{"id":21015501,"url":"https://github.com/ericogr/azenv","last_synced_at":"2025-07-01T11:37:51.964Z","repository":{"id":62810910,"uuid":"558128858","full_name":"ericogr/azenv","owner":"ericogr","description":"A tool to ease the creation of Azure DevOps environments for use with your pipelines.","archived":false,"fork":false,"pushed_at":"2024-01-17T14:43:45.000Z","size":114,"stargazers_count":6,"open_issues_count":0,"forks_count":0,"subscribers_count":3,"default_branch":"main","last_synced_at":"2024-06-19T19:48:34.874Z","etag":null,"topics":["azure-devops","devops","kubernetes"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ericogr.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-10-27T00:20:51.000Z","updated_at":"2024-01-17T18:17:20.000Z","dependencies_parsed_at":"2024-06-19T19:07:08.125Z","dependency_job_id":null,"html_url":"https://github.com/ericogr/azenv","commit_stats":{"total_commits":23,"total_committers":1,"mean_commits":23.0,"dds":0.0,"last_synced_commit":"0e85ee72ea8bd4689c6956202257fff4b9531532"},"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ericogr%2Fazenv","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ericogr%2Fazenv/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ericogr%2Fazenv/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ericogr%2Fazenv/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ericogr","download_url":"https://codeload.github.com/ericogr/azenv/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225332382,"owners_count":17457710,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["azure-devops","devops","kubernetes"],"created_at":"2024-11-19T10:10:02.518Z","updated_at":"2024-11-19T10:10:03.087Z","avatar_url":"https://github.com/ericogr.png","language":"Go","readme":"# Azure DevOps Environment Creation\nUse this tool to set up an Azure DevOps [Environment]. An [Environment] is a collection of resources that can be targeted by deployments from a pipeline.\n\n## Requirements\nTo run this tool, you need:\n- [Azure DevOps] account\n- Azure DevOps [PAT] with the following permissions:\n  - Environment (Read \u0026 manage)\n  - Service Connections (Read, query, \u0026 manage)\n- For Kubernetes resources:\n  - [Kubernetes Cluster]\n  - [RBAC] access with the following permissions:\n    - get, create and patch namespaces\n    - get and create serviceaccounts\n    - get and create secrets\n\n# Kubernetes Resources\nFor Kubernetes resources these are the resources that can be configured:\n\n|Resource|Type|Can use existent|Notes|\n|--------|----|----------------|-----|\n|Environment|Azure DevOps|Yes|-|\n|Environment Resource|Azure DevOps|No|it must be deleted before creating a new one|\n|Service Connection|Azure DevOps|Yes|-|\n|Namespace|Kubernetes|Yes|-|\n|Service Account|Kubernetes|Yes|you have to create role/clusterrole and bind to service account your own|\n|Secret|Kubernetes|Yes|-|\n\n\u003e **_NOTE:_** In some cases, cli will try to use existent resource before create a new one.\n\n## Kubernetes detailed permissions\nTo create and get some resources, cli will need some permissions. See an example of ClusterRole below:\n\n```yaml\napiVersion: rbac.authorization.k8s.io/v1\nkind: ClusterRole\nmetadata:\n  name: azenv\nrules:\n- apiGroups:\n  - \"\"\n  resources:\n  - namespaces\n  - serviceaccounts\n  - secret\n  verbs:\n  - get\n  - create\n- apiGroups:\n  - \"\"\n  resources:\n  - namespaces\n  verbs:\n  - patch\n```\n\n## Usage example\n\nSee above an example, the fields are self-explanatory. Replace \u003csomething\u003e by your own values.\n\n```sh\n./azenv \\\n  create kubernetes \\\n  --pat \u003cgenerate-azure-devops-pat\u003e \\\n  --project \u003corganization-name\u003e/\u003cproject-name\u003e \\\n  --name \u003cenvironment-name\u003e \\\n  --service-account \u003cnamespace\u003e/\u003cservice-account-name\u003e \\\n  --service-connection \u003cservice-connection-name\u003e \\\n  --namespace-label label1=value1 \\\n  --namespace-label label2=value2 \\\n  --show-kubeconfig=false\n```\n\n[Azure DevOps]: https://azure.microsoft.com/en-us/free/\n[Environment]: https://learn.microsoft.com/en-us/azure/devops/pipelines/process/environments?view=azure-devops\n[PAT]: https://learn.microsoft.com/en-us/azure/devops/organizations/accounts/use-personal-access-tokens-to-authenticate?view=azure-devops\u0026tabs=Windows\n[RBAC]: https://kubernetes.io/docs/reference/access-authn-authz/rbac/\n[Kubernetes Cluster]: https://killercoda.com/kimwuestkamp/scenario/k8s1.24-serviceaccount-secret-changes","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fericogr%2Fazenv","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fericogr%2Fazenv","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fericogr%2Fazenv/lists"}