Skip to content

mfdotnetmicroservices/play.trading

BranchesTags

Repository files navigation

Play Trading

Play Economy Trading microservice

Build the docker image

windows (powershell)

$version="1.0.2"
$owner="mfdotnetmicroservices"
$gh_pat="[PAT HERE]"
$acrname="playeconomyacr"
docker build --secret id=GH_OWNER --secret id=GH_PAT -t "$acrname.azurecr.io/play.trading:$version" .

macOS (bash)

version="1.0.2"
export GH_OWNER="mfdotnetmicroservices"
export GH_PAT="[PAT HERE]"
acrname="playeconomyacr"
docker build --secret id=GH_OWNER --secret id=GH_PAT -t "$acrname.azurecr.io/play.trading:$version" .

Run the docker image

windows (powershell)

$version="1.0.2"
$cosmosDbConnString="[CONN STRING HERE]"
$serviceBusConnString="[CONN STRING HERE]"
docker run -it --rm -p 5006:5006 --name trading -e MongoDbSettings__ConnectionString=$cosmosDbConnString -e ServiceBusSettings__ConnectionString=$serviceBusConnString -e ServiceSettings__MessageBroker="SERVICEBUS" play.trading:$version

Run the docker image

macOS (bash)

version="1.0.2"
cosmosDbConnString="[CONN STRING HERE]"
serviceBusConnString="[CONN STRING HERE]"
docker run -it --rm -p 5006:5006 --name trading -e MongoDbSettings__ConnectionString=$cosmosDbConnString -e ServiceBusSettings__ConnectionString=$serviceBusConnString -e ServiceSettings__MessageBroker="SERVICEBUS" play.trading:$version

Publishing the Docker image

For PC

$acrname="playeconomyacr"
az acr login --name $acrname
docker push "$acrname.azurecr.io/play.trading:$version"

For MacOS

acrname="playeconomyacr"
az acr login --name "$acrname"
docker push "$acrname.azurecr.io/play.trading:$version"

Creating the Azure Managed Identity and granting it access to Key Vault secrets

Mac

appnameRg="playeconomy"
namespace="trading"
appnamekv="playeconomy-key-vault"

az identity create --resource-group "$appnameRg" --name "$namespace"
IDENTITY_CLIENT_ID=$(az identity show -g "$appnameRg" -n "$namespace" --query clientId -o tsv)
IDENTITY_PRINCIPAL_ID=$(az identity show -g "$appnameRg" -n "$namespace" --query principalId -o tsv)
az keyvault set-policy -n "$appnamekv" --secret-permissions get list --spn "$IDENTITY_CLIENT_ID"

Create the kubernetes namespace

Mac

namespace="trading"
kubectl create namespace "$namespace"

Establish the federated identity credential

For mac

namespace="trading"
appnamecluster="playeconomy_cluster"
appnameRg="playeconomy"


export AKS_OIDC_ISSUER="$(az aks show --name "${appnamecluster}" --resource-group "${appnameRg}" --query "oidcIssuerProfile.issuerUrl" --output tsv)"


az identity federated-credential create --name ${namespace} --identity-name "${namespace}" --resource-group "${appnameRg}" --issuer "${AKS_OIDC_ISSUER}" --subject system:serviceaccount:"${namespace}":"${namespace}-serviceaccount" --audience api://AzureADTokenExchange

Install the helm chart

namespace="trading"
helm install trading-service ./helm -f ./helm/values.yaml -n "$namespace"

Required repository secrets for GitHub workflow

GH_PAT: Created in GitHub user profile --> Settings --> Developer settings --> Personal access token AZURE_CLIENT_ID: From AAD(Microsoft Entra ID) App Registration AZURE_SUBSCRIPTION_ID: From Azure Portal subscription AZURE_TENANT_ID: From AAD(Microsoft Entra ID) properties page

About

Play Economy Trading microservice

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

13 tags

Packages

No packages published

Languages