This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<build> | |
<plugins> | |
<plugin> | |
<groupId>org.apache.maven.plugins</groupId> | |
<artifactId>maven-install-plugin</artifactId> | |
<version>3.0.0-M1</version> | |
<executions> | |
<execution> | |
<id>install-jar</id> | |
<phase>validate</phase> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| **Feature** | **Service Principal** | **System-Assigned Managed Identity (SAMI)** | **User-Assigned Managed Identity (UAMI)** | | |
|---------------------------------|--------------------------------------------------------------------|----------------------------------------------------------------------|----------------------------------------------------------------------| | |
| **Creation** | Created manually in Azure AD by registering an application. | Automatically created and managed by Azure for a resource. | Created manually and assigned to resources as needed. | | |
| **Assignment to Resources** | Can be assigned roles or permissions to access resources. | Tied to a single Azure resource (VM, App Service, etc.). | Can be shared and assigned to multiple resources. | | |
| **Lifecycle** | Sta |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
stages: | |
- build | |
- deploy | |
# Variables for your project | |
variables: | |
IMAGE_NAME: "registry.example.com/your-project/your-image" # Docker image path | |
DOCKER_TAG: "${CI_COMMIT_SHA:0:8}" # Tag Docker image with commit SHA | |
# Build and push Docker image |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<project xmlns="http://maven.apache.org/POM/4.0.0" | |
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> | |
<modelVersion>4.0.0</modelVersion> | |
<groupId>com.example</groupId> | |
<artifactId>my-app</artifactId> | |
<version>1.0-SNAPSHOT</version> | |
<!-- Add repositories for dependencies --> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
spec: | |
containers: | |
- name: your-app | |
image: your-app:dev | |
ports: | |
- containerPort: 8080 | |
env: | |
- name: SPRING_PROFILES_ACTIVE | |
value: "dev" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!-- Spring Cloud Azure Starter --> | |
<dependency> | |
<groupId>com.azure.spring</groupId> | |
<artifactId>spring-cloud-azure-starter</artifactId> | |
</dependency> | |
<!-- Azure Blob Storage --> | |
<dependency> | |
<groupId>com.azure.spring</groupId> | |
<artifactId>spring-cloud-azure-starter-storage-blob</artifactId> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import com.azure.identity.ManagedIdentityCredential; | |
import com.azure.identity.ManagedIdentityCredentialBuilder; | |
import com.azure.core.credential.TokenRequestContext; | |
import com.azure.core.credential.AccessToken; | |
public class AccessTokenFetcher { | |
public static void main(String[] args) { | |
// Define the resource you are requesting the token for (e.g., Azure Cognitive Search) | |
String resource = "https://search.azure.com/"; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
az identity show --name <umi-name> --resource-group <resource-group-name> --query clientId |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ManagedIdentityCredential managedIdentityCredential = new ManagedIdentityCredentialBuilder() | |
.clientId("your-umi-client-id") // User Managed Identity Client ID | |
.build(); | |
String token = managedIdentityCredential.getToken( | |
new TokenRequestContext().addScopes("https://ossrdbms-aad.database.windows.net/.default") | |
).block().getToken(); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@Bean | |
public CorsConfigurationSource corsConfigurationSource() { | |
CorsConfiguration configuration = new CorsConfiguration(); | |
configuration.setAllowedOrigins(List.of("*")); // Allow all origins, or specify specific ones | |
configuration.setAllowedMethods(List.of("GET", "POST", "PUT", "DELETE", "OPTIONS")); // Allow all methods | |
configuration.setAllowedHeaders(List.of("*")); // Allow all headers | |
configuration.setAllowCredentials(true); // Allow credentials like cookies | |
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); | |
source.registerCorsConfiguration("/**", configuration); // Apply CORS config to all endpoints |