AWS |
AWS - Webinar Channel |
Containers Shortclips: Introduction to AWS AppRunner |
https://www.youtube.com/watch?v=QIkMtS14pWM
|
Containers Shortclips Introduction to AWS AppRunnerIn this short session we will through the new AWS AppRunner Service it s capabilities and features We will also demonstrate a quick demo to showcase AppRunner s capabilities on a full stack application Want to talk with an AWS Israel container Expert Schedule a meeting today |
2021-11-14 10:49:13 |
AWS |
AWS - Webinar Channel |
AWS ML short clips: Get started with Amazon SageMaker JumpStart in minutes (Hebrew) |
https://www.youtube.com/watch?v=kSvEmKRGzm0
|
AWS ML short clips Get started with Amazon SageMaker JumpStart in minutes Hebrew Getting started with machine learning ML can be time consuming Amazon SageMaker JumpStart helps you quickly and easily get started with ML In this session you ll discover how you can use SageMaker JumpStart to deploy solutions for common use cases such as purchase model churn prediction and credit risk prediction with just a few clicks In addition you will learn how to use SageMaker JumpStart for one click deployment and fine tuning with more than popular open source models for modalities such as natural language processing object detection and image classification |
2021-11-14 10:29:28 |
python |
Pythonタグが付けられた新着投稿 - Qiita |
メールのエンコード/デコード方式 |
https://qiita.com/kindkindwar/items/d7b14cb61eaf9f48fa1e
|
Pythonライブラリを使ったencodedecodequotedprintableは非ASCII文字で表現されたテキストデータをbitすなわちASCII文字で表現するためのエンコード方式です。 |
2021-11-14 19:56:48 |
python |
Pythonタグが付けられた新着投稿 - Qiita |
Python を使って、指定したファイルを選択した状態でエクスプローラを起動する |
https://qiita.com/Uqbar/items/5c9db5f1fdea73e63297
|
importospathCUsershogeDocuments新しいフォルダーosstartfilepathしかし、この方法ではフォルダ内のファイルを選択しておくことはできません。 |
2021-11-14 19:35:36 |
js |
JavaScriptタグが付けられた新着投稿 - Qiita |
【JavaScript】反復処理⑦ 反復可能オブジェクト(ジェネレーター)� |
https://qiita.com/nao0725/items/75a9c66885215be1ac9a
|
【JavaScript】反復処理⑦反復可能オブジェクトジェネレーター�はじめにUdemyの【JS】ガチで学びたい人のためのJavaScriptメカニズムの講座の振り返りです。 |
2021-11-14 19:48:58 |
Program |
[全てのタグ]の新着質問一覧|teratail(テラテイル) |
vimでyank時にクリップボードにコピーをしたいのですが上手くいきません。 |
https://teratail.com/questions/369286?rss=all
|
vimでyank時にクリップボードにコピーをしたいのですが上手くいきません。 |
2021-11-14 19:45:26 |
Program |
[全てのタグ]の新着質問一覧|teratail(テラテイル) |
ニューラルネットワークを用いたデータの分類 |
https://teratail.com/questions/369285?rss=all
|
ですが、実行してみたところ以下のようなエラーが出てしまい、どう対処すれば良いか分かりません。 |
2021-11-14 19:44:40 |
Program |
[全てのタグ]の新着質問一覧|teratail(テラテイル) |
premiere pro のプログラムによる自動化 |
https://teratail.com/questions/369284?rss=all
|
premiereproのプログラムによる自動化やりたいこと動画編集ツールのpremierenbspproで、特定の作業をプログラムを書いて自動化したい【やりたい作業】・クリップごとに決まった効果音を挿入・テキストごとに決まったテキストスタイルを適応調べたソース・PremierenbspPronbspScriptingnbspGuide・その作業、自動化できませんかAfterEffects自動化ことはじめ・Pythonで行うライブラリ・PremierenbspPronbspampnbspMedianbspEncoder自動化サンプル集nbsp※今はVSCodeの拡張機能を使ってやるそうです。 |
2021-11-14 19:44:23 |
Program |
[全てのタグ]の新着質問一覧|teratail(テラテイル) |
Python 関数にてglobal変数の値を増加させる方法 |
https://teratail.com/questions/369283?rss=all
|
Python関数にてglobal変数の値を増加させる方法global変数を増加させる関数を用意したいと考えております。 |
2021-11-14 19:33:23 |
Program |
[全てのタグ]の新着質問一覧|teratail(テラテイル) |
php で br の改行コードを書きましたが反映されません。 |
https://teratail.com/questions/369282?rss=all
|
phpでbrの改行コードを書きましたが反映されません。 |
2021-11-14 19:31:03 |
Program |
[全てのタグ]の新着質問一覧|teratail(テラテイル) |
WordPressでwp-pagenaviを使っても2P目以降(ページネーション)が同じ内容が表示される問題について |
https://teratail.com/questions/369281?rss=all
|
|
2021-11-14 19:19:38 |
Program |
[全てのタグ]の新着質問一覧|teratail(テラテイル) |
ユーザー登録機能が上手くいきません |
https://teratail.com/questions/369280?rss=all
|
ユーザー登録機能が上手くいきません前提・実現したいことPHPでユーザー登録、ログイン機能を作っているのですが、ユーザー登録の条件を満たしているはずなのにmysqlに登録できません。 |
2021-11-14 19:16:21 |
Program |
[全てのタグ]の新着質問一覧|teratail(テラテイル) |
$this->Auth->user('id')を取得したい |
https://teratail.com/questions/369279?rss=all
|
thisgtAuthgtuserxidxを取得したいthisgtAuthgtuseraposidaposを取得したいPHPCakePHPxで簡単な掲示板を作っています。 |
2021-11-14 19:14:25 |
Ruby |
Rubyタグが付けられた新着投稿 - Qiita |
Ruby 「unterminated string meets end of file」とエラーが出たら? |
https://qiita.com/shun3453/items/1078a79a0ca18e2df2a3
|
putshello |
2021-11-14 19:12:44 |
Git |
Gitタグが付けられた新着投稿 - Qiita |
Vue-CLIでプロジェクトを作成してGitと連携する話 |
https://qiita.com/kyrice2525/items/4b6405c1d4028aa98944
|
VueCLIで作成したプロジェクトのソース管理をGitで行いたいと思いました。 |
2021-11-14 19:27:34 |
Ruby |
Railsタグが付けられた新着投稿 - Qiita |
Rails 掲示板作成機能 解説 |
https://qiita.com/yuht-09/items/e207132b5335ae96a708
|
親にあたるuserが削除された際に、子にあたるbordだけが残ると「board親があるのにuser子がいない」ということになり、整合性が取れずバグの原因になる為、「dependentdestroy」を使って、ユーザーが削除されたらそのユーザーが投稿した掲示板も削除されるようにする。 |
2021-11-14 19:13:27 |
海外TECH |
DEV Community |
GitHub Actions Hackathon 2021 - Reusable workflows to automate tokens |
https://dev.to/pwd9000/github-actions-hackathon-2021-reusable-workflows-to-automate-tokens-3hke
|
GitHub Actions Hackathon Reusable workflows to automate tokens Automate Azure Service Bus SAS tokens with reusable Github ActionsI decided to submit a second github Actions hack for this years ActionsHackathon contest In my post I demonstrate how we can implement and automate Azure Service bus SAS tokens using github actions The post also covers a new github actions workflow feature using a reusable GitHub workflow as a job to handle temporary SAS token generation Here is the link to the post in which my github actions are documented and explained enjoy Automate Azure Service Bus SAS tokens with Github Marcel L・Nov ・ min read devops security azure github Submission Category Wacky WildcardsI know ITSec Ops workflows are totally WACKY Yaml File or Link to Code Pwd ML Azure Service Bus SAS Management Repository to maintain and manage Azure Service Bus SAS tokens Azure Service Bus SAS ManagementRepository to maintain and manage Azure Service Bus SAS tokensThis repository hosts github workflows which can be used to automate and generate short lived usable Azure Service Bus SAS tokens and stores them inside of an Azure Key Vault See my blog post for full details With the workflows published on this repo you can implement and automate Azure Service bus SAS tokens using reusable github action workflows The post above also explains in detail a new github actions workflow feature by using a reusable GitHub workflow as a job to generate short lived Service Bus SAS tokens View on GitHubREADMEWORKFLOWSLICENSE AuthorLike share follow me on GitHub Twitter LinkedIn ltag user id follow action button background color cbb important color important border color cbb important Marcel LFollow Cloud Solutions amp DevOps Architect |
2021-11-14 10:48:59 |
海外TECH |
DEV Community |
Hangi Sunucu İşletim Sistemini tercih etmeliyim? |
https://dev.to/aciklab/hangi-sunucu-isletim-sistemini-tercih-etmeliyim-am7
|
Hangi Sunucu İşletim Sistemini tercih etmeliyim Çeşitli proje ve durumlarda ilk karşımıza çıkan önemli bir sorunun hangi sunucu işletim sistemini tercih etmeliyim olduğunu düşünüyorum Çünküen basitinden üzerine kurulacak uygulamanın bağımlılıklarının belirlenmesi güncelleme süreçlerinin yönetilme süreçleri için ortaya çıkacak cevap oldukça önemli Her ne kadar bu soru konteynır mimarileriyle birlikte önemini biraz yitirse de sanal makine VM kullanımının hala ciddi oranda kullanıldığıalanlarda bu yapıdevam etmektedir Bu yazımda genel olarak konteynır sistemlerle ilgili bir yorum içermemektedir Bu konu hakkında ayrıca bir yazıyazma düşüncem var Elimizde neler var Tercih etmeden önce elimizde neler olduğu ve tabi ki sonrasında bu seçeneklerin neler sunduklarına bakmak gerekir Tabi ki bu yazıyıyazarken yani yılısonu ve Türkiye piyasasıitibariyle yazdığımıbelirtmek isterim Ve tabi ki GNU Linux ekosistemindeki dağıtımlardan bahsedeceğiz Birazdan bahsedeceğim nedenlerle elimizdeki sunucu işletim sistemleri aşağıdaki gibi olduğunu düşünmekteyim CentOS İleride AlmaLinux ve RockyLinux DebianOracleLinuxPardusRHEL RedHat Enterprise Linux UbuntuÖncelikle listedeki RHEL OracleLinux ve Ubuntu dağıtımlarısırasıile RedHat IBM Oracle ve Canonical tarafından kurumsal olarak desteklenmektedir Listedeki Pardus bilindiği gibi TÜBİTAK ULAKBİM tarafından geliştirilmekte ve desteklenmektedir Debian ve CentOS vs ise topluluk tarafından desteklenmekte ve arkadalarında bir firma bulunmayıp birden fazla firma tarafından fonlanarak süreçlerine devam etmekteler CentOS parantezinde AlmaLinux ve RockyLinux yazmamın nedenini muhtemelen biliyorsunuzdur Çok özetle tekrar etmem gerekirse CentOS güncel sürümlerinde CentOS Stream olarak devam ediyor ve RHEL in güncel paket sistemini değil ileride yapacağıpaketleri kullanmaya başladı Bu nedenle CentOS topluluğu AlmaLinux ve RockyLinux topluluklarına dağıldı Hızlıolan AlmaLinux birkaçadım önde gözükse de topluluğun daha büyük kısmıRockyLinux ta birleşmişti Tek bir kazanan mıolacak yoksa böyle bir ayrım devam mıedecek süreci zaman gösterecek Tercih Kriterleri Ana Sürüm Duyuru Aralıklarıİşletim sistemleri her x yılda bir yeni sürüm duyurmaktalar Bu sürümlere direkt olarak geçmek çok sağlıklıolmayacağıgibi sık sürüm duyurusu yapmayan işletim sistemleri için kullandıklarıpaket ve paket sürümlerinin eskidiği yeni özellikleri alamadığıve dolayısıyla tercih etmenin zor olduğu görülebilmektedir Bu açıdan baktığımızda CentOS yaklaşık yılda bir ana sürümDebian yılda bir kararlıPardus yılda bir kararlıRHEL yaklaşık yılda bir ana sürümOracleLinux yaklaşık yılda bir ana sürümUbuntu yılda bir LTS Long Term Support Kişisel fikrimce sıklıkla güncellenebilen işletim sistemleri sadece yeni paketleri kullanmak için bakıldığında daha verimli olacaktır Sadece bu anlamda yerine yılda bir sürüm çıkartan dağıtımlarda yeni bir projeye başlarken çok eski bir dağıtımdan başlamak gerektiği için sonraki süreçteki güncellemede daha zorlanılmaktadır Ayrıca sıklıkla sürüm güncellenmesi her makineyi güncellememiz gerektiğini düşündürtmemeli Aradaki ana sürümleri kullanmak yerine yerine yılda bir güncellemelerin yapılmasıda mümkündür Ve hatta sonraki bölümde bahsedildiği gibi istenildiği takdirde yaşam ömrüboyunca kullanılabilir Dolayısıyla bu kategoride Debian Pardus ve Ubuntu daha avantajlıolduğunu düşünüyorum İşletim Sistemi Destek SüreleriEn önemli tercih kriterlerinden birisinin destek süresi olduğunu düşünmekteyim Bu kavram bir işletim sistemi sürümüçıktıktan sonra bu sürüme ne kadar süre destek verileceğini belirten önemli bir ifadedir Destek süresi derken işletim sistemi içindeki programların paketlerin güvenlik güncellemelerini alabilme süreci olarak genellenebileceğini belirtmek isterim Destek süresi kavramınıaçıklarken birkaçkavramıda bilmek gerekiyor Bunlardan birisi End Of Life EoL yani yaşam ömrü destek süresinin ne zaman biteceğini Extended security maintenance yani genişletilmişgüvenlik bakımı güvenlik güncellemelerini alacak süreyi ifade etmektedir Bu açıdan baktığımızda CentOS yıl yaşam ömrüne sahiptir Debian yıl yaşam ömrüne sahiptir Pardus yıl yaşam ömrüne sahiptir RHEL yıl yaşam ömrü yıl genişletilmişgüvenlik bakımına sahiptir OracleLinux yıl yaşam ömrü yıl genişletilmişgüvenlik bakımına sahiptir Ubuntu yıl yaşam ömrü yıl genişletilmişgüvenlik bakımına sahiptir Destek süresi en önemli ve işe yarar kategori olarak ne kadar çok ise o kadar avantajlıolmaktadır Dolayısıyla bu kategoride RHEL OracleLinux ve Ubuntu nun daha avantajlıolduğunu düşünüyorum Destek geçmişi eğitim ve bilinirlikBu başlık da kurumsal kullanım için oldukça önemli bir konu Özellikle kariyer olarak Linux Sistem Yöneticisi aramalarında dahi RedHat sistemleri ile Debian tabanlısistemleri birbirinden ayrılmaktadır Kurumsal geçmişten dolayıda RedHat sistem yöneticilerinin bulunmasıdaha kolay olmaktadır Sadece geçmişten kalma alışkanlık olarak değil RedHat in kariyer yol planlamasıolmasından dolayıbu sektöre giren insanlar için yükselebilmeyi içermektedir Güncel olarak RedHat eğitimlerine karşıLinux Foundation un eğitimleri her iki sistemi de içermesine rağmen yine de kurumsal olarak Redhat tabanlısistemleri avantajlıkılmakta Debian tabanlısistemlerde de Canonical firmasından dolayıUbuntu özellikle yazılım geliştiricilerin pazarında özellikle son yılda yer edinmeye başlamıştır Sunucu kurulum dokümanlarıkonusunda çoğu zaman RedHat sistemlerden daha fazla dokümana ulaşabilme Debian depolarının genellikle Ubuntu temelli olmasından dolayıdiğer Debian tabanlısistemlere göre artıdeğer kazandırmaktadır Dolayısıyla bu kategoride RedHat CentOS ve OracleLinux başta olmasına rağmen Ubuntu da diğerlerinden sıyrılıp yükseliştrendinde olduğu görülmektedir Destek Fiyatlandırmasıve KullanımYukarıdaki dağıtımlardan RHEL dışındaki tüm dağıtımların depolarıherkesin kullanımına açık olmasına rağmen RHEL depolarıiçin abonelik yöntemi kullanılmaktadır Dolayısıyla ücretsiz veya anlaşmasız bir şekilde RHEL deposunu kullanamazsınız Diğer dağıtımlarda ise buna benzer bir kısıtlama yoktur Destek kavramlarıise tamamen firmaların verdikleri hizmetlere göre değişmektedir Dolayısıyla bu kategoride RedHat dışındaki tüm dağıtımların daha avantajlıolduğu görülmektedir Sözün ÖzüYukarıda anlatmak istediğim başlıkların özeti yapılmak istenirse kurumsal bir firmanın Ubuntu veya RHEL ile çalışmasıtercih edilebilecek bir durum olarak görülmektedir Ubuntu yerine Debian veya Pardus tercih edilmesini sağlayacak çeşitli maddeler olsa da bu tercih için Debian veya Pardus konusunda deneyimli personel veya firma ile çalışmak gerektiği aşikardır RHEL ile başlamak yerine CentOS artık AlmaLinux ve RockyLinux ve OracleLinux ile başlamak ise maliyet açısından daha mantıklıolduğunu düşünmekteyim Dolayısıyla bu dağıtımlarla başlayıp ihtiyaçduyuluyorsa RHEL e geçmek mantıklıolabilir Kişisel olarak sunucu tarafındaki kullanım yorumum sorulursa da sonu itibariyle çok tartışılabilir ama Ubuntu olarak görmekteyim Fakat gerektiği yerlerde diğer dağıtımlarla da çalışıp hibrit bir kullanım da her zaman aklımızda olmasıgerektiğini düşünmekteyim Dixi |
2021-11-14 10:47:43 |
海外TECH |
DEV Community |
Design pattern in golang: builder |
https://dev.to/ynwd/design-pattern-in-golang-builder-2am
|
Design pattern in golang builderBuilder pattern dipakai untuk membuat sebuah instance dari sebuah struct beserta dengan semua propertinya Perhatikan struct berikut package maintype User struct name string email string address string dateOfBirth DateOfBirth package maintype DateOfBirth struct year int month int day int Implementasi patternpackage mainimport fmt strconv strings func newUserBuilder User return amp User func u User Build User error return User name u name email u email address u address dateOfBirth u dateOfBirth nil func u User SetName name string u name name func u User SetEmail email string u email email func u User SetAddress address string u address address func u User SetDateOfBirth dob string splitted strings Split dob day err strconv Atoi splitted if err nil u dateOfBirth DateOfBirth month err strconv Atoi splitted if err nil u dateOfBirth DateOfBirth year err strconv Atoi splitted if err nil u dateOfBirth DateOfBirth u dateOfBirth DateOfBirth day month year Bahkan kalau mau kamu dapat menambahkan validasi pada setiap variabel yang akan menjadi input sebelum ia dipakai oleh setiap properti dari sebuah struct Cara penggunaanpackage mainfunc main builder newUserBuilder builder SetName agus builder SetAddress cirebon builder SetEmail agus email com builder SetDateOfBirth user err builder Build if err nil fmt Println err return fmt Println user KesimpulanDengan builder pattern kita dapat membuat instance dari sebuah struct dan menambahkan validasi pada variabel variabel yang akan menjadi input nya Source code |
2021-11-14 10:25:42 |
海外TECH |
DEV Community |
Automate Azure Service Bus SAS tokens with Github |
https://dev.to/pwd9000/automate-azure-service-bus-sas-tokens-with-github-37ok
|
Automate Azure Service Bus SAS tokens with Github OverviewIn todays tutorial I will demonstrate how to use powerShell in Github Actions to automate Azure Service Bus SAS tokens to generate short lived usable tokens with a validity period of minutes and securely store the newly generated SAS tokens inside of an Azure Key Vault ready for consumption We will create an Azure Service Bus and Key Vault and a single reusable github workflow to handle our SAS token requests as well as a service principal Azure identity to fully automate everything For the purpose of this demonstration we will also have a main workflow that is triggered manually Our main workflow when triggered will first call our reusable github workflow that will generate our temporary SAS token that will only be valid for minutes and store the SAS token inside of the key vault The token validity period can be adjusted based on your needs or requirement Our main workflow will then retrieve the SAS token from the key vault and send the message through to our service bus queue This means that whenever we need to call our service bus we can now generate a temporary SAS token to call our Azure service bus using a reusable GitHub workflow to generate our token for us and we can access the token securely from key vault using a different process or even a different github workflow Lets take a look at a sample use case flow diagram of how this would look like Note Maintaining Service Bus SAS tokens using an Azure key vault is particularly useful for teams who maintain secrets management and need to ensure that only relevant users principals and processes can access secrets from a secure managed location and also be rotated on a regular basis Azure key vaults are also particularly useful for security or ops teams who maintain secrets management instead of giving other teams access to your deployment repositories in Github teams who look after deployments no longer have to worry about giving access to other teams in order to manage secrets as secrets management will be done from an Azure key vault which nicely separates roles of responsibility when spread across different teams Protecting secrets in githubGithub Secrets is a great way that will allow us to store sensitive information in our organization repository or repository environments In fact we will set up a github secret later in this tutorial that will allow us to authenticate to Azure Even though this is a great feature to be able to have secrets management in Github you may be looking after many repositories all with different secrets this can become an administrative overhead when secrets or keys need to be rotated on a regular basis for best security practice that s where Azure key vault can also be utilized as a central source for all your secret management in your GitHub workflows What do we need to start generating Service Bus SAS tokens For the purpose of this demo and so you can follow along I will set up the Azure environment with all the relevant resources described below Azure key vault This will be where we centrally store access and manage all our Service Bus SAS tokens Service Bus Namespace We will create a service Bus Namespace and Queue Azure AD App amp Service Principal This is what we will use to authenticate to Azure from our github workflows Github repository This is where we will keep all our source code and workflows Create an Azure key vaultNOTE A complete script for all the steps Pre Reqs described in building the environment can be found on my GitHub code pageFor this step I will be using Azure CLI using a powershell console First we will log into Azure by running az loginNext we will set some variables Set variables randomInt Get Random Maximum subscriptionId az account show query id output tsv resourceGroupName Actions Service Bus Demo location UKSouth keyVaultName secrets vault randomInt nameSpaceName githubactions queueName queue policyName myauthrule currentUser az ad signed in user show query objectId output tsv Next we will create a resource group and key vault by running Create ResourceGroup and Key Vaultaz group create name resourceGroupName l locationaz keyvault create name keyVaultName resource group resourceGroupName location location enable rbac authorization Grant Key Vault Creator Current User Key Vault Secrets Officer az role assignment create assignee object id currentUser role Key Vault Secrets Officer scope subscriptions subscriptionId resourceGroups resourceGroupName providers Microsoft KeyVault vaults keyVaultName assignee principal type User As you see above we use the option enable rbac authorization The reason for this is because our current logged in user as well as our service principal used by our github workflow we will create later will access this key vault using the RBAC permission model We also grant the key vault creator in our case the current logged in user Key Vault Secrets Officer access to the key vault as we will store our service bus policy primary key in the key vault Create an Azure Service BusNext we will create a Service Bus Namespace and Queue by running Create Service Bus and Queue and policy with Send and Listen rights az servicebus namespace create resource group resourceGroupName name nameSpaceName location location sku Basic az servicebus queue create resource group resourceGroupName namespace name nameSpaceName name queueNameaz servicebus namespace authorization rule create resource group resourceGroupName namespace name nameSpaceName name policyName rights Send Listen Retrieve and save primary key of new policy to key vault will be used later as a GH Secret in GH workflow policyPrimaryKey az servicebus namespace authorization rule keys list resource group resourceGroupName namespace name nameSpaceName name policyName query primaryKey output tsvaz keyvault secret set vault name keyVaultName name policyName PrimaryKey value policyPrimaryKeyYou will notice that our Service Bus has a Policy called myauthrule with only Send and Listen configured And our policies Primary Key will be saved in our key vault called myauthrulePrimaryKey We will use this secret later in our GitHub workflow to generate our temp SAS token Create an Azure AD App amp Service PrincipalNext we will create our Azure AD App by running the following in a powershell console window a name for our azure ad app appName gitHubActionsVaultUser create Azure AD appaz ad app create display name appName homepage http localhost appName Next we will retrieve the App ID and set it to a powershell variable appId get the app id appId az ad app list display name appName query appId o tsv Now that we have our appId we can create our service principal that we will use to authenticate our GitHub workflow with Azure and also give our principal the correct Role Based Access Control RBAC permissions on our key vault we created earlier We will give our principal the RBAC IAM role Key Vault Secrets Officer because we want our workflow to be able to retrieve secret keys and also set secrets for our Service Bus SAS tokens Create Service Principal to be used as GH Secret credential to authenticate to Azure Make note of JSON output on this step az ad sp create for rbac name appId role Key Vault Secrets Officer scopes subscriptions subscriptionId resourceGroups resourceGroupName providers Microsoft KeyVault vaults keyVaultName sdk authThe above command will output a JSON object with the role assignment credentials that provide access to your key vault Copy this JSON object for later You will only need the sections with the clientId clientSecret subscriptionId and tenantId values clientId lt GUID gt clientSecret lt PrincipalSecret gt subscriptionId lt GUID gt tenantId lt GUID gt Configure our GitHub repositoryNext we will configure our Github repository and Github workflow My Github repository is called Azure Service Bus SAS Management You can also take a look or even use my github repository as a template HERE Remember at the beginning of this post I mentioned that we will create a github secret we will now create this secret on our repository which will be used to authenticate our Github workflow to Azure when it s triggered In GitHub browse your repository Select Settings gt Secrets gt New repository secret Paste the JSON object output from the Azure CLI command we ran earlier into the secret s value field Give the secret the name AZURE CREDENTIALS Because we will have two workflows in this demo we will create our reusable workflow first called new service bus sas token yaml then we will create our main workflow that will send a message to our Service bus called main yaml Configure our GitHub workflowsNow create a folder in the repository called github and underneath another folder called workflows In the workflows folder we will create a YAML file called new service bus sas token yaml The YAML file can also be accessed HERE code new service bus sas token yamlname New Service Bus SAS Tokenon workflow call secrets azure credentials description Azure Credential passed from the main caller workflow required truejobs new sas token runs on windows latest env KEY VAULT NAME secrets vault SB NAMESPACE githubactions SB POLICY NAME myauthrule SB POLICY KEY NAME myauthrulePrimaryKey steps name Check out repository uses actions checkout v name Log into Azure using github secret AZURE CREDENTIALS uses Azure login v with creds secrets azure credentials enable AzPSSession true name Get Service Bus Policy Key uses Azure get keyvault secrets v with keyvault env KEY VAULT NAME secrets env SB POLICY KEY NAME id sbPrimaryKey name Generate Service Bus SAS token uses azure powershell v with inlineScript null Reflection Assembly LoadWithPartialName System Web Set Variables keyVaultName env KEY VAULT NAME serviceBusNameSpace env SB NAMESPACE accessPolicyName env SB POLICY NAME accessPolicyKeyName env SB POLICY KEY NAME dateTime Get Date ToString URI serviceBusNameSpace servicebus windows net accessPolicyKey steps sbPrimaryKey outputs myauthrulePrimaryKey Generate Temp SAS Token Token expires now min expires DateTimeOffset Now ToUnixTimeSeconds signatureString System Web HttpUtility UrlEncode URI n string expires HMAC New Object System Security Cryptography HMACSHA HMAC key Text Encoding ASCII GetBytes accessPolicyKey signature HMAC ComputeHash Text Encoding ASCII GetBytes signatureString signature Convert ToBaseString signature SASToken SharedAccessSignature sr System Web HttpUtility UrlEncode URI amp sig System Web HttpUtility UrlEncode signature amp se expires amp skn accessPolicyName Set Temp SAS token in Azure Key Vault Write Output Update SAS token in keyVaultName secretToken ConvertTo SecureString String SASToken AsPlainText Force tags Automation Github Workflow Temp SAS true Generated On dateTime null Set AzKeyVaultSecret VaultName keyVaultName Name accessPolicyName SAS TOKEN SecretValue secretToken Tags tags Write Output SAS Token Saved to Key Vault Secret as accessPolicyName SAS TOKEN azPSVersion latest The above YAML workflow has a special trigger as shown below which will only run when called by another GitHub workflow Also note that we have to declare any secrets that are sent into the workflow from the caller using the secrets argument code new service bus sas token yaml L Lon workflow call secrets azure credentials description Azure Credential passed from the main caller workflow required trueNote The only fields that needs to be updated for the new service bus sas token yaml workflow to be used in your environment are shown below Unfortunately it is not possible to use environment variables inside of step outputs so we also have to explicitly reference our key vault secret name code new service bus sas token yaml L Lenv KEY VAULT NAME secrets vault SB NAMESPACE githubactions SB POLICY NAME myauthrule SB POLICY KEY NAME myauthrulePrimaryKey code new service bus sas token yaml L L accessPolicyKey steps sbPrimaryKey outputs myauthrulePrimaryKey Note that our reusable github workflow will save the temporary Service Bus SAS token in Azure keyvault under the secret key name ServiceBusPolicyName SAS TOKEN This SAS token will only be valid for minutes Now onto our main workflow file In the same workflows folder we will create a second YAML file called main yaml The YAML file can also be accessed HERE code main yamlname Send Service Bus Messageon workflow dispatch jobs new sas token name Generate New Sas Token uses Pwd ML Azure Service Bus SAS Management github workflows new service bus sas token yaml master secrets azure credentials secrets AZURE CREDENTIALS send sb message name Send Service Bus Message needs new sas token runs on windows latest env KEY VAULT NAME secrets vault SB NAMESPACE githubactions SB QUEUE NAME queue SB POLICY SAS NAME myauthrule SAS TOKEN steps name Check out repository uses actions checkout v name Log into Azure using github secret AZURE CREDENTIALS uses Azure login v with creds secrets AZURE CREDENTIALS enable AzPSSession true name Get Service Bus SAS Token uses Azure get keyvault secrets v with keyvault env KEY VAULT NAME secrets env SB POLICY SAS NAME id sbSasToken name Send Service Bus Message uses azure powershell v with inlineScript message pscustomobject Body Hello ActionsHackathon serviceBusNameSpace env SB NAMESPACE serviceBusQueueName env SB QUEUE NAME body message Body message psobject properties Remove Body URI https serviceBusNameSpace servicebus windows net serviceBusQueueName messages token steps sbSasToken outputs myauthrule SAS TOKEN headers Authorization token Content Type application atom xml type entry charset utf headers Add BrokerProperties ConvertTo JSON InputObject message Compress Invoke rest method null Invoke RestMethod Uri URI Headers headers Method Post Body body azPSVersion latest The above YAML workflow has a manual trigger as shown below Also note that we have to explicitly pass secrets on to our reusable workflow we are calling in the first job using the secrets argument Trigger code main yaml L Lon workflow dispatch Explicitly pass secret code main yaml L Lnew sas token name Generate New Sas Tokenuses Pwd ML Azure Service Bus SAS Management github workflows new service bus sas token yaml mastersecrets azure credentials secrets AZURE CREDENTIALS Note The only fields that needs to be updated for the main yaml workflow to be used in your environment are shown below Unfortunately it is not possible to use environment variables inside of step outputs so we also have to explicitly reference our key vault secret name code new service bus sas token yaml L Lenv KEY VAULT NAME secrets vault SB NAMESPACE githubactions SB QUEUE NAME queue SB POLICY SAS NAME myauthrule SAS TOKEN code new service bus sas token yaml L L token steps sbSasToken outputs myauthrule SAS TOKEN Testing WorkflowsLet s trigger our main yaml workflow It should trigger our reusable workflow called new service bus sas token yaml that will generate a temp Service Bus SAS token and save this token in our Key Vault Afterwards it will return to the main yaml workflow and retrieve the temp SAS token from the key vault and send our Service Bus a message with a body of Hello ActionsHackathon Both our workflows ran successfully The first job generates our temp SAS token from a reusable workflow and the second job consumes that temporary SAS token from key vault sends our message to our Service Bus using the short lived SAS token As you can see our message was sent to our Service Bus Queue using the temporary SAS token retrieved from the keyvault ConclusionThe main take away of this tutorial is to know that we can create reusable GitHub Action workflows that can be called as separate jobs in other workflows By carving up large workflows and referencing reusable workflows we can cut down on duplication and also make our workflows much more dynamic Additionally we did something cool by creating a security process in which we generate short lived secure Service Bus SAS tokens that are stored in an Azure Key Vault and can be permissioned and consumed by other services in a controlled manner I hope you have enjoyed this post and have learned something new You can also find the code samples used in this blog post on my Github page Additionally you can use this github repository used in this tutorial as a template in your own github account and start to generate and automate your Service Bus SAS tokens today ️ AuthorLike share follow me on GitHub Twitter LinkedIn ltag user id follow action button background color cbb important color important border color cbb important Marcel LFollow Cloud Solutions amp DevOps Architect |
2021-11-14 10:04:58 |
海外ニュース |
Japan Times latest articles |
Teenager Natsu Ota becomes Japan’s youngest pentathlon champion |
https://www.japantimes.co.jp/sports/2021/11/14/more-sports/track-field/teenager-natsu-ota-becomes-japans-youngest-pentathlon-champion/
|
Teenager Natsu Ota becomes Japan s youngest pentathlon championThe year old who is aiming for a spot in the Paris Olympics overcame London Olympian Shino Yamanaka during the laser run to finish with |
2021-11-14 19:34:53 |
海外ニュース |
Japan Times latest articles |
Jubilo Iwata clinches J1 promotion with win over Mito |
https://www.japantimes.co.jp/sports/2021/11/14/soccer/j-league/jubilo-iwata-promotion/
|
Jubilo Iwata clinches J promotion with win over MitoThe three time J champion s fourth consecutive win moved them to points ensuring they will finish no worse than second and return to the first |
2021-11-14 19:30:08 |
海外ニュース |
Japan Times latest articles |
Terunofuji starts new era with hard-fought win to open Kyushu Basho |
https://www.japantimes.co.jp/sports/2021/11/14/sumo/basho-reports/kyushu-basho-2021-day-1/
|
Terunofuji starts new era with hard fought win to open Kyushu BashoTerunofuji s first day win at Fukuoka Kokusai Center did not come cheaply as Mongolian Kiribayama kept the grand champion in check to force a long contest |
2021-11-14 19:21:30 |
ニュース |
BBC News - Home |
Queen misses Remembrance Sunday service after back sprain |
https://www.bbc.co.uk/news/uk-59280608?at_medium=RSS&at_campaign=KARANGA
|
monarch |
2021-11-14 10:52:34 |
ニュース |
BBC News - Home |
Remembrance Sunday: Nation to fall silent to remember the war dead |
https://www.bbc.co.uk/news/uk-59280848?at_medium=RSS&at_campaign=KARANGA
|
crowds |
2021-11-14 10:55:30 |
ニュース |
BBC News - Home |
Eight murder arrests as fatal stabbing Nottingham victim named |
https://www.bbc.co.uk/news/uk-england-nottinghamshire-59280929?at_medium=RSS&at_campaign=KARANGA
|
namedpolice |
2021-11-14 10:40:51 |
サブカルネタ |
ラーブロ |
スープカレー アジアンバー ラマイ 旭川東光店 |
http://ra-blog.net/modules/rssc/single_feed.php?fid=193659
|
|
2021-11-14 10:35:35 |
サブカルネタ |
ラーブロ |
まぜそばジャック@志村三丁目 |
http://ra-blog.net/modules/rssc/single_feed.php?fid=193660
|
志村三丁目 |
2021-11-14 10:00:43 |
北海道 |
北海道新聞 |
横田早紀江さん、県民集会で訴え 「最後の力振り絞る」 |
https://www.hokkaido-np.co.jp/article/611553/
|
拉致被害者 |
2021-11-14 19:04:02 |
コメント
コメントを投稿