Support re-deployment in the same resource group and remove external key vault integration (#338)

* unique name for public ip.

* use global resource name sufix.

* remove var name_appGateway as there is a param for it.

* define _globalResourceNameSufix: _globalResourceNameSufix in the scaling scripts

* mitigate Bicep warning.

* add location input parameter to workflow for resource creation

* use java 11 to build cargotracker.

* fix syntax issue

* add sufix to the uami name.

* ensure all the depoyment script deployments have unique name.

* ensure key vault permission model is vault access policy.

* enable global uami to access existing key vault.

* create a seperate module to update access policy of key vault.

* set enableRbacAuthorization with false.

* specify location.

* fix build error

* Error BCP035: The specified "object" declaration is missing the following required properties: "tagsByResource"

* set vault sku

* rename key vault resource

* remove key vault from ui.

* remove key vault

* remove key vault validation in fail fast stage.

* update key vault API version

* Fix "An invalid value was provided for 'accessPolicies[0].Permissions.secrets'"

* Set key vault certificate permission.

* upgrade jdk version

* Code clean up.

* No key vault info when the App Gateway certificate is uploaded.

* validate existing aks networking configurations.

* upgrade aks to 1.30.7.

* On branch wls-aks-redeploy Update names to match what they are naming.
modified:   weblogic-azure-aks/src/main/arm/createUiDefinition.json

Signed-off-by: Ed Burns <edburns@microsoft.com>

* On branch wls-aks-redeploy Fix typo sufix -> suffix
modified:   weblogic-azure-aks/src/main/bicep/mainTemplate.bicep
modified:   weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_autoGeneratedPfxCertInKeyVault.bicep
modified:   weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-networking.bicep
modified:   weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep
modified:   weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-datasource-connection.bicep
modified:   weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-output-domain-configurations.bicep
modified:   weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-applications.bicep
modified:   weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-parameters.bicep
modified:   weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds_enable_hpa.bicep
modified:   weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds_enable_prometheus_metrics.bicep
modified:   weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds_install_agic.bicep
modified:   weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds_validate_agic.bicep
modified:   weblogic-azure-aks/src/main/bicep/modules/_enableAutoScaling.bicep
modified:   weblogic-azure-aks/src/main/bicep/modules/_enablePromethuesKeda.bicep
modified:   weblogic-azure-aks/src/main/bicep/modules/_globalUamiAndRoles.bicep
modified:   weblogic-azure-aks/src/main/bicep/modules/_rolesAssignment/_roleAssignmentinRgScope.bicep
modified:   weblogic-azure-aks/src/main/bicep/modules/_setupDBConnection.bicep
modified:   weblogic-azure-aks/src/main/bicep/modules/_setupPasswordlessDBConnection.bicep
modified:   weblogic-azure-aks/src/main/bicep/modules/networking.bicep
modified:   weblogic-azure-aks/src/main/bicep/modules/setupDBConnection.bicep
modified:   weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep

Signed-off-by: Ed Burns <edburns@microsoft.com>

---------

Signed-off-by: Ed Burns <edburns@microsoft.com>
Co-authored-by: Ed Burns <edburns@microsoft.com>

Author: galiacheng

.github/actions/setupmaven/action.yml

@@ -7,10 +7,12 @@ inputs:
 runs:
   using: "composite"
   steps:
+    - uses: actions/checkout@v4
     - name: Set up Apache Maven and JDK
-      uses: actions/setup-java@v1
+      uses: actions/setup-java@v4
       with:
-        java-version: 1.8
+        distribution: 'microsoft'
+        java-version: 21
         server-id: github # Value of the distributionManagement/repository/id field of the pom.xml
         server-username: MAVEN_USERNAME # env variable for username
         server-password: MAVEN_TOKEN # env variable for token

.github/workflows/testWlsAksWithDependencyCreation.yml

@@ -19,14 +19,17 @@ on:
         description: 'The VM size for the AKS pool'
         required: true
         default: Standard_D2s_v3
+      location:
+        description: 'The location for the resources'
+        required: true
+        default: eastus
   # sample cURL
   # curl --verbose -X POST https://api.github.com/repos/<github_user>/weblogic-azure/dispatches -H 'Accept: application/vnd.github.everest-preview+json' -H 'Authorization: token <personal_access_token>' --data '{"event_type": "aks-integration-test-with-dependency-creation", "client_payload": {"gitUserNameForArtifactsLocation": "<github_user>", "testBranchNameForArtifactsLocation": "<branch_name>", "isForDemo": "false"}}'
   repository_dispatch:
     types: [aks-integration-test-with-dependency-creation,integration-test-all]
 
 env:
     azureCredentials: ${{ secrets.AZURE_CREDENTIALS }}
-    location: eastus
     resourceGroupForWlsAks: wlsd-aks-${{ github.run_id }}-${{ github.run_number }}
     dbAdminUser: weblogic
     dbPassword: ${{ secrets.DB_PASSWORD }}
@@ -51,6 +54,7 @@ jobs:
           testBranchNameForArtifactsLocation: ${{ steps.setup-env-variables-based-on-dispatch-event.outputs.testBranchNameForArtifactsLocation }}
           azCliVersion: ${{steps.set-az-cli-version.outputs.azCliVersion}}
           vmSize: ${{ steps.setup-env-variables-based-on-dispatch-event.outputs.vmSize }}
+          location: ${{ steps.setup-env-variables-based-on-dispatch-event.outputs.location }}
         runs-on: ubuntu-latest
         steps:
             - uses: actions/checkout@v2.3.4
@@ -72,27 +76,32 @@ jobs:
             - name: Setup environment variables
               id: setup-env-variables-based-on-dispatch-event
               run: |
+                location=eastus # default value
                 if [ ${{ github.event_name }} == 'workflow_dispatch' ]; then
                   isForDemo=${{ github.event.inputs.isForDemo }}
                   gitUserNameForArtifactsLocation=${{ github.event.inputs.gitUserNameForArtifactsLocation }}
                   testBranchNameForArtifactsLocation=${{ github.event.inputs.testBranchNameForArtifactsLocation }}
                   vmSize=${{ github.event.inputs.vmSize }}
+                  location=${{ github.event.inputs.location }}
                 else
                   isForDemo=${{ github.event.client_payload.isForDemo }}
                   gitUserNameForArtifactsLocation=${{ github.event.client_payload.gitUserNameForArtifactsLocation }}
                   testBranchNameForArtifactsLocation=${{ github.event.client_payload.testBranchNameForArtifactsLocation }}
                   vmSize=${{ github.event.client_payload.vmSize }}
+                  location=${{ github.event.client_payload.location }}
                 fi
 
                 echo "##[set-output name=isForDemo;]${isForDemo}"
                 echo "##[set-output name=gitUserNameForArtifactsLocation;]${gitUserNameForArtifactsLocation}"
                 echo "##[set-output name=testBranchNameForArtifactsLocation;]${testBranchNameForArtifactsLocation}"
                 echo "##[set-output name=vmSize;]${vmSize}"
+                echo "##[set-output name=location;]${location}"
 
                 echo "isForDemo=${isForDemo}" >> $GITHUB_ENV
                 echo "gitUserNameForArtifactsLocation=${gitUserNameForArtifactsLocation}" >> $GITHUB_ENV
                 echo "testBranchNameForArtifactsLocation=${testBranchNameForArtifactsLocation}" >> $GITHUB_ENV
                 echo "vmSize=${vmSize}" >> $GITHUB_ENV
+                echo "location=${location}" >> $GITHUB_ENV
             - uses: actions/checkout@v2.3.4
             - name: Set up Maven with GitHub token
               uses: ./.github/actions/setupmaven
@@ -137,6 +146,7 @@ jobs:
             - name: Get AZ CLI Version
               run: |
                 echo "azCliVersion=${{needs.preflight.outputs.azCliVersion}}" >> $GITHUB_ENV
+                echo "location=${{needs.preflight.outputs.location}}" >> $GITHUB_ENV
             - uses: azure/login@v1
               id: azure-login
               with:
@@ -147,7 +157,7 @@ jobs:
                 azcliversion: ${{ env.azCliVersion }}
                 inlineScript: |
                     echo "create resource group" ${{ env.resourceGroupForDB }}
-                    az group create --verbose --name ${{ env.resourceGroupForDB }} --location ${{ env.location }}
+                    az group create --verbose --name ${{ env.resourceGroupForDB }} --location $location
 
             - uses: actions/checkout@v2.3.4
             - name: Set up PostgreSQL Flexible Server that allows access from Azure services
@@ -157,7 +167,7 @@ jobs:
                 dbName: ${{ env.dbName }}
                 dbPassword: ${{ env.dbPassword }}
                 dbServerName: ${{ env.dbServerName }}
-                location: ${{ env.location }}
+                location: $location
                 resourceGroupName: ${{ env.resourceGroupForDB }}     
 
     deploy-storage-account:
@@ -167,14 +177,17 @@ jobs:
             - name: Get AZ CLI Version
               run: |
                 echo "azCliVersion=${{needs.preflight.outputs.azCliVersion}}" >> $GITHUB_ENV
+                echo "location=${{needs.preflight.outputs.location}}" >> $GITHUB_ENV
             - name: Checkout Azure-Samples/cargotracker-wls-aks
               uses: actions/checkout@v2
               with:
                 repository: Azure-Samples/cargotracker-wls-aks
                 path: cargotracker
-            - name: Maven build web app
-              run: |
-                mvn clean install -PweblogicOnAks --file cargotracker/pom.xml
+            - uses: actions/setup-java@v4
+              with:
+                distribution: 'microsoft'
+                java-version: '11'
+            - run: mvn clean install -PweblogicOnAks --file cargotracker/pom.xml
             - name: Query version string for deployment verification
               run: |
                 PROPERTY_FILE="cargotracker/target/cargo-tracker/WEB-INF/classes/org/eclipse/cargotracker/messages.properties"
@@ -191,15 +204,15 @@ jobs:
                 azcliversion: ${{ env.azCliVersion }}
                 inlineScript: |
                     echo "create resource group" ${{ env.resourceGroupForStorageAccount }}
-                    az group create --verbose --name ${{ env.resourceGroupForStorageAccount }} --location ${{ env.location }}
+                    az group create --verbose --name ${{ env.resourceGroupForStorageAccount }} --location $location
             - name: Create Storage Account
               uses: azure/CLI@v1
               with:
                 azcliversion: ${{ env.azCliVersion }}
                 inlineScript: |
                     az storage account create --name ${{ env.storageAccountName }} \
                         --resource-group ${{ env.resourceGroupForStorageAccount }} \
-                        --location ${{ env.location }} \
+                        --location $location \
                         --sku Standard_LRS \
                         --kind StorageV2
             - name: Create Storage Container
@@ -221,6 +234,7 @@ jobs:
             - name: Get AZ CLI Version
               run: |
                 echo "azCliVersion=${{needs.preflight.outputs.azCliVersion}}" >> $GITHUB_ENV
+                echo "location=${{needs.preflight.outputs.location}}" >> $GITHUB_ENV
             - name: Checkout weblogic-azure
               uses: actions/checkout@v2
               with:
@@ -261,7 +275,7 @@ jobs:
                 azcliversion: ${{ env.azCliVersion }}
                 inlineScript: |
                     echo "create resource group" ${{ env.resourceGroupForWlsAks }}
-                    az group create --verbose --name ${{ env.resourceGroupForWlsAks }} --location ${{ env.location }}
+                    az group create --verbose --name ${{ env.resourceGroupForWlsAks }} --location $location
             - name: Checkout Azure-Samples/cargotracker-wls-aks
               uses: actions/checkout@v2
               with:

pom.xml

@@ -40,7 +40,7 @@
     <properties>    
         <!--  versions  start -->
         <!--  weblogic azure aks versions  -->
-        <version.wls-on-aks-azure-marketplace>1.0.86</version.wls-on-aks-azure-marketplace>
+        <version.wls-on-aks-azure-marketplace>1.0.87</version.wls-on-aks-azure-marketplace>
         <!--  weblogic azure vm versions  -->
         <version.arm-oraclelinux-wls>1.0.30</version.arm-oraclelinux-wls>
         <version.arm-oraclelinux-wls-admin>1.0.55</version.arm-oraclelinux-wls-admin>

resources/azure-common.properties

@@ -11,9 +11,9 @@ azure.apiVersionForAvailabilitySets=2023-07-01
 # Microsoft.Compute/virtualMachines
 azure.apiVersionForVirtualMachines=2023-07-01
 # Microsoft.KeyVault/vaults
-azure.apiVersionForKeyVault=2023-02-01
+azure.apiVersionForKeyVault=2024-11-01
 # Microsoft.KeyVault/vaults/secrets
-azure.apiVersionForKeyVaultSecrets=2023-02-01
+azure.apiVersionForKeyVaultSecrets=2024-11-01
 # Microsoft.ManagedIdentity/userAssignedIdentities
 azure.apiVersionForIdentity=2023-01-31
 # Microsoft.Network/networkInterfaces