From 22c733d8daa72edb6cd7f7cf926e589ae869a5bd Mon Sep 17 00:00:00 2001 From: Chris Kruining Date: Thu, 28 Nov 2024 07:18:53 +0100 Subject: [PATCH 1/8] kaas --- infrastructure/app.bicep | 164 +++++++++++++-------------- infrastructure/bicepconfig.json | 7 ++ infrastructure/main.bicep | 21 ++-- infrastructure/monitoring.bicep | 18 ++- infrastructure/params/prd.bicepparam | 1 - infrastructure/registry.bicep | 35 +++--- infrastructure/types.bicep | 12 -- 7 files changed, 133 insertions(+), 125 deletions(-) delete mode 100644 infrastructure/types.bicep diff --git a/infrastructure/app.bicep b/infrastructure/app.bicep index 714568a..7510894 100644 --- a/infrastructure/app.bicep +++ b/infrastructure/app.bicep @@ -1,4 +1,6 @@ -import { Context } from 'types.bicep' +import { Context } from 'br/Tricep:types:latest' +import { with_name } from 'br/Tricep:common/context:latest' +import { container_app_environment, container_app, container, with_app_logs, with_auto_scaling, with_environment } from 'br/Tricep:recommended/app/container-app:latest' targetScope = 'resourceGroup' @@ -6,96 +8,92 @@ param context Context param version string @secure() param registryUrl string +param customerId string +param sharedKey string var appName = 'app' -resource environment 'Microsoft.App/managedEnvironments@2024-03-01' = { - name: 'cea-${context.locationAbbreviation}-${context.environment}-${context.projectName}' - location: context.location - properties: { - appLogsConfiguration: { - destination: 'azure-monitor' - } - peerAuthentication: { - mtls: { - enabled: false +var environmentConfig = container_app_environment(with_name(context, 'app'), [ + with_app_logs(customerId, sharedKey) + { + properties: { + appLogsConfiguration: { + destination: 'azure-monitor' } - } - peerTrafficConfiguration: { - encryption: { - enabled: false + peerAuthentication: { + mtls: { + enabled: false + } + } + peerTrafficConfiguration: { + encryption: { + enabled: false + } } } } +]) +var appConfig = container_app( + with_name(context, 'app'), + [ + container('${context.project}-${appName}', '${registryUrl}/${context.project}-${appName}:${version}') + ], + [ + with_environment(environment.id) + with_auto_scaling(0, 1, { + ruleName: { + concurrentRequests: '10' + } + }) + { + properties: { + configuration: { + activeRevisionsMode: 'Single' + + ingress: { + external: true + targetPort: 3000 + transport: 'auto' + allowInsecure: false + traffic: [ + { + weight: 100 + latestRevision: true + } + ] + corsPolicy: { + allowedOrigins: [ + // 'https://localhost:3000' + '*' + ] + allowCredentials: true + allowedHeaders: ['*'] + allowedMethods: ['Get, POST'] + maxAge: 0 + } + } + + registries: [ + { + identity: 'system' + server: registryUrl + } + ] + } + } + } + ] +) + +resource environment 'Microsoft.App/managedEnvironments@2024-03-01' = { + name: environmentConfig.name + location: environmentConfig.location + properties: environmentConfig.properties } resource app 'Microsoft.App/containerApps@2024-03-01' = { - name: 'ca-${context.locationAbbreviation}-${context.environment}-${context.projectName}-app' - location: context.location - identity: { - type: 'SystemAssigned' - } - properties: { - environmentId: environment.id - - configuration: { - activeRevisionsMode: 'Single' - - ingress: { - external: true - targetPort: 3000 - transport: 'auto' - allowInsecure: false - traffic: [ - { - weight: 100 - latestRevision: true - } - ] - corsPolicy: { - allowedOrigins: [ - // 'https://localhost:3000' - '*' - ] - allowCredentials: true - allowedHeaders: ['*'] - allowedMethods: ['Get, POST'] - maxAge: 0 - } - } - registries: [ - { - identity: 'system' - server: registryUrl - } - ] - } - - template: { - containers: [ - { - image: '${registryUrl}/${context.projectName}-${appName}:${version}' - name: '${context.projectName}-${appName}' - resources: { - cpu: json('0.25') - memory: '0.5Gi' - } - } - ] - scale: { - minReplicas: 1 - maxReplicas: 2 - rules: [ - { - name: 'http-rule' - http: { - metadata: { - concurrentRequests: '50' - } - } - } - ] - } - } - } + name: appConfig.name + location: appConfig.location + identity: appConfig.identity + properties: appConfig.properties } diff --git a/infrastructure/bicepconfig.json b/infrastructure/bicepconfig.json index 09945bd..622d0de 100644 --- a/infrastructure/bicepconfig.json +++ b/infrastructure/bicepconfig.json @@ -7,5 +7,12 @@ "resourceTypedParamsAndOutputs": true, "sourceMapping": true, "symbolicNameCodegen": true + }, + "moduleAliases": { + "br": { + "Tricep": { + "registry": "acreuwprdtricep.azurecr.io" + } + } } } \ No newline at end of file diff --git a/infrastructure/main.bicep b/infrastructure/main.bicep index 6e207c5..5130d1b 100644 --- a/infrastructure/main.bicep +++ b/infrastructure/main.bicep @@ -1,8 +1,8 @@ -import { Context } from 'types.bicep' +import { create_context } from 'br/Tricep:common/context:latest' +import { resource_group } from 'br/Tricep:recommended/resources/resource-group:latest' targetScope = 'subscription' -param locationAbbreviation string param location string param environment string param projectName string @@ -11,17 +11,22 @@ param version string param registryUrl string param deployedAt string = utcNow('yyyyMMdd') -var context = { - locationAbbreviation: locationAbbreviation +var context = create_context({ + name: '' + project: projectName + nameConventionTemplate: '$type-$env-$loc-$project-$name' location: location environment: environment - projectName: projectName deployedAt: deployedAt -} + tenant: tenant() + tags: {} +}) + +var resourceGroupConfig = resource_group(context, []) resource calqueResourceGroup 'Microsoft.Resources/resourceGroups@2024-07-01' = { - name: 'rg-${locationAbbreviation}-${environment}-${projectName}' - location: location + name: resourceGroupConfig.name + location: resourceGroupConfig.location } module monitoring 'monitoring.bicep' = { diff --git a/infrastructure/monitoring.bicep b/infrastructure/monitoring.bicep index f057cd0..9740965 100644 --- a/infrastructure/monitoring.bicep +++ b/infrastructure/monitoring.bicep @@ -1,11 +1,17 @@ -import { Context } from 'types.bicep' +import { Context } from 'br/Tricep:types:latest' +import { with_managed_identity } from 'br/Tricep:common/identity:latest' +import { log_analytics } from 'br/Tricep:recommended/operational-insights/log-analytics:latest' targetScope = 'resourceGroup' param context Context -// resource monitoring 'Microsoft.___/___@___' = { -// name: '___-${context.locationAbbreviation}-${context.environment}-${context.projectName}' -// location: context.location -// properties: {} -// } +var logAnalyticsConfig = log_analytics(context, [ + with_managed_identity() +]) + +resource monitoring 'Microsoft.OperationalInsights/workspaces@2023-09-01' = { + name: logAnalyticsConfig.name + location: logAnalyticsConfig.location + properties: logAnalyticsConfig.properties +} diff --git a/infrastructure/params/prd.bicepparam b/infrastructure/params/prd.bicepparam index 5d93d34..06404bf 100644 --- a/infrastructure/params/prd.bicepparam +++ b/infrastructure/params/prd.bicepparam @@ -1,6 +1,5 @@ using '../main.bicep' -param locationAbbreviation = 'euw' param location = 'westeurope' param environment = 'prd' param projectName = 'calque' diff --git a/infrastructure/registry.bicep b/infrastructure/registry.bicep index a13abbf..dddded3 100644 --- a/infrastructure/registry.bicep +++ b/infrastructure/registry.bicep @@ -1,23 +1,28 @@ -import { Context } from 'types.bicep' +import { Context } from 'br/Tricep:types:latest' +import { with_managed_identity } from 'br/Tricep:common/identity:latest' +import { container_registry } from 'br/Tricep:recommended/container-registry/container-registry:latest' targetScope = 'resourceGroup' param context Context -resource registry 'Microsoft.ContainerRegistry/registries@2023-07-01' = { - name: 'acr${context.locationAbbreviation}${context.environment}${context.projectName}' - location: context.location - sku: { - name: 'Basic' - } - identity: { - type: 'SystemAssigned' - } - properties: { - adminUserEnabled: true - dataEndpointEnabled: false - encryption: { - status: 'disabled' +var registryConfig = container_registry(context, [ + with_managed_identity() + { + properties: { + adminUserEnabled: true + dataEndpointEnabled: false + encryption: { + status: 'disabled' + } } } +]) + +resource registry 'Microsoft.ContainerRegistry/registries@2023-07-01' = { + name: registryConfig.name + location: registryConfig.location + sku: registryConfig.sku + identity: registryConfig.identity + properties: registryConfig.properties } diff --git a/infrastructure/types.bicep b/infrastructure/types.bicep deleted file mode 100644 index 768ff80..0000000 --- a/infrastructure/types.bicep +++ /dev/null @@ -1,12 +0,0 @@ -@export() -type Context = { - @minLength(2) - locationAbbreviation: string - @minLength(2) - location: string - @minLength(3) - environment: string - @minLength(2) - projectName: string - deployedAt: string -} From e917ab12ed1afd24f00009a8f778dfb002f2b611 Mon Sep 17 00:00:00 2001 From: Chris Kruining Date: Thu, 28 Nov 2024 07:18:53 +0100 Subject: [PATCH 2/8] kaas --- infrastructure/app.bicep | 164 +++++++++++++-------------- infrastructure/bicepconfig.json | 7 ++ infrastructure/main.bicep | 21 ++-- infrastructure/monitoring.bicep | 18 ++- infrastructure/params/prd.bicepparam | 1 - infrastructure/registry.bicep | 35 +++--- infrastructure/types.bicep | 12 -- 7 files changed, 133 insertions(+), 125 deletions(-) delete mode 100644 infrastructure/types.bicep diff --git a/infrastructure/app.bicep b/infrastructure/app.bicep index 714568a..7510894 100644 --- a/infrastructure/app.bicep +++ b/infrastructure/app.bicep @@ -1,4 +1,6 @@ -import { Context } from 'types.bicep' +import { Context } from 'br/Tricep:types:latest' +import { with_name } from 'br/Tricep:common/context:latest' +import { container_app_environment, container_app, container, with_app_logs, with_auto_scaling, with_environment } from 'br/Tricep:recommended/app/container-app:latest' targetScope = 'resourceGroup' @@ -6,96 +8,92 @@ param context Context param version string @secure() param registryUrl string +param customerId string +param sharedKey string var appName = 'app' -resource environment 'Microsoft.App/managedEnvironments@2024-03-01' = { - name: 'cea-${context.locationAbbreviation}-${context.environment}-${context.projectName}' - location: context.location - properties: { - appLogsConfiguration: { - destination: 'azure-monitor' - } - peerAuthentication: { - mtls: { - enabled: false +var environmentConfig = container_app_environment(with_name(context, 'app'), [ + with_app_logs(customerId, sharedKey) + { + properties: { + appLogsConfiguration: { + destination: 'azure-monitor' } - } - peerTrafficConfiguration: { - encryption: { - enabled: false + peerAuthentication: { + mtls: { + enabled: false + } + } + peerTrafficConfiguration: { + encryption: { + enabled: false + } } } } +]) +var appConfig = container_app( + with_name(context, 'app'), + [ + container('${context.project}-${appName}', '${registryUrl}/${context.project}-${appName}:${version}') + ], + [ + with_environment(environment.id) + with_auto_scaling(0, 1, { + ruleName: { + concurrentRequests: '10' + } + }) + { + properties: { + configuration: { + activeRevisionsMode: 'Single' + + ingress: { + external: true + targetPort: 3000 + transport: 'auto' + allowInsecure: false + traffic: [ + { + weight: 100 + latestRevision: true + } + ] + corsPolicy: { + allowedOrigins: [ + // 'https://localhost:3000' + '*' + ] + allowCredentials: true + allowedHeaders: ['*'] + allowedMethods: ['Get, POST'] + maxAge: 0 + } + } + + registries: [ + { + identity: 'system' + server: registryUrl + } + ] + } + } + } + ] +) + +resource environment 'Microsoft.App/managedEnvironments@2024-03-01' = { + name: environmentConfig.name + location: environmentConfig.location + properties: environmentConfig.properties } resource app 'Microsoft.App/containerApps@2024-03-01' = { - name: 'ca-${context.locationAbbreviation}-${context.environment}-${context.projectName}-app' - location: context.location - identity: { - type: 'SystemAssigned' - } - properties: { - environmentId: environment.id - - configuration: { - activeRevisionsMode: 'Single' - - ingress: { - external: true - targetPort: 3000 - transport: 'auto' - allowInsecure: false - traffic: [ - { - weight: 100 - latestRevision: true - } - ] - corsPolicy: { - allowedOrigins: [ - // 'https://localhost:3000' - '*' - ] - allowCredentials: true - allowedHeaders: ['*'] - allowedMethods: ['Get, POST'] - maxAge: 0 - } - } - registries: [ - { - identity: 'system' - server: registryUrl - } - ] - } - - template: { - containers: [ - { - image: '${registryUrl}/${context.projectName}-${appName}:${version}' - name: '${context.projectName}-${appName}' - resources: { - cpu: json('0.25') - memory: '0.5Gi' - } - } - ] - scale: { - minReplicas: 1 - maxReplicas: 2 - rules: [ - { - name: 'http-rule' - http: { - metadata: { - concurrentRequests: '50' - } - } - } - ] - } - } - } + name: appConfig.name + location: appConfig.location + identity: appConfig.identity + properties: appConfig.properties } diff --git a/infrastructure/bicepconfig.json b/infrastructure/bicepconfig.json index 09945bd..622d0de 100644 --- a/infrastructure/bicepconfig.json +++ b/infrastructure/bicepconfig.json @@ -7,5 +7,12 @@ "resourceTypedParamsAndOutputs": true, "sourceMapping": true, "symbolicNameCodegen": true + }, + "moduleAliases": { + "br": { + "Tricep": { + "registry": "acreuwprdtricep.azurecr.io" + } + } } } \ No newline at end of file diff --git a/infrastructure/main.bicep b/infrastructure/main.bicep index 6e207c5..5130d1b 100644 --- a/infrastructure/main.bicep +++ b/infrastructure/main.bicep @@ -1,8 +1,8 @@ -import { Context } from 'types.bicep' +import { create_context } from 'br/Tricep:common/context:latest' +import { resource_group } from 'br/Tricep:recommended/resources/resource-group:latest' targetScope = 'subscription' -param locationAbbreviation string param location string param environment string param projectName string @@ -11,17 +11,22 @@ param version string param registryUrl string param deployedAt string = utcNow('yyyyMMdd') -var context = { - locationAbbreviation: locationAbbreviation +var context = create_context({ + name: '' + project: projectName + nameConventionTemplate: '$type-$env-$loc-$project-$name' location: location environment: environment - projectName: projectName deployedAt: deployedAt -} + tenant: tenant() + tags: {} +}) + +var resourceGroupConfig = resource_group(context, []) resource calqueResourceGroup 'Microsoft.Resources/resourceGroups@2024-07-01' = { - name: 'rg-${locationAbbreviation}-${environment}-${projectName}' - location: location + name: resourceGroupConfig.name + location: resourceGroupConfig.location } module monitoring 'monitoring.bicep' = { diff --git a/infrastructure/monitoring.bicep b/infrastructure/monitoring.bicep index f057cd0..9740965 100644 --- a/infrastructure/monitoring.bicep +++ b/infrastructure/monitoring.bicep @@ -1,11 +1,17 @@ -import { Context } from 'types.bicep' +import { Context } from 'br/Tricep:types:latest' +import { with_managed_identity } from 'br/Tricep:common/identity:latest' +import { log_analytics } from 'br/Tricep:recommended/operational-insights/log-analytics:latest' targetScope = 'resourceGroup' param context Context -// resource monitoring 'Microsoft.___/___@___' = { -// name: '___-${context.locationAbbreviation}-${context.environment}-${context.projectName}' -// location: context.location -// properties: {} -// } +var logAnalyticsConfig = log_analytics(context, [ + with_managed_identity() +]) + +resource monitoring 'Microsoft.OperationalInsights/workspaces@2023-09-01' = { + name: logAnalyticsConfig.name + location: logAnalyticsConfig.location + properties: logAnalyticsConfig.properties +} diff --git a/infrastructure/params/prd.bicepparam b/infrastructure/params/prd.bicepparam index 5d93d34..06404bf 100644 --- a/infrastructure/params/prd.bicepparam +++ b/infrastructure/params/prd.bicepparam @@ -1,6 +1,5 @@ using '../main.bicep' -param locationAbbreviation = 'euw' param location = 'westeurope' param environment = 'prd' param projectName = 'calque' diff --git a/infrastructure/registry.bicep b/infrastructure/registry.bicep index a13abbf..dddded3 100644 --- a/infrastructure/registry.bicep +++ b/infrastructure/registry.bicep @@ -1,23 +1,28 @@ -import { Context } from 'types.bicep' +import { Context } from 'br/Tricep:types:latest' +import { with_managed_identity } from 'br/Tricep:common/identity:latest' +import { container_registry } from 'br/Tricep:recommended/container-registry/container-registry:latest' targetScope = 'resourceGroup' param context Context -resource registry 'Microsoft.ContainerRegistry/registries@2023-07-01' = { - name: 'acr${context.locationAbbreviation}${context.environment}${context.projectName}' - location: context.location - sku: { - name: 'Basic' - } - identity: { - type: 'SystemAssigned' - } - properties: { - adminUserEnabled: true - dataEndpointEnabled: false - encryption: { - status: 'disabled' +var registryConfig = container_registry(context, [ + with_managed_identity() + { + properties: { + adminUserEnabled: true + dataEndpointEnabled: false + encryption: { + status: 'disabled' + } } } +]) + +resource registry 'Microsoft.ContainerRegistry/registries@2023-07-01' = { + name: registryConfig.name + location: registryConfig.location + sku: registryConfig.sku + identity: registryConfig.identity + properties: registryConfig.properties } diff --git a/infrastructure/types.bicep b/infrastructure/types.bicep deleted file mode 100644 index 768ff80..0000000 --- a/infrastructure/types.bicep +++ /dev/null @@ -1,12 +0,0 @@ -@export() -type Context = { - @minLength(2) - locationAbbreviation: string - @minLength(2) - location: string - @minLength(3) - environment: string - @minLength(2) - projectName: string - deployedAt: string -} From 8faa5c7d551f7d7fcc270b0d0340a4361b81657d Mon Sep 17 00:00:00 2001 From: Chris Kruining Date: Thu, 28 Nov 2024 10:40:39 +0100 Subject: [PATCH 3/8] getting an exception locally. seems there is a bug in the tricep output??? --- .github/workflows/app.yml | 3 ++ infrastructure/app.bicep | 82 +++++++++++++-------------------- infrastructure/bicepconfig.json | 8 +--- infrastructure/main.bicep | 3 +- infrastructure/monitoring.bicep | 1 + infrastructure/registry.bicep | 1 + 6 files changed, 39 insertions(+), 59 deletions(-) diff --git a/.github/workflows/app.yml b/.github/workflows/app.yml index dbbd9e1..9971ab8 100644 --- a/.github/workflows/app.yml +++ b/.github/workflows/app.yml @@ -76,6 +76,9 @@ jobs: sparse-checkout: | infrastructure + - name: Test bicep + run: az bicep build ./infrastructure/main.bicep + - name: Az CLI login uses: azure/login@v2 with: diff --git a/infrastructure/app.bicep b/infrastructure/app.bicep index 7510894..1e4ca7c 100644 --- a/infrastructure/app.bicep +++ b/infrastructure/app.bicep @@ -1,6 +1,15 @@ import { Context } from 'br/Tricep:types:latest' import { with_name } from 'br/Tricep:common/context:latest' -import { container_app_environment, container_app, container, with_app_logs, with_auto_scaling, with_environment } from 'br/Tricep:recommended/app/container-app:latest' +import { with_managed_identity } from 'br/Tricep:common/identity:latest' +import { + container_app_environment + container_app + container + with_public_access + with_app_logs + with_auto_scaling + with_environment +} from 'br/Tricep:recommended/app/container-app:latest' targetScope = 'resourceGroup' @@ -8,71 +17,42 @@ param context Context param version string @secure() param registryUrl string -param customerId string -param sharedKey string var appName = 'app' -var environmentConfig = container_app_environment(with_name(context, 'app'), [ - with_app_logs(customerId, sharedKey) - { - properties: { - appLogsConfiguration: { - destination: 'azure-monitor' - } - peerAuthentication: { - mtls: { - enabled: false - } - } - peerTrafficConfiguration: { - encryption: { - enabled: false - } - } - } - } -]) +var environmentConfig = container_app_environment(with_name(context, appName), []) var appConfig = container_app( - with_name(context, 'app'), + context, [ - container('${context.project}-${appName}', '${registryUrl}/${context.project}-${appName}:${version}') + container({ + name: '${context.project}-${appName}' + image: '${registryUrl}/${context.project}-${appName}:${version}' + }) ], [ + with_managed_identity() with_environment(environment.id) with_auto_scaling(0, 1, { ruleName: { concurrentRequests: '10' } }) + with_public_access({ + port: 3000 + cors: { + allowedOrigins: [ + // 'https://localhost:3000' + '*' + ] + allowCredentials: true + allowedHeaders: ['*'] + allowedMethods: ['Get, POST'] + maxAge: 0 + } + }) { properties: { configuration: { - activeRevisionsMode: 'Single' - - ingress: { - external: true - targetPort: 3000 - transport: 'auto' - allowInsecure: false - traffic: [ - { - weight: 100 - latestRevision: true - } - ] - corsPolicy: { - allowedOrigins: [ - // 'https://localhost:3000' - '*' - ] - allowCredentials: true - allowedHeaders: ['*'] - allowedMethods: ['Get, POST'] - maxAge: 0 - } - } - registries: [ { identity: 'system' @@ -88,12 +68,14 @@ var appConfig = container_app( resource environment 'Microsoft.App/managedEnvironments@2024-03-01' = { name: environmentConfig.name location: environmentConfig.location + tags: environmentConfig.tags properties: environmentConfig.properties } resource app 'Microsoft.App/containerApps@2024-03-01' = { name: appConfig.name location: appConfig.location + tags: appConfig.tags identity: appConfig.identity properties: appConfig.properties } diff --git a/infrastructure/bicepconfig.json b/infrastructure/bicepconfig.json index 622d0de..dc847c0 100644 --- a/infrastructure/bicepconfig.json +++ b/infrastructure/bicepconfig.json @@ -1,12 +1,6 @@ { "experimentalFeaturesEnabled": { - "assertions": true, - "testFramework": true, - "extensibility": true, - "resourceDerivedTypes": true, - "resourceTypedParamsAndOutputs": true, - "sourceMapping": true, - "symbolicNameCodegen": true + "resourceTypedParamsAndOutputs": true }, "moduleAliases": { "br": { diff --git a/infrastructure/main.bicep b/infrastructure/main.bicep index 5130d1b..31d0d79 100644 --- a/infrastructure/main.bicep +++ b/infrastructure/main.bicep @@ -12,9 +12,8 @@ param registryUrl string param deployedAt string = utcNow('yyyyMMdd') var context = create_context({ - name: '' project: projectName - nameConventionTemplate: '$type-$env-$loc-$project-$name' + nameConventionTemplate: '$type-$environment-$location-$project' location: location environment: environment deployedAt: deployedAt diff --git a/infrastructure/monitoring.bicep b/infrastructure/monitoring.bicep index 9740965..202f16c 100644 --- a/infrastructure/monitoring.bicep +++ b/infrastructure/monitoring.bicep @@ -13,5 +13,6 @@ var logAnalyticsConfig = log_analytics(context, [ resource monitoring 'Microsoft.OperationalInsights/workspaces@2023-09-01' = { name: logAnalyticsConfig.name location: logAnalyticsConfig.location + tags: logAnalyticsConfig.tags properties: logAnalyticsConfig.properties } diff --git a/infrastructure/registry.bicep b/infrastructure/registry.bicep index dddded3..1b45c5d 100644 --- a/infrastructure/registry.bicep +++ b/infrastructure/registry.bicep @@ -22,6 +22,7 @@ var registryConfig = container_registry(context, [ resource registry 'Microsoft.ContainerRegistry/registries@2023-07-01' = { name: registryConfig.name location: registryConfig.location + tags: registryConfig.tags sku: registryConfig.sku identity: registryConfig.identity properties: registryConfig.properties From 687f1e0a440f01cf7fdaaa9d0b339e88156f80a6 Mon Sep 17 00:00:00 2001 From: Chris Kruining Date: Thu, 28 Nov 2024 10:48:14 +0100 Subject: [PATCH 4/8] right --- .github/workflows/app.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/app.yml b/.github/workflows/app.yml index 9971ab8..fa0a6e7 100644 --- a/.github/workflows/app.yml +++ b/.github/workflows/app.yml @@ -1,6 +1,7 @@ name: Deploy App on: + workflow_dispatch: push: branches: - main From 569e7a4cef15e2dc587037c0f9e71a3e491f6531 Mon Sep 17 00:00:00 2001 From: Chris Kruining Date: Thu, 28 Nov 2024 10:53:37 +0100 Subject: [PATCH 5/8] attempt 2 --- .github/workflows/app.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/app.yml b/.github/workflows/app.yml index fa0a6e7..0e8d9fa 100644 --- a/.github/workflows/app.yml +++ b/.github/workflows/app.yml @@ -47,6 +47,9 @@ jobs: steps: - uses: actions/checkout@v4 + - name: Test bicep + run: az bicep build --file ./infrastructure/main.bicep --stdout + - name: Build container images run: | docker build . --file Dockerfile --tag ${{ secrets.ACR_LOGIN_SERVER }}/$IMAGE_NAME:${{needs.versionize.outputs.semver}} @@ -77,9 +80,6 @@ jobs: sparse-checkout: | infrastructure - - name: Test bicep - run: az bicep build ./infrastructure/main.bicep - - name: Az CLI login uses: azure/login@v2 with: From 007b812d7a2ffbbfa03ca5ec54cc2361ef93eecf Mon Sep 17 00:00:00 2001 From: Chris Kruining Date: Thu, 28 Nov 2024 11:22:56 +0100 Subject: [PATCH 6/8] tricep should be public... --- .github/workflows/app.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.github/workflows/app.yml b/.github/workflows/app.yml index 0e8d9fa..4cb64d9 100644 --- a/.github/workflows/app.yml +++ b/.github/workflows/app.yml @@ -47,6 +47,13 @@ jobs: steps: - uses: actions/checkout@v4 + - name: Az CLI login + uses: azure/login@v2 + with: + client-id: ${{ secrets.CALQUE_PRD_CLIENT_ID }} + tenant-id: ${{ secrets.CALQUE_PRD_TENANT_ID }} + subscription-id: ${{ secrets.CALQUE_PRD_SUBSCRIPTION_ID }} + - name: Test bicep run: az bicep build --file ./infrastructure/main.bicep --stdout From fa86609db9b34d60a20007a875d36ab596bb28a1 Mon Sep 17 00:00:00 2001 From: Chris Kruining Date: Thu, 28 Nov 2024 11:31:07 +0100 Subject: [PATCH 7/8] next try --- .github/workflows/app.yml | 13 ++++--------- infrastructure/bicepconfig.json | 6 ++++++ 2 files changed, 10 insertions(+), 9 deletions(-) diff --git a/.github/workflows/app.yml b/.github/workflows/app.yml index 4cb64d9..46c7739 100644 --- a/.github/workflows/app.yml +++ b/.github/workflows/app.yml @@ -47,15 +47,11 @@ jobs: steps: - uses: actions/checkout@v4 - - name: Az CLI login - uses: azure/login@v2 - with: - client-id: ${{ secrets.CALQUE_PRD_CLIENT_ID }} - tenant-id: ${{ secrets.CALQUE_PRD_TENANT_ID }} - subscription-id: ${{ secrets.CALQUE_PRD_SUBSCRIPTION_ID }} - - name: Test bicep - run: az bicep build --file ./infrastructure/main.bicep --stdout + uses: Azure/cli@v2 + with: + inlineScript: | + az bicep build --file ./infrastructure/main.bicep --stdout - name: Build container images run: | @@ -97,7 +93,6 @@ jobs: - name: Deploy bicep uses: Azure/cli@v2 with: - azcliversion: 2.66.0 inlineScript: | az deployment sub create \ --location westeurope \ diff --git a/infrastructure/bicepconfig.json b/infrastructure/bicepconfig.json index dc847c0..9812ce7 100644 --- a/infrastructure/bicepconfig.json +++ b/infrastructure/bicepconfig.json @@ -8,5 +8,11 @@ "registry": "acreuwprdtricep.azurecr.io" } } + }, + "cloud": { + "currentProfile": "AzureCloud", + "credentialPrecedence": [ + "AzureCLI" + ] } } \ No newline at end of file From f301f384d7d333f84c066be6a0c5fd1c41154fe1 Mon Sep 17 00:00:00 2001 From: Chris Kruining Date: Tue, 3 Dec 2024 08:44:51 +0100 Subject: [PATCH 8/8] bug repro --- infrastructure/repro.bicep | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 infrastructure/repro.bicep diff --git a/infrastructure/repro.bicep b/infrastructure/repro.bicep new file mode 100644 index 0000000..965826c --- /dev/null +++ b/infrastructure/repro.bicep @@ -0,0 +1,12 @@ +import { + container + resources_xxs +} from 'br/Tricep:recommended/app/container-app:latest' + +targetScope = 'resourceGroup' + +var container1 = container({ + name: 'name' + image: 'registry/project-app:latest' + resources: resources_xxs +})