update

baoduy · baoduy · commit 1110e5a26caf · 2023-09-27T09:09:20.000+08:00
diff --git a/Aks/Helper.ts b/Aks/Helper.ts
@@ -2,9 +2,8 @@ import * as containerservice from '@pulumi/azure-native/containerservice';
 import { getAksName, getResourceGroupName } from '../Common/Naming';
 import { createProvider } from '../KubeX/Providers';
 import { KeyVaultInfo } from '../types';
-import { getSecret, getSecretVersions } from '../KeyVault/Helper';
+import { getSecret } from '../KeyVault/Helper';
 import { getIdentitySecrets } from '../AzAd/Helper';
-import * as console from 'console';
 
 /** Get AKS Config from Managed Cluster*/
 export const getAksConfig = async ({
@@ -101,27 +100,27 @@ export const createAksVaultProvider = async ({
   version,
   secretName,
   namespace,
-    base64Encoded,
+  base64Encoded,
   vaultInfo,
 }: {
   aksName: string;
   secretName?: string;
   version?: string;
   vaultInfo: KeyVaultInfo;
-  base64Encoded?:boolean;
+  base64Encoded?: boolean;
   namespace?: string;
 }) => {
   const value = await getAksVaultConfig({
-        name: secretName ?? aksName,
-        version,
-        formattedName: Boolean(secretName),
-        vaultInfo,
-      });
+    name: secretName ?? aksName,
+    version,
+    formattedName: Boolean(secretName),
+    vaultInfo,
+  });
 
   return createProvider({
     name: aksName,
     namespace,
     ignoreChanges: true,
-    kubeconfig: base64Encoded? Buffer.from(value,'base64').toString() :value,
+    kubeconfig: base64Encoded ? Buffer.from(value, 'base64').toString() : value,
   });
 };
diff --git a/Aks/Identity.ts b/Aks/Identity.ts
@@ -19,7 +19,7 @@ export default async ({ name, vaultInfo }: Props) => {
     { name: 'Directory.Read.All', type: 'Role' }
   );
 
-  const serverIdentity = await identityCreator({
+  const serverIdentity = identityCreator({
     name,
     createClientSecret: true,
     createPrincipal: true,
@@ -29,7 +29,7 @@ export default async ({ name, vaultInfo }: Props) => {
     vaultInfo,
   });
 
-  await roleAssignment({
+  roleAssignment({
     name: `${name}-aks-identity-acr-pull`,
     principalId: serverIdentity.principalId!,
     principalType: 'ServicePrincipal',
diff --git a/Aks/index.ts b/Aks/index.ts
@@ -636,7 +636,7 @@ export default async ({
       // }
 
       if (acrScope && identityProfile && identityProfile['kubeletidentity']) {
-        await roleAssignment({
+        roleAssignment({
           name: `${name}-aks-identity-profile-pull`,
           principalId: identityProfile['kubeletidentity'].objectId!,
           principalType: 'ServicePrincipal',
@@ -666,7 +666,7 @@ export default async ({
       // }
 
       if (network.subnetId && identity) {
-        await roleAssignment({
+        roleAssignment({
           name: `${name}-system-net`,
           principalId: identity.principalId,
           roleName: 'Contributor',
@@ -678,7 +678,7 @@ export default async ({
       }
 
       if (privateZone && identity) {
-        await roleAssignment({
+        roleAssignment({
           name: `${name}-private-dns`,
           principalId: identity.principalId,
           roleName: 'Private DNS Zone Contributor',
@@ -689,7 +689,7 @@ export default async ({
     });
 
   //Apply monitoring for VMScale Sets
-  await vmsDiagnostic({
+  vmsDiagnostic({
     group: { resourceGroupName: nodeResourceGroup },
     ...log,
     vaultInfo,
diff --git a/Apps/LogicApp.ts b/Apps/LogicApp.ts
@@ -9,7 +9,7 @@ import { getCertOrderName } from '../Common/Naming';
 
 interface Props extends BasicResourceArgs, DefaultResourceArgs {}
 
-export default ({ name, group, ...others }: Props) => {
+export default ({ name, ...others }: Props) => {
   const n = getCertOrderName(name);
 
   const order = creator(logic.Workflow, {
diff --git a/AzAd/Group.ts b/AzAd/Group.ts
@@ -1,9 +1,7 @@
 import * as azuread from '@pulumi/azuread';
 import { Input, Output } from '@pulumi/pulumi';
-
 import { defaultScope } from '../Common/AzureEnv';
 import { roleAssignment } from './RoleAssignment';
-import { testMode } from '../Common/StackEnv';
 
 export interface GroupPermissionProps {
   /** The name of the roles would like to assign to this group*/
@@ -43,7 +41,7 @@ export default async ({ name, permissions, members, owners }: AdGroupProps) => {
 
   if (permissions) {
     await Promise.all(
-      permissions.map((p, i) =>
+      permissions.map((p) =>
         roleAssignment({
           name,
           principalId: group.objectId,
diff --git a/AzAd/Identity.ts b/AzAd/Identity.ts
@@ -1,16 +1,15 @@
 import * as azureAD from '@pulumi/azuread';
+import { ServicePrincipal } from '@pulumi/azuread';
 import * as pulumi from '@pulumi/pulumi';
+import { Input, Output } from '@pulumi/pulumi';
 import { getIdentityName } from '../Common/Naming';
 import {
+  ApplicationApiOauth2PermissionScope,
   ApplicationAppRole,
   ApplicationRequiredResourceAccess,
-  ApplicationApiOauth2PermissionScope,
 } from '@pulumi/azuread/types/input';
 
 import { KeyVaultInfo } from '../types';
-import { Input, Output } from '@pulumi/pulumi';
-import { ServicePrincipal } from '@pulumi/azuread';
-import { randomPassword } from '../Core/Random';
 import { roleAssignment } from './RoleAssignment';
 import { defaultScope } from '../Common/AzureEnv';
 import { addCustomSecret } from '../KeyVault/CustomHelper';
diff --git a/AzAd/Role.ts b/AzAd/Role.ts
@@ -1,5 +1,5 @@
 import adGroupCreator, { GroupPermissionProps } from './Group';
-import { currentEnv, Environments } from '../Common/AzureEnv';
+import { Environments } from '../Common/AzureEnv';
 import { Input } from '@pulumi/pulumi';
 import { organization } from '../Common/StackEnv';
 
diff --git a/Cdn/index.ts b/Cdn/index.ts
@@ -39,7 +39,7 @@ export default async ({
     });
 
     if (vaultAccess.enableRbacAccess) {
-      await grantVaultRbacPermission({
+      grantVaultRbacPermission({
         name: n,
         objectId: sp.objectId,
         permission: 'ReadOnly',
diff --git a/Certificate/index.ts b/Certificate/index.ts
@@ -3,7 +3,6 @@ import fs from 'fs';
 import * as pem from './p12';
 import { KeyVaultInfo } from '../types';
 import { addCustomSecret } from '../KeyVault/CustomHelper';
-import forge from 'node-forge';
 
 export const defaultAllowedUses = [
   'data_encipherment',
diff --git a/ContainerRegistry/index.ts b/ContainerRegistry/index.ts
@@ -1,11 +1,10 @@
 import * as containerregistry from '@pulumi/azure-native/containerregistry';
 import {
-  BasicResourceArgs,
+  DefaultResourceArgs,
   KeyVaultInfo,
   NetworkRulesProps,
   ResourceGroupInfo,
-} from './../types.d';
-import { DefaultResourceArgs } from '../types';
+} from '../types';
 import creator from '../Core/ResourceCreator';
 import * as global from '../Common/GlobalEnv';
 import {
diff --git a/Core/Random.ts b/Core/Random.ts
@@ -161,7 +161,7 @@ export const randomSsh = ({
   };
 };
 
-export const randomLogin = async ({
+export const randomLogin = ({
   name,
   loginPrefix,
   maxUserNameLength,
diff --git a/CosmosDb/index.ts b/CosmosDb/index.ts
@@ -1,20 +1,20 @@
-import * as documentdb from "@pulumi/azure-native/documentdb";
-import { getCosmosDbName } from "../Common/Naming";
-import { DefaultResourceArgs, KeyVaultInfo, ResourceGroupInfo } from "../types";
-import ResourceCreator from "../Core/ResourceCreator";
-import { defaultTags, isPrd } from "../Common/AzureEnv";
-import { createThreatProtection } from "../Logs/Helpers";
-import { Input } from "@pulumi/pulumi";
+import * as documentdb from '@pulumi/azure-native/documentdb';
+import { getCosmosDbName } from '../Common/Naming';
+import { DefaultResourceArgs, KeyVaultInfo, ResourceGroupInfo } from '../types';
+import ResourceCreator from '../Core/ResourceCreator';
+import { defaultTags, isPrd } from '../Common/AzureEnv';
+import { createThreatProtection } from '../Logs/Helpers';
+import { Input } from '@pulumi/pulumi';
 
 interface CosmosDbProps {
   name: string;
   group: ResourceGroupInfo;
   vaultInfo?: KeyVaultInfo;
   locations?: Input<string>[];
   enableMultipleWriteLocations?: boolean;
-  capabilities?: Array<"EnableCassandra" | "EnableTable" | "EnableGremlin">;
-  kind?: documentdb.DatabaseAccountKind,
-  enableThreatProtection?:boolean;
+  capabilities?: Array<'EnableCassandra' | 'EnableTable' | 'EnableGremlin'>;
+  kind?: documentdb.DatabaseAccountKind;
+  enableThreatProtection?: boolean;
   network?: {
     publicNetworkAccess?: boolean;
     allowAzureServicesAccess?: boolean;
@@ -47,7 +47,7 @@ export default async ({
   enableThreatProtection,
   network,
   sqlDbs,
-                        kind= documentdb.DatabaseAccountKind.GlobalDocumentDB,
+  kind = documentdb.DatabaseAccountKind.GlobalDocumentDB,
 }: CosmosDbProps) => {
   name = getCosmosDbName(name);
 
@@ -70,7 +70,7 @@ export default async ({
     ...group,
     databaseAccountOfferType: documentdb.DatabaseAccountOfferType.Standard,
     kind,
-    identity: { type: "SystemAssigned" },
+    identity: { type: 'SystemAssigned' },
 
     capabilities: capabilities
       ? capabilities.map((n) => ({ name: n }))
@@ -80,7 +80,7 @@ export default async ({
 
     backupPolicy: isPrd
       ? {
-          type: "Periodic",
+          type: 'Periodic',
           periodicModeProperties: {
             backupIntervalInMinutes: 30,
             backupRetentionIntervalInHours: 4,
@@ -126,21 +126,24 @@ export default async ({
     //keyVaultKeyId: encryptKey?.properties.id,
     monitoring: {
       logsCategories: [
-        "CassandraRequests",
-        "PartitionKeyStatistics",
-        "ControlPlaneRequests",
-        "MongoRequests",
-        "QueryRuntimeStatistics",
-        "GremlinRequests",
-        "PartitionKeyRUConsumption",
-        "DataPlaneRequests",
+        'CassandraRequests',
+        'PartitionKeyStatistics',
+        'ControlPlaneRequests',
+        'MongoRequests',
+        'QueryRuntimeStatistics',
+        'GremlinRequests',
+        'PartitionKeyRUConsumption',
+        'DataPlaneRequests',
       ],
-      metricsCategories: ["Requests"],
+      metricsCategories: ['Requests'],
     },
     tags: defaultTags,
   } as unknown as documentdb.DatabaseAccountArgs & DefaultResourceArgs);
 
-  if(enableThreatProtection && kind!== documentdb.DatabaseAccountKind.MongoDB) {
+  if (
+    enableThreatProtection &&
+    kind !== documentdb.DatabaseAccountKind.MongoDB
+  ) {
     //Thread Protection
     createThreatProtection({
       name,
@@ -150,7 +153,7 @@ export default async ({
 
   //Vault variables
   if (vaultInfo) {
-    const keys = resource.id.apply(async (id) => {
+    resource.id.apply(async (id) => {
       if (!id) return undefined;
       return await documentdb.listDatabaseAccountKeys({
         accountName: name,
@@ -162,7 +165,7 @@ export default async ({
   //Database and Containers
   if (sqlDbs) {
     sqlDbs.forEach((db) => {
-      const database = new documentdb.SqlResourceSqlDatabase(
+      new documentdb.SqlResourceSqlDatabase(
         db.name,
         {
           databaseName: db.name,
@@ -184,7 +187,7 @@ export default async ({
               resource: {
                 id: c.name,
                 defaultTtl: c.ttl,
-                partitionKey: { paths: [c.partitionKeyPath || "/id"] },
+                partitionKey: { paths: [c.partitionKeyPath || '/id'] },
               },
             })
         );
diff --git a/CustomProviders/ApimSignInSettings.ts b/CustomProviders/ApimSignInSettings.ts
@@ -1,6 +1,5 @@
 import * as pulumi from '@pulumi/pulumi';
-import { AxiosInstance } from 'axios';
-import {createAxios} from '../Tools/Axios';
+import { createAxios } from '../Tools/Axios';
 
 import {
   BaseOptions,
diff --git a/CustomProviders/AppConfigDisableAccessKeys.ts b/CustomProviders/AppConfigDisableAccessKeys.ts
@@ -1,6 +1,5 @@
 import * as pulumi from '@pulumi/pulumi';
-import { AxiosInstance } from 'axios';
-import {createAxios} from '../Tools/Axios';
+import { createAxios } from '../Tools/Axios';
 
 import {
   BaseOptions,
diff --git a/KubeX/CloudFlare/DynamicDns.ts b/KubeX/CloudFlare/DynamicDns.ts
@@ -28,8 +28,8 @@ export default ({
   const name = 'cloudflare-ddns';
   const image = 'baoduy2412/cloudflare-ddns:latest';
 
-  const configMap: any = {};
-  const secrets: any = {};
+  const configMap: Record<string, Input<string>> = {};
+  const secrets: Record<string, Input<string>> = {};
 
   cloudFlare.forEach((c, ci) => {
     secrets[`Cloudflare__${ci}__ApiKey`] = c.apiKey;
@@ -62,6 +62,7 @@ export default ({
     secrets,
 
     podConfig: {
+      ports: { http: 8080 },
       image,
       resources: { requests: { memory: '1Mi', cpu: '1m' } },
     },
diff --git a/KubeX/CloudFlare/Tunnel-Helm.ts b/KubeX/CloudFlare/Tunnel-Helm.ts
@@ -1,5 +1,4 @@
 import { DefaultK8sArgs } from '../types';
-import Deployment from '../Deployment';
 import { Input } from '@pulumi/pulumi';
 import * as k8s from '@pulumi/kubernetes';
 
diff --git a/VNet/VirtualWAN.ts b/VNet/VirtualWAN.ts
diff --git a/package.json b/package.json

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,4 @@`
`1`	`1`	`import { DefaultK8sArgs } from '../types';`
`2`		`-import Deployment from '../Deployment';`
`3`	`2`	`import { Input } from '@pulumi/pulumi';`
`4`	`3`	`import * as k8s from '@pulumi/kubernetes';`
`5`	`4`