Skip to content

[CES-655] Create named value with the To Do API Function key #68

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jan 20, 2025
Merged

[CES-655] Create named value with the To Do API Function key #68

merged 2 commits into from
Jan 20, 2025

Conversation

kin0992
Copy link
Contributor

@kin0992 kin0992 commented Jan 20, 2025
edited
Loading

Depends on #67

@kin0992 kin0992 requested review from a team as code owners January 20, 2025 09:35
@changeset-bot changeset-bot
Copy link

changeset-bot bot commented Jan 20, 2025
edited
Loading

🦋 Changeset detected

Latest commit: 9d04d4f

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 1 package
Name Type
@infra/resources Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@github-actions github-actions bot added the infra label Jan 20, 2025
@kin0992 kin0992 mentioned this pull request Jan 20, 2025
Merged
@dpulls dpulls
Copy link

dpulls bot commented Jan 20, 2025

🎉 All dependencies have been resolved !

@kin0992 kin0992 force-pushed the features/create-apim-named-value-for-function-key branch from 56883db to 9d04d4f Compare January 20, 2025 09:50
@github-actions GitHub Actions
Copy link
Contributor

📖 Terraform Plan ('infra/resources/dev') - success

Terraform Plan 
Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create
  ~ update in-place

Terraform will perform the following actions:

  # azurerm_api_management_named_value.to_do_api_key will be created
  + resource "azurerm_api_management_named_value" "to_do_api_key" {
      + api_management_name = "dx-d-itn-playground-pg-apim-01"
      + display_name        = "to-do-api-function-key"
      + id                  = (known after apply)
      + name                = "to-do-api-function-key"
      + resource_group_name = "dx-d-itn-test-rg-01"
      + secret              = true

      + value_from_key_vault {
          + secret_id = "https://dx-d-itn-common-kv-01.vault.azure.net/secrets/to-do-api-key"
        }
    }

  # module.to_do_api.azurerm_api_management_api_policy.policy will be updated in-place
  ~ resource "azurerm_api_management_api_policy" "policy" {
        id                  = "/subscriptions/d7de83e0-0571-40ad-b63a-64c942385eae/resourceGroups/dx-d-itn-test-rg-01/providers/Microsoft.ApiManagement/service/dx-d-itn-playground-pg-apim-01/apis/to-do-api"
      ~ xml_content         = <<-EOT
          - <policies>
          - 	<inbound>
          - 		<base />
          - 		<set-backend-service backend-id="to-do-api-azure-function" />
          - 		<!-- Append base-path, if defined, before invoking the backend -->
          - 		<choose>
          - 			<when condition="@(System.String.IsNullOrEmpty("api"))"></when>
          - 			<otherwise>
          - 				<rewrite-uri template="@(System.String.Concat("api/", context.Request.Url.Path))" />
          - 			</otherwise>
          - 		</choose>
          - 		<cors>
          - 			<allowed-origins>
          - 				<origin>*</origin>
          - 			</allowed-origins>
          - 			<allowed-methods>
          - 				<method>*</method>
          - 			</allowed-methods>
          - 			<allowed-headers>
          - 				<header>*</header>
          - 			</allowed-headers>
          - 			<expose-headers>
          - 				<header>*</header>
          - 			</expose-headers>
          - 		</cors>
          - 	</inbound>
          - 	<outbound>
          - 		<base />
          - 	</outbound>
          - 	<backend>
          - 		<base />
          - 	</backend>
          - 	<on-error>
          - 		<base />
          - 	</on-error>
          + <policies>
          +   <inbound>
          +     <base />
          +     <set-backend-service backend-id="to-do-api-azure-function" />
          + 
          +      <!-- Append base-path, if defined, before invoking the backend -->
          +     <choose>
          +       <when condition='@(System.String.IsNullOrEmpty("api"))'>
          +       </when>
          +       <otherwise>
          +         <rewrite-uri template='@(System.String.Concat("api/", context.Request.Url.Path))' />
          +       </otherwise>
          +     </choose>
          + 
          +     <cors>
          +       <allowed-origins>
          +           <origin>*</origin>
          +       </allowed-origins>
          +       <allowed-methods>
          +           <method>*</method>
          +       </allowed-methods>
          +       <allowed-headers>
          +           <header>*</header>
          +       </allowed-headers>
          +       <expose-headers>
          +           <header>*</header>
          +       </expose-headers>
          +     </cors>
          +   </inbound>
          +   <outbound>
          +     <base />
          +   </outbound>
          +   <backend>
          +     <base />
          +   </backend>
          +   <on-error>
          +     <base />
          +   </on-error>
            </policies>
        EOT
        # (4 unchanged attributes hidden)
    }

  # module.apim_roles.module.key_vault.azurerm_role_assignment.secrets["dx-d-itn-common-rg-01|dx-d-itn-common-kv-01|reader"] will be created
  + resource "azurerm_role_assignment" "secrets" {
      + id                               = (known after apply)
      + name                             = (known after apply)
      + principal_id                     = "b3a4b30d-2171-4466-8ec3-c0cd067a8fa5"
      + principal_type                   = (known after apply)
      + role_definition_id               = (known after apply)
      + role_definition_name             = "Key Vault Secrets User"
      + scope                            = "/subscriptions/d7de83e0-0571-40ad-b63a-64c942385eae/resourceGroups/dx-d-itn-common-rg-01/providers/Microsoft.KeyVault/vaults/dx-d-itn-common-kv-01"
      + skip_service_principal_aad_check = (known after apply)
    }

Plan: 2 to add, 1 to change, 0 to destroy.

Warning: Argument is deprecated

  with azurerm_cosmosdb_sql_container.tasks,
  on cosmos.tf line 37, in resource "azurerm_cosmosdb_sql_container" "tasks":
  37:   partition_key_path    = "/id"

`partition_key_path` will be removed in favour of the property
`partition_key_paths` in version 4.0 of the AzureRM Provider.

(and one more similar warning elsewhere)

─────────────────────────────────────────────────────────────────────────────

Note: You didn't use the -out option to save this plan, so Terraform can't
guarantee to take exactly these actions if you run "terraform apply" now.

@kin0992 kin0992 merged commit 6801b26 into main Jan 20, 2025
4 checks passed
@kin0992 kin0992 deleted the features/create-apim-named-value-for-function-key branch January 20, 2025 10:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@kin0992 kin0992

Labels
changeset infra size/small
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@kin0992