virtual insanity: 2024

Monday, 7 October 2024

Terraform Output Readability

Using Terraform in a pipeline or using a script locally can be a bit overwhelming with information. A couple of filters I use in Bash are helpful to make it more readable for changes.

Compact:

terraform plan | sed -E '/Refreshing state|Reading|Read complete/Id'"

Very compact:

terraform plan | awk 'length' | sed -E '/Refreshing state|Reading|Read complete|Plan:|\.plan|Saved the plan to|To perform exactly|Terraform has compared|found no differences|You can apply this plan to save these new output values|without changing any real infrastructure/Id'"

Tuesday, 4 June 2024

Azure App Service Domain Renewals

Wasn't the easiest thing to export the renewal status for Azure App Service Domains, for use in a report. So I used a bit of Powershell to extract and concatenate it into one variable. The results are combined in variable $ResultsTableArray, which can then be used for reporting. I only need the two fields of name and renewal status, you can add more if you need it!

$ResourceGroup= "<insert your resource group for domains here>"

$JSON_PATH="<insert the full path to a folder you want to use as a working area>"

Get-AzResource -ResourceGroupName "$ResourceGroup" -ResourceType "Microsoft.DomainRegistration/domains" | ForEach-Object {
$JSON_FILE_PATH="$JSON_PATH/$($_.Name).json"
Export-AzResourceGroup -ResourceGroupName $_.ResourceGroupName -Resource $_.ResourceId -Path "$JSON_FILE_PATH" | Out-Null
$DNS_JSON = Get-Content "$JSON_FILE_PATH" | ConvertFrom-Json
[void]$ResultsTableArray.Add("$($_.Name),$($DNS_JSON.resources.properties.autoRenew)")
Remove-Item "$JSON_FILE_PATH" -Force | Out-Null
}

Monday, 15 April 2024

Updating AzureRM from 3.90.0 to anything later than 3.95.0

I had a troublesome few hours upgrading the AzureRM Terraform provider recently. It refused to plan or apply one specifc storage account container. To really confuse things, it was only doing this in two environments out of three, that have this particular container. I removed the object from state and tried to import it again, still the same error. I forgot to write the error down, it was something like invalid domain. I used the console to view the objects details. I was almost all the way through completing a bug report in Github against the provider when I finally saw something slightly odd between the working and a non working environment. Can you see it?

It looks lke the the two broken environments were missing a subdomain from the ID attribute. I presume that when these two environments were built, Azure used a different URL nomenclature and the latest providers now validate the domain is correct! Thankfully, the fix was easy. Remove the object from state and import it back, but adding the subdomain blob that was missing from the ID in the broken environments. This ID is what you use to import the resource and it worked fine by using the new URL. Phew, provider now up to the latest and planning cleanly with no changes again!

> azurerm_storage_container.storage_container["document/582c3272-97aa-yyyy-xxxx-redactedguid"]

{

"container_access_type" = "private"

"has_immutability_policy" = false

"has_legal_hold" = false

"id" = "https://redacted-acc.core.windows.net/582c3272-97aa-yyyy-xxxx-redactedguid"

"metadata" = tomap({})

"name" = "582c3272-97aa-yyyy-xxxx-redactedguid"

"resource_manager_id" = "/subscriptions/5acc90e0-7015-yyyy-xxxx-redactedguid/resourceGroups/stg-storage-rg/providers/Microsoft.Storage/storageAccounts/redacted-acc/blobServices/default/containers/582c3272-97aa-yyyy-xxxx-redactedguid"

"storage_account_name" = "redacted-acc"

"timeouts" = {

    "create" = tostring(null)

    "delete" = tostring(null)

    "read" = tostring(null)

    "update" = tostring(null)

}

}

> azurerm_storage_container.storage_container["document/582c3272-97aa-yyyy-xxxx-redactedguid"]

{

"container_access_type" = "private"

"has_immutability_policy" = false

"has_legal_hold" = false

"id" = "https://redacted-acc.blob.core.windows.net/582c3272-97aa-yyyy-xxxx-redactedguid"

"metadata" = tomap({})

"name" = "582c3272-97aa-yyyy-xxxx-redactedguid"

"resource_manager_id" = "/subscriptions/974dd827-dc49-yyyy-xxxx-redactedguid/resourceGroups/dh1-storage-rg/providers/Microsoft.Storage/storageAccounts/redacted-acc/blobServices/default/containers/582c3272-97aa-yyyy-xxxx-redactedguid"

"storage_account_name" = "redacted-acc"

"timeouts" = null /* object */

}