From 6b3815b7ce7ba91e2e0eccf7310d4dd4d6d8e0f1 Mon Sep 17 00:00:00 2001
From: Jeffrey Cline <jcline@microsoft.com>
Date: Mon, 26 Feb 2018 17:54:20 -0800
Subject: [PATCH] Finished PR comment and added README file.

---
 .../vm-linux-terraform/README.md              | 28 +++++++++++++++++++
 .../createUiDefinition.json                   |  5 ++--
 .../vm-linux-terraform/mainTemplate.json      |  7 +++--
 .../vm-linux-terraform/scripts/install.sh     | 20 ++++++++-----
 4 files changed, 48 insertions(+), 12 deletions(-)
 create mode 100644 solution_template/vm-linux-terraform/README.md

diff --git a/solution_template/vm-linux-terraform/README.md b/solution_template/vm-linux-terraform/README.md
new file mode 100644
index 00000000..44ad8b1f
--- /dev/null
+++ b/solution_template/vm-linux-terraform/README.md
@@ -0,0 +1,28 @@
+Azure Marketplace Terraform Solution Template
+===
+
+This template provisions a `Linux` Virtual Machine(VM) to `Azure` pre-configured with the `Terraform` v0.11.1 core runtime and the `Azure CLI` v2.0.
+
+Template Deployment Steps:
+---
+* Creates a VM with system assigned identity based on the `Ubuntu 16.04 LTS` image
+* Installs the `MSI` extension on the VM to allow OAuth tokens to be issued for `Azure` resources
+* Assign `RBAC` permissions to the Managed Identity, granting owner rights for the resource group
+* Creates a `Terraform` template folder (tfTemplate)
+* Pre-configures `Terraform` remote state with the `Azure` backend
+
+Once all required resources have been provisioned to `Azure` the template will then execute a shell script on the VM using the custom script extension. The shell script will install `Terraform` v0.11.1 core runtime and the `Azure CLI` v2.0. It then creates a `Terraform` template folder that is pre-configured to use `Terraform Remote State` with the `Azure` backend. The `Azure CLI` will also create the storage container required by remote state.
+
+Post Deployment Configuration Steps
+===
+Steps to Enable Remote State
+---
+Copy ~/tfTemplate/remoteState.tf from home directory to the root of the `Terraform` scripts to enable remote state management.
+
+Steps to Enable MSI
+---
+Once the template has finished deployment, log into the VM via `SSH` and run the following command to enable `MSI` with `Terraform`.
+
+```bash
+sh ~/tfEnv.sh
+```
diff --git a/solution_template/vm-linux-terraform/createUiDefinition.json b/solution_template/vm-linux-terraform/createUiDefinition.json
index 5a1c9727..a8a45023 100644
--- a/solution_template/vm-linux-terraform/createUiDefinition.json
+++ b/solution_template/vm-linux-terraform/createUiDefinition.json
@@ -56,6 +56,8 @@
         "visible": true
       }
     ],
+    "steps": [
+    ],
     "outputs": {
       "adminPassword": "[basics('authType').password]",
       "adminSSHPublicKey": "[basics('authType').sshPublicKey]",
@@ -63,8 +65,7 @@
       "authenticationType": "[basics('authType').authenticationType]",
       "vmName": "[basics('vmName')]",
       "vmSize": "Standard_D1_V2",
-      "location": "[location()]",
-      "spType": "msi"
+      "location": "[location()]"
     }
   }
 }
diff --git a/solution_template/vm-linux-terraform/mainTemplate.json b/solution_template/vm-linux-terraform/mainTemplate.json
index b90a7793..d96530f6 100644
--- a/solution_template/vm-linux-terraform/mainTemplate.json
+++ b/solution_template/vm-linux-terraform/mainTemplate.json
@@ -91,7 +91,8 @@
     "contributor" : "[concat('/subscriptions/', subscription().subscriptionId, '/providers/Microsoft.Authorization/roleDefinitions/', '8e3af657-a8ff-443c-a75c-2fe8c4bcb635')]",
     "installParm1": "[concat(' -u ', parameters('adminUserName'))]",
     "installParm2": "[concat(' -s ', subscription().subscriptionId)]",
-    "installParm3": "[concat(' -a ', variables('stateStorageAccountName'))]"
+    "installParm3": "[concat(' -a ', variables('stateStorageAccountName'))]",
+    "resourceGuid": "[guid(resourceGroup().id)]"
   },
   "resources": [
     {
@@ -277,7 +278,7 @@
     },
     {
       "apiVersion": "2017-09-01",
-      "name": "[guid(resourceGroup().id)]",
+      "name": "[variables('resourceGuid')]",
       "type": "Microsoft.Authorization/roleAssignments",
       "dependsOn": [
         "[resourceId('Microsoft.Compute/virtualMachines/extensions/', parameters('vmName'),'MSILinuxExtension')]"
@@ -294,7 +295,7 @@
       "apiVersion": "2017-03-30",
       "location": "[parameters('location')]",
       "dependsOn": [
-        "[resourceId('Microsoft.Authorization/roleAssignments', guid(resourceGroup().id))]"
+        "[resourceId('Microsoft.Authorization/roleAssignments', variables('resourceGuid'))]"
       ],
       "properties": {
         "publisher": "Microsoft.Azure.Extensions",
diff --git a/solution_template/vm-linux-terraform/scripts/install.sh b/solution_template/vm-linux-terraform/scripts/install.sh
index 8c876b5c..aa06141b 100644
--- a/solution_template/vm-linux-terraform/scripts/install.sh
+++ b/solution_template/vm-linux-terraform/scripts/install.sh
@@ -12,7 +12,8 @@
 #  3 - k: Storage account key (password)
 #  4 - l: MSI client id (principal id)
 #  5 - u: User account name
-#  6 - h: help
+#  6 - d: Ubuntu Desktop GUI for developement 
+#  7 - h: help
 # Note : 
 # This script has only been tested on Ubuntu 12.04 LTS & 14.04 LTS and must be root
 
@@ -30,6 +31,7 @@ help()
     echo "- k: Storage account key (password)"
     echo "- l: MSI client id (principal id)"
     echo "- u: User account name"
+    echo "- d: Ubuntu Desktop GUI"
     echo "- h: help"
 }
 
@@ -68,6 +70,9 @@ while getopts :s:a:k:l:u:d: optname; do
     u) #user account name
       USERNAME=${OPTARG}
       ;;
+    d) #Desktop installation
+      DESKTOPINSTALL=${OPTARG}
+      ;;
     h) #Show help
       help
       exit 2
@@ -82,7 +87,6 @@ done
 
 TEMPLATEFOLDER="/home/$USERNAME/tfTemplate"
 REMOTESTATEFILE="$TEMPLATEFOLDER/remoteState.tf"
-ACCESSKEYFILE="/home/$USERNAME/access_key"
 TFENVFILE="/home/$USERNAME/tfEnv.sh"
 CREDSFILE="$TEMPLATEFOLDER/azureProviderAndCreds.tf"
 
@@ -97,17 +101,13 @@ echo " backend \"azurerm\" {"                               >> $REMOTESTATEFILE
 echo "  storage_account_name = \"$STORAGE_ACCOUNT_NAME\""   >> $REMOTESTATEFILE
 echo "  container_name       = \"terraform-state\""         >> $REMOTESTATEFILE
 echo "  key                  = \"prod.terraform.tfstate\""  >> $REMOTESTATEFILE
+echo "  access_key           = \"$STORAGE_ACCOUNT_KEY\""    >> $REMOTESTATEFILE
 echo "  }"                                                  >> $REMOTESTATEFILE
 echo "}"                                                    >> $REMOTESTATEFILE
 chmod 666 $REMOTESTATEFILE
 
 chown -R $USERNAME:$USERNAME /home/$USERNAME/tfTemplate
 
-touch $ACCESSKEYFILE
-echo "access_key = \"$STORAGE_ACCOUNT_KEY\""                >> $ACCESSKEYFILE
-chmod 666 $ACCESSKEYFILE
-chown $USERNAME:$USERNAME $ACCESSKEYFILE
-
 touch $TFENVFILE
 echo "export ARM_SUBSCRIPTION_ID=\"$SUBSCRIPTION_ID\""     >> $TFENVFILE
 echo "export ARM_CLIENT_ID=\"$MSI_PRINCIPAL_ID\""          >> $TFENVFILE
@@ -121,3 +121,9 @@ logger -t devvm "Creating the container for remote state"
 az login --msi
 az storage container create -n terraform-state --account-name $STORAGE_ACCOUNT_NAME --account-key $STORAGE_ACCOUNT_KEY
 logger -t devvm "Container for remote state created: $?"
+
+if [[ -v DESKTOPINSTALL ]]; then
+    echo "Installing Mate Desktop"
+    bash ./desktop.sh
+    echo "Desktop installed"
+fi