How can I get the running instance count for Azure in ruby, I'm looking something equivalent to How to enumerate running ec2 instances and load them into a database using ruby? in AWS.
Thanks
Here is what I did:
subscription_id= 'xyz'
provider = MsRestAzure::ApplicationTokenProvider.new(tenant_id, client_id, secret)
credentials = MsRest::TokenCredentials.new(provider)
client = Azure::ARM::Resources::ResourceManagementClient.new(credentials)
client.subscription_id = subscription_id
resource_group_params = Azure::ARM::Resources::Models::ResourceGroup.new()
resource_group_params.location = 'westus'
promise = client.resource_groups.create_or_update('new_test_resource_group',resource_group_params)
result = promise.value!
resource_group_params = result.body
p resource_group_params.name
p resource_group_params.id
Response:
azureAuth.rb:35:in <main>': undefined methodvalue!' for # (NoMethodError)
From the description, it is hard to know this "running instance". Do you mean Azure web app or Azure cloud service instance? Based on your code snippet, you seem want to create Azure resource group and get some related info. For this scenario, I suggest you follow the sample code in Azure official site: Manage Azure resources and resource groups with Ruby. Hope it could give you some tips.
[Update]
I am sorry for that I did not test the sample code and give solution to you.
still it is throwing error "nil:NilClass (NoMethodError)
Based on my test, I think you did not create azure resource group, so the promise object is nil. Please try list resource group operation client.resource_groups.list.each{ |group| print_item(group) } I think you will get nil issue too. When I dig into the ms_rest_azure I could not even able to get token. When I change below code (application_token_provider.rb) I could able to get the token
1) request_body['{resource_uri}'] = "https%3A%2F%2Fmanagement.azure.com%2F" #ERB::Util.url_encode(#settings.token_audience). Use management.azure.com instead of management.core.windows.net
2) response = connection.post do |request| get method change to post method.
3) :ssl => MsRest.ssl_options change to :ssl => {:verify => false}
I would suggest you use rest API to achieve the same purpose. Below is my Ruby code based on rest API. Hope it helps.
connection = Faraday.new(:url => 'https://login.windows.net/<telnet id>/oauth2/token',:ssl => {:verify => false}) do |builder|
builder.adapter Faraday.default_adapter
end
response = connection.post do |request|
request.headers['Content-Type'] = 'application/x-www-form-urlencoded'
request.body = 'resource=https%3A%2F%2Fmanagement.azure.com%2F&client_id=<your client id>&client_secret=<your client secret>&grant_type=client_credentials'
end
response_body = JSON.load(response.body)
#token = response_body['access_token']
getResrouceCon = Faraday.new(:url => 'https://management.azure.com/subscriptions/<subscriotion id>/resourcegroups?api-version=2015-01-01',:ssl => {:verify => false}) do |builder|
builder.adapter Faraday.default_adapter
end
response_resource = getResrouceCon.get do |req|
req.headers["Authorization"] = "bearer #{#token}"
end
puts "response #{response_resource.body}"
Note: I use the latest version azure_mgmt_resource
[Update]
We could find Azure classic cloud service from Azure resource portal. we can get a lot of useful info of Azure cloud service from configuration. here is the screenshot:
If you want to get roles and role instance. We can use this rest API in Azure resource portal https://management.azure.com/subscriptions/<subscription id>/resourceGroups/<group name>/providers/Microsoft.ClassicCompute/domainNames/<cloud service name>/slots/Production?api-version=2016-04-01
We only need to modify a little from my previous answer. Here is the code that could get cloud service configuration:
getResrouceCon = Faraday.new(:url => 'https://management.azure.com/subscriptions/<subscription id>/resourceGroups/<group name>/providers/Microsoft.ClassicCompute/domainNames/<cloud service name>/slots/Production?api-version=2016-04-01',:ssl => {:verify => false}) do |builder|
builder.adapter Faraday.default_adapter
end
response_resource = getResrouceCon.get do |req|
req.headers["Authorization"] = "bearer #{#token}"
end
puts "response #{response_resource.body}"
Related
I'm having some trouble getting the sample code for instantiating a Drive Service Account working. I've set up the service account in the API console as directed and included the scope for the 'https://www.googleapis.com/auth/drive', but running this generates the following error: "Authorization failed. Server message: (Signet::AuthorizationError)".
Oddly, if I omit the user_email address it doesn't generate an error.
My objective is to be able to do an audit on all the files stored on the organization's Drive, and it's my understanding that using a service account would be the way to get a listing of all the files stored.
Have I missed some special setting on the server side for this?
require 'google/api_client'
## Email of the Service Account #
SERVICE_ACCOUNT_EMAIL = '<service account email>#developer.gserviceaccount.com'
## Path to the Service Account's Private Key file #
SERVICE_ACCOUNT_PKCS12_FILE_PATH = '<private key file>-privatekey.p12'
def build_client(user_email)
key = Google::APIClient::PKCS12.load_key(SERVICE_ACCOUNT_PKCS12_FILE_PATH, 'notasecret')
asserter = Google::APIClient::JWTAsserter.new(SERVICE_ACCOUNT_EMAIL, 'https://www.googleapis.com/auth/drive', key)
client = Google::APIClient.new
client.authorization = asserter.authorize(user_email)
return client
end
client = build_client("<users email address>")
This looks to me like you are using an older example. I think that's how you used to do it about a year ago. Back in late 2012 that method of setting up the app was deprecated because Signet was updated to handle all aspects of the OAuth2 setup.
Here is the code I generally use to create a service account. You can tweak it to fit into your method.
client.authorization = Signet::OAuth2::Client.new(
:token_credential_uri => 'https://accounts.google.com/o/oauth2/token',
:audience => 'https://accounts.google.com/o/oauth2/token',
:scope => "https://www.googleapis.com/auth/drive",
:issuer => "<service account email>#developer.gserviceaccount.com",
:signing_key => Google::APIClient::KeyUtils.load_from_pkcs12("<private key file>-privatekey.p12", "notasecret"),
:person => "<users email address>")
client.authorization.fetch_access_token!
If you are still having issues let me know and I'll see if I can help.
Using version 0.9.13 of google-api-client, I succeeded in using the following slight adaptation of Woodward's answer (note the absence of the person parameter):
def service_account_authorization(credentials_file, scope)
credentials = JSON.parse(File.open(credentials_file, 'rb').read)
authorization = Signet::OAuth2::Client.new(
:token_credential_uri => 'https://accounts.google.com/o/oauth2/token',
:audience => 'https://accounts.google.com/o/oauth2/token',
:scope => scope,
:issuer => credentials['client_id'],
:signing_key => OpenSSL::PKey::RSA.new(credentials['private_key'], nil),
)
authorization.fetch_access_token!
authorization
end
This snippet takes a file as it was downloaded from Google Cloud Console for a service account and returns an auth object that can be fed to Google::Apis::*Service.authorization.
Thanks James!
I have worked with service account+Drive+file permissions using Java. In order to use permissions for a particular user, I had to allow certain scope. The only thing I can guess about your issue is that you might have missed the Delegation part
My test environment for my Ruby (Sinatra + twitter_oauth) project is behind a proxy.
In the documentation, I read how to use the twitter_oauth gem with a proxy. But there the author says:
First you need to authorize the Twitter user via OAuth directly via the Twitter API (this part cannot be proxied)
But unfortunately, on this step I receive an proxy error when testing locally.
Is there any possibility to proxy this?
client = TwitterOAuth::Client.new(
:consumer_key => 'YOUR_APP_CONSUMER_KEY',
:consumer_secret => 'YOURA_APP_CONSUMER_SECRET'
)
request_token = client.request_token(:oauth_callback => 'YOUR_CALLBACK_URL')
Thanks in advance!!
No, but OAuth can be skipped if a check for local environment is wrapped around the authentication:
def localhost
client = "Test"
request_token = "Me"
def webhost
client = TwitterOAuth::Client.new(
:consumer_key => 'YOUR_APP_CONSUMER_KEY',
:consumer_secret => 'YOURA_APP_CONSUMER_SECRET'
)
request_token = client.request_token(:oauth_callback => 'YOUR_CALLBACK_URL')
I am trying to create SOAPClient using Savon - rubygem.
Its a WCF soap service with WSSE auth over https. Here is the code that I tried:
require 'savon'
client = Savon::Client.new do
wsdl.document = "https://svc.sxxxxxify.com:8081/ConfSet.svc?wsdl"
config.soap_version = 2
wsse.credentials "aa5#xxasxsaxsh.com", "test123"
end
p client.wsdl.soap_actions
response = client.request :get_user_clients
p response
But I get this error:
http://www.w3.org/2005/08/addressing/soap/fault2012-10-26T06:07:42.247Z2012-10-26T06:12:42.247Zs:Sendera:DestinationUnreachableThe message with To '' cannot be processed at the
receiver, due to an AddressFilter mismatch at the EndpointDispatcher.
Check that the sender and receiver's EndpointAddresses
agree.
.
The message with To '' cannot be processed at the receiver, due to an
AddressFilter mismatch at the EndpointDispatcher. Check that the
sender and receiver's EndpointAddresses agree. (Savon::SOAP::Fault)
Please help me solve this problem
I had the some problem. I've solved the 'To' problem by providing a header entry and a new namespace. The 'Action' header was also necessary though, and I only discovered that after inspecting SoapUI logs. Here is what worked for me:
#service_url = 'https://svc.sxxxxxify.com:8081/ConfSet.svc/service'
#action = 'your_action'
#client = Savon.client(:wsdl => "#{#service_url}?wsdl", :soap_version => 2,
:namespaces => {"xmlns:x" => "http://www.w3.org/2005/08/addressing"},
:soap_header => {"x:To" => #service_url, "x:Action" => "http://tempuri.org/#{#action}"})
I've been reading the docs for the Google Calendar API and the google-api-ruby-client library, but I'm having a lot of trouble understanding them.
I have a Rails application that has a front end that lets users create objects called Events, and it saves them in a database on my server. What I would like is, after these Events are saved in the database, I want to call the Google Calendar API to create an event on a Google Calendar (that the server created, and only the server has access to modify that calendar).
I'm having lots of issues figuring out how to authenticate with the API using the ruby library. It doesn't make sense for me to use OAuth2 because I don't need to authorize anything with the user because I'm not interested in their data. I looked into Service Accounts (http://code.google.com/p/google-api-ruby-client/wiki/ServiceAccounts), but it looks like Google Calendars is not supported by Service Accounts.
Anyone have any ideas? This is the code I was experimenting with (using Service Accounts):
#client = Google::APIClient.new(:key => 'my_api_key')
path_to_key_file = '/somepath/aaaaaa-privatekey.p12'
passphrase = 'my_pass_phrase'
key = Google::APIClient::PKCS12.load_key(path_to_key_file, passphrase)
asserter = Google::APIClient::JWTAsserter.new(
'blah_blah#developer.gserviceaccount.com',
'https://www.googleapis.com/auth/calendar',
key)
# To request an access token, call authorize:
#client.authorization = asserter.authorize()
calendar = #client.discovered_api('calendar', 'v3')
event = {
'summary' => 'Appointment',
'location' => 'Somewhere',
'start' => {
'dateTime' => '2012-06-03T10:00:00.000-07:00'
},
'end' => {
'dateTime' => '2012-06-03T10:25:00.000-07:00'
},
'attendees' => [
{
'email' => 'attendeeEmail'
},
#...
]
}
result = #client.execute!(:api_method => calendar.events.insert,
:parameters => {'calendarId' => 'primary'},
:body => JSON.dump(event),
:headers => {'Content-Type' => 'application/json'})
Then of course I get this error message: Google::APIClient::ClientError (The user must be signed up for Google Calendar.) because the Service Account does not support Google Calendars.
I think you'll still need a real google user to host the calendar instance. But once you've got the calendar created under your identity, you can share it with the service account. In the sharing settings for the calendar, just use the email address of the service account (my service account ends with #developer.gserviceaccount.com). With the right sharing permissions, your service account can create/alter the event info, and not mess with your specific identity. From there, you can share the calendar with more people (or public) for their consumption of the mirrored events.
The other hitch I've run into is that it seems you can only authorize() the service account once per expiration period. You'll have to save the token you get and reuse it for the next hour, and then fetch a new one.
I don't know anything about Ruby. But it seems like understanding the underlying REST queries would help debug your problem. I've documented them here: http://www.tqis.com/eloquency/googlecalendar.htm
I was having trouble with this too and finally got a handle on it. The bottom line is that Google Calendar API v3 requires OAuth and you need to setup an App/Project through the Google Developer Console and then request OAuth permission on the target Google account. Once authorization is granted, you'll want to save the refresh token and use it on subsequent calls to get new access tokens (which expire!). I wrote a detailed blog post about this here: http://www.geekytidbits.com/google-calendar-api-from-ruby/ and this is my example script that should hopefully help you understand the flow:
#gem install 'google-api-client'
require 'google/api_client'
#Setup auth client
client_secrets = Google::APIClient::ClientSecrets.load #client_secrets.json must be present in current directory!
auth_client = client_secrets.to_authorization
auth_client.update!(
:scope => 'https://www.googleapis.com/auth/calendar',
:access_type => "offline", #will make refresh_token available
:approval_prompt =>'force',
:redirect_uri => 'http://www.myauthorizedredirecturl.com'
)
refresh_token_available = File.exist?('refresh_token.txt')
if !refresh_token_available
#OAuth URL - this is the url that will prompt a Google Account owner to give access to this app.
puts "Navigate browser to: '#{auth_client.authorization_uri.to_s}' and copy/paste auth code after redirect."
#Once the authorization_uri (above) is followed and authorization is given, a redirect will be made
#to http://www.myauthorizedredirecturl.com (defined above) and include the auth code in the request url.
print "Auth code: "
auth_client.code = gets
else
#If authorization has already been given and refresh token saved previously, simply set the refresh code here.
auth_client.refresh_token = File.read('refresh_token.txt')
end
#Now, get our access token which is what we will need to work with the API.
auth_client.fetch_access_token!
if !refresh_token_available
#Save refresh_token for next time
#Note: auth_client.refresh_token is only available the first time after OAuth permission is granted.
#If you need it again, the Google Account owner would have deauthorize your app and you would have to request access again.
#Therefore, it is important that the refresh token is saved after authenticating the first time!
File.open('refresh_token.txt', 'w') { |file| file.write(auth_client.refresh_token) }
refresh_token_available = true
end
api_client = Google::APIClient.new
cal = api_client.discovered_api('calendar', 'v3')
#Get Event List
puts "Getting list of events..."
list = api_client.execute(:api_method => cal.events.list,
:authorization => auth_client,
:parameters => {
'maxResults' => 20,
'timeMin' => '2014-06-18T03:12:24-00:00',
'q' => 'Meeting',
'calendarId' => 'primary'})
puts "Fetched #{list.data.items.count} events..."
#Update Event
puts "Updating first event from list..."
update_event = list.data.items[0]
update_event.description = "Updated Description here"
result = api_client.execute(:api_method => cal.events.update,
:authorization => auth_client,
:parameters => { 'calendarId' => 'primary', 'eventId' => update_event.id},
:headers => {'Content-Type' => 'application/json'},
:body_object => update_event)
puts "Done with update."
#Add New Event
puts "Inserting new event..."
new_event = cal.events.insert.request_schema.new
new_event.start = { 'date' => '2015-01-01' } #All day event
new_event.end = { 'date' => '2015-01-01' }
new_event.description = "Description here"
new_event.summary = "Summary here"
result = api_client.execute(:api_method => cal.events.insert,
:authorization => auth_client,
:parameters => { 'calendarId' => 'primary'},
:headers => {'Content-Type' => 'application/json'},
:body_object => new_event)
puts "Done with insert."
I'm developing on Rails and I'm using the gem Savon (http://savonrb.com).
What I have to do is to integrate myself with a service that I wsdl has two, one for authentication and the other for various functions.
There are two wsdl:
"https://.../authentication.asmx?wsdl"
"https://.../lists.asmx?wsdl"
What I do first is this:
client = Savon::Client.new do |wsdl, http|
http.auth.ssl.verify_mode = :none
wsdl.document = "https://.../authentication.asmx?wsdl"
end
response = client.request :soap, :login, :body => {:username => "...", :password => "..."}
Once logged in I would need to use the second wsdl to perform my function, but I can not declare another client within authentication lose the first thing I said.
response = client.request :get_list_collection do
soap.endpoint = URI(URI.escape("https://.../lists.asmx?wsdl"))
end
I've tried many but I found no solution.
Any idea how to solve this problem?