Access your Azure AD Object ID in Terraform

I ran into an issue today trying to use the azurerm provider in Terraform. I needed to create a Key Vault, then add myself as an access policy so that in the same .tf I could add a certificate. Once I saw a similarly frustrated user on Serverfault, I decided to figure this out.

What I came up with was a powershell script that used the az cli to get the current user's object id.

Here is a demo of the solution, also posted as my answer:

There is a way to do this using the Azure CLI. Here is a demo:

scripts/getuser.ps1:

$t = az ad signed-in-user show
$t = "$t"
$j = ConvertFrom-Json $t
Write-Output "{`"object_id`":`"$($j.objectId)`"}"

main.ts:

provider "azurerm" {
  subscription_id = var.subscription_id
}

data "external" "user" {
  program = ["powershell.exe", "${path.module}/scripts/getuser.ps1"]
}

output "object_id" {
    value = data.external.user.result.object_id
}

Keep in mind az ad signed-in-user is fairly new so make sure everything is up to date.

Resources:

https://docs.microsoft.com/en-us/cli/azure/ad/signed-in-user?view=azure-cli-latest
https://www.terraform.io/docs/providers/external/data_source.html

Convert repository files to UTF8

I recently had to convert a repository from Windows-1252 to UTF-8. The encoding was causing our web pages not to render characters outside of the 1252 set incorrectly. So, I wrote a script to do this!

What it does: It accepts a path -Path and recursively searches for all files under that path. It then checks to see if that file is ignored in the .gitignore. If not, it moves on to checking if it's ascii. If it passes that test, it will grab the contents and write them as UTF-8.

EDIT: I now filter for designer and resx files. For my purpose, these couldn't get converted because of some special characters.

Feel free to use and offer any feedback about it.

Parameters

-Path

Directory to start recursive search. This directory is assumed valid and a git repository.

-ShowIgnored

A switch to output reasons why a file was skipped.

Here's the gist:

Azure DNS Zone Powershell Scripts

I made some Azure DNS Powershell scripts! Why? Because I had to migrate hundreds of records from one DNS provider to Azure. The previous DNS provider allowed duplicate CNAME vs A/TXT/MX records. It was a MESS. I wanted a way to import, test, and clear records repeatedly so that I could validate that no DNS settings would change on migration.

The README on the repo has more information. Feel free to reach out with questions.

Link: AzureDnsTools

Cronos - ASP.NET Core Application

Cronos - ASP.NET Core Application

I wrote an asp.net core application. It's live at https://cronos.frenetik.io. It is an app that helps you create a chronological playlist based on an artist for Spotify. The source is up at https://github.com/mikeruhl/cronos. I won't go into much detail here since the readme covers a lot on github.

Just some backstory: A friend had posted a request on facebook that Spotify should offer this ability. I figured it would be a fun project so I started working on it in spare time. 1 month later, I had a working application. The process went very smooth due to a library I found at https://github.com/dotnetfan/FluentSpotifyApi. It's very well written and I really appreciate the work that went into it. I had started futzing around with a proof of concept using RestSharp when I figured someone else had already done the dirty work. Sure enough, this great library fell into my lap after a quick google search.

You'll see from the source, I put some boilerplate session handling in CronosBaseController.cs. I liked the way that turned out, even though I didn't use it for any other controllers. I'm getting into the habit of hiding code that won't change and is on a different scope from the rest. I found it easier to work in HomeController.cs without that session code.

The code could use some refactoring. It also needs tests. I released it in a beta sense, and based on the fanfare (avg 1 user per day) I can guess it's not going to get much use. So I'll leave it where it stands and move on to the next project.

Exceptions in Web API

Reference Repository

I was recently asked a technical question about Exception handling in Web API that I didn't have much knowledge in. This is in regards to the wonderful world of Exception Handlers. These beauties are global handlers for your Web API project that can/will/should handle your exceptions globally for you. The application of these is to not only write more predictable code, but it heavily reinforces the DRY principle. I can't tell you how many times I've written the same return UnAuthorized() or return BadRequest() for several routes just to have to later come back through and refactor them all. By global implementing custom (or included) exceptions, we can get consistent behavior from the application via the exception handler that would normally be left up to the controller.

There are grandients leading up to an exception handler too. There are attribute filters where you can specify exception handling down to the controller or method (depending upon which you decorate). There is also exception logging that can be implemented. I explore all these options in the github respository linked above.

You may notice that the global exception handler gets called for all of the thrown exceptions. Awesome detective work! While it is global to the app, I've coded it to filter based on level 4 exceptions to show an example of gracefully handling the exception.

Final note: By globally logging and handling your exceptions, you're giving better usability to the caller along with better visibility to your developer. I am foaming at the mount at implementing an Exception Logger that shoots that exception over to ElasticSearch. This would be a great way to mock Application Insights: gaining telemetry data on the fly.

This code is provided as-is and is in no way intended for a production environment. It was written for readability and simplicity and does not implement any security checks. Simplicity was favored over design patterns and principles. So use at your own risk!

More information is available in the readme.md file in the repository linked above.