Showing posts from February, 2022

How to create pipeline variables from terraform output

I show you how to transform terraform output into pipeline variables from script Intro This is how to set pipeline variable from script. You can read more here echo "##vso[task.setvariable variable=varname]value" Terraform output can be outputted as json content. terraform output -json > sample.json Suppose the terraform output looks like below: { "app_service" : { "name" : "myapp" , "fqdn" : "" } , "database" : { "name" : "example" , "server_fqdn" : "" , "connection_string" : ", initial catalog=example" } , "application_insights_key" : "12345" } You have to think how to transform json representation into pipeline variables. The solution has to work with a

How to extract data from terraform output

You need to deploy changes to app service and database in your CD pipeline. As part of your CD pipeline first you deploy changes to infrastructure and after that you update app service and run migrations against your database instance. Assume that only terraform knows the details about infrastructure. And the only way to extract this information is by calling terraform output command. In this post I show you how you can extract data from terraform output. Let’s say you have the following terraform output (JSON format) { "app_service" : { "name" : "myapp" , "fqdn" : "" } , "database" : { "name" : "example" , "server_fqdn" : "" , "connection_string" : ", initial catalog=example" } , "applicati

How to create end user certificate

I show you how to generate end user certificate signed by intermediate certificate in PEM format. You need to execute 3 steps Create intermediate certificate Create certificate signing request CSR Sign the certificate Create intermediate certificate (self signed) First you need to generate certificate that will be used for signing. For test purposes you generate self signed cert. Let’s execute command that creates private key along with public cert. openssl req -newkey rsa:2048 -keyout server.key -x509 -new -nodes -out server.pem \ -subj "/" -days 365 Create certificate signing request CSR Second you need to create signing request for your end user certificate. openssl req -new -newkey rsa:2048 -nodes -keyout client.key -out client_csr.pem \ -subj "/" The command produces request in pem format: -----BEGIN CERTIFICATE REQUEST----- MIICazCCAVMCAQAwJjETMBEGA1UEAwwKY2xpZW50LmNvbTEPMA0GA1UECgwGY2xp ZW50MIIBIjANB