Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

Select Status

The microsoft_azure cookbook has been deprecated

Author provided reason for deprecation:

The microsoft_azure cookbook has been deprecated and is no longer being maintained by its authors. Use of the microsoft_azure cookbook is no longer recommended.

RSS

microsoft_azure (2) Versions 0.3.0

LWRPs for managing Azure resources

Policyfile
Berkshelf
Knife
cookbook 'microsoft_azure', '~> 0.3.0', :supermarket
cookbook 'microsoft_azure', '~> 0.3.0'
knife supermarket install microsoft_azure
knife supermarket download microsoft_azure
README
Dependencies
Quality 17%

Microsoft Azure Cookbook

Cookbook Version

Description

This cookbook provides resources and providers to create an manage
Microsoft Azure components. Currently supported resources are:

  • Storage Accounts ('microsoft_azure_storage_account')
  • Blob Storage Containers ('microsoft_azure_storage_container')
  • SQL Azure Servers ('microsoft_azure_sql_db_server')

Note This cookbook uses the azure RubyGem to interact with the
Azure API. This gem requires nokogiri which requires compiling
native extensions, which means build tools are required.

Requirements

Requires Chef 0.7.10 or higher for Lightweight Resource and Provider
support. Chef 0.8+ is recommended. While this cookbook can be used in
chef-solo mode, to gain the most flexibility, we recommend using
chef-client with a Chef Server.

A Microsoft Azure account is required. The Management Certificate and
Subscriptoin ID are used to authenticate with Azure.

Dependent Cookbooks

  • xml '~> 1.3.0'

Azure Credentials

In order to manage Azure components, authentication credentials need
to be available to the node. There are a number of ways to handle
this, such as node attributes or roles. We recommend storing these in
a databag (Chef 0.8+), and loading them in the recipe where the
resources are needed.

DataBag recommendation:

% knife data bag show microsoft_azure main
{
  "id": "main",
  "management_certificate": "YOUR PEM FILE CONTENTS",
  "subscription_id": "YOUR SUBSCRIPTION ID"
}

This can be loaded in a recipe with:

microsoft_azure = data_bag_item("microsoft_azure", "main")

And to access the values:

microsoft_azure['management_certificate']
microsoft_azure['subscription_id']

We'll look at specific usage below.

Recipes

default.rb

The default recipe installs the azure RubyGem, which this cookbook
requires in order to work with the Azure API. Make sure that the
microsoft_azure recipe is in the node or role run_list before any
resources from this cookbook are used.

"run_list": [
  "recipe[microsoft_azure]"
]

The gem_package is created as a Ruby Object and thus installed
during the Compile Phase of the Chef run.

Resources and Providers

This cookbook provides three resources and corresponding providers.

microsoft_azure_storage_account

Manage Azure Storage Accounts with this resource.

Actions:

  • create - create a new storage account
  • delete - delete the specified storage account

Attribute Parameters:

  • management_certificate - PEM file contents of Azure management certificate, required.
  • subscription_id - ID of Azure subscription, required.
  • management_endpoint - Endpoint for Azure API, defaults to management.core.windows.net.
  • location - Azure location to create storate account. Either location or affinity group are required.
  • affinity_group_name - Affinity group to create account in. Either location or affinity group are required.
  • geo_replication_enabled - True or false, defaults to true.

microsoft_azure_storage_container

Manage Azure Blob Containers with this resource

Actions:

  • create - create a new container
  • delete - delete the specified container

Attribute Parameters:

  • storage_account - Account to create container in, required.
  • access_key - Access key for storage account, required.

microsoft_azure_sql_db_server

Actions:

  • create - create a new server. Use the Azure location as the name of the storage account. The server name is autogenerated.

Attribute Parameters:

  • management_certificate - PEM file contents of Azure management certificate, required.
  • subscription_id - ID of Azure subscription, required.
  • management_endpoint - Endpoint for Azure API, defaults to management.database.windows.net.
  • login - Desired admin login for db server, required.
  • password - Desired admin password for db server, required.
  • server_name - This attribute is set by the provider, and can be used by consuming recipies.

microsoft_azure_protected_file

This resource is a wrapper around the core remote_file resource that will generate an expiring link for you to retrieve your file from protected blob storage.

Actions:

  • create - create the file
  • create_if_missing - create the file if it does not already exist. default
  • delete - delete the file
  • touch - touch the file

Attribute Parameters:

  • storage_account - the azure storage account you are accessing
  • access_key - the access key to this azure storage account
  • path - where this file will be created on the machine. name attribute
  • remote_path - the url to the file you are trying to retrieve

The following parameters are inherited from the remote_file resource.

  • owner
  • group
  • mode
  • checksum
  • backup
  • inherits
  • rights

Example:

microsoft_azure_protected_file '/tmp/secret_file.jpg' do
  storage_account 'secretstorage'
  access_key 'eW91cmtleWluYmFzZTY0.....'
  remote_path 'https://secretstorage.blob.core.windows.net/images/secret_file.jpg'
end

Usage

The following examples assume that the recommended data bag item has
been created and that the following has been included at the top of
the recipe where they are used.

include_recipe "microsoft_azure"
microsoft_azure = data_bag_item("microsoft_azure", "main")

microsoft_azure_storage_account

This will create an account named new-account in the West US
location.

microsoft_azure_storage_account 'new-account' do
  management_certificate microsoft_azure['management_certificate']
  subscription_id microsoft_azure['subscription_id']
  location 'West US'
  action :create
end

This will create an account named new-account in the existing
my-ag affinity group.

microsoft_azure_storage_account 'new-account' do
  management_certificate microsoft_azure['management_certificate']
  subscription_id microsoft_azure['subscription_id']
  affinity_group_name 'my-ag'
  action :create
end

microsoft_azure_storage_container

This will create a container named my-node within the storage
account my-account.

microsoft_azure_storage_container 'my-node' do
  storage_account 'my-account'
  access_key microsoft_azure['access_key']
  action :create
end

microsoft_azure_sql_db_server

This will create a db server in the location West US with the login
admin and password password.

microsoft_azure_sql_db_server 'West US' do
  management_certificate microsoft_azure['management_certificate']
  subscription_id microsoft_azure['subscription_id']
  login 'admin'
  password 'password'
  action :create
end

Here is an example of how you might retrieve the generated server
name.

file '/etc/db_server_info' do
  content lazy { 
    db2 = resources("microsoft_azure_sql_db_server[West US]")
    "Url: https://#{db2.server_name}.database.windows.net"
  }
  mode 0600
  action :create
end

Helpers

vault_secret

This helper will allow you to retrieve a secret from an azure keyvault.

spn = {
  'tenant_id' => '11e34-your-tenant-id-1232',
  'client_id' => '11e34-your-client-id-1232',
  'secret' => 'your-client-secret'
}

super_secret = vault_secret(<vault_name>, <secret_name>, spn)

file '/etc/config_file' do
  content "password = #{super_secret}"
end

License and Author

Copyright (c) Microsoft Open Technologies, Inc.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

Collaborator Number Metric
            

0.3.0 failed this metric

Failure: Cookbook has 1 collaborators. A cookbook must have at least 2 collaborators to pass this metric.

Contributing File Metric
            

0.3.0 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file

Cookstyle Metric
            

0.3.0 failed this metric

Chef/Correctness/IncorrectLibraryInjection: Libraries should be injected into the Chef::DSL::Recipe class and not Chef::Recipe or Chef::Provider classes directly. (https://docs.chef.io/workstation/cookstyle/chef_correctness_incorrectlibraryinjection): microsoft_azure/libraries/key_vault.rb: 54
Chef/Correctness/PropertyWithoutType: Resource properties or attributes should always define a type to help users understand the correct allowed values. (https://docs.chef.io/workstation/cookstyle/chef_correctness_propertywithouttype): microsoft_azure/resources/protected_file.rb: 7
Chef/Correctness/PropertyWithoutType: Resource properties or attributes should always define a type to help users understand the correct allowed values. (https://docs.chef.io/workstation/cookstyle/chef_correctness_propertywithouttype): microsoft_azure/resources/protected_file.rb: 8
Chef/Correctness/PropertyWithoutType: Resource properties or attributes should always define a type to help users understand the correct allowed values. (https://docs.chef.io/workstation/cookstyle/chef_correctness_propertywithouttype): microsoft_azure/resources/protected_file.rb: 9
Chef/Correctness/PropertyWithoutType: Resource properties or attributes should always define a type to help users understand the correct allowed values. (https://docs.chef.io/workstation/cookstyle/chef_correctness_propertywithouttype): microsoft_azure/resources/protected_file.rb: 10
Chef/Deprecations/CookbookDependsOnCompatResource: Don't depend on the deprecated compat_resource cookbook made obsolete by Chef 12.19+ (https://docs.chef.io/workstation/cookstyle/chef_deprecations_cookbookdependsoncompatresource): microsoft_azure/metadata.rb: 27
Chef/Deprecations/IncludingXMLRubyRecipe: Do not include the deprecated xml::ruby recipe to install the nokogiri gem. Chef Infra Client 12 and later ships with nokogiri included. (https://docs.chef.io/workstation/cookstyle/chef_deprecations_includingxmlrubyrecipe): microsoft_azure/recipes/default.rb: 18
Chef/Deprecations/ResourceWithoutUnifiedTrue: Set `unified_mode true` in Chef Infra Client 15.3+ custom resources to ensure they work correctly in Chef Infra Client 18 (April 2022) when Unified Mode becomes the default. (https://docs.chef.io/workstation/cookstyle/chef_deprecations_resourcewithoutunifiedtrue): microsoft_azure/resources/protected_file.rb: 1
Chef/Deprecations/ResourceWithoutUnifiedTrue: Set `unified_mode true` in Chef Infra Client 15.3+ custom resources to ensure they work correctly in Chef Infra Client 18 (April 2022) when Unified Mode becomes the default. (https://docs.chef.io/workstation/cookstyle/chef_deprecations_resourcewithoutunifiedtrue): microsoft_azure/resources/sql_db_server.rb: 1
Chef/Deprecations/ResourceWithoutUnifiedTrue: Set `unified_mode true` in Chef Infra Client 15.3+ custom resources to ensure they work correctly in Chef Infra Client 18 (April 2022) when Unified Mode becomes the default. (https://docs.chef.io/workstation/cookstyle/chef_deprecations_resourcewithoutunifiedtrue): microsoft_azure/resources/storage_account.rb: 1
Chef/Deprecations/ResourceWithoutUnifiedTrue: Set `unified_mode true` in Chef Infra Client 15.3+ custom resources to ensure they work correctly in Chef Infra Client 18 (April 2022) when Unified Mode becomes the default. (https://docs.chef.io/workstation/cookstyle/chef_deprecations_resourcewithoutunifiedtrue): microsoft_azure/resources/storage_container.rb: 1
Chef/Deprecations/UseInlineResourcesDefined: use_inline_resources is now the default for resources in Chef Infra Client 13+ and does not need to be specified. (https://docs.chef.io/workstation/cookstyle/chef_deprecations_useinlineresourcesdefined): microsoft_azure/providers/protected_file.rb: 3
Chef/Modernize/DefaultActionFromInitialize: The default action of a resource can be set with the "default_action" helper instead of using the initialize method. (https://docs.chef.io/workstation/cookstyle/chef_modernize_defaultactionfrominitialize): microsoft_azure/resources/sql_db_server.rb: 30
Chef/Modernize/DefaultActionFromInitialize: The default action of a resource can be set with the "default_action" helper instead of using the initialize method. (https://docs.chef.io/workstation/cookstyle/chef_modernize_defaultactionfrominitialize): microsoft_azure/resources/storage_account.rb: 28
Chef/Modernize/DefaultActionFromInitialize: The default action of a resource can be set with the "default_action" helper instead of using the initialize method. (https://docs.chef.io/workstation/cookstyle/chef_modernize_defaultactionfrominitialize): microsoft_azure/resources/storage_container.rb: 24
Chef/Modernize/RespondToCompileTime: There is no need to check if the chef_gem resource supports compile_time as Chef Infra Client 12.1 and later support the compile_time property. (https://docs.chef.io/workstation/cookstyle/chef_modernize_resondtocompiletime): microsoft_azure/recipes/default.rb: 23
Chef/Modernize/RespondToCompileTime: There is no need to check if the chef_gem resource supports compile_time as Chef Infra Client 12.1 and later support the compile_time property. (https://docs.chef.io/workstation/cookstyle/chef_modernize_resondtocompiletime): microsoft_azure/recipes/default.rb: 29
Chef/Modernize/WhyRunSupportedTrue: whyrun_supported? no longer needs to be set to true as it is the default in Chef Infra Client 13+ (https://docs.chef.io/workstation/cookstyle/chef_modernize_whyrunsupportedtrue): microsoft_azure/providers/protected_file.rb: 5
Chef/RedundantCode/LongDescriptionMetadata: The long_description metadata.rb method is not used and is unnecessary in cookbooks. (https://docs.chef.io/workstation/cookstyle/chef_redundantcode_longdescriptionmetadata): microsoft_azure/metadata.rb: 22
Chef/RedundantCode/RecipeMetadata: The recipe metadata.rb method is not used and is unnecessary in cookbooks. Recipes should be documented in the cookbook's README.md file instead. (https://docs.chef.io/workstation/cookstyle/chef_redundantcode_recipemetadata): microsoft_azure/metadata.rb: 24
Chef/Sharing/InvalidLicenseString: Cookbook metadata.rb does not use a SPDX compliant license string or "all rights reserved". See https://spdx.org/licenses/ for a complete list of license identifiers. (https://docs.chef.io/workstation/cookstyle/chef_sharing_invalidlicensestring): microsoft_azure/metadata.rb: 20

Run with Cookstyle Version 7.32.1 with cops Chef/Deprecations,Chef/Correctness,Chef/Sharing,Chef/RedundantCode,Chef/Modernize,Chef/Security,InSpec/Deprecations

No Binaries Metric
            

0.3.0 passed this metric

Testing File Metric
            

0.3.0 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file

Version Tag Metric
            

0.3.0 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number