diff --git a/deployment/terraform/resources/functions.tf b/deployment/terraform/resources/functions.tf index cdcf6ebf..e77b3082 100644 --- a/deployment/terraform/resources/functions.tf +++ b/deployment/terraform/resources/functions.tf @@ -46,7 +46,7 @@ resource "azurerm_function_app" "pcfuncs" { os_type = "linux" version = "~4" site_config { - linux_fx_version = "PYTHON|3.8" + linux_fx_version = "PYTHON|3.9" use_32_bit_worker_process = false ftps_state = "Disabled" diff --git a/deployment/terraform/resources/storage_account.tf b/deployment/terraform/resources/storage_account.tf index e55aa6d1..da56d341 100644 --- a/deployment/terraform/resources/storage_account.tf +++ b/deployment/terraform/resources/storage_account.tf @@ -24,3 +24,9 @@ resource "azurerm_storage_table" "ipexceptionlist" { name = "ipexceptionlist" storage_account_name = azurerm_storage_account.pc.name } + +# TEMP to net mess up other work! +resource "azurerm_storage_table" "blobstoragebannedip" { + name = "blobstoragebannedip" + storage_account_name = azurerm_storage_account.pc.name +} diff --git a/pccommon/pccommon/blob.py b/pccommon/pccommon/blob.py index 6034978a..b5fe0207 100644 --- a/pccommon/pccommon/blob.py +++ b/pccommon/pccommon/blob.py @@ -1,27 +1,22 @@ from typing import Dict, Optional, Union -from azure.identity import DefaultAzureCredential +from azure.identity import ManagedIdentityCredential from azure.storage.blob import ContainerClient +from pccommon.constants import AZURITE_ACCOUNT_KEY + def get_container_client( container_url: str, - account_key: Optional[str] = None, ) -> ContainerClient: - credential: Optional[Union[str, Dict[str, str], DefaultAzureCredential]] = None - if account_key: - # Handle Azurite - if container_url.startswith("http://azurite:"): - credential = { - "account_name": "devstoreaccount1", - "account_key": account_key, - } - else: - raise ValueError( - "Non-azurite account key provided. " - "Account keys can only be used with Azurite emulator." - ) + credential: Optional[Union[Dict[str, str], ManagedIdentityCredential]] = None + # Handle Azurite + if container_url.startswith("http://azurite:"): + credential = { + "account_name": "devstoreaccount1", + "account_key": AZURITE_ACCOUNT_KEY, + } else: - credential = DefaultAzureCredential() + credential = ManagedIdentityCredential() return ContainerClient.from_container_url(container_url, credential=credential) diff --git a/pcfuncs/funclib/settings.py b/pcfuncs/funclib/settings.py index 16a9ddf0..b4a44e23 100644 --- a/pcfuncs/funclib/settings.py +++ b/pcfuncs/funclib/settings.py @@ -9,14 +9,11 @@ class BaseExporterSettings(BaseSettings): api_root_url: str = "https://planetarycomputer.microsoft.com/api/data/v1" - output_storage_url: str - output_account_key: Optional[str] = None def get_container_client(self) -> ContainerClient: return get_container_client( self.output_storage_url, - account_key=self.output_account_key, ) def get_register_url(self, data_api_url_override: Optional[str] = None) -> str: diff --git a/pcfuncs/image/settings.py b/pcfuncs/image/settings.py index 0a2c6526..becebdd5 100644 --- a/pcfuncs/image/settings.py +++ b/pcfuncs/image/settings.py @@ -26,8 +26,6 @@ class ImageSettings(BaseExporterSettings): def get_container_client(self) -> ContainerClient: return get_container_client( self.output_storage_url, - sas_token=self.output_sas, - account_key=self.output_account_key, ) def get_register_url(self, data_api_url_override: Optional[str] = None) -> str: