From d2abe3fd27adae20e104bbd4b80c5b0d456e22ce Mon Sep 17 00:00:00 2001 From: Slawek Koszewski Date: Thu, 14 Aug 2025 21:30:56 +0200 Subject: [PATCH] Added Docker/Podman build information. --- .gitignore | 7 ++++ Dockerfile | 13 +++++++ build.sh | 8 +++++ entrypoint.sh | 8 +++++ image-chooser.py | 2 +- main.auto.tfvars | 2 ++ main.tf | 91 ++++++++++++++++++++++++++++++++++++++++++++++++ requirements.txt | 3 ++ run-container.sh | 15 ++++++++ 9 files changed, 148 insertions(+), 1 deletion(-) create mode 100644 .gitignore create mode 100644 Dockerfile create mode 100755 build.sh create mode 100755 entrypoint.sh create mode 100644 main.auto.tfvars create mode 100644 main.tf create mode 100644 requirements.txt create mode 100755 run-container.sh diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..6f9d4af --- /dev/null +++ b/.gitignore @@ -0,0 +1,7 @@ +.terraform +**/*.tfplan +**/*.tfstate* +.venv +.terraform.lock.hcl +.acr-pat +azure.env diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..50a99df --- /dev/null +++ b/Dockerfile @@ -0,0 +1,13 @@ +FROM python:3.13-slim + +WORKDIR /app + +COPY requirements.txt . + +RUN pip install --root-user-action=ignore --no-cache-dir -r requirements.txt + +COPY image-chooser.py . +COPY ./entrypoint.sh / + +ENTRYPOINT [ "/entrypoint.sh" ] +CMD [ "run", "image-chooser.py" ] diff --git a/build.sh b/build.sh new file mode 100755 index 0000000..0c26351 --- /dev/null +++ b/build.sh @@ -0,0 +1,8 @@ +#!/bin/bash + +IMAGE_NAME="azure-image-chooser" +#IMAGE="docker.io/skoszewski/$IMAGE_NAME" +IMAGE="skdomlab.azurecr.io/$IMAGE_NAME" + +podman build -t $IMAGE . +podman push $IMAGE diff --git a/entrypoint.sh b/entrypoint.sh new file mode 100755 index 0000000..4feca98 --- /dev/null +++ b/entrypoint.sh @@ -0,0 +1,8 @@ +#!/bin/sh + +if [ "$1" = "-s" ] || [ "$1" = "--shell" ]; then + shift + exec bash $@ +fi + +exec streamlit $@ diff --git a/image-chooser.py b/image-chooser.py index 3c71604..49959d0 100644 --- a/image-chooser.py +++ b/image-chooser.py @@ -32,7 +32,7 @@ def get_skus(location: str, publisher: str, offer: str): def get_image_versions(location: str, publisher: str, offer: str, sku: str): return [version.name for version in compute_client.virtual_machine_images.list(location, publisher, offer, sku)] -subscription_id = "046a1c08-9940-48c0-893c-77eccd7e875d" +subscription_id = "c885a276-c882-483f-b216-42f73715161d" location = "westeurope" credential = DefaultAzureCredential() diff --git a/main.auto.tfvars b/main.auto.tfvars new file mode 100644 index 0000000..87b4ac0 --- /dev/null +++ b/main.auto.tfvars @@ -0,0 +1,2 @@ +subscription_id = "c885a276-c882-483f-b216-42f73715161d" +project_name = "azure-image-chooser" diff --git a/main.tf b/main.tf new file mode 100644 index 0000000..381d201 --- /dev/null +++ b/main.tf @@ -0,0 +1,91 @@ +terraform { + required_providers { + azurerm = { + source = "hashicorp/azurerm" + version = ">= 4.0.0" + } + } + + backend "local" { + path = "azure-image-chooser.tfstate" + } +} + +provider "azurerm" { + features {} + + subscription_id = var.subscription_id +} + +variable "subscription_id" { + description = "The Azure Subscription ID to use for the resources." + type = string +} + +variable "project_name" { + description = "The name used to construct Azure resource names." + type = string +} + +resource "azurerm_resource_group" "rg" { + name = "rg-${var.project_name}" + location = "Poland Central" +} + +resource "azurerm_log_analytics_workspace" "logaws" { + name = "${var.project_name}-logs" + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name + sku = "PerGB2018" + retention_in_days = 30 +} + +resource "azurerm_container_app_environment" "env" { + name = "${var.project_name}-env" + resource_group_name = azurerm_resource_group.rg.name + location = azurerm_resource_group.rg.location + log_analytics_workspace_id = azurerm_log_analytics_workspace.logaws.id + + workload_profile { + name = "Consumption" + workload_profile_type = "Consumption" + maximum_count = 1 + } +} + +resource "azurerm_container_app" "app" { + name = "${var.project_name}-app" + container_app_environment_id = azurerm_container_app_environment.env.id + resource_group_name = azurerm_resource_group.rg.name + revision_mode = "Single" + + template { + container { + name = "${var.project_name}-container" + image = "skdomlab.azurecr.io/azure-image-chooser:latest" + cpu = "0.25" + memory = "0.5Gi" + } + } + identity { + type = "UserAssigned" + identity_ids = [azurerm_user_assigned_identity.uai.id] + } +} + +resource "azurerm_user_assigned_identity" "uai" { + name = "${var.project_name}-uai" + resource_group_name = azurerm_resource_group.rg.name + location = azurerm_resource_group.rg.location +} + +resource "azurerm_role_assignment" "acr_pull" { + scope = data.azurerm_container_registry.acr.id + role_definition_name = "AcrPull" + principal_id = azurerm_user_assigned_identity.uai.principal_id +} + +data "azurerm_container_registry" "acr" { + name = "skdomlab" + resource_group_name = "dom-lab-common" +} diff --git a/requirements.txt b/requirements.txt new file mode 100644 index 0000000..347d71d --- /dev/null +++ b/requirements.txt @@ -0,0 +1,3 @@ +streamlit +azure-identity +azure-mgmt-compute diff --git a/run-container.sh b/run-container.sh new file mode 100755 index 0000000..eadf53f --- /dev/null +++ b/run-container.sh @@ -0,0 +1,15 @@ +#!/bin/bash + +if [ -z "$AZURE_CLIENT_ID" ] || [ -z "$AZURE_TENANT_ID" ] || [ -z "$AZURE_CLIENT_SECRET" ] || [ -z "$AZURE_SUBSCRIPTION_ID" ]; then + echo "One or more environment variables are not set." + exit 1 +fi + +podman run --rm \ + -it \ + -e AZURE_CLIENT_ID="$AZURE_CLIENT_ID" \ + -e AZURE_TENANT_ID="$AZURE_TENANT_ID" \ + -e AZURE_CLIENT_SECRET="$AZURE_CLIENT_SECRET" \ + -e AZURE_SUBSCRIPTION_ID="$AZURE_SUBSCRIPTION_ID" \ + -p 8501:8501 \ + azure-image-chooser