azure-blob 0.5.0 → 0.5.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 94edcaaaa7717925c1fb8238b9e7420949b26c98c90344cbf54930d5e0ff3b19
-  data.tar.gz: aae153da753212659590ed4a3ae029c86cf7ed66b4f924dac1a5f3a5ff3b2e05
+  metadata.gz: 72003b15ad78aeab66adc7aca2e6786ae2921ad1469cf94145e049705f52c33c
+  data.tar.gz: a77f87dff2f59a22476f0c5e490540a73166cf88dbf3616de8a15a87132aaa5f
 SHA512:
-  metadata.gz: 102c3d5fd08761199413e96bd8e4bae8a84ac5478d7bb1202e232fbff346703f7cb3b8f344553983b607dbacec56942452ce18aa0afc184a4c994d31dc94118c
-  data.tar.gz: 646636874dd381757595f82999dd0b7b5647a740512c8e2baf86bdc2045e579cdf78354a4690c746452280efb7ff92cbf9c49c95775ccbcf6a690eb0ae05131f
+  metadata.gz: 910c2d759b83d7b56168fd42a239ffb5da1b4aced25b8f39bc84a1beb63e736690a72586f64313d5fcebf7250808b27d15e23450e850635e24558891eed375ff
+  data.tar.gz: 2d4ecfb6e3e5318d8c6cb07569da7b83bccd49ee3a7d153d43c41e655474dcd43d7a73d28d68fb2baa4124326a1b41562275314348730250610420640c3dc3bd

data/CHANGELOG.md

@@ -1,5 +1,17 @@
 ## [Unreleased]
 
+
+## [0.5.2] 2024-09-12
+
+- Add get_container_properties
+- Add create_container
+- Add delete_container
+- Support for Azure China, US Gov and Germany
+
+## [0.5.1] 2024-09-09
+
+- Remove dev files from the release
+
 ## [0.5.0] 2024-09-09
 
 - Added support for Managed Identities (Entra ID)

data/README.md

@@ -1,6 +1,8 @@
 # AzureBlob
 
-This gem was built to replace azure-storage-blob (deprecated) in Active Storage, but was written to be Rails agnostic.
+Azure Blob client and Active Storage adapter to replace the now abandoned azure-storage-blob
+
+An Active Storage is supplied, but the gem is Rails agnostic and can be used in any Ruby project.
 
 ## Active Storage
 
@@ -12,6 +14,16 @@ To migrate from azure-storage-blob to azure-blob:
 3. Change the `AzureStorage` service to `AzureBlob`  in your Active Storage config (`config/storage.yml`)
 4. Restart or deploy the app.
 
+Example config:
+
+```
+microsoft:
+  service: AzureBlob
+  storage_account_name: account_name
+  storage_access_key: SECRET_KEY
+  container: container_name
+```
+
 ### Managed Identity (Entra ID)
 
 AzureBlob supports managed identities on :
@@ -22,9 +34,7 @@ AzureBlob supports managed identities on :
 
 AKS support will likely require more work. Contributions are welcome.
 
-To authenticate through managed identities instead of a shared key, omit `storage_access_key` from your `storage.yml` file.
-
-It is recommended to add the identity's `principal_id` to the config.
+To authenticate through managed identities instead of a shared key, omit `storage_access_key` from your `storage.yml` file and pass in the identity `principal_id`.
 
 ActiveStorage config example:
 
@@ -79,11 +89,12 @@ A dev environment is supplied through Nix with [devenv](https://devenv.sh/).
 
 To test with Entra ID, the `AZURE_ACCESS_KEY` environment variable must be unset and the code must be ran or proxied through a VPS with the proper roles.
 
-For cost saving, the terraform variable `create_vm` is false by default.
-To create the VPS, Create a var file `var.tfvars` containing:
+For cost saving, the terraform variable `create_vm` and `create_app_service` are false by default.
+To create the VPS and App service, Create a var file `var.tfvars` containing:
 
 ```
 create_vm = true
+create_app_service = true
 ```
 and re-apply terraform: `terraform apply -var-file=var.tfvars`.
 

data/lib/azure_blob/blob.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 module AzureBlob
-  # AzureBlob::Blob holds the metada for a given Blob.
+  # AzureBlob::Blob holds the metadata for a given Blob.
   class Blob
     # You should not instanciate this object directly,
     # but obtain one when calling relevant methods of AzureBlob::Client.
@@ -32,7 +32,7 @@ module AzureBlob
       response.code == "200"
     end
 
-    # Returns the custom Azure metada tagged on the blob.
+    # Returns the custom Azure metadata tagged on the blob.
     def metadata
       @metadata || response
         .to_hash

data/lib/azure_blob/client.rb

@@ -3,6 +3,7 @@
 require_relative "block_list"
 require_relative "blob_list"
 require_relative "blob"
+require_relative "container"
 require_relative "http"
 require_relative "shared_key_signer"
 require_relative "entra_id_signer"
@@ -13,13 +14,22 @@ module AzureBlob
   # AzureBlob Client class. You interact with the Azure Blob api
   # through an instance of this class.
   class Client
-    def initialize(account_name:, access_key:, container:, **options)
+    def initialize(account_name:, access_key: nil, principal_id: nil, container:, **options)
       @account_name = account_name
       @container = container
+      @cloud_regions = options[:cloud_regions]&.to_sym || :global
 
-      @signer = !access_key.nil? && !access_key.empty?  ?
-        AzureBlob::SharedKeySigner.new(account_name:, access_key:) :
-        AzureBlob::EntraIdSigner.new(account_name:, **options.slice(:principal_id))
+      no_access_key = access_key.nil? || access_key&.empty?
+      using_managed_identities = no_access_key && !principal_id.nil? || options[:use_managed_identities]
+
+      if !using_managed_identities && no_access_key
+        raise AzureBlob::Error.new(
+          "`access_key` cannot be empty. To use managed identities instead, pass a `principal_id` or set `use_managed_identities` to true."
+        )
+      end
+      @signer = using_managed_identities ?
+        AzureBlob::EntraIdSigner.new(account_name:, host:, principal_id: ) :
+        AzureBlob::SharedKeySigner.new(account_name:, access_key:)
     end
 
     # Create a blob of type block. Will automatically split the the blob in multiple block and send the blob in pieces (blocks) if the blob is too big.
@@ -138,7 +148,7 @@ module AzureBlob
     #
     # Calls to {Get Blob Properties}[https://learn.microsoft.com/en-us/rest/api/storageservices/get-blob-properties]
     #
-    # This can be used to see if the blob exist or obtain metada such as content type, disposition, checksum or Azure custom metadata.
+    # This can be used to see if the blob exist or obtain metadata such as content type, disposition, checksum or Azure custom metadata.
     def get_blob_properties(key, options = {})
       uri = generate_uri("#{container}/#{key}")
 
@@ -147,6 +157,37 @@ module AzureBlob
       Blob.new(response)
     end
 
+    # Returns a Container object.
+    #
+    # Calls to {Get Container Properties}[https://learn.microsoft.com/en-us/rest/api/storageservices/get-container-properties]
+    #
+    # This can be used to see if the container exist or obtain metadata.
+    def get_container_properties(options = {})
+      uri = generate_uri(container)
+      uri.query = URI.encode_www_form(restype: "container")
+      response = Http.new(uri, signer:, raise_on_error: false).head
+
+      Container.new(response)
+    end
+
+    # Create the container
+    #
+    # Calls to {Create Container}[https://learn.microsoft.com/en-us/rest/api/storageservices/create-container]
+    def create_container(options = {})
+      uri = generate_uri(container)
+      uri.query = URI.encode_www_form(restype: "container")
+      response = Http.new(uri, signer:).put
+    end
+
+    # Delete the container
+    #
+    # Calls to {Delete Container}[https://learn.microsoft.com/en-us/rest/api/storageservices/delete-container]
+    def delete_container(options = {})
+      uri = generate_uri(container)
+      uri.query = URI.encode_www_form(restype: "container")
+      response = Http.new(uri, signer:).delete
+    end
+
     # Return a URI object to a resource in the container. Takes a path.
     #
     # Example: +generate_uri("#{container}/#{key}")+
@@ -299,10 +340,10 @@ module AzureBlob
       Http.new(uri, headers, metadata: options[:metadata], signer:).put(content.read)
     end
 
-    attr_reader :account_name, :signer, :container, :http
-
     def host
-      "https://#{account_name}.blob.core.windows.net"
+      @host ||= "https://#{account_name}.blob.#{CLOUD_REGIONS_SUFFIX[cloud_regions]}"
     end
+
+    attr_reader :account_name, :signer, :container, :http, :cloud_regions
   end
 end

data/lib/azure_blob/const.rb

@@ -2,7 +2,13 @@
 
 module AzureBlob
   API_VERSION = "2024-05-04"
-  MAX_UPLOAD_SIZE = 256 * 1024 * 1024
-  DEFAULT_BLOCK_SIZE = 128 * 1024 * 1024
+  MAX_UPLOAD_SIZE = 256 * 1024 * 1024 # 256 Megabytes
+  DEFAULT_BLOCK_SIZE = 128 * 1024 * 1024 # 128 Megabytes
   BLOB_SERVICE = "b"
+  CLOUD_REGIONS_SUFFIX = {
+    global: "core.windows.net",
+    cn: "core.chinacloudapi.cn",
+    de: "core.cloudapi.de",
+    usgovt: "core.usgovcloudapi.net",
+  }
 end

data/lib/azure_blob/container.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+module AzureBlob
+  # AzureBlob::Container holds the metadata for a given Container.
+  class Container
+    # You should not instanciate this object directly,
+    # but obtain one when calling relevant methods of AzureBlob::Client.
+    #
+    # Expects a Net::HTTPResponse object from a
+    # HEAD or GET request to a container uri.
+    def initialize(response)
+      @response = response
+    end
+
+
+    def present?
+      response.code == "200"
+    end
+
+    # Returns the custom Azure metadata tagged on the container.
+    def metadata
+      @metadata || response
+        .to_hash
+        .select { |key, _| key.start_with?("x-ms-meta") }
+        .transform_values(&:first)
+        .transform_keys { |key| key.delete_prefix("x-ms-meta-").to_sym }
+    end
+
+    private
+
+    attr_reader :response
+  end
+end

data/lib/azure_blob/entra_id_signer.rb

@@ -12,10 +12,12 @@ module AzureBlob
   class EntraIdSigner # :nodoc:
     attr_reader :token
     attr_reader :account_name
+    attr_reader :host
 
-    def initialize(account_name:, principal_id: nil)
+    def initialize(account_name:, host:, principal_id: nil)
       @token = AzureBlob::IdentityToken.new(principal_id:)
       @account_name = account_name
+      @host = host
     end
 
     def authorization_header(uri:, verb:, headers: {})

data/lib/azure_blob/http.rb

@@ -12,7 +12,10 @@ module AzureBlob
       def initialize(body: nil, status: nil)
         @body = body
         @status = status
-        super(body)
+      end
+
+      def inspect
+        @body
       end
     end
     class FileNotFoundError < Error; end
@@ -21,7 +24,8 @@ module AzureBlob
 
     include REXML
 
-    def initialize(uri, headers = {}, signer: nil, metadata: {}, debug: false)
+    def initialize(uri, headers = {}, signer: nil, metadata: {}, debug: false, raise_on_error: true)
+      @raise_on_error = raise_on_error
       @date = Time.now.httpdate
       @uri = uri
       @signer = signer
@@ -42,7 +46,7 @@ module AzureBlob
       response.body
     end
 
-    def put(content)
+    def put(content = "")
       sign_request("PUT") if signer
       @response = http.start do |http|
         http.put(uri, content, headers)
@@ -51,7 +55,7 @@ module AzureBlob
       true
     end
 
-    def post(content)
+    def post(content = "")
       sign_request("POST") if signer
       @response = http.start do |http|
         http.post(uri, content, headers)
@@ -107,6 +111,7 @@ module AzureBlob
     end
 
     def raise_error
+      return unless raise_on_error
       raise error_from_response.new(body: @response.body, status: @response.code&.to_i)
     end
 
@@ -115,13 +120,13 @@ module AzureBlob
     end
 
     def azure_error_code
-      Document.new(response.body).get_elements("//Error/Code").first.get_text.to_s
+      Document.new(response.body).get_elements("//Error/Code").first.get_text.to_s if response.body
     end
 
     def error_from_response
       ERROR_MAPPINGS[status] || ERROR_CODE_MAPPINGS[azure_error_code] || Error
     end
 
-    attr_accessor :host, :http, :signer, :response, :headers, :uri, :date
+    attr_accessor :host, :http, :signer, :response, :headers, :uri, :date, :raise_on_error
   end
 end

data/lib/azure_blob/user_delegation_key.rb

@@ -6,7 +6,7 @@ module AzureBlob
     EXPIRATION_BUFFER = 3600 # 1 hours
     def initialize(account_name:, signer:)
       @uri = URI.parse(
-        "https://#{account_name}.blob.core.windows.net/?restype=service&comp=userdelegationkey"
+        "#{signer.host}/?restype=service&comp=userdelegationkey"
       )
 
       @signer = signer

data/lib/azure_blob/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module AzureBlob
-  VERSION = "0.5.0"
+  VERSION = "0.5.2"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: azure-blob
 version: !ruby/object:Gem::Version
-  version: 0.5.0
+  version: 0.5.2
 platform: ruby
 authors:
 - Joé Dupuis
@@ -31,20 +31,10 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".envrc"
-- ".rubocop.yml"
-- ".standard.yml"
-- ".terraform.lock.hcl"
 - CHANGELOG.md
 - LICENSE.txt
 - README.md
 - Rakefile
-- azure-blob.gemspec
-- devenv.local.nix.example
-- devenv.lock
-- devenv.nix
-- devenv.yaml
-- input.tf
 - lib/active_storage/service/azure_blob_service.rb
 - lib/azure_blob.rb
 - lib/azure_blob/blob.rb
@@ -54,6 +44,7 @@ files:
 - lib/azure_blob/canonicalized_resource.rb
 - lib/azure_blob/client.rb
 - lib/azure_blob/const.rb
+- lib/azure_blob/container.rb
 - lib/azure_blob/entra_id_signer.rb
 - lib/azure_blob/errors.rb
 - lib/azure_blob/http.rb
@@ -62,8 +53,6 @@ files:
 - lib/azure_blob/shared_key_signer.rb
 - lib/azure_blob/user_delegation_key.rb
 - lib/azure_blob/version.rb
-- main.tf
-- output.tf
 homepage: https://github.com/testdouble/azure-blob
 licenses:
 - MIT
@@ -90,5 +79,5 @@ requirements: []
 rubygems_version: 3.3.27
 signing_key:
 specification_version: 4
-summary: Azure blob client
+summary: Azure Blob client and Active Storage adapter
 test_files: []

data/.envrc

@@ -1,3 +0,0 @@
-source_url "https://raw.githubusercontent.com/cachix/devenv/d1f7b48e35e6dee421cfd0f51481d17f77586997/direnvrc" "sha256-YBzqskFZxmNb3kYVoKD9ZixoPXJh1C9ZvTLGFRkauZ0="
-
-use devenv

data/.rubocop.yml

@@ -1,25 +0,0 @@
-AllCops:
-  TargetRubyVersion: 3.1
-
-# Omakase Ruby styling for Rails
-inherit_gem: { rubocop-rails-omakase: rubocop.yml }
-
-# Overwrite or add rules to create your own house style
-#
-# # Use `[a, [b, c]]` not `[ a, [ b, c ] ]`
-# Layout/SpaceInsideArrayLiteralBrackets:
-#   Enabled: false
-
-Style/TrailingCommaInArrayLiteral:
-  Enabled: true
-  EnforcedStyleForMultiline: consistent_comma
-
-Style/TrailingCommaInHashLiteral:
-  Enabled: true
-  EnforcedStyleForMultiline: consistent_comma
-
-
-Rails/AssertNot:
-  Enabled: false
-Rails/RefuteMethods:
-  Enabled: false

data/.standard.yml

@@ -1,3 +0,0 @@
-# For available configuration options, see:
-#   https://github.com/standardrb/standard
-ruby_version: 3.1

data/.terraform.lock.hcl

@@ -1,22 +0,0 @@
-# This file is maintained automatically by "terraform init".
-# Manual edits may be lost in future updates.
-
-provider "registry.terraform.io/hashicorp/azurerm" {
-  version     = "3.113.0"
-  constraints = "~> 3.0"
-  hashes = [
-    "h1:eEUtt0lrLdpVaF6FiDq8BGQPgEcykmhj0aNIL7hTOGw=",
-    "zh:12479f5664288943400447b55e50df675c28ae82ad8d373cc2e5682f3a3411f0",
-    "zh:1b42a14e80e568429d3b55fed753ca3ef0df9dcdfa107890d7264599c020940f",
-    "zh:381be6ca617f848de3baa3985a6e1788e91a803afe04a3c5c727453528b6310d",
-    "zh:3e70e2e07b6db1c363de3e5d0ca47f27fc956473df03329c7d2e54d3ac29176b",
-    "zh:87c7633aeaa828098c6055da9e67d4acaf4b46748b6b3f0267e105e55f05de25",
-    "zh:8d0d98226901f874770dd5220d4701a12ae8bd586994615aa7dcba12b9736bec",
-    "zh:9fd913acd42a60c3a90a18ce803567ef861db8779a59aacced91f2cbd86de9d9",
-    "zh:b6f3f7ae0a055437fb36c139af9bb3135e7f4dad172157ae1eb0177dc74d703f",
-    "zh:b927027ba2bf40d34e03d742fd2b6c5299023b5ab8e6f05e50aac76a46ad1094",
-    "zh:ceb5187b9d2a439f4e48944f3ffeeeaf47a03dbe6f3325ea1775bf659ce0aa88",
-    "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
-    "zh:fb9d78dfeca7489bffca9b1a1f3abee7f16dbbcba31388aea1102062c1d6dce8",
-  ]
-}

data/azure-blob.gemspec

@@ -1,34 +0,0 @@
-# frozen_string_literal: true
-
-require_relative "lib/azure_blob/version"
-
-Gem::Specification.new do |spec|
-  spec.name = "azure-blob"
-  spec.version = AzureBlob::VERSION
-  spec.authors = [ "Joé Dupuis" ]
-  spec.email = [ "joe@dupuis.io" ]
-
-  spec.summary = "Azure blob client"
-  spec.homepage = "https://github.com/testdouble/azure-blob"
-  spec.license = "MIT"
-  spec.required_ruby_version = ">= 3.1"
-
-  spec.metadata["rubygems_mfa_required"] = "true"
-  spec.metadata["homepage_uri"] = spec.homepage
-  spec.metadata["source_code_uri"] = spec.homepage
-  spec.metadata["changelog_uri"] = "https://github.com/testdouble/azure-blob/blob/main/CHANGELOG.md"
-
-  spec.add_dependency "rexml"
-
-  # Specify which files should be added to the gem when it is released.
-  # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
-  spec.files = Dir.chdir(__dir__) do
-    `git ls-files -z`.split("\x0").reject do |f|
-      (File.expand_path(f) == __FILE__) ||
-        f.start_with?(*%w[bin/ test/ spec/ features/ .git .github appveyor Gemfile])
-    end
-  end
-  spec.bindir = "exe"
-  spec.executables = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
-  spec.require_paths = [ "lib" ]
-end

data/devenv.local.nix.example

@@ -1,8 +0,0 @@
-{pkgs, lib, ...}:{
-  env = {
-    AZURE_ACCOUNT_NAME = "";
-    AZURE_ACCESS_KEY = "";
-    AZURE_PRIVATE_CONTAINER = "";
-    AZURE_PUBLIC_CONTAINER = "";
-  };
-}

data/devenv.lock

@@ -1,242 +0,0 @@
-{
-  "nodes": {
-    "devenv": {
-      "locked": {
-        "dir": "src/modules",
-        "lastModified": 1715593316,
-        "narHash": "sha256-S7XatU9uV3q9bVBcg/ER0VMQcnPZprrVlN209ne7LDw=",
-        "owner": "cachix",
-        "repo": "devenv",
-        "rev": "725c90407ef53cc2a1b53701c6d2d0745cf2484f",
-        "type": "github"
-      },
-      "original": {
-        "dir": "src/modules",
-        "owner": "cachix",
-        "repo": "devenv",
-        "type": "github"
-      }
-    },
-    "flake-compat": {
-      "flake": false,
-      "locked": {
-        "lastModified": 1696426674,
-        "owner": "edolstra",
-        "repo": "flake-compat",
-        "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
-        "treeHash": "2addb7b71a20a25ea74feeaf5c2f6a6b30898ecb",
-        "type": "github"
-      },
-      "original": {
-        "owner": "edolstra",
-        "repo": "flake-compat",
-        "type": "github"
-      }
-    },
-    "flake-compat_2": {
-      "flake": false,
-      "locked": {
-        "lastModified": 1696426674,
-        "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
-        "owner": "edolstra",
-        "repo": "flake-compat",
-        "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
-        "type": "github"
-      },
-      "original": {
-        "owner": "edolstra",
-        "repo": "flake-compat",
-        "type": "github"
-      }
-    },
-    "flake-utils": {
-      "inputs": {
-        "systems": "systems"
-      },
-      "locked": {
-        "lastModified": 1710146030,
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
-        "treeHash": "bd263f021e345cb4a39d80c126ab650bebc3c10c",
-        "type": "github"
-      },
-      "original": {
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "type": "github"
-      }
-    },
-    "flake-utils_2": {
-      "inputs": {
-        "systems": "systems_2"
-      },
-      "locked": {
-        "lastModified": 1710146030,
-        "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
-        "type": "github"
-      },
-      "original": {
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "type": "github"
-      }
-    },
-    "gitignore": {
-      "inputs": {
-        "nixpkgs": [
-          "pre-commit-hooks",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1709087332,
-        "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
-        "owner": "hercules-ci",
-        "repo": "gitignore.nix",
-        "rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
-        "type": "github"
-      },
-      "original": {
-        "owner": "hercules-ci",
-        "repo": "gitignore.nix",
-        "type": "github"
-      }
-    },
-    "nixpkgs": {
-      "locked": {
-        "lastModified": 1725001927,
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "6e99f2a27d600612004fbd2c3282d614bfee6421",
-        "treeHash": "1e85443cc9f0ba302df2cf61cacb8014943e2d19",
-        "type": "github"
-      },
-      "original": {
-        "owner": "NixOS",
-        "ref": "nixos-24.05",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
-    "nixpkgs-ruby": {
-      "inputs": {
-        "flake-compat": "flake-compat",
-        "flake-utils": "flake-utils",
-        "nixpkgs": "nixpkgs_2"
-      },
-      "locked": {
-        "lastModified": 1724737223,
-        "owner": "bobvanderlinden",
-        "repo": "nixpkgs-ruby",
-        "rev": "175b5867babcbc471b94be9fd5576f2973bbdb6d",
-        "treeHash": "2fe3404ac0eeb7bcb7ac7b5f5f8b9b6a7e460147",
-        "type": "github"
-      },
-      "original": {
-        "owner": "bobvanderlinden",
-        "repo": "nixpkgs-ruby",
-        "type": "github"
-      }
-    },
-    "nixpkgs-stable": {
-      "locked": {
-        "lastModified": 1710695816,
-        "narHash": "sha256-3Eh7fhEID17pv9ZxrPwCLfqXnYP006RKzSs0JptsN84=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "614b4613980a522ba49f0d194531beddbb7220d3",
-        "type": "github"
-      },
-      "original": {
-        "owner": "NixOS",
-        "ref": "nixos-23.11",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
-    "nixpkgs_2": {
-      "locked": {
-        "lastModified": 1725001927,
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "6e99f2a27d600612004fbd2c3282d614bfee6421",
-        "treeHash": "1e85443cc9f0ba302df2cf61cacb8014943e2d19",
-        "type": "github"
-      },
-      "original": {
-        "owner": "NixOS",
-        "ref": "nixos-24.05",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
-    "pre-commit-hooks": {
-      "inputs": {
-        "flake-compat": "flake-compat_2",
-        "flake-utils": "flake-utils_2",
-        "gitignore": "gitignore",
-        "nixpkgs": [
-          "nixpkgs"
-        ],
-        "nixpkgs-stable": "nixpkgs-stable"
-      },
-      "locked": {
-        "lastModified": 1715609711,
-        "narHash": "sha256-/5u29K0c+4jyQ8x7dUIEUWlz2BoTSZWUP2quPwFCE7M=",
-        "owner": "cachix",
-        "repo": "pre-commit-hooks.nix",
-        "rev": "c182c876690380f8d3b9557c4609472ebfa1b141",
-        "type": "github"
-      },
-      "original": {
-        "owner": "cachix",
-        "repo": "pre-commit-hooks.nix",
-        "type": "github"
-      }
-    },
-    "root": {
-      "inputs": {
-        "devenv": "devenv",
-        "nixpkgs": "nixpkgs",
-        "nixpkgs-ruby": "nixpkgs-ruby",
-        "pre-commit-hooks": "pre-commit-hooks"
-      }
-    },
-    "systems": {
-      "locked": {
-        "lastModified": 1681028828,
-        "owner": "nix-systems",
-        "repo": "default",
-        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
-        "treeHash": "cce81f2a0f0743b2eb61bc2eb6c7adbe2f2c6beb",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-systems",
-        "repo": "default",
-        "type": "github"
-      }
-    },
-    "systems_2": {
-      "locked": {
-        "lastModified": 1681028828,
-        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
-        "owner": "nix-systems",
-        "repo": "default",
-        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-systems",
-        "repo": "default",
-        "type": "github"
-      }
-    }
-  },
-  "root": "root",
-  "version": 7
-}

data/devenv.nix

@@ -1,36 +0,0 @@
-{ pkgs, config, ... }:
-
-{
-  env = {
-    LD_LIBRARY_PATH = "${config.devenv.profile}/lib";
-  };
-
-  packages = with pkgs; [
-    git
-    libyaml
-    terraform
-    azure-cli
-    glib
-    vips
-    sshuttle
-    sshpass
-    rsync
-  ];
-
-  languages.ruby.enable = true;
-  languages.ruby.version = "3.1.6";
-
-  scripts.generate-env-file.exec = ''
-    terraform output -raw devenv_local_nix > devenv.local.nix
-  '';
-
-  scripts.proxy-vps.exec = ''
-    exec sshuttle -e "ssh -o CheckHostIP=no -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null" -r "$(terraform output --raw vm_username)@$(terraform output --raw vm_ip)" 0/0
-  '';
-
-  scripts.start-app-service-ssh.exec = ''
-      resource_group=$(terraform output --raw "resource_group")
-      app_name=$(terraform output --raw "app_service_app_name")
-      exec az webapp create-remote-connection --resource-group $resource_group --name $app_name
-  '';
-}

data/devenv.yaml

@@ -1,6 +0,0 @@
-allowUnfree: true
-inputs:
-  nixpkgs:
-    url: github:NixOS/nixpkgs/nixos-24.05
-  nixpkgs-ruby:
-    url: github:bobvanderlinden/nixpkgs-ruby

data/input.tf

@@ -1,44 +0,0 @@
-variable "location" {
-  type    = string
-  default = "westus2"
-}
-
-variable "prefix" {
-  type    = string
-  default = "azure-blob"
-}
-
-variable "storage_account_name" {
-  type    = string
-  default = "azureblobrubygemdev"
-}
-
-variable "create_vm" {
-  type    = bool
-  default = false
-}
-
-variable "vm_size" {
-  type    = string
-  default = "Standard_B2s"
-}
-
-variable "vm_username" {
-  type    = string
-  default = "azureblob"
-}
-
-variable "vm_password" {
-  type    = string
-  default = "qwe123QWE!@#"
-}
-
-variable "create_app_service" {
-  type    = bool
-  default = false
-}
-
-variable "ssh_key" {
-  type    = string
-  default = ""
-}

data/main.tf

@@ -1,187 +0,0 @@
-terraform {
-  required_providers {
-    azurerm = {
-      source  = "hashicorp/azurerm"
-      version = "~>3.0"
-    }
-  }
-}
-
-provider "azurerm" {
-  features {}
-}
-
-locals {
-  public_ssh_key = var.ssh_key != "" ? var.ssh_key : file("~/.ssh/id_rsa.pub")
-}
-
-resource "azurerm_resource_group" "main" {
-  name     = var.prefix
-  location = var.location
-  tags = {
-    source = "Terraform"
-  }
-}
-
-resource "azurerm_storage_account" "main" {
-  name                     = var.storage_account_name
-  resource_group_name      = azurerm_resource_group.main.name
-  location                 = azurerm_resource_group.main.location
-  account_tier             = "Standard"
-  account_replication_type = "LRS"
-
-  tags = {
-    source = "Terraform"
-  }
-}
-
-resource "azurerm_storage_container" "private" {
-  name                  = "private"
-  storage_account_name  = azurerm_storage_account.main.name
-  container_access_type = "private"
-}
-
-resource "azurerm_storage_container" "public" {
-  name                  = "public"
-  storage_account_name  = azurerm_storage_account.main.name
-  container_access_type = "blob"
-}
-
-resource "azurerm_virtual_network" "main" {
-  count               = var.create_vm ? 1 : 0
-  name                = "${var.prefix}-network"
-  address_space       = ["10.0.0.0/16"]
-  location            = azurerm_resource_group.main.location
-  resource_group_name = azurerm_resource_group.main.name
-
-  tags = {
-    source = "Terraform"
-  }
-}
-
-resource "azurerm_subnet" "main" {
-  count                = var.create_vm ? 1 : 0
-  name                 = "${var.prefix}-main"
-  resource_group_name  = azurerm_resource_group.main.name
-  virtual_network_name = azurerm_virtual_network.main[0].name
-  address_prefixes     = ["10.0.2.0/24"]
-}
-
-resource "azurerm_network_interface" "main" {
-  count               = var.create_vm ? 1 : 0
-  name                = "${var.prefix}-nic"
-  location            = azurerm_resource_group.main.location
-  resource_group_name = azurerm_resource_group.main.name
-
-  ip_configuration {
-    name                          = "${var.prefix}-ip-config"
-    subnet_id                     = azurerm_subnet.main[0].id
-    private_ip_address_allocation = "Dynamic"
-    public_ip_address_id          = azurerm_public_ip.main[0].id
-  }
-
-  tags = {
-    source = "Terraform"
-  }
-}
-
-resource "azurerm_public_ip" "main" {
-  count               = var.create_vm ? 1 : 0
-  name                = "${var.prefix}-public-ip"
-  resource_group_name = azurerm_resource_group.main.name
-  location            = azurerm_resource_group.main.location
-  allocation_method   = "Static"
-
-  tags = {
-    source = "Terraform"
-  }
-}
-
-resource "azurerm_user_assigned_identity" "vm" {
-  location            = azurerm_resource_group.main.location
-  name                = "${var.prefix}-vm"
-  resource_group_name = azurerm_resource_group.main.name
-}
-
-
-resource "azurerm_role_assignment" "vm" {
-  scope                = azurerm_storage_account.main.id
-  role_definition_name = "Storage Blob Data Contributor"
-  principal_id         = azurerm_user_assigned_identity.vm.principal_id
-}
-
-resource "azurerm_linux_virtual_machine" "main" {
-  count                           = var.create_vm ? 1 : 0
-  name                            = "${var.prefix}-vm"
-  computer_name                   = var.prefix
-  resource_group_name             = azurerm_resource_group.main.name
-  location                        = azurerm_resource_group.main.location
-  size                            = var.vm_size
-  admin_username                  = var.vm_username
-  admin_password                  = var.vm_password
-  disable_password_authentication = true
-  network_interface_ids           = [azurerm_network_interface.main[0].id]
-
-  identity {
-    type         = "UserAssigned"
-    identity_ids = [azurerm_user_assigned_identity.vm.id]
-  }
-
-  admin_ssh_key {
-    username   = var.vm_username
-    public_key = local.public_ssh_key
-  }
-
-  source_image_reference {
-    publisher = "Canonical"
-    offer     = "0001-com-ubuntu-server-jammy"
-    sku       = "22_04-lts"
-    version   = "latest"
-  }
-
-  os_disk {
-    caching              = "ReadWrite"
-    storage_account_type = "Standard_LRS"
-  }
-
-  tags = {
-    source = "Terraform"
-  }
-}
-
-resource "azurerm_service_plan" "main" {
-  count               = var.create_app_service ? 1 : 0
-  name                = "${var.prefix}-appserviceplan"
-  resource_group_name = azurerm_resource_group.main.name
-  location            = azurerm_resource_group.main.location
-  os_type             = "Linux"
-  sku_name            = "B1"
-}
-
-resource "azurerm_linux_web_app" "main" {
-  count               = var.create_app_service ? 1 : 0
-  name                = "${var.prefix}-app"
-  service_plan_id     = azurerm_service_plan.main[0].id
-  resource_group_name = azurerm_resource_group.main.name
-  location            = azurerm_resource_group.main.location
-
-  identity {
-    type         = "UserAssigned"
-    identity_ids = [azurerm_user_assigned_identity.vm.id]
-  }
-
-  site_config {
-    application_stack {
-      node_version = "20-lts"
-    }
-  }
-}
-
-resource "azurerm_app_service_source_control" "main" {
-  count                  = var.create_app_service ? 1 : 0
-  app_id                 = azurerm_linux_web_app.main[0].id
-  repo_url               = "https://github.com/Azure-Samples/nodejs-docs-hello-world"
-  branch                 = "master"
-  use_manual_integration = true
-  use_mercurial          = false
-}

data/output.tf

@@ -1,30 +0,0 @@
-output "devenv_local_nix" {
-  sensitive = true
-  value     = <<EOT
-{pkgs, lib, ...}:{
-  env = {
-    AZURE_ACCOUNT_NAME = "${azurerm_storage_account.main.name}";
-    AZURE_ACCESS_KEY = "${azurerm_storage_account.main.primary_access_key}";
-    AZURE_PRIVATE_CONTAINER = "${azurerm_storage_container.private.name}";
-    AZURE_PUBLIC_CONTAINER = "${azurerm_storage_container.public.name}";
-    AZURE_PRINCIPAL_ID = "${azurerm_user_assigned_identity.vm.principal_id}";
-  };
-}
-EOT
-}
-
-output "vm_ip" {
-  value = var.create_vm ? azurerm_public_ip.main[0].ip_address : ""
-}
-
-output "vm_username" {
-  value = var.vm_username
-}
-
-output "app_service_app_name" {
-  value = var.create_app_service ? azurerm_linux_web_app.main[0].name : ""
-}
-
-output "resource_group" {
-  value = azurerm_resource_group.main.name
-}