Merge pull request #32 from baoduy/develop

Develop
baoduy · Jun 22, 2024 · 1b9fe7a · 1b9fe7a
2 parents 299eec0 + 67239e7
commit 1b9fe7a
Show file tree

Hide file tree

Showing 6 changed files with 38 additions and 44 deletions.
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -61,10 +61,10 @@
     "replace-in-file": "^7.2.0"
   },
   "dependencies": {
-    "@drunk-pulumi/azure-providers": "^0.0.18",
+    "@drunk-pulumi/azure-providers": "^0.0.21",
     "@pulumi/azure-native": "^2.46.0",
     "@pulumi/azuread": "5.52.0",
-    "@pulumi/pulumi": "^3.120.0",
+    "@pulumi/pulumi": "^3.121.0",
     "@pulumi/random": "^4.16.2",
     "@pulumi/tls": "^5.0.3",
     "axios": "^1.7.2",

diff --git a/src/Builder/types/sqlBuilder.ts b/src/Builder/types/sqlBuilder.ts
@@ -9,7 +9,7 @@ import { SqlDbSku } from "../../Sql/SqlDb";
 
 export type SqlBuilderAuthOptionsType = Pick<
   SqlAuthType,
-  "enableAdAdministrator" | "azureAdOnlyAuthentication"
+  "azureAdOnlyAuthentication"
 >;
 
 export type SqlDbBuilderType = Record<

diff --git a/src/Sql/index.ts b/src/Sql/index.ts
@@ -61,8 +61,6 @@ const createElasticPool = ({
 
 export type SqlAuthType = {
   envRoles: EnvRolesResults;
-  /** create an Admin group on AzAD for SQL accessing.*/
-  enableAdAdministrator?: boolean;
   azureAdOnlyAuthentication?: boolean;
   adminLogin: Input<string>;
   password: Input<string>;
@@ -126,8 +124,10 @@ export default ({
 
   const adminGroup = auth.envRoles.contributor;
 
-  if (auth.azureAdOnlyAuthentication)
+  if (auth.azureAdOnlyAuthentication) {
+    ignoreChanges.push("administratorLogin");
     ignoreChanges.push("administratorLoginPassword");
+  }
 
   const sqlServer = new sql.Server(
     sqlName,
@@ -141,20 +141,15 @@ export default ({
       administratorLogin: auth?.adminLogin,
       administratorLoginPassword: auth?.password,
 
-      administrators:
-        (auth?.enableAdAdministrator || auth.azureAdOnlyAuthentication) &&
-        adminGroup
-          ? {
-              administratorType: sql.AdministratorType.ActiveDirectory,
-              azureADOnlyAuthentication: auth.azureAdOnlyAuthentication,
-
-              principalType: sql.PrincipalType.Group,
-              tenantId,
-              sid: adminGroup.objectId,
-              login: adminGroup.displayName,
-            }
-          : undefined,
+      administrators: {
+        administratorType: sql.AdministratorType.ActiveDirectory,
+        azureADOnlyAuthentication: Boolean(auth.azureAdOnlyAuthentication),
 
+        principalType: sql.PrincipalType.Group,
+        tenantId,
+        sid: adminGroup?.objectId,
+        login: adminGroup?.displayName,
+      },
       publicNetworkAccess: network?.asPrivateLink
         ? sql.ServerNetworkAccessFlag.Disabled
         : sql.ServerNetworkAccessFlag.Enabled,

diff --git a/src/VNet/PrivateDns.ts b/src/VNet/PrivateDns.ts
@@ -45,7 +45,7 @@ export const addARecord = ({
 };
 
 interface VnetToPrivateDnsProps extends BasicResourceArgs {
-  zoneName: string;
+  zoneName: Input<string>;
   vnetId: Input<string>;
   registrationEnabled?: boolean;
 }
@@ -55,15 +55,16 @@ export const linkVnetToPrivateDns = ({
   group,
   zoneName,
   vnetId,
-  registrationEnabled,
+  registrationEnabled = false,
   ...others
 }: VnetToPrivateDnsProps) => {
   return new native.network.VirtualNetworkLink(
-    `${name}-${zoneName}-link`,
+    `${name}-link`,
     {
       ...group,
+      location: "global",
       privateZoneName: zoneName,
-      registrationEnabled: registrationEnabled || false,
+      registrationEnabled,
       virtualNetwork: { id: vnetId },
     },
     others,
@@ -103,17 +104,15 @@ export default ({
   const toDnsInfo = () => ({ resourceName: name, group, id: zone.id });
 
   if (vnetIds) {
-    all(vnetIds).apply((vn) =>
-      vn.map((id) =>
-        linkVnetToPrivateDns({
-          name,
-          vnetId: id,
-          zoneName: name,
-          group,
-          registrationEnabled: false,
-          dependsOn: zone,
-        }),
-      ),
+    vnetIds.map((id) =>
+      linkVnetToPrivateDns({
+        name,
+        vnetId: id,
+        zoneName: name,
+        group,
+        registrationEnabled: false,
+        dependsOn: zone,
+      }),
     );
   }
 

diff --git a/src/VNet/PrivateEndpoint.ts b/src/VNet/PrivateEndpoint.ts
@@ -51,7 +51,7 @@ export default ({
 
     //Create Zone
     const zone = PrivateZone({
-      name: `${resourceInfo?.name}.${privateDnsZoneName}`,
+      name: `${resourceInfo!.name}.${privateDnsZoneName}`,
       group,
     });
 
@@ -69,7 +69,7 @@ export default ({
         const vnetId = getVnetIdFromSubnetId(id);
         linkVnetToPrivateDns({
           name: `${name}-${index}`,
-          zoneName: privateDnsZoneName,
+          zoneName: zone.name,
           vnetId,
           group,
           dependsOn: zone.resource,