diff --git a/Environments/eShop/main.bicep b/Environments/eShop/main.bicep new file mode 100644 index 00000000..68454945 --- /dev/null +++ b/Environments/eShop/main.bicep @@ -0,0 +1,43 @@ +@minLength(1) +@maxLength(64) +@description('Name of the environment that can be used as part of naming resource convention, the name of the resource group for your application will use this name, prefixed with rg-') +param environmentName string + +@minLength(1) +@description('The location used for all deployed resources') +param location string + +@secure() +@metadata({azd: { + type: 'inputs' + autoGenerate: { + eventbus: { + password: { len: 10 } + } + postgres: { + password: { len: 10 } + } + }} +}) +param inputs object + +var tags = { + 'azd-env-name': environmentName +} + +module resources 'resources.bicep' = { + name: 'resources' + params: { + location: location + tags: tags + inputs: inputs + } +} + +output MANAGED_IDENTITY_CLIENT_ID string = resources.outputs.MANAGED_IDENTITY_CLIENT_ID +output MANAGED_IDENTITY_NAME string = resources.outputs.MANAGED_IDENTITY_NAME +output AZURE_LOG_ANALYTICS_WORKSPACE_NAME string = resources.outputs.AZURE_LOG_ANALYTICS_WORKSPACE_NAME +output AZURE_CONTAINER_REGISTRY_ENDPOINT string = resources.outputs.AZURE_CONTAINER_REGISTRY_ENDPOINT +output AZURE_CONTAINER_REGISTRY_MANAGED_IDENTITY_ID string = resources.outputs.AZURE_CONTAINER_REGISTRY_MANAGED_IDENTITY_ID +output AZURE_CONTAINER_APPS_ENVIRONMENT_ID string = resources.outputs.AZURE_CONTAINER_APPS_ENVIRONMENT_ID +output AZURE_CONTAINER_APPS_ENVIRONMENT_DEFAULT_DOMAIN string = resources.outputs.AZURE_CONTAINER_APPS_ENVIRONMENT_DEFAULT_DOMAIN diff --git a/Environments/eShop/manifest.yaml b/Environments/eShop/manifest.yaml new file mode 100644 index 00000000..b3fa119a --- /dev/null +++ b/Environments/eShop/manifest.yaml @@ -0,0 +1,21 @@ +name: eShop +version: 1.0.0 +summary: eShop Reference Application +description: eShop Reference Application - "Northern Mountains" +runner: ARM +templatePath: azuredeploy.json + +parameters: +- id: "environmentName" + name: "Environment Name (e.g. test)" + description: "Name of the Environment" + type: "string" + required: false + default: "test" + +- id: "location" + name: "Region (e.g. eastus)" + description: "Region" + type: "string" + required: false + default: "eastus" diff --git a/Environments/eShop/resources.bicep b/Environments/eShop/resources.bicep new file mode 100644 index 00000000..7730fc8b --- /dev/null +++ b/Environments/eShop/resources.bicep @@ -0,0 +1,194 @@ +@description('The location used for all deployed resources') +param location string = resourceGroup().location + +@description('Tags that will be applied to all resources') +param tags object = {} +@secure() +param inputs object + + +var resourceToken = uniqueString(resourceGroup().id) + +resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2023-01-31' = { + name: 'mi-${resourceToken}' + location: location + tags: tags +} + +resource containerRegistry 'Microsoft.ContainerRegistry/registries@2023-07-01' = { + name: replace('acr-${resourceToken}', '-', '') + location: location + sku: { + name: 'Basic' + } + properties: { + adminUserEnabled: true + } + tags: tags +} + +resource caeMiRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = { + name: guid(containerRegistry.id, managedIdentity.id, subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '7f951dda-4ed3-4680-a7ca-43fe172d538d')) + scope: containerRegistry + properties: { + principalId: managedIdentity.properties.principalId + principalType: 'ServicePrincipal' + roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '7f951dda-4ed3-4680-a7ca-43fe172d538d') + } +} + +resource logAnalyticsWorkspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { + name: 'law-${resourceToken}' + location: location + properties: { + sku: { + name: 'PerGB2018' + } + } + tags: tags +} + +resource containerAppEnvironment 'Microsoft.App/managedEnvironments@2023-05-01' = { + name: 'cae-${resourceToken}' + location: location + properties: { + appLogsConfiguration: { + destination: 'log-analytics' + logAnalyticsConfiguration: { + customerId: logAnalyticsWorkspace.properties.customerId + sharedKey: logAnalyticsWorkspace.listKeys().primarySharedKey + } + } + } + tags: tags +} + +resource eventbus 'Microsoft.App/containerApps@2023-05-02-preview' = { + name: 'eventbus' + location: location + properties: { + environmentId: containerAppEnvironment.id + configuration: { + activeRevisionsMode: 'Single' + ingress: { + external: false + targetPort: 5672 + transport: 'tcp' + } + secrets: [ + { + name: 'rabbitmq-default-pass' + value: inputs.eventbus.password + } + ] + } + template: { + containers: [ + { + image: 'rabbitmq:3' + name: 'eventbus' + env: [ + { + name: 'RABBITMQ_DEFAULT_USER' + value: 'guest' + } + { + name: 'RABBITMQ_DEFAULT_PASS' + secretRef: 'rabbitmq-default-pass' + } + ] + } + ] + scale: { + minReplicas: 1 + } + } + } + tags: union(tags, {'aspire-resource-name': 'eventbus'}) +} + +resource postgres 'Microsoft.App/containerApps@2023-05-02-preview' = { + name: 'postgres' + location: location + properties: { + environmentId: containerAppEnvironment.id + configuration: { + activeRevisionsMode: 'Single' + ingress: { + external: false + targetPort: 5432 + transport: 'tcp' + } + secrets: [ + { + name: 'postgres-password' + value: inputs.postgres.password + } + ] + } + template: { + containers: [ + { + image: 'ankane/pgvector:latest' + name: 'postgres' + env: [ + { + name: 'POSTGRES_HOST_AUTH_METHOD' + value: 'scram-sha-256' + } + { + name: 'POSTGRES_INITDB_ARGS' + value: '--auth-host=scram-sha-256 --auth-local=scram-sha-256' + } + { + name: 'POSTGRES_PASSWORD' + secretRef: 'postgres-password' + } + ] + } + ] + scale: { + minReplicas: 1 + } + } + } + tags: union(tags, {'aspire-resource-name': 'postgres'}) +} + +resource redis 'Microsoft.App/containerApps@2023-05-02-preview' = { + name: 'redis' + location: location + properties: { + environmentId: containerAppEnvironment.id + configuration: { + activeRevisionsMode: 'Single' + ingress: { + external: false + targetPort: 6379 + transport: 'tcp' + } + } + template: { + containers: [ + { + image: 'redis:7.2.4' + name: 'redis' + } + ] + scale: { + minReplicas: 1 + } + } + } + tags: union(tags, {'aspire-resource-name': 'redis'}) +} + +output MANAGED_IDENTITY_CLIENT_ID string = managedIdentity.properties.clientId +output MANAGED_IDENTITY_NAME string = managedIdentity.name +output MANAGED_IDENTITY_PRINCIPAL_ID string = managedIdentity.properties.principalId +output AZURE_LOG_ANALYTICS_WORKSPACE_NAME string = logAnalyticsWorkspace.name +output AZURE_LOG_ANALYTICS_WORKSPACE_ID string = logAnalyticsWorkspace.id +output AZURE_CONTAINER_REGISTRY_ENDPOINT string = containerRegistry.properties.loginServer +output AZURE_CONTAINER_REGISTRY_MANAGED_IDENTITY_ID string = managedIdentity.id +output AZURE_CONTAINER_APPS_ENVIRONMENT_ID string = containerAppEnvironment.id +output AZURE_CONTAINER_APPS_ENVIRONMENT_DEFAULT_DOMAIN string = containerAppEnvironment.properties.defaultDomain