From 9bb689c059c429896ef6a03dc47281fc93a9ca30 Mon Sep 17 00:00:00 2001
From: Timothy Middelkoop <tmiddelkoop@internet2.edu>
Date: Wed, 1 Dec 2021 16:25:42 -0600
Subject: [PATCH 1/3] Basic support on Ubunto 20.04 LTS

---
 Build.md                |  4 +++
 scripts/aws-create.sh   |  4 ++-
 scripts/azure-create.sh | 65 +++++++++++++++++++++++++++++++++++++++++
 scripts/azure-delete.sh | 10 +++++++
 scripts/gcp-create.sh   |  9 ++++--
 5 files changed, 88 insertions(+), 4 deletions(-)
 create mode 100755 scripts/azure-create.sh
 create mode 100755 scripts/azure-delete.sh

diff --git a/Build.md b/Build.md
index 3942f65..c4033d1 100644
--- a/Build.md
+++ b/Build.md
@@ -43,3 +43,7 @@ gcloud config set project $GOOGLE_CLOUD_PROJECT
 ## AWS
 
 Expect that `aws` is installed locally.  A ssh-key named 'learner' is required to access the account.
+
+## Azure
+
+Expect that `az` is installed and configured locally.  It will utilize your ~/.ssh/id_rsa.pub key.
diff --git a/scripts/aws-create.sh b/scripts/aws-create.sh
index 43e7941..a107e92 100755
--- a/scripts/aws-create.sh
+++ b/scripts/aws-create.sh
@@ -3,7 +3,9 @@
 # Options
 BRANCH="${1:-aws-dev}" # checkout branch $1
 
-# Static Config - update aws-*.sh files
+# Provider Config - update aws-*.sh files.
+
+# Static Config - update *.sh files
 NAME=learner
 VM=essentials
 PROJECT=CLASS-Essentials
diff --git a/scripts/azure-create.sh b/scripts/azure-create.sh
new file mode 100755
index 0000000..8d5ee42
--- /dev/null
+++ b/scripts/azure-create.sh
@@ -0,0 +1,65 @@
+#!/bin/bash
+
+# Options
+BRANCH="${1:-azure-dev}" # checkout branch $1
+
+# Provider Config - update *-azure.sh files.
+LOCATION=centralus
+
+# Static Config - update *.sh files
+NAME=learner
+VM=essentials
+PROJECT=CLASS-Essentials
+GITHUB=github.internet2.edu
+REPO="git@${GITHUB}:CLASS/${PROJECT}.git"
+
+echo "=== azure-create.sh $PROJECT $BRANCH"
+RESOURCE_GROUP=$VM
+
+echo "+++ creating resource group $RESOURCE_GROUP"
+az group create --resource-group $RESOURCE_GROUP --location $LOCATION
+
+echo "+++ creating VM $VM"
+# Ubuntu is "Canonical:0001-com-ubuntu-server-focal:20_04-lts:latest"
+az vm create --resource-group $RESOURCE_GROUP --name $VM \
+    --image Canonical:0001-com-ubuntu-server-focal:20_04-lts:latest \
+    --size Standard_D4_v4 \
+    --storage-sku Standard_LRS \
+    --public-ip-sku Standard \
+    --admin-username $NAME
+
+IP=$(az vm show --name essentials --resource-group essentials -d --query publicIps -otsv)
+
+echo "+++ wait for boot and cloud-init ${VM} ${IP}"
+ssh-keygen -R $IP
+while ! ssh $NAME@$IP sudo cloud-init status --wait ; do
+    sleep 1
+done
+
+echo "+++ configuring VM"
+ssh -A $NAME@$VM <<EOF
+sudo apt-get update
+sudo apt-get install --yes git python3-pip python3-venv bash-completion
+ssh-keyscan ${GITHUB} > .ssh/known_hosts
+git config --global color.ui auto
+git config --global push.default simple
+git config --global pull.ff only
+git config --global user.name "$(git config user.name)"
+git config --global user.email "$(git config user.name)"
+git clone --branch $BRANCH $REPO
+EOF
+
+echo "+++ configure ~/.ssh/$VM.config"
+cat > ~/.ssh/$VM.config <<EOF
+Host essentials
+    HostName $IP
+    CheckHostIP=no
+    ForwardAgent=yes
+    User=$NAME
+EOF
+
+echo "+++ starting Jypter"
+ssh $NAME@$IP -t -L 8080:localhost:8080 -L 8081:localhost:8081 "cd $PROJECT ; ./scripts/jupyter-lab.sh"
+
+echo "+++ ssh command"
+echo "ssh $NAME@$IP"
diff --git a/scripts/azure-delete.sh b/scripts/azure-delete.sh
new file mode 100755
index 0000000..2f2a0c5
--- /dev/null
+++ b/scripts/azure-delete.sh
@@ -0,0 +1,10 @@
+#!/bin/bash
+
+# Provider Config - update *-azure.sh files.
+
+# Static Config - update *.sh files
+VM=essentials
+
+RESOURCE_GROUP=$VM
+az vm delete --resource-group $RESOURCE_GROUP --name $VM --yes
+#az group delete --resource-group $RESOURCE_GROUP --yes
diff --git a/scripts/gcp-create.sh b/scripts/gcp-create.sh
index f1cc80a..917f53a 100755
--- a/scripts/gcp-create.sh
+++ b/scripts/gcp-create.sh
@@ -3,10 +3,12 @@
 # Options
 BRANCH="${1:-gcp-dev}" # checkout branch $1
 
-# Static Config - update gcp-*.sh files
+# Provider Config - update gcp-*.sh files.
+ZONE=us-west2-c
+
+# Static Config - update *.sh files
 NAME=learner
 VM=essentials
-ZONE=us-west2-c
 PROJECT=CLASS-Essentials
 GITHUB=github.internet2.edu
 REPO="git@${GITHUB}:CLASS/${PROJECT}.git"
@@ -25,7 +27,8 @@ done
 echo "+++ configuring VM"
 
 gcloud compute ssh --zone=$ZONE $NAME@$VM --ssh-flag='-A' <<EOF
-sudo apt install --yes git python3-pip python3-venv bash-completion
+sudo apt-get update
+sudo apt-get install --yes git python3-pip python3-venv bash-completion
 ssh-keyscan ${GITHUB} > .ssh/known_hosts
 git config --global color.ui auto
 git config --global push.default simple

From fb9d68f71c2cc533a3aa603fa0f1c7b675a657ef Mon Sep 17 00:00:00 2001
From: Timothy Middelkoop <tmiddelkoop@internet2.edu>
Date: Wed, 1 Dec 2021 18:13:30 -0600
Subject: [PATCH 2/3] Get az commands and auth working

---
 scripts/azure-create.sh | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/scripts/azure-create.sh b/scripts/azure-create.sh
index 8d5ee42..6c3693b 100755
--- a/scripts/azure-create.sh
+++ b/scripts/azure-create.sh
@@ -14,9 +14,10 @@ GITHUB=github.internet2.edu
 REPO="git@${GITHUB}:CLASS/${PROJECT}.git"
 
 echo "=== azure-create.sh $PROJECT $BRANCH"
+SUBSCRIPTION=$(az account show --query id -otsv)
 RESOURCE_GROUP=$VM
 
-echo "+++ creating resource group $RESOURCE_GROUP"
+echo "+++ creating resource group $RESOURCE_GROUP $SUBSCRIPTION"
 az group create --resource-group $RESOURCE_GROUP --location $LOCATION
 
 echo "+++ creating VM $VM"
@@ -26,6 +27,8 @@ az vm create --resource-group $RESOURCE_GROUP --name $VM \
     --size Standard_D4_v4 \
     --storage-sku Standard_LRS \
     --public-ip-sku Standard \
+    --assign-identity \
+    --scope "subscriptions/$SUBSCRIPTION/resourceGroups/$RESOURCE_GROUP" \
     --admin-username $NAME
 
 IP=$(az vm show --name essentials --resource-group essentials -d --query publicIps -otsv)
@@ -39,6 +42,8 @@ done
 echo "+++ configuring VM"
 ssh -A $NAME@$VM <<EOF
 sudo apt-get update
+sudo apt-get install --yes azure-cli
+az login --identity
 sudo apt-get install --yes git python3-pip python3-venv bash-completion
 ssh-keyscan ${GITHUB} > .ssh/known_hosts
 git config --global color.ui auto

From 32e2f1c1297ab73cbf92e91bb577a3a575ecb528 Mon Sep 17 00:00:00 2001
From: Timothy Middelkoop <tmiddelkoop@internet2.edu>
Date: Thu, 2 Dec 2021 11:06:27 -0600
Subject: [PATCH 3/3] Grant az role to create resource groups

---
 scripts/azure-create.sh | 15 +++++++++++----
 scripts/azure-delete.sh |  7 +++++--
 2 files changed, 16 insertions(+), 6 deletions(-)

diff --git a/scripts/azure-create.sh b/scripts/azure-create.sh
index 6c3693b..ecdf6c7 100755
--- a/scripts/azure-create.sh
+++ b/scripts/azure-create.sh
@@ -15,23 +15,29 @@ REPO="git@${GITHUB}:CLASS/${PROJECT}.git"
 
 echo "=== azure-create.sh $PROJECT $BRANCH"
 SUBSCRIPTION=$(az account show --query id -otsv)
-RESOURCE_GROUP=$VM
+RESOURCE_GROUP="rg-${VM}-dev"
 
 echo "+++ creating resource group $RESOURCE_GROUP $SUBSCRIPTION"
 az group create --resource-group $RESOURCE_GROUP --location $LOCATION
 
 echo "+++ creating VM $VM"
 # Ubuntu is "Canonical:0001-com-ubuntu-server-focal:20_04-lts:latest"
+# Debian is "Debian:debian-10:10:latest"
+# Resource Group scope "subscriptions/$SUBSCRIPTION/resourceGroups/$RESOURCE_GROUP"
 az vm create --resource-group $RESOURCE_GROUP --name $VM \
     --image Canonical:0001-com-ubuntu-server-focal:20_04-lts:latest \
-    --size Standard_D4_v4 \
+    --size Standard_D2_v4 \
     --storage-sku Standard_LRS \
     --public-ip-sku Standard \
     --assign-identity \
     --scope "subscriptions/$SUBSCRIPTION/resourceGroups/$RESOURCE_GROUP" \
     --admin-username $NAME
 
-IP=$(az vm show --name essentials --resource-group essentials -d --query publicIps -otsv)
+IP=$(az vm show --name $VM --resource-group $RESOURCE_GROUP -d --query publicIps -otsv)
+IDENTITY=$(az vm show --name $VM --resource-group $RESOURCE_GROUP --query identity.principalId -otsv)
+
+echo "+++ assign the VM the Contributor role to the subscription ($IDENTITY to $SUBSCRIPTION)"
+az role assignment create --assignee $IDENTITY  --scope /subscriptions/$SUBSCRIPTION --role Contributor
 
 echo "+++ wait for boot and cloud-init ${VM} ${IP}"
 ssh-keygen -R $IP
@@ -40,7 +46,8 @@ while ! ssh $NAME@$IP sudo cloud-init status --wait ; do
 done
 
 echo "+++ configuring VM"
-ssh -A $NAME@$VM <<EOF
+ssh -A $NAME@$IP <<EOF
+echo '--- connected to $NAME@IP'
 sudo apt-get update
 sudo apt-get install --yes azure-cli
 az login --identity
diff --git a/scripts/azure-delete.sh b/scripts/azure-delete.sh
index 2f2a0c5..a879f03 100755
--- a/scripts/azure-delete.sh
+++ b/scripts/azure-delete.sh
@@ -5,6 +5,9 @@
 # Static Config - update *.sh files
 VM=essentials
 
-RESOURCE_GROUP=$VM
+echo "=== azure-delete.sh $PROJECT $BRANCH"
+SUBSCRIPTION=$(az account show --query id -otsv)
+RESOURCE_GROUP="rg-${VM}-dev"
+
 az vm delete --resource-group $RESOURCE_GROUP --name $VM --yes
-#az group delete --resource-group $RESOURCE_GROUP --yes
+az group delete --resource-group $RESOURCE_GROUP --yes