diff --git a/.gitignore b/.gitignore index 716ab0e86..9672fef09 100644 --- a/.gitignore +++ b/.gitignore @@ -4,20 +4,20 @@ TODO merkely.yaml kosli.yaml +pipe.json dist/ coverage.out cover.out coverage.html licenses/ -pipe.json -/docs/public **/.DS_Store .vscode/ +/docs/public docs.kosli.com/resources/_gen/* docs.kosli.com/content/client_reference/kosli* -*.tar.gz docs.kosli.com/public/ docs.kosli.com/.netlify +*.tar.gz # keep it uncommented on main docs.kosli.com/assets/metadata.json tmp/ diff --git a/design_docs/azure_env_reporting_algorithm.md b/design_docs/azure_env_reporting_algorithm.md new file mode 100644 index 000000000..527d018ea --- /dev/null +++ b/design_docs/azure_env_reporting_algorithm.md @@ -0,0 +1,81 @@ +# Azure Service Apps and Function Apps reporting + +Azure API/SDK and portal do not provide SHA256 image digests for docker containers. +According to [Azure support](https://learn.microsoft.com/en-us/answers/questions/1366756/how-do-you-find-the-sha256-digest-of-a-running-app#comment-1371459), + +`"Yes as far as I can see App service doesn't store the digest anywhere other than the docker logs that are accessible to you - unless you use the image hash value as part of the identifier."` + +Thus, to get the SHA256 digest of a running container inside of a Service and Function app, we use the algorithm below. + +## Algorithm + +### Pre-requisites + +To use Azure CLI, you need to have Azure CLI installed and logged in to your Azure account: + +```bash +az login +``` + +To list accounts that you are logged into: + +```bash +az account list --all +``` + +Accounts are only refreshed when you login, so if you have recently added a new subscription, you need to login again. + +Get a list of resource groups in a subscription. +CLI command: + +```bash +az group list --subscription +``` + +### Get a list of apps in a resource group of a subscription. + +CLI command: + +```bash +# To get a list of web apps +az webapp list --resource-group --subscription +# To get a list of function apps +az functionapp list --resource-group --subscription +``` + +You will get an output similar to this: +```json +[ + { + ... + "name": "api-service", # app name + ... + "siteConfig": { + ... + "linuxFxVersion": "DOCKER|tookyregistry.azurecr.io/tookyregistry/tooky/api-image:3d346858a44df6820eaef8195008459f979f0526", + ... + }, + ... + "state": "Running", + ... + } +] +``` + +### Check the state of an Azure app +Only apps with state "Running" are considered for reporting, the rest are ignored. +Only apps with linuxFxVersion starting with "DOCKER|" are considered for reporting, the rest are ignored. + +### Get docker image name and tag of an Azure app +Docker image name and tag are extracted from linuxFxVersion. +For example, if linuxFxVersion is "DOCKER|tookyregistry.azurecr.io/tookyregistry/tooky/api-image:3d346858a44df6820eaef8195008459f979f0526", +then the docker image name is "tookyregistry.azurecr.io/tookyregistry/tooky/api-image" +and the image tag is "3d346858a44df6820eaef8195008459f979f0526". + +### Get WebSite container logs for a running Azure app + +CLI command: + +```bash + +``` \ No newline at end of file diff --git a/internal/azure/azure_apps.go b/internal/azure/azure_apps.go index 786184100..0b1dc2a34 100644 --- a/internal/azure/azure_apps.go +++ b/internal/azure/azure_apps.go @@ -51,6 +51,7 @@ func (staticCreds *AzureStaticCredentials) GetAzureAppsData(logger *logger.Logge if err != nil { return nil, err } + logger.Debug("found %d apps in the resource group %s", len(appsInfo), staticCreds.ResourceGroupName) if logger.DebugEnabled { logger.Debug("Found apps:")