torumakabe

Sample Terraform codes for Azure Container Apps with Dapr

Overview

• This sample is based on "Tutorial: Deploy a Dapr application to Azure Container Apps with an Azure Resource Manager or Bicep template"
• In addition to the tutorial, added virtual network integration and private endpoints

graph TB
    subgraph VNet

torumakabe

#!/bin/bash
set -eo pipefail

eval "$(jq -r '@sh "CLIENT_ID=\(.client_id) CLIENT_SECRET=\(.client_secret) TENANT_ID=\(.tenant_id)"')"

RESP=$(curl -X POST -H 'Content-Type: application/x-www-form-urlencoded' \
-d "grant_type=client_credentials&client_id=${CLIENT_ID}&client_secret=${CLIENT_SECRET}&resource=ce34e7e5-485f-4d76-964f-b3d2b16d1e4f" \
https://login.microsoftonline.com/${TENANT_ID}/oauth2/token)

torumakabe

{
    "$schema": "https://schema.management.azure.com/schemas/2019-08-01/deploymentTemplate.json#",
    "contentVersion": "1.0.0.0",
    "parameters": {
        "location": {
            "defaultValue": "canadacentral",
            "type": "String"
        },
        "environment_name": {
            "defaultValue": "containerapps-env",

torumakabe

About

Script to check password and certificate expiration of Azure Service Principal.Target is all principal IDs assigned roles to the resources under the subscription set in the Azure CLI.

You can get information about IDs(Azure AD App) that have expired or will expire after a specified days as LTSV like followings.

app_id:aaaaaaaa-bbbb-cccc-dddd-eeeeeeee     app_display_name:yourspname  password_expire:2021-08-29T18:30:00+00:00

torumakabe

.DEFAULT_GOAL := build

.PHONY: build run

build:
	go build

run: build
	./app_dir_name

torumakabe

terraform {
  required_version = ">= 0.13.4"
}

provider "azurerm" {
  version = "~>2.30"
  features {}
}

resource "azurerm_resource_group" "sample" {

torumakabe

terraform {
  required_version = "~> 0.13"
}

provider "azurerm" {
  version = "~>2.25"
  features {}
}

data "azurerm_log_analytics_workspace" "sample" {

torumakabe

Name:         nginx-chaos-container-kill
Namespace:    default
Labels:       <none>
Annotations:  <none>
API Version:  litmuschaos.io/v1alpha1
Kind:         ChaosResult
Metadata:
  Creation Timestamp:  2020-07-18T01:07:55Z
  Generation:          2
  Managed Fields:

torumakabe

$ k logs kubelet-service-kill-t29n79-785ck
ansible-playbook 2.7.3
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python2.7/dist-packages/ansible
  executable location = /usr/local/bin/ansible-playbook
  python version = 2.7.17 (default, Apr 15 2020, 17:20:14) [GCC 7.5.0]
Using /etc/ansible/ansible.cfg as config file
/etc/ansible/hosts did not meet host_list requirements, check plugin documentation if this is unexpected
/etc/ansible/hosts did not meet script requirements, check plugin documentation if this is unexpected

torumakabe

2020/03/04 14:54:30 [INFO] Terraform version: 0.12.21  
2020/03/04 14:54:30 [INFO] Go runtime version: go1.12.13

[snip]

2020/03/04 15:03:11 [WARN] Provider "registry.terraform.io/-/helm" produced an invalid plan for module.aks.helm_release.prometheus_operator, but we are tolerating it because it is using the legacy plugin SDK.
    The following problems may be the cause of any confusing errors from downstream operations:
      - .max_history: planned value cty.NumberIntVal(0) does not match config value cty.NullVal(cty.Number)
      - .replace: planned value cty.False does not match config value cty.NullVal(cty.Bool)
      - .cleanup_on_fail: planned value cty.False does not match config value cty.NullVal(cty.Bool)