From f98328e3a0ac02787e386d2728409dd9d593df1a Mon Sep 17 00:00:00 2001
From: Tony Schneider <tschneid@redhat.com>
Date: Wed, 5 Jun 2024 09:36:41 -0500
Subject: [PATCH] add function and template to deploy e2e global keyvault

---
 hack/devtools/deploy-shared-env.sh         | 11 ++++--
 pkg/deploy/assets/e2e-global-keyvault.json | 40 ++++++++++++++++++++++
 2 files changed, 48 insertions(+), 3 deletions(-)
 create mode 100644 pkg/deploy/assets/e2e-global-keyvault.json

diff --git a/hack/devtools/deploy-shared-env.sh b/hack/devtools/deploy-shared-env.sh
index 731135bce60..d08fdb8212f 100644
--- a/hack/devtools/deploy-shared-env.sh
+++ b/hack/devtools/deploy-shared-env.sh
@@ -270,9 +270,14 @@ deploy_aro_spn_keyvault() {
         --template-file pkg/deploy/assets/e2e-aro-spn-keyvault.json
 }
 
-deploy_aro_spns() {
-    # Create ARO cluster service principals
-
+deploy_aro_e2e_global_keyvault() {
+    az deployment group create \
+        --name aroe2eprincipals \
+        --resource-group global-infra \
+        --parameters \
+            "vault_name=$ARO_E2E_GLOBAL_VAULT_NAME" \
+            "tenant_id=$AZURE_TENANT_ID" \
+        --template-file pkg/deploy/assets/e2e-global-keyvault.json
 
 }
 
diff --git a/pkg/deploy/assets/e2e-global-keyvault.json b/pkg/deploy/assets/e2e-global-keyvault.json
new file mode 100644
index 00000000000..28ee4928f21
--- /dev/null
+++ b/pkg/deploy/assets/e2e-global-keyvault.json
@@ -0,0 +1,40 @@
+{
+    "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
+    "contentVersion": "1.0.0.0",
+    "parameters": {
+        "vault_name": {
+            "defaultValue": "",
+            "type": "String"
+        },
+        "tenant_id": {
+            "defaultValue": "",
+            "type": "String"
+        }
+    },
+    "variables": {},
+    "resources": [
+        {
+            "type": "Microsoft.KeyVault/vaults",
+            "apiVersion": "2023-07-01",
+            "name": "[parameters('vault_name')]",
+            "location": "eastus",
+            "properties": {
+                "sku": {
+                    "family": "A",
+                    "name": "standard"
+                },
+                "tenantId": "[parameters('tenant_id')]",
+                "accessPolicies": [],
+                "enabledForDeployment": false,
+                "enabledForDiskEncryption": false,
+                "enabledForTemplateDeployment": false,
+                "enableSoftDelete": true,
+                "softDeleteRetentionInDays": 90,
+                "enableRbacAuthorization": false,
+                "vaultUri": "[concat('https://', parameters('vault_name'), '.vault.azure.net/')]",
+                "provisioningState": "Succeeded",
+                "publicNetworkAccess": "Enabled"
+            }
+        }
+    ]
+}
\ No newline at end of file