Last active
March 9, 2021 22:07
-
-
Save lawrencegripper/2d68c369ba48667583df1538c4276026 to your computer and use it in GitHub Desktop.
Funcs Keys listing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
terraform { | |
required_providers { | |
shell = { | |
source = "scottwinkler/shell" | |
version = "1.7.7" | |
} | |
} | |
} | |
resource "azurerm_function_app" "functions" { | |
name = "${var.function_name}-${var.random_string}-premium" | |
location = var.resource_group_location | |
resource_group_name = var.resource_group_name | |
app_service_plan_id = var.app_service_plan_id | |
version = "~3" | |
storage_account_name = var.storage_account_name | |
storage_account_access_key = var.storage_account_key | |
identity { | |
type = "SystemAssigned" | |
} | |
site_config { | |
# Ensure we use all the mem on the box and not only 3.5GB of it! | |
use_32_bit_worker_process = false | |
pre_warmed_instance_count = 1 | |
} | |
app_settings = merge({ | |
StorageContainerName = var.test_storage_container_name | |
https_only = true | |
FUNCTIONS_WORKER_RUNTIME = "dotnet" | |
HASH = base64encode(filesha256(local.func_zip_path)) | |
WEBSITE_RUN_FROM_PACKAGE = "https://${var.storage_account_name}.blob.core.windows.net/${var.deployment_container_name}/${azurerm_storage_blob.appcode.name}${var.storage_sas}" | |
# Route outbound requests over VNET see: https://docs.microsoft.com/en-us/azure/azure-functions/functions-networking-options#regional-virtual-network-integration | |
WEBSITE_DNS_SERVER = "168.63.129.16" | |
WEBSITE_VNET_ROUTE_ALL = 1 | |
}, var.app_settings) | |
} | |
data "azurerm_subscription" "current" { | |
} | |
data "shell_script" "functions_key" { | |
lifecycle_commands { | |
read = file("${path.module}/readkey.sh") | |
} | |
environment = { | |
FUNC_NAME = azurerm_function_app.functions.name | |
RG_NAME = var.resource_group_name | |
SUB_ID = data.azurerm_subscription.current.subscription_id | |
} | |
depends_on = [azurerm_function_app.functions] | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
output "function_master_key" { | |
# Try is used here to ensure destroy works as expected. On destroy the map will be | |
# empty so try instead returns an empty string | |
# See: https://www.terraform.io/docs/language/functions/try.html | |
value = try(data.shell_script.functions_key.output["masterKey"], "") | |
} | |
output "function_hostname" { | |
value = azurerm_function_app.functions.default_hostname | |
} | |
output "function_name" { | |
value = azurerm_function_app.functions.name | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
set -e | |
# Get a token so we can call the ARM api | |
TOKEN=$(az account get-access-token -o json | jq -r .accessToken) | |
# Attempt to list the keys with exponential backoff and do this for 5mins max | |
# --fail required see https://github.com/curl/curl/issues/6712 | |
curl "https://management.azure.com/subscriptions/$SUB_ID/resourceGroups/$RG_NAME/providers/Microsoft.Web/sites/$FUNC_NAME/host/default/listkeys?api-version=2018-11-01" \ | |
--compressed -H 'Content-Type: application/json;charset=utf-8' \ | |
-H "Authorization: Bearer $TOKEN" -d "{}" \ | |
--retry 8 --retry-max-time 360 --retry-all-errors --fail --silent |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment