diff --git a/samples/managed-identity/Dockerfile b/samples/managed-identity/Dockerfile index b7804e019..722246b0b 100644 --- a/samples/managed-identity/Dockerfile +++ b/samples/managed-identity/Dockerfile @@ -1,11 +1,11 @@ #See https://aka.ms/containerfastmode to understand how Visual Studio uses this Dockerfile to build your images for faster debugging. -FROM mcr.microsoft.com/dotnet/aspnet:8.0-cbl-mariner2.0@sha256:11d43dfc1c0887670f1580e1ac03f100dc8418845e5530e66aa266915a260abb AS base +FROM mcr.microsoft.com/dotnet/aspnet:7.0-cbl-mariner2.0@sha256:ea1751dfd2defec87508aa979088741935d1fd4c870bfd53e7645642fc9ead13 as base ARG TARGETARCH WORKDIR /app EXPOSE 80 -FROM mcr.microsoft.com/dotnet/sdk:8.0-cbl-mariner2.0@sha256:e14034d5ba09b02204d56e809343586475433fd021938488088ccc5cae9d3cd2 AS build +FROM mcr.microsoft.com/dotnet/sdk:7.0-cbl-mariner2.0@sha256:9e054d0663d07e09127d114f753c1068d0bf681eab188352d06f111ce68f050f AS build ARG TARGETARCH WORKDIR /src COPY "mi-webapp.csproj" . diff --git a/samples/managed-identity/deploy-arm.yaml b/samples/managed-identity/deploy-arm.yaml new file mode 100644 index 000000000..31075270e --- /dev/null +++ b/samples/managed-identity/deploy-arm.yaml @@ -0,0 +1,71 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: mi-webapp + namespace: mi-webapp +spec: + replicas: 1 + selector: + matchLabels: + app: mi-webapp + template: + metadata: + labels: + app: mi-webapp + # Label for pod identity + aadpodidbinding: mi-test + spec: + containers: + - image: mindarodev.azurecr.io/samples/mi-webapp:v3 + imagePullPolicy: IfNotPresent + name: mi-webapp + env: + # the below environment variable values come from the below sub and rg: + # Sub: Mindaro Testing (c2e0f009-a61a-4578-8a6d-5715ee782648) + # RG: testing-scenario + # Storage account name: mitestsa + # Managed identity name: mi-test + - name: STORAGE_ACCOUNT_NAME + value: "mitestsa" + - name: STORAGE_CONTAINER_NAME + value: "mitestsa-container" + - name: MI_CLIENT_ID + value: "a2cc59eb-fa11-485c-9bee-c84aa4cb97d0" + ports: + - containerPort: 80 + +--- + +apiVersion: v1 +kind: Service +metadata: + name: mi-webapp-service + namespace: mi-webapp +spec: + selector: + app: mi-webapp + ports: + - protocol: TCP + port: 80 + targetPort: 80 + type: LoadBalancer + +--- +# AzureIdentity resource for pod identity +apiVersion: "aadpodidentity.k8s.io/v1" +kind: AzureIdentity +metadata: + name: mi-test +spec: + type: 0 + resourceID: "/subscriptions/c2e0f009-a61a-4578-8a6d-5715ee782648/resourcegroups/MC_testing-scenario_testing-scenarios-arm_westeurope/providers/Microsoft.ManagedIdentity/userAssignedIdentities/mi-test" + clientID: "a2cc59eb-fa11-485c-9bee-c84aa4cb97d0" +--- +# AzureIdentityBinding resource for pod identity +apiVersion: "aadpodidentity.k8s.io/v1" +kind: AzureIdentityBinding +metadata: + name: mi-test-binding +spec: + azureIdentity: mi-test + selector: mi-test \ No newline at end of file diff --git a/samples/managed-identity/deploy.yaml b/samples/managed-identity/deploy.yaml index 90179ea4a..9e95290c1 100644 --- a/samples/managed-identity/deploy.yaml +++ b/samples/managed-identity/deploy.yaml @@ -16,7 +16,7 @@ spec: aadpodidbinding: mi-test spec: containers: - - image: mindarodev.azurecr.io/samples/mi-webapp:v2 + - image: mindarodev.azurecr.io/samples/mi-webapp:v3 imagePullPolicy: IfNotPresent name: mi-webapp env: