When selecting the azuredeploy.json, referenced in the Read.me, it results in a 404

https://github.com/microsoft/OpenHack/blob/main/byos/containers/Instructions/BYOS.md

There is an issue with the deploy_02_DeployResources.ps1 script. Noticed it was throwing an error because it did not have the ability to find Az.Websites. So I imported that.
Then there was a firewall rule missing that allows a connection to Azure Services

Similar to devops script markdown:

If you get an error with extra carriage return characters:

deploy.sh: line 2: $'\r': command not found
...
deploy.sh: line 34: syntax error near unexpected token $'in\r''' deploy.sh: line 34: case "${arg}" in
run the following command to remove the erroneous characters:

sed -i 's/\r//g' deploy.sh

Hi @DariuszPorowski

We are preparing for a multi-customer DevOps 3.0 OpenHack taking place next week. We've been running through the deploy-gh script, but are seeing issues running the script.

The issue is related to the creation of Azure Resources -

\e[36m##[command] Checking az command ...
\e[0m
\e[36m##[command] Checking jq command ...
\e[0m
\e[36m##[command] Checking gh command ...
\e[0m
\e[36m##[command] Checking curl command ...
\e[0m
\e[36m##[command] Checking azure-cli varsion ...
\e[0m
\e[36m##[command] Getting unique name...
\e[0m
\e[36m##[command] Checking for azuresp.json file...
\e[0m
\e[36m##[command] Creating Azure resources...
\e[0m
Failed to resolve tenant ''.

Error detail: 
The subscription of '' doesn't exist in cloud 'AzureCloud'.
Installing Bicep CLI v0.4.1272...
Successfully installed Bicep CLI to "/Users/chrisredddington/.azure/bin/bicep".
WARNING: The underlying Active Directory Graph API will be replaced by Microsoft Graph API in a future version of Azure CLI. Please carefully review all breaking changes introduced during this migration: https://docs.microsoft.com/cli/azure/microsoft-graph-migration
ERROR: Unsupported or invalid query filter clause specified for property 'servicePrincipalNames' of resource 'ServicePrincipal'.
/Users/chrisredddington/Documents/code/OpenHack/byos/devops/deploy/azureStorageAccount.bicep(7,13) : Warning no-loc-expr-outside-params: Use a parameter here instead of 'resourceGroup().location'. 'resourceGroup().location' and 'deployment().location' should only be used as a default value for parameters. [https://aka.ms/bicep/linter/no-loc-expr-outside-params]

{"status":"Failed","error":{"code":"DeploymentFailed","message":"At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.","details":[{"code":"Conflict","message":"{\r\n  \"status\": \"Failed\",\r\n  \"error\": {\r\n    \"code\": \"ResourceDeploymentFailure\",\r\n    \"message\": \"The resource operation completed with terminal provisioning state 'Failed'.\",\r\n    \"details\": [\r\n      {\r\n        \"code\": \"DeploymentFailed\",\r\n        \"message\": \"At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.\",\r\n        \"details\": [\r\n          {\r\n            \"code\": \"BadRequest\",\r\n            \"message\": \"{\\r\\n  \\\"error\\\": {\\r\\n    \\\"code\\\": \\\"InvalidPrincipalId\\\",\\r\\n    \\\"message\\\": \\\"A valid principal ID must be provided for role assignment.\\\"\\r\\n  }\\r\\n}\"\r\n          }\r\n        ]\r\n      }\r\n    ]\r\n  }\r\n}"}]}}
\e[36m##[command] Creating organization repository...
\e[0m
\e[36m##[command] Creating GitHub team...
\e[0m
\e[36m##[command] Updating team repository permissions...
\e[0m
\e[36m##[command] Creating repository project...
\e[0m
\e[36m##[command] Creating repository secrets...

@fortunkam also encountered this issue. Is it possible to look into this ahead of next week, so that we can be sure the setup process will work for our customers? Will do some digging to see if we can identify the issue.

Thanks!

If you use 'eastus2' as the value for AZURE_LOCATION, the unsupported Azure region check will fail, as the 'if' condition will incorrectly match the AZURE_LOCATION value to the value of 'eastus2euap' in the unsupported_azure_regions array. The same is true if you try using 'centralus'; it ends up mapping to 'centraluseuap'.

The script should allow for both 'eastus2' and 'centralus' as valid regions.

Update https://github.com/microsoft/OpenHack/tree/main/byos#openhack-specific-deployment-guidance so list of topics are in alpha order.

I noticed that the DevOps 2.0 BYOS deployment script seems to pull down a personal fork of the proctor repo rather than the original under Azure-Samples (original URI is commented out). This might be intentional but seemed like it could be an accident, so I figured I would note it here :)

Script line reference

Container hack (BYOS) - I ran the deploy.sh from powershell. All the resources were created except that the data (tables and values) were not loaded. Upon debugging, I found that the ACI that pulls the dataload image failed as it didn't have access to sql_data_init.sh

In reviewing the ARM template to deploy the azure environment for the SCI OpenHack, there is a call to a "random" github repo seen at line 630:

Why is this script being pulled from the repo https://github.com/LODSContent/Tom-Demo ?
Seems like it should corrected to reference the script in this repo, eg https://raw.githubusercontent.com/microsoft/OpenHack/main/byos/sci/scripts/scripts/ohinstall.ps1

While bootstrapping the subscription and the GH / ADO project to run the OpenHack DevOps DryRun, we had an issue getting the ObjectID of the Service Principal created for later use in the challenges

The az sp show command result has changed. The ObjectId property has changed to become Id.

When attempting to create a database at line 208, an unexpected error is generated:

+ az sql db create -g teamResources -s <serverName> -n mydrivingDB
ERROR: The command failed with an unexpected error. Here is the traceback:
ERROR: 
Traceback (most recent call last):
  File "/usr/local/lib/python3.8/site-packages/knack/cli.py", line 231, in invoke
    cmd_result = self.invocation.execute(args)
  File "/usr/local/lib/python3.8/site-packages/azure/cli/core/commands/__init__.py", line 657, in execute
    raise ex
  File "/usr/local/lib/python3.8/site-packages/azure/cli/core/commands/__init__.py", line 720, in _run_jobs_serially
    results.append(self._run_job(expanded_arg, cmd_copy))
  File "/usr/local/lib/python3.8/site-packages/azure/cli/core/commands/__init__.py", line 691, in _run_job
    result = cmd_copy(params)
  File "/usr/local/lib/python3.8/site-packages/azure/cli/core/commands/__init__.py", line 328, in __call__
    return self.handler(*args, **kwargs)
  File "/usr/local/lib/python3.8/site-packages/azure/cli/core/commands/command_operation.py", line 121, in handler
    return op(**command_args)
  File "/usr/local/lib/python3.8/site-packages/azure/cli/command_modules/sql/custom.py", line 1029, in db_create
    if not _confirm_backup_storage_redundancy_take_geo_warning():
  File "/usr/local/lib/python3.8/site-packages/azure/cli/command_modules/sql/custom.py", line 993, in 
 confirm_backup_storage_redundancy_take_geo_warning
    confirmation = prompt_y_n("""You have not specified the value for backup storage redundancy
  File "/usr/local/lib/python3.8/site-packages/knack/prompting.py", line 71, in prompt_y_n
    return _prompt_bool(msg, 'y', 'n', default=default, help_string=help_string)
  File "/usr/local/lib/python3.8/site-packages/knack/prompting.py", line 79, in _prompt_bool
    verify_is_a_tty()
  File "/usr/local/lib/python3.8/site-packages/knack/prompting.py", line 28, in verify_is_a_tty
    raise NoTTYException()
knack.prompting.NoTTYException
To open an issue, please run: 'az feedback'

When run interactively, we are prompted for a response to confirm backup storage redundancy policy:

You have not specified the value for backup storage redundancy
which will default to geo-redundant storage. Note that database backups will be geo-replicated
to the paired region. To learn more about Azure Paired Regions visit https://aka.ms/azure-ragrs-regions.
Do you want to proceed? (y/n):

This prompt can be removed by using the --backup-storage-redunancy/--bsr parameter.

I tried to use the BYOS as indicated here: https://github.com/microsoft/OpenHack/blob/main/byos/containers/deployment.md

However, i realize that the AKS cluster is not created in the resource group. (though i can see some other resources like ACR, VM, VNET are created).

Question, are we supposed to create the AKS cluster on our own OR are there something wrong with the deployment script?

I'm suggesting deleting a file that has been replaced. I just need validation this can be deleted. About PowerPlatform BYOS.

File that is out of date since it has Health scenario content (suggest deleting)
https://github.com/microsoft/OpenHack/blob/main/byos/power-platform/deploy/PowerPlatformOpenHackThings.zip

The replacement file that was uploaded that has the EDU scenario content
https://github.com/microsoft/OpenHack/blob/main/byos/power-platform/deploy/PowerPlatformEducationDocs.zip

It looks like all the VM Guest that are deployed have expired activations, so the VM seem to be shutting down after running for a little while.

When I run the ARN deployment template I get this error:

New-AzResourceGroupDeployment : 1:17:05 PM - Error: Code=InvalidContentLink; Message=Unable to download deployment content from 
'https://gallery.azure.com/artifact/20161101/microsoft.antimalware-windows-arm.1.0.2/Artifacts/MainTemplate.json'. The tracking Id is 
'47f64d11-54bc-416c-8767-df7d8e0b241b'. Please see https://aka.ms/arm-deploy for usage details.
At line:1 char:1
+ New-AzResourceGroupDeployment `
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [New-AzResourceGroupDeployment], Exception
    + FullyQualifiedErrorId : Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.NewAzureResourceGroupDeploymentCmdlet
 
New-AzResourceGroupDeployment : The deployment validation failed
At line:1 char:1
+ New-AzResourceGroupDeployment `
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : CloseError: (:) [New-AzResourceGroupDeployment], InvalidOperationException
    + FullyQualifiedErrorId : Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.NewAzureResourceGroupDeploymentCmdlet

You should update the antimalware URI inside this blob to:

https://catalogartifact.azureedge.net/publicartifactsmigration/microsoft.antimalware-windows-arm.1.0.2/Artifacts/MainTemplate.json

For the DevOps OpenHack, selecting South India as the Azure region results in a failure in the Bicep IaC deployment. The error is:

{"code":"DeploymentFailed","message":"At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.","details":[{"code":"BadRequest","message":"Region doesn't support Classic resource mode for Application Insights resources. Please use Workspace-based mode."},{"code":"BadRequest","message":"Region doesn't support Classic resource mode for Application Insights resources. Please use Workspace-based mode."}]}

When attempting to use the setup script to build the required prereq environment (ie. specifically the Containers Open Hack), it would be a better user experience if the script itself performed a check prior to attempting to deploy the resources.

The reason being (with the Containers Open Hack), it attempts to deploy an Azure SQL Database. However, depending on which Azure Region you select as part of the deployment command... you may encounter the following error:

Creating Azure SQL Server instance...
Deployment failed. Correlation ID: 19039868-35d5-46fe-85c6-248fad5b265b. Location 'West US' is not accepting creation of new Windows Azure SQL Database servers at this time.
Failed to create SQL Server.

The issue with this is that the script will have already deployed (successfully) some of the other resources (ie. Azure Container Registry, Azure Container Instance, Azure Virtual Machine). That means you have a partially successful and partly failed deployment; which you have to clean up first before re-attempting.

Adding a simple check for availability to create the resource(s) in the target region would make this setup far better.

Running the DevOps BYOS script deploy-gh.sh with the defaults is not idempotent; each time it is run, it creates a new GitHub repo.

This happened to me: I had to run it a second time due to a problem with the azure setup, and while it saved some of the generated data, it did not save the default team (eg, repo) name, so it created a new github repo.

Not sure who to contact....

When deploying the MDW openhack resources following the deployment instructions, the Cosmos DB that is supposed to contain the southridge-catalog is unpopulated.

I'm not sure what information will be most useful for debugging. Here's the activity logs from when Cosmos DB was deployed.