search

aztfmod / rovergo

The next version of Rover, the command line tool for Azure CAF Landingzones. Developed in Go
MIT License
10 stars 7 forks source link

level0 - launchpad - rover tires to push to the wrong storage account #141

Open arne21a opened 2 years ago

arne21a commented 2 years ago

when using rover in launchpad mode, combined with a scenario 200 level0 (example) configuration, launchpad creates more storage accounts then rover seems to assume.

In the level0 100 scenario, launchpad only creates storage accounts for the actual state. Those are tagged like this:

name: "jridstlevel0"
{   
      "environment": "prod",
      "landingzone": "launchpad",
      "launchpad": "launchpad",
      "level": "level0",
      "rover_version": "0.0.1-20210616",
      "tfstate": "level0"
    }

when using level0 200 configuration, there are additional storage accounts used for diagnostics. These accounts also get tagged:

name: "jridstdiaglogsrg1"
{
      "environment": "prod",
      "landingzone": "launchpad",
      "level": "level0",
      "rover_version": "0.0.1-20210616"
}

After applying the launchpad configuration, rover tries to get the state storage account using this code:

func FindStorageAccount(level string, environment string, subID string) (string, error) {
    query := fmt.Sprintf(`Resources 
        | where type == 'microsoft.storage/storageaccounts' 
        | where tags.level == '%s'
        | where tags.environment == '%s'
        | limit 1
        | project id`, level, environment)

Unfortunately, this also matches the jridstdiaglogsrg1 diagnostics account. So it tries to push the state to that account and fails due to the missing container called tfstate in this account.

possible soulution: add the tag tfstate to the query.

Expected Behavior

rover identifies the correct storage account

Actual Behavior

rover uses a random(?) storage account matching the described criteria and fails.

Steps to Reproduce the Problem

run rover in launchpad mode using a level 200 configuration

Environment Details

Edit:

Workaround:

Change the lauchtpad configuration from

landingzone = {
  backend_type = "azurerm"
  level        = "level0"
  key          = "launchpad"
}

to 

landingzone = {
  backend_type = "azurerm"
  level        = "0"
  key          = "launchpad"
}

this way, the additional storage accounts don't get the level0 tag and the FindStorageAccount matches the correct account.