diff --git a/.github/workflows/deploy-dev.yml b/.github/workflows/deploy-dev.yml new file mode 100644 index 0000000..48ec4d6 --- /dev/null +++ b/.github/workflows/deploy-dev.yml @@ -0,0 +1,12 @@ +on: + workflow_dispatch: + push: + branches: + - main + +jobs: + deploy-development: + uses: ./.github/workflows/deploy.yml + secrets: inherit + with: + AZURE_ENV_NAME: dev diff --git a/.github/workflows/deploy-prd.yml b/.github/workflows/deploy-prd.yml new file mode 100644 index 0000000..93a9a7f --- /dev/null +++ b/.github/workflows/deploy-prd.yml @@ -0,0 +1,12 @@ +on: + workflow_dispatch: + push: + branches: + - main + +jobs: + deploy-development: + uses: ./.github/workflows/deploy.yml + secrets: inherit + with: + AZURE_ENV_NAME: prd diff --git a/.github/workflows/azure-dev.yml b/.github/workflows/deploy.yml similarity index 60% rename from .github/workflows/azure-dev.yml rename to .github/workflows/deploy.yml index b017f0b..eee55e4 100644 --- a/.github/workflows/azure-dev.yml +++ b/.github/workflows/deploy.yml @@ -1,11 +1,15 @@ on: - workflow_dispatch: - push: - # Run when commits are pushed to mainline branch (main or master) - # Set this to the mainline branch you are using - branches: - - main - - master + workflow_call: + inputs: + AZURE_ENV_NAME: + required: true + type: string + secrets: + AUTH_CLIENT_ID: + required: false + + AUTH_CLIENT_SECRET: + required: false # GitHub Actions workflow to deploy to Azure using azd # To configure required secrets for connecting to Azure, simply run `azd pipeline config` @@ -19,12 +23,14 @@ permissions: jobs: build: runs-on: ubuntu-latest + environment: ${{ inputs.AZURE_ENV_NAME }} env: - AZURE_CLIENT_ID: ${{ vars.AZURE_CLIENT_ID }} - AZURE_TENANT_ID: ${{ vars.AZURE_TENANT_ID }} - AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }} - AZURE_ENV_NAME: ${{ vars.AZURE_ENV_NAME }} - AZURE_LOCATION: ${{ vars.AZURE_LOCATION }} + AZURE_CLIENT_ID: ${{ vars.AZURE_CLIENT_ID}} + AZURE_TENANT_ID: ${{ vars.AZURE_TENANT_ID}} + AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID}} + AZURE_ENV_NAME: ${{ inputs.AZURE_ENV_NAME }} + AZURE_LOCATION: australiaeast + steps: - name: Checkout uses: actions/checkout@v4 @@ -47,7 +53,6 @@ jobs: run: pnpm install - name: Log in with Azure (Federated Credentials) - if: ${{ env.AZURE_CLIENT_ID != '' }} run: | azd auth login ` --client-id "$Env:AZURE_CLIENT_ID" ` @@ -55,24 +60,9 @@ jobs: --tenant-id "$Env:AZURE_TENANT_ID" shell: pwsh - - name: Log in with Azure (Client Credentials) - if: ${{ env.AZURE_CREDENTIALS != '' }} - run: | - $info = $Env:AZURE_CREDENTIALS | ConvertFrom-Json -AsHashtable; - Write-Host "::add-mask::$($info.clientSecret)" - - azd auth login ` - --client-id "$($info.clientId)" ` - --client-secret "$($info.clientSecret)" ` - --tenant-id "$($info.tenantId)" - shell: pwsh - env: - AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }} - - name: Provision Infrastructure run: azd provision --no-prompt env: - AZD_INITIAL_ENVIRONMENT_CONFIG: ${{ secrets.AZD_INITIAL_ENVIRONMENT_CONFIG }} AUTH_CLIENT_ID: ${{ secrets.AUTH_CLIENT_ID }} AUTH_CLIENT_SECRET: ${{ secrets.AUTH_CLIENT_SECRET }} diff --git a/azure.yaml b/azure.yaml index e66bd2a..9c14901 100644 --- a/azure.yaml +++ b/azure.yaml @@ -1,11 +1,11 @@ # yaml-language-server: $schema=https://raw.githubusercontent.com/Azure/azure-dev/main/schemas/v1.0/azure.yaml.json -name: ddd-2024 +name: ddd metadata: template: azd-init@1.9.5 services: - ddd-2024: + ddd: project: . host: containerapp language: ts diff --git a/infra/app/ddd-2024.bicep b/infra/app/ddd.bicep similarity index 100% rename from infra/app/ddd-2024.bicep rename to infra/app/ddd.bicep diff --git a/infra/main.bicep b/infra/main.bicep index a46a2af..db6090d 100644 --- a/infra/main.bicep +++ b/infra/main.bicep @@ -9,9 +9,9 @@ param environmentName string @description('Primary location for all resources') param location string -param ddd2024Exists bool +param dddExists bool @secure() -param ddd2024Definition object +param dddDefinition object param authClientId string @secure() @@ -31,9 +31,10 @@ var tags = { var abbrs = loadJsonContent('./abbreviations.json') var resourceToken = toLower(uniqueString(subscription().id, environmentName, location)) +var prefix = 'dddperth' resource rg 'Microsoft.Resources/resourceGroups@2022-09-01' = { - name: 'rg-${environmentName}' + name: '${prefix}-rg-${environmentName}' location: location tags: tags } @@ -43,8 +44,8 @@ module monitoring './shared/monitoring.bicep' = { params: { location: location tags: tags - logAnalyticsName: '${abbrs.operationalInsightsWorkspaces}${resourceToken}' - applicationInsightsName: '${abbrs.insightsComponents}${resourceToken}' + logAnalyticsName: '${prefix}-${abbrs.operationalInsightsWorkspaces}${resourceToken}' + applicationInsightsName: '${prefix}-${abbrs.insightsComponents}${resourceToken}' } scope: rg } @@ -52,7 +53,7 @@ module monitoring './shared/monitoring.bicep' = { module dashboard './shared/dashboard-web.bicep' = { name: 'dashboard' params: { - name: '${abbrs.portalDashboards}${resourceToken}' + name: '${prefix}-${abbrs.portalDashboards}${resourceToken}' applicationInsightsName: monitoring.outputs.applicationInsightsName location: location tags: tags @@ -65,7 +66,7 @@ module registry './shared/registry.bicep' = { params: { location: location tags: tags - name: '${abbrs.containerRegistryRegistries}${resourceToken}' + name: '${prefix}-${abbrs.containerRegistryRegistries}${resourceToken}' } scope: rg } @@ -75,7 +76,7 @@ module keyVault './shared/keyvault.bicep' = { params: { location: location tags: tags - name: '${abbrs.keyVaultVaults}${resourceToken}' + name: '${prefix}-${abbrs.keyVaultVaults}${resourceToken}' principalId: principalId } scope: rg @@ -84,7 +85,7 @@ module keyVault './shared/keyvault.bicep' = { module appsEnv './shared/apps-env.bicep' = { name: 'apps-env' params: { - name: '${abbrs.appManagedEnvironments}${resourceToken}' + name: '${prefix}-${abbrs.appManagedEnvironments}${resourceToken}' location: location tags: tags applicationInsightsName: monitoring.outputs.applicationInsightsName @@ -93,18 +94,18 @@ module appsEnv './shared/apps-env.bicep' = { scope: rg } -module ddd2024 './app/ddd-2024.bicep' = { - name: 'ddd-2024' +module ddd './app/ddd.bicep' = { + name: 'ddd' params: { - name: '${abbrs.appContainerApps}ddd-2024-${resourceToken}' + name: '${prefix}-${abbrs.appContainerApps}ddd-${resourceToken}' location: location tags: tags - identityName: '${abbrs.managedIdentityUserAssignedIdentities}ddd-2024-${resourceToken}' + identityName: '${prefix}-${abbrs.managedIdentityUserAssignedIdentities}ddd-${resourceToken}' applicationInsightsName: monitoring.outputs.applicationInsightsName containerAppsEnvironmentName: appsEnv.outputs.name containerRegistryName: registry.outputs.name - exists: ddd2024Exists - appDefinition: ddd2024Definition + exists: dddExists + appDefinition: dddDefinition environment: environmentName authClientId: authClientId authClientSecret: authClientSecret diff --git a/next-steps.md b/next-steps.md index 23a040c..b5c6c8b 100644 --- a/next-steps.md +++ b/next-steps.md @@ -22,8 +22,8 @@ Configure environment variables for running services by updating `settings` in [ ### Configure CI/CD pipeline 1. Create a workflow pipeline file locally. The following starters are available: - - [Deploy with GitHub Actions](https://github.com/Azure-Samples/azd-starter-bicep/blob/main/.github/workflows/azure-dev.yml) - - [Deploy with Azure Pipelines](https://github.com/Azure-Samples/azd-starter-bicep/blob/main/.azdo/pipelines/azure-dev.yml) + - [Deploy with GitHub Actions](https://github.com/Azure-Samples/azd-starter-bicep/blob/main/.github/workflows/azure-dev.yml) + - [Deploy with Azure Pipelines](https://github.com/Azure-Samples/azd-starter-bicep/blob/main/.azdo/pipelines/azure-dev.yml) 2. Run `azd pipeline config` to configure the deployment pipeline to connect securely to Azure. ## What was added @@ -43,10 +43,10 @@ To describe the infrastructure and application, `azure.yaml` along with Infrastr Each bicep file declares resources to be provisioned. The resources are provisioned when running `azd up` or `azd provision`. -- [app/ddd-2024.bicep](./infra/app/ddd-2024.bicep) - Azure Container Apps resources to host the 'ddd-2024' service. -- [shared/keyvault.bicep](./infra/shared/keyvault.bicep) - Azure KeyVault to store secrets. -- [shared/monitoring.bicep](./infra/shared/monitoring.bicep) - Azure Log Analytics workspace and Application Insights to log and store instrumentation logs. -- [shared/registry.bicep](./infra/shared/registry.bicep) - Azure Container Registry to store docker images. +- [app/dddperth.bicep](./infra/app/dddperth.bicep) - Azure Container Apps resources to host the 'dddperth' service. +- [shared/keyvault.bicep](./infra/shared/keyvault.bicep) - Azure KeyVault to store secrets. +- [shared/monitoring.bicep](./infra/shared/monitoring.bicep) - Azure Log Analytics workspace and Application Insights to log and store instrumentation logs. +- [shared/registry.bicep](./infra/shared/registry.bicep) - Azure Container Registry to store docker images. More information about [Bicep](https://aka.ms/bicep) language. @@ -59,7 +59,7 @@ If your project does not contain a Dockerfile, we will use [Buildpacks](https:// To produce and run the docker image locally: 1. Run `azd package` to build the image. -2. Copy the *Image Tag* shown. +2. Copy the _Image Tag_ shown. 3. Run `docker run -it ` to run the image locally. #### Exposed port @@ -71,7 +71,7 @@ Oryx will automatically set `PORT` to a default value of `80` (port `8080` for J ## Billing -Visit the *Cost Management + Billing* page in Azure Portal to track current spend. For more information about how you're billed, and how you can monitor the costs incurred in your Azure subscriptions, visit [billing overview](https://learn.microsoft.com/azure/developer/intro/azure-developer-billing). +Visit the _Cost Management + Billing_ page in Azure Portal to track current spend. For more information about how you're billed, and how you can monitor the costs incurred in your Azure subscriptions, visit [billing overview](https://learn.microsoft.com/azure/developer/intro/azure-developer-billing). ## Troubleshooting @@ -84,9 +84,9 @@ A: Your service may have failed to start, or it may be missing some configuratio 3. Click on the failing revision under "Revisions with Issues". 4. Review "Status details" for more information about the type of failure. 5. Observe the log outputs from Console log stream and System log stream to identify any errors. -6. If logs are written to disk, use *Console* in the navigation to connect to a shell within the running container. +6. If logs are written to disk, use _Console_ in the navigation to connect to a shell within the running container. -For more troubleshooting information, visit [Container Apps troubleshooting](https://learn.microsoft.com/azure/container-apps/troubleshooting). +For more troubleshooting information, visit [Container Apps troubleshooting](https://learn.microsoft.com/azure/container-apps/troubleshooting). ### Additional information