOhlo1S=yB@7!=6#`RqWW7zYf>-SCzVpJ+9s`_T3mmv zrd+Z7+8bd0BCv-3*Mq%2$Nhivuo(a8X#f7pZs4Wtzu5@Fg_&UO&`Epk^fXvg{x^5} z(%=#D-#^~_f9wQaQvNHP#MTbSwwM2>!5Z?f-OGF)`)~iG82@o^|Je;}D*q+;HJ6ar zRvRTxD^zKa%yr=eDSpX7R~m5)^}JVD{H8(<^Bvr;^78si>XmBw53dP7cl;0Y@UZCr z+25c4>;zT`W_&@satcpxk;j)mcL+|MxPTZyo-_jB>LcY?FP7Fet$ zstqC7%)GI(_QQI5ypKZ2!400G`vbXj2}~y!uUV4FE87f9SQe6S8AaVjt76@$NO!WS z+fkwx>x9wYz!s2;X%fCil8r~F9#1Mp%CC4$X|t@kBh4)P8Gq-5(IVZ_NH&4kOCD&D9}I^8roM65=SPtuJ3tHj03XJ%An_Iwgr}45EhztB@@46g@n& za;206KMf&8bIAfc;Ibzt*o6K;L zYK>s`6kL3-O(Ld_Bgh92+Q^P~X9Qk&!ZH3U65IQ1#5@N@lMz4|r~yS-*sOIkQDR^2}CU8Q(tlE3dLw zR%AUM*R9#}_07sa9gnJAec$Ph|J$!k?%F|R9m+Xb&F{GI2ICfaE7m&{4w*#g@Svir8gj%7snhV2L0JsU!Em{WFNlP^NbW@Ydx0KN$mD#zw* zBsq(Wq{jql?QT0>u$^`1e@Dl; z_z&G9v%mNM*$Et=D=Y*sk0U`*)a__F0}o9C;yT2eA|Km#cnaKTHV)9ujBxd=Do3GV z0!>{yiLCj=oBk6qaIqi@2qRZ(-?8UN3LZ>Di!=Jh593*bgO)_h(0_buAh{by)C;pp zrjQQ|xx@pb*)UGWzlJtCNn}XpbLydw!!dFQa*+1sBD`A;$+D4G&63nqvYAr(Yi zt0=1jpQD;lPe+rvW_SUJ<2j&3bPB2}i#ZZA!v9>tx`#dNVGmn`{|^8F|Nl(}Oiuu? F001EvBPaj> diff --git a/profisee-platform-0.1.23.tgz b/profisee-platform-0.1.23.tgz new file mode 100644 index 0000000000000000000000000000000000000000..8c6ad85abb4c1f149bd1ce3a02903bbf40b8e060 GIT binary patch literal 5567 zcmV;w6+r4AiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PH<~Z{xO-`?mpq2cEOQwhzy;>^M%L;@w^9c-vsJNiNQA?*Ro0 zTAJ8wWKl~}_NLq1XFpI9CF+MIJ8_(D>servh{NIV#|+8gaOg97OE^H=cd@voY~C5p zFcZc-p1ZHM1g2@4gML5!X_{vKr`bE~z3TQ4dxPVn?(yLGmD%kN`h!=<+!g~>5O9In zEAz=^UXTCh{Nm*Os1<#6u)q_{ z;UY~v{Xt6)I4~{k!+3P9rTUojC1sA5dUY}$|9p9U+G;k`5WEh&8!`tgp?D60k35^* z`@%x6Ka5A`qnq*QVtD=UtD6W3J9FZl*ftG3A&H-yzCXJ-84fQ$T-<2o-x3$D!Ka)E z%I@O=!u(NI#rfN_^U?L_>as{7Uq^+Rt7yKm3Qeo6LUZYqdN-jKY+b-|$iM+l5bW{{ zQluO+MP8q47_w^P8D^k!HvZ}4dZe)hp9L@vyQd!iz+4Npir-cC(f{7a8l9hBj5PvF zn4I{2jH8AG_%6La^QH_qzYbimkYE8siG*KaJl4NZ;@Dct$HVO8_kaO9u?1NGIwcHj z*+W|Wa3E%s5pge>yF5D`W~*! zHFPnVTc|Y?!nZmdZqHzjx$$}Ka*BO}vT0|@J3Z4p>X=6z5_X!n@7OXM???(cqG!(2 zNk-pp39wApGae4zr_rC11$a5WUAzs-JYYGxFvrB*S_|85zy+`i>cBA40NrLo`xp;5 zm&}Ra$=I{~z(QTqG}VVW%%xU9T{G4y3_bAYoSzsiI% zW{PMMQ;9>%3OSH^uJz9{M5XRx#6;7TB8UASV~*aRoSm1WN&aK3lMgpPwemO*nGf1u z56y;4Z16a|B`%y|fi3j<{A@V77>`a*ZcgN617{u)<8VnEAq=Pg`d72zQ!dI=hL`WJ z+<^Z&wbe}d#(dLkNQIV`5_iTIH5y`Wgv*D(M3Vmc=6pOHUEhQ$@8CX@@NV>Pnbme_ z;KTzd?5AWL5`M+#f;f_gRI`R^<{jLB#DOa;bc zLPb`lq~Cd{rMabJ@=xxEbk=R=g%T8#Kgz0SlXx&m zwnX{b3Gi^S&aqM&Y7K%8qUIqEqPI!2$B5sfYw7|=s)I1+Wa@!~s6a$~j~I0U35w>J zccjQNv(e8tql=T=lpll(9EFfuEl}45 zJLxusG`u`N9}RELE-y+J4_VCmB}N7_v&z6rUMk6%W`ha;NZnu#dTUH6ox0^}Ad`7& zLzGzw3~JVGql^1L0dx5~@J^_Fl)7l&E!xTSvDxOZ&i>OM9A)=^z20&EaKHcC1$_C^ zM&uS5AERA=IQK-W14EltQ2XJb+0bo87&|_7)Zj4gzT*a=okh3VxFeopp>ScZgumIC zgTQhRX=OH<_>SK#6pdE1!F^DBgvdT*s+CeaVVqj%%a<}<)jVe;9Ho;CdU#Ol#ZaI( zAfi-2NJ2Ihc=Gp`?zAn!`tm;~&n5pyy+J|#dwcuOPM});b5s2DsDW}}%&i{`i5rUH zp2SzLAl8=u3Gp1_O&_xisGa}Kw{$Bof0lS?4 ztJT0p%Ybz>#D?pNtp38zYBQm z{2yCu+gwlvhRuobxm}R{$SS6cRYN&;a>B2#0PYs@FHNHT#L5*S$WKwRmy_SXj!nfC z6-f5;F|$V2FdR#LJ0^OO^;8iqZ0>z`M5G>w-F8byQolW>#>F+ z3%-Sf%Vm~lrEfE#+B4E*6^+9`xovguqqokbk3Xqni6=LSX5r8CtGtfJDM}5u>OAW? zxm8CM72GP63U1@`iDzRprk`gr(doWR>`?kJ!*dY8c*p<58Q&JKMqjNP&?$y?CPF1(RRVg`oLh$E#ys!_gVk$Q|BfYG%M@gq!~0) z@Tdc0Wt=FwOtrGx63SZ^a)}pwuC+{5%0KmP$#jnWC&>P*dig&b9OvzS-NU{8e>af1 z|B*^>*z@nPzrt3RZmmEF;!Sz8q2Xxz9py2XPWOq!dAKP5<5NHdsO5o{@icZgFVCvG zqnDHTz~N`&IdsWS0x^@j4dqGwCft;~iO>&9_GaZpD(`Pq96BH#a)|(j-FCdNE7D9| z)XHe8Ep$CiMe-!$@Sf7l>uudJzPy1>guwP}4xUIoUfrDs9}v;eUhHjq{ZE;Yj)KUyMV){?&A|Hvr11{j53pucnk< z1z0hz9EZpOf!#|VyfbG=JrC@}2*}?O7cBI~wtkU9{0k+HZT!Zm_a;l`k~nr9D`DQ% zT11jKNv{vo&`B;DtQg6XTI#=9Lrl2^Y%pF^`pTDZtui9y^+%>G=0obJrVcXl8FitR{PoH=&xj2(g;zNW0fiLovMqktJ93GEWKR)3&$~ zu3G;^H+-ZPYb$HpqZWWQ>%U(2u(19c^p5uHzg@ti{Xcx4YumlkWT=$x^^#GRUK2>R zIXt_qnPXwk&hZ4?bR&g*zm!IJhsGr~=JE9$k=;_|)~*P-S-Mq}wXC_PvEp+$Fx}D6{dU^EvjMTqWA5Ga+7w z&+?yJZM#+Ywww_c5O)E5bT}~0?~y~1CI9!J6=CUl7NPI^d%5Q2g>s`-$Q)a?iRTgz z^4saTByfer%tEcs+!LKlrov?;2H3gu-23d690pRah-?F?#E8+dUaI5I<|J1$hmml$ zC?3d0$FW)La%Od|PDFIq1M*F%4qr3Jx%so(uhtLZ?+R7(e{9csqV=cV{$n2Z^7FrW zy!Zdw3Dnqs3zxhLCSVW5lCnGEO^e=NXUcz~YDu6uSzynjBAg|a^2yG5F{)8CsvcA# zhB~UF1siEkv4ACxjm04yL*>a*@)`Yn-=0wCzRk(+V4;@TLThIWZf}99jNRUMcdgB` zatpQksCP8jBqL99tCH6w5bY@2v+#Cjj`=}fQ8=g~F%!b?wdeSA`<8&~Bvl`5m^Qs?r!N84=JHl6PUD&g*Vk zgnmZ9R>395HQ}lucT5u>?6sqly^^C2y>M-*F5gxncs$t8|2u(alK=F&)!Op^NSCk@*?;La{hDA+`R6mtp6mR_JTmj~zq;n(KK|EE zpu+zn4Kr7C|9GmZ2*;DA9HOh{f-*dXI4E;IDnN}s&_X$eWv)jmfZF~4aen^q_V)AtZeUwNoemQHE`U$DkST`GyBT>a1lx^8)n`zO zpO4zRzYDk}SVR8f+p3R$5u$eeZ|3*^=FxutzZ;0>e~*gIeL$b0FOnz+sjkoi5a`06 zi|D<-5xh-UL;fjo?6wM4{TMA!JO3B#|J{LU?&W_Muq}Dc43d&v|D&$Y?CpBb4(rN) z^!xLi|M!mb@xQvguC>E`&`!5Z=(zr^xv`~Pm&%*X#Rj|O}B-wC{c z{XZU0CCh}XDCMRmN|+juNszFz1ww&pEX!GO8z(HdqR5~?PuKRUD~^^$#3Ddnnd z(h91@_19|370a)^0p>3PYv_MH*z0rL|2Gfw@Bj9?NBj3*b^|YE|IJ1aF3bdLhfdmS zr>DW1^1r#$mj;iKe{=8uu@iVn`LA#iTRR-vUjCm3YskNLFY|fqzx|T^yG;C_{t*I!bvRLg&OP58Ov zf0&1dMgPyi{`_Yruu3rF3*wbiczTOGzWf>A9?x9;)ZcTVOsE_E(QWhZ;=orvqk`Jh zwb0G*sw5~_fu?#HLxq_RGui473tdnT{xUN9oKPwM0t>heT$h7*iV~=n|8DQ_xbXgS zx4(b?X(vz-({CJi{}`%+`e_QFTK+eU^cUp`l}!FcpH%gv5dc>oDaVT8f;upyfhXbx zKuxf~Vl7c^2*GCNjg_?@*3;vC6haPe@D$x2$fe6DKB&$Icuo>|Wt(9M%R&+^qo~_x zRjfM|=}tCvJ4)1IoiO?v*aC7fO~Us`vhnED<4MIx`4z7zZI(56q?u(uTBKVV z=|;inu!?EZd0f-^Fabth(L)NMh1+?CT}6=9knw2Uui{33J-DRrw#9O z$v?*`Us}y#M4a-5TJnvX2`~A`#as~k2bbD+V?kLqZcfx9rEgR%xd9XYF+y;%@A%yE zC|r*xZuy4Qm{K}*H}CLiD7u_*0iHM|{4P@s-zk5bC@ySjLsXA!!>?Zx$K%m^0hTTa znAx*jh|9eCPKJcR7q(K;VMKYixjLk2KA>q@LL9}k_2mo7MiEf42hhVqrzBC0LGqKAi8u9TACry-Wa9&Sc6%4gf z$LEO_5H?lhm6Dw)&9;7dTSO^~8Mc{@+!+T|>g_q00B`Y@(RpUP*y?E${l%XMR=#bb z(JL8yE1q{$u#hc~V*@1<>N~hEGE&A&;SEb2s-Br#$?R3;0ncqS>z7b3XST>kp4qA^ zpV`fBUt`T|20(Lpdj_`5hPDVB8|l#RncM zInML)_(`Vd6}9~uCLUguwJYOb1(&+N)eEy*&dLhDl_%Q^^IT+ORXabMpl;U2wNhH* z)Apy}xlB&;s}l9VYIcY1k~t|nTVVS^cHfrRv5W}cu>ByrXG3TXbIR^(@MWTCYpM2m8ucHy1VEZocqb+E&@ehM9efeX8@8l0L5C5W!Oq-2={GZJC5i>#q zj?PX;l8e}Y-E0`d0o;i*G5TAxVJx^!9q9bI)J{?U45VYYa{Ap^A?WEj6R8_mXnN0%{~uoO~~z5Usc|0Dx~qA3xx zV1hUiQbEMEin2QJIjR};bTpZ3h8KW1o&#D$r=Y5`m?JSG{Ldw Date: Fri, 28 Oct 2022 11:33:13 -0400 Subject: [PATCH 104/141] updated link --- index.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.yaml b/index.yaml index 7c8bd76a..61e8f95a 100644 --- a/index.yaml +++ b/index.yaml @@ -9,6 +9,6 @@ entries: name: profisee-platform type: application urls: - - https://profiseedev.github.io/kubernetes/profisee-platform-0.1.23.tgz + - https://profiseeadmin.github.io/kubernetes/profisee-platform-0.1.23.tgz version: 0.1.23 generated: "2022-06-30T00:00:00.0-05:00" From 0a9bba7a286e95178052c7d69e692259a309d51f Mon Sep 17 00:00:00 2001 From: Naveenr04 <115646520+Naveenr04@users.noreply.github.com> Date: Fri, 28 Oct 2022 12:00:26 -0400 Subject: [PATCH 105/141] changed default type --- profisee-platform/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/profisee-platform/values.yaml b/profisee-platform/values.yaml index 1e2f966b..5d37b700 100644 --- a/profisee-platform/values.yaml +++ b/profisee-platform/values.yaml @@ -54,7 +54,7 @@ image: licenseFileData: $LICENSEDATA preInitScriptData: Cg== postInitScriptData: Cg== -COMPlus_gcServer: '0' +COMPlus_gcServer: "0" oidcFileData: | { } From ba6276499d014ab97013819a5e69472076193c25 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Fri, 28 Oct 2022 12:05:35 -0400 Subject: [PATCH 106/141] Update profisee-platform-0.1.23.tgz changed quotes --- profisee-platform-0.1.23.tgz | Bin 5567 -> 5562 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/profisee-platform-0.1.23.tgz b/profisee-platform-0.1.23.tgz index 8c6ad85abb4c1f149bd1ce3a02903bbf40b8e060..a93c246aaa798c4870491e25e4d5f1006185a5d5 100644 GIT binary patch delta 5091 zcmV<96CCWnE4nL?P6s4Tq2k@0>ycGVfBmDQ@TX~-`JZO*u=lEablB^kob>xAN3YE8 zQUAF23Ypttpb7#mFneV_xvYHUz7oJb`3Q^?>RD*fYhd3`{_GmvzF{^T;5H+^2)_-` zPvFjxEyoDDr3_ug;|E>E;|Ea>y$dG5JP^Pe9-f1R3Ztwc?tQQj_I;PwSki7Re^j}q z(KUL9jhAkjzXufMe}UZq_%;<9CdT@f86cu<$ou@Ke=OI3t$#%HV{H664=)3 z@&BA(4Bn4g(N_lxJi#0;($v!*wDf=j)6zbSN7q`ak2zmb=4h!`gYo$1%j?rtv!RCI zb>Q8QIamqBa}a#w+3emI7JB_*A3QoA-Hb;U!|Q)v-9$*(nG00~ahLSO8HX;a3=s^)Hk-w$}3TFdO_HFhB!akOiPq!oZe2q}2}xVn!Je_ma8G zv(sU=`nF5J6K7##56{m=7dL08h2$~V41^*Of1!;>!|Tyau6HFWoxoEq;e7DJNR50c6c+j;ZPzd9uLz-*Oy?~t`&A~CF;hg7m`WU4R>*E}BV0ZNCX)2mH|OKw==vs1c?b8Igm@+9R>eNNj*36zBn<^dOI0?1~71vrR!NX!7?JB~c+ z0Aj#tz-&NMMgt#V&p|W1kl(Qb4EZi4_Wc_!m;85dzmNs#J)Xxg4Oy;Q#QD!ADs9Cp- zF7E#X%;oREJE8JX>Y{zOe`qJu$7Y+uI{VL2|2Vt<>-A2KPWJo1UBH(wZA5O7@iE%< zhjUM~Ixw_Z1+^a@nho7ngt6mOM-2|+?mKP}+F5j)jXUBw777>kO8A?NIS4HGkXB}s ziSPK`LeXe78{7xAM~Li0rdlb*6UM29zI-X;Rn2oo!cjWOpoa&we_jj)dIKU#1%xDI zQ-LRcf9X!!BCId}bMjpBf86UAJ`M=@;@P-L%iu@mI1Z%zj>0A|D)bXe=q;LfSt_$KSX0^h5U!5wSDTeleuQ1 zGHAk%b&4g6hiDJ!e})#sDxz(L^mPjCmSJQ0f5bANe*W(k{v)%T9~&HO7jwR;0;rMyP}pd$?+$5TXKhLl7IvS@aHQcK6tmoub9aU6t zt57Pqjn5~Ze~r$K(~ zGKkMH6v`U5xZKf6!nQhaTC47vNuI{q1EnXZm@%v$Q9N0xM9|jHXwg>1Hl-K&kVF}Z zsfohY&s(xGzAawMCE!VnZiT55CGx^d6-Dq#45`GCe`iyuQ=oPpG6vcs2PIVs3F=dz`h04WVlNAFE!%c>wIO#{V_;|0lVm}p0vVwPR{52LYj7LJ|LMZXJzLqu0w^J6>l0Ohf_ z%}fZNe_Nf7OlmL8o`HR0Xt_g=F-Q3hMtMU=BMb4s_bC(qos3=>IVnMUA?oFCOBL$B- zFjmHiqRUh(yDg!-Wg(Y%!RK1bM5X*w@0LvGf7pM5?7ym)|HJ-C-u~A;+}rQk@DZa7>9oStLbKM0F+bvS#$DVO)0$! zuwq;}4v_-_yO%zAXU>p%9@vQykiR7^AXw;)ZT%vJ_!mkX+xU%B?@gA>C2{OJR>Hii zwTL7!NRuWCdIakqcK4H{3S$BKlL!kif0F|GRp7c;)Ft-4g$C{t-*c4N_|o|tdrqzr zZPb|%ufu2g&#kuIDtuechzp3j06seGo96e(p~#Z|d(euo^gN5u_x-(G^YTKuQ7dGQ zE!)I%i3j=Z^js3S!eVBjR%h;sP9{^~G7ngG$6uM|HGdBkd^`u*9*ke>kLLs61IpKBJ%S+Y{>Cw>kM8!n>bn?QFsAEijd_ z+xzaWwOLkfq1F-V9rriM$dlZv|RIUHysNp`g;d#&h%tF~Rt_S?k+H12bS?L=3aaEknx)%`SxH5;*;EVE$$zh(f8YQ0`p5hI-%g@?z3SavVen|40!E&czQhY{jNz#q`U6e+N8s7}b;tH$4f($% zE~K%l62JfTwLqQxALiq~_KwW%{{H_?U>*5a*AJ@Xe8nKqr2QEkGZGDf{y@p0>Pxrm z*8!W$zw!szqWt%ce{%AFcyh9z|91k(AktF`6-kuG5+vj5U;`Zd9t^3P|OJ=gh< zd2Ht6e|62nef+PTK!yKD8fLEO{_#{*5soKKIYd{@1!Z^&aZu)bRDc?NpoMZyRYGJ( zEg>FWd3?e;l9{6h9xecYhafOR$Fg$G24<{~|=~`rpj&|IOq5{(mmKjlf7uPZl>IjwLAWpztQ|UOubrL-Ys&xTPG1^4M*hvc|Hn?? zCFQ@uNo?(KYG#DCn|e|7_#%6|!d%_Zcu)kewF3RM~;b6q$= zieEC&l|~#xJ?|A3zp0SJdZo(p9{-RO^Qn|~JvzVaCr)TXY5ZiZJSLBR?%)yo(v%ygK^ zR)1LNf_m_mkd-3NmWl80dVz^a;z9Gr~^Y9cp_c^)C3DG))Li*5Nu}NSXujF zJw4t>A>`l&PtpB>T)K?ngX(;M=OmF=wi%YNEF|GFin@(f#ky0G?qpN9qeLy%38TM( zEg%=uBz%t~8;?#so>YvKU-6pKW`9|8N19poGycvAqeZ%Sg$R_WVPwFFZ1NU@-cc*V|CLsxr0@_|e%kOpm;7_A@}<=*M#L#^s3qUH znedX2T+9Wre{iXNHx`s-Kk{dALA0q@O`;N~okHYnM;+Ah%jejYnQ+M+Y zpN68#2^ZjrQ^M~u)$pD2$BE*?rZzRpllQY6?*_ZJakGD)fhw%4^|;r;3;}|Xyr;N34R(v zisq69c)(>(PO`%aJ{KPND1Q%@8m*I;!1xSYx0v>y?ff@{$n7`Z{0O2Qui%qb`qq%s zdB9QI1N3GrsPBXG=G!j}M8Lcv9rFQP4qwEK(ItAL%yMcvMua1WF1Y2%v%wA<4@Z2`DehKw*W{Z5}nXS4qzJ2ajUS+SW$a*}k zTeIiuo0Wk&9#y;gzJJpl|F>V8+_i(sI+Sy=n%{BZ4aP0BTTq~s|K5c&rp3CGkzba7= ztY&xEE}4_Uvjw&vWcO`}9m|OD4cia0dp3mTFsJOkCSQb<&40?^QviGuCRC2i*+_C0 z8A*=`(%w(@fmfMx18p}JwfyRBVp$}*mo~os37}~IH)i0@$<(84TVXrv&i{`4x%dy= zW3#{a|Jex~perl{FpncaQPk~dIRg((0^&Nvn<5|EcX$fiXf_Ve&5UsMtSU#LVFFEE zI*F|L#GC#TF@JEeAPWd1S8Ly~=ST`3Ohbz^`o<6AS%ZU?M9k2Cd}|=N8%NX&vr49r z4-C1)1Ebk6PRGB7HabaUNau6vp^w8catPzihA}0g6a9!P(QFu#-&rU6k$jp>JK_Jy z2fpw+8o>#+?*c#Cf;JofF!<7!KPLE2{t)xx?G)ud?ry{9-7S?->;IGY|LY!|9PQ4iQPZt7-VYAMwl%gaL7Py2N}jM%|^3v;L&AFCM<=NWN&{q){l>mK&7hdpc&{yzW!|Nn)XPZI#J F000idE&Bif delta 5096 zcmVXB7Ue}jHM{ArqI{-@bH?7iyt4|{{-qwewG_?6l1 z5Bh^w$lMkKRSwOW#udPl>qk1M_`;#&q9k{1N(mRXV>Ts471??w;Az8`0WJ! z1nwN!a*Uu`%FtCje$Z7seh~H0yI=y$0|C6@;W=2SFv=R@-Uka|-*<_PCGEySf0b(* zU88r{ceRZ(F6U^ZvO+EcVOAk0OE$zd2bgiZOnDZrNj+T0LG9LeYd41YyHq;Qj z4!j#O2P>g?4uX$7o89}uLa#rJA4lh-oAKykc>V9In+ORzbK;%YHVr%>iJzRlKf5>? zlfD5}f9d3Uq_G8`1uzf0ryl>nTnn{|-&OX}|K7+Nou6KeH3CbRocMl>qlN_dF1 zJUbm`t8cpmJaHB__VD~{ba8WbT1Xy)%|Ivue-YYvG`t?&!HFPnVTc|Y?!nZmd zZqHzjx$$}Ka*BO}vT0|@J3Z4p>X=6z5_X!n@7OXM???(cqG!(2Nk-pp39wApGae4z zr_rC11$a5WUAzs-JYYGxFvrB*S_|85zy+`i>cBA40NrLo`xp;5m&}Ra$=I{~z(QTq ze>ByHIn1S2KwUG|DhxgazzbQ5_@?<@)vVbdb39c=GMExBBvMOhHv`L|ZZm_>mO@H2 zl2l#8Ybo8D&Zs5>tso%L+M= zdam`)GDM~BV#Gw#l_H1zA7hT*pPZeSf1^qMW2}=8H$S!VI1iZ*+FuXNhD&VlIJ_k; zoMM43^!og4IJy{*PET%5xq z(`-nEmX;EC#uqgjVs3=XhrmRV{`%&8JRDu$gemXfK9lfn^lzEfc4^?m11apMe`FjI ze#Pj5IFg4{vxaKs9o&D!fh#O@i(Q_i+^NrL8!3UZ(7`<50!;wf46pzP5f6zOAbiJ> zM;$;6I1QK$Xv%2dBkVb7h8OZXc7P$@rNq8}!{w6y4(=DSAiZZa<(%n4MOLPy-+8E| zxus+BPwt0w)@|jIuF{z{lN2{Pf4P-gi$cbDfMh>=g%T8#Kgz0SlXx&mwnX{b3Gi^S z&aqM&Y7K%8qUIqEqPI!2$B5sfYw7|=s)I1+Wa@!~s6a$~j~I0U35w>Jc{@L3mk=zTP;x61v}|Bg*3c8 zKOYTm&Mq%X77tm>`XxpNGqcLTOI|9;nP!6t|47|n4ti@$DV@6IY9Nz&YD1J+2@Go1 zZKI3(KLK<3JMd1Ze3ZIqf8QPK4hwuQaoXtTIkD{GG5g@XCxe@lMH%ze^BeiP@p#;qEtXg zLN*n6^7ohSv@OE=@;@ifCI3ggK|%g|d;8B$pj!TOQ~dL&fpTHYtse}D8;arMl|-K8 zBUD75#8w{$Bof0lS?4tJT0p z%Ybz>#D?pNtp38zYBQm{2yCu z+gwlvhRuobxm}R{$SS6cRYN&;a>B2#0PYs@FHNHT#L5*Sf5=Z!v6qwIz>ZDD6%|PK z^D(nV)-W7PeLE(4k@Zv&E^m|Qa8uuG+$F9pvZ})6>G`-aX15Uy`Mao4YwNLwA`8BS zgv(`?XQgj5q1rRjWEG9WKe=sn@T0fRrH?iDu!?^Q*j$#wkh-x9U9WIk{Cw z6&2hnlnQR+fAfiFV>G6pXEM?0zDw*-`Y^+D5Wslqk#R*ebAL;)08;;tkM9cy0V8d10oCBKRbRe^lbgv#DGZTc|a`90vVX)-o0! zW!5m6!A@7kxiinYnr6@wD(MkkO@4)#TU^&3XYFA_s9OKWs+Vvc0DG+Qe~tbB@zG)4 z{(so-?$`gjfZR-%^Tjl>UYIDq3$THScC;yG*`@z58arp<*ePA~yC673bhR}MqjNP&?$y?CPF1(RRVg`oLh$E#ys!_gVk$Q|BfYG%M@gq!~0) z@Tdc0Wt=FwOtrGx63SZ^a)}pwuC+{5%0KmPf5~)?{U^x&t9toA931EEf8E2q{eL%* zx&M($Z`kwivA@Drmu{^<2;xn7v!UT=`yJ&mmrnPI!+E$U|Kn3Y1*qkLmhm)pI4{qt zyQ7zr_`u<3;yHB5PXaNMyA9<@{U+R$yot~cO7>>uMJn%aRUA4X9&(8QhTV3&uq)C` ze_hndXsRuAJxxXOB;)X&(#-2^-7&trflh?L_G}KGNIm1v6L<5~l(W9{hVoF)7IIKk zN?AMCl=6tiUsZBhkJOa@h;Axv+{EF3gVv4nl=tCC`R`whL%;sjbh9@A%BlUVIr*=q zlwJi`F|Hhk$N_=fOCP*5XGlE{?8FGjBi|AiEcC{&M%wu$Ew5AxgTxg>Cf#mqvj&fF87Os2wRBnH^I^xXUGl^h0AuZU~|sl1q$&B^azp_bV~YiA2? zZ-J?d-QIV1t3$^;FcQn`}BTsUxlGh{395HQ}lucT5u>?6sqly^^C2y>M-*F54>00h#6;#Q8G)uP=vyzHxv#A!SlmFg-Aiw|XN%Xz^ z?*Pir|HrZWVVTc+WF(AyLw@7btKQue29M?`VB|^ZOT5s=7@o?ZKhR{*2hZNGJGKvN z$p0;IA&pg)`2DZ11?uGgFdzT5*Eh}m{r{c7I`XfsA5_Wtib0}D`!hObBpL$!fs#Yj zmu}gw12&g`;nqW=&=QGTn z>-@(&GV}4jy5`|N{?|^R!v7-;Ggox~c&e%h$CIWUqO0bDGCYMiD04n4K#e}oLOG`@ zA+n>E5D%|BK4G2lRp0s7VGa2w9ud)Hu16|>+Wr4=e*W+F_VfRLZeUwNoemQHE`U$D zkST`GyBT>a1lx^8)n`zOpO4zRzYDk}SVR8f+p3R$5u$eeZ|3*^=FxutzZ;0>e~*gI zeL$b0FOnz+sjkoi5a`06i|D<-5xh-UL;fjo?6wM4{TMA!JO3B#|J{LU?&W_Muq}Dc z43d&v|D&$Y?Cp9I&kpO#fAstFod5TZ^YOpBz2lQT4<&yd_xJukJArM=e=j&`QHh=fc-xnPbJHQt0?8BCQ6tZ zkV%lRvIRncYA!-T8Nq(Lr!9ulf1sy{lkCiRkiQYq!CZPE&=#r4-}$`#A6y#eMg z0&D1hJ=lNibKL(o5A*N;_PR&=_g{7cFJ=GDMi4H{1Z#&*+H0q$!J6{Fxzm>hkCA_K z@BgtAcuD!Ma1vWP9NS+0p9X8lzjiP4dF;RalK78%`_FD*Q~58!uepT0w%RCpTA@mV zWUdP*NbySsy3&YasOP=H;x`p?nD5|zm6z9FQm=nh%YS%H__^bMn1_c&|Ifkx{AVYy zN-*OK;+0c)dW$^1{2AXK&s_b~-*cf%s2ly!ZS(Kqz*jz_g4)!z(9Q6wBq&&crg|Ae zg_#aB+3F7qT~H7HGBWy{P$~Zc3%CtjmxFkU5~!B{Ztw88@cwhRzkmN}Cr}a7Zyb03 z7^;7R`e_QFTK+eU^cUp`l}!FcpH%gv5dc>oDaVT8f;upyfhXbxKuxf~Vl7c^2*GCN zjg_?@*3;vC6haPe@D$x2$fe6DKB&$Icuo>|Wt(9M%R&+^qo~_xRjfM|=}tCvJ4)1I zoiO?v*aC7fO~Us`vhnED<4MIx`4z7zZI*vEcchtRKjZJ5Fj}Nr8tF#Mj8+7sS#c1f z2bzf((QZ?yGV?(KRfs@|8b$_;$R=+g=pD5({9kEBN(v8g<);nrbICu)DqmX7Vnm$s zhFbECn+Y%Z$i-X``v;fWcVj_WHf~PTBBgIsEx7>`{xL#uvhVoZ@+e%7CvN$M)tG-$ zI(0Yi@M$QzoNxi2I3@fpQw`rKf1D^TY-&SPk8H!QUlYgU(R%@wE(w^~vs{SFy!uXt zguxfKQqo~WdAGSbq-j2&X<9-Y#kBS13(7_jP_YNl!$YSeQH??L@L&~^1)idZhgPnX zlHjKyq-ZW#fCpUmg_q00B`Y@(RpUP*y?E${l%XMR=#bb(JL8yE1q{$ zu#hc~V*@1<>N~hEGE&A&;SEb2s-Br#$?R3;0ncqS>z7b3XST>kp4qA^m3p@qhcZ$z40BtV1~`tN9%l-eBA!&&3BGD>=^d^7u)n z=oPj78YUiIm9;D5UJ8+wiULs?)>j) zkc#qj?PX; zl8e}Y-E0`d0o;i*G5TAxVJx^!9q9bI)J{?Uj3uYlatqIGzJqM5mytvX~<=BmB=Ltb5qQ9`>+B`2PR^0RR8{ K*=7y^umAw}BuXm) From a60f4dadfa31fd505904d1bf1406ef52398413a4 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Fri, 28 Oct 2022 12:11:27 -0400 Subject: [PATCH 107/141] Delete profisee-platform-0.1.23.tgz --- profisee-platform-0.1.23.tgz | Bin 5562 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 profisee-platform-0.1.23.tgz diff --git a/profisee-platform-0.1.23.tgz b/profisee-platform-0.1.23.tgz deleted file mode 100644 index a93c246aaa798c4870491e25e4d5f1006185a5d5..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 5562 zcmV;r6-DYFiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PH<~Z{xO-`?mpq2cEOQwhzy;>?BU1;@zF=c-vsJNiNQA?*Ro0 zTAJ8wWKl~}_NLq1XFpI9CF+MIJ8_(D>servh{NIV#|+8gaOg97OE^H=cd@voY~C5p zFcZc-p1ZHM1g2@4{iCDsr)iq`pJwl{_o{nz*z2F1^!q1AugvaI|G4)GncHHZ3IZ-L zdu2YktbFCZ62LzB2#gczS!mH~VBb&v>>Ay^VKyA#HY2_WzYWk&;LedP#|XNm3|+2b3nsuk5WpKAo`Z!7qpTtBeXtPreV5o+(rzqNxu(%IdWVgdZkfLa6y<+` z-2nJD6+n&rADAoL>yyk6O`J2MavG z94^w-(;u|-fCJOgK8#1#TB?sZUsC31saJ#X_~*;((^j*ghTwJJ-Hc7sKm+U)@AV*qIY=VB0kCgd{#VeSdZ_7!EH#T-<2o-x3$D!Ka)E z%I@O=!u(NI#rfN_^U?L_>as{7Uq^+Rt7yKm3Qeo6LUZYqdN-jKY+b-|$iM+l5bW{{ zQluO+MP8q47_w^P8D^k!HvVaFJ<`~M&jOf--BXW$V6KH)#qTQn=zniyjm}Rm#u|Yo zOa{ImBv=4ZBH>pUkM%EHDj&9;8Os+kfn%kn(tN3nhi3?Q&l8`Dd9pQwUl-< zupH_(GYD-dq(mc0)iu19(ya-dz*8;ZeDK3ajeIE-7WyM?*DvX>2%(lt=PfJyRVI`% zQ$&-PN*r2N$br;zt$&swDs>klCYr7kIqd%!bM$_2c3zGq`H!&%A8vkX<#8S|AGE(7 znhlrO;Bk0MTsXx7Tj=%q*>H3*9-R(u26D22GmnUIxTK8`hSPujtJ&}=7v(9#%lB7q zz<-_EYNl+Nt!6_iw6v7CGrp+N5OX73J_II`^w&4%Y2;Qk{HTw$SG?D8b#PJK?>NC}jM4(0(DXadM)fCV^+ zcu33u;X95z>HuQEX~1kiQ$_gwaKDfR={=(<=S&wW zvN9$8&Oyg9qPC|NvYG3%EY8O+Qo121{0BxjlpCj29HgE{D}F{O0smaBnG=BW)) zW+gDFS+|WY?*9bL_etnDa8}UsfE6LDdSbmb4J2ZI?14i2en=d1$qM_ zN(F=@WK)4Be}Cyt+ajzl|8w$O@_*dx7v%qNZ~xf|RLg&Eihmw8P%ezQ^@AaCLos~3 zlE{;Mgo?4p}>Dxz(L^mPjCmSJQ0f5bANe*W(k{v)%T9~&HO7jwR;0;rMyP}pQ+13NYqS5zR` z&&SLfS;KHF_3fDGMb=YAxV%lG!%cm&ahJHZ$f^pLr|09!nB7J+d}@7x|Dx z8H%Zi!q(4QvNFCcUdtumNsMlVsS+jf!b}xK@JS4*#F1xHxhS?!Yl1oSk6KyFSbUUO z!(;|KT^Z-jJnL$jK~JcpM|d^)6=H62U3;9hhYg`>{U57d!g&DfvBv*3_Wvixhk5(| z;nDGa{l5#y&2%|mOe5=siSoMu8<=QEn_`w-`VXVAa~6)B(nY@uf=>IVnMUA?oFCOBL$B- zFjmHiqRUh(yDg!-Wg(Y%!RK1bM5X*w@0LvG*nfiTzp9u2!~RL${?|R++y8e1nfo89 z^oBkE9{Ve7b?Md$gdpCOHyav`w%<`6bLn)SIGl%z@;^QWRDfC@XcNnx0Y`Rg zQ*EK^X)2O~jKh0MGq1OG$N2IF8VG^y*&IBPdd8n8?&hm0XMO1n<)NM}dr9NYMfQ}0cd%q4N`I#$BGtF?$E zF-Wfu)X+&T8mt(}l3MD&Swl>@1#B>0Q~Ju6aIG>T3UEapS@szXgVnTrvtTl#~3 z)nN^iG45)DZ*$ihYG`I}L#!ryjyIv2xd^eE=t#TQP(v}j0+A(G^fFHg<mPRa>%U#Vqy0a8pKIH_(`2ZW?)8#UmR=J`wmCez zt(jwC&(84#+;k&_eZQ1Oc!$O%HsoiW(dbGU{2$z7z1ecsAFUUG-Rrk=pWOZTYJK6Pamq_m^EOUR-2 zU9^#R$%J8c-@&d=Jg^RplLGox;JR1TCHB3A2JRBybClWm()k>FPOcJd)R_>k!)N)= zt+w4Nd|S?l3y8Y_K0551=J&{<$ddni(2B71Jd4ox{k>fC@$D`bu>+r)E;2l?&v zToSm#VrHRMXYPqkCR5=u5(Dg9dhUJpN)7|5S46gfRAR(vSufS`XLFLPnZrmpTNDpu zqvO~tb~&>;R|65<^?-a6s>9dJac=(X_N(=S_`5>Y{2$x1o@o84xBr+Yz5M*&HTV8s zJAoSeZ{d=6!36AqSWrDAiR4oZKCkyO(RD`pnQa;%^FGe+rM%9B##85|d zv|uCcDHgEAv9UO$W2ih?NK*qt$;gx3s^m2ZL_5m%EWF*BW4?c+C>&IgmCj0k88$-A&n=XEzNLO-Kl ztKgF3nsC*SJEn;b_S(_OUdd61UbwbY7xCJ;jb=2xAKzZj?j*O-sh?%N#}x})(2HBs zyrmZtMi@}57$1vSx~AEz2PF@FxFYO)WBlV=od~#@gZu<<9ShpSL+8IFz1JCnImZl1 zFESfmF}Nk#DbfVncaU3Rb6^W%=g*W1R{Ibsi{n!!EL1pn3g#0zM7}e#=kWWJ_`e2J zt^eex;XbzEdC&jM?os~!U-z)TxBu(}4)Oo zv8=pwE%&ers^mYKrQ3;FNkz5UR14I}f3Kh4|MmLE`~BZep#1!Q9J?Qu`MgI)!pJw| zH%`6k-CbeuXr2N_o|L}C3vG zG9kRS}LSO*uqY%>`w63UN^8d{lrMeV~PMPE|r=M=c>9UU_`NI^(Op^RL4i z@=rV>qRU*5Q~l9{6h9xe zcYhafOR$Fg$G24<{~|=~`rpj&|IOq5{(m z+m!!gkZ2kpx!!n7;_Dq5t(@ug`J+-#pB}|J&;x@85sf4ZM{7Hyc5?FcYjDI%%(+o(5~m z|K?6#8azh+&AtD}PT(cwzrsmu?Qm>+`F|R$A^+OF%;&NH9+kv@+}nS41Dnc!34YBb zap!p|N5!#q4J z`hWKK=RZ4vRe~8`5U-rV(_7^6<2fp$d71XA#g>Hsd zB|*UoG}X%(D$I14$yR?@=z@Cimyyxugi84rSio)Ix*Wt)lt8uocYB8?h4-Jk$NTr6 zb^;YK{l;d-3NmWl80dVz^a;z9Gr~^Y9cp_c^)C3DG z))Li*5Nu}NSXujFJw4t>A>`l&PtpB>T)K?ngX(;M=OmF=wi%YNEF|GFin@(f#ky0G z?qpN9qeLy%38TM(Eg%=uBz%t~8;?#so>YvKU-6pKW?6GbnpyTU{>}-bMY^StZnVs3 zML?Pr2Qhk}nTQeXHiarPA0$wP2$ZN{WWb1Q@)m;LQ7gm$l~$yr@DNvi+VDP?{Bx}G zrPVA(#3^s6CEvK2@RE;Q%muN3aH)Ma7L;Y<=0q)0`bO1~8!+J?BLpY=j?XQR!u5FK zmTy>%DWy|)^A4YeqRR;v;E7Yh?=sc!o$|+t;=-mjMD@rv{Q5O-m%#W8T(_9^pY8lNgvjkT-~0%o z9k1Y%R{GYE(|N#A+XM7wEU52;^XA(x3`D@ZA|3MqTn=BvjL{`}qs($@I!1&ehc3N0 znc*VU8o}-Y2%v%wA<4@Z2`DehKw*W{Z5}nXS4qzJ2aj zUS+SW$a*}kTeIiuo0Wk&9#y;gzSAB5w_lswwS&q!lykD0-*Mp$#x3$(eBiN?<2)~q zpJa+&QQNO!;^9?UyD|<|aH;!Sy)e7wtgPT$d9uAQ&qX#?wezzH>Sk?RE2SkqZGQ@$ z%j7h_Dp3!tW_Q>wnUlh^1-2h#_ic$C%ZTs|+YhpPHiYIdr|iBaUxbv+%HUG~d=n;A zj?LLfauyj$j|tM=PxgUVnR5eeHx{-0>TP0KB)XS2zWxcIX#Y26;Lgd^qikDYJL}H> zj{CXz58Y$4zxV&y2^^p+ECeu*BSBHr?Pxgz4^0B%I>ehIAKQ0$3fyQm4$#evaP_Pz zN1(*Fiyw6hBi7$WJu?8>Y(mw&4w{0q7(gyD$#5hliyh<`jLE^ zO*`TL$p^mhIvT+Vw(kNz+JZJ4|1kK{mp>->PW}+{@Gr{9wAuK_|H*tGF(WkK=x?G)ud?ry{9-7S?->;IGY|LY!|9PQ z4iQPZt7;4Q%m@OV~$Utoe8OAToMze9?(Pc~~EQOS0Z+|xAKgocgXiCH^m>^Ds zR1k5kqO1;lj%r3d9Zlw%;RPU$=YST`DX6L}=19y4|8oiJ9`>+@J!}#FKL7y#|Am`R I69BLP0L6A9)Bpeg From 93ee33888381b241762b1091ee1e91317b1480a6 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Fri, 28 Oct 2022 12:11:50 -0400 Subject: [PATCH 108/141] Create profisee-platform-0.1.23.tgz --- profisee-platform-0.1.23.tgz | Bin 0 -> 5566 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 profisee-platform-0.1.23.tgz diff --git a/profisee-platform-0.1.23.tgz b/profisee-platform-0.1.23.tgz new file mode 100644 index 0000000000000000000000000000000000000000..1d1bccf29ccd1260d52964f3b7f4cec277723eaa GIT binary patch literal 5566 zcmV;v6+!ABiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PH<~Z{xO-`?mpq2cEOQwhzy;>^M%L;@w^9c-vsJNiNQA?*Ro0 zTAJ8wWKl~}_NLq1XFpI9CF+MIJ8_(D>servh{NIV#|+8gaOg97OE^H=cd@voY~C5p zFcZc-p1ZHM1g2@4gML5!X_{vKr`bE~z3TQ4dxPWS6hwM>pfq#qj#yS2qz7cIL!8v27Z7LJ~hYeSdawG8|rhxVX{Eza=hQgHJgT zl-lH6~C+OqyN2;H99}N7;6NU zFgfx47)K2W@LhU;=1m!JejT`AA;AKO5(&S;c&vY+#Id!OkB8aG?*RjJVhgeWbV?Z5 zvWK+#;XuqNBjR2%cX@U?%vRra33%cxZ0zCr+34ct?6iewV7qS%bP4m5~S+harc&dtIFeO|_q?Xcd z29`tJW(J`xg_LL{sk(;OQo1#v6L_j6oS*zKQX^jqg@yh|+x1KOD?+Fx(|OCvew7Jj z%oNcirV@vi6>=c;T4~vMGpHv#vHvrIXf>$ll;e6Cm(KpYUObrG9R?R z9-0l8*x+$^OI$d`0$b?y`Pp!EF&>?s+?>eC2F^Sp#^I7SLKsf}^{-~br(Be$3@_hb zxdH!mYO9&DWwx3PsnF6=;?DS@MnlYvaQP6JNYY>5oR5d2>zgp;9o%OU-i`h(v)V2V zoOmFG{gjMD!mk)z5J&QmYSvKAyo39XIBlB2&bqB!(p5UsW|HDYC%1BIQOFn%knCr#P=aFeM_Ki35)UTH zmMC940Uj>aIaW$TtwGR1)I7vN^fqbs81Z{_Ox-pvQ~u6C3@JYHR%6Dt&fC>0K4ctwr9ixG^CzjWD>|^ zZOFwm&XVzz8F}+uYE@g84HQ3M3j#~4v}s>oeYpO3Hv0Kyba9fK@`G@JqY!ed1?swB zC*7uyhL`8(qv6fjS~RvCE7OC>qeY%t*;sT<5eZ;dIXQ@30VWHL`} zh%zgILCv~tbaDSDU@m_L-U*eDQWx#JMLU^3HrpK5*?;hX=J@3BxF;8Cx3tGPTL}^FaLA$T=IX^8x-XKaBu(F2~^8}Zi;^%HBc^$x%Gn~aYHeD zypqV1e1wX~llbZt#M<&dA)Z6L>0_1wwe!DuoRj~4@Azmh|GR*l%>O?`V`qi@ho!ZB z>a>%&W}-4^!j5%{C5wk>59x*$#44g~h4gg_?3Q6;`G3SRpnm@E7UcivcrX9EfL+f2 z)oNg)WxzTbV#9SsR)1`m`K#3=welaC<^0&-V7r*}O%*_m{P%kUGcW%~gWg{LcL9%` z|6^-yn+wXousJb4w+qrAS;dsGYADA}PWbf|z}-UrrAf4(Sh+$3`6(*)a`GG4v8lMC z0?B?pX4c3WhGVI3$3!o(o+`rSZ4w=B>YI(b#I;3MRk%DoA6LfgHliVa7Zqx4J=RcU z!MBibxyPdzfOsAleO2^K)=|MBsC;Xt4j zTBkJ^k(2lwL!qo;i_0CIBy6h#r?u*yndE7#Jy3driW$TD5yg|0N(62Fj23NGY*TuX z4@s1vn3^bT{k$bB8KI`9o>fFSFW@X)*G=oM8 z9(7=>j1xtdsaAGdLV3$VF7blTwU&uW`KR73na;8Q1lfO8FaL*w*(trZACyeV%sG#qWeqdex)={|8d4;STsde)gLs!Azq z=bBO;(fF%MF6)t+(jU=HrHz|7{BO{@ah~!%94Y_(i*e}JznX6L20%HrpEW1{)s)h! z04v6o;}AI@uzTr)cjgSK=YgFV0r^|vf`#7L)-O_sf1$*&jo&!+-ek#K634D%CCs~8 zi%1eD>GgpcI>|+Y6(dYTYe8^sPs3|9NF=BN~ zf6%WwtU)ryT}|+9?s`KF&FpQ6)nw1{CR8&QAyyL|Y4;jxD5h5+vgC?h<|(0k+7>s$ zRqMa#hL6-@ZDnnH)B><({nzUr7S?}*Lvz3W+XXz@|HJpWw%t2ThDzyPFBxU&HGyQC z!?W9(ITrTp98bVaH&WR5OKF66Xk21r9$(K9*)3IW?TV0_rCUWgPLI#G4JG#4s z9BSW18+n&Z7-sh!?E1t5>(DqZpkD>9dqrJh-&^R!UE+I=G8PI5JK7zt;K z;(=^*9Gk^1XIAIxL_~KzAm4=Q@HKOsn?Jk#YW*Pou241q$M&ozT7T;8Kjv{SKmVJ@ zd;hPUK#l#kaLK!10`@>GDZ3-ywCMeHru-+WmIRuU1@=5D!dX%&pX{6$qZ&n{>Om!9 zsG~Ysu#xr@3s~aVSRB$ZRGus)pV80v?Fn`6+noFk;oVQPcDCU57MRM|?R|IG+AJ%# zP^*u6M}ti=@+7w^c})V*jv#j^HVu1^K zaci2l^kTvY18NoHV=+tDG@JFHOJiD~5^ zQXCn}%1hUB538U`{-asCotTwWRGUq;K%M;e2KoJ8Z_wZG|8@f9=l|o_{jkjEJu(tT zz9GMH>Q(RV3WG=U6fp9n^d(+sV+>E_&>v_r=!0kP*B#r3HRS)6xRA!GO8oxU*8+9& zf0&Q|+UuL${r&%)z&i4;t{+s%`HDfJN&7Q8W+WN{{ehB0)t7GBuLCxhf8`IbMfvab zbMk+9JlN0wJAr4C|Ma@m+VcNMm#`Aqf9W>;nqW=&=QGTn>-@(&GV}4jy5`|N{?|^R z!v7-;Ggox~c&e%h$CIWUqO0bDGCYMiD04n4K#e}oLOG`@A+n>E5D%|BK4G2lRp0s7 zVGa2w9ud)Hu16|>+Wr4=e*W+F_VfR4U|T|+4ifz?fKR!QDTdFx8F?!N+l@ulXHbft zkJ`Jx3%Dg%L;mC2s*isWqIUgn=J)^R(SHBG8;IwBkBZHGK%b&7k|+nMuFwMz=)#|i z=)J!YyiHg`{wZWfhw|jiF z_y5@mY*YS|L857Z8~Y48~NH~0P@JAs#!{|YCuwZpOP<^O50hWu;yGM~r(+b@a#xVQi81~!%d z68xG=$ZM;OlBX4_G)U&UaDo)SWS}dJIEH%OD=dCfA&2=6?pJwv{U!BEwfu+Igr7V9 zhk1Bd^#2^}&wq9Ts{}K?AYM6zr?<%C%b)S>@yyjv{XG}Tgu2lm-8TO&4t(V^DyU6e z3*8K_N`itFXsVYnRG8^7ldb-+&;|A2FC(MR36=6Muz=gZbvcNqD1mDE@AeLl3-3R7 zkM{3B?F1@f`iG_&ky{GAgqWORHIoh*REBOTKY4;Uyorm0D5@nlq9M#h#nrS zLbAY9^zhKil~NM?G=vn*B@6I?%buKMhZTG-Jn&H-EHzpuFM;tHxNb4+Kim0l2$9=w zzWEVEJ6^#jt@N!Sr}KcLwg>3VSWw>w=gqfY7>Iy*MLOmKxE#KS8KX<|Mw#W*bc_f` z4qbY0GQ&lxHGv#GUo=`ZY*l~)!W3fNOUi4eEkzZ(f)7Dz@3w+N7=T* zcGjK$9Sw5vAG$~8VDJC46F5LuSO{PqM}nfL+tG3c9-0Kib%-}bKDO`h6u8lB9H5&S z;p$mcjzYr(n!0onS@VfE{U>7JVnG%VMy}SrW6zNkJeYz z^dtE+n|8wglMj61bu@w#Y~KZbv;}Q8{$cQ?FMmw%o%|u@;a`-IX|wT<|C9MXVn%4d z(b?%pauFM_n+=0FfID#}Mt^HIj0Lx;1D!vY+9}F^+}(!HyIU%w*8eB(|JUsw_xJL@ z6F3Nb2Ma*<472EZZ>R@6n}OWzAu)qE20Sv2uJO6qI1m)s3}hymD5k%oHj;BjL_=l| ze3xP=>|+pZ^{6N+47Fw>%oYzgWT3W#4C9w(quDs{=rSe~mO@Ihw?7;5pJYH#G$mpd zOb{nRDu}pNQC0^&M>V6KjwW->@B$FWb3lve6jW6fb0lVj|G9*94|~|d9<~Vo9{>RV M{|iMa)Bvym0Am~y^8f$< literal 0 HcmV?d00001 From b00f1f805a1ebbf9e1152c921f3a7758b9abc842 Mon Sep 17 00:00:00 2001 From: Naveenr04 <115646520+Naveenr04@users.noreply.github.com> Date: Fri, 28 Oct 2022 12:25:21 -0400 Subject: [PATCH 109/141] Update configmap-profisee.yaml --- profisee-platform/templates/configmap-profisee.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/profisee-platform/templates/configmap-profisee.yaml b/profisee-platform/templates/configmap-profisee.yaml index e8f228c7..e19c530d 100644 --- a/profisee-platform/templates/configmap-profisee.yaml +++ b/profisee-platform/templates/configmap-profisee.yaml @@ -25,4 +25,4 @@ data: ProfiseeOidcFirstNameClaim: {{.Values.profiseeRunTime.oidc.firstNameClaim|quote}} ProfiseeOidcLastNameClaim: {{.Values.profiseeRunTime.oidc.lastNameClaim|quote}} ProfiseeOidcEmailClaim: {{.Values.profiseeRunTime.oidc.emailClaim|quote}} - COMPlus_gcServer: {{.Values.COMPlus_gcServer}} + COMPlus_gcServer: {{.Values.COMPlus_gcServer|quote}} From cac6239cf99646da3a599d61f7669d7d9f22fb55 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Fri, 28 Oct 2022 12:28:16 -0400 Subject: [PATCH 110/141] Update profisee-platform-0.1.23.tgz --- profisee-platform-0.1.23.tgz | Bin 5566 -> 5564 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/profisee-platform-0.1.23.tgz b/profisee-platform-0.1.23.tgz index 1d1bccf29ccd1260d52964f3b7f4cec277723eaa..36e1da4a10545b180e6c8903463f7856deb281a9 100644 GIT binary patch delta 5029 zcmV;W6I$%PE4(X^Jb(Rfo;DyW&R#el>Y^G z1K`_K05$S|bboT#&B_0fdAyhZodEyjj)5(JS*Y1S2%$(|Td&9ebAB;+KWar^9W3w! zbGS%TPk+$T0}f0}`!F6|YpFiwd`X$3rCtrjcSGi2B^1v=@R4V; zdtX@S^@s83d~`D&T@0`PeRUHdVP{Uffo;>k6O#Dg^jrPe#b7wR{BUujm48cIxCWnc zA}G6$3kdT^SrzAR&(25JqpQmzg?t?qX0D?7$|^LiwhGOqQ|jG>TCjBi%OL{?JVCI_ zGf0tg%oKTju3^Zkjc1sF&e`~-m9u2QYH@V)GObuO3<`!zrgz&9ShubrlV{Uw&yPRU*pnq)I zS@KTLG>e z!4D%f@}*E%=#R8rzofq+gjzD4x2)_}nNY?|5lvz$acEf~2U5?q{#k~o)Lo32Xu4A5 zu>WJs(fh&Kc{!ToKgJq-xcRA-$9c$n(EfU8He6zZ$Kfq;;S>vOq1WeU!w1pDcyv0r z8MC_scL9Gf$W8e{xWG{exzz%7U9gjGQ%J+h^YhX0=IrvKWbu&2tY2beFf*$RyyT^l zoM|?g@Q>6D=AgI6l+vkNt_Cuhr#3{HmB658-8Q$l((Ui}f4hJ$U)qS=BI9GU>kohDo@jMoXtN4xKRh%Wx~&Lf$ES`O z9LC*u+#s~G=r$X7#B(eZF6@=?Hyd*hSneUM%qA1x@w;x zQwx3hQpT&A=Zu7-bdo_24{E&_3iJjx!)Y*f8@~t4V6*KQhbt zvBAN1G3T2qfExKf>>ZnV`9JEN?B#zK@Ywl3w$`?}pbQL~6XSEcApMb5Oc|?&a_r=U zUta;-E#zOCMEi-AD@2f=qGB&6zkwZ_iYqFR?B`=V+}Ylp1c;dDe4stBxuvxK$_>+{Wh<&&Fs>KhI>M(|woN zq4Z&f=OBRb)Fb1HYUciyU;(85A0L0;7Y+nkp>*p<58Q&JKuQ=oPpE&SM|d^) z6=H62U3;9hhYg`>{U57d!g&DfvBv*3_WvhG{k;9Z-|g<#|GR+POqcV;G_qcpD8CD^ zfr)msDQ4NF|1cUmXW`f>UG%#kI7D={H9xi!4^SR^+suUUxz*{&r1rw>8Q3R=mOJzq zbCmC3ls9xVvJek^pEB{^$=H9j={!R48ChT)xapG*a-W17l^JD7s9wvfC2MTNZMO7ksX@ zOjOE0^=`>@j{PUd{;PWV?;oG!?f>2Wk-3-uT|nmkM=HHx&%ek13R{0&y0ro!h&ScU zhK8fuudJ zzPy13LSTC~2T!D)@#lYuyZLI$SzmfXd8lU#IjAb7tetC0c|_x{D!HsjYD#}ZH&AJ?`*5WE_bl*&6`m)PB~S{8v*-uL7(XSB^vEfWYph58jzGq@D+M zVg%%Gi3=8bV_UySA^wFD$2NZB)O(X9b4eV#j+HR)YAqs34AOt=12uG#iv}x3vZR*! zZ`Ke~ZUGyN*Ob2UC0whF2zmXHDU11#z3Na?PUd37>X!bXUv*f6WQ@C-;M?5wh8mjL z+YqbCp5slZW-dakCOXpYHPlc{uRvtU6}`+;Liw~b=ac9Es`X!V!$)edwz9T8Y5`cY z{_A!7`SaiI(aC?&e*L!#c(nhA?{jUtcbW{9(!E|X%F=5B$u@^)w>5Jt?AbYk|*GzHw4OzY1LUin_$Ux6r_oMGGVX{bQ4B3t@k1Afme-kZ(eD_?kJ+&7a+VwSEwP zSE!o*V|&&Utv~hlAM>P_pa0Fnz5mxvpvL}Nxa3_h0ec{pl-&_;TJ-)pQ~ncGO9IWw z0(%}6;Vh|?Pj=3WQH`Qe^`H_l)KMKR*hqVd1uSuFEDq@yDo>V@&*7T)g6F@JohC>&Ig zmQs?r!N84=JHl6PUD&g*VkgnmZ9R>6NI$2H-qA$Lp@AMCZGlf9Co4!v+~sV?HR za~sWQdOyCsp4~}qqfxS$uerg=**CX6tkRxv&nvvf_fSr1Ac{BT9s`NsIi zw>lAUGY9zz-Z~bvhlkF8NqVm{1apoVl3rvsykc-mv{R%Bw(lUf#OA;j#Lk~76|8^u zAyO8{r%YI=aPSn&Cvu2;w+- z2Y?6B((OX^eY0_(t=ZkkBonWk#ERvoO;!}yTahnJOzwADSe3-+8D!AIrImb z93O&b@7EpMhc)E?mbj3{s!II+*Vh7d^54(Lf9>^8j`sKecLM9kzq)=(AktF`6-kuG5+vj2b5ZTdCA zn)1(Qm_66|k9lO~<9~Hcb07a}Cs5)4k%pNox_>-XRfOY7Qx4Hpb3qxNLL8Ji9~GcR zA84VRQ!2S010R&iJbD{OhoW{1cCe=rY$M6+rF&|0F;EcYFK!e>bo#p-u;h zeiy)}T*wr|=iQ9F6@u-?qUwJ$D8o*mYe|LFJUIsfmS;$$c|H&ZHG(d8{R~LEx>71-h?WLRJZwG70 zfBX{5v+e)8T{9p5$2{uq<$ove0`~uSJe4dHuA-EinkZpvKqf)L$`%L(s<{XWWdsA} zu19N_c}S?5sQ&2Cn$&+w_DQ9btF}ois20~>t0`A3zxD>0zX+_M|Mg(6&vF0X?C0PA z?R5|L@4xH@UdsNPjUZf@3DypswAW5ggEi%UbEhv29wYxpd;gD}z)Q-1g_GFY;n?=_ z|1?-b{Rdle#t;r8gUHu zyjNKKra}($9o(<-^7>2am1_A9uL(bQ{13C=FZzG>_vb%5fmMPTUl6aH!qZ#i@#W9> z_IT#%r~aM`WkTKPk8YcP7YDxb85Pu~u7z%fS0zEg3N+Qr7%I$kn8{XuSm=U!@RyO% z=Y&f67g)e;;JSYt#8Z?&wfuK`{gcA`&)x3+{imHkMNGeO-2G#y4(g{VfNJ^QG}2#` zCsZ=|7kyIIlSTkseWV;Kh70PzkOrQJ7XUTE0*kdowIKwXnKxF}eppYB_fZHrxWQ9& ze;}7Gf$8MpHA@nCWt(9M%R&+^qo~_xRjfM|=}tCvJ4%1lVx2Jh8`uJJF-^kvNV4(h z)ZWa9&Sc6%4gf$LEO_5H?lhm6Dw)&9;7dTSO^~8Mc{@ z+!+T|>g_q00B`Y@(RpUP*y?E${l%XMR=#bb(JL8yE1q{$u#hc~V*@1<>N~hEGE&A& z;SEb2s-Br#$?R3;0ncqS>z7b3XST>kp4oq@E92Yee&tp6%8IPV=^d^7u)n=oPj78YUiIm9;D5U%AiHNnXbyAA?rZWzNZG6mJ_W!xVM68DoQ))Bk&*P6AnpBRA9$5H zH_&!tQOmF1CYD8_duikAp8$&Xe`5yjoJ>8+wiULs?)>lQI2Zq+dt~^1Gp1sV)VCW z!&q>eI?(xZshy(y$K7rCyt}0`YW;um{(s%WlkQ&rcLE22?_dGQo?#YU?+x{UXETty zJtSrj$ACws(KS9d8wY|Sn}L7KBooE-chp95&WLEp?1Ar6EQNgxqOBekMTMc(Y=qh3 z0f!9Kc93EG(rh#v2OeF%DumAx7>2o~2 delta 5031 zcmV;Y6IkrLE50j`Jb!<0W3veahz`JSzwch!{PA949Vee=rejtI6&KXvACsd-Wkp? z6UIHByRWtcrfHgken0$anr8l|**omL>h=$NgX81l{&D}6*?;X1j=Haqxh)2&Am9SC zSLTz;%2)0y0qm2Hz&N3vg%-UA_Wk6~uF)MBX2St)GvbTz+X?y!+&Qx47(us`p{scO zpsRTNAnKua!33BG0(is2bFffhlr_Y?4;I3{?-CnJ+Kq)O*EG6D@38UGE%Wz)qWmwg z8vx&?0;rMyqkrRmHz)r`-QHgQcLMyAI|jA@W}#*SA%r4R^E< zn8QVydisNw9&lh<+K2JzT1)jY=S#{QE%oYTJpTFe`n1(-s3CYAcsFDYRzmR{1Rr@e zyZ42KUVj*m&PO-n(Z%rk-&Z#g5_aaqJF#sVctR3CIb3~zc5yNsUVgZ^(aOIiE?k38 zIT4iI#|4D>qpXVaw`b?0>(SL^kwU(X3Nu&Hd}S4yR$GPU(kbZ1D+t* zE*~#w#19V~wvH)~S7}&ChwEE#d%qSz`UNU!ib~?;f-*yRj;w)_J z;rZF<;^yqMkUR#Pflve@wDD+oJ-W&Du4HQHVluZ-YbJzmbvoRh!5nkr^W5bW`v!ky z)6SB2dZu~QF^@VV>@;!Tv1K;ikrZ-7&zz@|jK19xV41FGJRG`Dqdz4J@N#^+cpH>? zz;bk9j)}Xq7Pj4h3t$)2fnlTpy3L06F&=I%nG?a2v1j{%g}SC`st=c;T4~v zMGpHv#vHvrIXf>$ll;e6Cm(KpYUObrG9R?R9-0l8*x+$^OI$d`0$b?y`Pm3?bTJ;C zp4^S~RvCE7 zOC>qeY%t*;sT<5eZ;dIXQ@30VWHL`}h%zgILCv~tbaDSDU@m_L-U*eDQWx#JMLU^3 zHrpK5*?;kO8A?NIS4HGkXB}siSPK`LeXe78{7xAM~Li0rdlb* z6UM29zI-X;Rn2oo!cjWOpoa&wUJM0#10qTVgd}8BfhT`|=}y}stS|p_@?7$N)EgA! z|8Q^rf7uCC%YSZ)e;zeZE{wVLgCTK4F?_s|$di18ipZ1r>J`M=@;@P-L%iu@mI1Z% zzj>UK|9~~FaJk_-d_H90gs*kV{2`j3(CN-IWa!B3(_B1#gwsXD927t z`1KXQ-9rAQNwl9>xk3c_DJu4I@*CK(skov7$$ma&*2o%$W2tY)L@%p zf18cF#I;3MRk%DoA6LfgHliVa7Zqx4J=RcU!MBibxyPdzfOsAleO2^K)=|MBsCf8ju&6 zo|)untUXYAf{Gc#`VqyGl}ZF{{friERcupwkq=3fp_rN|Z2i0?E92YZwOj(8#OPL- zDp4XY%v4bXpTv+#9C)PY2J!}Y7>;G8w63zo)k2U_UvHw3lI?UVu5BvT7`hORYo9S}Cm`2tM6XkaS zHZakSHpMKv^dClJ=PVpMrHg(S1c!*Ow&urn;sMHIZ=0DAKDRm@nbcmGJp=p1&~k?! zV~+A2jPiz#Mi%0M?^7oJI~lt+f1O7NJ|hb()(Cq+{A)rW!;-JgGLG-bzrQF6GfM)R(4xLdCNjB@q*8_ zmWfLFr`|1@&awXl*?(0p|A&L)y#23xxVQiB1~T_QQt1tQ{yp|r*y_@)e-#KpyeV%s zG#qWeqdex)={|8d4;STsd)|cK;9_rab4ysBiYv-C$9?|%#N-pb>n$jQ9O{I;S zIQ(zWx^bTJJ{&3k{flwv*T0%>_69&XwVyR7|J9Vzs{kv;mE#aOAh3JsgLmc(spo;6 z7ymC-?e}hAFzy8|=e>~d%!}qzi-8)T&O6guN8D;4;fn=M*v)h_E7WV8MPryw#QrP!P zX@qxZTw-G$U(XTQEmdyqijbS7TSYlekI%Q`(DqZpkD>9dqrJh-&^R!lSm6B0*3>WZVO?5>O@3$Js{tN>hLvloSQ$p{c8On{;p6p z|Ht;MCt82%?LX#mFF*gA$9w;;oj{HKw{Xe3U;_3)EGfGq-n8ibb*B6$s+I(rlLhuX zD#BS(DWB||7o!?Qqv}B=VyL4!TCkD!6bo45*jOCWF;t!`C7;pH_w5OF?%SOF4&mK@ zPqcQn;Pw`n%Gm9Fch}l1E4NUqk9tRgO)~N%w<>u}0@04LJqvGl=9nM!6@`N;5;GzE zUVDx|w{Ho!PEz&3hPh)NHfuQ-vnjO8Y9ZV4JCxR;z7>9zUH)s7``1Dn)JRPf{UAB@ ztSXJck`V!IA$b=T>b&lzMd)YrYZY97a$FOx8gj=p@xfj@I@v2Z>d*_)D;;HahjQtoOKLfeU(ZYnr$8V!{XmY8B&SF-zApoAsdN!4Fr2oo|ePe5(@y zH*=7m;H_gpdwA&lm!$VPLonxOJiD~5^QXCn}%1hUB538U`{-asCotTwWRGUq;K%M;e2KoJ8 zZ_wZG|8@f9=l|o_{jkjEJu(u1M!q4xaq3m??h1oP^As@hr1T|TXk!dd<gxncs$t8|2u(alK=F&)!Op^NSCmG64`(0HvO7l zP5I|D%%1D~$2>Cg@xQv};XeM?PN2g7BMmcGbpLp&stCuErW~TH=7KUjg*Yg4J}N+s zKF~rrrz#<`qm~d4uRK0so$*!Q`PX3$`6nI`(PgejDuCMk|8ai)@Amfd|88JgLY)p0 z{Vsq{xsWM_&$}6UD+JqrjYZXGP>P?A+Pl9CxFuLa{^Q%KkAD%OcKvVW_y6Y6e*eE4 zi06Ngip_mMpQ104C%iy}uE>O;|(zDRJz!3Re9XEl@lE7wrGtfqA%> z|6RbgpeTHEC12&&vX9YJI=@d>dGy_UjBD~09%!R6}6;7`X6z* zZLbBM5!RG{6^iXq@50r}e>Wfhw|jiF_y5@mY*YS|L857ZmT(SJx8({t-u!jEEgS|e-{eSZ? z|Nd{Ud$fQ5WjF9r_TOv-;lfO?cIc$Nc6u7DDgT>0eQEF*`8W6eA3K4Ul>Z7Rv9-go z?dAVzu!j6=_cEWy{@X8!|G2mR>;^WK{}TL~OUP@hjgqH-6{<8y=DKi#6u)GkD~&jY zdfqE6ep4Zb`3~+^d3pUM^-8t;hu4IkJN}1xcv$rR9PH13b^@yeGrk~RIfbXU$m7eO z@$K=<)ldCB7s`aX(I4G5|1J)E~2s_U}LK1S(?sjpObgLv>I;O#xKP|E7`t zqCBCJ$-n56s-83g;OZmgSTS5s2Zl88M7#i~2^LtaC8`Y}*v!1Kvi8Gzdc2Q9$iWSs zqWc56bQ#45)%gI=Ng}UoGb~|QNWx_lbsMdUb*CbK-N~kIM~Paj6GndnTR<+RN%$T~ zHXfaNJgFEdzv4Be&9df>G_&ky{GAgqWORHIoh*REBOTKY4;Uyormj8dFNA?&cjn4Mmp|F2EC~ zgx_VV;XCDz6UBv1ZHVfTZTR(T;&?oIFTm0z0W*7+3vroO-^q|L_`+67I*cgqHdlu< z%?C71ONgVGw!VBp*(d@k_5gZ#=#(U?F^C?29;`yLz*F?_(8`rk68toT6wM_I@PNyn zoMeX;d@eljQ64NcS|=}o@fo;oG3`Iw`ELl3+i$-45kxy)!6&Wsts$rLfTOkt=*?JA z-v{T-w_g~DfO$na<^#AKzK9v4OY}yW<#3`Pp;qenJkbKeri#2$vNNUG)-P|1C}lCj zHq((iJ^NtD@vITN%pkzXQ2lqur z%9tszo0Y+*0Qe?Ms2rQKk>o5gk{%PJy`Ss@ zuQKNb+HNdr`PJLRvPg6&H$^_S@9-43(QF)`n;GHiSyhfg!vvbTbP`$fi8uWx zV&Gyy77#|R*1luUkrX_bh8Ab^jUUFd1_v#Pn4$mp)pP ze`_|31-GdKoj;e_DawD`-Gzns0Tco zf!ysOF@rb;JTi^0@wwT5I1m)s3}hymD5k%oHj;BjL_=l|e3xP=>|+pZ^{6N+47Fw> z%oYzgWT3W#4C9w(quDs{=rSe~mO@Ihw?7;5pJYH#G$mpdOb{nRDu}pNQC0^&M>V6K xjwW->@B$FWb3lve6jW6fb0lVj|G9*94|~|d9<~Vo9{>RV{|iM1DbxV40033Q6np>x From 0cec0cafcf162066e2431540927e033f40b0654e Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Fri, 4 Nov 2022 21:27:01 -0400 Subject: [PATCH 111/141] updated to latest alpine latest alpine --- index.yaml | 4 ++-- profisee-platform-0.1.23.tgz | Bin 5564 -> 0 bytes profisee-platform-0.1.24.tgz | Bin 0 -> 5565 bytes profisee-platform/Chart.yaml | 2 +- .../templates/deployment-keyvault.yaml | 2 +- 5 files changed, 4 insertions(+), 4 deletions(-) delete mode 100644 profisee-platform-0.1.23.tgz create mode 100644 profisee-platform-0.1.24.tgz diff --git a/index.yaml b/index.yaml index 61e8f95a..705e5015 100644 --- a/index.yaml +++ b/index.yaml @@ -9,6 +9,6 @@ entries: name: profisee-platform type: application urls: - - https://profiseeadmin.github.io/kubernetes/profisee-platform-0.1.23.tgz - version: 0.1.23 + - https://profiseeadmin.github.io/kubernetes/profisee-platform-0.1.24.tgz + version: 0.1.24 generated: "2022-06-30T00:00:00.0-05:00" diff --git a/profisee-platform-0.1.23.tgz b/profisee-platform-0.1.23.tgz deleted file mode 100644 index 36e1da4a10545b180e6c8903463f7856deb281a9..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 5564 zcmV;t6+`MDiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PH>eZ{xO-`?CT64?JgqZ6BUx+0I9y;@zF=c-vsJNiNQA?*Ro0 zTAJ8wWKl~}_NLq1-+rJZO4NrXJ8_(D>servh{NIVV}|5#IP@94B^;pbyI9;(Ht!5) zmo;DyW&R#el>Y^G z1K`_K05$S|baL3u$^VggyqEu-0RQBUfh~YpsM$aWp-5m`ugCv$eld7IYDHfiEbs(# zxJXk^f6&qc4opk?FdkiNsXpd>NtvUiUJb_MpD(XZTg`?Vg4cm}L*`&56wg8Mk!Q1e zUs&k%hwB7 zyN?S9^G8_~=Wox>N7tjP%OZt*9TjG-qWQ`yG_AG@&81W7-Go}ObpgvE0|z`ou*)+@ zk#fuwd3~;7$f}KJn1RmO_@}}3NMj2=3t%30Pd)yDxfW^_zpLz{|GkklIzPP_YXp`s z8TfvTqlN_dF1+)L&z&rXNg>f0^>Pn?B~Jv=`fUEG|V7LvzcGZ2bEgf<=xuSYkz-jz%Z zT}#ml0uH?ne%j# z(YIRyEYtOjheP*i^rvJ2UXE`UZ-X)qSdK2tF>$xn!nPZ50qlZ0FpM-nx7pA>#>34e zb0T;$_G~|}P}ej~^e!4D%f@}*E%=#R8rzofq+gjzD4x2)_}nNY?| z5lvz$acEf~2U5?q{#k~o)Lo32Xu4A5u>WJs(fh&Kc{!ToKgJq-xcRA-$9c$n(EfU8 zHe6zZ$Kfq;;S>vOq1WeU!_mcfbUL^h$jJuIJR-*7k~TsZPXG0-2_TyR7T_S_ zAu$7l?>O?P1Bd~q0kZ*384Y}dJqOM3LVm{%Fyy^=uLkCdrm4 zUpoOFF4j3#N<*zd&_UEZ#6k2nY4#ZLdvr}*;7D~4=A2ADa1a%Ui0=`jE+9eC91{;+ z|7fAsd+gyUIOr_yU3BRK!-BF_gv}*-*r_$>|3s~igoyyV=smV)!~-;>o?v7W$YgEE z#Wc>6@st^P^IU3GTbB(KKVS<2ORKbLUtfK={&+U}`DS!6$W8e{xWG{exzz%7U9gjG zQ%J+h^YhX0=IrvKWbu&2tY2beFf*$RyyT^loM|?g@Q>6D=AgI6l+vkNt_Cuhr#3{H zmB658-8Q$l((Ui}f4hJ$U)qS= zBI9GU>ksFiXmwy{vkGcIJTx1+tq5bsr;ZvN#@%<^AhfgSHXC=ub1W1t?3M608*>m? z?jfzrCKKQByM?0BYBsnJYL5`vhfK9niYJUy3w`-g#;cm=jD(|fl0gp-YP}c=^aezf z3J6KarUFm?{?eVcMOa_{=j6HM|EPDIm;d9Fz5Qn=P%ZztDgJrXK)EpH)(?in4aM;B zN+M745h@~2;;UB>Ys>$HcnV+}Ylp1c;dDe4s ztBxuvxK$_>+{Wh<&&Fs>KhI>M(|woNq4Z&f=OBRb)Fb1HYUciyU;(85A0OWr4g^}E zby{-~8N}xp3S|vjT<+*3VOt$ItyTBTBu``QfzlIH%ox^>D4wiTB53Ppv}mhho6?JX zNTLkI)I?$H=Pg+o-xjas67VEOx58A35_w^!iX!+VhE(Fnv#DGZTc|a`9F7lLS<6^_ zlv%@M20L9D=gvIqYMMb$sH8`DHTe}{ZgE|EoVAAyp=$jft6su+0PL~G|26jiCrACf z{lDMs?$`gjfZR-%^Tjl>UYIDq3$THScC;yG*`@z58arp<*ePA~yC673bhR}Byw^!t5E?Cx(_g^cZuL?_iWSbTqOM4}708@!!eVwdp)U@EKWPAvZYD zCgmD#lli}dzmOm5F4EOdJLJpk>Yg>xcEQT}z+lcT5*88lMx zr~_kVoG7|XwX)k1%3Bt4i5GmXwMuudJzPy13LSTC~2T!D)@#l%V`D)5pUwT7%sAmf~s4Atb zooh;YMB}e2xvWQON`FK*l{RkT@V`Op#(B#7aHRbAFUFx?|7yC~8vy0he%74)S5r!_ z0<0KUjzi>t!0x3F-kCF`o(Fbf1mtgt3l@4~Tfayl{)H09Hh$yOdy^$|NgTV5l`!vW zEh0$_((3~?bdrk(D@L-Umilkj5L0de8;sYKzVanptBeSF{gEk)`H;QpP*YCkV#Ml} z{-9rVSc7DYyPDwJ-1UYUn%UbBtI3|@O{iurLaZh_((X0XP)x5tWXTo1%u_=7v^3|F z=l`npUv$GqYO%JmwmoVAShN1?b^H1A-|o@L(SH563wX5uhwpQ3yLXxlmD0UlGRo3x z0?9UqXSX$TEbQ4io`9Qfq_FRo(g^R+xWvXhzMdnpTdLgJ6(KiEw~BI{9-nW=$IWZ{ zl@zvd0@$2*;X>(0hHbb4MyN9en|cnn&~b7XsbZhEa*vnXp|GhZF!9noYP3&X*##-> z=k|*GzHw4OzY1LUin_$Ux6r^{;(LxV8(%t~W6#M|qK!He z;&u2e|GCw+TZM1S8F2w|7r;mTW7GT|ITTs)e-By_mY!!3`o6!HYhGR`H)@5^Q4!b z|INd_|JP2S#{OHl7%UkP&=!(+VWH0J zZd!zXM!#0UCC4@4sv&nw6Cdogqm#XoqYk}rZK*EewR0QIXnH@sy`J4kZlhB_%X*J1 z7Pz1nx2AbZFD8sIpjI(H7PE9svsn*H9{g}c*!jlz$G18Wa5D$_3Enyuw1;w+-2Y?6B((OX^eY0_(t=Zk zkBo$oZ^&<)deytT!r;+71&ll?eTf&^7{gOJ^aq+8AA)D^*B#r3HRS)6xRA!GO8oxU z*8+9&-_OT??e$NN_V@pH0_(`Xx_(e4=PL$@ChgDYn2~4*^atAB(dgd-HkW_p53oh~ z?;RH8zrUaVcLL8O|LJwBwdMbjE@36I|I%&xHNl$l&u5rD*ZGfmWai_4bxm_0|7#~u z;s23_nJc<~JXKYM<4IEv(N%Ln8Jk zu!j5-kBI0p*CQ1`?f(BHKmT`o`}u!2uq~lZ2Z??cz^7cu6vOA;jJy?s?Z%?&GbqK+ zNA2C;1>6#>A^-7h)yKaGQM>*(^ZS4EaKHcG4aD=mN5$qopij{kNtA-A@|+nYCA;$$c|H&ZHG(d8{R~LEx>71-h?WLRJZwG70fBX{5v+e)8T{9p5$2{uq<$ove0`~uS zJe4dHuA-EinkZpvKqf)L$`%L(s<{XWWdsA}u19N_c}S?5sQ&2Cn$%17Nu`vlwn;0f z7S~^^DOW7N_6C^02&|$1^;AY7OU)()Mt*G^A^ zHRXSEr!Ng2BmYNx|Bs!(OUi$Rli1qf*!J@OG+0CawR@S*WB)xoDae0+Z~xg1Y%2dH z_%)Z1*H#-PPb*Yukj!=A1Sx*WKvx=Z4E4NMSp23!4)Yz{uk!NxOX`(s`46uNKX?2O zv)?cJfA;t1KRba{f*D^BubjfuTjcTO&-nIu=IW>Zo(p9{-RO^Qn|~JvzVaCr)TXY5 zZiZJSLBR?%)yo(v%ygK^R)1LNf_m_mko%>h!+4g z!2*l5M71FVo0&IO)_zz|kM~gsIk>@7bblb1E`jOf;x$VWd1aen3CltfE~BX1XjQB` z73oekbvsJbVx2Jh8`uJJF-^kvNV4(h)Z`{xL#uvhVoZ@+e%7 zCvN$M)tFK`bvN(uX(+m!Z~>k;CHyW^4c{q$oG31AYC}|yY{Rc#6UXDxdjXa%37FZl zT!_oO`c8&~!56kt(qTk-x4Al`X+EH7T0$JfwDsi+%0>}Tu?Nt@L#HHBjY0JAU=@-D zo}!0`R<4wi;HM#^Xf9cR2VC~#Bs;9&bK!xH@?fdaI(Z3<&%kwyY5&>Ie?y4ee)G+b zAlmT?K530{>ICALH zdy^S1Qmql}o`Q?-wMoR(aRiwI4MdWBlo_e3=AV_ZT`OmkOeoi36mVWoT@?(qQpe|s z77#X7TJ<^j)bGwYX7FK4#MN1oZLE92Ye ze&tp6%8IPV=^d z^7u)n=oPj78YUiIm9;D5UJ;|aX3Z}VZ7NerbKk2A5kTm4P){<>qI}2 zPqS$!{6G1?7hXprIKlQ^;741~X5$|QU;6UL1mDRYVjliQ8JRX4|M)+d?;~b}1{|H8 zjwBbc0lV2Shy%D2XJYiXX2V!;n>x_>bE%!8{KwsG_`JKNGHU&Q^8SC_!;|h_{&xZg zf$v}e$ev*qUGEL`fM+w1yFDak5XXQ=rqMM%Hya0nBAbECBooE-chp95&WLEp?1Ar6 zEQNgxqOBekMTMc(Y=qh30f!9Kc93EG(rh#v2OeF%DumAu}#ydFx diff --git a/profisee-platform-0.1.24.tgz b/profisee-platform-0.1.24.tgz new file mode 100644 index 0000000000000000000000000000000000000000..c2dd41f2e979cda74943dfd8384b61543b90e646 GIT binary patch literal 5565 zcmV;u6+-GCiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PH>eZ{xO-`?CT64?JgqZ6BUx`6Ef8;@w^9c-vsJNiNQA?*Ro0 zTAJ8wWKl~}_NLq1-+rJZO4NrXJ8_(D>servh{NIVV}|5#IP@94B^;pbyI9;(Ht!5) zmtqY&gJeMtl)|J3&8zJ4d!0Bj}bgbQO;u zbQO;uL_PE_m;m!Y0B?AB4i+kmvWB?#!9v*gU1DQNyRlH^nnu^?4H_@qGJg*!%Krkp z0q|`qfExKfJRWp&@_*Ph_wv6J;Gf(vumvy+H5&*a6bWqW_4t3zFHYW%TG3Yr3p~Lb zF4EM~AGGv<1Jlwzj7Qg6s*gEeQs!u>S104~&zIMyt!6_F!Rx@gA#<=2isvBs$g|nK zFD&%>!+3N)x*3lyhS&eTx`~jmGbi4OZPUOLlK9E#`?HIa;qdaq#f?_}Epg!*e9DQS z>^?3a%pYY{oWDIgA6<{GE{hcMbyS$Sismb;(6rhrG?z}PcN1#C)&(qw3>@$T!7k4r zManT#%avI2^K(HDj&9;8Os+kfn%kn(tN3nhi3?Q&l8`Dd9pQwUl-< zupH_(GYD-dq(mc0)iu19(ya-dz*8;Z{N#s`8u?NvEc8d(u3yq$5kf7Q&RbUYt4t_k zridmnl{mDlkOQgbTK_CVRO&89Of+37a@hYd=IH&&*?BpdEFE<)S=gc=`Uy z4fwB9Tg{X$v(;=!g_f2Qcg7br8e(pQ%ZI>3lK%SUd^{Xo--Ide;69V^ZuD=N)plv% z!~-epr(_%we#Pj5IFg4{vxaKs9o&D!fh#O@i(Q_i+^NrL8!3UZ(7`<50!;wf46pzP z5f6zOAbiJ>M;$;6I1QK$Xv%2dBkVb7h8OZXc7P$@rNq8}!{w6y4(=DSAiZZa<(%n4 zMOLPy-+8E|xus+BPwt0w)@|jIuF{z{lN2{Pxs_XsLdJN2WIua_5)_j^%Bp9RcrZz} zMETkY@Nlutu~Hgp4T27$<{=KEw@I_dh~J}Y>HVbo(Ktz0x75LjBJP5b)l!}Z6r(a$%di<8`xAA}1Wg^*h~+2*j${xdi_%Gh|SVgq0kiJfV-7;(}|BqM()X)Fjg8UE6z5MS2b~*o7 ztAUM{0qbap4c8S}{jp)@uU3=P%70{*^J9a9?PAV1RRA^eKj^;m`A{ypF~xN)5N_JnK2R zRYw&S+$xj`ZsYTbXJa&`pJy`B>Ap+sQ2H>#a}dCI>XC6pHFJMUumDp3kB{#Q2Li3o zI<2{goW$oC3S|vjT<+*3VOt$ItyTBTBu``QfzlIH%ox^>D4wiTB53Ppv}mhho6?JX zNTLkI)I?$H=Pg+o-xjas67VEOx58A35_w^!iX!+VhE(Fnv#DGZTc|a`9F7L9tYs`d z%B*2BgPpF7b7!7)HO-(WRMI27n*0hex45o7&f3FUYIDq3$THScC;yG*`@z58arp<*ePA~yC673bhR}Byw^!t5E?Cx(_g^cZuL?_iWSbTqOM4}708@!!eVwdp)U@EKWPAvZYD zCgmD#lli}dzmOm5F4EOdJLJpk>Yg>xcEQT}z+lcT5*88lMx zr~_kVoG7|XwX)k1%3Bt4i5GmXwMvNtO)Qh9%?;?M!{kV^zG?6%{DU6E$$ zqE<#zZK3OFDv~D|hxe3bUT^D;@#PJ4A_TT)bMQp!8GoL*o3Eyv^`$qIhkCY z+PS8bM>PJblFNFeru0X2Q)%NS4*wgpZk(sQ4@b&>|6&~a^{=Lzy#Y{8?Ptx&e>J7_ zD!__yUm%%MnL|SxL~0-w)Kk?;$J9nY~wdhy*F7hm&CE_SPAp4 z)*_O`NqT*thE8(PV8uw5)KdS=8e+;VV1x0R(pSEOYn2fpuRk(nF(0y59cs$ST#Q)V z(jWAz4r`E%aaR+3o4ejnLo<6DVl~-wyb0CJMTpfzN7}uH8j9%^h%C9Hmw8GkpO)r) z^88=5{)=w-NG;Y@*0x720BhENy>5SyU;iC-_v^o%z@z;?e4lIEz0+iz~;mY7fL@eY{L~WLY*<#)N{Cnj*`1b75luEd%WZhg-tzyiI?tCqkZbiE=Xxd zcbAYu?Yn3r?~)0_?7o9tpLk$}`kJt0jLMQGL-*c4N`_lOwdrqz%ZPb|% zufu2g&#kuIDtuechzp3j06yv;ndbM%p~#Z|d(euo^gN5u{r$aM_VPlxQA1=-F5AR& zi3j-|^;{CT!eVBjR%h;sP9{^~J`w}$Tzc+(_Eru9saiy~fmC9|Xjw_AtC_<{ zIAIjeWTO+=EOt4wI#(wmy6yq_CRFFInG@ao@$FaZ3h}pus`)>*XFbvSQ*Zwm7{ zDiK2k)zN~Dw5M3W6352kkdC49WGVTKe!g!{sB_=uML$SRJ*!G%uw+C)TS(r8g*vah zX%YGv{aOW=9M^HYZjdUhwdjZXb6>piYm z;DTPc@!Ba4w$RYBbnLUT! zpTz$)plbamM-BI}4bOZ2XLbkq`+wd3pu1oH?E((+2Y?6B((OX^eY0_(t=Zk zkBo$oZ^&<)deytT!r;+71&ll?eTf$u7{gOJ^aq+84ZySa>yGWi8uEWjTu5V8C4T?w zYk@lX@8{#c_WH-i`}_Ypfpz3xT|cOj^A&?cllEtH%t$l@`U7q6X!LIZo6EoQ2iT(g z_wwhz{o}*^{J#@;CizdVTdghsk8}wuk^Pr$)2|8Elz%?M?77Z=%tJFD|Ep_u_wm1W z0u}xrX_&d9`^QsNML3=`C#6g+!Q2}c7ffmX+RSA(DwS;(hZ8`zdmr-MYl3*b{OWQyVQZbse;!FFR&^%<1n z=cD%S?*eWK){y`Bw(8?wgs5HroB92}IoR+2cLVYK?@_V259m|$MH1y8)fIXG0$uoX z5xw^}g0~54$Uh~H-B!V>AEO0o=l_EJzk9g9|F;|1mON($Ny)DNQP*eocD-kZb>%<$ z{dvy+d&l|sU)|o}{{H_?V5{=4qLx%h|06E9?X|!&!kY50La{ySUAS8L?-uU=ANTkE zKRbbK%6~FQG!2m4@6|x{?Q+w&=_}jr6@*ls%@@)J6Zr9Am|1l2__wv6Jcmex= zJf2FH30G0dO-+hkC6Yt(cb@KC-9Q;U*ROSb~v`Z{67uWkbmu7=JVKp2ge2Z@9*tDyMayR zzXZSL67t$=qvUCYDh-mkE}S66FB#}cBaWe-_X>;ORLEhzgZoupUVllwQZ4`CHR0!u z|6%s~MgPyi{`_Yruu3rF3*wbiczTOGzWf>A9?x9;)ZcTVOsE_E(QWhZ;=orvqk`Jh zwb0G*sw5~_fu?#HLxq_RGui473tdnT{xUN9oKPwM0t>heT$h7*iV~=n|8B2;TzLPv z+uy(cv=gX^={JtMe+<<@{WJwoE&rQF`it^}N+$oJPpW#-2!N}Plw-wkK^+*(0c>*?`63LytKc#7^1uA-tw>4XA+G$i;e9Uo z=UC-St67YQQ{GTZzHu|*B_Fw%3u6D^Qu}T!D9gspiCU!ejjAO#V8TB}2u}7LpIaV< z>+!@b->@1}N~iAT9X<_3mlH0)6Q_jVWvbyj<&P7^g-vaU>XB{u^=smIJbEv{(j@^i zdzOoDnOEP*kTCedR!TaIDDO5`hcwLxG)+s0qnNh7d_mbL0xI?ZdU)uRB&sop9v-Yh zvcOaH@X*SYQWE(zgcQvs3-Ex;o}6Td6?`r{@KGKqHCiVxf$#3_Ep;qen zJkbKeri#2$vNNUG)-P|1C}lCjHq((iJ^NtD@vITN%pkzXQ2lqur%9ts|#jX3y6*D+6^rs&@5#r#t>{zc#sR2bFaw=VUd%h7(WgM*FQunudVRp+|S;4pRWP4$ri)^fF=Vuet&DywDN=tm& z{uDfy$!UI7q8?by?yy}lCxtf)Y(L2E+Y&pL5#bxQA7uAz2+d(m*?mpE2q~MD!KVQD zCQPUto3oMREHaWF6QsSL>;tbd=LXttENc1H+r+X+bT4gu{S!dZ{%_2{os+3Y*|x%V z)}8+y9_8XcbPvtJ-v4JOaDc9`5WqZ+1VvG|qvZ@dGzp075O0cnY~SH2aHH8cKsPhO z)w8M`g@y?$bXAKTo5-~&n@vVX6 zZX8iB%qp2eJ}~4G4~%BRI352Q+UO*aA)U{uhdvI+$RUh38^)A~PV^(HM6+Q`erKKN zNAhVl?S%g)ANa!SXapzNz6<fI)5&;QyA7Xrw^T;0|4-ikuRA#I?d5+b za1i(o7J%#-X3_QDP!D)E1G(EnVg_*xcw`z~<8!ldASkjK$V@U(On*mhBlKy3#Z#xKoAvvJ_jWlSb4g_LA(e>UVl$$+3}O2jOf zAWno-5OJ-dtPXsRYDPUBP3D^61t5;+fELjysH!aHNX!WTa|!Dn_OORNY!UuH00960 LMA2d*0I&c6`vX55 literal 0 HcmV?d00001 diff --git a/profisee-platform/Chart.yaml b/profisee-platform/Chart.yaml index f8d5ad69..5f17dbec 100644 --- a/profisee-platform/Chart.yaml +++ b/profisee-platform/Chart.yaml @@ -3,4 +3,4 @@ appVersion: 1.16.0 description: A Helm chart for Profisee Platform on Kubernetes name: profisee-platform type: application -version: 0.1.23 +version: 0.1.24 diff --git a/profisee-platform/templates/deployment-keyvault.yaml b/profisee-platform/templates/deployment-keyvault.yaml index 8164ee6d..179ba524 100644 --- a/profisee-platform/templates/deployment-keyvault.yaml +++ b/profisee-platform/templates/deployment-keyvault.yaml @@ -19,7 +19,7 @@ spec: "kubernetes.io/os": linux containers: - name: profisee-keyvault - image: docker.io/library/alpine:3.7 + image: docker.io/library/alpine:latest imagePullPolicy: Always command: - /bin/sh From 30b5c18cdec812e92316dd773499a0e16710e690 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Fri, 11 Nov 2022 11:19:22 -0500 Subject: [PATCH 112/141] sync w/ Prod for further testing --- Azure-ARM/README.md | 3 +- Azure-ARM/Settings.yaml | 3 +- Azure-ARM/azuredeploy.json | 25 +- Azure-ARM/azuredeploy.parameters.json | 6 - Azure-ARM/createUIDefinition.json | 1901 ++++++++++++------------- Azure-ARM/deployprofisee.sh | 34 +- Azure-ARM/prereqcheck.sh | 17 - index.yaml | 6 +- profisee-platform-0.1.25.tgz | Bin 0 -> 5517 bytes 9 files changed, 951 insertions(+), 1044 deletions(-) create mode 100644 profisee-platform-0.1.25.tgz diff --git a/Azure-ARM/README.md b/Azure-ARM/README.md index e94f0888..2b64af95 100644 --- a/Azure-ARM/README.md +++ b/Azure-ARM/README.md @@ -1,5 +1,4 @@ # DEVELOPMENT. INTERNAL USE ONLY -# Deploying Profisee Platform on AKS using the ARM template ## Prerequisites @@ -26,7 +25,7 @@ Here's **how** it will be deployed. You must have a Managed Identity created to 3. **Application Administrator** role in Azure Active Directory, so the Application registration can be created by the Deployment Managed Identity and the required permissions can be assigned to it. 4. **Managed Identity Contributor** and **User Access Administrator** at the Subscription level. These two are needed in order for the ARM template Deployment Managed Identity to be able to create the Key Vault specific Managed Identity that will be used by Profisee to pull the values stored in the Key Vault, as well as to assign the AKSCluster-agentpool the Managed Identity Operator role (to the Resource and Infrastructure Resource groups) and Virtual Machine Operator role (to the Infrastructure Resource group). If Key Vault will not be used, these roles are not required. 5. **Key Vault requirements**. If you are using a Key Vault, please make sure that your Access Policy page has a checkmark on "Azure Resource Manager for template deployment". Otherwise, MS will not be able to validate the ARM template's access against your Key Vault and will result in validation failure in the ARM template before it begins deployment. -6. **Purview Integration requirements**. If you plan on integrating Profisee with Purview, you will now have to provide the Purview collection friendly name, as seen in the Purview web portal, regardless is this is a sub-collection or the root collection of Purview. + If Profisee will be configured to integrate with Microsoft Purview, a Purview specific Application Registration will need to be created and have the **Data Curator Role** assigned in the Purview account. It will also have to be assigned, at minimum, the User.Read **delegated** permission. For full Microsoft Purview functionality and integration with Profisee, the User.Read.All, Group.Read.All and GroupMember.Read.All **application** permissions will need to be added and consented to by an Azure Global Admin. diff --git a/Azure-ARM/Settings.yaml b/Azure-ARM/Settings.yaml index bb513fbc..db3be5ac 100644 --- a/Azure-ARM/Settings.yaml +++ b/Azure-ARM/Settings.yaml @@ -87,9 +87,8 @@ cloud: purview: tenantId: "$PURVIEWTENANTID" url: "$PURVIEWURL" - collectionId: "$PURVIEWCOLLECTIONID" clientId: "$PURVIEWCLIENTID" - clientSecret: "$PURVIEWCLIENTSECRET" + clientSecret: "$PURVIEWCLIENTSECRET" aws: isProvider: false google: diff --git a/Azure-ARM/azuredeploy.json b/Azure-ARM/azuredeploy.json index 2117a6cb..e280e9e7 100644 --- a/Azure-ARM/azuredeploy.json +++ b/Azure-ARM/azuredeploy.json @@ -29,10 +29,6 @@ "defaultValue": "", "type": "String" }, - "PurviewCollectionFriendlyName": { - "defaultValue": "", - "type": "String" - }, "PurviewClientId": { "defaultValue": "", "type": "String" @@ -230,7 +226,6 @@ "UsePurview":"[parameters('UsePurview')]", "PurviewUrl":"[parameters('PurviewUrl')]", - "PurviewCollectionId":"[parameters('PurviewCollectionFriendlyName')]", "PurviewClientId":"[parameters('PurviewClientId')]", "PurviewClientSecret":"[parameters('PurviewClientSecret')]", "PurviewAccountResourceGroup":"[parameters('PurviewAccountResourceGroup')]" @@ -260,10 +255,6 @@ "name": "SUBSCRIPTIONID", "value": "[subscription().subscriptionId]" }, - { - "name": "TENANTID", - "value": "[subscription().tenantId]" - }, { "name": "DOMAINNAMERESOURCEGROUP", "value": "[variables('DOMAINNAMERESOURCEGROUP')]" @@ -296,17 +287,9 @@ "name": "PURVIEWURL", "value": "[variables('PurviewUrl')]" }, - { - "name": "PURVIEWCOLLECTIONID", - "value": "[variables('PurviewCollectionId')]" - }, { "name": "PURVIEWCLIENTID", "value": "[variables('PurviewClientId')]" - }, - { - "name": "PURVIEWCLIENTSECRET", - "value": "[variables('PurviewClientSecret')]" } ] } @@ -761,6 +744,10 @@ "name": "KUBERNETESCLIENTID", "value": "[reference(resourceId('Microsoft.ContainerService/managedClusters', variables('KubernetesClusterName'))).identityProfile.kubeletidentity.clientId]" }, + { + "name": "KUBERNETESOBJECTID", + "value": "[reference(resourceId('Microsoft.ContainerService/managedClusters', variables('KubernetesClusterName'))).identityProfile.kubeletidentity.objectId]" + }, { "name": "USEPURVIEW", "value": "[variables('UsePurview')]" @@ -769,10 +756,6 @@ "name": "PURVIEWURL", "value": "[variables('PurviewUrl')]" }, - { - "name": "PURVIEWCOLLECTIONID", - "value": "[variables('PurviewCollectionId')]" - }, { "name": "PURVIEWCLIENTID", "value": "[variables('PurviewClientId')]" diff --git a/Azure-ARM/azuredeploy.parameters.json b/Azure-ARM/azuredeploy.parameters.json index 51957084..97eaefca 100644 --- a/Azure-ARM/azuredeploy.parameters.json +++ b/Azure-ARM/azuredeploy.parameters.json @@ -14,9 +14,6 @@ "ProfiseeWebAppName": { "value": "" }, - "TenantId": { - "value": "" - }, "ActiveDirectoryCreateApp": { "value": "Yes" }, @@ -26,9 +23,6 @@ "PurviewUrl": { "value": "" }, - "PurviewCollectionFriendlyName": { - "value": "" - }, "PurviewClientId": { "value": "" }, diff --git a/Azure-ARM/createUIDefinition.json b/Azure-ARM/createUIDefinition.json index f3e0411b..89f2ace9 100644 --- a/Azure-ARM/createUIDefinition.json +++ b/Azure-ARM/createUIDefinition.json @@ -1,1035 +1,1000 @@ { - "$schema": "https://schema.management.azure.com/schemas/0.1.2-preview/CreateUIDefinition.MultiVm.json#", - "handler": "Microsoft.Azure.CreateUIDef", - "version": "0.1.2-preview", -"parameters": { - "resourceTypes": [ - "microsoft.containerservice/managedclusters", - "microsoft.sql/servers", - "microsoft.storage/storageaccounts", - "microsoft.resources/deploymentscripts", - "microsoft.resources/resourcegroups" - ], - "basics": [ + "$schema": "https://schema.management.azure.com/schemas/0.1.2-preview/CreateUIDefinition.MultiVm.json#", + "handler": "Microsoft.Azure.CreateUIDef", + "version": "0.1.2-preview", + "parameters": { + "resourceTypes": [ + "microsoft.containerservice/managedclusters", + "microsoft.sql/servers", + "microsoft.storage/storageaccounts", + "microsoft.resources/deploymentscripts", + "microsoft.resources/resourcegroups" + ], + "basics": [ - { - "name": "text2", - "type": "Microsoft.Common.TextBlock", - "visible": true, - "options": { - "text": " ", - "link": { - "label": "", - "uri": "" + { + "name": "text2", + "type": "Microsoft.Common.TextBlock", + "visible": true, + "options": { + "text": " ", + "link": { + "label": "", + "uri": "" + } } - } - }, - { - "name": "ManagedIdentityName", - "type": "Microsoft.ManagedIdentity.IdentitySelector", - "label": "Managed Identity", - "toolTip": { - "systemAssignedIdentity": "", - "userAssignedIdentity": "Pick the Managed Identity that will run the Profisee deployment." - }, - "defaultValue": { - "systemAssignedIdentity": "OffOnly" - }, - "options": { - "hideSystemAssignedIdentity": true, - "hideUserAssignedIdentity": false }, - "constraints": { - "required": true + { + "name": "ManagedIdentityName", + "type": "Microsoft.ManagedIdentity.IdentitySelector", + "label": "Managed Identity", + "toolTip": { + "systemAssignedIdentity": "", + "userAssignedIdentity": "Pick the Managed Identity that will run the Profisee deployment." + }, + "defaultValue": { + "systemAssignedIdentity": "OffOnly" + }, + "options": { + "hideSystemAssignedIdentity": true, + "hideUserAssignedIdentity": false + }, + "constraints": { + "required": true + }, + "visible": true }, - "visible": true - }, - { - "name": "text1", - "type": "Microsoft.Common.InfoBox", - "visible": true, - "options": { - "icon": "Info", - "text": "Click here to learn how Profisee uses Managed Identities.", - "uri": "https://support.profisee.com/wikis/2022_r1_support/planning_your_managed_identity_configuration" + { + "name": "text1", + "type": "Microsoft.Common.InfoBox", + "visible": true, + "options": { + "icon": "Info", + "text": "Click here to learn how Profisee uses Managed Identities.", + "uri": "https://support.profisee.com/wikis/2022_r1_support/planning_your_managed_identity_configuration" + } } - } - ], - "steps": [ - { - "name": "profisee", - "label": "Profisee", - "elements": [ - { - "name": "UseKeyVault", - "type": "Microsoft.Common.OptionsGroup", - "label": "Use Key Vault?", - "defaultValue": "No, I will supply the required values.", - "toolTip": "Profisee can pull a TLS certificate from a Key Vault, as well as these secrets: SQL Username, SQL Password and Profisee License.", - "constraints": { - "allowedValues": [ - { - "label": "Yes, pull sensitive information from Key Vault.", - "value": "Yes" - }, - { - "label": "No, I will supply the required values.", - "value": "No" + ], + "steps": [ + { + "name": "profisee", + "label": "Profisee", + "elements": [ + { + "name": "UseKeyVault", + "type": "Microsoft.Common.OptionsGroup", + "label": "Use Key Vault?", + "defaultValue": "No, I will supply the required values.", + "toolTip": "Profisee can pull a TLS certificate from a Key Vault, as well as these secrets: SQL Username, SQL Password and Profisee License.", + "constraints": { + "allowedValues": [ + { + "label": "Yes, pull sensitive information from Key Vault.", + "value": "Yes" + }, + { + "label": "No, I will supply the required values.", + "value": "No" + } + ], + "required": true + }, + "visible": true + }, + { + "name": "KeyVault", + "type": "Microsoft.Solutions.ResourceSelector", + "label": "Key Vault", + "resourceType": "Microsoft.KeyVault/vaults", + "options": { + "filter": { + "subscription": "All", + "location": "All" } - ], - "required": true - }, - "visible": true - }, - { - "name": "KeyVault", - "type": "Microsoft.Solutions.ResourceSelector", - "label": "Key Vault", - "resourceType": "Microsoft.KeyVault/vaults", - "options": { - "filter": { - "subscription": "All", - "location": "All" - } + }, + "visible": "[equals(steps('profisee').UseKeyVault,'Yes')]" + }, + { + "name": "ProfiseeVersion", + "type": "Microsoft.Common.DropDown", + "label": "Profisee version", + "defaultValue": "2022R1.0", + "toolTip": "Which release of the Profisee Platform to deploy.", + "constraints": { + "required": true, + "allowedValues": [ + { + "label": "2020R1.0", + "value": "profiseeplatform:2020r1.0" + }, + { + "label": "2020R1.1", + "value": "profiseeplatform:2020r1.1" + }, + { + "label": "2020R2.0", + "value": "profiseeplatform:2020r2.0" + }, + { + "label": "2021R1.0", + "value": "profiseeplatform:2021r1.0" + }, + { + "label": "2021R2.0", + "value": "profiseeplatform:2021r2.0" + }, + { + "label": "2021R2.1", + "value": "profiseeplatform:2021r2.1" + }, + { + "label": "2021R3.0", + "value": "profiseeplatform:2021r3.0" + }, + { + "label": "2022R1.0", + "value": "profiseeplatform:2022r1.0" + } + ] + }, + "visible": true + }, + { + "name": "ProfiseeAdminUserAccount", + "type": "Microsoft.Common.TextBox", + "label": "Super Admin Account", + "defaultValue": "", + "placeholder": "first.last@company.com", + "toolTip": "The first Super User, who will be able to log in and add other users.", + "constraints": { + "required": true, + "regex": "", + "validationMessage": "" + }, + "visible": true + }, + { + "name": "ProfiseeLicense", + "type": "Microsoft.Common.FileUpload", + "label": "Profisee license", + "toolTip": "This file will be provided by Profisee Support. Please provide the file in txt format.", + "constraints": { + "required": true, + "accept": ".txt" + }, + "options": { + "multiple": false, + "uploadMode": "file", + "openMode": "text", + "encoding": "UTF-8" + }, + "visible": "[equals(steps('profisee').UseKeyVault,'No')]" + }, + { + "name": "ProfiseeLicenseSecret", + "type": "Microsoft.Common.TextBox", + "label": " Profisee License", + "defaultValue": "", + "placeholder": "License secret name in Key Vault", + "toolTip": "This file will be provided by Profisee Support. Please provide the name of the secret that holds the Profisee license: ex. profisee-license", + "constraints": { + "required": true, + "regex": "", + "validationMessage": "" + }, + "visible": "[equals(steps('profisee').UseKeyVault,'Yes')]" + }, + { + "name": "ActiveDirectoryCreateApp", + "type": "Microsoft.Common.OptionsGroup", + "label": "Create a new Azure AD application registration for you?", + "defaultValue": "Yes, create and configure it for me.", + "toolTip": "An Azure AD application registration will be used for authentication via ID tokens. For more information please visit https://support.profisee.com/wikis/2022_r1_support/deploying_the_AKS_cluster_with_the_arm_template.", + "constraints": { + "allowedValues": [ + { + "label": "Yes, create and configure it for me.", + "value": "Yes" + }, + { + "label": "No, I will specify the client ID of an existing Azure Active Directory app registration.", + "value": "No" + } + ], + "required": true + }, + "visible": true }, - "visible": "[equals(steps('profisee').UseKeyVault,'Yes')]" - }, - { - "name": "ProfiseeVersion", - "type": "Microsoft.Common.DropDown", - "label": "Profisee version", - "defaultValue": "2022R1.0", - "toolTip": "Which release of the Profisee Platform to deploy.", - "constraints": { - "required": true, - "allowedValues": [ - { - "label": "2020R1.0", - "value": "profiseeplatform:2020r1.0" - }, - { - "label": "2020R1.1", - "value": "profiseeplatform:2020r1.1" - }, - { - "label": "2020R2.0", - "value": "profiseeplatform:2020r2.0" - }, - { - "label": "2021R1.0", - "value": "profiseeplatform:2021r1.0" - }, - { - "label": "2021R2.0", - "value": "profiseeplatform:2021r2.0" - }, - { - "label": "2021R2.1", - "value": "profiseeplatform:2021r2.1" - }, - { - "label": "2021R3.0", - "value": "profiseeplatform:2021r3.0" - }, + { + "name": "UserSuppliedClientyId", + "type": "Microsoft.Common.Section", + "label": "", + "elements": [ { - "label": "2021R3.0.saas", - "value": "profiseeplatform:2021r3.0.saas" - }, - { - "label": "2022R1.0", - "value": "profiseeplatform:2022r1.0" - }, - { - "label": "2022R1-126062", - "value": "profiseeplatform:2022r1-126062" - }, - { - "label": "2022R2.preview", - "value": "profiseeplatform:2022r2.preview" - }, - { - "label": "2022R2.preview-history", - "value": "profiseeplatform:2022r2.preview-history" - }, - { - "label": "2022R2.preview-matching", - "value": "profiseeplatform:2022r2.preview-matching" + "name": "ActiveDirectoryClientId", + "type": "Microsoft.Common.TextBox", + "label": "Application Registration Client Id", + "defaultValue": "", + "toolTip": "Please provide the client ID of the Azure AD application to be used by Profisee for authentication.", + "constraints": { + "required": "[equals(steps('profisee').ActiveDirectoryCreateApp,'No')]", + "regex": "", + "validationMessage": "" + }, + "visible": true } - ] - }, - "visible": true - }, - { - "name": "ProfiseeAdminUserAccount", - "type": "Microsoft.Common.TextBox", - "label": "Super Admin Account", - "defaultValue": "", - "placeholder": "first.last@company.com", - "toolTip": "The first Super User, who will be able to log in and add other users.", - "constraints": { - "required": true, - "regex": "", - "validationMessage": "" - }, - "visible": true - }, - { - "name": "ProfiseeLicense", - "type": "Microsoft.Common.FileUpload", - "label": "Profisee license", - "toolTip": "This file will be provided by Profisee Support. Please provide the file in txt format.", - "constraints": { - "required": true, - "accept": ".txt" - }, - "options": { - "multiple": false, - "uploadMode": "file", - "openMode": "text", - "encoding": "UTF-8" + ], + "visible": "[equals(steps('profisee').ActiveDirectoryCreateApp,'No')]" + }, + { + "name": "UsePurview", + "type": "Microsoft.Common.OptionsGroup", + "label": "Integrate Profisee with Microsoft Purview?", + "defaultValue": "No, no need at this point.", + "toolTip": "Profisee can integrate with Microsoft Purview during initial configuration or at a later time.", + "constraints": { + "allowedValues": [ + { + "label": "Yes, integrate with Microsoft Purview.", + "value": "Yes" + }, + { + "label": "No, no need at this point.", + "value": "No" + } + ], + "required": true + }, + "visible": "[or(equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2021r2.0'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2021r2.1'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2021r3.0'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r1.0'))]" + }, + { + "name": "PurviewAccountName", + "type": "Microsoft.Solutions.ResourceSelector", + "label": "Select Purview Account", + "resourceType": "Microsoft.Purview/accounts", + "options": { + "filter": { + "subscription": "All", + "location": "All" + } + }, + "visible": "[equals(steps('profisee').UsePurview,'Yes')]" + }, + { + "name":"GetPurviewUrlRestApiResponse", + "type":"Microsoft.Solutions.ArmApiControl", + "request":{ + "method": "GET", + "path": "[concat(subscription().id,'/resourceGroups/',last(take(split(steps('profisee').PurviewAccountName.id, '/'), 5)),'/providers/Microsoft.Purview/accounts/',steps('profisee').PurviewAccountName.name,'?api-version=2020-12-01-preview')]", + "body": "" + } }, - "visible": "[equals(steps('profisee').UseKeyVault,'No')]" - }, - { - "name": "ProfiseeLicenseSecret", - "type": "Microsoft.Common.TextBox", - "label": " Profisee License", - "defaultValue": "", - "placeholder": "License secret name in Key Vault", - "toolTip": "This file will be provided by Profisee Support. Please provide the name of the secret that holds the Profisee license: ex. profisee-license", - "constraints": { - "required": true, - "regex": "", - "validationMessage": "" + { + "name": "PurviewClientID", + "type": "Microsoft.Common.TextBox", + "label": "Purview application client ID", + "defaultValue": "", + "placeholder": "", + "toolTip": "A Purview specific Azure AD application client ID. This application registration must be added as Data Curator to Purview and have the appropriate permissions assigned to it by a Global Admin.", + "constraints": { + "required": true, + "regex": "", + "validationMessage": "" + }, + "visible": "[equals(steps('profisee').UsePurview,'Yes')]" + }, + { + "name": "PurviewClientSecret", + "type": "Microsoft.Common.TextBox", + "label": "Purview application secret", + "defaultValue": "", + "placeholder": "", + "toolTip": "Please generate a secret in the Purview specific application and paste its value here.", + "constraints": { + "required": true, + "regex": "", + "validationMessage": "" + }, + "visible": "[equals(steps('profisee').UsePurview,'Yes')]" + }, + { + "name": "ProfiseeWebAppName", + "type": "Microsoft.Common.TextBox", + "label": "Web app name", + "defaultValue": "profisee", + "placeholder": "", + "toolTip": "https://host.domain.com/{webAppName}", + "constraints": { + "required": true, + "regex": "", + "validationMessage": "" + }, + "visible": true + } + ] + }, + { + "name": "kubernetes", + "label": "Kubernetes", + "elements": [ + { + "name": "KubernetesClusterName", + "type": "Microsoft.Common.TextBox", + "label": " AKS Cluster Name", + "defaultValue": "ProfiseeAKSCluster", + "toolTip": "Can only contain letters, numbers, underscores, and hyphens, must start and end with a letter or number, and must be unique in the current resource group.", + "constraints": { + "required": true, + "regex": "", + "validationMessage": "" + }, + "visible": true + }, + { + "name": "KubenetesInfrastructureResourceGroupName", + "type": "Microsoft.Common.TextBox", + "label": "Infrastructure Resource Group Name", + "defaultValue": "", + "toolTip": "Leave blank for default of MC_ResourceGroupName_ClusterName_Location, or enter the resouce group name you want to use. You can only specify the name, you can NOT precreate it.", + "constraints": { + "required": false, + "regex": "", + "validationMessage": "" + }, + "visible": true + }, + { + "name": "KubernetesVersion", + "type": "Microsoft.Common.TextBox", + "label": "Version", + "defaultValue": "", + "toolTip": "Leave blank for latest AKS version, or enter the specific version you want to use.", + "constraints": { + "required": false, + "regex": "", + "validationMessage": "" + }, + "visible": true }, - "visible": "[equals(steps('profisee').UseKeyVault,'Yes')]" - }, - { - "name": "ActiveDirectoryCreateApp", - "type": "Microsoft.Common.OptionsGroup", - "label": "Create a new Azure AD application registration for you?", - "defaultValue": "Yes, create and configure it for me.", - "toolTip": "An Azure AD application registration will be used for authentication via ID tokens. For more information please visit https://support.profisee.com/wikis/2022_r1_support/deploying_the_AKS_cluster_with_the_arm_template.", - "constraints": { - "allowedValues": [ + { + "name": "KubernetesLinuxNodeSizeSection", + "type": "Microsoft.Common.Section", + "label": "Linux Nodepool", + "elements": [ { - "label": "Yes, create and configure it for me.", - "value": "Yes" - }, - { - "label": "No, I will specify the client ID of an existing Azure Active Directory app registration.", - "value": "No" + "name": "KubernetesLinuxNodeSize", + "type": "Microsoft.Compute.SizeSelector", + "label": "VM Size", + "toolTip": "Pick VM size for the instances in the Linux nodepool. An 's' in the size will result in use of a Premium SSD. Ex. Standard_D2s_v5 will use Premium SSD, Standard_D2_v5 will use HDD.", + "recommendedSizes": [ + "Standard_D2_v5" + ], + "constraints": { + "allowedSizes": [] + }, + "options": { + "hideDiskTypeFilter": false + }, + "osPlatform": "Linux", + "count": 1, + "visible": true } ], - "required": true + "visible": true + }, + { + "name": "KubernetesLinuxNodeCount", + "type": "Microsoft.Common.Slider", + "min": 1, + "max": 12, + "label": "Linux node count", + "subLabel": "", + "defaultValue": 1, + "showStepMarkers": false, + "toolTip": "", + "constraints": { + "required": false + }, + "visible": true }, - "visible": true - }, - { - "name": "UserSuppliedClientyId", - "type": "Microsoft.Common.Section", - "label": "", - "elements": [ - { - "name": "ActiveDirectoryClientId", - "type": "Microsoft.Common.TextBox", - "label": "Application Registration Client Id", - "defaultValue": "", - "toolTip": "Please provide the client ID of the Azure AD application to be used by Profisee for authentication.", - "constraints": { - "required": "[equals(steps('profisee').ActiveDirectoryCreateApp,'No')]", - "regex": "", - "validationMessage": "" - }, - "visible": true - } - ], - "visible": "[equals(steps('profisee').ActiveDirectoryCreateApp,'No')]" - }, - { - "name": "UsePurview", - "type": "Microsoft.Common.OptionsGroup", - "label": "Integrate Profisee with Microsoft Purview?", - "defaultValue": "No, no need at this point.", - "toolTip": "Profisee can integrate with Microsoft Purview during initial configuration or at a later time.", - "constraints": { - "allowedValues": [ + { + "name": "KubernetesWindowsNodeSizeSection", + "type": "Microsoft.Common.Section", + "label": "Windows Nodepool", + "elements": [ { - "label": "Yes, integrate with Microsoft Purview.", - "value": "Yes" - }, - { - "label": "No, no need at this point.", - "value": "No" + "name": "KubernetesWindowsNodeSize", + "type": "Microsoft.Compute.SizeSelector", + "label": "VM Size", + "toolTip": "Pick VM size for the instances in the Windows nodepool. An 's' in the size will result in use of a Premium SSD. Ex. Standard_D2s_v5 will use Premium SSD, Standard_D2_v5 will use HDD.", + "recommendedSizes": [ + "Standard_D4_v5" + ], + "constraints": { + "allowedSizes": [] + }, + "options": { + "hideDiskTypeFilter": false + }, + "osPlatform": "Windows", + "imageReference": { + "publisher": "MicrosoftWindowsServer", + "offer": "WindowsServer", + "sku": "2019-Datacenter" + }, + "count": 1, + "visible": true } ], - "required": true - }, - "visible": "or(equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2021r2.0'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2021r2.1'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2021r3.0'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r1.preview'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r1.0'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r1-126062'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r2.preview'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r2.preview-history'))]" - }, - { - "name": "PurviewAccountName", - "type": "Microsoft.Solutions.ResourceSelector", - "label": "Select Purview Account", - "resourceType": "Microsoft.Purview/accounts", - "options": { - "filter": { - "subscription": "All", - "location": "All" - } - }, - "visible": "[equals(steps('profisee').UsePurview,'Yes')]" - }, - { - "name":"GetPurviewUrlRestApiResponse", - "type":"Microsoft.Solutions.ArmApiControl", - "request":{ - "method": "GET", - "path": "[concat(subscription().id,'/resourceGroups/',last(take(split(steps('profisee').PurviewAccountName.id, '/'), 5)),'/providers/Microsoft.Purview/accounts/',steps('profisee').PurviewAccountName.name,'?api-version=2020-12-01-preview')]", - "body": "" - } - }, - { - "name": "PurviewCollectionFriendlyName", - "type": "Microsoft.Common.TextBox", - "label": "Purview Collection Friendly Name", - "defaultValue": "", - "placeholder": "tHiS iS CaSe SenSiTiVe!", - "toolTip": "Please provide the Purview Collection Friendly Name that you see in your Purview account. Profisee will deploy to that collection. If you would like to deploy in the root collection, please specify its friendly name.", - "constraints": { - "required": true, - "regex": "", - "validationMessage": "" - }, - "visible": "[and(equals(steps('profisee').UsePurview,'Yes'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r2.preview'))]" - }, - { - "name": "PurviewClientID", - "type": "Microsoft.Common.TextBox", - "label": "Purview application client ID", - "defaultValue": "", - "placeholder": "", - "toolTip": "A Purview specific Azure AD application client ID. This application registration must be added as Data Curator to Purview and have the appropriate permissions assigned to it by a Global Admin.", - "constraints": { - "required": true, - "regex": "", - "validationMessage": "" - }, - "visible": "[equals(steps('profisee').UsePurview,'Yes')]" - }, - { - "name": "PurviewClientSecret", - "type": "Microsoft.Common.TextBox", - "label": "Purview application secret", - "defaultValue": "", - "placeholder": "", - "toolTip": "Please generate a secret in the Purview specific application and paste its value here.", - "constraints": { - "required": true, - "regex": "", - "validationMessage": "" - }, - "visible": "[equals(steps('profisee').UsePurview,'Yes')]" - }, - { - "name": "ProfiseeWebAppName", - "type": "Microsoft.Common.TextBox", - "label": "Web app name", - "defaultValue": "profisee", - "placeholder": "", - "toolTip": "https://host.domain.com/{webAppName}", - "constraints": { - "required": true, - "regex": "", - "validationMessage": "" - }, - "visible": true - } - ] - }, - { - "name": "kubernetes", - "label": "Kubernetes", - "elements": [ - { - "name": "KubernetesClusterName", - "type": "Microsoft.Common.TextBox", - "label": " AKS Cluster Name", - "defaultValue": "ProfiseeAKSCluster", - "toolTip": "Can only contain letters, numbers, underscores, and hyphens, must start and end with a letter or number, and must be unique in the current resource group.", - "constraints": { - "required": true, - "regex": "", - "validationMessage": "" - }, - "visible": true - }, - { - "name": "KubenetesInfrastructureResourceGroupName", - "type": "Microsoft.Common.TextBox", - "label": "Infrastructure Resource Group Name", - "defaultValue": "", - "toolTip": "Leave blank for default of MC_ResourceGroupName_ClusterName_Location, or enter the resouce group name you want to use. You can only specify the name, you can NOT precreate it.", - "constraints": { - "required": false, - "regex": "", - "validationMessage": "" - }, - "visible": true - }, - { - "name": "KubernetesVersion", - "type": "Microsoft.Common.TextBox", - "label": "Version", - "defaultValue": "", - "toolTip": "Leave blank for latest AKS version, or enter the specific version you want to use.", - "constraints": { - "required": false, - "regex": "", - "validationMessage": "" - }, - "visible": true - }, - { - "name": "KubernetesLinuxNodeSizeSection", - "type": "Microsoft.Common.Section", - "label": "Linux Nodepool", - "elements": [ - { - "name": "KubernetesLinuxNodeSize", - "type": "Microsoft.Compute.SizeSelector", - "label": "VM Size", - "toolTip": "Pick VM size for the instances in the Linux nodepool. An 's' in the size will result in use of a Premium SSD. Ex. Standard_D2s_v5 will use Premium SSD, Standard_D2_v5 will use HDD.", - "recommendedSizes": [ - "Standard_B2s" + "visible": true + }, + { + "name": "KubernetesWindowsNodeCount", + "type": "Microsoft.Common.Slider", + "min": 1, + "max": 12, + "label": "Windows node count", + "subLabel": "", + "defaultValue": 1, + "showStepMarkers": false, + "toolTip": "Equal to the number of server licenses for Profisee.", + "constraints": { + "required": false + }, + "visible": true + }, + { + "name": "KubernetesAdvancedYesNo", + "type": "Microsoft.Common.OptionsGroup", + "label": "Configure advanced Kubernetes networking settings?", + "defaultValue": "No, use default settings", + "toolTip": "Kubernetes might fail deploying if the default settings overlap with any vnets in your tenant. It is recommended that you configure these.", + "constraints": { + "allowedValues": [ + { + "label": "No, use default settings", + "value": "No" + }, + { + "label": "Yes, configure advanced settings", + "value": "Yes" + } ], - "constraints": { - "allowedSizes": [] - }, - "options": { - "hideDiskTypeFilter": false - }, - "osPlatform": "Linux", - "count": 1, - "visible": true - } - ], - "visible": true - }, - { - "name": "KubernetesLinuxNodeCount", - "type": "Microsoft.Common.Slider", - "min": 1, - "max": 12, - "label": "Linux node count", - "subLabel": "", - "defaultValue": 1, - "showStepMarkers": false, - "toolTip": "", - "constraints": { - "required": false + "required": true + }, + "visible": true }, - "visible": true - }, - { - "name": "KubernetesWindowsNodeSizeSection", - "type": "Microsoft.Common.Section", - "label": "Windows Nodepool", - "elements": [ - { - "name": "KubernetesWindowsNodeSize", - "type": "Microsoft.Compute.SizeSelector", - "label": "VM Size", - "toolTip": "Pick VM size for the instances in the Windows nodepool. An 's' in the size will result in use of a Premium SSD. Ex. Standard_D2s_v5 will use Premium SSD, Standard_D2_v5 will use HDD.", - "recommendedSizes": [ - "Standard_B4ms" - ], - "constraints": { - "allowedSizes": [] - }, - "options": { - "hideDiskTypeFilter": false + { + "name": "KubernetesAdvanced", + "type": "Microsoft.Common.Section", + "label": "Advanced Kubernetes settings", + "elements": [ + { + "name": "KubernetesVnetName", + "type": "Microsoft.Network.VirtualNetworkCombo", + "label": { + "virtualNetwork": "Virtual network", + "subnets": "Subnets" + }, + "toolTip": { + "virtualNetwork": "", + "subnets": "" + }, + "defaultValue": { + "name": "vnet01", + "addressPrefixSize": "/24" + }, + "constraints": { + "minAddressPrefixSize": "/28" + }, + "options": { + "hideExisting": false + }, + "subnets": { + "subnet1": { + "label": "Subnet", + "defaultValue": { + "name": "subnet-1", + "addressPrefixSize": "/24" + }, + "constraints": { + "minAddressPrefixSize": "/24", + "minAddressCount": 12, + "requireContiguousAddresses": true + } + } + }, + "visible": true }, - "osPlatform": "Windows", - "imageReference": { - "publisher": "MicrosoftWindowsServer", - "offer": "WindowsServer", - "sku": "2019-Datacenter" + { + "name": "KubernetesServiceCidr", + "type": "Microsoft.Common.TextBox", + "label": "Service CIDR", + "defaultValue": "10.0.0.0/24", + "toolTip": "A CIDR notation IP range from which to assign IP addresses for cluster services. This range MUST differ from the AKS subnet selected above. This range can be reused between clusters.", + "constraints": { + "required": false, + "regex": "", + "validationMessage": "" + }, + "visible": true }, - "count": 1, - "visible": true - } - ], - "visible": true - }, - { - "name": "KubernetesWindowsNodeCount", - "type": "Microsoft.Common.Slider", - "min": 1, - "max": 12, - "label": "Windows node count", - "subLabel": "", - "defaultValue": 1, - "showStepMarkers": false, - "toolTip": "Equal to the number of server licenses for Profisee.", - "constraints": { - "required": false - }, - "visible": true - }, - { - "name": "KubernetesAdvancedYesNo", - "type": "Microsoft.Common.OptionsGroup", - "label": "Configure advanced Kubernetes networking settings?", - "defaultValue": "No, use default settings", - "toolTip": "Kubernetes might fail deploying if the default settings overlap with any vnets in your tenant. It is recommended that you configure these.", - "constraints": { - "allowedValues": [ { - "label": "No, use default settings", - "value": "No" + "name": "KubernetesDNSServiceIP", + "type": "Microsoft.Common.TextBox", + "label": "DNS Service IP", + "defaultValue": "10.0.0.10", + "toolTip": "IP address of the cluster DNS service discovery. Do not use the first IP in the address range.", + "constraints": { + "required": false, + "regex": "", + "validationMessage": "" + }, + "visible": true }, { - "label": "Yes, configure advanced settings", - "value": "Yes" + "name": "KubernetesDockerBridgeCidr", + "type": "Microsoft.Common.TextBox", + "label": "Docker Bridge CIDR", + "defaultValue": "172.17.0.1/16", + "toolTip": "A CIDR notation IP for Docker bridge. This is not used in Azure CNI. Leave as is.", + "constraints": { + "required": false, + "regex": "", + "validationMessage": "" + }, + "visible": true } ], - "required": true + "visible": "[equals(steps('kubernetes').KubernetesAdvancedYesNo,'Yes')]" + } + + ] + }, + { + "name": "sql", + "label": "SQL", + "elements": [ + { + "name": "SQLServerCreateNew", + "type": "Microsoft.Common.OptionsGroup", + "label": "Create a new SQL Server?", + "defaultValue": "Yes, create a new SQL Server.", + "toolTip": "", + "constraints": { + "required": true, + "allowedValues": [ + { + "label": "Yes, create a new SQL Server.", + "value": "Yes" + }, + { + "label": "No, use an existing Azure SQL Server.", + "value": "No" + } + ] + }, + "visible": true + }, + { + "name": "SQLServerNameExisting", + "type": "Microsoft.Solutions.ResourceSelector", + "label": "Select SQL Server", + "resourceType": "Microsoft.Sql/servers", + "options": { + "filter": { + "subscription": "All", + "location": "All" + } + }, + "visible": "[equals(steps('sql').SQLServerCreateNew,'No')]" + }, + { + "name": "CheckSqlNameRestApiResponse", + "type": "Microsoft.Solutions.ArmApiControl", + "request": { + "method": "POST", + "path": "[concat(subscription().id,'/providers/Microsoft.Sql/checkNameAvailability?api-version=2014-04-01')]", + "body": "[parse(concat('{\"name\":\"',steps('sql').SQLServerName,'\",\"type\":\"Microsoft.Sql/servers\"}'))]" + } }, - "visible": true - }, - { - "name": "KubernetesAdvanced", - "type": "Microsoft.Common.Section", - "label": "Advanced Kubernetes settings", - "elements": [ - { - "name": "KubernetesVnetName", - "type": "Microsoft.Network.VirtualNetworkCombo", - "label": { - "virtualNetwork": "Virtual network", - "subnets": "Subnets" - }, - "toolTip": { - "virtualNetwork": "", - "subnets": "" - }, - "defaultValue": { - "name": "vnet01", - "addressPrefixSize": "/24" - }, - "constraints": { - "minAddressPrefixSize": "/28" - }, - "options": { - "hideExisting": false - }, - "subnets": { - "subnet1": { - "label": "Subnet", - "defaultValue": { - "name": "subnet-1", - "addressPrefixSize": "/24" - }, - "constraints": { - "minAddressPrefixSize": "/24", - "minAddressCount": 12, - "requireContiguousAddresses": true - } + { + "name": "SQLServerName", + "type": "Microsoft.Common.TextBox", + "label": "Server Name", + "toolTip": "Enter a globally unique Azure SQL Server name. Name can contain only lowercase letters, numbers, and hyphens. The name cannot start or end with a hyphen or contain more than 63 characters.", + "constraints": { + "required": true, + "validations": [ + { + "isValid": "[equals(steps('sql').CheckSqlNameRestApiResponse.available,true)]", + "message": "[steps('sql').CheckSqlNameRestApiResponse.message]" } - }, - "visible": true + ] }, - { - "name": "KubernetesServiceCidr", - "type": "Microsoft.Common.TextBox", - "label": "Service CIDR", - "defaultValue": "10.0.0.0/24", - "toolTip": "A CIDR notation IP range from which to assign IP addresses for cluster services. This range MUST differ from the AKS subnet selected above. This range can be reused between clusters.", - "constraints": { - "required": false, - "regex": "", - "validationMessage": "" - }, - "visible": true + "visible": "[equals(steps('sql').SQLServerCreateNew,'Yes')]" + }, + { + "name": "SQLServerUser", + "type": "Microsoft.Common.TextBox", + "label": "SQL Username", + "defaultValue": "sqladmin", + "toolTip": "Administrator SQL login name to create with the new SQL Server OR provide the login to connect to an existing SQL Server. Your login name must not contain a SQL Identifier or a typical system name (like admin, administrator, sa, root, dbmanager, loginmanager, etc.) or a built-in database user or role (like dbo, guest, public, etc.). Your login name must not include non-alphanumeric characters. Your login name must not start with numbers or symbols.", + "constraints": { + "required": true, + "regex": "", + "validationMessage": "" }, - { - "name": "KubernetesDNSServiceIP", - "type": "Microsoft.Common.TextBox", - "label": "DNS Service IP", - "defaultValue": "10.0.0.10", - "toolTip": "IP address of the cluster DNS service discovery. Do not use the first IP in the address range.", - "constraints": { - "required": false, - "regex": "", - "validationMessage": "" - }, - "visible": true + "visible": "[equals(steps('profisee').UseKeyVault,'No')]" + }, + { + "name": "SQLServerUserSecret", + "type": "Microsoft.Common.TextBox", + "label": "SQL Username", + "placeholder": "Key Vault secret name: ex. profisee-sql-username", + "toolTip": "Administrator SQL login name to create with the new SQL Server OR provide the login to connect to existing SQL Server. Your login name must not contain a SQL Identifier or a typical system name (like admin, administrator, sa, root, dbmanager, loginmanager, etc.) or a built-in database user or role (like dbo, guest, public, etc.). Your login name must not include non-alphanumeric characters. Your login name must not start with numbers or symbols.", + "constraints": { + "required": true, + "regex": "", + "validationMessage": "" }, - { - "name": "KubernetesDockerBridgeCidr", - "type": "Microsoft.Common.TextBox", - "label": "Docker Bridge CIDR", - "defaultValue": "172.17.0.1/16", - "toolTip": "A CIDR notation IP for Docker bridge. This is not used in Azure CNI. Leave as is.", - "constraints": { - "required": false, - "regex": "", - "validationMessage": "" - }, - "visible": true - } - ], - "visible": "[equals(steps('kubernetes').KubernetesAdvancedYesNo,'Yes')]" - } + "visible": "[equals(steps('profisee').UseKeyVault,'Yes')]" + }, + { + "name": "SQLServerPassword", + "type": "Microsoft.Common.PasswordBox", + "label": { + "password": " SQL Password", + "confirmPassword": "Confirm password" + }, + "toolTip": "", + "constraints": { + "required": true, + "regex": "^((?=.*[A-Z])(?=.*\\d)(?=.*[~`!@#$%^&*()\\-_+={[}\\]|\\\\:;\"'<,>.?\\\/])|(?=.*[a-z])(?=.*\\d)(?=.*[~`!@#$%^&*()\\-_+={[}\\]|\\\\:;\"'<,>.?\\\/])|(?=.*[a-z])(?=.*\\d)(?=.*[A-Z])|(?=.*[a-z])(?=.*[~`!@#$%^&*()\\-_+={[}\\]|\\\\:;\"'<,>.?\\\/])(?=.*[A-Z]))[\\w~`!@#$%^&*()\\-+={[}\\]|\\\\:;\"'<,>.?\\\/]{8,128}$", + "validationMessage": "Your password must be at least 8 characters in length. Your password must be no more than 128 characters in length. Your password must contain characters from three of the following categories – English uppercase letters, English lowercase letters, numbers (0-9), and non-alphanumeric characters (!, $, #, %, etc.). Your password cannot contain all or part of the login name. Part of a login name is defined as three or more consecutive alphanumeric characters." + }, + "options": { + "hideConfirmation": false + }, + "visible": "[equals(steps('profisee').UseKeyVault,'No')]" + }, + { + "name": "SQLServerPasswordSecret", + "type": "Microsoft.Common.TextBox", + "label": "SQL Password", + "defaultValue": "", + "placeholder": "Key Vault secret name: ex. profisee-sql-password", + "toolTip": "", + "constraints": { + "required": true, + "regex": "", + "validationMessage": "" + }, + "visible": "[equals(steps('profisee').UseKeyVault,'Yes')]" + }, + { + "name": "SQLServerDatabaseName", + "type": "Microsoft.Common.TextBox", + "label": "Database Name", + "defaultValue": "Profisee", + "toolTip": "Cannot contain special characters or reserved words. Should be less than 128 characters and unique within the SQL Server.", + "constraints": { + "required": true, + "regex": "", + "validationMessage": "" + }, + "visible": true + } - ] - }, - { - "name": "sql", - "label": "SQL", - "elements": [ - { - "name": "SQLServerCreateNew", - "type": "Microsoft.Common.OptionsGroup", - "label": "Create a new SQL Server?", - "defaultValue": "Yes, create a new SQL Server.", - "toolTip": "", - "constraints": { - "required": true, - "allowedValues": [ - { - "label": "Yes, create a new SQL Server.", - "value": "Yes" - }, + + + ] + }, + { + "name": "storage", + "label": "Storage", + "elements": [ + + { + "name": "StorageAccountNameSection", + "type": "Microsoft.Common.Section", + "label": "Storage Account Name", + "elements": [ { - "label": "No, use an existing Azure SQL Server.", - "value": "No" + "name": "StorageAccountName", + "type": "Microsoft.Storage.StorageAccountSelector", + "label": "Storage account", + "toolTip": "Create new or pick an existing storage account.", + "defaultValue": { + "name": "", + "type": "Standard_LRS" + }, + "constraints": { + "allowedTypes": [] + }, + "options": { + "hideExisting": false + }, + "visible": true } - ] + ], + "visible": true + }, + { + "name":"GetStorageAccessKeysRestApiResponse", + "type":"Microsoft.Solutions.ArmApiControl", + "request":{ + "method": "POST", + "path": "[concat(subscription().id,'/resourceGroups/',steps('storage').StorageAccountNameSection.StorageAccountName.resourceGroup,'/providers/Microsoft.Storage/storageAccounts/',steps('storage').StorageAccountNameSection.StorageAccountName.name,'/listKeys?api-version=2019-06-01')]", + "body": "" + } }, - "visible": true - }, - { - "name": "SQLServerNameExisting", - "type": "Microsoft.Solutions.ResourceSelector", - "label": "Select SQL Server", - "resourceType": "Microsoft.Sql/servers", - "options": { - "filter": { - "subscription": "All", - "location": "All" + { + "name": "StorageAccountAccessKey", + "type": "Microsoft.Common.DropDown", + "label": "Access Keys", + "toolTip": "Pick which storage account access key to use.", + "constraints": { + "allowedValues": "[map(steps('storage').GetStorageAccessKeysRestApiResponse.keys, (item) => parse(concat('{\"label\":\"', item.keyName, '\",\"value\":\"', item.value, '\"}')))]", + "required": true + }, + "visible": "[equals(steps('storage').StorageAccountNameSection.StorageAccountName.newOrExisting, 'existing')]" + }, + { + "name":"GetStorageFileSharesRestApiResponse", + "type":"Microsoft.Solutions.ArmApiControl", + "request":{ + "method": "GET", + "path": "[concat(subscription().id,'/resourceGroups/',steps('storage').StorageAccountNameSection.StorageAccountName.resourceGroup,'/providers/Microsoft.Storage/storageAccounts/',steps('storage').StorageAccountNameSection.StorageAccountName.name,'/fileServices/default/shares?api-version=2019-06-01')]", + "body": "" } }, - "visible": "[equals(steps('sql').SQLServerCreateNew,'No')]" - }, - { - "name": "CheckSqlNameRestApiResponse", - "type": "Microsoft.Solutions.ArmApiControl", - "request": { - "method": "POST", - "path": "[concat(subscription().id,'/providers/Microsoft.Sql/checkNameAvailability?api-version=2014-04-01')]", - "body": "[parse(concat('{\"name\":\"',steps('sql').SQLServerName,'\",\"type\":\"Microsoft.Sql/servers\"}'))]" + { + "name": "StorageAccountFileShareName", + "type": "Microsoft.Common.DropDown", + "label": "File share", + "toolTip": "A file share must be created in the storage account.", + "constraints": { + "allowedValues": "[map(steps('storage').GetStorageFileSharesRestApiResponse.value, (item) => parse(concat('{\"label\":\"', item.name, '\",\"value\":\"', item.name, '\"}')))]", + "required": true + }, + "visible": "[equals(steps('storage').StorageAccountNameSection.StorageAccountName.newOrExisting, 'existing')]" } - }, - { - "name": "SQLServerName", - "type": "Microsoft.Common.TextBox", - "label": "Server Name", - "toolTip": "Enter a globally unique Azure SQL Server name. Name can contain only lowercase letters, numbers, and hyphens. The name cannot start or end with a hyphen or contain more than 63 characters.", - "constraints": { - "required": true, - "validations": [ - { - "isValid": "[equals(steps('sql').CheckSqlNameRestApiResponse.available,true)]", - "message": "[steps('sql').CheckSqlNameRestApiResponse.message]" - } - ] - }, - "visible": "[equals(steps('sql').SQLServerCreateNew,'Yes')]" - }, - { - "name": "SQLServerUser", - "type": "Microsoft.Common.TextBox", - "label": "SQL Username", - "defaultValue": "sqladmin", - "toolTip": "Administrator SQL login name to create with the new SQL Server OR provide the login to connect to an existing SQL Server. Your login name must not contain a SQL Identifier or a typical system name (like admin, administrator, sa, root, dbmanager, loginmanager, etc.) or a built-in database user or role (like dbo, guest, public, etc.). Your login name must not include non-alphanumeric characters. Your login name must not start with numbers or symbols.", - "constraints": { - "required": true, - "regex": "", - "validationMessage": "" - }, - "visible": "[equals(steps('profisee').UseKeyVault,'No')]" - }, - { - "name": "SQLServerUserSecret", - "type": "Microsoft.Common.TextBox", - "label": "SQL Username", - "placeholder": "Key Vault secret name: ex. profisee-sql-username", - "toolTip": "Administrator SQL login name to create with the new SQL Server OR provide the login to connect to existing SQL Server. Your login name must not contain a SQL Identifier or a typical system name (like admin, administrator, sa, root, dbmanager, loginmanager, etc.) or a built-in database user or role (like dbo, guest, public, etc.). Your login name must not include non-alphanumeric characters. Your login name must not start with numbers or symbols.", - "constraints": { - "required": true, - "regex": "", - "validationMessage": "" - }, - "visible": "[equals(steps('profisee').UseKeyVault,'Yes')]" - }, - { - "name": "SQLServerPassword", - "type": "Microsoft.Common.PasswordBox", - "label": { - "password": " SQL Password", - "confirmPassword": "Confirm password" - }, - "toolTip": "", - "constraints": { - "required": true, - "regex": "^((?=.*[A-Z])(?=.*\\d)(?=.*[~`!@#$%^&*()\\-_+={[}\\]|\\\\:;\"'<,>.?\\\/])|(?=.*[a-z])(?=.*\\d)(?=.*[~`!@#$%^&*()\\-_+={[}\\]|\\\\:;\"'<,>.?\\\/])|(?=.*[a-z])(?=.*\\d)(?=.*[A-Z])|(?=.*[a-z])(?=.*[~`!@#$%^&*()\\-_+={[}\\]|\\\\:;\"'<,>.?\\\/])(?=.*[A-Z]))[\\w~`!@#$%^&*()\\-+={[}\\]|\\\\:;\"'<,>.?\\\/]{8,128}$", - "validationMessage": "Your password must be at least 8 characters in length. Your password must be no more than 128 characters in length. Your password must contain characters from three of the following categories – English uppercase letters, English lowercase letters, numbers (0-9), and non-alphanumeric characters (!, $, #, %, etc.). Your password cannot contain all or part of the login name. Part of a login name is defined as three or more consecutive alphanumeric characters." - }, - "options": { - "hideConfirmation": false - }, - "visible": "[equals(steps('profisee').UseKeyVault,'No')]" - }, - { - "name": "SQLServerPasswordSecret", - "type": "Microsoft.Common.TextBox", - "label": "SQL Password", - "defaultValue": "", - "placeholder": "Key Vault secret name: ex. profisee-sql-password", - "toolTip": "", - "constraints": { - "required": true, - "regex": "", - "validationMessage": "" - }, - "visible": "[equals(steps('profisee').UseKeyVault,'Yes')]" - }, - { - "name": "SQLServerDatabaseName", - "type": "Microsoft.Common.TextBox", - "label": "Database Name", - "defaultValue": "Profisee", - "toolTip": "Cannot contain special characters or reserved words. Should be less than 128 characters and unique within the SQL Server.", - "constraints": { - "required": true, - "regex": "", - "validationMessage": "" + ] + }, + { + "name": "networking", + "label": "Networking", + "elements": [ + { + "name": "DNSUpdate", + "type": "Microsoft.Common.OptionsGroup", + "label": "Use default Azure DNS?", + "defaultValue": "Yes, use default Azure DNS and Let’s Encrypt for certificates (ex. https://[profisee].[region].cloudapp.azure.com/profisee)", + "toolTip": "Profisee will configure Let's Encrypt to generate and auto-renew a TLS certificate for use with Azure hosted DNS. Ex. profisee.eastus2.cloudapp.azure.com/{web app name}.", + "constraints": { + "allowedValues": [ + { + "label": "Yes, use default Azure DNS and Let’s Encrypt for certificates (ex. https://[profisee].[region].cloudapp.azure.com/profisee)", + "value": "No" + }, + { + "label": "No, I will provide my own DNS hostname and domain.", + "value": "Yes" + } + ], + "required": true + }, + "visible": true }, - "visible": true - } - - - - ] - }, - { - "name": "storage", - "label": "Storage", - "elements": [ - - { - "name": "StorageAccountNameSection", - "type": "Microsoft.Common.Section", - "label": "Storage Account Name", - "elements": [ - { - "name": "StorageAccountName", - "type": "Microsoft.Storage.StorageAccountSelector", - "label": "Storage account", - "toolTip": "Create new or pick an existing storage account.", - "defaultValue": { - "name": "", - "type": "Standard_LRS" - }, - "constraints": { - "allowedTypes": [] + { + "name": "UserDefinedDNS", + "type": "Microsoft.Common.Section", + "label": "User Defined DNS", + "elements": [ + { + "name": "DNSUpdate2", + "type": "Microsoft.Common.OptionsGroup", + "label": "Are your domain DNS records hosted in an Azure Public DNS Zone?", + "defaultValue": "Yes, I use an Azure Public DNS zone to host my domain records.", + "toolTip": "You have an Azure DNS zone for your domain. The Name Servers of your domain at your domain registrar (ex. Google, Cloudflare, GoDaddy) are set as the Azure Public DNS zone ones.", + "constraints": { + "allowedValues": [ + { + "label": "Yes, I use an Azure Public DNS zone to host my domain records.", + "value": "Yes" + }, + { + "label": "No, my domain and DNS records are hosted outside of Azure.", + "value": "No" + } + ], + "required": true + }, + "visible": true }, - "options": { - "hideExisting": false + { + "name": "DNSHostName", + "type": "Microsoft.Common.TextBox", + "label": "DNS Host Name", + "defaultValue": "", + "placeholder": "profiseemdm", + "toolTip": "This is the subdomain part of your domain. Ex. If you will access Profisee at https://profiseemdm.mydomain.com/profisee you need to enter profiseemdm in this field.", + "constraints": { + "required": true, + "regex": "", + "validationMessage": "" + }, + "visible": true }, - "visible": true - } - ], - "visible": true - }, - { - "name":"GetStorageAccessKeysRestApiResponse", - "type":"Microsoft.Solutions.ArmApiControl", - "request":{ - "method": "POST", - "path": "[concat(subscription().id,'/resourceGroups/',steps('storage').StorageAccountNameSection.StorageAccountName.resourceGroup,'/providers/Microsoft.Storage/storageAccounts/',steps('storage').StorageAccountNameSection.StorageAccountName.name,'/listKeys?api-version=2019-06-01')]", - "body": "" - } - }, - { - "name": "StorageAccountAccessKey", - "type": "Microsoft.Common.DropDown", - "label": "Access Keys", - "toolTip": "Pick which storage account access key to use.", - "constraints": { - "allowedValues": "[map(steps('storage').GetStorageAccessKeysRestApiResponse.keys, (item) => parse(concat('{\"label\":\"', item.keyName, '\",\"value\":\"', item.value, '\"}')))]", - "required": true - }, - "visible": "[equals(steps('storage').StorageAccountNameSection.StorageAccountName.newOrExisting, 'existing')]" - }, - { - "name":"GetStorageFileSharesRestApiResponse", - "type":"Microsoft.Solutions.ArmApiControl", - "request":{ - "method": "GET", - "path": "[concat(subscription().id,'/resourceGroups/',steps('storage').StorageAccountNameSection.StorageAccountName.resourceGroup,'/providers/Microsoft.Storage/storageAccounts/',steps('storage').StorageAccountNameSection.StorageAccountName.name,'/fileServices/default/shares?api-version=2019-06-01')]", - "body": "" - } - }, - { - "name": "StorageAccountFileShareName", - "type": "Microsoft.Common.DropDown", - "label": "File share", - "toolTip": "A file share must be created in the storage account.", - "constraints": { - "allowedValues": "[map(steps('storage').GetStorageFileSharesRestApiResponse.value, (item) => parse(concat('{\"label\":\"', item.name, '\",\"value\":\"', item.name, '\"}')))]", - "required": true - }, - "visible": "[equals(steps('storage').StorageAccountNameSection.StorageAccountName.newOrExisting, 'existing')]" - } - ] - }, - { - "name": "networking", - "label": "Networking", - "elements": [ - { - "name": "DNSUpdate", - "type": "Microsoft.Common.OptionsGroup", - "label": "Use default Azure DNS?", - "defaultValue": "Yes, use default Azure DNS and Let’s Encrypt for certificates (ex. https://[profisee].[region].cloudapp.azure.com/profisee)", - "toolTip": "Profisee will configure Let's Encrypt to generate and auto-renew a TLS certificate for use with Azure hosted DNS. Ex. profisee.eastus2.cloudapp.azure.com/{web app name}.", - "constraints": { - "allowedValues": [ { - "label": "Yes, use default Azure DNS and Let’s Encrypt for certificates (ex. https://[profisee].[region].cloudapp.azure.com/profisee)", - "value": "No" + "name": "DNSDomainName", + "type": "Microsoft.Common.TextBox", + "label": "DNS Domain Name", + "defaultValue": "", + "placeholder":"This value is CaSe SeNSitiVe! mydomain.com", + "toolTip": "This value is CaSe SeNSitiVe!", + "constraints": { + "required": true, + "regex": "", + "validationMessage": "" + }, + "visible": true }, { - "label": "No, I will provide my own DNS hostname and domain.", - "value": "Yes" + "name": "DNSDomainResourceGroup", + "type": "Microsoft.Common.TextBox", + "label": "DNS Zone Resource Group", + "defaultValue": "", + "placeholder": "This value is CaSe SeNSitiVe! mydnszoneresourcegroup", + "toolTip": "This value is CaSe SeNSitiVe! Please type the name of the Azure Resource group that contains your Azure DNS Zone. Check for case sensitivity by looking in Resource Groups in Azure vs which Resource Group the DNS zone itself belongs to.", + "constraints": { + "required": true, + "regex": "", + "validationMessage": "" + }, + "visible": "[equals(steps('networking').UserDefinedDNS.DNSUpdate2, 'Yes')]" } ], - "required": true - }, - "visible": true - }, - { - "name": "UserDefinedDNS", - "type": "Microsoft.Common.Section", - "label": "User Defined DNS", - "elements": [ - { - "name": "DNSUpdate2", - "type": "Microsoft.Common.OptionsGroup", - "label": "Are your domain DNS records hosted in an Azure Public DNS Zone?", - "defaultValue": "Yes, I use an Azure Public DNS zone to host my domain records.", - "toolTip": "You have an Azure DNS zone for your domain. The Name Servers of your domain at your domain registrar (ex. Google, Cloudflare, GoDaddy) are set as the Azure Public DNS zone ones.", - "constraints": { - "allowedValues": [ - { - "label": "Yes, I use an Azure Public DNS zone to host my domain records.", - "value": "Yes" - }, - { - "label": "No, my domain and DNS records are hosted outside of Azure.", - "value": "No" - } - ], - "required": true - }, - "visible": true - }, - { - "name": "DNSHostName", - "type": "Microsoft.Common.TextBox", - "label": "DNS Host Name", - "defaultValue": "", - "placeholder": "profiseemdm", - "toolTip": "This is the subdomain part of your domain. Ex. If you will access Profisee at https://profiseemdm.mydomain.com/profisee you need to enter profiseemdm in this field.", - "constraints": { - "required": true, - "regex": "", - "validationMessage": "" - }, - "visible": true - }, - { - "name": "DNSDomainName", - "type": "Microsoft.Common.TextBox", - "label": "DNS Domain Name", - "defaultValue": "", - "placeholder":"This value is CaSe SeNSitiVe! mydomain.com", - "toolTip": "This value is CaSe SeNSitiVe!", - "constraints": { - "required": true, - "regex": "", - "validationMessage": "" - }, - "visible": true + "visible": "[equals(steps('networking').DNSUpdate,'Yes')]" + }, + { + "name": "HttpsConfigure", + "type": "Microsoft.Common.OptionsGroup", + "label": "Use Let’s Encrypt?", + "defaultValue": "Yes, use Let’s Encrypt for certificates.", + "toolTip": "If yes, Profisee will configure Let's Encrypt to generate, use and auto-renew a free TLS certificate.", + "constraints": { + "allowedValues": [ + { + "label": "Yes, use Let’s Encrypt for certificates.", + "value": "No" + }, + { + "label": "No, I will provide my certificate.", + "value": "Yes" + } + ], + "required": true }, - { - "name": "DNSDomainResourceGroup", - "type": "Microsoft.Common.TextBox", - "label": "DNS Zone Resource Group", - "defaultValue": "", - "placeholder": "This value is CaSe SeNSitiVe! mydnszoneresourcegroup", - "toolTip": "This value is CaSe SeNSitiVe! Please type the name of the Azure Resource group that contains your Azure DNS Zone. Check for case sensitivity by looking in Resource Groups in Azure vs which Resource Group the DNS zone itself belongs to.", - "constraints": { - "required": true, - "regex": "", - "validationMessage": "" + "visible": "[equals(steps('networking').DNSUpdate,'Yes')]" + }, + { + "name": "UserDefinedHTTPS", + "type": "Microsoft.Common.Section", + "label": "User provided TLS certificate", + "elements": [ + { + "name": "HttpsCertificate", + "type": "Microsoft.Common.FileUpload", + "label": "TLS Certificate", + "toolTip": "Please provide a certificate in either txt or crt format.", + "constraints": { + "required": true, + "accept": ".txt,.crt" + }, + "options": { + "multiple": false, + "uploadMode": "file", + "openMode": "text", + "encoding": "UTF-8" + }, + "visible": "[equals(steps('profisee').UseKeyVault,'No')]" }, - "visible": "[equals(steps('networking').UserDefinedDNS.DNSUpdate2, 'Yes')]" - } - ], - "visible": "[equals(steps('networking').DNSUpdate,'Yes')]" - }, - { - "name": "HttpsConfigure", - "type": "Microsoft.Common.OptionsGroup", - "label": "Use Let’s Encrypt?", - "defaultValue": "Yes, use Let’s Encrypt for certificates.", - "toolTip": "If yes, Profisee will configure Let's Encrypt to generate, use and auto-renew a free TLS certificate.", - "constraints": { - "allowedValues": [ { - "label": "Yes, use Let’s Encrypt for certificates.", - "value": "No" + "name": "HttpsCertificateSecret", + "type": "Microsoft.Common.TextBox", + "label": "TLS Certificate", + "defaultValue": "", + "placeholder": "TLS Certificate name in KeyVault", + "toolTip": "Name of the certificate as stored in Key Vault. Ex. profisee-tls-certificate", + "constraints": { + "required": true, + "regex": "", + "validationMessage": "" + }, + "visible": "[equals(steps('profisee').UseKeyVault,'Yes')]" }, { - "label": "No, I will provide my certificate.", - "value": "Yes" + "name": "HttpsCertificatePrivateKey", + "type": "Microsoft.Common.FileUpload", + "label": "TLS Certificate Private Key", + "toolTip": "Please provide the certificate's private key in either .txt or .key format.", + "constraints": { + "required": true, + "accept": ".txt,.key" + }, + "options": { + "multiple": false, + "uploadMode": "file", + "openMode": "text", + "encoding": "UTF-8" + }, + "visible": "[equals(steps('profisee').UseKeyVault,'No')]" } ], - "required": true - }, - "visible": "[equals(steps('networking').DNSUpdate,'Yes')]" - }, - { - "name": "UserDefinedHTTPS", - "type": "Microsoft.Common.Section", - "label": "User provided TLS certificate", - "elements": [ - { - "name": "HttpsCertificate", - "type": "Microsoft.Common.FileUpload", - "label": "TLS Certificate", - "toolTip": "Please provide a certificate in either txt or crt format.", - "constraints": { - "required": true, - "accept": ".txt,.crt" - }, - "options": { - "multiple": false, - "uploadMode": "file", - "openMode": "text", - "encoding": "UTF-8" - }, - "visible": "[equals(steps('profisee').UseKeyVault,'No')]" - }, - { - "name": "HttpsCertificateSecret", - "type": "Microsoft.Common.TextBox", - "label": "TLS Certificate", - "defaultValue": "", - "placeholder": "TLS Certificate name in KeyVault", - "toolTip": "Name of the certificate as stored in Key Vault. Ex. profisee-tls-certificate", - "constraints": { - "required": true, - "regex": "", - "validationMessage": "" - }, - "visible": "[equals(steps('profisee').UseKeyVault,'Yes')]" - }, - { - "name": "HttpsCertificatePrivateKey", - "type": "Microsoft.Common.FileUpload", - "label": "TLS Certificate Private Key", - "toolTip": "Please provide the certificate's private key in either .txt or .key format.", - "constraints": { - "required": true, - "accept": ".txt,.key" - }, - "options": { - "multiple": false, - "uploadMode": "file", - "openMode": "text", - "encoding": "UTF-8" - }, - "visible": "[equals(steps('profisee').UseKeyVault,'No')]" - } - ], - "visible": "[equals(steps('networking').HttpsConfigure,'Yes')]" - } + "visible": "[equals(steps('networking').HttpsConfigure,'Yes')]" + } - ] + ] - } - ], - "outputs": { - "ManagedIdentityName": "[basics('ManagedIdentityName')]", + } + ], + "outputs": { + "ManagedIdentityName": "[basics('ManagedIdentityName')]", - "ProfiseeVersion": "[steps('profisee').ProfiseeVersion]", - "ProfiseeAdminUserAccount": "[steps('profisee').ProfiseeAdminUserAccount]", - "ProfiseeLicense": "[if(equals(steps('profisee').UseKeyVault, 'Yes'), steps('profisee').ProfiseeLicenseSecret, steps('profisee').ProfiseeLicense)]", - "ActiveDirectoryCreateApp": "[steps('profisee').ActiveDirectoryCreateApp]", - "ActiveDirectoryClientId": "[steps('profisee').UserSuppliedClientyId.ActiveDirectoryClientId]", + "ProfiseeVersion": "[steps('profisee').ProfiseeVersion]", + "ProfiseeAdminUserAccount": "[steps('profisee').ProfiseeAdminUserAccount]", + "ProfiseeLicense": "[if(equals(steps('profisee').UseKeyVault, 'Yes'), steps('profisee').ProfiseeLicenseSecret, steps('profisee').ProfiseeLicense)]", + "ActiveDirectoryCreateApp": "[steps('profisee').ActiveDirectoryCreateApp]", + "ActiveDirectoryClientId": "[steps('profisee').UserSuppliedClientyId.ActiveDirectoryClientId]", - "KubernetesClusterName": "[steps('kubernetes').KubernetesClusterName]", - "KubernetesVersion": "[steps('kubernetes').KubernetesVersion]", - "KubenetesInfrastructureResourceGroupName": "[steps('kubernetes').KubenetesInfrastructureResourceGroupName]", - "KubernetesLinuxNodeSize": "[steps('kubernetes').KubernetesLinuxNodeSizeSection.KubernetesLinuxNodeSize]", - "KubernetesLinuxNodeCount": "[steps('kubernetes').KubernetesLinuxNodeCount]", - "KubernetesWindowsNodeSize": "[steps('kubernetes').KubernetesWindowsNodeSizeSection.KubernetesWindowsNodeSize]", - "KubernetesWindowsNodeCount": "[steps('kubernetes').KubernetesWindowsNodeCount]", + "KubernetesClusterName": "[steps('kubernetes').KubernetesClusterName]", + "KubernetesVersion": "[steps('kubernetes').KubernetesVersion]", + "KubenetesInfrastructureResourceGroupName": "[steps('kubernetes').KubenetesInfrastructureResourceGroupName]", + "KubernetesLinuxNodeSize": "[steps('kubernetes').KubernetesLinuxNodeSizeSection.KubernetesLinuxNodeSize]", + "KubernetesLinuxNodeCount": "[steps('kubernetes').KubernetesLinuxNodeCount]", + "KubernetesWindowsNodeSize": "[steps('kubernetes').KubernetesWindowsNodeSizeSection.KubernetesWindowsNodeSize]", + "KubernetesWindowsNodeCount": "[steps('kubernetes').KubernetesWindowsNodeCount]", - "KubernetesVnetName": "[steps('kubernetes').KubernetesAdvanced.KubernetesVnetName.name]", - "KubernetesVnetResourceGroup": "[steps('kubernetes').KubernetesAdvanced.KubernetesVnetName.resourceGroup]", - "KubernetesSubnetName": "[steps('kubernetes').KubernetesAdvanced.KubernetesVnetName.subnets.subnet1.name]", + "KubernetesVnetName": "[steps('kubernetes').KubernetesAdvanced.KubernetesVnetName.name]", + "KubernetesVnetResourceGroup": "[steps('kubernetes').KubernetesAdvanced.KubernetesVnetName.resourceGroup]", + "KubernetesSubnetName": "[steps('kubernetes').KubernetesAdvanced.KubernetesVnetName.subnets.subnet1.name]", - "KubernetesServiceCidr": "[steps('kubernetes').KubernetesAdvanced.KubernetesServiceCidr]", - "KubernetesDNSServiceIP": "[steps('kubernetes').KubernetesAdvanced.KubernetesDNSServiceIP]", - "KubernetesDockerBridgeCidr": "[steps('kubernetes').KubernetesAdvanced.KubernetesDockerBridgeCidr]", + "KubernetesServiceCidr": "[steps('kubernetes').KubernetesAdvanced.KubernetesServiceCidr]", + "KubernetesDNSServiceIP": "[steps('kubernetes').KubernetesAdvanced.KubernetesDNSServiceIP]", + "KubernetesDockerBridgeCidr": "[steps('kubernetes').KubernetesAdvanced.KubernetesDockerBridgeCidr]", - "SQLServerCreateNew": "[steps('sql').SQLServerCreateNew]", - "SQLServerName": "[if(equals(steps('sql').SQLServerCreateNew, 'Yes'), steps('sql').SQLServerName, steps('sql').SQLServerNameExisting.name)]", - "SQLServerUser": "[if(equals(steps('profisee').UseKeyVault, 'Yes'), steps('sql').SQLServerUserSecret, steps('sql').SQLServerUser)]", - "SQLServerPassword": "[if(equals(steps('profisee').UseKeyVault, 'Yes'), steps('sql').SQLServerPasswordSecret, steps('sql').SQLServerPassword)]", - "SQLServerDatabaseName": "[steps('sql').SQLServerDatabaseName]", - "StorageAccountCreateNew": "[if(equals(steps('storage').StorageAccountNameSection.StorageAccountName.newOrExisting, 'new'), 'Yes', 'No')]", - "StorageAccountName": "[steps('storage').StorageAccountNameSection.StorageAccountName.name]", - "StorageAccountResourceGroupName": "[coalesce(steps('storage').StorageAccountNameSection.StorageAccountName.resourceGroup,resourceGroup().name)]", - "StorageAccountAccessKey": "[steps('storage').StorageAccountAccessKey]", - "StorageAccountType": "[steps('storage').StorageAccountNameSection.StorageAccountName.type]", - "StorageAccountFileShareName": "files", + "SQLServerCreateNew": "[steps('sql').SQLServerCreateNew]", + "SQLServerName": "[if(equals(steps('sql').SQLServerCreateNew, 'Yes'), steps('sql').SQLServerName, steps('sql').SQLServerNameExisting.name)]", + "SQLServerUser": "[if(equals(steps('profisee').UseKeyVault, 'Yes'), steps('sql').SQLServerUserSecret, steps('sql').SQLServerUser)]", + "SQLServerPassword": "[if(equals(steps('profisee').UseKeyVault, 'Yes'), steps('sql').SQLServerPasswordSecret, steps('sql').SQLServerPassword)]", + "SQLServerDatabaseName": "[steps('sql').SQLServerDatabaseName]", + "StorageAccountCreateNew": "[if(equals(steps('storage').StorageAccountNameSection.StorageAccountName.newOrExisting, 'new'), 'Yes', 'No')]", + "StorageAccountName": "[steps('storage').StorageAccountNameSection.StorageAccountName.name]", + "StorageAccountResourceGroupName": "[coalesce(steps('storage').StorageAccountNameSection.StorageAccountName.resourceGroup,resourceGroup().name)]", + "StorageAccountAccessKey": "[steps('storage').StorageAccountAccessKey]", + "StorageAccountType": "[steps('storage').StorageAccountNameSection.StorageAccountName.type]", + "StorageAccountFileShareName": "files", - "DNSUpdate": "[if(equals(steps('networking').DNSUpdate, 'No'), 'No', steps('networking').UserDefinedDNS.DNSUpdate2)]", - "DNSHostName": "[steps('networking').UserDefinedDNS.DNSHostName]", - "DNSDomainName": "[steps('networking').UserDefinedDNS.DNSDomainName]", - "DNSDomainResourceGroup": "[steps('networking').UserDefinedDNS.DNSDomainResourceGroup]", - "HttpsConfigure": "[coalesce(steps('networking').HttpsConfigure,'No')]", - "UseLetsEncrypt": "[if(equals(coalesce(steps('networking').HttpsConfigure,'No'),'No'),'Yes','No')]", - "HttpsCertificate": "[if(equals(steps('profisee').UseKeyVault, 'Yes'), steps('networking').UserDefinedHTTPS.HttpsCertificateSecret, steps('networking').UserDefinedHTTPS.HttpsCertificate)]", + "DNSUpdate": "[if(equals(steps('networking').DNSUpdate, 'No'), 'No', steps('networking').UserDefinedDNS.DNSUpdate2)]", + "DNSHostName": "[steps('networking').UserDefinedDNS.DNSHostName]", + "DNSDomainName": "[steps('networking').UserDefinedDNS.DNSDomainName]", + "DNSDomainResourceGroup": "[steps('networking').UserDefinedDNS.DNSDomainResourceGroup]", + "HttpsConfigure": "[coalesce(steps('networking').HttpsConfigure,'No')]", + "UseLetsEncrypt": "[if(equals(coalesce(steps('networking').HttpsConfigure,'No'),'No'),'Yes','No')]", + "HttpsCertificate": "[if(equals(steps('profisee').UseKeyVault, 'Yes'), steps('networking').UserDefinedHTTPS.HttpsCertificateSecret, steps('networking').UserDefinedHTTPS.HttpsCertificate)]", - "HttpsCertificatePrivateKey": "[steps('networking').UserDefinedHTTPS.HttpsCertificatePrivateKey]", - "UseKeyVault":"[steps('profisee').UseKeyVault]", - "KeyVault":"[steps('profisee').KeyVault.id]", - "UsePurview":"[steps('profisee').UsePurview]", - "PurviewUrl":"[steps('profisee').GetPurviewUrlRestApiResponse.properties.endpoints.catalog]", - "PurviewClientId":"[steps('profisee').PurviewClientID]", - "PurviewCollectionFriendlyName":"[steps('profisee').PurviewCollectionFriendlyName]", - "PurviewClientSecret":"[steps('profisee').PurviewClientSecret]", - "PurviewAccountResourceGroup":"[last(take(split(steps('profisee').PurviewAccountName.id, '/'), 5))]", - "ProfiseeWebAppName":"[steps('profisee').ProfiseeWebAppName]" + "HttpsCertificatePrivateKey": "[steps('networking').UserDefinedHTTPS.HttpsCertificatePrivateKey]", + "UseKeyVault":"[steps('profisee').UseKeyVault]", + "KeyVault":"[steps('profisee').KeyVault.id]", + "UsePurview":"[steps('profisee').UsePurview]", + "PurviewUrl":"[steps('profisee').GetPurviewUrlRestApiResponse.properties.endpoints.catalog]", + "PurviewClientId":"[steps('profisee').PurviewClientID]", + "PurviewClientSecret":"[steps('profisee').PurviewClientSecret]", + "PurviewAccountResourceGroup":"[last(take(split(steps('profisee').PurviewAccountName.id, '/'), 5))]", + "ProfiseeWebAppName":"[steps('profisee').ProfiseeWebAppName]" + } } } -} diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index 85d525cf..1a45ce0f 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -158,12 +158,12 @@ if [ "$USEKEYVAULT" = "Yes" ]; then echo $"AKS Managed Identity configuration for Key Vault access started." echo $"AKS AgentPool Managed Identity configuration for Key Vault access step 1 started." - echo "Running az role assignment create --role "Managed Identity Operator" --assignee $KUBERNETESCLIENTID --scope /subscriptions/$SUBSCRIPTIONID/resourcegroups/$RESOURCEGROUPNAME" - az role assignment create --role "Managed Identity Operator" --assignee $KUBERNETESCLIENTID --scope /subscriptions/$SUBSCRIPTIONID/resourcegroups/$RESOURCEGROUPNAME - echo "Running az role assignment create --role "Managed Identity Operator" --assignee $KUBERNETESCLIENTID --scope /subscriptions/$SUBSCRIPTIONID/resourcegroups/$AKSINFRARESOURCEGROUPNAME" - az role assignment create --role "Managed Identity Operator" --assignee $KUBERNETESCLIENTID --scope /subscriptions/$SUBSCRIPTIONID/resourcegroups/$AKSINFRARESOURCEGROUPNAME - echo "Running az role assignment create --role "Virtual Machine Contributor" --assignee $KUBERNETESCLIENTID --scope /subscriptions/$SUBSCRIPTIONID/resourcegroups/$AKSINFRARESOURCEGROUPNAME" - az role assignment create --role "Virtual Machine Contributor" --assignee $KUBERNETESCLIENTID --scope /subscriptions/$SUBSCRIPTIONID/resourcegroups/$AKSINFRARESOURCEGROUPNAME + echo "Running az role assignment create --role "Managed Identity Operator" --assignee-object-id $KUBERNETESOBJECTID --assignee-principal-type ServicePrincipal --scope /subscriptions/$SUBSCRIPTIONID/resourcegroups/$RESOURCEGROUPNAME" + az role assignment create --role "Managed Identity Operator" --assignee-object-id $KUBERNETESOBJECTID --assignee-principal-type ServicePrincipal --scope /subscriptions/$SUBSCRIPTIONID/resourcegroups/$RESOURCEGROUPNAME + echo "Running az role assignment create --role "Managed Identity Operator" --assignee-object-id $KUBERNETESOBJECTID --assignee-principal-type ServicePrincipal --scope /subscriptions/$SUBSCRIPTIONID/resourcegroups/$AKSINFRARESOURCEGROUPNAME" + az role assignment create --role "Managed Identity Operator" --assignee-object-id $KUBERNETESOBJECTID --assignee-principal-type ServicePrincipal --scope /subscriptions/$SUBSCRIPTIONID/resourcegroups/$AKSINFRARESOURCEGROUPNAME + echo "Running az role assignment create --role "Virtual Machine Contributor" --assignee-object-id $KUBERNETESOBJECTID --assignee-principal-type ServicePrincipal --scope /subscriptions/$SUBSCRIPTIONID/resourcegroups/$AKSINFRARESOURCEGROUPNAME" + az role assignment create --role "Virtual Machine Contributor" --assignee-object-id $KUBERNETESOBJECTID --assignee-principal-type ServicePrincipal --scope /subscriptions/$SUBSCRIPTIONID/resourcegroups/$AKSINFRARESOURCEGROUPNAME echo $"AKS AgentPool Managed Identity configuration for Key Vault access step 1 finished." #Create Azure AD Managed Identity specifically for Key Vault, get its ClientiId and PrincipalId so we can assign to it the Reader role in steps 3a, 3b and 3c to. @@ -172,7 +172,7 @@ if [ "$USEKEYVAULT" = "Yes" ]; then akskvidentityClientId=$(az identity create -g $AKSINFRARESOURCEGROUPNAME -n $identityName --query 'clientId' -o tsv); akskvidentityClientResourceId=$(az identity show -g $AKSINFRARESOURCEGROUPNAME -n $identityName --query 'id' -o tsv) principalId=$(az identity show -g $AKSINFRARESOURCEGROUPNAME -n $identityName --query 'principalId' -o tsv) - echo $"Key VAult Specific Managed Identity configuration for Key Vault access step 2 finished." + echo $"Key VAult Specific Managed Identity configuration for Key Vault access step 2 finished." echo $"Key Vault Specific Managed Identity configuration for KV access step 3 started." echo "Sleeping for 60 seconds to wait for MI to be ready" @@ -243,7 +243,7 @@ if [ "$USELETSENCRYPT" = "Yes" ]; then helm install -n profisee nginx ingress-nginx/ingress-nginx --values nginxSettings.yaml --set controller.service.loadBalancerIP=$nginxip --set controller.service.appProtocol=false --set controller.service.annotations."service\.beta\.kubernetes\.io/azure-dns-label-name"=$DNSHOSTNAME; else echo $"Install nginx without integration with Let's Encrypt's automatic certificate provisioning and renewal, also do not set the DNS FQDN to the load balancer's ingress public IP address." - helm install -n profisee nginx ingress-nginx/ingress-nginx --values nginxSettings.yaml --set controller.service.loadBalancerIP=$nginxip --set controller.service.appProtocol=false + helm install -n profisee nginx ingress-nginx/ingress-nginx --values nginxSettings.yaml --set controller.service.loadBalancerIP=$nginxip --set controller.service.appProtocol=false fi echo $"Installation of nginx finished, sleeping for 30 seconds to wait for the load balancer's public IP to become available."; @@ -386,21 +386,6 @@ if [ "$SQLSERVERCREATENEW" = "Yes" ]; then echo "Addition of the SQL firewall rule finished."; fi -#Acquire the collection id from the collection name -if [ "$USEPURVIEW" = "Yes" ]; then - echo "Obtain collection id from provided collection friendly name started."; - echo "Grab a token." - purviewtoken=$(curl --location --no-progress-meter --request GET "https://login.microsoftonline.com/$TENANTID/oauth2/token" --header 'Content-Type: application/x-www-form-urlencoded' --data-urlencode "client_id=$PURVIEWCLIENTID" --data-urlencode "client_secret=$PURVIEWCLIENTSECRET" --data-urlencode 'grant_type=client_credentials' --data-urlencode 'resource=https://purview.azure.net' | jq --raw-output '.access_token'); - echo "Token acquired." - echo "Find collection Id."; - echo $"Stripping /catalog from $PURVIEWURL." - PURVIEWACCOUNTFQDN=${PURVIEWURL::-8} - echo $"Purview account name is $PURVIEWACCOUNTFQDN. Using it." - COLLECTIONTRUEID=$(curl --location --no-progress-meter --request GET "$PURVIEWACCOUNTFQDN/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="'$PURVIEWCOLLECTIONID'") | .name') - echo $"Collection id is $COLLECTIONTRUEID, using that."; - echo "Obtain collection id from provided collection friendly name completed."; -fi - echo "The variables will now be set in the Settings.yaml file" #Setting storage related variables FILEREPOUSERNAME="Azure\\\\\\\\${STORAGEACCOUNTNAME}" @@ -437,7 +422,6 @@ sed -i -e 's/$ACRREPONAME/'"$ACRREPONAME"'/g' Settings.yaml sed -i -e 's/$ACRREPOLABEL/'"$ACRREPOLABEL"'/g' Settings.yaml sed -i -e 's~$PURVIEWURL~'"$PURVIEWURL"'~g' Settings.yaml sed -i -e 's/$PURVIEWTENANTID/'"$TENANTID"'/g' Settings.yaml -sed -i -e 's/$PURVIEWCOLLECTIONID/'"$COLLECTIONTRUEID"'/g' Settings.yaml sed -i -e 's/$PURVIEWCLIENTID/'"$PURVIEWCLIENTID"'/g' Settings.yaml sed -i -e 's/$PURVIEWCLIENTSECRET/'"$PURVIEWCLIENTSECRET"'/g' Settings.yaml sed -i -e 's/$WEBAPPNAME/'"$WEBAPPNAME"'/g' Settings.yaml @@ -511,7 +495,7 @@ else helm -n profisee install profiseeplatform profisee/profisee-platform --values Settings.yaml fi - + kubectl delete secret profisee-deploymentlog -n profisee --ignore-not-found kubectl create secret generic profisee-deploymentlog -n profisee --from-file=$logfile diff --git a/Azure-ARM/prereqcheck.sh b/Azure-ARM/prereqcheck.sh index fcd66871..4734e8a1 100644 --- a/Azure-ARM/prereqcheck.sh +++ b/Azure-ARM/prereqcheck.sh @@ -38,10 +38,7 @@ echo $"USEKEYVAULT is $USEKEYVAULT" echo $"KEYVAULT is $KEYVAULT" echo $"USEPURVIEW is $USEPURVIEW" echo $"PURVIEWURL is $PURVIEWURL" -echo $"PURVIEWCOLLECTIONID is $PURVIEWCOLLECTIONID" echo $"PURVIEWCLIENTID is $PURVIEWCLIENTID" -echo $"PURVIEWCLIENTSECRET is $PURVIEWCLIENTSECRET" -echo $"TENANTID is $TENANTID" IFS='/' read -r -a miparts <<< "$AZ_SCRIPTS_USER_ASSIGNED_IDENTITY" #splits the mi on slashes mirg=${miparts[4]} @@ -133,20 +130,6 @@ if [ "$USEPURVIEW" = "Yes" ]; then if [[ $purviewClientPermissions != *"98830695-27a2-44f7-8c18-0c3ebc9698f6"* ]]; then echo "The Purview Azure AD application registration is missing the Microsoft Graph API GroupMember.Read.All application permission. Some governance features will not function until this permission is granted. This permission requires an Azure AD Global Admin consent. Please visit https://support.profisee.com/wikis/2022_r1_support/prerequisites_for_integrating_with_purview for more information." fi - #Check if the provided Purview Collection name exists. - #Acquire token - echo "Checking if provided Purview collection friendly name exists." - purviewtoken=$(curl --location --no-progress-meter --request GET "https://login.microsoftonline.com/$TENANTID/oauth2/token" --header 'Content-Type: application/x-www-form-urlencoded' --data-urlencode "client_id=$PURVIEWCLIENTID" --data-urlencode "client_secret=$PURVIEWCLIENTSECRET" --data-urlencode 'grant_type=client_credentials' --data-urlencode 'resource=https://purview.azure.net' | jq --raw-output '.access_token'); - #Strip /catalog from end of Purview URL - PURVIEWACCOUNTFQDN=${PURVIEWURL::-8} - collectionnamenotfound=$(curl --location --no-progress-meter --request GET "$PURVIEWACCOUNTFQDN/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="'$PURVIEWCOLLECTIONID'") | .name'); - if [ -z "$collectionnamenotfound" ]; then - err=$"The "$PURVIEWCOLLECTIONID" collection name provided could NOT be found. Exiting with error." - echo $err - set_resultAndReturn; - else - echo $"The "$PURVIEWCOLLECTIONID" collection name provided was found. Continuing checks." - fi fi #If using Key Vault, checks to make sure that the Deployment Managed Identity has been assigned the Managed Identity Contributor role AND User Access Administrator as Subscription level. diff --git a/index.yaml b/index.yaml index 705e5015..e463b6dc 100644 --- a/index.yaml +++ b/index.yaml @@ -9,6 +9,6 @@ entries: name: profisee-platform type: application urls: - - https://profiseeadmin.github.io/kubernetes/profisee-platform-0.1.24.tgz - version: 0.1.24 -generated: "2022-06-30T00:00:00.0-05:00" + - https://profiseeadmin.github.io/kubernetes/profisee-platform-0.1.25.tgz + version: 0.1.25 +generated: "2022-11-07T00:00:00.0-05:00" diff --git a/profisee-platform-0.1.25.tgz b/profisee-platform-0.1.25.tgz new file mode 100644 index 0000000000000000000000000000000000000000..35bab4bca6edacbef186182b3e153cf5444a3d13 GIT binary patch literal 5517 zcmV;86>{nyiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PKBzZ{xO;@cwPU-+_;_z_vvt%P&a^6~E`sb-Zn`*=#OOw)Z;} zC}@eX*~p}pr0k@-xzB!}BudnaB|CAPZtGcKlZfPSNO6WU!{Nwh^agW;4Bvy|hO&8k zID<@>_i*mL+7einWgYeV;ZMu5@;|L^uluUg@AbMp%Q`;nys|p|qi**Vu(m}&6$D&B z_R4y4U-`j(B>;W=5iyP_vB9F-fWDvn*)cmurqyr}cNq3X_-p`vLEaoVa*co+%D_du ze!xY%egGxlT`)n6Ac1&;z&Wx(VU;z+y^m}Fec!_ll(-uU)vslC%LGg_`lB12k%F%=&1_@ zoIsAw)6$clwDN!>rj=cfN0(Zu4>?~_=4z!EgYo#+50@vcW7MU|jC$7J9*G$2AEADp~DJs%8*AFj`@wEl0fhc1y% zITn=N#~p<2qo#`Tx2I>L%hAP$B8L1JRn6Q$^Mh5@w9%?+9-UHh6-vR@Ia&@GauE?2 zdOTAp5{{WJFVD0Za%kfjWJsrM{LA2Sq>+X01Y!hwCxl-!&jzjHbJcwG-&b-(XD8=l z4Z#vk2EHHHQA+~(9=$&$Q-(Od3_N55!2%Q&VtxVPSbsvX>u56{FSEg)0YhNm2)sbx z1T*BwH>8aZ24Y4T7Wb0452q)??C>2ABO*@2$sV4aj?S-6PYT6j0 zke<3vM;Sf4!H8vEJ>%iheH#8LULcaA+k@M{%mbFgi{=n}Tbp6W3%Ee+oVsWjNq|nX zp*@V3n}_FE@MP^deqe)+Wm)RM9L=Rv039oqDhz!J5HB<-*0-$pYGlm@p2Ml?lA$T) zLRM-i>1IN?)E#DG+ESGgi6lkW@KSQO#&iNswSu$3Pb0PRB~#eoOFFNg(_aAqEm_W6 zcJ`?(C?lp=P1aQG(6U1cq?~JgUsh3xySQQ^=}Iey??0|NdOtWlE3YQ$k82ICuYPIe z>pWy0Xn#F48y)&0!$Ea7=i-1023f)2*6to z2z3!)h|_>M2uv9bd;p0HW^f^&Ll-gNdlWnOZ@AR$Z_)iicBH=oO$uk;l|m~^(&s!B z$K2Ly@=xA%y1lk?MHlIonkkAW9p6YBqR=p23E9V_(1RlKXF2q25f3Jb?UNs!Km-=Y z97~^}HX-03njY)|dXr3hT=7S6Nj=1YdO?tLJSE5lQ~)e~1dMtJ2nyy96L9&n4O;IZ zfm7sy)A;Rz4?bd0P}YiSb6GunsWsKV2d$5oi2!=wJ#=Q6ATXpvFgyulv9{!59H+^8 z%B;M3uC!{d%NB|sumwg-yL4(_5B}%+a&$F1AC&Iw+t~Oq;Q|sTQJ^laFF&4+emy-O zUk%QOqnvgpmEcH+QWbw1j7OVoK@MD;EKo##0AHjTN(i z<`Zn?qWve(T>g%DJCsREiWs*GBiTMSGY;$gKmDV_to_&R9(RuS_TMhx^JfF#8(@Bn ztp0FIinIe$+iZaG@X&1Nz9I-+pSo&sn72Q06Vvvh(`?*g;@Tio?3GMtHs(k`X+zo> zBNN{8+l9i>YBso!l#LMihb*Nj#rw#K4L*M^qg8ExWIKBw{6E3O#bo*zHK2C?w~llC-|zO1_WZvK*vbC?Q?zzg@PF8w;ZxU0_L_-m zpfNktF_tI~k!k6L9>gl7hN|>+GVGRNWBz}H8c@IgcMAO9v-bSI3)toUUo8eUQUlhJ z5F6?hS^2SH-NY2Uu7^K8m{iF!=*Hu?M+g0Es;x6KiJu z#WB|#G1BvFq>AvkfuqAs-PpKILR;ieg~!wLapmJS01fFouMlhNkp?2iz72%OWs_&c z?=Yd}Gm>N#lfyrGhC2AsXXk?tKdIA-Cr^py_|Ma;qK?LCl^SZ*dDe4Mt4=T~s8v-e zsEv;;o{i8Lf1b!hru!atLhgeM&XGWjrx6(!R67M|2^OF<{^R5O!Z|@JbX;p8B7^vN zLsePB7neIxNyt{`P-~4nv&qv~dVur<6*30(lZz({l?V*|j23K_ZBu+v3`x|WSegiI z{TL?84RFMUrM35>R5r;~p*aoc$2vFOE|2Z%k^`M-w!e|*@>`~Q2L!@d5$ z3&`zsxmZjy8-)q-R)B+;Fe0OvWmW%Sw02IzwNt9}dq{8;;nj40=p+%KJdR793E^|Q z-Ihhh!s?pP$EMagj2LrO>|oS33^cL<4}708@t?`sb?7{*;4{2{LK--ck#dP{lKsDg zzK|a3EmCdB2>G zbdNV z)b##{*Hk*WNx=UGvm3W5e}^L#zkfasW71aR&E5bg$M&lhPQLOu9hMa#UQ;tP=hDA zXs}`>OKfRaXALqH7O=s3P4TO!#kKl~DzCpXWjEK^s}42&WG+Ump6P4-s>2#6RxwpZ;$R8h|sbZRY#x0ac*QT!=aH?Jd=%1WV5x)iPfnZi0Bpw%1@y> zf6bie=8tc`+E9ppBvkGHu|MmH-k*B^k9FM5@Bh}}KK^SbP~-nCT=FisfC&;y%5E{4 z7NfsTRs2MiN}vTrUE*en!7m$0f%#p~{duril;sjOb*q zIsKX= zw!lvQOsU|t4=ZKs_>>776b_z(`9v;}AFS*-{Qe~V?*Uc%pIkNEhYot)^FOQ8&)@&+ z^m?7W{!w<`1-XkYr6dUpfr=;4tD=Z!@Qozik(p9|B z!5E&(fiGZk)JMeG>mA#NHTeGqdnnCSmBjt8F9quOzn9Pd+U*@5?eG8Z1lHkyb^V}< z&sQuGjoY6wFe8x=;0yRG9IAdrusQ#$cz`YPe>Z>r+dJ;>_y3*1Gx2|V-D++Ae`H8l z3Gcu3oPJHPCjavpWY2Z}V;vUbe=TdD|7#~u5&w~9peu%dJXKVL>q!$1(N%Ln8Jwax zDRVw6K#e@mQaPt0A@ZY^AP=uRK0(j;s_*>kum=BQf<<(h>yZMW*8V>(#D8`7`~PlW zTTGoU68$cKPq~mKrq4SWek&x~jak)asI-1QYw!Lp;Fe$w{*P~~KK_dkwfeu6xBspF z-u~YW#QQ&?V)Gc#r^t&W%RwqD^aKPt^XD>p?{5Te6V~8=ie1N0IjkQe1#0*Ig8#pB zc({-M-U)1rpEHZ3#Oi<4^_jh2@7ZBp{*Qitp7a0iaX$Z7r`zA(|KAC0mH$=Nk_zsB z#O1cV6nI8hlmAsJwnu#zu9p8h`TW0~s0kNQNiLUxPLo=T0rN`Lf qnv7!# zVUlocEv#jhOc~ZnLuLimqK32@bA^Jmri)|^{@0UzKF9rUtJlxx|Lz>_zyGltcq#v1 zHiK+I60Ds%=P7G{4{P)P=0QIiJc9rGhx_yYoxn@-e?^ec+UdCV{Qopqga5UAdC%kj z>mL{RzqhylcLSU9e@XqCOQ>s$jgr**RT3m~T{Ni_XR_CYMw~-C9~Bhm)X&v?hwfKJ z`TQ;AN;Ut7*F>K?|AW=*732SUd;kAVU=?G=7lbRf@bngOeEBcFJ)F7vr+?3bGNEpC zN4JfCh!Y?Aj0);d&jwe+i;|>J1)S>32rA8R*vL_T*x;NJ^ta*B=Y&fB7f_&^!1Fi~ zPZ0vu{NL$z3h}?)PG@ib?*uAxx{c%4KStF_-82DE&HtNbdW+hGLMH!3msIqm8Q@kQ zDaL}~oVsX810rGtpe9*dag?AogF8peCCR+8 z&9ro7De0C`)@86N(V0qfCa2nn3bkApjQ)WffpR%5!tYUJlaZ;9=M*!gSA0!pv!=Nt ztt|POc-Mr`BHq$WCt72$A|c5NN4%bBBqBtMrdNIDGsLO!7daFI0X+6tz0i9nJ+^~t9f{V2;%ZhPO{4i-4#CYP@X9>(vz2n@fq^G zV%h&U^3MRkH{X2oGZIFu!6&oyttq$jfCGad@MbKi?<4okx1Sjj0V72`)&uf5`YdLQ zF2Nh+mQ&j?z#O=AN#10Zixg`ZdMC((_u3|6>2(C2BN~XL_%O3lSM5J56MI(fCYd~* z!zkgnUb-q1W~GeJBP~?eRFGG4cBVJS{_SnCN?FdR&1B@xD5w%|&p`wti?@ulvA>r z-f`g@d|RZs_<_Gliu1HQev>K2+H8M>NrX@3=*lQqL8Xe~d0|qEWUQd~`4;>}^wzKT zlE|aK1kGjZJ-@rF4^?I@RS(Z`A@{rE2U+_k@duevebe!StnCB99L*`auW1)m$~I-_ zQ-Js;M5q>A zww1QA?)>lYD0lzAb7=MU@jp9(18@O_K#Xu8D2QG=Sk4dulK^`zCR5-;=N3*8H=B(E za5ckReO8l$&@lm~9-Tzqd`za_1BN^(@B)RIi?!#FxDo?F)6nA#zVX9+#>fRrEN0;U zeQN?~jRQ);rjjV&BL+N7klAdQC*$8kADu)pr1Lo?;Nx%%T+Dd0VNS7VM?a!LG#lpR zPu7lpB#&m(cKCntfG~*Q)@+2$;spmxV7S0Ee`_|HjRQiLF`BR!T+-aQGvz-?fS_QC z#VnWrj)fEu@u;GvF1m|GMu}ccwwl2O0vyf}SVX6wYOs(4F~j_?#jJbS!yfjqMfkq} P00960-HaQ^0ImQ4)8X`; literal 0 HcmV?d00001 From ac99183402ad21e0368663a08dea30c39144bf58 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Fri, 11 Nov 2022 11:19:46 -0500 Subject: [PATCH 113/141] Delete profisee-platform-0.1.24.tgz --- profisee-platform-0.1.24.tgz | Bin 5565 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 profisee-platform-0.1.24.tgz diff --git a/profisee-platform-0.1.24.tgz b/profisee-platform-0.1.24.tgz deleted file mode 100644 index c2dd41f2e979cda74943dfd8384b61543b90e646..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 5565 zcmV;u6+-GCiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PH>eZ{xO-`?CT64?JgqZ6BUx`6Ef8;@w^9c-vsJNiNQA?*Ro0 zTAJ8wWKl~}_NLq1-+rJZO4NrXJ8_(D>servh{NIVV}|5#IP@94B^;pbyI9;(Ht!5) zmtqY&gJeMtl)|J3&8zJ4d!0Bj}bgbQO;u zbQO;uL_PE_m;m!Y0B?AB4i+kmvWB?#!9v*gU1DQNyRlH^nnu^?4H_@qGJg*!%Krkp z0q|`qfExKfJRWp&@_*Ph_wv6J;Gf(vumvy+H5&*a6bWqW_4t3zFHYW%TG3Yr3p~Lb zF4EM~AGGv<1Jlwzj7Qg6s*gEeQs!u>S104~&zIMyt!6_F!Rx@gA#<=2isvBs$g|nK zFD&%>!+3N)x*3lyhS&eTx`~jmGbi4OZPUOLlK9E#`?HIa;qdaq#f?_}Epg!*e9DQS z>^?3a%pYY{oWDIgA6<{GE{hcMbyS$Sismb;(6rhrG?z}PcN1#C)&(qw3>@$T!7k4r zManT#%avI2^K(HDj&9;8Os+kfn%kn(tN3nhi3?Q&l8`Dd9pQwUl-< zupH_(GYD-dq(mc0)iu19(ya-dz*8;Z{N#s`8u?NvEc8d(u3yq$5kf7Q&RbUYt4t_k zridmnl{mDlkOQgbTK_CVRO&89Of+37a@hYd=IH&&*?BpdEFE<)S=gc=`Uy z4fwB9Tg{X$v(;=!g_f2Qcg7br8e(pQ%ZI>3lK%SUd^{Xo--Ide;69V^ZuD=N)plv% z!~-epr(_%we#Pj5IFg4{vxaKs9o&D!fh#O@i(Q_i+^NrL8!3UZ(7`<50!;wf46pzP z5f6zOAbiJ>M;$;6I1QK$Xv%2dBkVb7h8OZXc7P$@rNq8}!{w6y4(=DSAiZZa<(%n4 zMOLPy-+8E|xus+BPwt0w)@|jIuF{z{lN2{Pxs_XsLdJN2WIua_5)_j^%Bp9RcrZz} zMETkY@Nlutu~Hgp4T27$<{=KEw@I_dh~J}Y>HVbo(Ktz0x75LjBJP5b)l!}Z6r(a$%di<8`xAA}1Wg^*h~+2*j${xdi_%Gh|SVgq0kiJfV-7;(}|BqM()X)Fjg8UE6z5MS2b~*o7 ztAUM{0qbap4c8S}{jp)@uU3=P%70{*^J9a9?PAV1RRA^eKj^;m`A{ypF~xN)5N_JnK2R zRYw&S+$xj`ZsYTbXJa&`pJy`B>Ap+sQ2H>#a}dCI>XC6pHFJMUumDp3kB{#Q2Li3o zI<2{goW$oC3S|vjT<+*3VOt$ItyTBTBu``QfzlIH%ox^>D4wiTB53Ppv}mhho6?JX zNTLkI)I?$H=Pg+o-xjas67VEOx58A35_w^!iX!+VhE(Fnv#DGZTc|a`9F7L9tYs`d z%B*2BgPpF7b7!7)HO-(WRMI27n*0hex45o7&f3FUYIDq3$THScC;yG*`@z58arp<*ePA~yC673bhR}Byw^!t5E?Cx(_g^cZuL?_iWSbTqOM4}708@!!eVwdp)U@EKWPAvZYD zCgmD#lli}dzmOm5F4EOdJLJpk>Yg>xcEQT}z+lcT5*88lMx zr~_kVoG7|XwX)k1%3Bt4i5GmXwMvNtO)Qh9%?;?M!{kV^zG?6%{DU6E$$ zqE<#zZK3OFDv~D|hxe3bUT^D;@#PJ4A_TT)bMQp!8GoL*o3Eyv^`$qIhkCY z+PS8bM>PJblFNFeru0X2Q)%NS4*wgpZk(sQ4@b&>|6&~a^{=Lzy#Y{8?Ptx&e>J7_ zD!__yUm%%MnL|SxL~0-w)Kk?;$J9nY~wdhy*F7hm&CE_SPAp4 z)*_O`NqT*thE8(PV8uw5)KdS=8e+;VV1x0R(pSEOYn2fpuRk(nF(0y59cs$ST#Q)V z(jWAz4r`E%aaR+3o4ejnLo<6DVl~-wyb0CJMTpfzN7}uH8j9%^h%C9Hmw8GkpO)r) z^88=5{)=w-NG;Y@*0x720BhENy>5SyU;iC-_v^o%z@z;?e4lIEz0+iz~;mY7fL@eY{L~WLY*<#)N{Cnj*`1b75luEd%WZhg-tzyiI?tCqkZbiE=Xxd zcbAYu?Yn3r?~)0_?7o9tpLk$}`kJt0jLMQGL-*c4N`_lOwdrqz%ZPb|% zufu2g&#kuIDtuechzp3j06yv;ndbM%p~#Z|d(euo^gN5u{r$aM_VPlxQA1=-F5AR& zi3j-|^;{CT!eVBjR%h;sP9{^~J`w}$Tzc+(_Eru9saiy~fmC9|Xjw_AtC_<{ zIAIjeWTO+=EOt4wI#(wmy6yq_CRFFInG@ao@$FaZ3h}pus`)>*XFbvSQ*Zwm7{ zDiK2k)zN~Dw5M3W6352kkdC49WGVTKe!g!{sB_=uML$SRJ*!G%uw+C)TS(r8g*vah zX%YGv{aOW=9M^HYZjdUhwdjZXb6>piYm z;DTPc@!Ba4w$RYBbnLUT! zpTz$)plbamM-BI}4bOZ2XLbkq`+wd3pu1oH?E((+2Y?6B((OX^eY0_(t=Zk zkBo$oZ^&<)deytT!r;+71&ll?eTf$u7{gOJ^aq+84ZySa>yGWi8uEWjTu5V8C4T?w zYk@lX@8{#c_WH-i`}_Ypfpz3xT|cOj^A&?cllEtH%t$l@`U7q6X!LIZo6EoQ2iT(g z_wwhz{o}*^{J#@;CizdVTdghsk8}wuk^Pr$)2|8Elz%?M?77Z=%tJFD|Ep_u_wm1W z0u}xrX_&d9`^QsNML3=`C#6g+!Q2}c7ffmX+RSA(DwS;(hZ8`zdmr-MYl3*b{OWQyVQZbse;!FFR&^%<1n z=cD%S?*eWK){y`Bw(8?wgs5HroB92}IoR+2cLVYK?@_V259m|$MH1y8)fIXG0$uoX z5xw^}g0~54$Uh~H-B!V>AEO0o=l_EJzk9g9|F;|1mON($Ny)DNQP*eocD-kZb>%<$ z{dvy+d&l|sU)|o}{{H_?V5{=4qLx%h|06E9?X|!&!kY50La{ySUAS8L?-uU=ANTkE zKRbbK%6~FQG!2m4@6|x{?Q+w&=_}jr6@*ls%@@)J6Zr9Am|1l2__wv6Jcmex= zJf2FH30G0dO-+hkC6Yt(cb@KC-9Q;U*ROSb~v`Z{67uWkbmu7=JVKp2ge2Z@9*tDyMayR zzXZSL67t$=qvUCYDh-mkE}S66FB#}cBaWe-_X>;ORLEhzgZoupUVllwQZ4`CHR0!u z|6%s~MgPyi{`_Yruu3rF3*wbiczTOGzWf>A9?x9;)ZcTVOsE_E(QWhZ;=orvqk`Jh zwb0G*sw5~_fu?#HLxq_RGui473tdnT{xUN9oKPwM0t>heT$h7*iV~=n|8B2;TzLPv z+uy(cv=gX^={JtMe+<<@{WJwoE&rQF`it^}N+$oJPpW#-2!N}Plw-wkK^+*(0c>*?`63LytKc#7^1uA-tw>4XA+G$i;e9Uo z=UC-St67YQQ{GTZzHu|*B_Fw%3u6D^Qu}T!D9gspiCU!ejjAO#V8TB}2u}7LpIaV< z>+!@b->@1}N~iAT9X<_3mlH0)6Q_jVWvbyj<&P7^g-vaU>XB{u^=smIJbEv{(j@^i zdzOoDnOEP*kTCedR!TaIDDO5`hcwLxG)+s0qnNh7d_mbL0xI?ZdU)uRB&sop9v-Yh zvcOaH@X*SYQWE(zgcQvs3-Ex;o}6Td6?`r{@KGKqHCiVxf$#3_Ep;qen zJkbKeri#2$vNNUG)-P|1C}lCjHq((iJ^NtD@vITN%pkzXQ2lqur%9ts|#jX3y6*D+6^rs&@5#r#t>{zc#sR2bFaw=VUd%h7(WgM*FQunudVRp+|S;4pRWP4$ri)^fF=Vuet&DywDN=tm& z{uDfy$!UI7q8?by?yy}lCxtf)Y(L2E+Y&pL5#bxQA7uAz2+d(m*?mpE2q~MD!KVQD zCQPUto3oMREHaWF6QsSL>;tbd=LXttENc1H+r+X+bT4gu{S!dZ{%_2{os+3Y*|x%V z)}8+y9_8XcbPvtJ-v4JOaDc9`5WqZ+1VvG|qvZ@dGzp075O0cnY~SH2aHH8cKsPhO z)w8M`g@y?$bXAKTo5-~&n@vVX6 zZX8iB%qp2eJ}~4G4~%BRI352Q+UO*aA)U{uhdvI+$RUh38^)A~PV^(HM6+Q`erKKN zNAhVl?S%g)ANa!SXapzNz6<fI)5&;QyA7Xrw^T;0|4-ikuRA#I?d5+b za1i(o7J%#-X3_QDP!D)E1G(EnVg_*xcw`z~<8!ldASkjK$V@U(On*mhBlKy3#Z#xKoAvvJ_jWlSb4g_LA(e>UVl$$+3}O2jOf zAWno-5OJ-dtPXsRYDPUBP3D^61t5;+fELjysH!aHNX!WTa|!Dn_OORNY!UuH00960 LMA2d*0I&c6`vX55 From 04491997e27f08b2a5b1c66caeec92c5ba57e6c7 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Fri, 11 Nov 2022 11:23:06 -0500 Subject: [PATCH 114/141] sync w/ Prod for further testing --- profisee-platform/Chart.yaml | 2 +- profisee-platform/templates/configmap-profisee.yaml | 1 - profisee-platform/templates/secret-purview.yaml | 3 +-- .../templates/statefullset-profisee.yaml | 5 ----- profisee-platform/values.yaml | 11 +++++------ 5 files changed, 7 insertions(+), 15 deletions(-) diff --git a/profisee-platform/Chart.yaml b/profisee-platform/Chart.yaml index 5f17dbec..2040123f 100644 --- a/profisee-platform/Chart.yaml +++ b/profisee-platform/Chart.yaml @@ -3,4 +3,4 @@ appVersion: 1.16.0 description: A Helm chart for Profisee Platform on Kubernetes name: profisee-platform type: application -version: 0.1.24 +version: 0.1.25 diff --git a/profisee-platform/templates/configmap-profisee.yaml b/profisee-platform/templates/configmap-profisee.yaml index e19c530d..bcb3bb5c 100644 --- a/profisee-platform/templates/configmap-profisee.yaml +++ b/profisee-platform/templates/configmap-profisee.yaml @@ -25,4 +25,3 @@ data: ProfiseeOidcFirstNameClaim: {{.Values.profiseeRunTime.oidc.firstNameClaim|quote}} ProfiseeOidcLastNameClaim: {{.Values.profiseeRunTime.oidc.lastNameClaim|quote}} ProfiseeOidcEmailClaim: {{.Values.profiseeRunTime.oidc.emailClaim|quote}} - COMPlus_gcServer: {{.Values.COMPlus_gcServer|quote}} diff --git a/profisee-platform/templates/secret-purview.yaml b/profisee-platform/templates/secret-purview.yaml index 2009a38c..1eb87ffe 100644 --- a/profisee-platform/templates/secret-purview.yaml +++ b/profisee-platform/templates/secret-purview.yaml @@ -5,9 +5,8 @@ type: Opaque metadata: name: profisee-purview data: - ProfiseePurviewTenantId: {{.Values.cloud.azure.purview.tenantId | b64enc | quote}} ProfiseePurviewUrl: {{.Values.cloud.azure.purview.url | b64enc | quote}} - ProfiseePurviewCollectionId: {{.Values.cloud.azure.purview.collectionId | b64enc | quote}} + ProfiseePurviewTenantId: {{.Values.cloud.azure.purview.tenantId | b64enc | quote}} ProfiseePurviewClientId: {{.Values.cloud.azure.purview.clientId | b64enc | quote}} ProfiseePurviewClientSecret: {{.Values.cloud.azure.purview.clientSecret | b64enc | quote}} {{- end }} diff --git a/profisee-platform/templates/statefullset-profisee.yaml b/profisee-platform/templates/statefullset-profisee.yaml index 433cf028..fbb2da02 100644 --- a/profisee-platform/templates/statefullset-profisee.yaml +++ b/profisee-platform/templates/statefullset-profisee.yaml @@ -128,11 +128,6 @@ spec: secretKeyRef: name: profisee-purview key: ProfiseePurviewUrl - - name: ProfiseePurviewCollectionId - valueFrom: - secretKeyRef: - name: profisee-purview - key: ProfiseePurviewCollectionId - name: ProfiseePurviewTenantId valueFrom: secretKeyRef: diff --git a/profisee-platform/values.yaml b/profisee-platform/values.yaml index 5d37b700..f24f355d 100644 --- a/profisee-platform/values.yaml +++ b/profisee-platform/values.yaml @@ -54,7 +54,6 @@ image: licenseFileData: $LICENSEDATA preInitScriptData: Cg== postInitScriptData: Cg== -COMPlus_gcServer: "0" oidcFileData: | { } @@ -85,11 +84,11 @@ cloud: name: "" clientId: "" purview: - tenantId: "$PURVIEWTENANTID" - url: "$PURVIEWURL" - collectionId: "$PURVIEWCOLLECTIONID" - clientId: "$PURVIEWCLIENTID" - clientSecret: "$PURVIEWCLIENTSECRET" + tenantId: "$AZURETENANTID" + clientId: "$CLIENTID" + clientSecret: "$OIDCCLIENTSECRET" + instanceName: "$PURVIEWINSTANCENAME" + baseUrl: "$PURVIEWBASEURL" aws: isProvider: false ebsVolumeId: "" From 4220584529b3b9805374759d3760877fbeaf5a9c Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Mon, 14 Nov 2022 10:18:20 -0500 Subject: [PATCH 115/141] sync Dev to Admin for CollectionID addition --- Azure-ARM/README.md | 2 +- Azure-ARM/Settings.yaml | 3 +- Azure-ARM/azuredeploy.json | 21 ++++ Azure-ARM/azuredeploy.parameters.json | 6 ++ Azure-ARM/createUIDefinition.json | 101 +++++++++++------- Azure-ARM/deployprofisee.sh | 20 +++- Azure-ARM/prereqcheck.sh | 17 +++ index.yaml | 6 +- profisee-platform-0.1.24.tgz | Bin 0 -> 5543 bytes profisee-platform-0.1.25.tgz | Bin 5517 -> 0 bytes profisee-platform/Chart.yaml | 2 +- .../templates/secret-purview.yaml | 3 +- .../templates/statefullset-profisee.yaml | 5 + profisee-platform/values.yaml | 10 +- 14 files changed, 141 insertions(+), 55 deletions(-) create mode 100644 profisee-platform-0.1.24.tgz delete mode 100644 profisee-platform-0.1.25.tgz diff --git a/Azure-ARM/README.md b/Azure-ARM/README.md index 2b64af95..fb39f20b 100644 --- a/Azure-ARM/README.md +++ b/Azure-ARM/README.md @@ -25,9 +25,9 @@ Here's **how** it will be deployed. You must have a Managed Identity created to 3. **Application Administrator** role in Azure Active Directory, so the Application registration can be created by the Deployment Managed Identity and the required permissions can be assigned to it. 4. **Managed Identity Contributor** and **User Access Administrator** at the Subscription level. These two are needed in order for the ARM template Deployment Managed Identity to be able to create the Key Vault specific Managed Identity that will be used by Profisee to pull the values stored in the Key Vault, as well as to assign the AKSCluster-agentpool the Managed Identity Operator role (to the Resource and Infrastructure Resource groups) and Virtual Machine Operator role (to the Infrastructure Resource group). If Key Vault will not be used, these roles are not required. 5. **Key Vault requirements**. If you are using a Key Vault, please make sure that your Access Policy page has a checkmark on "Azure Resource Manager for template deployment". Otherwise, MS will not be able to validate the ARM template's access against your Key Vault and will result in validation failure in the ARM template before it begins deployment. +6. **Purview Integration requirements**. If Profisee will be configured to integrate with Microsoft Purview, a Purview specific Application Registration will need to be created and have the **Collections Admin** and **Data Curator Role** assigned in the Purview account. It will also have to be assigned the User.Read **delegated** permission as well as the User.Read.All, Group.Read.All and GroupMember.Read.All **application** permissions (these 3 required Global Admin consent). During the ARM template deployment you will now have to provide the Purview collection friendly name, as seen in the Purview web portal, regardless if this is a sub-collection or the root collection of Purview. -If Profisee will be configured to integrate with Microsoft Purview, a Purview specific Application Registration will need to be created and have the **Data Curator Role** assigned in the Purview account. It will also have to be assigned, at minimum, the User.Read **delegated** permission. For full Microsoft Purview functionality and integration with Profisee, the User.Read.All, Group.Read.All and GroupMember.Read.All **application** permissions will need to be added and consented to by an Azure Global Admin. ## Deployment steps diff --git a/Azure-ARM/Settings.yaml b/Azure-ARM/Settings.yaml index db3be5ac..bb513fbc 100644 --- a/Azure-ARM/Settings.yaml +++ b/Azure-ARM/Settings.yaml @@ -87,8 +87,9 @@ cloud: purview: tenantId: "$PURVIEWTENANTID" url: "$PURVIEWURL" + collectionId: "$PURVIEWCOLLECTIONID" clientId: "$PURVIEWCLIENTID" - clientSecret: "$PURVIEWCLIENTSECRET" + clientSecret: "$PURVIEWCLIENTSECRET" aws: isProvider: false google: diff --git a/Azure-ARM/azuredeploy.json b/Azure-ARM/azuredeploy.json index e280e9e7..ed71a180 100644 --- a/Azure-ARM/azuredeploy.json +++ b/Azure-ARM/azuredeploy.json @@ -29,6 +29,10 @@ "defaultValue": "", "type": "String" }, + "PurviewCollectionFriendlyName": { + "defaultValue": "", + "type": "String" + }, "PurviewClientId": { "defaultValue": "", "type": "String" @@ -226,6 +230,7 @@ "UsePurview":"[parameters('UsePurview')]", "PurviewUrl":"[parameters('PurviewUrl')]", + "PurviewCollectionId":"[parameters('PurviewCollectionFriendlyName')]", "PurviewClientId":"[parameters('PurviewClientId')]", "PurviewClientSecret":"[parameters('PurviewClientSecret')]", "PurviewAccountResourceGroup":"[parameters('PurviewAccountResourceGroup')]" @@ -255,6 +260,10 @@ "name": "SUBSCRIPTIONID", "value": "[subscription().subscriptionId]" }, + { + "name": "TENANTID", + "value": "[subscription().tenantId]" + }, { "name": "DOMAINNAMERESOURCEGROUP", "value": "[variables('DOMAINNAMERESOURCEGROUP')]" @@ -287,9 +296,17 @@ "name": "PURVIEWURL", "value": "[variables('PurviewUrl')]" }, + { + "name": "PURVIEWCOLLECTIONID", + "value": "[variables('PurviewCollectionId')]" + }, { "name": "PURVIEWCLIENTID", "value": "[variables('PurviewClientId')]" + }, + { + "name": "PURVIEWCLIENTSECRET", + "value": "[variables('PurviewClientSecret')]" } ] } @@ -756,6 +773,10 @@ "name": "PURVIEWURL", "value": "[variables('PurviewUrl')]" }, + { + "name": "PURVIEWCOLLECTIONID", + "value": "[variables('PurviewCollectionId')]" + }, { "name": "PURVIEWCLIENTID", "value": "[variables('PurviewClientId')]" diff --git a/Azure-ARM/azuredeploy.parameters.json b/Azure-ARM/azuredeploy.parameters.json index 97eaefca..51957084 100644 --- a/Azure-ARM/azuredeploy.parameters.json +++ b/Azure-ARM/azuredeploy.parameters.json @@ -14,6 +14,9 @@ "ProfiseeWebAppName": { "value": "" }, + "TenantId": { + "value": "" + }, "ActiveDirectoryCreateApp": { "value": "Yes" }, @@ -23,6 +26,9 @@ "PurviewUrl": { "value": "" }, + "PurviewCollectionFriendlyName": { + "value": "" + }, "PurviewClientId": { "value": "" }, diff --git a/Azure-ARM/createUIDefinition.json b/Azure-ARM/createUIDefinition.json index 89f2ace9..c562f78a 100644 --- a/Azure-ARM/createUIDefinition.json +++ b/Azure-ARM/createUIDefinition.json @@ -1,7 +1,7 @@ { - "$schema": "https://schema.management.azure.com/schemas/0.1.2-preview/CreateUIDefinition.MultiVm.json#", - "handler": "Microsoft.Azure.CreateUIDef", - "version": "0.1.2-preview", + "$schema": "https://schema.management.azure.com/schemas/0.1.2-preview/CreateUIDefinition.MultiVm.json#", + "handler": "Microsoft.Azure.CreateUIDef", + "version": "0.1.2-preview", "parameters": { "resourceTypes": [ "microsoft.containerservice/managedclusters", @@ -11,7 +11,6 @@ "microsoft.resources/resourcegroups" ], "basics": [ - { "name": "text2", "type": "Microsoft.Common.TextBlock", @@ -54,7 +53,6 @@ "uri": "https://support.profisee.com/wikis/2022_r1_support/planning_your_managed_identity_configuration" } } - ], "steps": [ { @@ -132,9 +130,29 @@ "label": "2021R3.0", "value": "profiseeplatform:2021r3.0" }, + { + "label": "2021R3.0.saas", + "value": "profiseeplatform:2021r3.0.saas" + }, { "label": "2022R1.0", "value": "profiseeplatform:2022r1.0" + }, + { + "label": "2022R1-126062", + "value": "profiseeplatform:2022r1-126062" + }, + { + "label": "2022R2.preview", + "value": "profiseeplatform:2022r2.preview" + }, + { + "label": "2022R2.preview-history", + "value": "profiseeplatform:2022r2.preview-history" + }, + { + "label": "2022R2.preview-matching", + "value": "profiseeplatform:2022r2.preview-matching" } ] }, @@ -246,7 +264,7 @@ ], "required": true }, - "visible": "[or(equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2021r2.0'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2021r2.1'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2021r3.0'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r1.0'))]" + "visible": "[or(equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2021r2.0'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2021r2.1'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2021r3.0'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r1.preview'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r1.0'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r1-126062'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r2.preview'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r2.preview-history'))]" }, { "name": "PurviewAccountName", @@ -262,14 +280,28 @@ "visible": "[equals(steps('profisee').UsePurview,'Yes')]" }, { - "name":"GetPurviewUrlRestApiResponse", - "type":"Microsoft.Solutions.ArmApiControl", - "request":{ + "name": "GetPurviewUrlRestApiResponse", + "type": "Microsoft.Solutions.ArmApiControl", + "request": { "method": "GET", "path": "[concat(subscription().id,'/resourceGroups/',last(take(split(steps('profisee').PurviewAccountName.id, '/'), 5)),'/providers/Microsoft.Purview/accounts/',steps('profisee').PurviewAccountName.name,'?api-version=2020-12-01-preview')]", "body": "" } }, + { + "name": "PurviewCollectionFriendlyName", + "type": "Microsoft.Common.TextBox", + "label": "Purview Collection Friendly Name", + "defaultValue": "", + "placeholder": "tHiS iS CaSe SenSiTiVe!", + "toolTip": "Please provide the Purview Collection Friendly Name that you see in your Purview account. Profisee will deploy to that collection. If you would like to deploy in the root collection, please specify its friendly name.", + "constraints": { + "required": true, + "regex": "", + "validationMessage": "" + }, + "visible": "[and(equals(steps('profisee').UsePurview,'Yes'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r2.preview'))]" + }, { "name": "PurviewClientID", "type": "Microsoft.Common.TextBox", @@ -368,7 +400,7 @@ "label": "VM Size", "toolTip": "Pick VM size for the instances in the Linux nodepool. An 's' in the size will result in use of a Premium SSD. Ex. Standard_D2s_v5 will use Premium SSD, Standard_D2_v5 will use HDD.", "recommendedSizes": [ - "Standard_D2_v5" + "Standard_B2s" ], "constraints": { "allowedSizes": [] @@ -409,7 +441,7 @@ "label": "VM Size", "toolTip": "Pick VM size for the instances in the Windows nodepool. An 's' in the size will result in use of a Premium SSD. Ex. Standard_D2s_v5 will use Premium SSD, Standard_D2_v5 will use HDD.", "recommendedSizes": [ - "Standard_D4_v5" + "Standard_B4ms" ], "constraints": { "allowedSizes": [] @@ -549,7 +581,6 @@ ], "visible": "[equals(steps('kubernetes').KubernetesAdvancedYesNo,'Yes')]" } - ] }, { @@ -686,16 +717,12 @@ }, "visible": true } - - - ] }, { "name": "storage", "label": "Storage", "elements": [ - { "name": "StorageAccountNameSection", "type": "Microsoft.Common.Section", @@ -722,9 +749,9 @@ "visible": true }, { - "name":"GetStorageAccessKeysRestApiResponse", - "type":"Microsoft.Solutions.ArmApiControl", - "request":{ + "name": "GetStorageAccessKeysRestApiResponse", + "type": "Microsoft.Solutions.ArmApiControl", + "request": { "method": "POST", "path": "[concat(subscription().id,'/resourceGroups/',steps('storage').StorageAccountNameSection.StorageAccountName.resourceGroup,'/providers/Microsoft.Storage/storageAccounts/',steps('storage').StorageAccountNameSection.StorageAccountName.name,'/listKeys?api-version=2019-06-01')]", "body": "" @@ -742,9 +769,9 @@ "visible": "[equals(steps('storage').StorageAccountNameSection.StorageAccountName.newOrExisting, 'existing')]" }, { - "name":"GetStorageFileSharesRestApiResponse", - "type":"Microsoft.Solutions.ArmApiControl", - "request":{ + "name": "GetStorageFileSharesRestApiResponse", + "type": "Microsoft.Solutions.ArmApiControl", + "request": { "method": "GET", "path": "[concat(subscription().id,'/resourceGroups/',steps('storage').StorageAccountNameSection.StorageAccountName.resourceGroup,'/providers/Microsoft.Storage/storageAccounts/',steps('storage').StorageAccountNameSection.StorageAccountName.name,'/fileServices/default/shares?api-version=2019-06-01')]", "body": "" @@ -833,7 +860,7 @@ "type": "Microsoft.Common.TextBox", "label": "DNS Domain Name", "defaultValue": "", - "placeholder":"This value is CaSe SeNSitiVe! mydomain.com", + "placeholder": "This value is CaSe SeNSitiVe! mydomain.com", "toolTip": "This value is CaSe SeNSitiVe!", "constraints": { "required": true, @@ -936,20 +963,16 @@ ], "visible": "[equals(steps('networking').HttpsConfigure,'Yes')]" } - ] - } ], "outputs": { "ManagedIdentityName": "[basics('ManagedIdentityName')]", - "ProfiseeVersion": "[steps('profisee').ProfiseeVersion]", "ProfiseeAdminUserAccount": "[steps('profisee').ProfiseeAdminUserAccount]", "ProfiseeLicense": "[if(equals(steps('profisee').UseKeyVault, 'Yes'), steps('profisee').ProfiseeLicenseSecret, steps('profisee').ProfiseeLicense)]", "ActiveDirectoryCreateApp": "[steps('profisee').ActiveDirectoryCreateApp]", "ActiveDirectoryClientId": "[steps('profisee').UserSuppliedClientyId.ActiveDirectoryClientId]", - "KubernetesClusterName": "[steps('kubernetes').KubernetesClusterName]", "KubernetesVersion": "[steps('kubernetes').KubernetesVersion]", "KubenetesInfrastructureResourceGroupName": "[steps('kubernetes').KubenetesInfrastructureResourceGroupName]", @@ -957,15 +980,12 @@ "KubernetesLinuxNodeCount": "[steps('kubernetes').KubernetesLinuxNodeCount]", "KubernetesWindowsNodeSize": "[steps('kubernetes').KubernetesWindowsNodeSizeSection.KubernetesWindowsNodeSize]", "KubernetesWindowsNodeCount": "[steps('kubernetes').KubernetesWindowsNodeCount]", - "KubernetesVnetName": "[steps('kubernetes').KubernetesAdvanced.KubernetesVnetName.name]", "KubernetesVnetResourceGroup": "[steps('kubernetes').KubernetesAdvanced.KubernetesVnetName.resourceGroup]", "KubernetesSubnetName": "[steps('kubernetes').KubernetesAdvanced.KubernetesVnetName.subnets.subnet1.name]", - "KubernetesServiceCidr": "[steps('kubernetes').KubernetesAdvanced.KubernetesServiceCidr]", "KubernetesDNSServiceIP": "[steps('kubernetes').KubernetesAdvanced.KubernetesDNSServiceIP]", "KubernetesDockerBridgeCidr": "[steps('kubernetes').KubernetesAdvanced.KubernetesDockerBridgeCidr]", - "SQLServerCreateNew": "[steps('sql').SQLServerCreateNew]", "SQLServerName": "[if(equals(steps('sql').SQLServerCreateNew, 'Yes'), steps('sql').SQLServerName, steps('sql').SQLServerNameExisting.name)]", "SQLServerUser": "[if(equals(steps('profisee').UseKeyVault, 'Yes'), steps('sql').SQLServerUserSecret, steps('sql').SQLServerUser)]", @@ -977,7 +997,6 @@ "StorageAccountAccessKey": "[steps('storage').StorageAccountAccessKey]", "StorageAccountType": "[steps('storage').StorageAccountNameSection.StorageAccountName.type]", "StorageAccountFileShareName": "files", - "DNSUpdate": "[if(equals(steps('networking').DNSUpdate, 'No'), 'No', steps('networking').UserDefinedDNS.DNSUpdate2)]", "DNSHostName": "[steps('networking').UserDefinedDNS.DNSHostName]", "DNSDomainName": "[steps('networking').UserDefinedDNS.DNSDomainName]", @@ -985,16 +1004,16 @@ "HttpsConfigure": "[coalesce(steps('networking').HttpsConfigure,'No')]", "UseLetsEncrypt": "[if(equals(coalesce(steps('networking').HttpsConfigure,'No'),'No'),'Yes','No')]", "HttpsCertificate": "[if(equals(steps('profisee').UseKeyVault, 'Yes'), steps('networking').UserDefinedHTTPS.HttpsCertificateSecret, steps('networking').UserDefinedHTTPS.HttpsCertificate)]", - "HttpsCertificatePrivateKey": "[steps('networking').UserDefinedHTTPS.HttpsCertificatePrivateKey]", - "UseKeyVault":"[steps('profisee').UseKeyVault]", - "KeyVault":"[steps('profisee').KeyVault.id]", - "UsePurview":"[steps('profisee').UsePurview]", - "PurviewUrl":"[steps('profisee').GetPurviewUrlRestApiResponse.properties.endpoints.catalog]", - "PurviewClientId":"[steps('profisee').PurviewClientID]", - "PurviewClientSecret":"[steps('profisee').PurviewClientSecret]", - "PurviewAccountResourceGroup":"[last(take(split(steps('profisee').PurviewAccountName.id, '/'), 5))]", - "ProfiseeWebAppName":"[steps('profisee').ProfiseeWebAppName]" + "UseKeyVault": "[steps('profisee').UseKeyVault]", + "KeyVault": "[steps('profisee').KeyVault.id]", + "UsePurview": "[steps('profisee').UsePurview]", + "PurviewUrl": "[steps('profisee').GetPurviewUrlRestApiResponse.properties.endpoints.catalog]", + "PurviewClientId": "[steps('profisee').PurviewClientID]", + "PurviewCollectionFriendlyName": "[steps('profisee').PurviewCollectionFriendlyName]", + "PurviewClientSecret": "[steps('profisee').PurviewClientSecret]", + "PurviewAccountResourceGroup": "[last(take(split(steps('profisee').PurviewAccountName.id, '/'), 5))]", + "ProfiseeWebAppName": "[steps('profisee').ProfiseeWebAppName]" } } -} +} \ No newline at end of file diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index 1a45ce0f..d31ecc08 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -172,7 +172,7 @@ if [ "$USEKEYVAULT" = "Yes" ]; then akskvidentityClientId=$(az identity create -g $AKSINFRARESOURCEGROUPNAME -n $identityName --query 'clientId' -o tsv); akskvidentityClientResourceId=$(az identity show -g $AKSINFRARESOURCEGROUPNAME -n $identityName --query 'id' -o tsv) principalId=$(az identity show -g $AKSINFRARESOURCEGROUPNAME -n $identityName --query 'principalId' -o tsv) - echo $"Key VAult Specific Managed Identity configuration for Key Vault access step 2 finished." + echo $"Key VAult Specific Managed Identity configuration for Key Vault access step 2 finished." echo $"Key Vault Specific Managed Identity configuration for KV access step 3 started." echo "Sleeping for 60 seconds to wait for MI to be ready" @@ -386,6 +386,21 @@ if [ "$SQLSERVERCREATENEW" = "Yes" ]; then echo "Addition of the SQL firewall rule finished."; fi +#Acquire the collection id from the collection name +if [ "$USEPURVIEW" = "Yes" ]; then + echo "Obtain collection id from provided collection friendly name started."; + echo "Grab a token." + purviewtoken=$(curl --location --no-progress-meter --request GET "https://login.microsoftonline.com/$TENANTID/oauth2/token" --header 'Content-Type: application/x-www-form-urlencoded' --data-urlencode "client_id=$PURVIEWCLIENTID" --data-urlencode "client_secret=$PURVIEWCLIENTSECRET" --data-urlencode 'grant_type=client_credentials' --data-urlencode 'resource=https://purview.azure.net' | jq --raw-output '.access_token'); + echo "Token acquired." + echo "Find collection Id."; + echo $"Stripping /catalog from $PURVIEWURL." + PURVIEWACCOUNTFQDN=${PURVIEWURL::-8} + echo $"Purview account name is $PURVIEWACCOUNTFQDN. Using it." + COLLECTIONTRUEID=$(curl --location --no-progress-meter --request GET "$PURVIEWACCOUNTFQDN/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="'$PURVIEWCOLLECTIONID'") | .name') + echo $"Collection id is $COLLECTIONTRUEID, using that."; + echo "Obtain collection id from provided collection friendly name completed."; +fi + echo "The variables will now be set in the Settings.yaml file" #Setting storage related variables FILEREPOUSERNAME="Azure\\\\\\\\${STORAGEACCOUNTNAME}" @@ -422,6 +437,7 @@ sed -i -e 's/$ACRREPONAME/'"$ACRREPONAME"'/g' Settings.yaml sed -i -e 's/$ACRREPOLABEL/'"$ACRREPOLABEL"'/g' Settings.yaml sed -i -e 's~$PURVIEWURL~'"$PURVIEWURL"'~g' Settings.yaml sed -i -e 's/$PURVIEWTENANTID/'"$TENANTID"'/g' Settings.yaml +sed -i -e 's/$PURVIEWCOLLECTIONID/'"$COLLECTIONTRUEID"'/g' Settings.yaml sed -i -e 's/$PURVIEWCLIENTID/'"$PURVIEWCLIENTID"'/g' Settings.yaml sed -i -e 's/$PURVIEWCLIENTSECRET/'"$PURVIEWCLIENTSECRET"'/g' Settings.yaml sed -i -e 's/$WEBAPPNAME/'"$WEBAPPNAME"'/g' Settings.yaml @@ -495,7 +511,7 @@ else helm -n profisee install profiseeplatform profisee/profisee-platform --values Settings.yaml fi - + kubectl delete secret profisee-deploymentlog -n profisee --ignore-not-found kubectl create secret generic profisee-deploymentlog -n profisee --from-file=$logfile diff --git a/Azure-ARM/prereqcheck.sh b/Azure-ARM/prereqcheck.sh index 4734e8a1..fcd66871 100644 --- a/Azure-ARM/prereqcheck.sh +++ b/Azure-ARM/prereqcheck.sh @@ -38,7 +38,10 @@ echo $"USEKEYVAULT is $USEKEYVAULT" echo $"KEYVAULT is $KEYVAULT" echo $"USEPURVIEW is $USEPURVIEW" echo $"PURVIEWURL is $PURVIEWURL" +echo $"PURVIEWCOLLECTIONID is $PURVIEWCOLLECTIONID" echo $"PURVIEWCLIENTID is $PURVIEWCLIENTID" +echo $"PURVIEWCLIENTSECRET is $PURVIEWCLIENTSECRET" +echo $"TENANTID is $TENANTID" IFS='/' read -r -a miparts <<< "$AZ_SCRIPTS_USER_ASSIGNED_IDENTITY" #splits the mi on slashes mirg=${miparts[4]} @@ -130,6 +133,20 @@ if [ "$USEPURVIEW" = "Yes" ]; then if [[ $purviewClientPermissions != *"98830695-27a2-44f7-8c18-0c3ebc9698f6"* ]]; then echo "The Purview Azure AD application registration is missing the Microsoft Graph API GroupMember.Read.All application permission. Some governance features will not function until this permission is granted. This permission requires an Azure AD Global Admin consent. Please visit https://support.profisee.com/wikis/2022_r1_support/prerequisites_for_integrating_with_purview for more information." fi + #Check if the provided Purview Collection name exists. + #Acquire token + echo "Checking if provided Purview collection friendly name exists." + purviewtoken=$(curl --location --no-progress-meter --request GET "https://login.microsoftonline.com/$TENANTID/oauth2/token" --header 'Content-Type: application/x-www-form-urlencoded' --data-urlencode "client_id=$PURVIEWCLIENTID" --data-urlencode "client_secret=$PURVIEWCLIENTSECRET" --data-urlencode 'grant_type=client_credentials' --data-urlencode 'resource=https://purview.azure.net' | jq --raw-output '.access_token'); + #Strip /catalog from end of Purview URL + PURVIEWACCOUNTFQDN=${PURVIEWURL::-8} + collectionnamenotfound=$(curl --location --no-progress-meter --request GET "$PURVIEWACCOUNTFQDN/account/collections?api-version=2019-11-01-preview" --header "Authorization: Bearer $purviewtoken" | jq --raw-output '.value | .[] | select(.friendlyName=="'$PURVIEWCOLLECTIONID'") | .name'); + if [ -z "$collectionnamenotfound" ]; then + err=$"The "$PURVIEWCOLLECTIONID" collection name provided could NOT be found. Exiting with error." + echo $err + set_resultAndReturn; + else + echo $"The "$PURVIEWCOLLECTIONID" collection name provided was found. Continuing checks." + fi fi #If using Key Vault, checks to make sure that the Deployment Managed Identity has been assigned the Managed Identity Contributor role AND User Access Administrator as Subscription level. diff --git a/index.yaml b/index.yaml index e463b6dc..705e5015 100644 --- a/index.yaml +++ b/index.yaml @@ -9,6 +9,6 @@ entries: name: profisee-platform type: application urls: - - https://profiseeadmin.github.io/kubernetes/profisee-platform-0.1.25.tgz - version: 0.1.25 -generated: "2022-11-07T00:00:00.0-05:00" + - https://profiseeadmin.github.io/kubernetes/profisee-platform-0.1.24.tgz + version: 0.1.24 +generated: "2022-06-30T00:00:00.0-05:00" diff --git a/profisee-platform-0.1.24.tgz b/profisee-platform-0.1.24.tgz new file mode 100644 index 0000000000000000000000000000000000000000..0af87b8e0f04684b0ce94e2d833bdcdf535f6748 GIT binary patch literal 5543 zcmV;Y6Dc zVQyr3R8em|NM&qo0PH>eZ{xO-`?CT64?JgqZ6BUx`6Ef8;@w^9c-vsJNiNQA?*Ro0 zTAJ8wWKl~}_NLq1-+rJZO4NrXJ8_(D>servh{NIVV}=}ZIP@94B^;pbyI9;(Ht!5) zmtqY&gJeMtl)|J3&8zJ4d!0Bj}bgbQO;u zbQO;uL_PE_m;m!Y0B?AB4i+kmvWB?#!9v*gU1DQNyRlH^nnu^?4H_@qGJg*!%Krkp z0q|`qfExKfJnrV@|Ij=>+{^zifPZqwz!tzP)NCMxP$aOe*W>>=zc_h6YDHfiEbs(# zxJXk^f6&qc4opk?FdkiNsXpd>NtvUiUY(4`KVM#-wwet!1g`_{hRnfAD4v7hBhO~{ zzOc~i5987K=w>{+7+(MT>LxBv=4ZBH>pUkM%E{=7aXv zL$l!$8$1qgi3_J#U<}z@GC|a#F5i- zszO73@(%7l;=mOay2UO}Qts5}v@w+ASmgNTR33=qEK$fFJ*2Al@W z1~g?f@DcVLG{Xz|9Xr5~?^0slzu|Iie+TyqS&-fZnikIVl_D!s((gP}$K28}`6u^7 zI=!}XNmuEVnn{Wqo!m+rqL48j3E9tHp#;U`kFx67Bpyr>+b3T;0Uj>aIo3WytwGR1 z)I7vN^fqbs81Z{_Ox-pvQ~u6C3@JYHR%6Dt&fC>0K4ctwr9ixG^CzjWD>|^ZOFwm&XVzz8F}+uYE@g8 z4HQ3M3j#~4v}s>oeYpO3Hv0Kyba9fK+kqeY%t*;sT<5eZ;dIXQ@30VWHL`}h%zgILCr_n%SHQ7z+CsK0cl>UlXtbIQ z?t`)sqWvLLt(4+<Je0 zE!}Vjv5IJ0A$^?!yJgr|{vWXnsGtA41^Msq&wq9TyPW^4)xbu}fORy)hU?Ir$Cjcn7(n0*O5zGizk`i({#8$3!o( zo+`rSZ4w=B>c+-h;@TpsDqNnPkE=cIHliVa7Zqx4J=RdPv2P*aa+&2>>Dx@G_KY-H zMdR>KZd)Dv=&f_<<4@|e;>k^-ZT#o?RbEHq6s3k+b)NN{+^Q3d3T_oj1-J3B#j`OQ z)6X-R=ycyDb|`(A;W-FkJoU)9qS`4yORxY^|BsLF3+Du_aMN0I5jlyEHx$YmdvUoF zm4t0|4z*U@Gm|`xwFgR1P%&dzKe>3aQi-6gpV6YNifu|S@*#;b6jKw0tslc=Wqez_ zmP^2s7~Kj}B}(LlnJS9llNeHoBhRLCQEZ{s1amkVw6Z&6@d;-QlNs!EWt=+-t*dDU zJ)x4G?A7E~h`Gh}V^6vEunMZy|FP;NoCm-jyZOI{{eOJe&+q^Dd%gYoe;1IO>2ki9 zM%D`x<*fi4m}o~vG0QIfhtb$M3&&3BqTdC3T`LUgNfb!TcbtZ(*txiWKwHId3 zz&j zp?1iZ+0`9xB6GpYy2fD6E#ys!_gVk$Q|BfYG%M@gq-|)V;86$0YICCKGS$kOC6u=; zgB(GWaiKRyZytx{l62)-2X_WH|+WM*k7?%mzq`} z1o5W4+0bw_dq??}r_+7na2_to|M(P80cv@mWju`?&damv?&#$tK5+P%cn)3ilR(U* zwV^zz--JfVn+W}OB0Qh9%?;?M!{kV^zG?6%{DU6E$$xmHF~nb7q#70Hu~!+T0I zueWu_`0@ri5dzz@Id~%Vj6YA@%~w;-`qCT9Lp@u_K~*Vb?OapJBN~5I$z?rKQ~D#i zskCtuhyM*)H_lVuha=^`e=!dI`d8D<-T)}4_Os^XznW5d6=21cd@Xnke z^*peXO+fyZxL~0-w)Kk?;$J9nY~wdhy*F7hm&CE_SPAp4)*_O`NqT*thE8(PV8uw5 z)Ka(38e+;VV1x0R(pN5qYn2fpuRk(nF(0y59cs$ST#Q)V(jWAz4r`E%aaR+3o4ejn zLo<6DVl~-wyb0CJMTpfzN7}uH8j9%^h?Lw5&i_^GzvzaK)M9P5+xDmhV9olk*X%XIJcfbDI1w7jS!}qyn?wuw>rPS6-Mp=4$ATe`z)~uOhVb9L-1l-h+!oFWhBfLZ7 z5*zdQdXC7NRJpY)LT;9B73DZRKHrXyo7eO!DVT8r*qnIbLg`0_ZMXtPs51tedJebH zQF0fl!p>W1<0V%sZ0ZS2ywpaG?9`QAkkXFsE+L27cab6Qk_p4?zJpz#cwmM4pqS$- zaNR5F68qjlC+-s8bCj`t>3ohoCs&U)>P(2&;j{ebR@-hBzAb0O1;kwdAN7w+^Lyk_ zWXbAu=bIZQ{AagS$yB(H!~i>& zo_n9YtiwR67Ljcrl^8Kv)=_o**_`BR<}eZ(S;aHi=tMS)UCyk|)rp91fk3_q)%k1Y zL^pqY`_;Na{4Jqs{*U*wp1Au{zyD(%_ww_E~|xX$L~;Dhx%6dRd)HW zQSM(0ZBQdMQS^i4)U&EI21`Z+w1wndSg7;5n--y;(XUl-$#G4%WXK)U#0Pur=wz?t zs6#JYTdIqA?c7E)n%<9Zuea|c&FIw6vfks01up2tt+~CW7ZXMpP)isei&?s$*{la8 z4}Q2D?0jSV<6E5wxS50e1aF-kw1Zhg&x zEr^{zQ!4D*he%l*pE6;g!ogE8pU5HdotZs{-=D<)HK1z!Cr1tUu?^3A{%3Xv`TKv} ze*b8{{@Vo{icHnKwG^X6tzkGG1*!&w7*!{4~=RMjajC@0W>2<5M<^Pc` zVI{Kv(rx-R!J6{VXP7sA{)3(D{m z;-Jj=r~ozkKnvxZs)T4CwS;(hEcLBEqYsi0mTlMiTLe#GR&Ak0@ z4)*r{ZXlljJt{W$0eyA9a0ZzpwY~u&(?^zdz6UfA2US|Et?O+~5D-32asVRn(FS z>3_uKw!Id3Mp#q+RVcPcy$e?>|J{82-|lg5@BgzC*rxm^gGAE+$^BkkZ7R zv9-go?dAVzu!j6=_cEVn|95a)kpKRE|7SO_sr;AV*IYtgTWyp)tx%;wGS`I@r1&KR zU1`KI)bn0p@tX=c%y)3V%FF97saLAyKfEUV-0?rme!uAdIoO~7>;zT`W_&@satcpx zk;j)mcL+|MxPTZPpD+_FZ!gaCyfBO`bare3>VaaAq_kcF92$S1r}?GYC{M%GjFV{{ji=M@1qcM zaD%7l{y;8W0@KOGYnCMP$~MCimW3o-Mp3uXsz7%t%$;oNc9f{aI$`uTum$8|nuPC> zWP{PE$CHYY@+)3b+AM4CNHfcR#@{(%v`Du!(v6lGtq4f7;vhy3G!rqR-KJ1w<|72E z_<#~M3=0^MP2NJ#J8EU@ztW176dvNrPaEFnl7Eg>zOi@6~7 z4=%Ou#)7hJ+?=RIO5dnjaswv(V}#&j-|@NSQMevY-0}^pF{O0sZrn_-0xVq;Ftca5_?CI~oeT+sFKnfx!-(>3b9G45 zd_dE*ggA<6>&q9EjUu3851@yKPD!E~gXrPGDkKX$MGp_HTqz}yPeVx2T(STUxa`SE zc38pZ!UG@Wky4{|@)8)If$J92{+Z4sp`X4qyr za%UV=ski4~0=&grM(3IFVymZ3^cR03SoyYzMz3V-t$5y1!9un`jt!JdsPEvu$VeG8 zg*Pm9sCs5{C9_wV2RygUtY1RCoY^8Dd1kAwjBlU&l~>s-E3zJs>(=b~`etRIjz`t5 zzVCF$|LxZ%ckQ6E4&|Jz=676pgK>*I7aw@6?Vf#VWWzc?tIfo+NOUi~`T8e-;{Lxe19wiQ9%b7K+gW%1cX*VG|Ij@&2YdgYoxlOQ!a@M^ zI1&^^-Hw(s@X#b6u0y;j^09q~r@)P7;{e^v2v^UlaujY%ps7nI(QZERrvF3?Tr9`} z!pPOyckDTmf(O%Z#~FR&hw-ezK}#ZL=s&(SkhI1T^}?)@DdYn~F7d!G)IrY%T;TSoD@n*xA648l%M3rbZjLGk;6a7d&&8D63|KtN-cpZ)41lxCkADN)d z#y}JCt4&Y9liP7Jh4P(J= z>OkkurFM$)A9uIm^X`_)sP+HJ`~P(Z$GyG$?*tA4-@yWqJ;N-z-W%!x&t@R4JtSrj z$ACws(KS9d8wY|Sn}N(E6UFp*)JAg7h-k>{f$vf*g?$X7tsWIcg`w7LgxTT&hYZwq zkYW7NY&07O9$m&{!cs^{_V#B({*w#{il#)&f(hb8NCgqsD$44>=cs1X)6rzE8D0S5 pcn)Y0or0>$VvfX&@IRNZ?qLsm*uxg#{{sL3|Nm>DKVtx}004v#EUf?l literal 0 HcmV?d00001 diff --git a/profisee-platform-0.1.25.tgz b/profisee-platform-0.1.25.tgz deleted file mode 100644 index 35bab4bca6edacbef186182b3e153cf5444a3d13..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 5517 zcmV;86>{nyiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PKBzZ{xO;@cwPU-+_;_z_vvt%P&a^6~E`sb-Zn`*=#OOw)Z;} zC}@eX*~p}pr0k@-xzB!}BudnaB|CAPZtGcKlZfPSNO6WU!{Nwh^agW;4Bvy|hO&8k zID<@>_i*mL+7einWgYeV;ZMu5@;|L^uluUg@AbMp%Q`;nys|p|qi**Vu(m}&6$D&B z_R4y4U-`j(B>;W=5iyP_vB9F-fWDvn*)cmurqyr}cNq3X_-p`vLEaoVa*co+%D_du ze!xY%egGxlT`)n6Ac1&;z&Wx(VU;z+y^m}Fec!_ll(-uU)vslC%LGg_`lB12k%F%=&1_@ zoIsAw)6$clwDN!>rj=cfN0(Zu4>?~_=4z!EgYo#+50@vcW7MU|jC$7J9*G$2AEADp~DJs%8*AFj`@wEl0fhc1y% zITn=N#~p<2qo#`Tx2I>L%hAP$B8L1JRn6Q$^Mh5@w9%?+9-UHh6-vR@Ia&@GauE?2 zdOTAp5{{WJFVD0Za%kfjWJsrM{LA2Sq>+X01Y!hwCxl-!&jzjHbJcwG-&b-(XD8=l z4Z#vk2EHHHQA+~(9=$&$Q-(Od3_N55!2%Q&VtxVPSbsvX>u56{FSEg)0YhNm2)sbx z1T*BwH>8aZ24Y4T7Wb0452q)??C>2ABO*@2$sV4aj?S-6PYT6j0 zke<3vM;Sf4!H8vEJ>%iheH#8LULcaA+k@M{%mbFgi{=n}Tbp6W3%Ee+oVsWjNq|nX zp*@V3n}_FE@MP^deqe)+Wm)RM9L=Rv039oqDhz!J5HB<-*0-$pYGlm@p2Ml?lA$T) zLRM-i>1IN?)E#DG+ESGgi6lkW@KSQO#&iNswSu$3Pb0PRB~#eoOFFNg(_aAqEm_W6 zcJ`?(C?lp=P1aQG(6U1cq?~JgUsh3xySQQ^=}Iey??0|NdOtWlE3YQ$k82ICuYPIe z>pWy0Xn#F48y)&0!$Ea7=i-1023f)2*6to z2z3!)h|_>M2uv9bd;p0HW^f^&Ll-gNdlWnOZ@AR$Z_)iicBH=oO$uk;l|m~^(&s!B z$K2Ly@=xA%y1lk?MHlIonkkAW9p6YBqR=p23E9V_(1RlKXF2q25f3Jb?UNs!Km-=Y z97~^}HX-03njY)|dXr3hT=7S6Nj=1YdO?tLJSE5lQ~)e~1dMtJ2nyy96L9&n4O;IZ zfm7sy)A;Rz4?bd0P}YiSb6GunsWsKV2d$5oi2!=wJ#=Q6ATXpvFgyulv9{!59H+^8 z%B;M3uC!{d%NB|sumwg-yL4(_5B}%+a&$F1AC&Iw+t~Oq;Q|sTQJ^laFF&4+emy-O zUk%QOqnvgpmEcH+QWbw1j7OVoK@MD;EKo##0AHjTN(i z<`Zn?qWve(T>g%DJCsREiWs*GBiTMSGY;$gKmDV_to_&R9(RuS_TMhx^JfF#8(@Bn ztp0FIinIe$+iZaG@X&1Nz9I-+pSo&sn72Q06Vvvh(`?*g;@Tio?3GMtHs(k`X+zo> zBNN{8+l9i>YBso!l#LMihb*Nj#rw#K4L*M^qg8ExWIKBw{6E3O#bo*zHK2C?w~llC-|zO1_WZvK*vbC?Q?zzg@PF8w;ZxU0_L_-m zpfNktF_tI~k!k6L9>gl7hN|>+GVGRNWBz}H8c@IgcMAO9v-bSI3)toUUo8eUQUlhJ z5F6?hS^2SH-NY2Uu7^K8m{iF!=*Hu?M+g0Es;x6KiJu z#WB|#G1BvFq>AvkfuqAs-PpKILR;ieg~!wLapmJS01fFouMlhNkp?2iz72%OWs_&c z?=Yd}Gm>N#lfyrGhC2AsXXk?tKdIA-Cr^py_|Ma;qK?LCl^SZ*dDe4Mt4=T~s8v-e zsEv;;o{i8Lf1b!hru!atLhgeM&XGWjrx6(!R67M|2^OF<{^R5O!Z|@JbX;p8B7^vN zLsePB7neIxNyt{`P-~4nv&qv~dVur<6*30(lZz({l?V*|j23K_ZBu+v3`x|WSegiI z{TL?84RFMUrM35>R5r;~p*aoc$2vFOE|2Z%k^`M-w!e|*@>`~Q2L!@d5$ z3&`zsxmZjy8-)q-R)B+;Fe0OvWmW%Sw02IzwNt9}dq{8;;nj40=p+%KJdR793E^|Q z-Ihhh!s?pP$EMagj2LrO>|oS33^cL<4}708@t?`sb?7{*;4{2{LK--ck#dP{lKsDg zzK|a3EmCdB2>G zbdNV z)b##{*Hk*WNx=UGvm3W5e}^L#zkfasW71aR&E5bg$M&lhPQLOu9hMa#UQ;tP=hDA zXs}`>OKfRaXALqH7O=s3P4TO!#kKl~DzCpXWjEK^s}42&WG+Ump6P4-s>2#6RxwpZ;$R8h|sbZRY#x0ac*QT!=aH?Jd=%1WV5x)iPfnZi0Bpw%1@y> zf6bie=8tc`+E9ppBvkGHu|MmH-k*B^k9FM5@Bh}}KK^SbP~-nCT=FisfC&;y%5E{4 z7NfsTRs2MiN}vTrUE*en!7m$0f%#p~{duril;sjOb*q zIsKX= zw!lvQOsU|t4=ZKs_>>776b_z(`9v;}AFS*-{Qe~V?*Uc%pIkNEhYot)^FOQ8&)@&+ z^m?7W{!w<`1-XkYr6dUpfr=;4tD=Z!@Qozik(p9|B z!5E&(fiGZk)JMeG>mA#NHTeGqdnnCSmBjt8F9quOzn9Pd+U*@5?eG8Z1lHkyb^V}< z&sQuGjoY6wFe8x=;0yRG9IAdrusQ#$cz`YPe>Z>r+dJ;>_y3*1Gx2|V-D++Ae`H8l z3Gcu3oPJHPCjavpWY2Z}V;vUbe=TdD|7#~u5&w~9peu%dJXKVL>q!$1(N%Ln8Jwax zDRVw6K#e@mQaPt0A@ZY^AP=uRK0(j;s_*>kum=BQf<<(h>yZMW*8V>(#D8`7`~PlW zTTGoU68$cKPq~mKrq4SWek&x~jak)asI-1QYw!Lp;Fe$w{*P~~KK_dkwfeu6xBspF z-u~YW#QQ&?V)Gc#r^t&W%RwqD^aKPt^XD>p?{5Te6V~8=ie1N0IjkQe1#0*Ig8#pB zc({-M-U)1rpEHZ3#Oi<4^_jh2@7ZBp{*Qitp7a0iaX$Z7r`zA(|KAC0mH$=Nk_zsB z#O1cV6nI8hlmAsJwnu#zu9p8h`TW0~s0kNQNiLUxPLo=T0rN`Lf qnv7!# zVUlocEv#jhOc~ZnLuLimqK32@bA^Jmri)|^{@0UzKF9rUtJlxx|Lz>_zyGltcq#v1 zHiK+I60Ds%=P7G{4{P)P=0QIiJc9rGhx_yYoxn@-e?^ec+UdCV{Qopqga5UAdC%kj z>mL{RzqhylcLSU9e@XqCOQ>s$jgr**RT3m~T{Ni_XR_CYMw~-C9~Bhm)X&v?hwfKJ z`TQ;AN;Ut7*F>K?|AW=*732SUd;kAVU=?G=7lbRf@bngOeEBcFJ)F7vr+?3bGNEpC zN4JfCh!Y?Aj0);d&jwe+i;|>J1)S>32rA8R*vL_T*x;NJ^ta*B=Y&fB7f_&^!1Fi~ zPZ0vu{NL$z3h}?)PG@ib?*uAxx{c%4KStF_-82DE&HtNbdW+hGLMH!3msIqm8Q@kQ zDaL}~oVsX810rGtpe9*dag?AogF8peCCR+8 z&9ro7De0C`)@86N(V0qfCa2nn3bkApjQ)WffpR%5!tYUJlaZ;9=M*!gSA0!pv!=Nt ztt|POc-Mr`BHq$WCt72$A|c5NN4%bBBqBtMrdNIDGsLO!7daFI0X+6tz0i9nJ+^~t9f{V2;%ZhPO{4i-4#CYP@X9>(vz2n@fq^G zV%h&U^3MRkH{X2oGZIFu!6&oyttq$jfCGad@MbKi?<4okx1Sjj0V72`)&uf5`YdLQ zF2Nh+mQ&j?z#O=AN#10Zixg`ZdMC((_u3|6>2(C2BN~XL_%O3lSM5J56MI(fCYd~* z!zkgnUb-q1W~GeJBP~?eRFGG4cBVJS{_SnCN?FdR&1B@xD5w%|&p`wti?@ulvA>r z-f`g@d|RZs_<_Gliu1HQev>K2+H8M>NrX@3=*lQqL8Xe~d0|qEWUQd~`4;>}^wzKT zlE|aK1kGjZJ-@rF4^?I@RS(Z`A@{rE2U+_k@duevebe!StnCB99L*`auW1)m$~I-_ zQ-Js;M5q>A zww1QA?)>lYD0lzAb7=MU@jp9(18@O_K#Xu8D2QG=Sk4dulK^`zCR5-;=N3*8H=B(E za5ckReO8l$&@lm~9-Tzqd`za_1BN^(@B)RIi?!#FxDo?F)6nA#zVX9+#>fRrEN0;U zeQN?~jRQ);rjjV&BL+N7klAdQC*$8kADu)pr1Lo?;Nx%%T+Dd0VNS7VM?a!LG#lpR zPu7lpB#&m(cKCntfG~*Q)@+2$;spmxV7S0Ee`_|HjRQiLF`BR!T+-aQGvz-?fS_QC z#VnWrj)fEu@u;GvF1m|GMu}ccwwl2O0vyf}SVX6wYOs(4F~j_?#jJbS!yfjqMfkq} P00960-HaQ^0ImQ4)8X`; diff --git a/profisee-platform/Chart.yaml b/profisee-platform/Chart.yaml index 2040123f..5f17dbec 100644 --- a/profisee-platform/Chart.yaml +++ b/profisee-platform/Chart.yaml @@ -3,4 +3,4 @@ appVersion: 1.16.0 description: A Helm chart for Profisee Platform on Kubernetes name: profisee-platform type: application -version: 0.1.25 +version: 0.1.24 diff --git a/profisee-platform/templates/secret-purview.yaml b/profisee-platform/templates/secret-purview.yaml index 1eb87ffe..2009a38c 100644 --- a/profisee-platform/templates/secret-purview.yaml +++ b/profisee-platform/templates/secret-purview.yaml @@ -5,8 +5,9 @@ type: Opaque metadata: name: profisee-purview data: - ProfiseePurviewUrl: {{.Values.cloud.azure.purview.url | b64enc | quote}} ProfiseePurviewTenantId: {{.Values.cloud.azure.purview.tenantId | b64enc | quote}} + ProfiseePurviewUrl: {{.Values.cloud.azure.purview.url | b64enc | quote}} + ProfiseePurviewCollectionId: {{.Values.cloud.azure.purview.collectionId | b64enc | quote}} ProfiseePurviewClientId: {{.Values.cloud.azure.purview.clientId | b64enc | quote}} ProfiseePurviewClientSecret: {{.Values.cloud.azure.purview.clientSecret | b64enc | quote}} {{- end }} diff --git a/profisee-platform/templates/statefullset-profisee.yaml b/profisee-platform/templates/statefullset-profisee.yaml index fbb2da02..433cf028 100644 --- a/profisee-platform/templates/statefullset-profisee.yaml +++ b/profisee-platform/templates/statefullset-profisee.yaml @@ -128,6 +128,11 @@ spec: secretKeyRef: name: profisee-purview key: ProfiseePurviewUrl + - name: ProfiseePurviewCollectionId + valueFrom: + secretKeyRef: + name: profisee-purview + key: ProfiseePurviewCollectionId - name: ProfiseePurviewTenantId valueFrom: secretKeyRef: diff --git a/profisee-platform/values.yaml b/profisee-platform/values.yaml index f24f355d..a0f45130 100644 --- a/profisee-platform/values.yaml +++ b/profisee-platform/values.yaml @@ -84,11 +84,11 @@ cloud: name: "" clientId: "" purview: - tenantId: "$AZURETENANTID" - clientId: "$CLIENTID" - clientSecret: "$OIDCCLIENTSECRET" - instanceName: "$PURVIEWINSTANCENAME" - baseUrl: "$PURVIEWBASEURL" + tenantId: "$PURVIEWTENANTID" + url: "$PURVIEWURL" + collectionId: "$PURVIEWCOLLECTIONID" + clientId: "$PURVIEWCLIENTID" + clientSecret: "$PURVIEWCLIENTSECRET" aws: isProvider: false ebsVolumeId: "" From ba3b3952d1a205834d5047d1f08b066a4e4e0b92 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Mon, 20 Feb 2023 11:43:29 -0500 Subject: [PATCH 116/141] Updated to match dev --- Azure-ARM/README.md | 31 +++++++++++++++++++++- Azure-ARM/azuredeploy.parameters.json | 2 +- Azure-ARM/createUIDefinition.json | 38 +++++++-------------------- Azure-ARM/deployprofisee.sh | 2 +- Azure-ARM/nginxSettings.yaml | 31 +++++++++++----------- Azure-ARM/prereqcheck.sh | 14 +++++----- 6 files changed, 63 insertions(+), 55 deletions(-) diff --git a/Azure-ARM/README.md b/Azure-ARM/README.md index fb39f20b..b3ae264f 100644 --- a/Azure-ARM/README.md +++ b/Azure-ARM/README.md @@ -1,11 +1,12 @@ # DEVELOPMENT. INTERNAL USE ONLY +# Deploying Profisee Platform on AKS using the ARM template ## Prerequisites Please **DO** review the guide and links below **before** you run the Azure ARM template. We have a pre-requisites script that runs before the deployment to check on the permissions needed. -Click [here](https://support.profisee.com/wikis/2022_r1_support/deploying_the_AKS_cluster_with_the_arm_template) for a detailed deployment guide for Profisee ver. 2022R1 and [here](https://support.profisee.com/lms/courseinfo?id=00u00000000002b00aM&mode=browsecourses) for video training course and slide deck. +Click [here](https://support.profisee.com/wikis/2022_r2_support/deploying_the_AKS_cluster_with_the_arm_template) for a detailed deployment guide for Profisee ver. 2022R2 and [here](https://support.profisee.com/lms/courseinfo?id=00u00000000002b00aM&mode=browsecourses) for video training course and slide deck. Here's **what** you will need. You will need a license tied to the DNS URL that will be used by the environment (ex. customer.eastus2.cloudapp.azure.com OR YourOwnEnvironment.Customer.com) This license can be acquired from [Profisee Support](https://support.profisee.com/aspx/ProfiseeCustomerHome). @@ -28,8 +29,36 @@ Here's **how** it will be deployed. You must have a Managed Identity created to 6. **Purview Integration requirements**. If Profisee will be configured to integrate with Microsoft Purview, a Purview specific Application Registration will need to be created and have the **Collections Admin** and **Data Curator Role** assigned in the Purview account. It will also have to be assigned the User.Read **delegated** permission as well as the User.Read.All, Group.Read.All and GroupMember.Read.All **application** permissions (these 3 required Global Admin consent). During the ARM template deployment you will now have to provide the Purview collection friendly name, as seen in the Purview web portal, regardless if this is a sub-collection or the root collection of Purview. +## Upgrade instructions +For customers upgrading **from** v2022**R1** and earlier. There are two changes that require careful consideration: +1. Purview Collections integration necessitated changes in the ARM template, container and deployment templates. Please **DO** review the upgrade instructions posted below **before** you start the upgrade process. +2. History tables improvements - you will need to run this immediately **after** the upgrade to 2022**R2**, one time **only**. + +Please read through the upgrade instructions both here and in our Support portal and prepare for the upgrade process. The instructions below are combined for both Purview Collections and the History table improvements. + +For customers who do **NOT** use Purview. +1. Connect to your cluster from the Azure portal or powershell. For customers running Private PaaS please connect to your jumpbox first, then connect via powershell or Lens. +2. Run the following commands (if you do not have the repo added that would be the first step): +helm -n profisee repo add profisee https://profiseedev.github.io/kubernetes +helm repo update +helm upgrade -n profisee profiseeplatform profisee/profisee-platform --reuse-values --set image.tag=2022r2.0 +kubectl logs -n profisee profisee-0 -f #this will allow you to follow the upgrade as it is happening +3. This will upgrade your installation to version 2022r2.0 while keeping the rest of the values. +4. To run the Histroy tables upgrade please follow the steps as outlined [here](https://support.profisee.com/wikis/release_notes/upgrade_considerations_and_prerequisites) +For customers who **DO** use Purview. +1. Connect to your cluster from the Azure portal or powershell. For customers running Private PaaS please connect to your jumpbox first, then connect via powershell or Lens. +2. Locate your Purview collection Id by visiting your MS Purview Governance Portal. Go to the collection where you would like Profisee to deploy to. Your URL will look like so: web.purview.azure.com/resource/**YourPurviewAccountName**/main/datasource/collections?collection=**ThisIsTheCollectionId**&feature.tenant=**YourAzureTenantId** +3. Run the following commands (if you do not have the repo added that would be the first step): +helm -n profisee repo add profisee https://profiseedev.github.io/kubernetes +helm repo update +helm upgrade -n profisee profiseeplatform profisee/profisee-platform --reuse-values --set cloud.azure.purview.collectionId=YourCollectionId --set image.tag=2022r2.0 +kubectl logs -n profisee profisee-0 -f #this will allow you to follow the upgrade as it is happening +4. This will upgrade your installation to version 2022r2.0 and provide the required collection Id while keeping the rest of the values. Failure to provide the collection Id would result in a failed upgrade. +5. To run the Histroy tables upgrade please follow the steps as outlined [here](https://support.profisee.com/wikis/release_notes/upgrade_considerations_and_prerequisites) + + ## Deployment steps [![Deploy to Azure](https://aka.ms/deploytoazurebutton)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2Fprofiseeadmin%2Fkubernetes%2Fmaster%2FAzure-ARM%2Fazuredeploy.json/createUIDefinitionUri/https%3A%2F%2Fraw.githubusercontent.com%2Fprofiseeadmin%2Fkubernetes%2Fmaster%2FAzure-ARM%2FcreateUIDefinition.json) diff --git a/Azure-ARM/azuredeploy.parameters.json b/Azure-ARM/azuredeploy.parameters.json index 51957084..8095c84d 100644 --- a/Azure-ARM/azuredeploy.parameters.json +++ b/Azure-ARM/azuredeploy.parameters.json @@ -3,7 +3,7 @@ "contentVersion": "1.0.0.0", "parameters": { "ProfiseeVersion": { - "value": "profiseeplatform:2022r1.0" + "value": "profiseeplatform:2022r2.0" }, "ProfiseeAdminUserAccount": { "value": "" diff --git a/Azure-ARM/createUIDefinition.json b/Azure-ARM/createUIDefinition.json index c562f78a..49d248fa 100644 --- a/Azure-ARM/createUIDefinition.json +++ b/Azure-ARM/createUIDefinition.json @@ -50,7 +50,7 @@ "options": { "icon": "Info", "text": "Click here to learn how Profisee uses Managed Identities.", - "uri": "https://support.profisee.com/wikis/2022_r1_support/planning_your_managed_identity_configuration" + "uri": "https://support.profisee.com/wikis/2022_r2_support/planning_your_managed_identity_configuration" } } ], @@ -97,23 +97,11 @@ "name": "ProfiseeVersion", "type": "Microsoft.Common.DropDown", "label": "Profisee version", - "defaultValue": "2022R1.0", + "defaultValue": "2022R2.0", "toolTip": "Which release of the Profisee Platform to deploy.", "constraints": { "required": true, "allowedValues": [ - { - "label": "2020R1.0", - "value": "profiseeplatform:2020r1.0" - }, - { - "label": "2020R1.1", - "value": "profiseeplatform:2020r1.1" - }, - { - "label": "2020R2.0", - "value": "profiseeplatform:2020r2.0" - }, { "label": "2021R1.0", "value": "profiseeplatform:2021r1.0" @@ -130,10 +118,6 @@ "label": "2021R3.0", "value": "profiseeplatform:2021r3.0" }, - { - "label": "2021R3.0.saas", - "value": "profiseeplatform:2021r3.0.saas" - }, { "label": "2022R1.0", "value": "profiseeplatform:2022r1.0" @@ -143,16 +127,12 @@ "value": "profiseeplatform:2022r1-126062" }, { - "label": "2022R2.preview", - "value": "profiseeplatform:2022r2.preview" - }, - { - "label": "2022R2.preview-history", - "value": "profiseeplatform:2022r2.preview-history" + "label": "2022R2.0", + "value": "profiseeplatform:2022r2.0" }, { - "label": "2022R2.preview-matching", - "value": "profiseeplatform:2022r2.preview-matching" + "label": "2023R1.preview", + "value": "profiseeplatform:2023r1.preview" } ] }, @@ -208,7 +188,7 @@ "type": "Microsoft.Common.OptionsGroup", "label": "Create a new Azure AD application registration for you?", "defaultValue": "Yes, create and configure it for me.", - "toolTip": "An Azure AD application registration will be used for authentication via ID tokens. For more information please visit https://support.profisee.com/wikis/2022_r1_support/deploying_the_AKS_cluster_with_the_arm_template.", + "toolTip": "An Azure AD application registration will be used for authentication via ID tokens. For more information please visit https://support.profisee.com/wikis/2022_r2_support/deploying_the_AKS_cluster_with_the_arm_template.", "constraints": { "allowedValues": [ { @@ -264,7 +244,7 @@ ], "required": true }, - "visible": "[or(equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2021r2.0'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2021r2.1'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2021r3.0'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r1.preview'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r1.0'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r1-126062'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r2.preview'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r2.preview-history'))]" + "visible": "[or(equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2021r2.0'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2021r2.1'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2021r3.0'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r1.0'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r1-126062'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r2.0'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2023r1.preview'))]" }, { "name": "PurviewAccountName", @@ -300,7 +280,7 @@ "regex": "", "validationMessage": "" }, - "visible": "[and(equals(steps('profisee').UsePurview,'Yes'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r2.preview'))]" + "visible": "[and(equals(steps('profisee').UsePurview,'Yes'), or(equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2022r2.0'), equals(steps('profisee').ProfiseeVersion, 'profiseeplatform:2023r1.preview')))]" }, { "name": "PurviewClientID", diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index d31ecc08..be58ca76 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -406,7 +406,7 @@ echo "The variables will now be set in the Settings.yaml file" FILEREPOUSERNAME="Azure\\\\\\\\${STORAGEACCOUNTNAME}" FILEREPOURL="\\\\\\\\\\\\\\\\${STORAGEACCOUNTNAME}.file.core.windows.net\\\\\\\\${STORAGEACCOUNTFILESHARENAME}" -#PROFISEEVERSION looks like this profiseeplatform:2022R1.0 +#PROFISEEVERSION looks like this profiseeplatform:2022R2.0 #The repository name is profiseeplatform, it is everything to the left of the colon sign : #The label is everything to the right of the : diff --git a/Azure-ARM/nginxSettings.yaml b/Azure-ARM/nginxSettings.yaml index ae3a5028..eb780f45 100644 --- a/Azure-ARM/nginxSettings.yaml +++ b/Azure-ARM/nginxSettings.yaml @@ -1,29 +1,28 @@ controller: - extraArgs: - default-ssl-certificate: profisee/profisee-tls-ingress - nodeSelector: - kubernetes.io/os: linux - replicaCount: 1 admissionWebhooks: patch: nodeSelector: kubernetes.io/os: linux config: + client-header-buffer-size: 512k + client_body_buffer_size: 512k + http2-max-field-size: 16k + http2-max-header-size: 512k + large-client-header-buffers: 32 512k + proxy-buffer-size: 512k proxy-buffering: "off" - proxy-buffer-size: "512k" + proxy-buffers: 32 512k + proxy-busy-buffers-size: 512k proxy-connect-timeout: "5400" - proxy-send-timeout: "5400" - proxy-read-timeout: "5400" proxy-next-upstream: "off" + proxy-read-timeout: "5400" proxy-request-buffering: "off" - proxy-buffers: "32 512k" - proxy-busy-buffers-size: "512k" - client_body_buffer_size: "512k" - client-header-buffer-size: "512k" - http2-max-field-size: "16k" - http2-max-header-size: "512k" - large-client-header-buffers: "32 512k" - + proxy-send-timeout: "5400" + extraArgs: + default-ssl-certificate: profisee/profisee-tls-ingress + nodeSelector: + kubernetes.io/os: linux + replicaCount: 1 defaultBackend: nodeSelector: kubernetes.io/os: linux diff --git a/Azure-ARM/prereqcheck.sh b/Azure-ARM/prereqcheck.sh index fcd66871..53e09d28 100644 --- a/Azure-ARM/prereqcheck.sh +++ b/Azure-ARM/prereqcheck.sh @@ -70,7 +70,7 @@ if [ -z "$subscriptionContributor" ]; then #Deployment MAnaged Identity is not granted Contributor at Subscription level, checking Resource Group level. rgContributor=$(az role assignment list --all --assignee $currentIdentityId --output json --include-inherited --query "[?roleDefinitionName=='Contributor' && scope=='/subscriptions/$SUBSCRIPTIONID/resourceGroups/$RESOURCEGROUPNAME'].roleDefinitionName" --output tsv) if [ -z "$rgContributor" ]; then - err="Role is NOT assigned at either Subscription or Resource Group level. Exiting with error. Please assign the Contributor role to the Deployment Managed Identity at either Subscription or Resource Group level. Please visit https://support.profisee.com/wikis/2022_r1_support/planning_your_managed_identity_configuration for more information." + err="Role is NOT assigned at either Subscription or Resource Group level. Exiting with error. Please assign the Contributor role to the Deployment Managed Identity at either Subscription or Resource Group level. Please visit https://support.profisee.com/wikis/2022_r2_support/planning_your_managed_identity_configuration for more information." echo $err set_resultAndReturn; else @@ -82,7 +82,7 @@ if [ -z "$subscriptionContributor" ]; then echo "Is the Deployment Managed Identity assigned the DNS Zone Contributor role to the DNS zone itself?" dnsznContributor=$(az role assignment list --all --assignee $currentIdentityId --output json --include-inherited --query "[?roleDefinitionName=='DNS Zone Contributor' && scope=='/subscriptions/$SUBSCRIPTIONID/resourceGroups/$DOMAINNAMERESOURCEGROUP/providers/Microsoft.Network/dnszones/$DNSDOMAINNAME'].roleDefinitionName" --output tsv) if [ -z "$dnsznContributor" ]; then - err="Role is NOT assigned. Exiting with error. Please assign the DNS Zone Contributor role to the Deployment Managed Identity for the DNS zone you want updated. Please visit https://support.profisee.com/wikis/2022_r1_support/planning_your_managed_identity_configuration for more information." + err="Role is NOT assigned. Exiting with error. Please assign the DNS Zone Contributor role to the Deployment Managed Identity for the DNS zone you want updated. Please visit https://support.profisee.com/wikis/2022_r2_support/planning_your_managed_identity_configuration for more information." echo $err set_resultAndReturn; else @@ -116,22 +116,22 @@ if [ "$USEPURVIEW" = "Yes" ]; then #Check if User.Read permission has been granted to the Purview specific Azure Application Registration. if [[ $purviewClientPermissions != *"e1fe6dd8-ba31-4d61-89e7-88639da4683d"* ]]; then - echo "The Purview Azure AD application registration is missing the Microsoft Graph API User.Read delegated permission. Some governance features may not function until this permission is granted. This permission might require an Azure AD Global Admin consent. Please visit https://support.profisee.com/wikis/2022_r1_support/prerequisites_for_integrating_with_purview for more information. " + echo "The Purview Azure AD application registration is missing the Microsoft Graph API User.Read delegated permission. Some governance features may not function until this permission is granted. This permission might require an Azure AD Global Admin consent. Please visit https://support.profisee.com/wikis/2022_r2_support/prerequisites_for_integrating_with_purview for more information. " fi #Check if User.Read.All permission has been granted to the Purview specific Azure Application Registration. if [[ $purviewClientPermissions != *"df021288-bdef-4463-88db-98f22de89214"* ]]; then - echo "The Purview Azure AD application registration is missing the Microsoft Graph API User.Read.All application permission. Some governance features will not function until this permission is granted. This permission requires an Azure AD Global Admin consent. Please visit https://support.profisee.com/wikis/2022_r1_support/prerequisites_for_integrating_with_purview for more information." + echo "The Purview Azure AD application registration is missing the Microsoft Graph API User.Read.All application permission. Some governance features will not function until this permission is granted. This permission requires an Azure AD Global Admin consent. Please visit https://support.profisee.com/wikis/2022_r2_support/prerequisites_for_integrating_with_purview for more information." fi #Check if Group.Read.All permission has been granted to the Purview specific Azure Application Registration. if [[ $purviewClientPermissions != *"5b567255-7703-4780-807c-7be8301ae99b"* ]]; then - echo "The Purview Azure AD application registration is missing the Microsoft Graph API Group.Read.All application permission. Some governance features will not function until this permission is granted. This permission requires an Azure AD Global Admin consent. Please visit https://support.profisee.com/wikis/2022_r1_support/prerequisites_for_integrating_with_purview for more information." + echo "The Purview Azure AD application registration is missing the Microsoft Graph API Group.Read.All application permission. Some governance features will not function until this permission is granted. This permission requires an Azure AD Global Admin consent. Please visit https://support.profisee.com/wikis/2022_r2_support/prerequisites_for_integrating_with_purview for more information." fi #Check if GroupMember.Read.All permission has been granted to the Purview specific Azure Application Registration. if [[ $purviewClientPermissions != *"98830695-27a2-44f7-8c18-0c3ebc9698f6"* ]]; then - echo "The Purview Azure AD application registration is missing the Microsoft Graph API GroupMember.Read.All application permission. Some governance features will not function until this permission is granted. This permission requires an Azure AD Global Admin consent. Please visit https://support.profisee.com/wikis/2022_r1_support/prerequisites_for_integrating_with_purview for more information." + echo "The Purview Azure AD application registration is missing the Microsoft Graph API GroupMember.Read.All application permission. Some governance features will not function until this permission is granted. This permission requires an Azure AD Global Admin consent. Please visit https://support.profisee.com/wikis/2022_r2_support/prerequisites_for_integrating_with_purview for more information." fi #Check if the provided Purview Collection name exists. #Acquire token @@ -178,7 +178,7 @@ if [ "$UPDATEAAD" = "Yes" ]; then appDevRoleId=$(az rest --method get --url https://graph.microsoft.com/v1.0/directoryRoles/ | jq -r '.value[] | select(.displayName == "Application Administrator").id') minameinrole=$(az rest --method GET --uri "https://graph.microsoft.com/beta/directoryRoles/$appDevRoleId/members" | jq -r '.value[] | select(.displayName | contains("'"$miname"'")).displayName') if [ -z "$minameinrole" ]; then - err="The Deployment Managed Identity is NOT assigned the Application Administrator role in Azure Active Directory. Exiting with error. This role is required so that the Deployment Managed Identity can create the Azure AD Application registration. For more information please visit https://support.profisee.com/wikis/2022_r1_support/planning_your_managed_identity_configuration." + err="The Deployment Managed Identity is NOT assigned the Application Administrator role in Azure Active Directory. Exiting with error. This role is required so that the Deployment Managed Identity can create the Azure AD Application registration. For more information please visit https://support.profisee.com/wikis/2022_r2_support/planning_your_managed_identity_configuration." echo $err set_resultAndReturn; else From 1932f4d43d633c803557447fb94f5340170d2d70 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Wed, 15 Mar 2023 16:10:23 -0400 Subject: [PATCH 117/141] prevent base64 wrapping at 76 chars, fix logic bug in deployment and switch to LTS for dotnet install base64 wraps at char 76 and introduces a white space in the encoded value, assuming it's long enough. This, while rare, will result in an: unmatched "/" error when sed is used to replace the auth value. It then breaks pulling from ACR as the ACR creds are missing the auth (it remained as $auth). This will disable wrapping, thus eliminating that possibility. Fix bug in logic for Profisee deployment, switch to LTS for dotnet install --- Azure-ARM/deployprofisee.sh | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index be58ca76..71fc9ad0 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -40,7 +40,7 @@ curl -fsSL -o dotnet-install.sh https://dot.net/v1/dotnet-install.sh #Set permisssions for installation script. chmod 755 ./dotnet-install.sh #Install dotnet. -./dotnet-install.sh -c Current +./dotnet-install.sh -c LTS echo $"Installation of dotnet core finished."; #Downloadind and extracting Proisee license reader. @@ -301,7 +301,7 @@ echo $"Correction of TLS variables finished."; #Installation of Profisee platform echo $"Installation of Profisee platform statrted."; #Configure Profisee helm chart settings -auth="$(echo -n "$ACRUSER:$ACRUSERPASSWORD" | base64)" +auth="$(echo -n "$ACRUSER:$ACRUSERPASSWORD" | base64 -w0)" sed -i -e 's/$ACRUSER/'"$ACRUSER"'/g' Settings.yaml sed -i -e 's/$ACRPASSWORD/'"$ACRUSERPASSWORD"'/g' Settings.yaml sed -i -e 's/$ACREMAIL/'"support@profisee.com"'/g' Settings.yaml @@ -506,11 +506,9 @@ if [ "$profiseepresent" = "profiseeplatform" ]; then helm -n profisee uninstall profiseeplatform; echo "Will sleep for 30 seconds to allow clean uninstall." sleep 30; -else +fi echo "Profisee is not installed, proceeding to install it." helm -n profisee install profiseeplatform profisee/profisee-platform --values Settings.yaml - -fi kubectl delete secret profisee-deploymentlog -n profisee --ignore-not-found kubectl create secret generic profisee-deploymentlog -n profisee --from-file=$logfile From 000b4d9a976c7b045961c8d5728f89d01fd0ca2c Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Tue, 21 Mar 2023 12:25:15 -0400 Subject: [PATCH 118/141] revert change busybox (alpine) does not support wrapping --- Azure-ARM/deployprofisee.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index 71fc9ad0..7c9658e1 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -301,7 +301,7 @@ echo $"Correction of TLS variables finished."; #Installation of Profisee platform echo $"Installation of Profisee platform statrted."; #Configure Profisee helm chart settings -auth="$(echo -n "$ACRUSER:$ACRUSERPASSWORD" | base64 -w0)" +auth="$(echo -n "$ACRUSER:$ACRUSERPASSWORD" | base64 )" sed -i -e 's/$ACRUSER/'"$ACRUSER"'/g' Settings.yaml sed -i -e 's/$ACRPASSWORD/'"$ACRUSERPASSWORD"'/g' Settings.yaml sed -i -e 's/$ACREMAIL/'"support@profisee.com"'/g' Settings.yaml From 3b905efb6d79ec5c60fb00da97e0c22f00fa4b4a Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Wed, 22 Mar 2023 14:35:57 -0400 Subject: [PATCH 119/141] updated to 2.46.0 azure cli container --- Azure-ARM/azuredeploy.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Azure-ARM/azuredeploy.json b/Azure-ARM/azuredeploy.json index ed71a180..7078998f 100644 --- a/Azure-ARM/azuredeploy.json +++ b/Azure-ARM/azuredeploy.json @@ -246,7 +246,7 @@ "identity": "[variables('ManagedIdentity')]", "properties": { "forceUpdateTag": "[parameters('NewGuid')]", - "azCliVersion": "2.26.0", + "azCliVersion": "2.46.0", "timeout": "PT1H", "cleanupPreference": "OnExpiration", "retentionInterval": "P1D", @@ -614,7 +614,7 @@ "identity": "[variables('ManagedIdentity')]", "properties": { "forceUpdateTag": "1", - "azCliVersion": "2.26.0", + "azCliVersion": "2.46.0", "timeout": "PT1H", "cleanupPreference": "OnExpiration", "retentionInterval": "P1D", From 9cc27a47965efa4f0317835fc04196c32af8dc89 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Wed, 22 Mar 2023 14:36:41 -0400 Subject: [PATCH 120/141] re-added wrapping of base64 for azure cli 2.46.0 --- Azure-ARM/deployprofisee.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index 7c9658e1..71fc9ad0 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -301,7 +301,7 @@ echo $"Correction of TLS variables finished."; #Installation of Profisee platform echo $"Installation of Profisee platform statrted."; #Configure Profisee helm chart settings -auth="$(echo -n "$ACRUSER:$ACRUSERPASSWORD" | base64 )" +auth="$(echo -n "$ACRUSER:$ACRUSERPASSWORD" | base64 -w0)" sed -i -e 's/$ACRUSER/'"$ACRUSER"'/g' Settings.yaml sed -i -e 's/$ACRPASSWORD/'"$ACRUSERPASSWORD"'/g' Settings.yaml sed -i -e 's/$ACREMAIL/'"support@profisee.com"'/g' Settings.yaml From 8aac4529617df45de0d0d458cef6ba8dd42426c0 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Wed, 22 Mar 2023 14:51:14 -0400 Subject: [PATCH 121/141] revert to 2.45.0 azure cli as 2.46.0 is not avail yet --- Azure-ARM/azuredeploy.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Azure-ARM/azuredeploy.json b/Azure-ARM/azuredeploy.json index 7078998f..83506770 100644 --- a/Azure-ARM/azuredeploy.json +++ b/Azure-ARM/azuredeploy.json @@ -246,7 +246,7 @@ "identity": "[variables('ManagedIdentity')]", "properties": { "forceUpdateTag": "[parameters('NewGuid')]", - "azCliVersion": "2.46.0", + "azCliVersion": "2.45.0", "timeout": "PT1H", "cleanupPreference": "OnExpiration", "retentionInterval": "P1D", @@ -614,7 +614,7 @@ "identity": "[variables('ManagedIdentity')]", "properties": { "forceUpdateTag": "1", - "azCliVersion": "2.46.0", + "azCliVersion": "2.45.0", "timeout": "PT1H", "cleanupPreference": "OnExpiration", "retentionInterval": "P1D", From 02b3da61e588dee25ba374358b0e21cd59493b28 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Wed, 22 Mar 2023 20:18:01 -0400 Subject: [PATCH 122/141] update for azure cli 2.45.0 --- Azure-ARM/deployprofisee.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index 71fc9ad0..936ae100 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -325,7 +325,7 @@ if [ "$UPDATEAAD" = "Yes" ]; then echo $"azureAppReplyUrl is $azureAppReplyUrl"; echo "Creation of the Azure Active Directory application registration started." - CLIENTID=$(az ad app create --display-name $azureClientName --reply-urls $azureAppReplyUrl --query 'appId' -o tsv); + CLIENTID=$(az ad app create --display-name $azureClientName --web-redirect-uris $azureAppReplyUrl --query 'appId' -o tsv); echo $"CLIENTID is $CLIENTID"; if [ -z "$CLIENTID" ]; then echo $"CLIENTID is null fetching"; @@ -352,7 +352,7 @@ if [ "$UPDATEAAD" = "Yes" ]; then echo "Update of the application registration's permissions, step 1 finished." echo "Update of the application registration's permissions, step 2 started." - az ad app permission grant --id $CLIENTID --api 00000003-0000-0000-c000-000000000000 + az ad app permission grant --id $CLIENTID --api 00000003-0000-0000-c000-000000000000 --scope User.Read echo "Update of the application registration's permissions, step 2 finished." echo "Update of Azure Active Directory finished."; fi From e0273f929095437d13900305a2be52c460e31eaa Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Thu, 23 Mar 2023 11:25:34 -0400 Subject: [PATCH 123/141] ui bug fix --- Azure-ARM/createUIDefinition.json | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/Azure-ARM/createUIDefinition.json b/Azure-ARM/createUIDefinition.json index 49d248fa..9ddada86 100644 --- a/Azure-ARM/createUIDefinition.json +++ b/Azure-ARM/createUIDefinition.json @@ -183,6 +183,20 @@ }, "visible": "[equals(steps('profisee').UseKeyVault,'Yes')]" }, + { + "name": "ProfiseeWebAppName", + "type": "Microsoft.Common.TextBox", + "label": "Web app name", + "defaultValue": "profisee", + "placeholder": "", + "toolTip": "https://host.domain.com/{webAppName}", + "constraints": { + "required": true, + "regex": "", + "validationMessage": "" + }, + "visible": true + }, { "name": "ActiveDirectoryCreateApp", "type": "Microsoft.Common.OptionsGroup", @@ -309,20 +323,6 @@ "validationMessage": "" }, "visible": "[equals(steps('profisee').UsePurview,'Yes')]" - }, - { - "name": "ProfiseeWebAppName", - "type": "Microsoft.Common.TextBox", - "label": "Web app name", - "defaultValue": "profisee", - "placeholder": "", - "toolTip": "https://host.domain.com/{webAppName}", - "constraints": { - "required": true, - "regex": "", - "validationMessage": "" - }, - "visible": true } ] }, From 969f8f1a81289817eab6f0f47c0d95b3f2fb0ea7 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Thu, 23 Mar 2023 13:48:57 -0400 Subject: [PATCH 124/141] add option to enable ID_Tokens --- Azure-ARM/deployprofisee.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index 936ae100..f11931cb 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -325,7 +325,7 @@ if [ "$UPDATEAAD" = "Yes" ]; then echo $"azureAppReplyUrl is $azureAppReplyUrl"; echo "Creation of the Azure Active Directory application registration started." - CLIENTID=$(az ad app create --display-name $azureClientName --web-redirect-uris $azureAppReplyUrl --query 'appId' -o tsv); + CLIENTID=$(az ad app create --display-name $azureClientName --web-redirect-uris $azureAppReplyUrl --enable-id-token-issuance --query 'appId' -o tsv); echo $"CLIENTID is $CLIENTID"; if [ -z "$CLIENTID" ]; then echo $"CLIENTID is null fetching"; From 468e549e1c58ad65c49225c81c00cb51bd7a768b Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Thu, 23 Mar 2023 17:16:06 -0400 Subject: [PATCH 125/141] add groups support for oidc --- Azure-ARM/Settings.yaml | 1 + profisee-platform/templates/configmap-profisee.yaml | 1 + profisee-platform/values.yaml | 1 + 3 files changed, 3 insertions(+) diff --git a/Azure-ARM/Settings.yaml b/Azure-ARM/Settings.yaml index bb513fbc..9631a217 100644 --- a/Azure-ARM/Settings.yaml +++ b/Azure-ARM/Settings.yaml @@ -28,6 +28,7 @@ profiseeRunTime: firstNameClaim: "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" lastNameClaim: "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" emailClaim: "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" + groupsClaim: "groups" clusterNodeCount: 1 clusterNode: limits: diff --git a/profisee-platform/templates/configmap-profisee.yaml b/profisee-platform/templates/configmap-profisee.yaml index bcb3bb5c..7f7b7a3b 100644 --- a/profisee-platform/templates/configmap-profisee.yaml +++ b/profisee-platform/templates/configmap-profisee.yaml @@ -25,3 +25,4 @@ data: ProfiseeOidcFirstNameClaim: {{.Values.profiseeRunTime.oidc.firstNameClaim|quote}} ProfiseeOidcLastNameClaim: {{.Values.profiseeRunTime.oidc.lastNameClaim|quote}} ProfiseeOidcEmailClaim: {{.Values.profiseeRunTime.oidc.emailClaim|quote}} + ProfiseeOidcGroupsClaim: {{.Values.profiseeRunTime.oidc.groupsClaim|quote}} diff --git a/profisee-platform/values.yaml b/profisee-platform/values.yaml index a0f45130..2a8158e5 100644 --- a/profisee-platform/values.yaml +++ b/profisee-platform/values.yaml @@ -28,6 +28,7 @@ profiseeRunTime: firstNameClaim: "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" lastNameClaim: "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" emailClaim: "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" + groupsClaim: "groups" clusterNodeCount: 1 clusterNode: limits: From 54cce3fdcc0297514963770506dcedfbc27b821e Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Thu, 23 Mar 2023 17:19:21 -0400 Subject: [PATCH 126/141] added support for groups --- index.yaml | 4 ++-- profisee-platform-0.1.25.tgz | Bin 0 -> 5825 bytes profisee-platform/Chart.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) create mode 100644 profisee-platform-0.1.25.tgz diff --git a/index.yaml b/index.yaml index 705e5015..18898c49 100644 --- a/index.yaml +++ b/index.yaml @@ -9,6 +9,6 @@ entries: name: profisee-platform type: application urls: - - https://profiseeadmin.github.io/kubernetes/profisee-platform-0.1.24.tgz - version: 0.1.24 + - https://profiseeadmin.github.io/kubernetes/profisee-platform-0.1.25.tgz + version: 0.1.25 generated: "2022-06-30T00:00:00.0-05:00" diff --git a/profisee-platform-0.1.25.tgz b/profisee-platform-0.1.25.tgz new file mode 100644 index 0000000000000000000000000000000000000000..af4a4aaeb69e7e77f714eb1c99cc5cc6ef5e46dc GIT binary patch literal 5825 zcmV;y7Cz}8iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PH<~bKAC(`CBvk4mde8Y2Q>7CChe)Z{FRxveM^?WBV*8y*JmJ z4n)EdYKmY0P>P%SKKl&_f&_nvq-0rcT5e`yn*bJzAG^RV77L$}JIoO3`Yz;mgf4oc zIi%cpfD8B4j=(fc^LRK6f10M5{b>#k2e10Wp?T6D_WNf4mDwL2_m5ryb5{hELBKeq zugoXcm2KQt0?@}F5oMTo7FZ5i(D&m%`$qrRFk22{HpM;Sy@>$UHu7_KAlW{y1F^*v|DNl-UQw)ULY&Rc!4+@ zdp3RWxdmQ-n2ayRx0CVZ=;mM7w=xrS7T7zrZ4!7~AU{2Oe|~v78eM(3yw&Qz!!Ei( zK4F*>`VdtRmX}2p3ZzolCSDQRE((E>8#^TK5W`Uau1-iq}Grg_vek9s&9H2%=DMKRVB z7&1uDou{Le-|jG?siCJVoVriLKf_DpW$1R{E-pgp1Q3#)>fn&sgC1 zq?5iRzXAX{BAs=t^jDEkL`*)L$f>xcV}%q5G1&R8D5H{wQN~yh7G@5oN0f8?{`CB! zIGdn9%60nT_Me?>p2yS&?XSmn%f&YG7AYX_b{J? zJ6@S#H2cRt+AW_jUYsHXTY@g?^)G7JqiVU!Mu_q_{q^m|WHi3H4O8Bshg8D5@xMe- z+a-Y$&6sdN;t7Y@H6=^zh*dk0u%WnlhaNt{z~vUWgD#6x?$zg{GZbT4;9wCj4yFj$ z6hV$0fIYzH2*7&=JmMfg5hDS$k>oZ2JqOI;QhbLFqQG|vwjbUwvGu=44@*&zJ_MSO zPK}j9D^im0ER@#F(sQy;?uTUc?PQX!lNC3W6m>ej6DmfoU^ElbpS@fSipU>D)6+>T zn8vD6wsjnNFyH1#`i!&=0SB^sumi|l-0e}uzk?g%A_mj|LB{aRLk=JuVE%VNiHiUy zU;(iQZho{t=RNe`3_0LD8eMSZBMLd89hsYn?BSqRWd9CyK4QuP=z{mqo?{Pz5%D<1 z(?BF^Q!c`B9?z%L%v)qq%lf)#qWA$_VzjafyY}_at)Hk@T_+t8GKByO-kdT-1KnYqPc zAXRu~BUxB63}~-Yr}O$BM+@;gV!cr4C^6B!Uv}g5VKe2h%KkGvK1%C?l910!MN-3G}p4~4Mj!wJ9e57;)X&*AxRw!C1&MffdOA)PVeKTT;lEno)KB^62 z$jBQYQLG=L5M6~l@%u{;+76*U|1a=!@&D1_ILrUXCyo7gFHp|^nWg=C#6U4KX7&w+ z$Q!cZ_Cg|yatjfWMe)@Oh}!%=#h!z`**4pN%Jtto$?*ShFzh${zYo~U`u~HRJ8Sqq ztgY)4ryH*|Q&m7?cBo@4*gQzx(G4w#Wk|a!)7QzcJBE$@&Dkk;s1TW zKG*+pF|g4#ppJyta9@#@9~&0_Y9&b}|4Vb69~l~K7c#b~0I1;q;o#WJ^1o0C8vfq{ zY`gwPR@yG(gd)Rc*!bMdalf>NDI?WL%$*GL>pOt^rT9zZXg{`Yg&D*rS?$&IS7b*f z;*ti$`g}yJkv0fNT;Gk5UZy=&xXZd&9&YN&#(nJCBAUuwmYk0(BX$>%kiN?ju~v^X zAT9S6;4TwIo)y1Mx#~|T$x1qheR8|%WJm9vD<6JR#}QBN63w!orB`_!O_D4X)T#rk z=cHC0QIt@tvXoF8ol86$p%MNpk+DqoU2KQk2Ps@2jwnk!GOmec=I?MCpv3><+lkRQ4E4a&%WwUS-T|uGb!8HLxX=?f)auix~?L-PZVDL;pWH zI?USt5Bp}b|KA5>R=SKYrjho-1X(S>MwEA@QcTlZ|B;+K=i%Hb-1NJMGbHh9dwyug z9-u7pOPzD>GppAVN!_J6FrbeOt#s%y<|yAmSvK?}vH%NwpHTjv@!Yk^LT2zOUP3Mu z9I2$-pu2eeFQ6}^hq%jRH`ER3GW)tmjZ_z`wC@XK%mUsFd!P01K5=d%MzhlXOPWC= z0gpInqKp%HpQuh+Eg`I90T+A0=Ss^&DgP7i4$l_Qe**8ns^gS4Dw&?tIH5ZLYMeSP*Q(@=E4*whUZd9gt49CiU|8f%g^{>a9z5!5-?I+F2e?6w; zD!`g~>>-iv8|s46aP%GV;jFR;=M_uxx$WJMM_w9 zy%Z5BPLt~c6?o!{25V-rz?S%JRv=Su0UONM1i$hjtW}51Tz_VYYCfc|I#kq?x)`y( zr$6Xd9crMA@~%htHgmn90%!U*#Co(Ba1*SlixBIPjO%SBZW4)Midigf^6bB%mT;pWup>3Z>^3O-<`0D$07C-9aZY7Ylk4g zEiWelhuHU0k$3TwLi*5yu8%!rh4LU@;yQ5MYvN-2!2+l53O+E9(tXKd0X-+vjxOj; zvDahs?B`C`?&Q9$=GaAmxd{2-@Ypo}4jck3@xO;UGM8Rv8M?i{7u#Nzt5g2ME zJr{c@t5Gimf@{d<7U=XA9`B_JOpD7P(byxU?bfbcL!HQ|;ab4(K*>~-bIUcpg^Ub(ha=h5D|3+5!b0N<@=cM@uJ;%8ay zaYX|c>DARVZ|T*95eC#2#)o{KY-lzcK|zBbZU=kc7=Qa#M}pkcL4KUCjs@-UvG*SW z-|G~@jAMqtC(VY}6y0I%6ln_Wdz9HHsJxlmN-GC@fR86u|LQoFe>fIgPz8y5JVPUnB66<4|(hM#=mu+Dd#$e7jn4s@dJ zO89&1lfp7ZLxB~R&-y0Fj7vnPVfqYlfoKJ}Jr}>Ym~oNirAOjrpp5_J5Oia+vI<+Z zsVJ!8|G{yV{|CqY#{RPxDE9xEMDE8$cV6Tnf#kzq8S%=kJGsfDc?ua>RJw{69x#N` z2>cGF$3x`Vjoz_)sKNht*hNV&y7=BteJN1I|A*Q5&x6C0qh|fz3)JC%b^WM}&(};6 zjoY8mF)Nl3;CHZv55!*?Hs^ok541!6A7uSM4o?o7^?xt$O#Gi*x2(DL4``Jc@peXjFg^T^D`|LdD(5z`Gj$iV)(3|;U>zWo6}<^JEy+5d-){=XlH z)_;%i&3(Y1A}``7CyA`k1CZ#*T z1$M>HsYz0x^>1~3uCePqJJjWW`TO(u{|rvD@&EdRVH5vjFR)YoS5b>fxPObwt&J3T zMySdEDiq^Z??P7ce?J@lyMNMe{Qvd>yX60Pl4uejzTdC2y#8cX+NSo>-SL-$8vGx< z!1QeTf4^^Lu;%w)>oJ#XzZwI~p9E^ie?8dqbHx8J4~N2vQ_7Wc{txfnJ$L*c^YAe5|9RM)|Lg_UF=iAXqI3yQqDVxSzoY08sjJ`m zdrpLM712XRoA^EoeCJcbiA`J!+>Wjbf&%7ns+Vz8nE9}ft^TmUCGpUohDVjxMrU#E}=b3QNvXd$!`i&^CZ!GwSU3qK+;OdR`Rpd?nxX0qeqO zt03B9AiFYAi=;@2SbR_>Vqz3}NdKmuX3f9DRq|HrW<@g&Q)%*3x2a-6^LPv6XljMQ znsAqE+&uI!mXZ+duBNIp8-H9y9~W7}pyLv4{L-2}P-`QL7dE7z@-VOXwBc=W@#jR9 zOPZOFw^`g#E4Fbr!4(_3ka2AP;1c_O!U;`B<&-^A_yX>V8EDEr$_!5WmC!pTgMoVd zj&0bC86h)w^8ufQf`MVik;l(4yH7R4cZ#1rjVhbjNVX&0@%3Bccuc-VX6c*&sXfm` z&(F%EcuE*-X{#k5e6PxFuYWKh`&>d&L-a;M=gSw6j!~o{8-d5iUO}RogW&Pe$|Z9+ z1CNiLOf3cPDuj?^bMX>+h>4M$rl%G9oO?d7_#FmmghS)3w40JsN-b^_0edN6P_6tQkpk5x2`G{PGzVJCEEAU1g`l)3GUUlU`AQJF6`6xA0*R5`ApN%M8O;WE!jO24xdg{7&7D{D& z7HKZSrh>ebvs1O%*3WPAS&AYOZzd!6MnRc)dk!Lyw|q;Cv8o~VSiFDGjF z3g+IL$Kw?&MGs`i0P%wQ4n5=vDIzBKLcR`VkJzszR)3d&_r&@I*o%qH(~%{%EFjJ9 zsb3o?r?esUXsp|^=Np@~VZgR(UG>=M*9v#vn#`rf(l!)RvYy^a?uGXq(wu)jzLerD zE!!_Ld7tauw=nh}FKt~B1#76(y}4hQ++tGJ(5?LBUzp}R8SDD_*%)=RKCa}_0+0DW z1kFW!n%$Kov6OYpE?(f=i)gkVr1iGgN@mFXhV2Jwoeh8mS`hkBQBGz`7p3S^fY>HP zs1lo#5tqypk~kqGqaW*m*D0?AO&gOvzg|r&igWwYrrlbQxBnY+W3X zj*c_&pZZ7UVPpT_3mkxJ$T^}O1DpUk>|ixV9+(E$b+9)BKD6)Q3^AkKIsmtG%m54g zkc~iSIsh}5Or1Fz?Vv5yY)ANt$gug3h%`az6k#!6wlhNzx|&m_YqP|0tU{{ z#)68-#N2Kf*g>!t6{6(VcFR~Yn>eWV#}W*A{*Q*+@L7LHbyV^HFzf%{AD%SlfBS)h zz;_@=z@9@Y!+V5sz_Te5`WWDI6ukijOrvjnZnq9N0X9XVkVxdS-#{0LHACVM#RK0Z zP%!%h@$LnYZ|;HIRBN}wV$p;H2IxA#Fn(^g+N}eRtRggFEx4d~_p>4X2?96)GtB3~ z6fn$%fQVWpi#q7DY#H(NY@*a0E)igGfxuFpf~v+s2KXGaKNhn#&_DwX>=6Dx00960 L>e9`10K5PIWh$I` literal 0 HcmV?d00001 diff --git a/profisee-platform/Chart.yaml b/profisee-platform/Chart.yaml index 5f17dbec..2040123f 100644 --- a/profisee-platform/Chart.yaml +++ b/profisee-platform/Chart.yaml @@ -3,4 +3,4 @@ appVersion: 1.16.0 description: A Helm chart for Profisee Platform on Kubernetes name: profisee-platform type: application -version: 0.1.24 +version: 0.1.25 From 4a96536b6345a3099b3aa7779b1432a704d26562 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Mon, 27 Mar 2023 15:31:25 -0400 Subject: [PATCH 127/141] remove white spaces --- Azure-ARM/deployprofisee.sh | 30 +++++++++---------- .../templates/statefullset-profisee.yaml | 6 ++-- 2 files changed, 18 insertions(+), 18 deletions(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index f11931cb..71648a03 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -66,11 +66,11 @@ EXTERNALDNSURLLICENSE=$(./LicenseReader "ExternalDnsUrl" $LICENSEDATA) #EXTERNALDNSURLLICENSE=$(> a.cert; sed -e 's/^/ /' a.cert > tls.cert; -else +else echo ' NA' > tls.cert; fi rm -f a.cert @@ -281,7 +281,7 @@ if [ "$CONFIGUREHTTPS" = "Yes" ]; then printf '%s\n' "$TLSKEY" | sed 's/- /-\n/g; s/ -/\n-/g' | sed '/PRIVATE/! s/ /\n/g' >> a.key; sed -e 's/^/ /' a.key > tls.key; else - echo ' NA' > tls.key; + echo ' NA' > tls.key; fi rm -f a.key @@ -342,7 +342,7 @@ if [ "$UPDATEAAD" = "Yes" ]; then if [ "$appregpermissionspresent" = "e1fe6dd8-ba31-4d61-89e7-88639da4683d" ]; then echo $"User.Read permissions already present, no need to add it." else - + echo "Update of the application registration's permissions, step 1 started." #Add a Graph API permission to "Sign in and read user profile" az ad app permission add --id $CLIENTID --api 00000003-0000-0000-c000-000000000000 --api-permissions e1fe6dd8-ba31-4d61-89e7-88639da4683d=Scope @@ -370,7 +370,7 @@ fi echo $"Correction of TLS variables finished."; -#If deployment of a new SQL database has been selected, we will create a SQL firewall rule to allow traffic from the AKS cluster's egress IP. +#If deployment of a new SQL database has been selected, we will create a SQL firewall rule to allow traffic from the AKS cluster's egress IP. if [ "$SQLSERVERCREATENEW" = "Yes" ]; then echo "Addition of a SQL firewall rule started."; #strip off .database.windows.net @@ -413,7 +413,7 @@ FILEREPOURL="\\\\\\\\\\\\\\\\${STORAGEACCOUNTNAME}.file.core.windows.net\\\\\\\\ IFS=':' read -r -a repostring <<< "$PROFISEEVERSION" #lowercase is the ,, -ACRREPONAME="${repostring[0],,}"; +ACRREPONAME="${repostring[0],,}"; ACRREPOLABEL="${repostring[1],,}" #Setting values in the Settings.yaml @@ -509,7 +509,7 @@ if [ "$profiseepresent" = "profiseeplatform" ]; then fi echo "Profisee is not installed, proceeding to install it." helm -n profisee install profiseeplatform profisee/profisee-platform --values Settings.yaml - + kubectl delete secret profisee-deploymentlog -n profisee --ignore-not-found kubectl create secret generic profisee-deploymentlog -n profisee --from-file=$logfile diff --git a/profisee-platform/templates/statefullset-profisee.yaml b/profisee-platform/templates/statefullset-profisee.yaml index 433cf028..03816505 100644 --- a/profisee-platform/templates/statefullset-profisee.yaml +++ b/profisee-platform/templates/statefullset-profisee.yaml @@ -21,7 +21,7 @@ spec: spec: terminationGracePeriodSeconds: 60 nodeSelector: - "kubernetes.io/os": windows + "kubernetes.io/os": windows volumes: - name: data-volume projected: @@ -32,7 +32,7 @@ spec: name: profisee-oidcproviders - name: initscripts secret: - secretName: profisee-initscripts + secretName: profisee-initscripts {{- if .Values.cloud.azure.isProvider }} - name: fileshare csi: @@ -59,7 +59,7 @@ spec: containers: - name: profisee image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}" - imagePullPolicy: Always + imagePullPolicy: Always livenessProbe: exec: command: From 0a60e953dda188e13e5ef35cbfdc1333628750f5 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Mon, 27 Mar 2023 15:32:57 -0400 Subject: [PATCH 128/141] will recreated package --- profisee-platform-0.1.25.tgz | Bin 5825 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 profisee-platform-0.1.25.tgz diff --git a/profisee-platform-0.1.25.tgz b/profisee-platform-0.1.25.tgz deleted file mode 100644 index af4a4aaeb69e7e77f714eb1c99cc5cc6ef5e46dc..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 5825 zcmV;y7Cz}8iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PH<~bKAC(`CBvk4mde8Y2Q>7CChe)Z{FRxveM^?WBV*8y*JmJ z4n)EdYKmY0P>P%SKKl&_f&_nvq-0rcT5e`yn*bJzAG^RV77L$}JIoO3`Yz;mgf4oc zIi%cpfD8B4j=(fc^LRK6f10M5{b>#k2e10Wp?T6D_WNf4mDwL2_m5ryb5{hELBKeq zugoXcm2KQt0?@}F5oMTo7FZ5i(D&m%`$qrRFk22{HpM;Sy@>$UHu7_KAlW{y1F^*v|DNl-UQw)ULY&Rc!4+@ zdp3RWxdmQ-n2ayRx0CVZ=;mM7w=xrS7T7zrZ4!7~AU{2Oe|~v78eM(3yw&Qz!!Ei( zK4F*>`VdtRmX}2p3ZzolCSDQRE((E>8#^TK5W`Uau1-iq}Grg_vek9s&9H2%=DMKRVB z7&1uDou{Le-|jG?siCJVoVriLKf_DpW$1R{E-pgp1Q3#)>fn&sgC1 zq?5iRzXAX{BAs=t^jDEkL`*)L$f>xcV}%q5G1&R8D5H{wQN~yh7G@5oN0f8?{`CB! zIGdn9%60nT_Me?>p2yS&?XSmn%f&YG7AYX_b{J? zJ6@S#H2cRt+AW_jUYsHXTY@g?^)G7JqiVU!Mu_q_{q^m|WHi3H4O8Bshg8D5@xMe- z+a-Y$&6sdN;t7Y@H6=^zh*dk0u%WnlhaNt{z~vUWgD#6x?$zg{GZbT4;9wCj4yFj$ z6hV$0fIYzH2*7&=JmMfg5hDS$k>oZ2JqOI;QhbLFqQG|vwjbUwvGu=44@*&zJ_MSO zPK}j9D^im0ER@#F(sQy;?uTUc?PQX!lNC3W6m>ej6DmfoU^ElbpS@fSipU>D)6+>T zn8vD6wsjnNFyH1#`i!&=0SB^sumi|l-0e}uzk?g%A_mj|LB{aRLk=JuVE%VNiHiUy zU;(iQZho{t=RNe`3_0LD8eMSZBMLd89hsYn?BSqRWd9CyK4QuP=z{mqo?{Pz5%D<1 z(?BF^Q!c`B9?z%L%v)qq%lf)#qWA$_VzjafyY}_at)Hk@T_+t8GKByO-kdT-1KnYqPc zAXRu~BUxB63}~-Yr}O$BM+@;gV!cr4C^6B!Uv}g5VKe2h%KkGvK1%C?l910!MN-3G}p4~4Mj!wJ9e57;)X&*AxRw!C1&MffdOA)PVeKTT;lEno)KB^62 z$jBQYQLG=L5M6~l@%u{;+76*U|1a=!@&D1_ILrUXCyo7gFHp|^nWg=C#6U4KX7&w+ z$Q!cZ_Cg|yatjfWMe)@Oh}!%=#h!z`**4pN%Jtto$?*ShFzh${zYo~U`u~HRJ8Sqq ztgY)4ryH*|Q&m7?cBo@4*gQzx(G4w#Wk|a!)7QzcJBE$@&Dkk;s1TW zKG*+pF|g4#ppJyta9@#@9~&0_Y9&b}|4Vb69~l~K7c#b~0I1;q;o#WJ^1o0C8vfq{ zY`gwPR@yG(gd)Rc*!bMdalf>NDI?WL%$*GL>pOt^rT9zZXg{`Yg&D*rS?$&IS7b*f z;*ti$`g}yJkv0fNT;Gk5UZy=&xXZd&9&YN&#(nJCBAUuwmYk0(BX$>%kiN?ju~v^X zAT9S6;4TwIo)y1Mx#~|T$x1qheR8|%WJm9vD<6JR#}QBN63w!orB`_!O_D4X)T#rk z=cHC0QIt@tvXoF8ol86$p%MNpk+DqoU2KQk2Ps@2jwnk!GOmec=I?MCpv3><+lkRQ4E4a&%WwUS-T|uGb!8HLxX=?f)auix~?L-PZVDL;pWH zI?USt5Bp}b|KA5>R=SKYrjho-1X(S>MwEA@QcTlZ|B;+K=i%Hb-1NJMGbHh9dwyug z9-u7pOPzD>GppAVN!_J6FrbeOt#s%y<|yAmSvK?}vH%NwpHTjv@!Yk^LT2zOUP3Mu z9I2$-pu2eeFQ6}^hq%jRH`ER3GW)tmjZ_z`wC@XK%mUsFd!P01K5=d%MzhlXOPWC= z0gpInqKp%HpQuh+Eg`I90T+A0=Ss^&DgP7i4$l_Qe**8ns^gS4Dw&?tIH5ZLYMeSP*Q(@=E4*whUZd9gt49CiU|8f%g^{>a9z5!5-?I+F2e?6w; zD!`g~>>-iv8|s46aP%GV;jFR;=M_uxx$WJMM_w9 zy%Z5BPLt~c6?o!{25V-rz?S%JRv=Su0UONM1i$hjtW}51Tz_VYYCfc|I#kq?x)`y( zr$6Xd9crMA@~%htHgmn90%!U*#Co(Ba1*SlixBIPjO%SBZW4)Midigf^6bB%mT;pWup>3Z>^3O-<`0D$07C-9aZY7Ylk4g zEiWelhuHU0k$3TwLi*5yu8%!rh4LU@;yQ5MYvN-2!2+l53O+E9(tXKd0X-+vjxOj; zvDahs?B`C`?&Q9$=GaAmxd{2-@Ypo}4jck3@xO;UGM8Rv8M?i{7u#Nzt5g2ME zJr{c@t5Gimf@{d<7U=XA9`B_JOpD7P(byxU?bfbcL!HQ|;ab4(K*>~-bIUcpg^Ub(ha=h5D|3+5!b0N<@=cM@uJ;%8ay zaYX|c>DARVZ|T*95eC#2#)o{KY-lzcK|zBbZU=kc7=Qa#M}pkcL4KUCjs@-UvG*SW z-|G~@jAMqtC(VY}6y0I%6ln_Wdz9HHsJxlmN-GC@fR86u|LQoFe>fIgPz8y5JVPUnB66<4|(hM#=mu+Dd#$e7jn4s@dJ zO89&1lfp7ZLxB~R&-y0Fj7vnPVfqYlfoKJ}Jr}>Ym~oNirAOjrpp5_J5Oia+vI<+Z zsVJ!8|G{yV{|CqY#{RPxDE9xEMDE8$cV6Tnf#kzq8S%=kJGsfDc?ua>RJw{69x#N` z2>cGF$3x`Vjoz_)sKNht*hNV&y7=BteJN1I|A*Q5&x6C0qh|fz3)JC%b^WM}&(};6 zjoY8mF)Nl3;CHZv55!*?Hs^ok541!6A7uSM4o?o7^?xt$O#Gi*x2(DL4``Jc@peXjFg^T^D`|LdD(5z`Gj$iV)(3|;U>zWo6}<^JEy+5d-){=XlH z)_;%i&3(Y1A}``7CyA`k1CZ#*T z1$M>HsYz0x^>1~3uCePqJJjWW`TO(u{|rvD@&EdRVH5vjFR)YoS5b>fxPObwt&J3T zMySdEDiq^Z??P7ce?J@lyMNMe{Qvd>yX60Pl4uejzTdC2y#8cX+NSo>-SL-$8vGx< z!1QeTf4^^Lu;%w)>oJ#XzZwI~p9E^ie?8dqbHx8J4~N2vQ_7Wc{txfnJ$L*c^YAe5|9RM)|Lg_UF=iAXqI3yQqDVxSzoY08sjJ`m zdrpLM712XRoA^EoeCJcbiA`J!+>Wjbf&%7ns+Vz8nE9}ft^TmUCGpUohDVjxMrU#E}=b3QNvXd$!`i&^CZ!GwSU3qK+;OdR`Rpd?nxX0qeqO zt03B9AiFYAi=;@2SbR_>Vqz3}NdKmuX3f9DRq|HrW<@g&Q)%*3x2a-6^LPv6XljMQ znsAqE+&uI!mXZ+duBNIp8-H9y9~W7}pyLv4{L-2}P-`QL7dE7z@-VOXwBc=W@#jR9 zOPZOFw^`g#E4Fbr!4(_3ka2AP;1c_O!U;`B<&-^A_yX>V8EDEr$_!5WmC!pTgMoVd zj&0bC86h)w^8ufQf`MVik;l(4yH7R4cZ#1rjVhbjNVX&0@%3Bccuc-VX6c*&sXfm` z&(F%EcuE*-X{#k5e6PxFuYWKh`&>d&L-a;M=gSw6j!~o{8-d5iUO}RogW&Pe$|Z9+ z1CNiLOf3cPDuj?^bMX>+h>4M$rl%G9oO?d7_#FmmghS)3w40JsN-b^_0edN6P_6tQkpk5x2`G{PGzVJCEEAU1g`l)3GUUlU`AQJF6`6xA0*R5`ApN%M8O;WE!jO24xdg{7&7D{D& z7HKZSrh>ebvs1O%*3WPAS&AYOZzd!6MnRc)dk!Lyw|q;Cv8o~VSiFDGjF z3g+IL$Kw?&MGs`i0P%wQ4n5=vDIzBKLcR`VkJzszR)3d&_r&@I*o%qH(~%{%EFjJ9 zsb3o?r?esUXsp|^=Np@~VZgR(UG>=M*9v#vn#`rf(l!)RvYy^a?uGXq(wu)jzLerD zE!!_Ld7tauw=nh}FKt~B1#76(y}4hQ++tGJ(5?LBUzp}R8SDD_*%)=RKCa}_0+0DW z1kFW!n%$Kov6OYpE?(f=i)gkVr1iGgN@mFXhV2Jwoeh8mS`hkBQBGz`7p3S^fY>HP zs1lo#5tqypk~kqGqaW*m*D0?AO&gOvzg|r&igWwYrrlbQxBnY+W3X zj*c_&pZZ7UVPpT_3mkxJ$T^}O1DpUk>|ixV9+(E$b+9)BKD6)Q3^AkKIsmtG%m54g zkc~iSIsh}5Or1Fz?Vv5yY)ANt$gug3h%`az6k#!6wlhNzx|&m_YqP|0tU{{ z#)68-#N2Kf*g>!t6{6(VcFR~Yn>eWV#}W*A{*Q*+@L7LHbyV^HFzf%{AD%SlfBS)h zz;_@=z@9@Y!+V5sz_Te5`WWDI6ukijOrvjnZnq9N0X9XVkVxdS-#{0LHACVM#RK0Z zP%!%h@$LnYZ|;HIRBN}wV$p;H2IxA#Fn(^g+N}eRtRggFEx4d~_p>4X2?96)GtB3~ z6fn$%fQVWpi#q7DY#H(NY@*a0E)igGfxuFpf~v+s2KXGaKNhn#&_DwX>=6Dx00960 L>e9`10K5PIWh$I` From 90c33e775695ef2686ebd6140fc01ec786afe9c8 Mon Sep 17 00:00:00 2001 From: Yonko Ganchev Date: Mon, 27 Mar 2023 15:33:13 -0400 Subject: [PATCH 129/141] Create profisee-platform-0.1.25.tgz --- profisee-platform-0.1.25.tgz | Bin 0 -> 5555 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 profisee-platform-0.1.25.tgz diff --git a/profisee-platform-0.1.25.tgz b/profisee-platform-0.1.25.tgz new file mode 100644 index 0000000000000000000000000000000000000000..5a4d9e5bf16665acd15a1feac07b03d66b7b7b91 GIT binary patch literal 5555 zcmV;k6-??MiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PH<~Z{xO-{o8=Q1J7At+lOaac5J86!@IlGar=U1lU$tL-UA90 zv^25V$fA~{>`k}1&wijJO4JWacH%hQ)>EKai^JjY#|$~-aOg97M>s&+cd@vmY|$Cb zF%!lEUbtWF2u#y7hy8x|*EG%iU$b}I`>NaTcg^GB$za(3%Ix-s$HT9Xxhn>$Am9SC zugqtcm9N|v0@x=XfN?@S3oUyM?EA^juF)MDX2St)GvbTz+bQ}NxC>;6 zLD%v4LDWM(22)@j2;dD5FTg^DQPvO-K3E9*zDsN@X*ZUtT+`?py+Px(Tjs9;MfqQ1 zHvqm%1yCdZgOfowC;x-4d2*2deE|RHPJk_eS*Y1S2%$(|TW==+b8&h4ZrqB#I#}Q- z=5U#&o_(jK2OOA|_I@(H(NcZP`HC_}OT9jwOn$n$Icqf=Y6#v0-Yr>xl~B9@!N;D> z9(-Y;H}5Coi}CGbd^x)L_w{Xrgq;QPPHme8o{+>(&)%J1o{mOW?=Nq)^6!WXH{erF z1Z59#0b%|qtK$6o^NaD#`1-0yAzw#@nX72NvIVGezE9Xc)3;lR0Lfb2jCISU3qA>89(K<>{+_uOY8Ah$?BoBvl{LCJyPRkQ zRxmyF{TN3L3GiL|aPG|*aDEfGU?IT*h!P3E#(1KCp~SJZmXC+o>2Co8bZQH-1aw9i z*s_PT`r$y#DI?-RGIw=;Hp*7tb_samJZ$XI#rgR1_WZ1nJOP`5Py`~h$#`@#zRmTn zWNPGMvanEVE`)D&I^3Sa0(0Zj!sQhE24%C(ig$XZIp~;!4hcI=JalZCjdvu49MN;< z`6Q!ncLZ3b>lqJ+?(^u+$P&C9-!9$-Wgf5`U07h^?zDwxj0QeeB%@z(vh4<30K23P zj3NcmZ8o%z@o03(f(V`rP1_GF)HO|0eOSOkDh<>%W2M93V*tF6rHF5u?-ZNO23g>l zDw4sBa3PUeO8FUBN`lP{LR$(cQCL#5jc%myYceVDOiQ>p{cfxTL&}VWeoq_ebNWw& zP)nxsmX-Y~6Uvw=qDf38EiEhLK&rvk-^&n{HjEJyMOca)4v!df{OYr7&$HfYlkAR6J{mt#gWHi3H4O4!EhfKncXCMet65}(*GVFma-td3p6F2=_^H6rlj9_ zsI9rBWAcyg`*ikg<&v(`88?#@H#)hKCPpD+JQA{>y+R3!$sc6Zvq?OdCZ@ng$&<%BgBh^8eb29V5K~x|j{(%^E0SSs0n0V;s2Me{{ zVGqy1LFaMrqAMR57L>IjY%bBmPOU-zJ8FF(Oa$0P@31{59-tBR1S8WxCTl}3rg5H( zr_9J(EEF#6mC!dE3lLb^kXFXX z#P|Gusc5vC4eo=o5u*JeQ!Rz!iQ>#cpFfxJs^&K%;V7M4(Bq?85Qc)h1ra6sAqm-3 z;K_f#cBkzSHkbbec`5lH^o9lb?;iGl_X5@OpPSlWMh%n;V{YAGNZe2ipROeGB%h!n z@+7`^1+lUGPl@LcZ}yaBK<)f*p5)}e-y8N0^1lz*%l!XcGB2#0PdIamnPAEvbz-`$WKwRSJPj?j<<*_Dv;RoF|$T? zLpYZDc1-j#>!~7K-X_uErfzK9C$25Bs>0>z`MBD|ZX+7lt$*nq~sNhzi zRB#)gOS~APG5tJ~iB9)jVu#X)8D4+@##4`sYpQMYw*(6y_5b+ru5b|03U{S77m?HW z{6e8@uoss*GD+B02TdE*Ju}JESbL!Kh!iu1^`nVrE0qY^`XMaZso19UA|H|{Loqc` z*!nq3R>pV5Yq*nW>@(K8qohIQDER7sVE8O)-aIzm?q?i;pmCn9N|O zE92Z*XI)J*=n0kd=&mNeLd-3$*B)aX;E7PR{*P5J;XDBL)Xo15?EjO&aen{*__%vm z|L+5GGhNOX)5v;ZqP!Jg0~77YC}!EE|0o(e=i%5XUG%#kI7D={H9xi!4^STarOt)$ zxz*{&r1sM68Q3R=mOJzqbCmC3lsEJwvJek^pEB{^$=J2&B0}&PSz;j#oXAMIfxBe> zFX1obhq}vjHPjCIGP}A*O=K=uS>G4TxrMwL@jmI_ed^rCf@Wp?m$VIy6g=v{L~TwK zeWF@fvxM@Ng3nVYeMG?20r~*R(R4%7m_` zsYsq?9Ntr!dA+SW#+NtHsSwznFTfM2XZ%ItZoZy!)|cK;9_rabj;cy2Yv-C$p3wN~ zN-pb>n$n-pO{I;SIQ(zXx^bTJJ{&9m{mV({*T0@__69&XwVyO6|Mis8s{m`pmE#aO zAh3JogLm$XsON#5Yy$G{i3=8bYg<1{A^w>X$2NZD)O(vHb447xj+HR)dMzSJoTk?Y zYUm^v4c3fgNiFr;tRbe{0=5{hDShQbxKSAq^5!E`7V|!P)uE=G%*BZHE&X1<>aYRH z7ptDedTT5^|`0 z9~ts4nKH~CI@tAz2Ue&LiaD+W*S)4Lu^%jS>aOquM;Y6fE*98xa`kAV&Xjl^KF@z{ zwe42n+iFf+K->lJ(ecnU|A8EeEct&AS`n6>XBoP^zmv;eUMM$eh|I}ln|LnqAa7AG zB!O!z<`!yo7M|#2G8HZyF~H81=RRa_<1mn_MPwUDB}R;vbyOXHHYd57IgErxR`E7hNP&O@7%-@rmGvxPR!7TnzdQyIIxZ|_^%W#txX z^-*sy+$JMWa;uUzBoJAY?Rj{sGspa}uP7W$uwBc! zn9ZPFRtwpV-=ee*^{w!W?DAit+`kmsphjw<=m*KEXH{toR*VQ}3(32%Q0GlIEkZw| z->Be{b`KlK{~d854Mvst{co-X>g4}8 zAOE#?d~$NQ|GyX5ME=$FgDN>+Ge|UPe?iBLL_?t8(G$)<|H`nv{40Ne9m;<%fBt)X zGC0itdw~~{|Ma@m#`6C}m#`Aqf9*E?l3+vm=X1iowXnECi$U9)%a|J@5z_xl}W*8V>!_P=q%X_#B zxFgs={^Q%KPk#}jcKvVW?SHd>u>bc1@%-;mvAqxIbM!?Ly8$ z2^+{iC63)zL8_mk1#0L2!v24EaB}ef-V5wXo->1_#Oi<2^_j!I-iyPg@*n;CWzPS5 zC;9ka-QMtU|9>yAQ~6g>ODd%Q376XrTHpm?L-|*s*q-z*T&?_f^YMSXC&vf>pS{2? zG7kt<6V)FZ+K_sQom5J>%1l~AwYdIT zPq||Gb=ZLUlfVZ0Uk~>B68Hbj<9?e3|{<{z*apj}QAl`+;rczXZSL z67t4sqvUCYDh-mkE}S66FB#}cBaWe-_X>;ORLEie2oLMLy#ADWrCR>OYr-!b|HG8R zp7;M89L|6C0_y}bz93#Xg{Qa3WzL|)ltSi-W9gsUj(_PRKCD$1Q~ z>2{Q;g*svMSFi=-LYjonkz`}hskf7gf$}RJQ`#SaDx|#5bk6p|KvA=VveLoSDWuxXqEmHbI)ruQ1+{DYlnj0=(t-j4m?c#a2(6=r8?5u=Y(8jb6#vTl1`=f~9PM z92+Q^N`HihA|qwY6yC1Xq3U_bwai{;9`4*VvwjKna%PKszlO!I-XR!`o7a0{&!!S+;xM>I+Sy=p5IB~?ZqAPTzuHElH)utPoHFp-cY-* zVdB|US-Ub0)^Mr&S-mp5<*cmXTY0d(GS5Xe*0uAC3F>xjTq~s|zHEO8p3CGkzba7= zt7dI$mn=x(tpeK*vKCvie`Q4YhV2JgYYm|VEGT=Z$rmAIvoiP?0N;iQm1BE0lAJ|G z(&K@&_Y({7I&)s2*8_VmvEO(5*g9Of_mt~Xo4KVc(Y;5i0DLrqDnLy#`HJViT)&?=Ce-t|KtN- zdL5166x;WKADN=f#@`IS^5vf?zL$T*BK$=enKc`K`#+iQ17?H<9G#zyB^U7ycC%p+ z2XH6O#OSZhhOy)}b)fUdQa?rckGtFOd3Q%;)cXJA{r|fCljDQ@?*)zm-@yWqJ;yA% z-W%!x&t@R4J|yN4$ACws(KS9b8%Kg7n}N(E6UFQ|)JAg7h-k>{f$vf*g?$2|tsWIc zg`w7LgxTT&hYZwqkYW7XY&0839$m#`!cs^{_Vy=3{wEm_6wQd32UEm}kP0HMRg~3% zPf^XNr=!VSbG!t^@dD5?It5jg#T Date: Mon, 27 Mar 2023 17:16:55 -0400 Subject: [PATCH 130/141] Purview account update for readme --- Azure-ARM/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Azure-ARM/README.md b/Azure-ARM/README.md index b3ae264f..ac8702df 100644 --- a/Azure-ARM/README.md +++ b/Azure-ARM/README.md @@ -26,7 +26,7 @@ Here's **how** it will be deployed. You must have a Managed Identity created to 3. **Application Administrator** role in Azure Active Directory, so the Application registration can be created by the Deployment Managed Identity and the required permissions can be assigned to it. 4. **Managed Identity Contributor** and **User Access Administrator** at the Subscription level. These two are needed in order for the ARM template Deployment Managed Identity to be able to create the Key Vault specific Managed Identity that will be used by Profisee to pull the values stored in the Key Vault, as well as to assign the AKSCluster-agentpool the Managed Identity Operator role (to the Resource and Infrastructure Resource groups) and Virtual Machine Operator role (to the Infrastructure Resource group). If Key Vault will not be used, these roles are not required. 5. **Key Vault requirements**. If you are using a Key Vault, please make sure that your Access Policy page has a checkmark on "Azure Resource Manager for template deployment". Otherwise, MS will not be able to validate the ARM template's access against your Key Vault and will result in validation failure in the ARM template before it begins deployment. -6. **Purview Integration requirements**. If Profisee will be configured to integrate with Microsoft Purview, a Purview specific Application Registration will need to be created and have the **Collections Admin** and **Data Curator Role** assigned in the Purview account. It will also have to be assigned the User.Read **delegated** permission as well as the User.Read.All, Group.Read.All and GroupMember.Read.All **application** permissions (these 3 required Global Admin consent). During the ARM template deployment you will now have to provide the Purview collection friendly name, as seen in the Purview web portal, regardless if this is a sub-collection or the root collection of Purview. +6. **Purview Integration requirements**. If Profisee will be configured to integrate with Microsoft Purview, a Purview specific Application Registration will need to be created and have the **Collections Admin** and **Data Curator Role** assigned in the Purview account at either collection or account level. It will also have to be assigned the User.Read **delegated** permission as well as the User.Read.All, Group.Read.All and GroupMember.Read.All **application** permissions (these 3 required Global Admin consent). During the ARM template deployment you will now have to provide the Purview collection friendly name, as seen in the Purview web portal, regardless if this is a sub-collection or the root collection of Purview. ## Upgrade instructions From 55572a6dace2c8952d225fd313ab1c937d39c6c4 Mon Sep 17 00:00:00 2001 From: Naveen Angali Date: Tue, 28 Mar 2023 09:26:55 -0400 Subject: [PATCH 131/141] Added Authentication Type Variable --- Azure-ARM/azuredeploy.json | 38 ++++++++++++++++----------- Azure-ARM/azuredeploy.parameters.json | 5 +++- Azure-ARM/createUIDefinition.json | 22 ++++++++++++++++ Azure-ARM/deployprofisee.sh | 8 ++++++ 4 files changed, 57 insertions(+), 16 deletions(-) diff --git a/Azure-ARM/azuredeploy.json b/Azure-ARM/azuredeploy.json index 83506770..3775d56c 100644 --- a/Azure-ARM/azuredeploy.json +++ b/Azure-ARM/azuredeploy.json @@ -95,6 +95,9 @@ "defaultValue": "", "type": "string" }, + "AuthenticationType":{ + "type": "string" + }, "SQLServerCreateNew": { "type": "String" }, @@ -167,7 +170,7 @@ "type": "String" } }, - "variables": + "variables": { "ScriptURL":"https://raw.githubusercontent.com/profiseeadmin/kubernetes/master/Azure-ARM/deployprofisee.sh", "PreReqCheckScriptURL":"https://raw.githubusercontent.com/profiseeadmin/kubernetes/master/Azure-ARM/prereqcheck.sh", @@ -192,6 +195,7 @@ "KubernetesDockerBridgeCidr": "[parameters('KubernetesDockerBridgeCidr')]", "KubernetesLinuxNodeCount": "[int(parameters('KubernetesLinuxNodeCount'))]", "KubernetesLinuxNodeSize": "[parameters('KubernetesLinuxNodeSize')]", + "AuthenticationType": "[parameters('AuthenticationType')]", "KubernetesWindowsNodeCount": "[int(parameters('KubernetesWindowsNodeCount'))]", "KubernetesWindowsNodeSize": "[parameters('KubernetesWindowsNodeSize')]", @@ -235,7 +239,7 @@ "PurviewClientSecret":"[parameters('PurviewClientSecret')]", "PurviewAccountResourceGroup":"[parameters('PurviewAccountResourceGroup')]" }, - "resources": + "resources": [ { "type": "Microsoft.Resources/deploymentScripts", @@ -308,7 +312,7 @@ "name": "PURVIEWCLIENTSECRET", "value": "[variables('PurviewClientSecret')]" } - ] + ] } }, { @@ -319,11 +323,11 @@ "dependsOn": ["[resourceId('Microsoft.Resources/deploymentScripts', 'PreReqChecks')]"], "properties": { "mode": "Incremental", - "expressionEvaluationOptions": + "expressionEvaluationOptions": { "scope": "inner" }, - "template": + "template": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", @@ -362,11 +366,11 @@ "dependsOn": ["[resourceId('Microsoft.Resources/deploymentScripts', 'PreReqChecks')]"], "properties": { "mode": "Incremental", - "expressionEvaluationOptions": + "expressionEvaluationOptions": { "scope": "inner" }, - "template": + "template": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", @@ -475,9 +479,9 @@ "secretName": "[parameters('SQLServerPassword')]" } } - } + } } - }, + }, { "type": "Microsoft.ContainerService/managedClusters", "apiVersion": "2020-07-01", @@ -519,7 +523,7 @@ "osType": "Windows", "vnetSubnetID": "[if(not(empty(variables('KubernetesVnetResourceGroup'))),variables('vnetId'),json('null'))]" } - ], + ], "nodeResourceGroup": "[variables('KubenetesInfrastructureResourceGroupName')]", "enableRBAC": true, "networkProfile": { @@ -600,7 +604,7 @@ "[resourceId('Microsoft.Resources/deploymentScripts', 'PreReqChecks')]", "[resourceId('Microsoft.Storage/storageAccounts', tolower(variables('StorageAccountName')))]" ] - }, + }, { "type": "Microsoft.Resources/deploymentScripts", "apiVersion": "2020-10-01", @@ -678,7 +682,7 @@ { "name": "EXTERNALDNSURL", "value": "[variables('ExternalDNSURL')]" - }, + }, { "name": "OIDCURL", "value": "[variables('OIDCURL')]" @@ -789,12 +793,16 @@ "name": "PURVIEWACCOUNTRESOURCEGROUP", "value": "[variables('PurviewAccountResourceGroup')]" }, + { + "name": "AUTHENTICATIONTYPE", + "value": "[variables('AuthenticationType')]" + }, { "name": "WEBAPPNAME", "value": "[variables('WEBAPPNAME')]" } ], - "primaryScriptUri": "[variables('ScriptURL')]" + "primaryScriptUri": "[variables('ScriptURL')]" } }, { @@ -812,8 +820,8 @@ } } ], - "outputs": - { + "outputs": + { "PreReqChecks": { "value": "[reference('PreReqChecks').outputs]", "type": "object" diff --git a/Azure-ARM/azuredeploy.parameters.json b/Azure-ARM/azuredeploy.parameters.json index 8095c84d..929d5541 100644 --- a/Azure-ARM/azuredeploy.parameters.json +++ b/Azure-ARM/azuredeploy.parameters.json @@ -36,7 +36,7 @@ "value": "" }, "ManagedIdentityName": { - "value": { + "value": { } }, "KubernetesClusterName": { @@ -137,6 +137,9 @@ }, "KubenetesInfrastructureResourceGroupName": { "value": "" + }, + "AuthenticationType":{ + "value": "" } } } diff --git a/Azure-ARM/createUIDefinition.json b/Azure-ARM/createUIDefinition.json index 9ddada86..a7fb7498 100644 --- a/Azure-ARM/createUIDefinition.json +++ b/Azure-ARM/createUIDefinition.json @@ -369,6 +369,27 @@ }, "visible": true }, + { + "name": "AuthenticationType", + "type": "Microsoft.Common.OptionsGroup", + "label": "Authentication and Authorization", + "defaultValue": "Kubernetes with local Accounts", + "toolTip": "Choose among native Kubernetes RBAC managed locally or leverage Azure AD to manage identities for your Kubernetes RBAC needs. Azure RBAC for AKS is a fully managed RBAC solution providing both authentication and authorization through Azure IAM.", + "constraints": { + "allowedValues": [ + { + "label": "Kubernetes with local Accounts", + "value": "LocalAccounts" + }, + { + "label": "Azure with RBAC", + "value": "AzureRBAC" + } + ], + "required": true + }, + "visible": true + }, { "name": "KubernetesLinuxNodeSizeSection", "type": "Microsoft.Common.Section", @@ -960,6 +981,7 @@ "KubernetesLinuxNodeCount": "[steps('kubernetes').KubernetesLinuxNodeCount]", "KubernetesWindowsNodeSize": "[steps('kubernetes').KubernetesWindowsNodeSizeSection.KubernetesWindowsNodeSize]", "KubernetesWindowsNodeCount": "[steps('kubernetes').KubernetesWindowsNodeCount]", + "AuthenticationType": "[steps('kubernetes').AuthenticationType]", "KubernetesVnetName": "[steps('kubernetes').KubernetesAdvanced.KubernetesVnetName.name]", "KubernetesVnetResourceGroup": "[steps('kubernetes').KubernetesAdvanced.KubernetesVnetName.resourceGroup]", "KubernetesSubnetName": "[steps('kubernetes').KubernetesAdvanced.KubernetesVnetName.subnets.subnet1.name]", diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index 71648a03..9bc45655 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -548,4 +548,12 @@ echo $result kubectl delete secret profisee-deploymentlog -n profisee --ignore-not-found kubectl create secret generic profisee-deploymentlog -n profisee --from-file=$logfile +echo $"AuthenticationType is $AUTHENTICATIONTYPE"; +echo $"Resourcegroup is $RESOURCEGROUPNAME"; +echo $"clustername is $CLUSTERNAME"; +if [ "$AUTHENTICATIONTYPE" = "AzureRBAC" ]; then + az aks update -g $RESOURCEGROUPNAME -n $CLUSTERNAME --enable-aad --enable-azure-rbac --disable-local-accounts + az role assignment create --role "Azure Kubernetes Service RBAC Cluster Admin" --assignee $ADMINACCOUNTNAME --scope /subscriptions/$SUBSCRIPTIONID/resourcegroups/$RESOURCEGROUPNAME +fi; + echo $result > $AZ_SCRIPTS_OUTPUT_PATH From ec5d89ac17c153a51a9ad61b200135a43ff70f31 Mon Sep 17 00:00:00 2001 From: Naveen Angali Date: Wed, 29 Mar 2023 10:15:19 -0400 Subject: [PATCH 132/141] Update deployprofisee.sh --- Azure-ARM/deployprofisee.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index 9bc45655..02d4414d 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -553,7 +553,9 @@ echo $"Resourcegroup is $RESOURCEGROUPNAME"; echo $"clustername is $CLUSTERNAME"; if [ "$AUTHENTICATIONTYPE" = "AzureRBAC" ]; then az aks update -g $RESOURCEGROUPNAME -n $CLUSTERNAME --enable-aad --enable-azure-rbac --disable-local-accounts - az role assignment create --role "Azure Kubernetes Service RBAC Cluster Admin" --assignee $ADMINACCOUNTNAME --scope /subscriptions/$SUBSCRIPTIONID/resourcegroups/$RESOURCEGROUPNAME + ObjectId=$(>az ad user show --id $ADMINACCOUNTNAME --query objectId -o tsv); + echo $"ObjectId of ADMIN is $ObjectId"; + az role assignment create --role "Azure Kubernetes Service RBAC Cluster Admin" --assignee-object-id $ObjectId --assignee-principal-type User --scope /subscriptions/$SUBSCRIPTIONID/resourcegroups/$RESOURCEGROUPNAME fi; echo $result > $AZ_SCRIPTS_OUTPUT_PATH From 6e1407a80d34ae4c34d95c0c35a76e387dd441bc Mon Sep 17 00:00:00 2001 From: Naveen Angali Date: Wed, 29 Mar 2023 10:29:18 -0400 Subject: [PATCH 133/141] Update deployprofisee.sh --- Azure-ARM/deployprofisee.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index 02d4414d..10ce2d89 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -553,7 +553,7 @@ echo $"Resourcegroup is $RESOURCEGROUPNAME"; echo $"clustername is $CLUSTERNAME"; if [ "$AUTHENTICATIONTYPE" = "AzureRBAC" ]; then az aks update -g $RESOURCEGROUPNAME -n $CLUSTERNAME --enable-aad --enable-azure-rbac --disable-local-accounts - ObjectId=$(>az ad user show --id $ADMINACCOUNTNAME --query objectId -o tsv); + ObjectId=$(az ad user show --id $ADMINACCOUNTNAME --query objectId -o tsv) echo $"ObjectId of ADMIN is $ObjectId"; az role assignment create --role "Azure Kubernetes Service RBAC Cluster Admin" --assignee-object-id $ObjectId --assignee-principal-type User --scope /subscriptions/$SUBSCRIPTIONID/resourcegroups/$RESOURCEGROUPNAME fi; From 590ed4f29367c580594bb846f6ce9b851bb43659 Mon Sep 17 00:00:00 2001 From: Naveen Angali Date: Wed, 29 Mar 2023 10:32:50 -0400 Subject: [PATCH 134/141] Update createUIDefinition.json --- Azure-ARM/createUIDefinition.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Azure-ARM/createUIDefinition.json b/Azure-ARM/createUIDefinition.json index a7fb7498..58f266fb 100644 --- a/Azure-ARM/createUIDefinition.json +++ b/Azure-ARM/createUIDefinition.json @@ -373,16 +373,16 @@ "name": "AuthenticationType", "type": "Microsoft.Common.OptionsGroup", "label": "Authentication and Authorization", - "defaultValue": "Kubernetes with local Accounts", + "defaultValue": "Local Accounts with Kubernetes RBAC", "toolTip": "Choose among native Kubernetes RBAC managed locally or leverage Azure AD to manage identities for your Kubernetes RBAC needs. Azure RBAC for AKS is a fully managed RBAC solution providing both authentication and authorization through Azure IAM.", "constraints": { "allowedValues": [ { - "label": "Kubernetes with local Accounts", + "label": "Local Accounts with Kubernetes RBAC", "value": "LocalAccounts" }, { - "label": "Azure with RBAC", + "label": "Azure AD authentication with Azure RBAC", "value": "AzureRBAC" } ], From 75641e4aa36374e0a053aed06a5a566ccef30559 Mon Sep 17 00:00:00 2001 From: Naveen Angali Date: Wed, 29 Mar 2023 10:46:31 -0400 Subject: [PATCH 135/141] Update deployprofisee.sh --- Azure-ARM/deployprofisee.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index 10ce2d89..aa51e9f1 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -552,7 +552,7 @@ echo $"AuthenticationType is $AUTHENTICATIONTYPE"; echo $"Resourcegroup is $RESOURCEGROUPNAME"; echo $"clustername is $CLUSTERNAME"; if [ "$AUTHENTICATIONTYPE" = "AzureRBAC" ]; then - az aks update -g $RESOURCEGROUPNAME -n $CLUSTERNAME --enable-aad --enable-azure-rbac --disable-local-accounts + az aks update -g $RESOURCEGROUPNAME -n $CLUSTERNAME --enable-aad --enable-azure-rbac ObjectId=$(az ad user show --id $ADMINACCOUNTNAME --query objectId -o tsv) echo $"ObjectId of ADMIN is $ObjectId"; az role assignment create --role "Azure Kubernetes Service RBAC Cluster Admin" --assignee-object-id $ObjectId --assignee-principal-type User --scope /subscriptions/$SUBSCRIPTIONID/resourcegroups/$RESOURCEGROUPNAME From 73bd0f5b711c4026e60f76daac0ac5554eed9e2c Mon Sep 17 00:00:00 2001 From: Naveen Angali Date: Wed, 29 Mar 2023 12:02:56 -0400 Subject: [PATCH 136/141] Update deployprofisee.sh --- Azure-ARM/deployprofisee.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index aa51e9f1..f044cf72 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -553,7 +553,7 @@ echo $"Resourcegroup is $RESOURCEGROUPNAME"; echo $"clustername is $CLUSTERNAME"; if [ "$AUTHENTICATIONTYPE" = "AzureRBAC" ]; then az aks update -g $RESOURCEGROUPNAME -n $CLUSTERNAME --enable-aad --enable-azure-rbac - ObjectId=$(az ad user show --id $ADMINACCOUNTNAME --query objectId -o tsv) + ObjectId=$(az ad user show --id $ADMINACCOUNTNAME --query 'objectId' -o tsv) echo $"ObjectId of ADMIN is $ObjectId"; az role assignment create --role "Azure Kubernetes Service RBAC Cluster Admin" --assignee-object-id $ObjectId --assignee-principal-type User --scope /subscriptions/$SUBSCRIPTIONID/resourcegroups/$RESOURCEGROUPNAME fi; From fd911c2445df0bde0ac71f8938c430845cf116de Mon Sep 17 00:00:00 2001 From: Naveen Angali Date: Thu, 30 Mar 2023 09:13:06 -0400 Subject: [PATCH 137/141] Update deployprofisee.sh --- Azure-ARM/deployprofisee.sh | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index f044cf72..3c1b6fb0 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -547,13 +547,15 @@ echo $result kubectl delete secret profisee-deploymentlog -n profisee --ignore-not-found kubectl create secret generic profisee-deploymentlog -n profisee --from-file=$logfile - +az ad user show --id $ADMINACCOUNTNAME --query "objectId" -o tsv echo $"AuthenticationType is $AUTHENTICATIONTYPE"; echo $"Resourcegroup is $RESOURCEGROUPNAME"; echo $"clustername is $CLUSTERNAME"; +ID="$(az ad user show --id $ADMINACCOUNTNAME --query "objectId" -o tsv)" +echo $"ID is $ID"; if [ "$AUTHENTICATIONTYPE" = "AzureRBAC" ]; then - az aks update -g $RESOURCEGROUPNAME -n $CLUSTERNAME --enable-aad --enable-azure-rbac - ObjectId=$(az ad user show --id $ADMINACCOUNTNAME --query 'objectId' -o tsv) + az aks update -g $RESOURCEGROUPNAME -n $CLUSTERNAME --enable-aad --enable-azure-rbac --disable-local-accounts + ObjectId="$(az ad user show --id $ADMINACCOUNTNAME --query "objectId" -o tsv)" echo $"ObjectId of ADMIN is $ObjectId"; az role assignment create --role "Azure Kubernetes Service RBAC Cluster Admin" --assignee-object-id $ObjectId --assignee-principal-type User --scope /subscriptions/$SUBSCRIPTIONID/resourcegroups/$RESOURCEGROUPNAME fi; From 52a9bd950f3763d7a8c3131a6fcb6d82b832864c Mon Sep 17 00:00:00 2001 From: Naveen Angali Date: Thu, 30 Mar 2023 13:26:52 -0400 Subject: [PATCH 138/141] Update deployprofisee.sh --- Azure-ARM/deployprofisee.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index 3c1b6fb0..a5c2c980 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -544,7 +544,7 @@ result="{\"Result\":[\ ]}" echo $result - +az ad user show --id $ADMINACCOUNTNAME kubectl delete secret profisee-deploymentlog -n profisee --ignore-not-found kubectl create secret generic profisee-deploymentlog -n profisee --from-file=$logfile az ad user show --id $ADMINACCOUNTNAME --query "objectId" -o tsv From b7664533df0ad74d939897d58be8ecf2e8940702 Mon Sep 17 00:00:00 2001 From: Naveen Angali Date: Thu, 30 Mar 2023 13:28:46 -0400 Subject: [PATCH 139/141] Update deployprofisee.sh --- Azure-ARM/deployprofisee.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index a5c2c980..bbbc686d 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -547,11 +547,11 @@ echo $result az ad user show --id $ADMINACCOUNTNAME kubectl delete secret profisee-deploymentlog -n profisee --ignore-not-found kubectl create secret generic profisee-deploymentlog -n profisee --from-file=$logfile -az ad user show --id $ADMINACCOUNTNAME --query "objectId" -o tsv +az ad user show --id $ADMINACCOUNTNAME --query objectId -o tsv echo $"AuthenticationType is $AUTHENTICATIONTYPE"; echo $"Resourcegroup is $RESOURCEGROUPNAME"; echo $"clustername is $CLUSTERNAME"; -ID="$(az ad user show --id $ADMINACCOUNTNAME --query "objectId" -o tsv)" +ID=$(az ad user show --id $ADMINACCOUNTNAME --query objectId -o tsv) echo $"ID is $ID"; if [ "$AUTHENTICATIONTYPE" = "AzureRBAC" ]; then az aks update -g $RESOURCEGROUPNAME -n $CLUSTERNAME --enable-aad --enable-azure-rbac --disable-local-accounts From 330a4aab7a0622d4e5738abcb1885951d7f1034e Mon Sep 17 00:00:00 2001 From: Naveen Angali Date: Thu, 30 Mar 2023 14:30:59 -0400 Subject: [PATCH 140/141] Update deployprofisee.sh --- Azure-ARM/deployprofisee.sh | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index bbbc686d..1bad47f6 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -544,18 +544,17 @@ result="{\"Result\":[\ ]}" echo $result -az ad user show --id $ADMINACCOUNTNAME kubectl delete secret profisee-deploymentlog -n profisee --ignore-not-found kubectl create secret generic profisee-deploymentlog -n profisee --from-file=$logfile -az ad user show --id $ADMINACCOUNTNAME --query objectId -o tsv +az ad user show --id $ADMINACCOUNTNAME --query id -o tsv echo $"AuthenticationType is $AUTHENTICATIONTYPE"; echo $"Resourcegroup is $RESOURCEGROUPNAME"; echo $"clustername is $CLUSTERNAME"; -ID=$(az ad user show --id $ADMINACCOUNTNAME --query objectId -o tsv) +ID=$(az ad user show --id $ADMINACCOUNTNAME --query id -o tsv) echo $"ID is $ID"; if [ "$AUTHENTICATIONTYPE" = "AzureRBAC" ]; then az aks update -g $RESOURCEGROUPNAME -n $CLUSTERNAME --enable-aad --enable-azure-rbac --disable-local-accounts - ObjectId="$(az ad user show --id $ADMINACCOUNTNAME --query "objectId" -o tsv)" + ObjectId="$(az ad user show --id $ADMINACCOUNTNAME --query id -o tsv)" echo $"ObjectId of ADMIN is $ObjectId"; az role assignment create --role "Azure Kubernetes Service RBAC Cluster Admin" --assignee-object-id $ObjectId --assignee-principal-type User --scope /subscriptions/$SUBSCRIPTIONID/resourcegroups/$RESOURCEGROUPNAME fi; From 0aa120bb5753a0a67e8b90237706f1dcec8cc2b3 Mon Sep 17 00:00:00 2001 From: Naveen Angali Date: Thu, 30 Mar 2023 15:29:19 -0400 Subject: [PATCH 141/141] Update deployprofisee.sh --- Azure-ARM/deployprofisee.sh | 3 --- 1 file changed, 3 deletions(-) diff --git a/Azure-ARM/deployprofisee.sh b/Azure-ARM/deployprofisee.sh index 1bad47f6..f214d3ce 100644 --- a/Azure-ARM/deployprofisee.sh +++ b/Azure-ARM/deployprofisee.sh @@ -546,12 +546,9 @@ result="{\"Result\":[\ echo $result kubectl delete secret profisee-deploymentlog -n profisee --ignore-not-found kubectl create secret generic profisee-deploymentlog -n profisee --from-file=$logfile -az ad user show --id $ADMINACCOUNTNAME --query id -o tsv echo $"AuthenticationType is $AUTHENTICATIONTYPE"; echo $"Resourcegroup is $RESOURCEGROUPNAME"; echo $"clustername is $CLUSTERNAME"; -ID=$(az ad user show --id $ADMINACCOUNTNAME --query id -o tsv) -echo $"ID is $ID"; if [ "$AUTHENTICATIONTYPE" = "AzureRBAC" ]; then az aks update -g $RESOURCEGROUPNAME -n $CLUSTERNAME --enable-aad --enable-azure-rbac --disable-local-accounts ObjectId="$(az ad user show --id $ADMINACCOUNTNAME --query id -o tsv)"