diff --git a/README.md b/README.md index 9f4a35a..a5f7958 100644 --- a/README.md +++ b/README.md @@ -13,6 +13,10 @@ The SQL Server database and objects are deployed on push to master and release b All SQL scripts on azure-infrastructure must be idempotent. Note: The Github Workflow is not allowed to create new external users, so you must run it locally. Se more here: https://github.com/equinor/radix-vulnerability-scanner/issues/54 +Workaround: +```sh +sqlcmd -S ${SERVER_NAME}.database.windows.net -d ${DATABASE_NAME} -G --variables RADIX_ZONE=${RADIX_ZONE} -i createSchema.sql +``` ## Deploy to cluster diff --git a/azure-infrastructure/createSchema.sql b/azure-infrastructure/createSchema.sql index aebb3fd..69500ad 100644 --- a/azure-infrastructure/createSchema.sql +++ b/azure-infrastructure/createSchema.sql @@ -19,14 +19,14 @@ END GRANT SELECT ON SCHEMA::cost TO datareader -IF NOT EXISTS(SELECT 1 FROM sys.database_principals WHERE name = 'radix-id-vulnerability-scan-writer-$(RADIX_ZONE)') +IF NOT EXISTS(SELECT 1 FROM sys.database_principals WHERE name = 'radix-id-cost-allocation-writer-$(RADIX_ZONE)') BEGIN - CREATE USER [radix-id-vulnerability-scan-writer-$(RADIX_ZONE)] FROM EXTERNAL PROVIDER; + CREATE USER [radix-id-cost-allocation-writer-$(RADIX_ZONE)] FROM EXTERNAL PROVIDER; END -ALTER ROLE datawriter ADD MEMBER [radix-id-vulnerability-scan-writer-$(RADIX_ZONE)] +ALTER ROLE datawriter ADD MEMBER [radix-id-cost-allocation-writer-$(RADIX_ZONE)] -IF NOT EXISTS(SELECT 1 FROM sys.database_principals WHERE name = 'radix-id-vulnerability-scan-reader-$(RADIX_ZONE)') +IF NOT EXISTS(SELECT 1 FROM sys.database_principals WHERE name = 'radix-id-cost-allocation-reader-$(RADIX_ZONE)') BEGIN - CREATE USER [radix-id-vulnerability-scan-reader-$(RADIX_ZONE)] FROM EXTERNAL PROVIDER; + CREATE USER [radix-id-cost-allocation-reader-$(RADIX_ZONE)] FROM EXTERNAL PROVIDER; END -ALTER ROLE datareader ADD MEMBER [radix-id-vulnerability-scan-reader-$(RADIX_ZONE)] +ALTER ROLE datareader ADD MEMBER [radix-id-cost-allocation-reader-$(RADIX_ZONE)]