ChrisRomp

<!-- This shows the policy as implemented with references to {{named values}} and fragments -->
<!-- Named values: https://learn.microsoft.com/en-us/azure/api-management/api-management-howto-properties -->
<!-- Policy fragments: https://learn.microsoft.com/en-us/azure/api-management/policy-fragments -->

<policies>
    <inbound>
        <base />
        <!-- This requires enabling the managed identity on APIM, and granting it access to AOAI -->
        <authentication-managed-identity resource="https://cognitiveservices.azure.com" output-token-variable-name="msi-access-token" ignore-error="false" />
        <set-header name="Authorization" exists-action="override">

ChrisRomp

#!/bin/bash

# Vars
RG=TEST-asev3
LOC=westus3
VNET_NAME=vnet-asev3
VNET_CIDR=10.0.0.0/16
SUBNET_NAME=subnet-vnet-asev3-00
SUBNET_CIDR=10.0.0.0/24
ASE_NAME=cr1asev3a01

ChrisRomp

$checkHost = "www.azure.com"

try {
    # Create a TCP client and connect to the server using the URL and port 443
    $client = New-Object System.Net.Sockets.TcpClient($checkHost, 443)

    # Create an SslStream using the TCP client and set the remote certificate validation callback
    $sslStream = New-Object System.Net.Security.SslStream($client.GetStream(), $false, { $true })

    # Authenticate the client

ChrisRomp

#!/bin/bash
# requires azure cli client and jq

# Get account info from Azure CLI
ACCOUNT=$(az account show)

# Get tenant name (from user query)
TENANT_NAME=$(az ad signed-in-user show --query 'userPrincipalName' | cut -d '@' -f 2 | sed 's/\"//')

# Parse tenant ID

ChrisRomp

@tenantId = {{$dotenv TENANTID}}
@subId = {{$dotenv SUBID}}
@clientId = {{$dotenv CLIENTID}}
@clientSecret = {{$dotenv CLIENTSECRET}}
@sbName = {{$dotenv SBNAME}}
@sbUrl = https://{{sbName}}.servicebus.windows.net

###
# Get OAuth Token
# @name getToken

ChrisRomp

@adoUser = {{$dotenv ADO_USER}}
@adoPat = {{$dotenv ADO_PAT}}
@adoOrg = YourAdoOrg
@adoProject = YourAdoProject
@buildId = 123

### Get Build Properties
# @name buildProps
GET https://{{adoUser}}:{{adoPat}}@dev.azure.com/{{adoOrg}}/{{adoProject}}/_apis/build/builds/{{buildId}}?api-version=7.1-preview.7

ChrisRomp

# Export and upload GPG keys to Azure Key Vault
$UserId = "" # GPG email address
$SecretKeyName = "github-gpg-secret-key"
$PublicKeyName = "github-gpg-public-key"
$KeyVaultName = "" # Key Vault Name
$SecretKeyFile = ".\sk.asc"
$PublicKeyFile = ".\pk.asc"

# Send Private Key
$(gpg --armor --export-secret-keys --with-fingerprint $UserId) | Out-File $SecretKeyFile

ChrisRomp

trigger:
- main

pool:
  vmImage: windows-latest

steps:
# Get OpenSSL Version
- powershell: openssl version -a
  displayName: Get OpenSSL Version

ChrisRomp

import xml.dom.minidom
import html
from datetime import datetime, timedelta

import requests
from azure.identity import ClientSecretCredential, ManagedIdentityCredential
from azure.storage.blob import BlobServiceClient, generate_container_sas, AccountSasPermissions

from flask import Flask
app = Flask(__name__)

ChrisRomp

{
    "client_id": "",
    "client_secret": "",
    "grant_type": "authorization_code",
    "code": "",
    "redirect_uri": ""
}