Azure Container Instance | Environment Variables from an Environment Variables File - azure

How can I create an Azure container instance and configure it with an environment variables file?
Something that'd be equivalent to Docker's --env-file flag for the run command. I couldn't find a way to do that but I'm new to both Azure and Docker.
So it'd look something like: az container create <...> --env-file myEnvFile where myEnvFile is stored somewhere on Azure so I could grab it, like how Docker can grab such a file locally.

You can find what you want here https://learn.microsoft.com/en-us/cli/azure/container?view=azure-cli-latest#az-container-create
i.e.
az container create -g MyResourceGroup --name myapp --image myimage:latest --environment-variables key1=value1 key2=value2
Apologies, realised you want it from a file, if running in a script can you not have the file set local environment variables or parse the file to set them and then run the command above?

I'm really sure there is no parameter to set the environment variables of the Azure container instance from a file only through one command.
You can take a look at the parameter --environment-variables in the command az container create:
A list of environment variables for the container. Space-separated
values in 'key=value' format.
It requires the value of a list. So you can read from the file to create a list and then use the list as the value of the parameter --environment-variables in the create command.

As far as I'm aware, from answers and my research, this is currently not supported.

Related

Nextjs App reading configuration from Azure App Service

We have a nextjs project which is build by docker and deploy into Azure App Service (container). We also setup configuration values within App Service and try to access it, however its not working as expected.
Few things we tried
Restarting the App Service after adding new configuration
removing .env file while building the docker image
including .env file while building the docker image
Here's how we read try to read the environment variables within the App Service
const env = process.env.NEXT_PUBLIC_ENV;
const A = process.env.NEXT_PUBLIC_AS_VALUE;
Wondering if this can actually be done?
Just thinking something out loud below,
Since we're deploying the docker image within App Service's Container (Linux).. does that mean, the container can't pull the value from this environment variable?
Docker image already perform the npm run build, would that means the image is in static formed (build time). It will never ready from App Service configuration (runtime).
After a day or 2, I came up with an alternative solution by passing the environment values in Dockerfile while building my project.
TLDR
Pass your env values within dockerfile
Set all your env (dev, staging, prod, etc) var values in Pipeline variable.
Set a "settable" variable inside the Pipeline variable too, so you can set to build different environment while triggering your pipeline (eg, buildEnv)
Setup a bash script to perform variable text changing (eg, from firebaseApiKey to DEVfirebaseApiKey ) according to env received from buildEnv.
Use "replace token" task from Azure Pipeline to replace values inside Dockerfile
Build your docker image
Huaala~ now you get your environment specific build
Details
Within your Dockerfile you can place your env variable like this
RUN NEXT_PUBLIC_ENV=#{env}# \
NEXT_PUBLIC_FIREBASE_API_KEY=#{firebaseApiKey}# \
NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN=#{firebaseAuthDomain}# \
NEXT_PUBLIC_FIREBASE_PROJECT_ID=#{firebaseProjectId}# \
NEXT_PUBLIC_FIREBASE_STORAGE_BUCKET=#{firebaseStorageBucket}# \
NEXT_PUBLIC_FIREBASE_MESSAGING_SENDER_ID=#{firebaseMessagingSenderId}# \
NEXT_PUBLIC_FIREBASE_APP_ID=#{firebaseAppId}# \
NEXT_PUBLIC_FIREBASE_MEASUREMENT_ID=#{firebaseMeasurementId}# \
NEXT_PUBLIC_BASE_URL=#{baseURL}# \
npm run build
These values set (eg, baseURL, firebaseMeasurementId, etc) are only a placeholder, because we need to change them later with bash script according to the buildEnv we receive. (buildEnv is settable when you trigger a build)
Bash script sample as below. What it does is that it will look within your Dockerfile for the word env and change to DEVenv / UATenv / PRODenv based on what you're passing to buildEnv
#!/bin/bash
case $(buildENV) in
dev)
sed -i -e 's/env/DEVenv/g' ./Dockerfile
;;
uat)
sed -i -e 's/env/UATenv/g' ./Dockerfile
;;
prod)
sed -i -e 's/env/PROenvD/g' ./Dockerfile
;;
*)
echo -n "unknown"
;;
esac
When this is complete, your "environment specific" docker file is sort of created. Now we'll make use of the "replace token" task from Azure Pipeline to replace the values inside Dockerfile. **Make sure you have all your values setup in Pipeline Variable!
Lastly all you may build your docker image and deploy :)

Azure startup script is not executed

I've learned how to deploy .sh scripts to Azure with Azure CLI. But it seems like I have no clear understanding of how they work.
I'm creating the script that simply unarchives a .tgz archive in a current directory of Azure Web App, and then just deletes it. Quite simple:
New-Item ./startup.sh
Set-Content ./startup.sh '#!/bin/sh'
Add-Content ./startup.sh 'tar zxvf archive.tgz; rm-rf ./archive.tgz'
And then I deploy the script like this:
az webapp deploy --resource-group Group
--name Name
--src-path ./startup.sh
--target-path /home/site/wwwroot/startup.sh
--type=startup
Supposedly, it should appear in /home/site/wwwroot/, but for some reason it never does. No matter how I try. I thought it just gets executed and then deleted automatically (since I specified it as a startup script), but the archive is there, not unarchived at all.
My stack is .NET Core.
What am I doing wrong, and what's the right way to do what I need to do? Thank you.
I don't know if it makes sense, but I think the problem might be that you're using the target-path parameter while you should be using path instead.
From the documentation you cited, when describing the Azure CLI functionality, they state:
The CLI command uses the Kudu publish API to deploy the package and can be
fully customized.
The Kudu publish API reference indicates, when describing the different values for type and especially startup:
type=startup: Deploy a script that App Service automatically uses as the
startup script for your app. By default, the script is deployed to
D:\home\site\scripts\<name-of-source> for Windows and
home/site/wwwroot/startup.sh for Linux. The target path can be specified
with path.
Note the use of path:
The absolute path to deploy the artifact to. For example,
"/home/site/deployments/tools/driver.jar", "/home/site/scripts/helper.sh".
I never tested it, I am aware that the option is not described when taking about the az webapp deploy command itself, and it may be just an error in the documentation, but it may work:
az webapp deploy --resource-group Group
--name Name
--src-path ./startup.sh
--path /home/site/wwwroot/startup.sh
--type=startup
Note that the path you are providing is the default one; as a consequence, you could safely delete it if required:
az webapp deploy --resource-group Group
--name Name
--src-path ./startup.sh
--type=startup
Finally, try including some debug or echo commands in your script: perhaps the problem can be motivated for any permissions issue and having some traces in the logs could be helpful as well.

How to update environment variable for different value for each different users in docker container for container is runnig

First of all, if I need to talk about the situation I want to do, I have docker containers that I set up with the docker-compose.yml file. Inside this docker image, there are 2 more users ("user1" and "user2"), one of which is the "root" user. (I created them in Dockerfile, everything is fine so far). There is one enviroment variable defined for these users. (echo $env_val). I want this variable to have a separate value for each user and I want to manage this value dynamically. In other words, I want to manage the "environment" variable used in "docker-compose.yml" on a user basis.
version: '3'
services:
app1:
image: image1
enviromnet:
- env_val=34052 # this value default 34034 but for user1 value is assing 34052
entrypoint: /bin/sh/ start_container.sh
app2:
image: image1
enviromnet:
- env_val=34028 # this value default 34028 but for user2 value is assing 34028
entrypoint: /bin/sh/ start_container.sh
My docker-compose.yml file is like this. The env_val variable here is assigned the value I specified only for the root user. But I want the value I gave to be assigned only for the user I selected in the image. I didn't see any solution for this. Do you have any advice for me to meet this need?
Note: I tried these solution
I was able to assign the value I wanted to this enviroment with a script I wrote, but then when I logged into this container with docker exec -it container_name bash and logged in with the user I chose su - user1, I could not see the value I assigned. Default value was set.
My command: docker exec -u 0 container_name /bin/bash -c "su - user1; source ~/.bash_profile; export env_val=34052"
Setting environment variable for docker container at runtime
This solution decides on the relevant environemt during the image creation phase. In my case, I want to change the value of this variable when the image files are created, while running the image.
Docker different environment variables for the same service
thank you in advance for your help :)
Even though it's not a solution that suits me, I found a way. I wrote a new script. This script takes the value of the environmet variable that I will change as a parameter. I'm sending this command to the docker container standing on the host machine.
#!/bin/bash
docker exec -u 0 container_name /bin/bash -c "echo export env_val=$1 >> /home/user1/.bash_profile; su - user1; source ~/.bash_profile; <run_another_command>"
This command appends the command I need to the end of the .bash_profile of the user I want inside the running container. It also logs in with the user I want and sources the .bash_profile file. Afterwards, I can start the application that I will run in the configuration I want.
Thus, when I log in with this user, the configuration I want is done. Finally, when I stop or delete the container, my image is not affected by this change.

Setting EC2 Environment Variables with CodeDeploy, Parameter Store and PM2

I am deploying a Node.js app to EC2 using CodeDeploy. I am storing credentials within AWS Systems Manager, Parameter Store however cannot find a method to expose these to my application.
I am using PM2 for process management. I can successfully retrieve the parameter from the Parameter Store on the target machine, so there are no permission issues. For example:
aws ssm get-parameters --region us-east-1 --names LOCAL_CACHE_PATH --with-decryption --query Parameters[0].Value`
...successfully returns the correct string. I attempt to use this in my applicationStart.sh CodeDeploy file and start the app:
#!/bin/bash
export LOCAL_CACHE_PATH=$(aws ssm get-parameters --region us-east-1 --names LOCAL_CACHE_PATH --with-decryption --query Parameters[0].Value)
pm2 start ecosystem.config.js --env production
LOCAL_CACHE_PATH returns undefined in my app when accessing process.env.LOCAL_CACHE_PATH.
So the environment variable is available within the applicationStart.sh script and yet undefined when the app starts from that script.
I am looking for a recommended approach to use environment variables from the Parameter Store with CodeDeploy.
I have read literally dozens of posts on similar topics but cannot resolve it. Very much appreciate any guidance.
The solution I am using is to write the environment variables to a .env file and use that in my app:
afterInstall.sh:
echo LOCAL_CACHE_PATH=$(aws ssm get-parameters --output text --region us-east-1 --names LOCAL_CACHE_PATH --with-decryption --query Parameters[0].Value) >> /home/ubuntu/foo/.env

Variable substitutions in docker-compose in Azure Docker Web app

I have a docker-compose file that contains a secret for my database.
port: 4466
managementApiSecret: ${DB_SECRET}
So I would like to use Docker-Compose's Variable Substitution (https://docs.docker.com/compose/compose-file/#variable-substitution) to be able to provide my secrets through an environment variable instead of my yaml file.
Is this at all possible using the "Application Settings" variables on my Azure Linux Docker Instance?
It doesn't seem to work for me, I've tried both ${VAR} and $VAR syntax and neither worked. I also tried with secrets that only contain alphanumerics and numbers.
Thanks in advance.
Frank
Environment variables that you need to start the container (for example: you want to include build number in container name) can be added to .env file in same directory as the docker-compose.yml file.
sample .env file:
DB_SECRET=foo
run: docker-compose config and verify that the variable has been substituted with the value you have in .env file
Also, I recommend using managementApiSecret:"${DB_SECRET}" (note the quotes around the variable) in your docker-compose.yml file
There might be azure specific way to share secrets but I didn't try that yet.
If you want to pass in environment variables that the container needs, then https://docs.docker.com/compose/compose-file/#env_file is what you want. Those environment vars will become part of environment inside docker container.

Resources