Implemented a Service to receive real time message from an API Webhook

 What is the webhook?  Ask Google :) 😅 

This is my experience to build a Azure Function HTTP trigger to receive an event from SkyBox API Webhook. 

Business requirement: Real time integration INVOICE with SkyBox API Webhook. Means whenever SkyBox has a new or Update invoice. Their service would send the json message to my API.

Solution: 

Step 1: Built C# HTTP trigger function and then deploy it to Azure Function

Depends on the business requirement, you can add more in your own code.

 Step 2: Added a subscription sending a POST to https://skybox.vividseats.com/services/webhooks

{

 "topic": "INVOICE",

 "url": "https://xxxxxxxxinvoice.azurewebsites.net/api/SkyboxReceiveInvoice?code=xxxxxxxxxx",

 "headers": "Bearer: xxxxxxxx",

 "secret": "yoursecretkey"

}

Navigate to Azure Function Monitor to see the message coming.

Note:

The "secret": "yoursecretkey" is using for Encrypted the message. Here is code:

+ Create Key:
byte[] key = Encoding.ASCII.GetBytes("TicketShine");

+ Encode to create a check MAC.

public static string Encode(string input, byte[] key)
{

HMACSHA1 myhmacsha1 = new HMACSHA1(key);

byte[] byteArray = Encoding.ASCII.GetBytes(input);

MemoryStream stream = new MemoryStream(byteArray);

return myhmacsha1.ComputeHash(stream).Aggregate("", (s, e) => s + String.Format("{0:x2}", e), s => s);

}

Gitlab - CICD to Azure App Service with an application .NET Framework

Every development team has unique requirements that can make implementing an efficient deployment pipeline difficult on any cloud service. This is a process to prevents downtime: 

Here is CICD script:

variables:
MSBUILD: "C:\\Program Files (x86)\\Microsoft Visual Studio\\2019\\BuildTools\\MSBuild\\Current\\Bin\\msbuild.exe"
SOLUTION: IProcessorSolution.sln
WEBJOB_PROJECT: ".\\IProcessorPdfParser\\IProcessorPdfParser.csproj"
DEV_PUBLISH_PROFILE: "IProcessorWebsiteStaging - Web Deploy"
DEV_PUBLISH_PROFILE_WEBJOB_PROJECT: "IProcessorWebsiteStaging - Web Deploy.pubxml"
DEV_DR_PUBLISH_PROFILE: "iprocessorwebsitestaging-dr - Web Deploy"
DEV_DR_PUBLISH_PROFILE_WEBJOB_PROJECT: "iprocessorwebsitestaging-dr - Web Deploy.pubxml"
PROD_DR_PUBLISH_PROFILE: "iprocessorwebsite-dr - Web Deploy"
PROD_DR_PUBLISH_PROFILE_WEBJOB_PROJECT: "iprocessorwebsite-dr - Web Deploy.pubxml"

stages:
- build
- deploy



deploy_dev_dr:
stage: deploy
environment:
name: staging
rules:
- if: $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH != "dev" && $CI_COMMIT_BRANCH != "master"
tags:
- shared-windows
- windows
- windows-1809
script:
- 'nuget restore $SOLUTION'
- '& $MSBUILD $SOLUTION /p:Configuration=Release /p:SignManifests=False /p:DeployOnBuild=true /p:PublishProfile=$DEV_DR_PUBLISH_PROFILE'
- '& $MSBUILD $WEBJOB_PROJECT /p:Configuration=Release /p:SignManifests=False /p:DeployOnBuild=true /p:PublishProfile=$DEV_DR_PUBLISH_PROFILE_WEBJOB_PROJECT'
artifacts:
expire_in: 1 week

deploy_dev:
stage: deploy
environment:
name: staging
rules:
- if: $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == "dev"
tags:
- shared-windows
- windows
- windows-1809
script:
- 'nuget restore $SOLUTION'
- '& $MSBUILD $SOLUTION /p:Configuration=Release /p:SignManifests=False /p:DeployOnBuild=true /p:PublishProfile=$DEV_PUBLISH_PROFILE'
- '& $MSBUILD $WEBJOB_PROJECT /p:Configuration=Release /p:SignManifests=False /p:DeployOnBuild=true /p:PublishProfile=$DEV_PUBLISH_PROFILE_WEBJOB_PROJECT'
artifacts:
expire_in: 1 week


deploy_prod:
stage: deploy
environment:
name: production
rules:
- if: $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == "master"
tags:
- shared-windows
- windows
- windows-1809
script:
- 'nuget restore $SOLUTION'
- '& $MSBUILD $SOLUTION /p:Configuration=Release /p:SignManifests=False /p:DeployOnBuild=true /p:PublishProfile=$PROD_DR_PUBLISH_PROFILE'
- '& $MSBUILD $WEBJOB_PROJECT /p:Configuration=Release /p:SignManifests=False /p:DeployOnBuild=true /p:PublishProfile=$PROD_DR_PUBLISH_PROFILE_WEBJOB_PROJECT'
artifacts:
expire_in: 1 week

How to setup P2S VPN to connect Azure SQL

After successful building the VPN connection to Azure Environment by applying P2S VPN. This is a note what I did so that I can use it in the future.

 

Script Powersell to create SelfRoot & Client

$cert = New-SelfSignedCertificate -Type Custom -KeySpec Signature -Subject "CN=VNETROOT" -KeyExportPolicy Exportable -HashAlgorithm sha256 -KeyLength 2048 -CertStoreLocation "Cert:\CurrentUser\My" -KeyUsageProperty Sign -KeyUsage CertSign

New-SelfSignedCertificate -Type Custom -DnsName TANLECLIENT -KeySpec Signature -Subject "CN=VNETCLIENT" -KeyExportPolicy Exportable -HashAlgorithm sha256 -KeyLength 2048 -CertStoreLocation "Cert:\CurrentUser\My" -Signer $cert -TextExtension @("2.5.29.37={text}1.3.6.1.5.5.7.3.2")

 

Generate and export certificates for P2S: PowerShell - Azure VPN Gateway | Microsoft Docs

 

Step-by-Step guide to Azure Point-to-Site VPN - Technical Blog | REBELADMIN

 

Tutorial: Connect to an Azure SQL server using an Azure Private Endpoint - Portal | Microsoft Docs

 

 

Do the following:

1.      Navigate to "Firewalls and virtual networks" of you SQL server and make sure to set "Deny public network access" to yes.

2.      Create an Azure private endpoint. It will create endpoint for SQL server within your virtual network and it'll be assigned a private IP from within subnet's IP range. You use this private IP to connect to SQL server.

3.      On you local machine, make sure you're connected to VPN and open SQL Server Management Studio:

·         Under "Server name" enter private IP address of Azure private endpoint created in step #2.

·         Login part can be a bit tricky. Under "Login" field, enter username in format "username@public_sql_server_name" (e.g. admin@my-sql-server.database.windows.net). For password, just enter you password.

·         Last thing to do is to click on "Options" and navigate to "Connection properties". Make sure to check "Encrypt connection" and "Trust server certificate". This is required as server's certificate is issued to "my-sql-server.database.windows.net" and you're accessing it via private IP. If this wasn't checked, management studio wouldn't trust server's certificate and would refuse connection.

References:

Connect to a VNet using P2S VPN & certificate authentication: portal - Azure VPN Gateway | Microsoft Docs

Business case: Create the alert message to Slack with MS Flow/Automate

 Business case:

Automatically post the alert message when it hits the criteria by using the store procedure in MS SQL Azure

Solution:

Assumption that we already had the data as following by writing it in the store procedure.