Compare commits
	
		
			12 commits
		
	
	
		
			main
			...
			feature/sw
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
|  | 663e7a5f30 | ||
|  | f301f384d7 | ||
|  | 47872137e0 | ||
|  | 5b52bdbd7f | ||
|  | fa86609db9 | ||
|  | 007b812d7a | ||
|  | 569e7a4cef | ||
|  | 687f1e0a44 | ||
|  | 8faa5c7d55 | ||
|  | 99844d1537 | ||
|  | e917ab12ed | ||
|  | 22c733d8da | 
					 9 changed files with 144 additions and 136 deletions
				
			
		
							
								
								
									
										7
									
								
								.github/workflows/app.yml
									
										
									
									
										vendored
									
									
								
							
							
						
						
									
										7
									
								
								.github/workflows/app.yml
									
										
									
									
										vendored
									
									
								
							|  | @ -47,6 +47,12 @@ jobs: | ||||||
|     steps: |     steps: | ||||||
|       - uses: actions/checkout@v4 |       - uses: actions/checkout@v4 | ||||||
| 
 | 
 | ||||||
|  |       - name: Test bicep | ||||||
|  |         uses: Azure/cli@v2 | ||||||
|  |         with: | ||||||
|  |           inlineScript: | | ||||||
|  |             az bicep build --file ./infrastructure/main.bicep --stdout | ||||||
|  | 
 | ||||||
|       - name: Build container images |       - name: Build container images | ||||||
|         run: | |         run: | | ||||||
|           docker build . --file Dockerfile --tag ${{ secrets.ACR_LOGIN_SERVER }}/$IMAGE_NAME:${{needs.versionize.outputs.semver}} |           docker build . --file Dockerfile --tag ${{ secrets.ACR_LOGIN_SERVER }}/$IMAGE_NAME:${{needs.versionize.outputs.semver}} | ||||||
|  | @ -87,7 +93,6 @@ jobs: | ||||||
|       - name: Deploy bicep |       - name: Deploy bicep | ||||||
|         uses: Azure/cli@v2 |         uses: Azure/cli@v2 | ||||||
|         with: |         with: | ||||||
|           azcliversion: 2.66.0 |  | ||||||
|           inlineScript: | |           inlineScript: | | ||||||
|             az deployment sub create \ |             az deployment sub create \ | ||||||
|               --location westeurope \ |               --location westeurope \ | ||||||
|  |  | ||||||
|  | @ -1,4 +1,15 @@ | ||||||
| import { Context } from 'types.bicep' | import { Context } from 'br/Tricep:types:latest' | ||||||
|  | import { with_name } from 'br/Tricep:common/context:latest' | ||||||
|  | import { with_managed_identity } from 'br/Tricep:common/identity:latest' | ||||||
|  | import { | ||||||
|  |   container_app_environment | ||||||
|  |   container_app | ||||||
|  |   container | ||||||
|  |   with_public_access | ||||||
|  |   with_app_logs | ||||||
|  |   with_auto_scaling | ||||||
|  |   with_environment | ||||||
|  | } from 'br/Tricep:recommended/app/container-app:latest' | ||||||
| 
 | 
 | ||||||
| targetScope = 'resourceGroup' | targetScope = 'resourceGroup' | ||||||
| 
 | 
 | ||||||
|  | @ -9,93 +20,62 @@ param registryUrl string | ||||||
| 
 | 
 | ||||||
| var appName = 'app' | var appName = 'app' | ||||||
| 
 | 
 | ||||||
|  | var environmentConfig = container_app_environment(with_name(context, appName), []) | ||||||
|  | var appConfig = container_app( | ||||||
|  |   context, | ||||||
|  |   [ | ||||||
|  |     container({ | ||||||
|  |       name: '${context.project}-${appName}' | ||||||
|  |       image: '${registryUrl}/${context.project}-${appName}:${version}' | ||||||
|  |     }) | ||||||
|  |   ], | ||||||
|  |   [ | ||||||
|  |     with_managed_identity() | ||||||
|  |     with_environment(environment.id) | ||||||
|  |     with_auto_scaling(0, 1, { | ||||||
|  |       ruleName: { | ||||||
|  |         concurrentRequests: '10' | ||||||
|  |       } | ||||||
|  |     }) | ||||||
|  |     with_public_access({ | ||||||
|  |       port: 3000 | ||||||
|  |       cors: { | ||||||
|  |         allowedOrigins: [ | ||||||
|  |           // 'https://localhost:3000' | ||||||
|  |           '*' | ||||||
|  |         ] | ||||||
|  |         allowCredentials: true | ||||||
|  |         allowedHeaders: ['*'] | ||||||
|  |         allowedMethods: ['Get, POST'] | ||||||
|  |         maxAge: 0 | ||||||
|  |       } | ||||||
|  |     }) | ||||||
|  |     { | ||||||
|  |       properties: { | ||||||
|  |         configuration: { | ||||||
|  |           registries: [ | ||||||
|  |             { | ||||||
|  |               identity: 'system' | ||||||
|  |               server: registryUrl | ||||||
|  |             } | ||||||
|  |           ] | ||||||
|  |         } | ||||||
|  |       } | ||||||
|  |     } | ||||||
|  |   ] | ||||||
|  | ) | ||||||
|  | 
 | ||||||
| resource environment 'Microsoft.App/managedEnvironments@2024-03-01' = { | resource environment 'Microsoft.App/managedEnvironments@2024-03-01' = { | ||||||
|   name: 'cea-${context.locationAbbreviation}-${context.environment}-${context.projectName}' |   name: environmentConfig.name | ||||||
|   location: context.location |   location: environmentConfig.location | ||||||
|   properties: { |   tags: environmentConfig.tags | ||||||
|     appLogsConfiguration: { |   properties: environmentConfig.properties | ||||||
|       destination: 'azure-monitor' |  | ||||||
|     } |  | ||||||
|     peerAuthentication: { |  | ||||||
|       mtls: { |  | ||||||
|         enabled: false |  | ||||||
|       } |  | ||||||
|     } |  | ||||||
|     peerTrafficConfiguration: { |  | ||||||
|       encryption: { |  | ||||||
|         enabled: false |  | ||||||
|       } |  | ||||||
|     } |  | ||||||
|   } |  | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| resource app 'Microsoft.App/containerApps@2024-03-01' = { | resource app 'Microsoft.App/containerApps@2024-03-01' = { | ||||||
|   name: 'ca-${context.locationAbbreviation}-${context.environment}-${context.projectName}-app' |   name: appConfig.name | ||||||
|   location: context.location |   location: appConfig.location | ||||||
|   identity: { |   tags: appConfig.tags | ||||||
|     type: 'SystemAssigned' |   identity: appConfig.identity | ||||||
|   } |   properties: appConfig.properties | ||||||
|   properties: { |  | ||||||
|     environmentId: environment.id |  | ||||||
| 
 |  | ||||||
|     configuration: { |  | ||||||
|       activeRevisionsMode: 'Single' |  | ||||||
| 
 |  | ||||||
|       ingress: { |  | ||||||
|         external: true |  | ||||||
|         targetPort: 3000 |  | ||||||
|         transport: 'auto' |  | ||||||
|         allowInsecure: false |  | ||||||
|         traffic: [ |  | ||||||
|           { |  | ||||||
|             weight: 100 |  | ||||||
|             latestRevision: true |  | ||||||
|           } |  | ||||||
|         ] |  | ||||||
|         corsPolicy: { |  | ||||||
|           allowedOrigins: [ |  | ||||||
|             // 'https://localhost:3000' |  | ||||||
|             '*' |  | ||||||
|           ] |  | ||||||
|           allowCredentials: true |  | ||||||
|           allowedHeaders: ['*'] |  | ||||||
|           allowedMethods: ['Get, POST'] |  | ||||||
|           maxAge: 0 |  | ||||||
|         } |  | ||||||
|       } |  | ||||||
|       registries: [ |  | ||||||
|         { |  | ||||||
|           identity: 'system' |  | ||||||
|           server: registryUrl |  | ||||||
|         } |  | ||||||
|       ] |  | ||||||
|     } |  | ||||||
| 
 |  | ||||||
|     template: { |  | ||||||
|       containers: [ |  | ||||||
|         { |  | ||||||
|           image: '${registryUrl}/${context.projectName}-${appName}:${version}' |  | ||||||
|           name: '${context.projectName}-${appName}' |  | ||||||
|           resources: { |  | ||||||
|             cpu: json('0.25') |  | ||||||
|             memory: '0.5Gi' |  | ||||||
|           } |  | ||||||
|         } |  | ||||||
|       ] |  | ||||||
|       scale: { |  | ||||||
|         minReplicas: 1 |  | ||||||
|         maxReplicas: 2 |  | ||||||
|         rules: [ |  | ||||||
|           { |  | ||||||
|             name: 'http-rule' |  | ||||||
|             http: { |  | ||||||
|               metadata: { |  | ||||||
|                 concurrentRequests: '50' |  | ||||||
|               } |  | ||||||
|             } |  | ||||||
|           } |  | ||||||
|         ] |  | ||||||
|       } |  | ||||||
|     } |  | ||||||
|   } |  | ||||||
| } | } | ||||||
|  |  | ||||||
|  | @ -1,11 +1,18 @@ | ||||||
| { | { | ||||||
|     "experimentalFeaturesEnabled": { |     "experimentalFeaturesEnabled": { | ||||||
|         "assertions": true, |         "resourceTypedParamsAndOutputs": true | ||||||
|         "testFramework": true, |     }, | ||||||
|         "extensibility": true, |     "moduleAliases": { | ||||||
|         "resourceDerivedTypes": true, |         "br": { | ||||||
|         "resourceTypedParamsAndOutputs": true, |             "Tricep": { | ||||||
|         "sourceMapping": true, |                 "registry": "acreuwprdtricep.azurecr.io" | ||||||
|         "symbolicNameCodegen": true |             } | ||||||
|  |         } | ||||||
|  |     }, | ||||||
|  |     "cloud": { | ||||||
|  |         "currentProfile": "AzureCloud", | ||||||
|  |         "credentialPrecedence": [ | ||||||
|  |             "AzureCLI" | ||||||
|  |         ] | ||||||
|     } |     } | ||||||
| } | } | ||||||
|  | @ -1,8 +1,8 @@ | ||||||
| import { Context } from 'types.bicep' | import { create_context } from 'br/Tricep:common/context:latest' | ||||||
|  | import { resource_group } from 'br/Tricep:recommended/resources/resource-group:latest' | ||||||
| 
 | 
 | ||||||
| targetScope = 'subscription' | targetScope = 'subscription' | ||||||
| 
 | 
 | ||||||
| param locationAbbreviation string |  | ||||||
| param location string | param location string | ||||||
| param environment string | param environment string | ||||||
| param projectName string | param projectName string | ||||||
|  | @ -11,17 +11,21 @@ param version string | ||||||
| param registryUrl string | param registryUrl string | ||||||
| param deployedAt string = utcNow('yyyyMMdd') | param deployedAt string = utcNow('yyyyMMdd') | ||||||
| 
 | 
 | ||||||
| var context = { | var context = create_context({ | ||||||
|   locationAbbreviation: locationAbbreviation |   project: projectName | ||||||
|  |   nameConventionTemplate: '$type-$environment-$location-$project' | ||||||
|   location: location |   location: location | ||||||
|   environment: environment |   environment: environment | ||||||
|   projectName: projectName |  | ||||||
|   deployedAt: deployedAt |   deployedAt: deployedAt | ||||||
| } |   tenant: tenant() | ||||||
|  |   tags: {} | ||||||
|  | }) | ||||||
|  | 
 | ||||||
|  | var resourceGroupConfig = resource_group(context, []) | ||||||
| 
 | 
 | ||||||
| resource calqueResourceGroup 'Microsoft.Resources/resourceGroups@2024-07-01' = { | resource calqueResourceGroup 'Microsoft.Resources/resourceGroups@2024-07-01' = { | ||||||
|   name: 'rg-${locationAbbreviation}-${environment}-${projectName}' |   name: resourceGroupConfig.name | ||||||
|   location: location |   location: resourceGroupConfig.location | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| module monitoring 'monitoring.bicep' = { | module monitoring 'monitoring.bicep' = { | ||||||
|  |  | ||||||
|  | @ -1,11 +1,18 @@ | ||||||
| import { Context } from 'types.bicep' | import { Context } from 'br/Tricep:types:latest' | ||||||
|  | import { with_managed_identity } from 'br/Tricep:common/identity:latest' | ||||||
|  | import { log_analytics } from 'br/Tricep:recommended/operational-insights/log-analytics:latest' | ||||||
| 
 | 
 | ||||||
| targetScope = 'resourceGroup' | targetScope = 'resourceGroup' | ||||||
| 
 | 
 | ||||||
| param context Context | param context Context | ||||||
| 
 | 
 | ||||||
| // resource monitoring 'Microsoft.___/___@___' = { | var logAnalyticsConfig = log_analytics(context, [ | ||||||
| //   name: '___-${context.locationAbbreviation}-${context.environment}-${context.projectName}' |   with_managed_identity() | ||||||
| //   location: context.location | ]) | ||||||
| //   properties: {} | 
 | ||||||
| // } | resource monitoring 'Microsoft.OperationalInsights/workspaces@2023-09-01' = { | ||||||
|  |   name: logAnalyticsConfig.name | ||||||
|  |   location: logAnalyticsConfig.location | ||||||
|  |   tags: logAnalyticsConfig.tags | ||||||
|  |   properties: logAnalyticsConfig.properties | ||||||
|  | } | ||||||
|  |  | ||||||
|  | @ -1,6 +1,5 @@ | ||||||
| using '../main.bicep' | using '../main.bicep' | ||||||
| 
 | 
 | ||||||
| param locationAbbreviation = 'euw' |  | ||||||
| param location = 'westeurope' | param location = 'westeurope' | ||||||
| param environment = 'prd' | param environment = 'prd' | ||||||
| param projectName = 'calque' | param projectName = 'calque' | ||||||
|  |  | ||||||
|  | @ -1,23 +1,29 @@ | ||||||
| import { Context } from 'types.bicep' | import { Context } from 'br/Tricep:types:latest' | ||||||
|  | import { with_managed_identity } from 'br/Tricep:common/identity:latest' | ||||||
|  | import { container_registry } from 'br/Tricep:recommended/container-registry/container-registry:latest' | ||||||
| 
 | 
 | ||||||
| targetScope = 'resourceGroup' | targetScope = 'resourceGroup' | ||||||
| 
 | 
 | ||||||
| param context Context | param context Context | ||||||
| 
 | 
 | ||||||
| resource registry 'Microsoft.ContainerRegistry/registries@2023-07-01' = { | var registryConfig = container_registry(context, [ | ||||||
|   name: 'acr${context.locationAbbreviation}${context.environment}${context.projectName}' |   with_managed_identity() | ||||||
|   location: context.location |   { | ||||||
|   sku: { |     properties: { | ||||||
|     name: 'Basic' |       adminUserEnabled: true | ||||||
|   } |       dataEndpointEnabled: false | ||||||
|   identity: { |       encryption: { | ||||||
|     type: 'SystemAssigned' |         status: 'disabled' | ||||||
|   } |       } | ||||||
|   properties: { |  | ||||||
|     adminUserEnabled: true |  | ||||||
|     dataEndpointEnabled: false |  | ||||||
|     encryption: { |  | ||||||
|       status: 'disabled' |  | ||||||
|     } |     } | ||||||
|   } |   } | ||||||
|  | ]) | ||||||
|  | 
 | ||||||
|  | resource registry 'Microsoft.ContainerRegistry/registries@2023-07-01' = { | ||||||
|  |   name: registryConfig.name | ||||||
|  |   location: registryConfig.location | ||||||
|  |   tags: registryConfig.tags | ||||||
|  |   sku: registryConfig.sku | ||||||
|  |   identity: registryConfig.identity | ||||||
|  |   properties: registryConfig.properties | ||||||
| } | } | ||||||
|  |  | ||||||
							
								
								
									
										12
									
								
								infrastructure/repro.bicep
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										12
									
								
								infrastructure/repro.bicep
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,12 @@ | ||||||
|  | import { | ||||||
|  |   container | ||||||
|  |   resources_xxs | ||||||
|  | } from 'br/Tricep:recommended/app/container-app:latest' | ||||||
|  | 
 | ||||||
|  | targetScope = 'resourceGroup' | ||||||
|  | 
 | ||||||
|  | var container1 = container({ | ||||||
|  |   name: 'name' | ||||||
|  |   image: 'registry/project-app:latest' | ||||||
|  |   resources: resources_xxs | ||||||
|  | }) | ||||||
|  | @ -1,12 +0,0 @@ | ||||||
| @export() |  | ||||||
| type Context = { |  | ||||||
|   @minLength(2) |  | ||||||
|   locationAbbreviation: string |  | ||||||
|   @minLength(2) |  | ||||||
|   location: string |  | ||||||
|   @minLength(3) |  | ||||||
|   environment: string |  | ||||||
|   @minLength(2) |  | ||||||
|   projectName: string |  | ||||||
|   deployedAt: string |  | ||||||
| } |  | ||||||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue