unclebean

keytool -genkeypair -alias myalias -keyalg RSA -keysize 2048 -storetype PKCS12 -keystore mykeystore.p12 -validity 3650


openssl pkcs12 -export -in cert.pem -inkey key.pem -out mykeystore.p12 -name myalias


# Copy the .p12 file into the Docker image
COPY mykeystore.p12 /path/to/keystore/mykeystore.p12

unclebean

<build>
  <plugins>
    <plugin>
      <groupId>org.apache.maven.plugins</groupId>
      <artifactId>maven-install-plugin</artifactId>
      <version>3.0.0-M1</version>
      <executions>
        <execution>
          <id>install-jar</id>
          <phase>validate</phase>

unclebean

| **Feature**                    | **Service Principal**                                              | **System-Assigned Managed Identity (SAMI)**                         | **User-Assigned Managed Identity (UAMI)**                           |
|---------------------------------|--------------------------------------------------------------------|----------------------------------------------------------------------|----------------------------------------------------------------------|
| **Creation**                    | Created manually in Azure AD by registering an application.        | Automatically created and managed by Azure for a resource.           | Created manually and assigned to resources as needed.                |
| **Assignment to Resources**     | Can be assigned roles or permissions to access resources.          | Tied to a single Azure resource (VM, App Service, etc.).             | Can be shared and assigned to multiple resources.                    |
| **Lifecycle**                   | Sta

unclebean

stages:
  - build
  - deploy

# Variables for your project
variables:
  IMAGE_NAME: "registry.example.com/your-project/your-image"  # Docker image path
  DOCKER_TAG: "${CI_COMMIT_SHA:0:8}"  # Tag Docker image with commit SHA

# Build and push Docker image

unclebean

<project xmlns="http://maven.apache.org/POM/4.0.0"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
    
    <modelVersion>4.0.0</modelVersion>
    <groupId>com.example</groupId>
    <artifactId>my-app</artifactId>
    <version>1.0-SNAPSHOT</version>

    <!-- Add repositories for dependencies -->

unclebean

spec:
  containers:
  - name: your-app
    image: your-app:dev
    ports:
    - containerPort: 8080
    env:
    - name: SPRING_PROFILES_ACTIVE
      value: "dev"

unclebean

<!-- Spring Cloud Azure Starter -->
<dependency>
    <groupId>com.azure.spring</groupId>
    <artifactId>spring-cloud-azure-starter</artifactId>
</dependency>

<!-- Azure Blob Storage -->
<dependency>
    <groupId>com.azure.spring</groupId>
    <artifactId>spring-cloud-azure-starter-storage-blob</artifactId>

unclebean

import com.azure.identity.ManagedIdentityCredential;
import com.azure.identity.ManagedIdentityCredentialBuilder;
import com.azure.core.credential.TokenRequestContext;
import com.azure.core.credential.AccessToken;

public class AccessTokenFetcher {

    public static void main(String[] args) {
        // Define the resource you are requesting the token for (e.g., Azure Cognitive Search)
        String resource = "https://search.azure.com/";

unclebean

az identity show --name <umi-name> --resource-group <resource-group-name> --query clientId

unclebean

ManagedIdentityCredential managedIdentityCredential = new ManagedIdentityCredentialBuilder()
    .clientId("your-umi-client-id") // User Managed Identity Client ID
    .build();

String token = managedIdentityCredential.getToken(
    new TokenRequestContext().addScopes("https://ossrdbms-aad.database.windows.net/.default")
).block().getToken();