Skip to content

Stable/1.28.x - Allianz - Celery DB authentication with Azure Service Principal #1186

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 22 commits into from
Apr 7, 2025
Merged

Stable/1.28.x - Allianz - Celery DB authentication with Azure Service Principal #1186

merged 22 commits into from
Apr 7, 2025

Conversation

@Saseem75
Copy link
Contributor

@Saseem75 Saseem75 commented Apr 3, 2025
edited by sambles
Loading

CELERY DB authentication with Azure Service Principal

Added class to fetch Azure PostgreSQL Service Principal token instead of a fixed password.

For this to work the config option AZURE_SERVICE_PRINCIPAL_USER must be set, along with the following.

Variable Name Description
AZURE_TENANT_ID Azure AD Tenant ID
AZURE_CLIENT_ID Azure Service Principal Client ID
AZURE_CLIENT_SECRET Azure Service Principal Client Secret
AZURE_SERVICE_PRINCIPAL_USER Username for PostgreSQL (e.g., sp_user@db)
CELERY_RESULTS_DB_BACKEND Database backend (e.g., db+postgresql)
DB_HOST PostgreSQL database host
DB_PORT PostgreSQL database port
DB_NAME Celery result backend database name

@Saseem75 Saseem75 changed the title Stable/1.28.x - Allianz - Celery DB authentication for Azure Service Principal Authentication - Stable/1.28.x - Allianz - Celery DB authentication with Azure Service Principal Apr 3, 2025
@sambles sambles changed the base branch from stable/1.28.x to adjust-pr-oasis-1.28.x April 7, 2025 13:57
@sambles sambles merged commit 2ea66bb into OasisLMF:adjust-pr-oasis-1.28.x Apr 7, 2025
14 of 20 checks passed
@sambles sambles mentioned this pull request Apr 7, 2025
Merged
sambles added a commit that referenced this pull request Apr 7, 2025
@sambles @Saseem75
Stable/1.28.x - Allianz - Celery DB authentication with Azure Service…
ed3457e 
… Principal (#1190)

* Stable/1.28.x - Allianz - Celery DB authentication with Azure Service Principal   (#1186)

* Update postgres.docker-compose.yml

spa env vars updated for celery and worker

* Update requirements-worker.in

azure identity packaged added to worker requirement

* Update requirements-worker.txt

* Update celeryconf.py

Service Principal Logic added

* Create celery_db_backend.py

custom backend for celery

* Create test.md

* Add files via upload

workflow file uploaded

* Update test.md

* Create celery_readme.md

* Update celery_readme.md

* Update celery_readme.md

* Update celeryconf.py

removed password/token masking

* Update celeryconf.py

* Update celeryconf.py

* Update celery_readme.md

* Update celery_db_backend.py

* Update celery_readme.md

* Update celery_db_backend.py

removed unwanted - methods   get_connection  + get_db_engine

* Update celery_readme.md

* Update and rename celery_db_backend.py to utils.py

utils.py introduced instead of celery_db_backend.py

* Update and rename celery_readme.md to readme.md

* Update readme.md

readme.md updated

* Adjust PR

* update

---------

Co-authored-by: Saseem75 <[email protected]>
sambles added a commit that referenced this pull request Apr 24, 2025
@sambles @Saseem75 @awsbuild
Release 1.28.13 (#1191)
59f70bf 
* Stable/1.28.x - Allianz - Celery DB authentication with Azure Service Principal (#1190)

* Stable/1.28.x - Allianz - Celery DB authentication with Azure Service Principal   (#1186)

* Update postgres.docker-compose.yml

spa env vars updated for celery and worker

* Update requirements-worker.in

azure identity packaged added to worker requirement

* Update requirements-worker.txt

* Update celeryconf.py

Service Principal Logic added

* Create celery_db_backend.py

custom backend for celery

* Create test.md

* Add files via upload

workflow file uploaded

* Update test.md

* Create celery_readme.md

* Update celery_readme.md

* Update celery_readme.md

* Update celeryconf.py

removed password/token masking

* Update celeryconf.py

* Update celeryconf.py

* Update celery_readme.md

* Update celery_db_backend.py

* Update celery_readme.md

* Update celery_db_backend.py

removed unwanted - methods   get_connection  + get_db_engine

* Update celery_readme.md

* Update and rename celery_db_backend.py to utils.py

utils.py introduced instead of celery_db_backend.py

* Update and rename celery_readme.md to readme.md

* Update readme.md

readme.md updated

* Adjust PR

* update

---------

Co-authored-by: Saseem75 <[email protected]>

* Set version 1.28.13

Set version 1.28.13

* Update changelog

---------

Co-authored-by: Saseem75 <[email protected]>
Co-authored-by: awsbuild <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Saseem75 @sambles