Skip to content

Commit

Permalink
Squashed commit of the following:
Browse files Browse the repository at this point in the history 
commit c230525
Author: Dave Curylo <[email protected]>
Date:   Wed Sep 28 22:29:43 2022 -0400

    Release 1.7.10

commit a817582
Merge: 5733c56 fbf8231
Author: Dave Curylo <[email protected]>
Date:   Wed Sep 28 18:34:03 2022 -0400

    Merge pull request CompositionalIT#979 from ahmed-ebaid/link_to_identity

commit fbf8231
Author: Ahmed Ebaid <[email protected]>
Date:   Wed Sep 28 17:20:50 2022 -0500

    Running fantomas on UserAssignedIdentity

commit 436d6d3
Author: Ahmed Ebaid <[email protected]>
Date:   Wed Sep 28 15:28:31 2022 -0500

    Refactor code to leverage LinkedUserAssignedIdentity

commit 1ed920e
Author: Dave Curylo <[email protected]>
Date:   Wed Sep 28 15:24:09 2022 -0400

    Reformatting for fantomas

commit 667d0e8
Author: Dave Curylo <[email protected]>
Date:   Wed Sep 28 15:06:48 2022 -0400

    The LinkedUserAssignedIdentity is always unmanaged.

commit 00fe027
Author: Dave Curylo <[email protected]>
Date:   Wed Sep 28 11:54:36 2022 -0400

    Adds LinkedUserAssignedIdentity for backwards compatibility

commit d28f4eb
Author: Ahmed Ebaid <[email protected]>
Date:   Tue Sep 27 12:25:39 2022 -0500

    Fix documentation

commit 864d5ed
Author: Ahmed Ebaid <[email protected]>
Date:   Tue Sep 27 07:13:41 2022 -0500

    Add additional testing

commit 62f5978
Author: Ahmed Ebaid <[email protected]>
Date:   Mon Sep 26 20:38:41 2022 -0500

    Fixing documen

commit 4061e63
Author: Ahmed Ebaid <[email protected]>
Date:   Mon Sep 26 20:10:01 2022 -0500

    Run fantomas on changed files

commit 652b99c
Author: Ahmed Ebaid <[email protected]>
Date:   Mon Sep 26 16:44:50 2022 -0500

    Adding more testing and updating documentation

commit 4974949
Author: Ahmed Ebaid <[email protected]>
Date:   Mon Sep 26 15:29:17 2022 -0500

    Removing changes from Common.fs

commit b4e09e2
Author: Ahmed Ebaid <[email protected]>
Date:   Mon Sep 26 15:26:19 2022 -0500

    Initial work for linking to an identity

commit 5733c56
Author: Dave Curylo <[email protected]>
Date:   Thu Sep 22 11:16:18 2022 -0400

    1.7.9 release

commit 65b5e79
Merge: 043ee73 1afcf28
Author: Dave Curylo <[email protected]>
Date:   Wed Sep 21 22:00:34 2022 -0400

    Merge pull request CompositionalIT#967 from codatio/fix-nic-subnet-rg

commit 1afcf28
Merge: d196321 043ee73
Author: Richard Sanderson-Pope <[email protected]>
Date:   Wed Sep 21 21:27:35 2022 +0100

    merge

commit 043ee73
Merge: c9c3a9d f1c215e
Author: Dave Curylo <[email protected]>
Date:   Wed Sep 21 09:43:51 2022 -0400

    Merge pull request CompositionalIT#977 from ahmed-ebaid/managed_identity_support

    ACR Managed Identity Support for Container Groups and Container Apps

commit f1c215e
Author: Ahmed Ebaid <[email protected]>
Date:   Tue Sep 20 18:08:39 2022 -0500

    Format files with fantomas

commit 84e99c3
Author: Ahmed Ebaid <[email protected]>
Date:   Tue Sep 20 17:32:03 2022 -0500

    Updating documentation and release notes

commit 81bf829
Author: Ahmed Ebaid <[email protected]>
Date:   Tue Sep 20 17:30:08 2022 -0500

    Uopdate documentation

commit 49a1214
Author: Ahmed Ebaid <[email protected]>
Date:   Tue Sep 20 17:18:58 2022 -0500

    Fix failing logic

commit 5c8b9ba
Author: Ahmed Ebaid <[email protected]>
Date:   Mon Sep 19 17:13:21 2022 -0500

    Modify test to add identity

commit 9738e06
Author: Ahmed Ebaid <[email protected]>
Date:   Mon Sep 19 16:19:47 2022 -0500

    Add managed identity support for containers groupd and container apps

commit c9c3a9d
Merge: 3b1d08e ef578a9
Author: Isaac Abraham <[email protected]>
Date:   Fri Sep 16 11:02:55 2022 +0100

    Merge pull request CompositionalIT#975 from CompositionalIT/teknikal-wizard-patch-1

    Update storage-account.md

commit ef578a9
Author: Ryan Palmer <[email protected]>
Date:   Fri Sep 16 10:32:01 2022 +0100

    Update storage-account.md

    Added documentation of ip and subnet restriction functionality, addressing CompositionalIT#951

commit 3b1d08e
Author: david becher <[email protected]>
Date:   Fri Sep 9 10:14:01 2022 -0700

    Update docs to coincide with the last minute change to HopType

commit a39dbd8
Author: Dave Curylo <[email protected]>
Date:   Fri Sep 9 10:46:00 2022 -0400

    Release 1.7.8

commit 6ab3f7c
Author: Dave Curylo <[email protected]>
Date:   Thu Sep 8 23:12:21 2022 -0400

    Cleanup resource naming in release notes

commit 99f62b4
Author: Dave Curylo <[email protected]>
Date:   Thu Sep 8 23:10:14 2022 -0400

    Cleanup release notes

commit 04b8ad1
Merge: 7c98806 75c3d09
Author: Dave Curylo <[email protected]>
Date:   Thu Sep 8 23:07:07 2022 -0400

    Merge pull request CompositionalIT#969 from codatio/allow-null-priority

    Allow null priority to allow updating non-spot VM instances

commit 7c98806
Author: Dave Curylo <[email protected]>
Date:   Thu Sep 8 23:06:27 2022 -0400

    Cleanup release notes

commit 3c4aa3f
Merge: aa4dafe 81ce474
Author: Dave Curylo <[email protected]>
Date:   Thu Sep 8 22:50:01 2022 -0400

    Merge pull request CompositionalIT#972 from thinkdavid/thinkdavid/routeTables

    Adding support for route tables and their child resource, routes

commit 81ce474
Author: david becher <[email protected]>
Date:   Thu Sep 8 14:06:16 2022 -0700

    Making NextHopType include IPAddress if NextHopType is VA

commit a069779
Author: david becher <[email protected]>
Date:   Thu Sep 8 11:25:10 2022 -0700

    formatting ran

commit 1aa0f65
Author: david becher <[email protected]>
Date:   Thu Sep 8 11:22:57 2022 -0700

    Document update

commit ddcae2f
Author: david becher <[email protected]>
Date:   Wed Sep 7 15:56:03 2022 -0700

    Validated in ARM

commit a93c2e7
Author: david becher <[email protected]>
Date:   Wed Sep 7 15:28:13 2022 -0700

    Unit tests passed

commit e068e84
Author: david becher <[email protected]>
Date:   Wed Sep 7 13:55:08 2022 -0700

    Update Builders.RouteTable.fs

commit f4d52f4
Author: david becher <[email protected]>
Date:   Wed Sep 7 13:54:47 2022 -0700

    Update Builders.RouteTable.fs

commit 394d9b3
Author: david becher <[email protected]>
Date:   Wed Sep 7 13:54:23 2022 -0700

    Ready for testing

commit df95a0b
Author: david becher <[email protected]>
Date:   Tue Sep 6 17:07:20 2022 -0700

    None is reserved for Option

commit 01fee70
Author: david becher <[email protected]>
Date:   Tue Sep 6 16:46:22 2022 -0700

    Finished enum for NextHopType and added the formatting of the ip address

commit 817e923
Author: david becher <[email protected]>
Date:   Tue Sep 6 16:38:26 2022 -0700

    Minor refactoring

commit 903b8ed
Author: david becher <[email protected]>
Date:   Tue Sep 6 15:47:21 2022 -0700

    Starting code for the route tables addition

commit 75c3d09
Author: Richard Sanderson-Pope <[email protected]>
Date:   Fri Sep 2 14:30:51 2022 +0100

    Fix regression tests

commit b274b6f
Author: Richard Sanderson-Pope <[email protected]>
Date:   Fri Sep 2 14:13:40 2022 +0100

    reformat

commit d196321
Author: Richard Sanderson-Pope <[email protected]>
Date:   Fri Sep 2 14:11:48 2022 +0100

    reformat

commit da7c83b
Author: Richard Sanderson-Pope <[email protected]>
Date:   Fri Sep 2 14:09:01 2022 +0100

    update docs

commit e90b1c3
Author: Richard Sanderson-Pope <[email protected]>
Date:   Fri Sep 2 14:07:21 2022 +0100

    Add tests and release notes

commit 11590e1
Author: Richard Sanderson-Pope <[email protected]>
Date:   Fri Sep 2 12:21:15 2022 +0100

    Allow null priority to allow updating non-spot VM instances

commit 323f62f
Author: Richard Sanderson-Pope <[email protected]>
Date:   Fri Sep 2 11:37:43 2022 +0100

    Add release notes

commit 162845e
Author: Richard Sanderson-Pope <[email protected]>
Date:   Fri Sep 2 11:34:04 2022 +0100

    Add tests

commit 684760c
Author: Richard Sanderson-Pope <[email protected]>
Date:   Fri Sep 2 11:15:19 2022 +0100

    Keep RG and Subs components from VNet when generating a subnet resourceId
  • Loading branch information
@thinkdavid
thinkdavid committed Oct 11, 2022
1 parent aa4dafe commit 78bf429
Show file tree
Hide file tree
Showing 26 changed files with 765 additions and 42 deletions.
12 changes: 12 additions & 0 deletions RELEASE_NOTES.md
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,18 @@
Release Notes
=============

## 1.7.10
* Container Groups and Container Apps: Support for link_to_identity for ACR managed identities.

## 1.7.9
* Container Group: Support for Managed Identity
* Container App: Support for Managed Identity
* VMs: Add support for VNets in other resource groups

## 1.7.8
* Route Tables: Initial support for Route Tables and Routes
* Virtual Machines: Default to no priority

## 1.7.7
* NAT Gateways: Initial support for NAT Gateways.
* Private Endpoints: Adds `privateEndpoint` builder and option to set custom network interface name.
Expand Down
1 change: 1 addition & 0 deletions docs/content/api-overview/resources/container-apps.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,7 @@ The Container Apps builder (`containerApp`) is used to define one or more contai
| active_revision_mode | Indicates whether multiple version of a container app can be active at once.|
| add_registry_credentials | Adds container image registry credentials for images in this container app, which are a list of server and usernames. Passwords are supplied as secure parameters. |
| reference_registry_credentials | Adds container image registry credentials for images in this container app in the form of a list of Azure resource ids. |
| add_managed_identity_registry_credentials | Adds container app registry managed identity credentials for images in this container app, which are a list of server and identities. |
| add_containers | Adds a list of containers to this container app. All containers in the app share resources and scaling. |
| add_simple_container | Adds a single container that references a public docker image and version. |
| add_secret_parameter | Adds an application secret to the entire container app. This is passed as a secure parameter to the template, and an environment variable is automatically created which references the secret. |
Expand Down
5 changes: 4 additions & 1 deletion docs/content/api-overview/resources/container-group.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,9 +27,11 @@ The Container Group builder (`containerGroup`) defines a Container Group.
| link_to_vnet | Resource ID of an existing virtual network where the container group will attach. |
| subnet | Name of the subnet in a virtual network where the container group will attach. |
| add_identity | Adds a managed identity to the the container group. |
| link_to_identity | Links an existent managed identity to the container group. |
| system_identity | Activates the system identity of the container group. |
| add_registry_credentials | Adds a container image registry credential with a secure parameter for the password. |
| reference_registry_credentials | References credentials from a container image registry by resource ID. |
| add_managed_identity_registry_credentials | Adds container image registry managed identity credentials for images in this container group. |
| add_tcp_port | Adds a TCP port to be externally accessible. |
| add_udp_port | Adds a UDP port to be externally accessible. |
| add_volumes | Adds volumes to a container group so they are accessible to containers. |
Expand Down Expand Up @@ -151,6 +153,7 @@ let containerGroupUser = userAssignedIdentity {
}
let containerGroupLoggingWorkspace = logAnalytics { name "webapplogs" }
let managedIdentity = ManagedIdentity.Empty
let group = containerGroup {
name "webApp"
Expand All @@ -162,7 +165,7 @@ let group = containerGroup {
add_instances [ nginx ]
// Add registry credentials as a secure password
add_registry_credentials [
registry "mygregistry.azurecr.io" "registryuser"
registry "mygregistry.azurecr.io" "registryuser" managedIdentity
]
// or reference an Azure container registry to pull the credentials directly.
reference_registry_credentials [
Expand Down
73 changes: 73 additions & 0 deletions docs/content/api-overview/resources/route-tables.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,73 @@
---
title: "Route Tables"
date: 2022-09-08T22:26:00-04:00
chapter: false
weight: 5
---

#### Overview
The `routeTable` builder creates a route table to efficiently change default routing traffic between Azure subnets, virtual networks, and on-premises networks. To learn more about routeTables, reference the [Azure Docs](https://docs.microsoft.com/en-us/azure/virtual-network/manage-route-table)

* RouteTable (`Microsoft.Network/routeTables`)
* Route (`Microsoft.Network/routeTables/routes`)

#### Builder Keywords

| Applies To | Keyword | Purpose |
|-|-|-|
| routeTable | name | Name of the NAT Gateway resource |
| routeTable | disableBgpRoutePropagation | Whether to disable the routes learned by BGP on that route table |
| routeTable | add_routes | The routes to be added to this route table |
| route | name | Name of the route resource |
| route | addressPrefix | The destination CIDR to which the route applies |
| route | nextHopType | The type of Azure hop the packet should be sent to |
| route | nextHopIpAddress | The IP address packets should be forwarded to. Only allowed in routes where the next hop type is VirtualAppliance |
| route | hasBgpOverride | Whether the route overrides overalpping BGP routes regardless of LPM |

#### Example

```fsharp
#r "nuget:Farmer"
open Farmer
open Farmer.Builders
arm {
location Location.EastUS
add_resources
[
routeTable {
name "myroutetable"
add_routes
[
route {
name "myroute"
addressPrefix "10.10.90.0/24"
nextHopIpAddress "10.10.67.5"
}
route {
name "myroute2"
addressPrefix "10.10.80.0/24"
}
route {
name "myroute3"
addressPrefix "10.2.31.0/24"
nextHopType (Route.HopType.VirtualAppliance None)
}
route {
name "myroute4"
addressPrefix "10.2.31.0/24"
nextHopType (
Route.HopType.VirtualAppliance(
Some(System.Net.IPAddress.Parse "10.2.31.2")
)
)
}
]
}
]
}
```
7 changes: 6 additions & 1 deletion docs/content/api-overview/resources/storage-account.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,8 @@ The Storage Account builder creates storage accounts and their associated contai
| add_cors_rules | Adds a list of CORS rules to the different storage services |
| add_policies | Adds a list of Policies to the different storage services |
| enable_versioning | Enabled versioning for different storage services |
| restrict_to_ip | Restrict access to a given ip address |
| restrict_to_subnet | Restrict access to a given virtual network subnet |
| use_static_website | Activates static website host, and uploads the provided local content as a post-deployment task to the storage with the specified index page |
| static_website_error_page | Specifies the 404 page to display for static website hosting |
| enable_data_lake | Enables Azure Data Lake Gen2 support on the storage account |
Expand Down Expand Up @@ -63,6 +65,9 @@ open Farmer.Storage
let storage = storageAccount {
name "isaacssuperstorage"
sku Storage.Sku.Premium_LRS
restrict_to_ip "11.22.33.44"
restrict_to_ip "12.23.45.78"
restrict_to_subnet "myvnet" "mysubnet"
add_public_container "mypubliccontainer"
add_private_container "myprivatecontainer"
add_blob_container "myblobcontainer"
Expand Down Expand Up @@ -94,4 +99,4 @@ let storage = storageAccount {
enable_versioning [ StorageService.Blobs, true ]
min_tls_version Tls12
}
```
```
2 changes: 1 addition & 1 deletion docs/content/api-overview/resources/virtual-machine.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ In addition, every VM you create will add a SecureString parameter to the ARM te
|diagnostics_support_managed|Turns on diagnostics support using an Azure-managed storage account.|
|diagnostics_support_external|Turns on diagnostics support using an existing storage account.|
|vm_size|Sets the size of the VM.|
|priority|Sets the VM Priority. Only one `spot_instance` or `priority` setting is allowed per VM.|
|priority|Sets the VM Priority. Only one `spot_instance` or `priority` setting is allowed per VM. No priority is set by default. |
|spot_instance|Makes the VM a spot instance. Shorthand for `priority (Spot (<EvictionPolicy>, <maxPrice>)`. Only one `spot_instance` or `priority` setting is allowed per VM.|
|username|Sets the admin username of the VM (note: the password is supplied as a securestring parameter to the generated ARM template).|
|password_parameter|Sets the name of the parameter which contains the admin password for this VM. defaults to "password-for-<VM-name>"|
Expand Down
5 changes: 5 additions & 0 deletions src/Farmer/Arm/AVS.fs
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
[<AutoOpen>]
module Farmer.Arm.AVS

open Farmer
let privateClouds = ResourceType("Microsoft.AVS/privateClouds", "2021-12-01")
28 changes: 28 additions & 0 deletions src/Farmer/Arm/App.fs
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
[<AutoOpen>]
module Farmer.Arm.App

open System
open Farmer.ContainerApp
open Farmer.Identity
open Farmer
Expand Down Expand Up @@ -122,6 +123,8 @@ type ContainerApp =
match credential with
| ImageRegistryAuthentication.Credential credential -> credential.Password
| ImageRegistryAuthentication.ListCredentials _ -> ()
| ImageRegistryAuthentication.ManagedIdentityCredential _ -> ()

]

interface IArmResource with
Expand Down Expand Up @@ -160,6 +163,18 @@ type ContainerApp =
$"listCredentials({resourceId.ArmExpression.Value}, '2019-05-01').passwords[0].value"
)
.Eval()
|}
| ImageRegistryAuthentication.ManagedIdentityCredential cred ->
{|
name = cred.Server
value =
if cred.Identity.Dependencies.Length > 0 then
cred.Identity.Dependencies.Head.ArmExpression.Eval()
else
String.Empty



|}
for setting in this.Secrets do
{|
Expand All @@ -180,6 +195,7 @@ type ContainerApp =
server = cred.Server
username = cred.Username
passwordSecretRef = cred.Username
identity = null
|}
| ImageRegistryAuthentication.ListCredentials resourceId ->
{|
Expand All @@ -191,6 +207,18 @@ type ContainerApp =
)
.Eval()
passwordSecretRef = usernameSecretName resourceId
identity = null
|}
| ImageRegistryAuthentication.ManagedIdentityCredential cred ->
{|
server = cred.Server
username = String.Empty
passwordSecretRef = null
identity =
if cred.Identity.Dependencies.Length > 0 then
cred.Identity.Dependencies.Head.ArmExpression.Eval()
else
String.Empty
|}
|]
ingress =
Expand Down
14 changes: 9 additions & 5 deletions src/Farmer/Arm/Compute.fs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -101,7 +101,7 @@ type VirtualMachine =
DiagnosticsEnabled: bool option
StorageAccount: ResourceName option
Size: VMSize
Priority: Priority
Priority: Priority option
Credentials: {| Username: string
Password: SecureParameter |}
CustomData: string option
Expand Down Expand Up @@ -137,7 +137,10 @@ type VirtualMachine =

let properties =
{|
priority = this.Priority.ArmValue
priority =
match this.Priority with
| Some priority -> priority.ArmValue
| _ -> Unchecked.defaultof<_>
hardwareProfile = {| vmSize = this.Size.ArmValue |}
osProfile =
{|
Expand Down Expand Up @@ -260,9 +263,10 @@ type VirtualMachine =
this.Identity.ToArmJson
properties =
match this.Priority with
| Low
| Regular -> box properties
| Spot (evictionPolicy, maxPrice) ->
| None
| Some Low
| Some Regular -> box properties
| Some (Spot (evictionPolicy, maxPrice)) ->
{| properties with
evictionPolicy = evictionPolicy.ArmValue
billingProfile = {| maxPrice = maxPrice |}
Expand Down
14 changes: 14 additions & 0 deletions src/Farmer/Arm/ContainerInstance.fs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -207,6 +207,7 @@ type ContainerGroup =
match credential with
| ImageRegistryAuthentication.Credential credential -> credential.Password
| ImageRegistryAuthentication.ListCredentials _ -> ()
| ImageRegistryAuthentication.ManagedIdentityCredential _ -> ()
for container in this.ContainerInstances do
for envVar in container.EnvironmentVariables do
match envVar.Value with
Expand Down Expand Up @@ -365,6 +366,7 @@ type ContainerGroup =
server = cred.Server
username = cred.Username
password = cred.Password.ArmExpression.Eval()
identity = null
|}
| ImageRegistryAuthentication.ListCredentials resourceId ->
{|
Expand All @@ -386,6 +388,18 @@ type ContainerGroup =
$"listCredentials({resourceId.ArmExpression.Value}, '2019-05-01').passwords[0].value"
)
.Eval()
identity = null
|}
| ImageRegistryAuthentication.ManagedIdentityCredential cred ->
{|
server = cred.Server
username = String.Empty
password = null
identity =
cred.Identity.UserAssigned
|> List.tryHead
|> Option.map (fun upn -> upn.ResourceId.ArmExpression.Eval())
|> Option.defaultValue null
|})
ipAddress =
match this.IpAddress with
Expand Down
Loading

0 comments on commit 78bf429

Please sign in to comment.