add eShop template

luxu-ms · Apr 10, 2024 · 73102a1 · 73102a1
1 parent 42cc361
commit 73102a1
Show file tree

Hide file tree

Showing 3 changed files with 258 additions and 0 deletions.
diff --git a/Environments/eShop/main.bicep b/Environments/eShop/main.bicep
@@ -0,0 +1,43 @@
+@minLength(1)
+@maxLength(64)
+@description('Name of the environment that can be used as part of naming resource convention, the name of the resource group for your application will use this name, prefixed with rg-')
+param environmentName string
+
+@minLength(1)
+@description('The location used for all deployed resources')
+param location string
+
+@secure()
+@metadata({azd: {
+  type: 'inputs'
+  autoGenerate: {
+    eventbus: {
+      password: { len: 10 }
+    }
+    postgres: {
+      password: { len: 10 }
+    }
+  }}
+})
+param inputs object
+
+var tags = {
+  'azd-env-name': environmentName
+}
+
+module resources 'resources.bicep' = {
+  name: 'resources'
+  params: {
+    location: location
+    tags: tags
+    inputs: inputs
+  }
+}
+
+output MANAGED_IDENTITY_CLIENT_ID string = resources.outputs.MANAGED_IDENTITY_CLIENT_ID
+output MANAGED_IDENTITY_NAME string = resources.outputs.MANAGED_IDENTITY_NAME
+output AZURE_LOG_ANALYTICS_WORKSPACE_NAME string = resources.outputs.AZURE_LOG_ANALYTICS_WORKSPACE_NAME
+output AZURE_CONTAINER_REGISTRY_ENDPOINT string = resources.outputs.AZURE_CONTAINER_REGISTRY_ENDPOINT
+output AZURE_CONTAINER_REGISTRY_MANAGED_IDENTITY_ID string = resources.outputs.AZURE_CONTAINER_REGISTRY_MANAGED_IDENTITY_ID
+output AZURE_CONTAINER_APPS_ENVIRONMENT_ID string = resources.outputs.AZURE_CONTAINER_APPS_ENVIRONMENT_ID
+output AZURE_CONTAINER_APPS_ENVIRONMENT_DEFAULT_DOMAIN string = resources.outputs.AZURE_CONTAINER_APPS_ENVIRONMENT_DEFAULT_DOMAIN
diff --git a/Environments/eShop/manifest.yaml b/Environments/eShop/manifest.yaml
@@ -0,0 +1,21 @@
+name: eShop
+version: 1.0.0
+summary: eShop Reference Application
+description: eShop Reference Application - "Northern Mountains"
+runner: ARM
+templatePath: azuredeploy.json
+
+parameters:
+- id: "environmentName"
+  name: "Environment Name (e.g. test)"
+  description: "Name of the Environment"
+  type: "string"
+  required: false
+  default: "test"
+
+- id: "location"
+  name: "Region (e.g. eastus)"
+  description: "Region"
+  type: "string"
+  required: false
+  default: "eastus"
diff --git a/Environments/eShop/resources.bicep b/Environments/eShop/resources.bicep
@@ -0,0 +1,194 @@
+@description('The location used for all deployed resources')
+param location string = resourceGroup().location
+
+@description('Tags that will be applied to all resources')
+param tags object = {}
+@secure()
+param inputs object
+
+
+var resourceToken = uniqueString(resourceGroup().id)
+
+resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2023-01-31' = {
+  name: 'mi-${resourceToken}'
+  location: location
+  tags: tags
+}
+
+resource containerRegistry 'Microsoft.ContainerRegistry/registries@2023-07-01' = {
+  name: replace('acr-${resourceToken}', '-', '')
+  location: location
+  sku: {
+    name: 'Basic'
+  }
+  properties: {
+    adminUserEnabled: true
+  }
+  tags: tags
+}
+
+resource caeMiRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
+  name: guid(containerRegistry.id, managedIdentity.id, subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '7f951dda-4ed3-4680-a7ca-43fe172d538d'))
+  scope: containerRegistry
+  properties: {
+    principalId: managedIdentity.properties.principalId
+    principalType: 'ServicePrincipal'
+    roleDefinitionId:  subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '7f951dda-4ed3-4680-a7ca-43fe172d538d')
+  }
+}
+
+resource logAnalyticsWorkspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = {
+  name: 'law-${resourceToken}'
+  location: location
+  properties: {
+    sku: {
+      name: 'PerGB2018'
+    }
+  }
+  tags: tags
+}
+
+resource containerAppEnvironment 'Microsoft.App/managedEnvironments@2023-05-01' = {
+  name: 'cae-${resourceToken}'
+  location: location
+  properties: {
+    appLogsConfiguration: {
+      destination: 'log-analytics'
+      logAnalyticsConfiguration: {
+        customerId: logAnalyticsWorkspace.properties.customerId
+        sharedKey: logAnalyticsWorkspace.listKeys().primarySharedKey
+      }
+    }
+  }
+  tags: tags
+}
+
+resource eventbus 'Microsoft.App/containerApps@2023-05-02-preview' = {
+  name: 'eventbus'
+  location: location
+  properties: {
+    environmentId: containerAppEnvironment.id
+    configuration: {
+      activeRevisionsMode: 'Single'
+      ingress: {
+        external: false
+        targetPort: 5672
+        transport: 'tcp'
+      }
+      secrets: [
+        {
+          name: 'rabbitmq-default-pass'
+          value: inputs.eventbus.password
+        }    
+      ]
+    }
+    template: {
+      containers: [
+        {
+          image: 'rabbitmq:3'
+          name: 'eventbus'
+          env: [
+            {
+              name: 'RABBITMQ_DEFAULT_USER'
+              value: 'guest'
+            }
+            {
+              name: 'RABBITMQ_DEFAULT_PASS'
+              secretRef: 'rabbitmq-default-pass'
+            }
+          ]
+        }
+      ]
+      scale: {
+        minReplicas: 1
+      }
+    }
+  }
+  tags: union(tags, {'aspire-resource-name': 'eventbus'})
+}
+
+resource postgres 'Microsoft.App/containerApps@2023-05-02-preview' = {
+  name: 'postgres'
+  location: location
+  properties: {
+    environmentId: containerAppEnvironment.id
+    configuration: {
+      activeRevisionsMode: 'Single'
+      ingress: {
+        external: false
+        targetPort: 5432
+        transport: 'tcp'
+      }
+      secrets: [
+        {
+          name: 'postgres-password'
+          value: inputs.postgres.password
+        }    
+      ]
+    }
+    template: {
+      containers: [
+        {
+          image: 'ankane/pgvector:latest'
+          name: 'postgres'
+          env: [
+            {
+              name: 'POSTGRES_HOST_AUTH_METHOD'
+              value: 'scram-sha-256'
+            }
+            {
+              name: 'POSTGRES_INITDB_ARGS'
+              value: '--auth-host=scram-sha-256 --auth-local=scram-sha-256'
+            }
+            {
+              name: 'POSTGRES_PASSWORD'
+              secretRef: 'postgres-password'
+            }
+          ]
+        }
+      ]
+      scale: {
+        minReplicas: 1
+      }
+    }
+  }
+  tags: union(tags, {'aspire-resource-name': 'postgres'})
+}
+
+resource redis 'Microsoft.App/containerApps@2023-05-02-preview' = {
+  name: 'redis'
+  location: location
+  properties: {
+    environmentId: containerAppEnvironment.id
+    configuration: {
+      activeRevisionsMode: 'Single'
+      ingress: {
+        external: false
+        targetPort: 6379
+        transport: 'tcp'
+      }
+    }
+    template: {
+      containers: [
+        {
+          image: 'redis:7.2.4'
+          name: 'redis'
+        }
+      ]
+      scale: {
+        minReplicas: 1
+      }
+    }
+  }
+  tags: union(tags, {'aspire-resource-name': 'redis'})
+}
+
+output MANAGED_IDENTITY_CLIENT_ID string = managedIdentity.properties.clientId
+output MANAGED_IDENTITY_NAME string = managedIdentity.name
+output MANAGED_IDENTITY_PRINCIPAL_ID string = managedIdentity.properties.principalId
+output AZURE_LOG_ANALYTICS_WORKSPACE_NAME string = logAnalyticsWorkspace.name
+output AZURE_LOG_ANALYTICS_WORKSPACE_ID string = logAnalyticsWorkspace.id
+output AZURE_CONTAINER_REGISTRY_ENDPOINT string = containerRegistry.properties.loginServer
+output AZURE_CONTAINER_REGISTRY_MANAGED_IDENTITY_ID string = managedIdentity.id
+output AZURE_CONTAINER_APPS_ENVIRONMENT_ID string = containerAppEnvironment.id
+output AZURE_CONTAINER_APPS_ENVIRONMENT_DEFAULT_DOMAIN string = containerAppEnvironment.properties.defaultDomain