pulumi-django-azure


Namepulumi-django-azure JSON
Version 1.0.16 PyPI version JSON
download
home_pageNone
SummarySimply deployment of Django on Azure with Pulumi
upload_time2024-11-11 12:06:51
maintainerNone
docs_urlNone
authorNone
requires_python>=3.9
licenseMIT License Copyright (c) 2023 YouReal BV Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
keywords django pulumi azure
VCS
bugtrack_url
requirements No requirements were recorded.
Travis-CI No Travis.
coveralls test coverage No coveralls. 
            # Pulumi Django Deployment

This project aims to make a simple Django deployment on Azure easier.

To have a proper and secure environment, we need these components:
* Storage account for media and static files
* CDN endpoint in front with a domain name of our choosing
* PostgreSQL server
* Azure Communication Services to send e-mails
* Webapp with multiple custom host names and managed SSL for the website itself
* Azure Key Vault per application
* Webapp running pgAdmin

## Project requirements
Your Django project should contain a folder `cicd` with these files:
* pre_build.sh: commands to be executed before building the application, for example NPM install, CSS build commands,...
* post_build.sh: commands to be executed after building the application, e.g. cleaning up.
  Note that this runs in the identity of the build container, so you should not run database or storage manipulations here.
* startup.sh: commands to run the actual application. I recommend to put at least:
  ```bash
  python manage.py migrate
  python manage.py collectstatic --noinput
  python manage.py purge_cdn
  gunicorn --timeout 600 --workers $((($NUM_CORES*2)+1)) --chdir $APP_PATH yourapplication.wsgi --access-logfile '-' --error-logfile '-'
  ```
  Be sure to change `yourapplication` in the above. To see the `purge_cdn` management command we use here, see below.
## Installation
This package is published on PyPi, so you can just add pulumi-django-azure to your requirements file.

To use a specific branch in your project, add to pyproject.toml dependencies:
```
pulumi-django-azure = { git = "git@gitlab.com:MaartenUreel/pulumi-django-azure.git", branch = "dev" }
```

A simple project could look like this:
```python
import pulumi
import pulumi_azure_native as azure
from pulumi_django_azure import DjangoDeployment

stack = pulumi.get_stack()
config = pulumi.Config()


# Create resource group
rg = azure.resources.ResourceGroup(f"rg-{stack}")

# Create VNet
vnet = azure.network.VirtualNetwork(
    f"vnet-{stack}",
    resource_group_name=rg.name,
    address_space=azure.network.AddressSpaceArgs(
        address_prefixes=["10.0.0.0/16"],
    ),
)

# Deploy the website and all its components
django = DjangoDeployment(
    stack,
    tenant_id="abc123...",
    resource_group_name=rg.name,
    vnet=vnet,
    pgsql_ip_prefix="10.0.10.0/24",
    appservice_ip_prefix="10.0.20.0/24",
    app_service_sku=azure.web.SkuDescriptionArgs(
        name="B2",
        tier="Basic",
    ),
    storage_account_name="mystorageaccount",
    cdn_host="cdn.example.com",
)

django.add_django_website(
    name="web",
    db_name="mywebsite",
    repository_url="git@gitlab.com:project/website.git",
    repository_branch="main",
    website_hosts=["example.com", "www.example.com"],
    django_settings_module="mywebsite.settings.production",
    comms_data_location="europe",
    comms_domains=["mydomain.com"],
)

django.add_database_administrator(
    object_id="a1b2c3....",
    user_name="user@example.com",
    tenant_id="a1b2c3....",
)
```

## Deployment steps

1. Deploy without custom hosts (for CDN and websites)
2. Configure the PostgreSQL server (create and grant permissions to role for your websites)
3. Retrieve the deployment SSH key and configure your remote GIT repository with it
4. Configure your CDN host (add the CNAME record)
5. Configure your custom website domains (add CNAME/A record and TXT validation records)
6. Re-deploy with custom hosts
7. Re-deploy once more to enable HTTPS on website domains
8. Manually activate HTTPS on the CDN host
9. Go to the e-mail communications service on Azure and configure DKIM, SPF,... for your custom domains.

## Custom domain name for CDN
When deploying the first time, you will get a `cdn_cname` output. You need to create a CNAME to this domain before the deployment of the custom domain will succeed.

You can safely deploy with the failing CustomDomain to get the CNAME, create the record and then deploy again.

To enable HTTPS, you need to do this manually in the console. This is because of a limitation in the Azure API:
https://github.com/Azure/azure-rest-api-specs/issues/17498

## Custom domain names for web application
Because of a circular dependency in custom domain name bindings and certificates that is out of our control, you need to deploy the stack twice.

The first time will create the bindings without a certificate.
The second deployment will then create the certificate for the domain (which is only possible if the binding exists), but also set the fingerprint of that certificate on the binding.

To make the certificate work, you need to create a TXT record named `asuid` point to the output of `{your_app}_site_domain_verification_id`. For example:

```
asuid.mywebsite.com.      TXT  "A1B2C3D4E5..."
asuid.www.mywebsite.com.  TXT  "A1B2C3D4E5..."
```

## Database authentication
The PostgreSQL uses Entra ID authentication only, no passwords.

### Administrator login
If you want to log in to the database yourself, you can add yourself as an administrator with the `add_database_administrator` function.
Your username is your e-mailaddress, a temporary password can be obtained using `az account get-access-token`.

You can use this method to log in to pgAdmin.

### Application
Refer to this documentation:
https://learn.microsoft.com/en-us/azure/postgresql/flexible-server/how-to-manage-azure-ad-users#create-a-role-using-microsoft-entra-object-identifier

In short, run something like this in the `postgres` database:
```
SELECT * FROM pgaadauth_create_principal_with_oid('web_managed_identity', 'c8b25b85-d060-4cfc-bad4-b8581cfdf946', 'service', false, false);
```
Replace the GUID of course with the managed identity our web app gets.

The name of the role is outputted by `{your_app}_site_db_user`

Be sure to grant this role the correct permissions too.

## pgAdmin specifics
pgAdmin will be created with a default login:
* Login: dbadmin@dbadmin.net
* Password: dbadmin

Best practice is to log in right away, create a user for yourself and delete this default user.

## Azure OAuth2 / Django Social Auth
If you want to set up login with Azure, which would make sense since you are in the ecosystem, you need to create an App Registration in Entra ID, create a secret and then register these settings in your stack:
```
pulumi config set --secret --path 'mywebsite_social_auth_azure.key' secret_ID
pulumi config set --secret --path 'mywebsite_social_auth_azure.secret' secret_value
pulumi config set --secret --path 'mywebsite_social_auth_azure.tenant_id' directory_tenant_id
pulumi config set --secret --path 'mywebsite_social_auth_azure.client_id' application_id
```

Then in your Django deployment, pass to the `add_django_website` command:
```
secrets={
    "mywebsite_social_auth_azure": "AZURE_OAUTH",
},
```

The value will be automatically stored in the vault where the application has access to.
The environment variable will be suffixed with `_SECRET_NAME`.

Then, in your application, retrieve this data from the vault, e.g.:
```python
from azure.keyvault.secrets import SecretClient
from azure.identity import DefaultAzureCredential

# Azure credentials
azure_credential = DefaultAzureCredential()

# Azure Key Vault
AZURE_KEY_VAULT = env("AZURE_KEY_VAULT")
AZURE_KEY_VAULT_URI = f"https://{AZURE_KEY_VAULT}.vault.azure.net"
azure_key_vault_client = SecretClient(vault_url=AZURE_KEY_VAULT_URI, credential=azure_credential)

# Social Auth settings
oauth_secret = azure_key_vault_client.get_secret(env("AZURE_OAUTH_SECRET_NAME"))
oauth_secret = json.loads(oauth_secret.value)
SOCIAL_AUTH_AZUREAD_TENANT_OAUTH2_KEY = oauth_secret["client_id"]
SOCIAL_AUTH_AZUREAD_TENANT_OAUTH2_SECRET = oauth_secret["secret"]
SOCIAL_AUTH_AZUREAD_TENANT_OAUTH2_TENANT_ID = oauth_secret["tenant_id"]
SOCIAL_AUTH_ADMIN_USER_SEARCH_FIELDS = ["username", "first_name", "last_name", "email"]
SOCIAL_AUTH_POSTGRES_JSONFIELD = True

AUTHENTICATION_BACKENDS = (
    "social_core.backends.azuread_tenant.AzureADTenantOAuth2",
    "django.contrib.auth.backends.ModelBackend",
)
```

And of course add the login button somewhere, following Django Social Auth instructions.

## Automate deployments
When using a service like GitLab, you can configure a Webhook to fire upon a push to your branch.

You need to download the deployment profile to obtain the deployment username and password, and then you can construct a URL like this:

```
https://{user}:{pass}@{appname}.scm.azurewebsites.net/deploy

```

```
https://{appname}.scm.azurewebsites.net/api/sshkey?ensurePublicKey=1
```

Be sure to configure the SSH key that Azure will use on GitLab side. You can obtain it using:

This would then trigger a redeploy everytime you make a commit to your live branch.

## CDN Purging
We added a management command to Django to purge the CDN cache, and added that to the startup script. Our version is here:
```python
import os

from azure.mgmt.cdn import CdnManagementClient
from azure.mgmt.cdn.models import PurgeParameters
from django.core.management.base import BaseCommand

from core.azure_helper import AZURE_CREDENTIAL, get_subscription_id


class Command(BaseCommand):
    help = "Purges the CDN endpoint"

    def add_arguments(self, parser):
        parser.add_argument(
            "--wait",
            action="store_true",
            help="Wait for the purge operation to complete",
        )

    def handle(self, *args, **options):
        # Read environment variables
        resource_group = os.getenv("WEBSITE_RESOURCE_GROUP")
        profile_name = os.getenv("CDN_PROFILE")
        endpoint_name = os.getenv("CDN_ENDPOINT")
        content_paths = ["/*"]

        # Ensure all required environment variables are set
        if not all([resource_group, profile_name, endpoint_name]):
            self.stderr.write(self.style.ERROR("Missing required environment variables."))
            return

        # Authenticate with Azure
        cdn_client = CdnManagementClient(AZURE_CREDENTIAL, get_subscription_id())

        try:
            # Purge the CDN endpoint
            purge_operation = cdn_client.endpoints.begin_purge_content(
                resource_group_name=resource_group,
                profile_name=profile_name,
                endpoint_name=endpoint_name,
                content_file_paths=PurgeParameters(content_paths=content_paths),
            )

            # Check if the --wait argument was provided
            if options["wait"]:
                purge_operation.result()  # Wait for the operation to complete
                self.stdout.write(self.style.SUCCESS("CDN endpoint purge operation completed successfully."))
            else:
                self.stdout.write(self.style.SUCCESS("CDN endpoint purge operation started successfully."))

        except Exception as e:
            self.stderr.write(self.style.ERROR(f"Error executing CDN endpoint purge command: {e}"))
```

And our azure_helper:
```python
from azure.identity import DefaultAzureCredential
from azure.mgmt.resource import SubscriptionClient

# Azure credentials
AZURE_CREDENTIAL = DefaultAzureCredential()


def get_db_password() -> str:
    return AZURE_CREDENTIAL.get_token("https://ossrdbms-aad.database.windows.net/.default").token


def get_subscription_id() -> str:
    subscription_client = SubscriptionClient(AZURE_CREDENTIAL)
    subscriptions = list(subscription_client.subscriptions.list())
    return subscriptions[0].subscription_id
```

## Change requests
I created this for internal use but since it took me a while to puzzle all the things together I decided to share it.
Therefore this project is not super generic, but tailored to my needs. I am however open to pull or change requests to improve this project or to make it more usable for others.

Raw data

            {
    "_id": null,
    "home_page": null,
    "name": "pulumi-django-azure",
    "maintainer": null,
    "docs_url": null,
    "requires_python": ">=3.9",
    "maintainer_email": null,
    "keywords": "django, pulumi, azure",
    "author": null,
    "author_email": "Maarten Ureel <maarten@youreal.eu>",
    "download_url": "https://files.pythonhosted.org/packages/ac/93/f6f922973c9aba32695ae5173de8029703239a8ba12811a6fe2ba400182a/pulumi_django_azure-1.0.16.tar.gz",
    "platform": null,
    "description": "# Pulumi Django Deployment\r\n\r\nThis project aims to make a simple Django deployment on Azure easier.\r\n\r\nTo have a proper and secure environment, we need these components:\r\n* Storage account for media and static files\r\n* CDN endpoint in front with a domain name of our choosing\r\n* PostgreSQL server\r\n* Azure Communication Services to send e-mails\r\n* Webapp with multiple custom host names and managed SSL for the website itself\r\n* Azure Key Vault per application\r\n* Webapp running pgAdmin\r\n\r\n## Project requirements\r\nYour Django project should contain a folder `cicd` with these files:\r\n* pre_build.sh: commands to be executed before building the application, for example NPM install, CSS build commands,...\r\n* post_build.sh: commands to be executed after building the application, e.g. cleaning up.\r\n  Note that this runs in the identity of the build container, so you should not run database or storage manipulations here.\r\n* startup.sh: commands to run the actual application. I recommend to put at least:\r\n  ```bash\r\n  python manage.py migrate\r\n  python manage.py collectstatic --noinput\r\n  python manage.py purge_cdn\r\n  gunicorn --timeout 600 --workers $((($NUM_CORES*2)+1)) --chdir $APP_PATH yourapplication.wsgi --access-logfile '-' --error-logfile '-'\r\n  ```\r\n  Be sure to change `yourapplication` in the above. To see the `purge_cdn` management command we use here, see below.\r\n## Installation\r\nThis package is published on PyPi, so you can just add pulumi-django-azure to your requirements file.\r\n\r\nTo use a specific branch in your project, add to pyproject.toml dependencies:\r\n```\r\npulumi-django-azure = { git = \"git@gitlab.com:MaartenUreel/pulumi-django-azure.git\", branch = \"dev\" }\r\n```\r\n\r\nA simple project could look like this:\r\n```python\r\nimport pulumi\r\nimport pulumi_azure_native as azure\r\nfrom pulumi_django_azure import DjangoDeployment\r\n\r\nstack = pulumi.get_stack()\r\nconfig = pulumi.Config()\r\n\r\n\r\n# Create resource group\r\nrg = azure.resources.ResourceGroup(f\"rg-{stack}\")\r\n\r\n# Create VNet\r\nvnet = azure.network.VirtualNetwork(\r\n    f\"vnet-{stack}\",\r\n    resource_group_name=rg.name,\r\n    address_space=azure.network.AddressSpaceArgs(\r\n        address_prefixes=[\"10.0.0.0/16\"],\r\n    ),\r\n)\r\n\r\n# Deploy the website and all its components\r\ndjango = DjangoDeployment(\r\n    stack,\r\n    tenant_id=\"abc123...\",\r\n    resource_group_name=rg.name,\r\n    vnet=vnet,\r\n    pgsql_ip_prefix=\"10.0.10.0/24\",\r\n    appservice_ip_prefix=\"10.0.20.0/24\",\r\n    app_service_sku=azure.web.SkuDescriptionArgs(\r\n        name=\"B2\",\r\n        tier=\"Basic\",\r\n    ),\r\n    storage_account_name=\"mystorageaccount\",\r\n    cdn_host=\"cdn.example.com\",\r\n)\r\n\r\ndjango.add_django_website(\r\n    name=\"web\",\r\n    db_name=\"mywebsite\",\r\n    repository_url=\"git@gitlab.com:project/website.git\",\r\n    repository_branch=\"main\",\r\n    website_hosts=[\"example.com\", \"www.example.com\"],\r\n    django_settings_module=\"mywebsite.settings.production\",\r\n    comms_data_location=\"europe\",\r\n    comms_domains=[\"mydomain.com\"],\r\n)\r\n\r\ndjango.add_database_administrator(\r\n    object_id=\"a1b2c3....\",\r\n    user_name=\"user@example.com\",\r\n    tenant_id=\"a1b2c3....\",\r\n)\r\n```\r\n\r\n## Deployment steps\r\n\r\n1. Deploy without custom hosts (for CDN and websites)\r\n2. Configure the PostgreSQL server (create and grant permissions to role for your websites)\r\n3. Retrieve the deployment SSH key and configure your remote GIT repository with it\r\n4. Configure your CDN host (add the CNAME record)\r\n5. Configure your custom website domains (add CNAME/A record and TXT validation records)\r\n6. Re-deploy with custom hosts\r\n7. Re-deploy once more to enable HTTPS on website domains\r\n8. Manually activate HTTPS on the CDN host\r\n9. Go to the e-mail communications service on Azure and configure DKIM, SPF,... for your custom domains.\r\n\r\n## Custom domain name for CDN\r\nWhen deploying the first time, you will get a `cdn_cname` output. You need to create a CNAME to this domain before the deployment of the custom domain will succeed.\r\n\r\nYou can safely deploy with the failing CustomDomain to get the CNAME, create the record and then deploy again.\r\n\r\nTo enable HTTPS, you need to do this manually in the console. This is because of a limitation in the Azure API:\r\nhttps://github.com/Azure/azure-rest-api-specs/issues/17498\r\n\r\n## Custom domain names for web application\r\nBecause of a circular dependency in custom domain name bindings and certificates that is out of our control, you need to deploy the stack twice.\r\n\r\nThe first time will create the bindings without a certificate.\r\nThe second deployment will then create the certificate for the domain (which is only possible if the binding exists), but also set the fingerprint of that certificate on the binding.\r\n\r\nTo make the certificate work, you need to create a TXT record named `asuid` point to the output of `{your_app}_site_domain_verification_id`. For example:\r\n\r\n```\r\nasuid.mywebsite.com.      TXT  \"A1B2C3D4E5...\"\r\nasuid.www.mywebsite.com.  TXT  \"A1B2C3D4E5...\"\r\n```\r\n\r\n## Database authentication\r\nThe PostgreSQL uses Entra ID authentication only, no passwords.\r\n\r\n### Administrator login\r\nIf you want to log in to the database yourself, you can add yourself as an administrator with the `add_database_administrator` function.\r\nYour username is your e-mailaddress, a temporary password can be obtained using `az account get-access-token`.\r\n\r\nYou can use this method to log in to pgAdmin.\r\n\r\n### Application\r\nRefer to this documentation:\r\nhttps://learn.microsoft.com/en-us/azure/postgresql/flexible-server/how-to-manage-azure-ad-users#create-a-role-using-microsoft-entra-object-identifier\r\n\r\nIn short, run something like this in the `postgres` database:\r\n```\r\nSELECT * FROM pgaadauth_create_principal_with_oid('web_managed_identity', 'c8b25b85-d060-4cfc-bad4-b8581cfdf946', 'service', false, false);\r\n```\r\nReplace the GUID of course with the managed identity our web app gets.\r\n\r\nThe name of the role is outputted by `{your_app}_site_db_user`\r\n\r\nBe sure to grant this role the correct permissions too.\r\n\r\n## pgAdmin specifics\r\npgAdmin will be created with a default login:\r\n* Login: dbadmin@dbadmin.net\r\n* Password: dbadmin\r\n\r\nBest practice is to log in right away, create a user for yourself and delete this default user.\r\n\r\n## Azure OAuth2 / Django Social Auth\r\nIf you want to set up login with Azure, which would make sense since you are in the ecosystem, you need to create an App Registration in Entra ID, create a secret and then register these settings in your stack:\r\n```\r\npulumi config set --secret --path 'mywebsite_social_auth_azure.key' secret_ID\r\npulumi config set --secret --path 'mywebsite_social_auth_azure.secret' secret_value\r\npulumi config set --secret --path 'mywebsite_social_auth_azure.tenant_id' directory_tenant_id\r\npulumi config set --secret --path 'mywebsite_social_auth_azure.client_id' application_id\r\n```\r\n\r\nThen in your Django deployment, pass to the `add_django_website` command:\r\n```\r\nsecrets={\r\n    \"mywebsite_social_auth_azure\": \"AZURE_OAUTH\",\r\n},\r\n```\r\n\r\nThe value will be automatically stored in the vault where the application has access to.\r\nThe environment variable will be suffixed with `_SECRET_NAME`.\r\n\r\nThen, in your application, retrieve this data from the vault, e.g.:\r\n```python\r\nfrom azure.keyvault.secrets import SecretClient\r\nfrom azure.identity import DefaultAzureCredential\r\n\r\n# Azure credentials\r\nazure_credential = DefaultAzureCredential()\r\n\r\n# Azure Key Vault\r\nAZURE_KEY_VAULT = env(\"AZURE_KEY_VAULT\")\r\nAZURE_KEY_VAULT_URI = f\"https://{AZURE_KEY_VAULT}.vault.azure.net\"\r\nazure_key_vault_client = SecretClient(vault_url=AZURE_KEY_VAULT_URI, credential=azure_credential)\r\n\r\n# Social Auth settings\r\noauth_secret = azure_key_vault_client.get_secret(env(\"AZURE_OAUTH_SECRET_NAME\"))\r\noauth_secret = json.loads(oauth_secret.value)\r\nSOCIAL_AUTH_AZUREAD_TENANT_OAUTH2_KEY = oauth_secret[\"client_id\"]\r\nSOCIAL_AUTH_AZUREAD_TENANT_OAUTH2_SECRET = oauth_secret[\"secret\"]\r\nSOCIAL_AUTH_AZUREAD_TENANT_OAUTH2_TENANT_ID = oauth_secret[\"tenant_id\"]\r\nSOCIAL_AUTH_ADMIN_USER_SEARCH_FIELDS = [\"username\", \"first_name\", \"last_name\", \"email\"]\r\nSOCIAL_AUTH_POSTGRES_JSONFIELD = True\r\n\r\nAUTHENTICATION_BACKENDS = (\r\n    \"social_core.backends.azuread_tenant.AzureADTenantOAuth2\",\r\n    \"django.contrib.auth.backends.ModelBackend\",\r\n)\r\n```\r\n\r\nAnd of course add the login button somewhere, following Django Social Auth instructions.\r\n\r\n## Automate deployments\r\nWhen using a service like GitLab, you can configure a Webhook to fire upon a push to your branch.\r\n\r\nYou need to download the deployment profile to obtain the deployment username and password, and then you can construct a URL like this:\r\n\r\n```\r\nhttps://{user}:{pass}@{appname}.scm.azurewebsites.net/deploy\r\n\r\n```\r\n\r\n```\r\nhttps://{appname}.scm.azurewebsites.net/api/sshkey?ensurePublicKey=1\r\n```\r\n\r\nBe sure to configure the SSH key that Azure will use on GitLab side. You can obtain it using:\r\n\r\nThis would then trigger a redeploy everytime you make a commit to your live branch.\r\n\r\n## CDN Purging\r\nWe added a management command to Django to purge the CDN cache, and added that to the startup script. Our version is here:\r\n```python\r\nimport os\r\n\r\nfrom azure.mgmt.cdn import CdnManagementClient\r\nfrom azure.mgmt.cdn.models import PurgeParameters\r\nfrom django.core.management.base import BaseCommand\r\n\r\nfrom core.azure_helper import AZURE_CREDENTIAL, get_subscription_id\r\n\r\n\r\nclass Command(BaseCommand):\r\n    help = \"Purges the CDN endpoint\"\r\n\r\n    def add_arguments(self, parser):\r\n        parser.add_argument(\r\n            \"--wait\",\r\n            action=\"store_true\",\r\n            help=\"Wait for the purge operation to complete\",\r\n        )\r\n\r\n    def handle(self, *args, **options):\r\n        # Read environment variables\r\n        resource_group = os.getenv(\"WEBSITE_RESOURCE_GROUP\")\r\n        profile_name = os.getenv(\"CDN_PROFILE\")\r\n        endpoint_name = os.getenv(\"CDN_ENDPOINT\")\r\n        content_paths = [\"/*\"]\r\n\r\n        # Ensure all required environment variables are set\r\n        if not all([resource_group, profile_name, endpoint_name]):\r\n            self.stderr.write(self.style.ERROR(\"Missing required environment variables.\"))\r\n            return\r\n\r\n        # Authenticate with Azure\r\n        cdn_client = CdnManagementClient(AZURE_CREDENTIAL, get_subscription_id())\r\n\r\n        try:\r\n            # Purge the CDN endpoint\r\n            purge_operation = cdn_client.endpoints.begin_purge_content(\r\n                resource_group_name=resource_group,\r\n                profile_name=profile_name,\r\n                endpoint_name=endpoint_name,\r\n                content_file_paths=PurgeParameters(content_paths=content_paths),\r\n            )\r\n\r\n            # Check if the --wait argument was provided\r\n            if options[\"wait\"]:\r\n                purge_operation.result()  # Wait for the operation to complete\r\n                self.stdout.write(self.style.SUCCESS(\"CDN endpoint purge operation completed successfully.\"))\r\n            else:\r\n                self.stdout.write(self.style.SUCCESS(\"CDN endpoint purge operation started successfully.\"))\r\n\r\n        except Exception as e:\r\n            self.stderr.write(self.style.ERROR(f\"Error executing CDN endpoint purge command: {e}\"))\r\n```\r\n\r\nAnd our azure_helper:\r\n```python\r\nfrom azure.identity import DefaultAzureCredential\r\nfrom azure.mgmt.resource import SubscriptionClient\r\n\r\n# Azure credentials\r\nAZURE_CREDENTIAL = DefaultAzureCredential()\r\n\r\n\r\ndef get_db_password() -> str:\r\n    return AZURE_CREDENTIAL.get_token(\"https://ossrdbms-aad.database.windows.net/.default\").token\r\n\r\n\r\ndef get_subscription_id() -> str:\r\n    subscription_client = SubscriptionClient(AZURE_CREDENTIAL)\r\n    subscriptions = list(subscription_client.subscriptions.list())\r\n    return subscriptions[0].subscription_id\r\n```\r\n\r\n## Change requests\r\nI created this for internal use but since it took me a while to puzzle all the things together I decided to share it.\r\nTherefore this project is not super generic, but tailored to my needs. I am however open to pull or change requests to improve this project or to make it more usable for others.\r\n",
    "bugtrack_url": null,
    "license": "MIT License  Copyright (c) 2023 YouReal BV  Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:  The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.  THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. ",
    "summary": "Simply deployment of Django on Azure with Pulumi",
    "version": "1.0.16",
    "project_urls": {
        "Homepage": "https://gitlab.com/MaartenUreel/pulumi-django-azure"
    },
    "split_keywords": [
        "django",
        " pulumi",
        " azure"
    ],
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "c2e99fd4c0a12fe509a755747aa58c311f06e03c0179b24319da951030ea7088",
                "md5": "f809d511f5fede8584cbb9fc79703ed7",
                "sha256": "731ba7a34e01c143ef87dc64b085bb8ff549392adadc2ee037f9b52dc782d20b"
            },
            "downloads": -1,
            "filename": "pulumi_django_azure-1.0.16-py3-none-any.whl",
            "has_sig": false,
            "md5_digest": "f809d511f5fede8584cbb9fc79703ed7",
            "packagetype": "bdist_wheel",
            "python_version": "py3",
            "requires_python": ">=3.9",
            "size": 17323,
            "upload_time": "2024-11-11T12:06:49",
            "upload_time_iso_8601": "2024-11-11T12:06:49.424367Z",
            "url": "https://files.pythonhosted.org/packages/c2/e9/9fd4c0a12fe509a755747aa58c311f06e03c0179b24319da951030ea7088/pulumi_django_azure-1.0.16-py3-none-any.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "ac93f6f922973c9aba32695ae5173de8029703239a8ba12811a6fe2ba400182a",
                "md5": "f8be523e56c97c6abc6e3811cbd6a3e5",
                "sha256": "16947fc885ab22675e35156f73e2fa0c428b90aa6607f1ae720afbed1f5b9a2c"
            },
            "downloads": -1,
            "filename": "pulumi_django_azure-1.0.16.tar.gz",
            "has_sig": false,
            "md5_digest": "f8be523e56c97c6abc6e3811cbd6a3e5",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": ">=3.9",
            "size": 21563,
            "upload_time": "2024-11-11T12:06:51",
            "upload_time_iso_8601": "2024-11-11T12:06:51.074077Z",
            "url": "https://files.pythonhosted.org/packages/ac/93/f6f922973c9aba32695ae5173de8029703239a8ba12811a6fe2ba400182a/pulumi_django_azure-1.0.16.tar.gz",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2024-11-11 12:06:51",
    "github": false,
    "gitlab": true,
    "bitbucket": false,
    "codeberg": false,
    "gitlab_user": "MaartenUreel",
    "gitlab_project": "pulumi-django-azure",
    "lcname": "pulumi-django-azure"
}
None
Elapsed time: 9.51827s