public async Task CdnRotation([TimerTrigger("0 0 0 * * 1,5")] TimerInfo timer, ILogger log)
{
var tasks = new List <Task>();
var cdnProfiles = await _cdnManagementClient.Profiles.SafeListAllAsync();
foreach (var cdnProfile in cdnProfiles)
{
log.LogInformation($"CDN Proflie: {cdnProfile.Name}");
var resourceGroupName = cdnProfile.ResourceGroupName();
var cdnEndpoints = await _cdnManagementClient.Endpoints.ListAllByProfileAsync(resourceGroupName, cdnProfile.Name);
foreach (var cdnEndpoint in cdnEndpoints)
{
log.LogInformation($"CDN Endpoint: {cdnEndpoint.Name}");
var cdnCustomDomains = await _cdnManagementClient.CustomDomains.ListAllByEndpointAsync(resourceGroupName, cdnProfile.Name, cdnEndpoint.Name);
foreach (var cdnCustomDomain in cdnCustomDomains)
{
log.LogInformation($"Custom Domain: {cdnCustomDomain.Name}");
if (!(cdnCustomDomain.CustomHttpsParameters is UserManagedHttpsParameters httpsParameters))
{
continue;
}
log.LogInformation($"Vault Name: {httpsParameters.CertificateSourceParameters.VaultName}");
log.LogInformation($"Secret Name: {httpsParameters.CertificateSourceParameters.SecretName}");
log.LogInformation($"Secret Version: {httpsParameters.CertificateSourceParameters.SecretVersion}");
var certificateClient = _certificateClientFactory.CreateClient(httpsParameters.CertificateSourceParameters.VaultName);
var latestCertificate = await certificateClient.GetCertificateAsync(httpsParameters.CertificateSourceParameters.SecretName);
if (latestCertificate.Value.Properties.Version == httpsParameters.CertificateSourceParameters.SecretVersion)
{
continue;
}
log.LogInformation($"Target Secret Version: {latestCertificate.Value.Properties.Version}");
httpsParameters.CertificateSourceParameters.SecretVersion = latestCertificate.Value.Properties.Version;
tasks.Add(_cdnManagementClient.CustomDomains.EnableCustomHttpsAsync(resourceGroupName, cdnProfile.Name, cdnEndpoint.Name, cdnCustomDomain.Name, httpsParameters));
}
}
}
await Task.WhenAll(tasks);
}
public async Task FrontDoorRotation([TimerTrigger("0 0 0 * * 1,5")] TimerInfo timer, ILogger log)
{
var tasks = new List <Task>();
var frontDoors = await _frontDoorManagementClient.FrontDoors.SafeListAllAsync();
foreach (var frontDoor in frontDoors)
{
log.LogInformation($"Front Door: {frontDoor.Name}");
var resourceGroupName = frontDoor.ResourceGroupName();
var frontendEndpoints = await _frontDoorManagementClient.FrontendEndpoints.ListAllByFrontDoorAsync(resourceGroupName, frontDoor.Name);
foreach (var frontendEndpoint in frontendEndpoints)
{
log.LogInformation($"Frontend Endpoint: {frontendEndpoint.Name}");
if (frontendEndpoint.CustomHttpsConfiguration?.CertificateSource != "AzureKeyVault")
{
continue;
}
var vaultName = ExtractVaultName(frontendEndpoint.CustomHttpsConfiguration.Vault.Id);
log.LogInformation($"Vault Name: {vaultName}");
log.LogInformation($"Secret Name: {frontendEndpoint.CustomHttpsConfiguration.SecretName}");
log.LogInformation($"Secret Version: {frontendEndpoint.CustomHttpsConfiguration.SecretVersion}");
var certificateClient = _certificateClientFactory.CreateClient(vaultName);
var latestCertificate = await certificateClient.GetCertificateAsync(frontendEndpoint.CustomHttpsConfiguration.SecretName);
if (latestCertificate.Value.Properties.Version == frontendEndpoint.CustomHttpsConfiguration.SecretVersion)
{
continue;
}
log.LogInformation($"Target Secret Version: {latestCertificate.Value.Properties.Version}");
frontendEndpoint.CustomHttpsConfiguration.SecretVersion = latestCertificate.Value.Properties.Version;
tasks.Add(_frontDoorManagementClient.FrontendEndpoints.EnableHttpsAsync(resourceGroupName, frontDoor.Name, frontendEndpoint.Name, frontendEndpoint.CustomHttpsConfiguration));
}
}
await Task.WhenAll(tasks);
}