6cac6013d7
Fix setup file |
||
---|---|---|
RunRules | ||
ScanResources | ||
StoreResources | ||
TagResources | ||
TaskScheduler | ||
config-generator | ||
deployment | ||
docs | ||
tests | ||
.funcignore | ||
.gitignore | ||
.travis.yml | ||
LICENSE | ||
Makefile | ||
README.md | ||
extensions.csproj | ||
host.json | ||
requirements-dev.txt | ||
requirements.txt | ||
settings.py |
README.md
Cloud Scanner - Azure Functions Sample App
This is an example Azure Function App that demonstrates the use of the cloud-scanner library and its providers. cloud-scanner is a Python package that pulls cloud resources from different providers (Azure, AWS, GCP) and puts the metadata into data stores.
Note: This library is NOT affiliated with the Azure team at Microsoft and was developed by the Commercial Software Engineering team as a tool for the Open Source community to use and contribute to as they see fit. Use at your own risk!
Related Projects
The following are a list of related projects that are dependencies for the Azure Functions sample:
-
Core library components for cloud-scanner project
-
Azure components for cloud-scanner project. Includes Azure support for discovering Azure resources in addition to storage and workflow components for hosting on Azure
-
Generic components for cloud-scanner project including MySql, ElasticSearch and more
Running Locally
- Create Python 3.6 virtualenv
env
with all dependencies installed
If running on Windows CMD Prompt/Powershell:python3.6 -m virtualenv env source env/bin/activate (env) pip install -r requirements.txt (env) pip install -r requirements-dev.txt
python3.6 -m virtualenv env .env\Scripts\activate (env) pip install -r requirements.txt (env) pip install -r requirements-dev.txt
- Create an Azure Service Principal
- Create
.env
file in root directory and populate with appropriate data:# Azure authentication AZURE_CLIENT_ID=<service-principal-app-id> AZURE_CLIENT_SECRET=<service-principal-secret> AZURE_STORAGE_ACCOUNT=<azure-storage-account-name> AZURE_STORAGE_KEY=<azure-storage-account-key AZURE_TENANT_ID=<service-principal-tenant-id> AzureWebJobsStorage=<azure-storage-connection-string> # Container & Queue Names CONFIG_CONTAINER=config-files PAYLOAD_QUEUE_NAME=resource-payloads TAG_UPDATES_QUEUE_NAME=resource-tag-updates TASK_QUEUE_NAME=resource-jobs # Resource types RESOURCE_STORAGE_TYPE=rest_storage_service STORAGE_CONTAINER_TYPE=azure_storage QUEUE_TYPE=azure_storage_queue # Needed for 'rest_storage_service' storage type REST_STORAGE_URL=<api-url-for-posting-resources> # App Insights (optional) APPINSIGHTS_APPID=<app-insights-app-id> APPINSIGHTS_INSTRUMENTATIONKEY=<app-insights-instrumentation-key>
- Create
local.settings.json
file in root directory and populate:{ "IsEncrypted": false, "Values": { "AzureWebJobsStorage": "<azure-storage-connection-string", "FUNCTIONS_WORKER_RUNTIME": "python" } }
- Generate cloud config file
Example: Generate config to pull all Azure resources(env) generate-config -p <cloud-provider1,cloud-provider2> -t <resource-type1,resource-type2>
(env) generate-config -p azure -t "*"
- Install Azure Core Tools
- Register binding types
(env) func extensions install
- Deploy necessary resources
- Run Azure Functions locally
(env) func host start
Publish Function App to Azure
Azure Resources
The Azure Functions Sample runs on a Linux consumption plan with python support. The ARM template is complete and deploys the following resources:
- Functions App
- Linux Consumption App Service Plan
- Storage Account
- Application Insights
Automatically deploy using the deployments/deploy.ps1
or the following Azure CLI commands.
$resourceGroupName = <resource-group-name>
az group create -l westus -n $resourceGroupName
az group deployment create
--resource-group $resourceGroupName
--name cloud-scanner
--template-file deploy.azure.json
--parameters parameters.json
--parameters
prefix=$prefix
location_abbr=$locationAbbr
environment=$environment
application_name=$applicationName
Deploying Function App Code
This repo is set up to use Travis CI to deploy code from the master
branch. In order for this to work properly, you will need to use the service principal created previously (or create a new one) and add the following environment variables to your Travis settings with the appropriate values:
AZ_SP_ID=<service-principal-app-id>
AZ_SP_SECRET=<service-principal-secret>
AZ_TENANT_ID=<service-principal-tenant-id>
GITHUB_TOKEN=<github-token>
AZ_FUNCTIONS_APP_NAME=<name-of-functions-app>
Login to your Azure account with standard username or password or with the service principal you created
az login --service-principal --username "$AZ_APP_ID" --password "$AZ_SP_SECRET" --tenant "$AZ_TENANT_ID"
az account get-access-token --query "accessToken"
To deploy from your machine, create and activate your virtual environment and run:
func azure functionapp publish $AZ_FUNCTIONS_APP_NAME --build-native-deps --force
Contributing
This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.microsoft.com.
When you submit a pull request, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.