Fixed issues with ACR access.
This commit is contained in:
2
.gitignore
vendored
2
.gitignore
vendored
@@ -5,3 +5,5 @@
|
|||||||
.terraform.lock.hcl
|
.terraform.lock.hcl
|
||||||
.acr-pat
|
.acr-pat
|
||||||
azure.env
|
azure.env
|
||||||
|
*.tfvars
|
||||||
|
!*auto.tfvars
|
||||||
|
|||||||
69
main.tf
69
main.tf
@@ -22,6 +22,24 @@ variable "subscription_id" {
|
|||||||
type = string
|
type = string
|
||||||
}
|
}
|
||||||
|
|
||||||
|
variable "azure_client_id" {
|
||||||
|
description = "The Azure Client ID for authentication."
|
||||||
|
type = string
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "azure_tenant_id" {
|
||||||
|
description = "The Azure Tenant ID for authentication."
|
||||||
|
type = string
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "azure_client_secret" {
|
||||||
|
description = "The Azure Client Secret for authentication."
|
||||||
|
type = string
|
||||||
|
sensitive = true
|
||||||
|
}
|
||||||
|
|
||||||
variable "project_name" {
|
variable "project_name" {
|
||||||
description = "The name used to construct Azure resource names."
|
description = "The name used to construct Azure resource names."
|
||||||
type = string
|
type = string
|
||||||
@@ -46,10 +64,16 @@ resource "azurerm_container_app_environment" "env" {
|
|||||||
location = azurerm_resource_group.rg.location
|
location = azurerm_resource_group.rg.location
|
||||||
log_analytics_workspace_id = azurerm_log_analytics_workspace.logaws.id
|
log_analytics_workspace_id = azurerm_log_analytics_workspace.logaws.id
|
||||||
|
|
||||||
|
identity {
|
||||||
|
type = "UserAssigned"
|
||||||
|
identity_ids = [azurerm_user_assigned_identity.uai.id]
|
||||||
|
}
|
||||||
|
|
||||||
workload_profile {
|
workload_profile {
|
||||||
|
maximum_count = 1
|
||||||
|
minimum_count = 1
|
||||||
name = "Consumption"
|
name = "Consumption"
|
||||||
workload_profile_type = "Consumption"
|
workload_profile_type = "Consumption"
|
||||||
maximum_count = 1
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -61,12 +85,53 @@ resource "azurerm_container_app" "app" {
|
|||||||
|
|
||||||
template {
|
template {
|
||||||
container {
|
container {
|
||||||
name = "${var.project_name}-container"
|
name = "azure-image-chooser"
|
||||||
image = "skdomlab.azurecr.io/azure-image-chooser:latest"
|
image = "skdomlab.azurecr.io/azure-image-chooser:latest"
|
||||||
cpu = "0.25"
|
cpu = "0.25"
|
||||||
memory = "0.5Gi"
|
memory = "0.5Gi"
|
||||||
|
|
||||||
|
env {
|
||||||
|
name = "AZURE_CLIENT_ID"
|
||||||
|
value = var.azure_client_id
|
||||||
|
}
|
||||||
|
|
||||||
|
env {
|
||||||
|
name = "AZURE_TENANT_ID"
|
||||||
|
value = var.azure_tenant_id
|
||||||
|
}
|
||||||
|
|
||||||
|
env {
|
||||||
|
name = "AZURE_CLIENT_SECRET"
|
||||||
|
value = var.azure_client_secret
|
||||||
|
}
|
||||||
|
|
||||||
|
env {
|
||||||
|
name = "AZURE_SUBSCRIPTION_ID"
|
||||||
|
value = var.subscription_id
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
min_replicas = 1
|
||||||
|
max_replicas = 1
|
||||||
|
}
|
||||||
|
|
||||||
|
workload_profile_name = "Consumption"
|
||||||
|
|
||||||
|
ingress {
|
||||||
|
target_port = 8501
|
||||||
|
external_enabled = true
|
||||||
|
|
||||||
|
traffic_weight {
|
||||||
|
latest_revision = true
|
||||||
|
percentage = 100
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
registry {
|
||||||
|
server = "skdomlab.azurecr.io"
|
||||||
|
identity = azurerm_user_assigned_identity.uai.id
|
||||||
|
}
|
||||||
|
|
||||||
identity {
|
identity {
|
||||||
type = "UserAssigned"
|
type = "UserAssigned"
|
||||||
identity_ids = [azurerm_user_assigned_identity.uai.id]
|
identity_ids = [azurerm_user_assigned_identity.uai.id]
|
||||||
|
|||||||
Reference in New Issue
Block a user