Overview
( For Jason to fill in Admin App has been discovered to have an issue with DPAPI, we're switching to AES and resolutions to come from this. )
Installation Instructions
Upgrading/ installing AdminApp 2.2.0 while resource group, ODS API and Admin app older version already available and running on Azure.
Steps for upgrading:
- Stop existing ODS API and AdminApp services on azure resource group
- Connect to Azure SQL server from SSMS and run following scripts to delete existing AdminApp specific tables (since the latest AdminApp table schemas are different)
DROP TABLE [adminapp].[SecretConfigurations];
DROP TABLE [adminapp].[UserClaims];
DROP TABLE [adminapp].[UserLogins];
DROP TABLE [adminapp].[UserRoles];
DROP TABLE [adminapp].[ApplicationConfigurations];
DROP TABLE [adminapp].[AzureSqlConfigurations];
DROP TABLE [adminapp].[Users];
DROP TABLE [adminapp].[Roles];
DROP TABLE [adminapp_HangFire].[Counter];
DROP TABLE [adminapp_HangFire].[List];
DROP TABLE [adminapp_HangFire].[JobParameter];
DROP TABLE [adminapp_HangFire].[Hash];
DROP TABLE [adminapp_HangFire].[Schema];
DROP TABLE [adminapp_HangFire].[State];
DROP TABLE [adminapp_HangFire].[JobQueue];
DROP TABLE [adminapp_HangFire].[Job];
DROP TABLE [adminapp_HangFire].[Server];
DROP TABLE [adminapp_HangFire].[Set];
DROP TABLE [adminapp_HangFire].[AggregatedCounter];
DROP SCHEMA adminapp
DROP SCHEMA adminapp_HangFire
Delete records/ data to void the first-time setup from old AdminApp application:
DECLARE @ApplicationId INT;
SELECT @ApplicationId = ApplicationId FROM dbo.Applications WHERE ApplicationName = 'Ed-Fi ODS Admin App'
DELETE FROM dbo.ClientAccessTokens WHERE EXISTS (
SELECT 1 FROM dbo.ApiClients
WHERE ClientAccessTokens.ApiClient_ApiClientId = ApiClients.ApiClientId
AND Application_ApplicationId = @ApplicationId
)
DELETE FROM dbo.ApiClients WHERE Application_ApplicationId = @ApplicationId
DELETE FROM dbo.ApplicationEducationOrganizations WHERE --Application_ApplicationId = @ApplicationId
DELETE FROM dbo.ProfileApplications WHERE Application_ApplicationId = @ApplicationId
DELETE FROM dbo.Applications WHERE ApplicationId = @ApplicationId
DELETE FROM dbo.OdsInstances
3. Deploy AdminApp 2.0 to an existing resource group using powershell script from
https://github.com/Ed-Fi-Exchange-OSS/Ed-Fi-X-Ods-Deploy-Azure
Ex:
Upgrade-AdminApp> .\Deploy-EdFiOdsAdminApp.ps1
Supply values for the following parameters:
ResourceGroupName: Existing resource name
ResourceGroupLocation: South Central US
AdminAppName: AdminApp-latest
AppInsightLocation: South Central US
ProductionApiUrl: Existing ODS API url
EncryptionKey:
Optional parameter, if user wants to provide own value, then can be created using following script:
$aes = [System.Security.Cryptography.Aes]::Create()
$aes.KeySize = 256
$aes.GenerateKey()
$EncryptionKey = [System.Convert]::ToBase64String($aes.Key)
If user is not providing the value, then deployment script will generate.
User will be prompted to enter existing SQL server url and credentials:
SQL Server Hostname (ex: sql.mydomain.com,1433): edfiodssql-azure-unique-key.database.windows.net
Please enter a username and password for your SQL Server. These credentials will be used to create new database users for your Ed-Fi ODS installation.
Username: username
Password: password
Confirm Password: password
4. Once application deployment done, user will be prompted to confirm the database tables verification/ deletions are done.
If yes, then deployment process will run EdFi_Admin db migrations scripts, to setup required tables.
5. Data validations and update:
1. We can persist existing vendor applications, key and secrets created. Need to manually update OdsInstance_OdsInstanceId column on dbo.Applications table to have default Ods instance id. Since, latest AdminApp needs association between dbo.Applications and dbo.OdsInstances.
2. Vendor applications created using older AdminApp have prefixed with “Production”. May need to manually remove that prefix.