Skip to content

Commit 13bb61f

Browse files
Merge pull request #244035 from KarlErickson/karler-export
bulk update to fix Bash variable formatting
2 parents c01b17a + 465ff58 commit 13bb61f

19 files changed

+240
-199
lines changed

articles/spring-apps/access-app-virtual-network.md

Lines changed: 15 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -41,17 +41,17 @@ When **Assign Endpoint** on applications in an Azure Spring Apps service instanc
4141
Find the IP Address for your Spring Cloud services. Customize the value of your Azure Spring Apps instance name based on your real environment.
4242

4343
```azurecli
44-
SPRING_CLOUD_NAME='spring-cloud-name'
45-
SERVICE_RUNTIME_RG=`az spring show \
44+
export SPRING_CLOUD_NAME='spring-cloud-name'
45+
export SERVICE_RUNTIME_RG=$(az spring show \
4646
--resource-group $RESOURCE_GROUP \
4747
--name $SPRING_CLOUD_NAME \
4848
--query "properties.networkProfile.serviceRuntimeNetworkResourceGroup" \
49-
--output tsv`
50-
IP_ADDRESS=`az network lb frontend-ip list \
49+
--output tsv)
50+
export IP_ADDRESS=$(az network lb frontend-ip list \
5151
--lb-name kubernetes-internal \
5252
--resource-group $SERVICE_RUNTIME_RG \
5353
--query "[0].privateIpAddress" \
54-
--output tsv`
54+
--output tsv)
5555
```
5656

5757
---
@@ -84,9 +84,9 @@ The following procedure creates a private DNS zone for an application in the pri
8484
1. Define variables for your subscription, resource group, and Azure Spring Apps instance. Customize the values based on your real environment.
8585

8686
```azurecli
87-
SUBSCRIPTION='subscription-id'
88-
RESOURCE_GROUP='my-resource-group'
89-
VIRTUAL_NETWORK_NAME='azure-spring-apps-vnet'
87+
export SUBSCRIPTION='subscription-id'
88+
export RESOURCE_GROUP='my-resource-group'
89+
export VIRTUAL_NETWORK_NAME='azure-spring-apps-vnet'
9090
```
9191

9292
1. Sign in to the Azure CLI and choose your active subscription.
@@ -96,7 +96,7 @@ The following procedure creates a private DNS zone for an application in the pri
9696
az account set --subscription ${SUBSCRIPTION}
9797
```
9898

99-
1. Create the private DNS zone.
99+
1. Create the private DNS zone.
100100

101101
```azurecli
102102
az network private-dns zone create \
@@ -167,14 +167,14 @@ To use the private DNS zone to translate/resolve DNS, you must create an "A" typ
167167

168168
#### [CLI](#tab/azure-CLI)
169169

170-
Use the [IP address](#find-the-ip-for-your-application) to create the A record in your DNS zone.
170+
Use the [IP address](#find-the-ip-for-your-application) to create the A record in your DNS zone.
171171

172172
```azurecli
173173
az network private-dns record-set a add-record \
174-
--resource-group $RESOURCE_GROUP \
175-
--zone-name private.azuremicroservices.io \
176-
--record-set-name '*' \
177-
--ipv4-address $IP_ADDRESS
174+
--resource-group $RESOURCE_GROUP \
175+
--zone-name private.azuremicroservices.io \
176+
--record-set-name '*' \
177+
--ipv4-address $IP_ADDRESS
178178
```
179179

180180
---
@@ -200,7 +200,7 @@ After following the procedure in [Deploy Azure Spring Apps in a virtual network]
200200
Update your app to assign an endpoint to it. Customize the value of your app name based on your real environment.
201201

202202
```azurecli
203-
SPRING_CLOUD_APP='your spring cloud app'
203+
export SPRING_CLOUD_APP='your spring cloud app'
204204
az spring app update \
205205
--resource-group $RESOURCE_GROUP \
206206
--name $SPRING_CLOUD_APP \

articles/spring-apps/connect-managed-identity-to-azure-sql.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -88,7 +88,7 @@ Configure your app deployed to Azure Spring Apps to connect to an Azure SQL Data
8888
1. Use the following command to check the creation result:
8989

9090
```azurecli
91-
CONNECTION_NAME=$(az spring connection list \
91+
export CONNECTION_NAME=$(az spring connection list \
9292
--resource-group $SPRING_APP_RESOURCE_GROUP \
9393
--service $SPRING_APP_SERVICE_NAME \
9494
--app $APP_NAME \

articles/spring-apps/expose-apps-gateway-end-to-end-tls.md

Lines changed: 48 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -48,15 +48,15 @@ To configure Application Gateway in front of Azure Spring Apps, use the followin
4848
Next, use the following commands to define variables for the resource group and virtual network you created as directed in [Deploy Azure Spring Apps in a virtual network](./how-to-deploy-in-azure-virtual-network.md). Customize the values based on your real environment. When you define `SPRING_APP_PRIVATE_FQDN`, remove `https://` from the URI.
4949

5050
```bash
51-
SUBSCRIPTION='subscription-id'
52-
RESOURCE_GROUP='my-resource-group'
53-
LOCATION='eastus'
54-
SPRING_CLOUD_NAME='name-of-spring-cloud-instance'
55-
APPNAME='name-of-app-in-azure-spring-apps'
56-
SPRING_APP_PRIVATE_FQDN='$APPNAME.private.azuremicroservices.io'
57-
VIRTUAL_NETWORK_NAME='azure-spring-apps-vnet'
58-
APPLICATION_GATEWAY_SUBNET_NAME='app-gw-subnet'
59-
APPLICATION_GATEWAY_SUBNET_CIDR='10.1.2.0/24'
51+
export SUBSCRIPTION='subscription-id'
52+
export RESOURCE_GROUP='my-resource-group'
53+
export LOCATION='eastus'
54+
export SPRING_CLOUD_NAME='name-of-spring-cloud-instance'
55+
export APPNAME='name-of-app-in-azure-spring-apps'
56+
export SPRING_APP_PRIVATE_FQDN='$APPNAME.private.azuremicroservices.io'
57+
export VIRTUAL_NETWORK_NAME='azure-spring-apps-vnet'
58+
export APPLICATION_GATEWAY_SUBNET_NAME='app-gw-subnet'
59+
export APPLICATION_GATEWAY_SUBNET_CIDR='10.1.2.0/24'
6060
```
6161

6262
## Sign in to Azure
@@ -107,8 +107,8 @@ Next, adapt the policy JSON as shown in the following example, indicating the `s
107107
After you've finished updating the policy JSON (see [Update Certificate Policy](/rest/api/keyvault/certificates/update-certificate-policy/update-certificate-policy)), you can create a self-signed certificate in Key Vault by using the following commands:
108108

109109
```azurecli
110-
KV_NAME='name-of-key-vault'
111-
CERT_NAME_IN_KEY_VAULT='name-of-certificate-in-key-vault'
110+
export KV_NAME='name-of-key-vault'
111+
export CERT_NAME_IN_KEY_VAULT='name-of-certificate-in-key-vault'
112112
113113
az keyvault certificate create \
114114
--vault-name $KV_NAME \
@@ -123,20 +123,32 @@ az keyvault certificate create \
123123
Traffic will enter the application deployed on Azure Spring Apps using the public domain name. To configure your application to listen to this host name and do so over HTTPS, use the following commands to add a custom domain to your app:
124124

125125
```azurecli
126-
KV_NAME='name-of-key-vault'
127-
KV_RG='resource-group-name-of-key-vault'
128-
CERT_NAME_IN_AZURE_SPRING_APPS='name-of-certificate-in-Azure-Spring-Apps'
129-
CERT_NAME_IN_KEY_VAULT='name-of-certificate-with-intermediaries-in-key-vault'
130-
DOMAIN_NAME=myapp.mydomain.com
126+
export KV_NAME='name-of-key-vault'
127+
export KV_RG='resource-group-name-of-key-vault'
128+
export CERT_NAME_IN_AZURE_SPRING_APPS='name-of-certificate-in-Azure-Spring-Apps'
129+
export CERT_NAME_IN_KEY_VAULT='name-of-certificate-with-intermediaries-in-key-vault'
130+
export DOMAIN_NAME=myapp.mydomain.com
131131
132132
# provide permissions to Azure Spring Apps to read the certificate from Key Vault:
133-
VAULTURI=$(az keyvault show -n $KV_NAME -g $KV_RG --query properties.vaultUri -o tsv)
133+
export VAULTURI=$(az keyvault show \
134+
--resource-group $KV_RG \
135+
--name $KV_NAME \
136+
--query properties.vaultUri \
137+
--output tsv)
134138
135139
# get the object id for the Azure Spring Apps Domain-Management Service Principal:
136-
ASADM_OID=$(az ad sp show --id 03b39d0f-4213-4864-a245-b1476ec03169 --query objectId --output tsv)
140+
export ASADM_OID=$(az ad sp show \
141+
--id 03b39d0f-4213-4864-a245-b1476ec03169 \
142+
--query objectId \
143+
--output tsv)
137144
138145
# allow this Service Principal to read and list certificates and secrets from Key Vault:
139-
az keyvault set-policy -g $KV_RG -n $KV_NAME --object-id $ASADM_OID --certificate-permissions get list --secret-permissions get list
146+
az keyvault set-policy \
147+
--resource-group $KV_RG \
148+
--name $KV_NAME \
149+
--object-id $ASADM_OID \
150+
--certificate-permissions get list \
151+
--secret-permissions get list
140152
141153
# add custom domain name and configure TLS using the certificate:
142154
az spring certificate add \
@@ -157,7 +169,7 @@ az spring app custom-domain bind \
157169
The Azure Application Gateway to be created will join the same virtual network as--or peered virtual network to--the Azure Spring Apps service instance. First create a new subnet for the Application Gateway in the virtual network using `az network vnet subnet create`, and also create a Public IP address as the Frontend of the Application Gateway using `az network public-ip create`.
158170

159171
```azurecli
160-
APPLICATION_GATEWAY_PUBLIC_IP_NAME='app-gw-public-ip'
172+
export APPLICATION_GATEWAY_PUBLIC_IP_NAME='app-gw-public-ip'
161173
az network vnet subnet create \
162174
--name $APPLICATION_GATEWAY_SUBNET_NAME \
163175
--resource-group $RESOURCE_GROUP \
@@ -176,7 +188,7 @@ az network public-ip create \
176188
Application Gateway will need to be able to access Key Vault to read the certificate. To do so, it will use a User-assigned [Managed Identity](../active-directory/managed-identities-azure-resources/overview.md). Create the Managed Identity by using the following command:
177189

178190
```azurecli
179-
APPGW_IDENTITY_NAME='name-for-appgw-managed-identity'
191+
export APPGW_IDENTITY_NAME='name-for-appgw-managed-identity'
180192
az identity create \
181193
--resource-group $RESOURCE_GROUP \
182194
--name $APPGW_IDENTITY_NAME
@@ -185,8 +197,15 @@ az identity create \
185197
Then fetch the objectId for the Managed Identity as it will be used later on to give rights to access the certificate in Key Vault:
186198

187199
```azurecli
188-
APPGW_IDENTITY_CLIENTID=$(az identity show --resource-group $RESOURCE_GROUP --name $APPGW_IDENTITY_NAME --query clientId --output tsv)
189-
APPGW_IDENTITY_OID=$(az ad sp show --id $APPGW_IDENTITY_CLIENTID --query objectId --output tsv)
200+
export APPGW_IDENTITY_CLIENTID=$(az identity show \
201+
--resource-group $RESOURCE_GROUP \
202+
--name $APPGW_IDENTITY_NAME \
203+
--query clientId \
204+
--output tsv)
205+
export APPGW_IDENTITY_OID=$(az ad sp show \
206+
--id $APPGW_IDENTITY_CLIENTID \
207+
--query objectId \
208+
--output tsv)
190209
```
191210

192211
## Set policy on Key Vault
@@ -207,9 +226,13 @@ az keyvault set-policy \
207226
Create an application gateway using `az network application-gateway create` and specify your application's private fully qualified domain name (FQDN) as servers in the backend pool. Make sure to use the user-assigned Managed Identity and to point to the certificate in Key Vault using the certificate's Secret ID. Then update the HTTP setting using `az network application-gateway http-settings update` to use the public host name.
208227

209228
```azurecli
210-
APPGW_NAME='name-for-application-gateway'
229+
export APPGW_NAME='name-for-application-gateway'
211230
212-
KEYVAULT_SECRET_ID_FOR_CERT=$(az keyvault certificate show --name $CERT_NAME_IN_KEY_VAULT --vault-name $KV_NAME --query sid --output tsv)
231+
export KEYVAULT_SECRET_ID_FOR_CERT=$(az keyvault certificate show \
232+
--name $CERT_NAME_IN_KEY_VAULT \
233+
--vault-name $KV_NAME \
234+
--query sid \
235+
--output tsv)
213236
214237
az network application-gateway create \
215238
--name $APPGW_NAME \

articles/spring-apps/expose-apps-gateway-tls-termination.md

Lines changed: 31 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -47,15 +47,15 @@ To configure Application Gateway in front of Azure Spring Apps in a private VNET
4747
Next, use the following commands to define variables for the resource group and virtual network you created as directed in [Deploy Azure Spring Apps in a virtual network](how-to-deploy-in-azure-virtual-network.md). Replace the *\<...>* placeholders with real values based on your actual environment. When you define `SPRING_APP_PRIVATE_FQDN`, remove `https://` from the URI.
4848

4949
```bash
50-
SUBSCRIPTION='<subscription-id>'
51-
RESOURCE_GROUP='<resource-group-name>'
52-
LOCATION='eastus'
53-
SPRING_CLOUD_NAME='<name-of-Azure-Spring-Apps-instance>'
54-
APPNAME='<name-of-app-in-Azure-Spring-Apps>'
55-
SPRING_APP_PRIVATE_FQDN='$APPNAME.private.azuremicroservices.io'
56-
VIRTUAL_NETWORK_NAME='azure-spring-apps-vnet'
57-
APPLICATION_GATEWAY_SUBNET_NAME='app-gw-subnet'
58-
APPLICATION_GATEWAY_SUBNET_CIDR='10.1.2.0/24'
50+
export SUBSCRIPTION='<subscription-id>'
51+
export RESOURCE_GROUP='<resource-group-name>'
52+
export LOCATION='eastus'
53+
export SPRING_CLOUD_NAME='<name-of-Azure-Spring-Apps-instance>'
54+
export APPNAME='<name-of-app-in-Azure-Spring-Apps>'
55+
export SPRING_APP_PRIVATE_FQDN='$APPNAME.private.azuremicroservices.io'
56+
export VIRTUAL_NETWORK_NAME='azure-spring-apps-vnet'
57+
export APPLICATION_GATEWAY_SUBNET_NAME='app-gw-subnet'
58+
export APPLICATION_GATEWAY_SUBNET_CIDR='10.1.2.0/24'
5959
```
6060

6161
## Sign in to Azure
@@ -72,10 +72,10 @@ az account set --subscription $SUBSCRIPTION
7272
Traffic will enter the application deployed on Azure Spring Apps using the public domain name. To configure your application to listen to this host name over HTTP, use the following commands to add a custom domain to your app, replacing the *\<...>* placeholders with real values:
7373

7474
```azurecli
75-
KV_NAME='<name-of-key-vault>'
76-
KV_RG='<resource-group-name-of-key-vault>'
77-
CERT_NAME_IN_KV='<name-of-certificate-with-intermediaries-in-key-vault>'
78-
DOMAIN_NAME=myapp.mydomain.com
75+
export KV_NAME='<name-of-key-vault>'
76+
export KV_RG='<resource-group-name-of-key-vault>'
77+
export CERT_NAME_IN_KV='<name-of-certificate-with-intermediaries-in-key-vault>'
78+
export DOMAIN_NAME=myapp.mydomain.com
7979
8080
az spring app custom-domain bind \
8181
--resource-group $RESOURCE_GROUP \
@@ -89,7 +89,7 @@ az spring app custom-domain bind \
8989
The application gateway to be created will join the same virtual network as the Azure Spring Apps service instance. First, create a new subnet for the application gateway in the virtual network, then create a public IP address as the frontend of the application gateway, as shown in the following example.
9090

9191
```azurecli
92-
APPLICATION_GATEWAY_PUBLIC_IP_NAME='app-gw-public-ip'
92+
export APPLICATION_GATEWAY_PUBLIC_IP_NAME='app-gw-public-ip'
9393
az network vnet subnet create \
9494
--name $APPLICATION_GATEWAY_SUBNET_NAME \
9595
--resource-group $RESOURCE_GROUP \
@@ -108,7 +108,7 @@ az network public-ip create \
108108
Your application gateway will need to be able to access Key Vault to read the certificate. To do this, the application gateway will use a user-assigned managed identity. For more information, see [What are managed identities for Azure resources?](../active-directory/managed-identities-azure-resources/overview.md). Create the managed identity by using the following command, replacing the *\<...>* placeholder:
109109

110110
```azurecli
111-
APPGW_IDENTITY_NAME='<name-for-appgw-managed-identity>'
111+
export APPGW_IDENTITY_NAME='<name-for-appgw-managed-identity>'
112112
az identity create \
113113
--resource-group $RESOURCE_GROUP \
114114
--name $APPGW_IDENTITY_NAME
@@ -117,8 +117,15 @@ az identity create \
117117
Then, use the following command to fetch the `objectId` for the managed identity. This value will be used later on to give rights to access the certificate in Key Vault.
118118

119119
```azurecli
120-
APPGW_IDENTITY_CLIENTID=$(az identity show --resource-group $RESOURCE_GROUP --name $APPGW_IDENTITY_NAME --query clientId --output tsv)
121-
APPGW_IDENTITY_OID=$(az ad sp show --id $APPGW_IDENTITY_CLIENTID --query objectId --output tsv)
120+
export APPGW_IDENTITY_CLIENTID=$(az identity show \
121+
--resource-group $RESOURCE_GROUP \
122+
--name $APPGW_IDENTITY_NAME \
123+
--query clientId \
124+
--output tsv)
125+
export APPGW_IDENTITY_OID=$(az ad sp show \
126+
--id $APPGW_IDENTITY_CLIENTID \
127+
--query objectId \
128+
--output tsv)
122129
```
123130

124131
### Set policy on Key Vault
@@ -141,9 +148,13 @@ az keyvault set-policy \
141148
Create an application gateway using `az network application-gateway create` and specify your application's private fully qualified domain name (FQDN) as servers in the backend pool. Be sure to use the user-assigned managed identity and point to the certificate in Key Vault using the certificate's secret ID.
142149

143150
```azurecli
144-
APPGW_NAME='<name-for-application-gateway>'
145-
CERT_NAME_IN_KV='<name-of-certificate-in-key-vault>'
146-
KEYVAULT_SECRET_ID_FOR_CERT=$(az keyvault certificate show --name $CERT_NAME_IN_KV --vault-name $KV_NAME --query sid --output tsv)
151+
export APPGW_NAME='<name-for-application-gateway>'
152+
export CERT_NAME_IN_KV='<name-of-certificate-in-key-vault>'
153+
export KEYVAULT_SECRET_ID_FOR_CERT=$(az keyvault certificate show \
154+
--name $CERT_NAME_IN_KV \
155+
--vault-name $KV_NAME \
156+
--query sid \
157+
--output tsv)
147158
148159
az network application-gateway create \
149160
--name $APPGW_NAME \

articles/spring-apps/how-to-bind-mysql.md

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -60,11 +60,11 @@ Follow these steps to configure your Spring app to connect to an Azure Database
6060
1. Then, use the following command to create a user-assigned managed identity for Azure Active Directory authentication. Be sure to replace the variables in the example with actual values. For more information, see [Set up Azure Active Directory authentication for Azure Database for MySQL - Flexible Server](../mysql/flexible-server/how-to-azure-ad.md).
6161

6262
```azurecli
63-
AZ_IDENTITY_RESOURCE_ID=$(az identity create \
64-
--name $AZURE_USER_IDENTITY_NAME \
65-
--resource-group $AZURE_IDENTITY_RESOURCE_GROUP \
66-
--query id \
67-
--output tsv)
63+
export AZ_IDENTITY_RESOURCE_ID=$(az identity create \
64+
--name $AZURE_USER_IDENTITY_NAME \
65+
--resource-group $AZURE_IDENTITY_RESOURCE_GROUP \
66+
--query id \
67+
--output tsv)
6868
```
6969

7070
1. Run the `az spring connection create` command, as shown in the following example. Be sure to replace the variables in the example with actual values.

0 commit comments

Comments
 (0)