Skip to content

Instantly share code, notes, and snippets.

View mdmsua's full-sized avatar
🇺🇦
#StandWithUkraine

Dmytro Morozov mdmsua

🇺🇦
#StandWithUkraine
6 followers · 6 following
View GitHub Profile
@mdmsua
mdmsua / oidc.tf
Created September 11, 2024 14:02
Generate access token based on OIDC
locals {
access_token_request_parameters = {
scope = "https://management.azure.com/.default"
grant_type = "client_credentials"
client_id = data.azurerm_client_config.main.client_id
client_assertion_type = "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"
client_assertion = data.local_file.jwt.content
}
}
@mdmsua
mdmsua / main.tf
Last active September 6, 2024 13:47
Azure storage encryption scope
resource "azurerm_key_vault_key" "storage" {
name = var.name
key_vault_id = var.key_vault_id
key_type = "RSA"
key_size = 4096
key_opts = [
"unwrapKey",
"wrapKey"
]
@mdmsua
mdmsua / abac.tf
Created August 11, 2024 08:53
ABAC
data "azurerm_role_definition" "acr_pull" {
name = "AcrPull"
}
resource "azurerm_role_assignment" "role_based_access_control_administrator" {
role_definition_name = "Role Based Access Control Administrator"
principal_id = azuread_service_principal.main.object_id
scope = var.container_registry_id
condition_version = "2.0"
condition = <<-EOT
@mdmsua
mdmsua / policy.rego
Created July 5, 2024 09:30
Tag-driven Terraform module release flow
package spacelift
sample := true
module_version := version {
version := trim_prefix(input.push.tag, "v")
not propose
}
propose {
@mdmsua
mdmsua / deploy.yaml
Created July 5, 2024 08:13
GitHub Actions workflow for Terraform/OpenTofu
name: Deploy
permissions:
id-token: write
contents: read
on:
workflow_dispatch:
env:
@mdmsua
mdmsua / gateway+httproute.yaml
Created March 1, 2024 16:42
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx
spec:
selector:
matchLabels:
app: nginx
template:
metadata:
@mdmsua
mdmsua / Dapr
Created August 13, 2021 09:24
using Common;
using CountryPull;
using Dapr.Client;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Hosting;
await Host.CreateDefaultBuilder(args).ConfigureServices((context, services) =>
{
@mdmsua
mdmsua / Program.cs
Created January 20, 2020 15:13
EWS Inbox Cleanup
using System;
using System.Collections.Generic;
using System.Linq;
using Microsoft.Exchange.WebServices.Data;
using static Microsoft.Exchange.WebServices.Data.SearchFilter;
namespace Inboxer
{
class MainClass
{
@mdmsua
mdmsua / iTunesLibrary.swift
Created June 14, 2017 14:48
if let library = try? ITLibrary(apiVersion: "1") {
print(library.applicationVersion)
for artist in library.allMediaItems
.filter({ $0.mediaKind == ITLibMediaItemMediaKind.kindSong })
.group(by: { $0.artist?.name }){
print(artist.key)
for album in artist.value.group(by: { $0.album.title }) {
print(" \(album.key) (\(album.value.first!.year))")
}
}
@mdmsua
mdmsua / group.swift
Created June 14, 2017 14:47
public extension Sequence {
func group<U: Hashable>(by key: (Iterator.Element) -> U?) -> [U:[Iterator.Element]] {
var categories: [U: [Iterator.Element]] = [:]
for element in self {
let key = key(element)
if case nil = categories[key!]?.append(element) {
categories[key!] = [element]
}
}
return categories