-
Notifications
You must be signed in to change notification settings - Fork 154
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
1d7d471
commit e587fbd
Showing
17 changed files
with
1,971 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,63 @@ | ||
on: | ||
workflow_dispatch: | ||
push: | ||
branches: | ||
- main | ||
|
||
# https://learn.microsoft.com/en-us/azure/developer/github/connect-from-azure?tabs=azure-portal%2Clinux#set-up-azure-login-with-openid-connect-authentication | ||
permissions: | ||
id-token: write | ||
contents: read | ||
|
||
jobs: | ||
build: | ||
runs-on: ubuntu-latest | ||
container: | ||
image: mcr.microsoft.com/azure-dev-cli-apps:latest | ||
env: | ||
AZURE_CLIENT_ID: ${{ vars.AZURE_CLIENT_ID }} | ||
AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }} | ||
AZURE_ENV_NAME: ${{ vars.AZURE_ENV_NAME }} | ||
AZURE_LOCATION: ${{ vars.AZURE_LOCATION }} | ||
AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }} | ||
AZURE_TENANT_ID: ${{ vars.AZURE_TENANT_ID }} | ||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@v3 | ||
|
||
- name: Log in with Azure (Federated Credentials) | ||
if: ${{ env.AZURE_CLIENT_ID != '' }} | ||
run: | | ||
azd auth login ` | ||
--client-id "$Env:AZURE_CLIENT_ID" ` | ||
--federated-credential-provider "github" ` | ||
--tenant-id "$Env:AZURE_TENANT_ID" | ||
shell: pwsh | ||
|
||
- name: Log in with Azure (Client Credentials) | ||
if: ${{ env.AZURE_CREDENTIALS != '' }} | ||
run: | | ||
$info = $Env:AZURE_CREDENTIALS | ConvertFrom-Json -AsHashtable; | ||
Write-Host "::add-mask::$($info.clientSecret)" | ||
azd auth login ` | ||
--client-id "$($info.clientId)" ` | ||
--client-secret "$($info.clientSecret)" ` | ||
--tenant-id "$($info.tenantId)" | ||
shell: pwsh | ||
env: | ||
AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }} | ||
|
||
- name: Provision Azure Resources - Azure Container Apps, Container Registry, Azure Monitor, Log Analytics | ||
run: azd provision --no-prompt | ||
env: | ||
AZURE_ENV_NAME: ${{ vars.AZURE_ENV_NAME }} | ||
AZURE_LOCATION: ${{ vars.AZURE_LOCATION }} | ||
AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }} | ||
|
||
- name: Deploy changes to Azure Container Apps | ||
run: azd deploy --no-prompt | ||
env: | ||
AZURE_ENV_NAME: ${{ vars.AZURE_ENV_NAME }} | ||
AZURE_LOCATION: ${{ vars.AZURE_LOCATION }} | ||
AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
FROM python:3.10 | ||
|
||
COPY . . | ||
|
||
RUN pip install --no-cache-dir --upgrade -r requirements.txt | ||
|
||
CMD ["sh", "-c", "uvicorn main:app --host 0.0.0.0 --port ${PORT:-${WEBSITES_PORT:-8080}}"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
# yaml-language-server: $schema=https://raw.githubusercontent.com/Azure/azure-dev/main/schemas/v1.0/azure.yaml.json | ||
|
||
name: openai-plugin-fastapi | ||
metadata: | ||
template: openai-plugin-fastapi@0.0.1-beta | ||
services: | ||
api: | ||
project: . | ||
host: containerapp | ||
language: python |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,135 @@ | ||
{ | ||
"analysisServicesServers": "as", | ||
"apiManagementService": "apim-", | ||
"appConfigurationConfigurationStores": "appcs-", | ||
"appManagedEnvironments": "cae-", | ||
"appContainerApps": "ca-", | ||
"authorizationPolicyDefinitions": "policy-", | ||
"automationAutomationAccounts": "aa-", | ||
"blueprintBlueprints": "bp-", | ||
"blueprintBlueprintsArtifacts": "bpa-", | ||
"cacheRedis": "redis-", | ||
"cdnProfiles": "cdnp-", | ||
"cdnProfilesEndpoints": "cdne-", | ||
"cognitiveServicesAccounts": "cog-", | ||
"cognitiveServicesFormRecognizer": "cog-fr-", | ||
"cognitiveServicesTextAnalytics": "cog-ta-", | ||
"computeAvailabilitySets": "avail-", | ||
"computeCloudServices": "cld-", | ||
"computeDiskEncryptionSets": "des", | ||
"computeDisks": "disk", | ||
"computeDisksOs": "osdisk", | ||
"computeGalleries": "gal", | ||
"computeSnapshots": "snap-", | ||
"computeVirtualMachines": "vm", | ||
"computeVirtualMachineScaleSets": "vmss-", | ||
"containerInstanceContainerGroups": "ci", | ||
"containerRegistryRegistries": "cr", | ||
"containerServiceManagedClusters": "aks-", | ||
"databricksWorkspaces": "dbw-", | ||
"dataFactoryFactories": "adf-", | ||
"dataLakeAnalyticsAccounts": "dla", | ||
"dataLakeStoreAccounts": "dls", | ||
"dataMigrationServices": "dms-", | ||
"dBforMySQLServers": "mysql-", | ||
"dBforPostgreSQLServers": "psql-", | ||
"devicesIotHubs": "iot-", | ||
"devicesProvisioningServices": "provs-", | ||
"devicesProvisioningServicesCertificates": "pcert-", | ||
"documentDBDatabaseAccounts": "cosmos-", | ||
"eventGridDomains": "evgd-", | ||
"eventGridDomainsTopics": "evgt-", | ||
"eventGridEventSubscriptions": "evgs-", | ||
"eventHubNamespaces": "evhns-", | ||
"eventHubNamespacesEventHubs": "evh-", | ||
"hdInsightClustersHadoop": "hadoop-", | ||
"hdInsightClustersHbase": "hbase-", | ||
"hdInsightClustersKafka": "kafka-", | ||
"hdInsightClustersMl": "mls-", | ||
"hdInsightClustersSpark": "spark-", | ||
"hdInsightClustersStorm": "storm-", | ||
"hybridComputeMachines": "arcs-", | ||
"insightsActionGroups": "ag-", | ||
"insightsComponents": "appi-", | ||
"keyVaultVaults": "kv-", | ||
"kubernetesConnectedClusters": "arck", | ||
"kustoClusters": "dec", | ||
"kustoClustersDatabases": "dedb", | ||
"logicIntegrationAccounts": "ia-", | ||
"logicWorkflows": "logic-", | ||
"machineLearningServicesWorkspaces": "mlw-", | ||
"managedIdentityUserAssignedIdentities": "id-", | ||
"managementManagementGroups": "mg-", | ||
"migrateAssessmentProjects": "migr-", | ||
"networkApplicationGateways": "agw-", | ||
"networkApplicationSecurityGroups": "asg-", | ||
"networkAzureFirewalls": "afw-", | ||
"networkBastionHosts": "bas-", | ||
"networkConnections": "con-", | ||
"networkDnsZones": "dnsz-", | ||
"networkExpressRouteCircuits": "erc-", | ||
"networkFirewallPolicies": "afwp-", | ||
"networkFirewallPoliciesWebApplication": "waf", | ||
"networkFirewallPoliciesRuleGroups": "wafrg", | ||
"networkFrontDoors": "fd-", | ||
"networkFrontdoorWebApplicationFirewallPolicies": "fdfp-", | ||
"networkLoadBalancersExternal": "lbe-", | ||
"networkLoadBalancersInternal": "lbi-", | ||
"networkLoadBalancersInboundNatRules": "rule-", | ||
"networkLocalNetworkGateways": "lgw-", | ||
"networkNatGateways": "ng-", | ||
"networkNetworkInterfaces": "nic-", | ||
"networkNetworkSecurityGroups": "nsg-", | ||
"networkNetworkSecurityGroupsSecurityRules": "nsgsr-", | ||
"networkNetworkWatchers": "nw-", | ||
"networkPrivateDnsZones": "pdnsz-", | ||
"networkPrivateLinkServices": "pl-", | ||
"networkPublicIPAddresses": "pip-", | ||
"networkPublicIPPrefixes": "ippre-", | ||
"networkRouteFilters": "rf-", | ||
"networkRouteTables": "rt-", | ||
"networkRouteTablesRoutes": "udr-", | ||
"networkTrafficManagerProfiles": "traf-", | ||
"networkVirtualNetworkGateways": "vgw-", | ||
"networkVirtualNetworks": "vnet-", | ||
"networkVirtualNetworksSubnets": "snet-", | ||
"networkVirtualNetworksVirtualNetworkPeerings": "peer-", | ||
"networkVirtualWans": "vwan-", | ||
"networkVpnGateways": "vpng-", | ||
"networkVpnGatewaysVpnConnections": "vcn-", | ||
"networkVpnGatewaysVpnSites": "vst-", | ||
"notificationHubsNamespaces": "ntfns-", | ||
"notificationHubsNamespacesNotificationHubs": "ntf-", | ||
"operationalInsightsWorkspaces": "log-", | ||
"portalDashboards": "dash-", | ||
"powerBIDedicatedCapacities": "pbi-", | ||
"purviewAccounts": "pview-", | ||
"recoveryServicesVaults": "rsv-", | ||
"resourcesResourceGroups": "rg-", | ||
"searchSearchServices": "srch-", | ||
"serviceBusNamespaces": "sb-", | ||
"serviceBusNamespacesQueues": "sbq-", | ||
"serviceBusNamespacesTopics": "sbt-", | ||
"serviceEndPointPolicies": "se-", | ||
"serviceFabricClusters": "sf-", | ||
"signalRServiceSignalR": "sigr", | ||
"sqlManagedInstances": "sqlmi-", | ||
"sqlServers": "sql-", | ||
"sqlServersDataWarehouse": "sqldw-", | ||
"sqlServersDatabases": "sqldb-", | ||
"sqlServersDatabasesStretch": "sqlstrdb-", | ||
"storageStorageAccounts": "st", | ||
"storageStorageAccountsVm": "stvm", | ||
"storSimpleManagers": "ssimp", | ||
"streamAnalyticsCluster": "asa-", | ||
"synapseWorkspaces": "syn", | ||
"synapseWorkspacesAnalyticsWorkspaces": "synw", | ||
"synapseWorkspacesSqlPoolsDedicated": "syndp", | ||
"synapseWorkspacesSqlPoolsSpark": "synsp", | ||
"timeSeriesInsightsEnvironments": "tsi-", | ||
"webServerFarms": "plan-", | ||
"webSitesAppService": "app-", | ||
"webSitesAppServiceEnvironment": "ase-", | ||
"webSitesFunctions": "func-", | ||
"webStaticSites": "stapp-" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
param name string | ||
param location string = resourceGroup().location | ||
param tags object = {} | ||
|
||
param identityName string | ||
param applicationInsightsName string | ||
param containerAppsEnvironmentName string | ||
param containerRegistryName string | ||
param serviceName string = 'api' | ||
param exists bool | ||
|
||
resource apiIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2023-01-31' = { | ||
name: identityName | ||
location: location | ||
} | ||
|
||
module app '../core/host/container-app-upsert.bicep' = { | ||
name: '${serviceName}-container-app' | ||
params: { | ||
name: name | ||
location: location | ||
tags: union(tags, { 'azd-service-name': serviceName }) | ||
identityName: identityName | ||
exists: exists | ||
containerAppsEnvironmentName: containerAppsEnvironmentName | ||
containerRegistryName: containerRegistryName | ||
env: [ | ||
{ | ||
name: 'AZURE_CLIENT_ID' | ||
value: apiIdentity.properties.clientId | ||
} | ||
{ | ||
name: 'APPLICATIONINSIGHTS_CONNECTION_STRING' | ||
value: applicationInsights.properties.ConnectionString | ||
} | ||
] | ||
targetPort: 8080 | ||
} | ||
} | ||
|
||
resource applicationInsights 'Microsoft.Insights/components@2020-02-02' existing = { | ||
name: applicationInsightsName | ||
} | ||
|
||
output SERVICE_API_IDENTITY_PRINCIPAL_ID string = apiIdentity.properties.principalId | ||
output SERVICE_API_NAME string = app.outputs.name | ||
output SERVICE_API_URI string = app.outputs.uri | ||
output SERVICE_API_IMAGE_NAME string = app.outputs.imageName |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,50 @@ | ||
param name string | ||
param location string = resourceGroup().location | ||
param tags object = {} | ||
|
||
param containerAppsEnvironmentName string | ||
param containerName string = 'main' | ||
param containerRegistryName string | ||
param secrets array = [] | ||
param env array = [] | ||
param external bool = true | ||
param targetPort int = 80 | ||
param exists bool | ||
|
||
@description('User assigned identity name') | ||
param identityName string = '' | ||
|
||
@description('CPU cores allocated to a single container instance, e.g. 0.5') | ||
param containerCpuCoreCount string = '0.5' | ||
|
||
@description('Memory allocated to a single container instance, e.g. 1Gi') | ||
param containerMemory string = '1.0Gi' | ||
|
||
resource existingApp 'Microsoft.App/containerApps@2022-03-01' existing = if (exists) { | ||
name: name | ||
} | ||
|
||
module app 'container-app.bicep' = { | ||
name: '${deployment().name}-update' | ||
params: { | ||
name: name | ||
location: location | ||
tags: tags | ||
identityName: identityName | ||
containerName: containerName | ||
containerAppsEnvironmentName: containerAppsEnvironmentName | ||
containerRegistryName: containerRegistryName | ||
containerCpuCoreCount: containerCpuCoreCount | ||
containerMemory: containerMemory | ||
secrets: secrets | ||
external: external | ||
env: env | ||
imageName: exists ? existingApp.properties.template.containers[0].image : '' | ||
targetPort: targetPort | ||
} | ||
} | ||
|
||
output defaultDomain string = app.outputs.defaultDomain | ||
output imageName string = app.outputs.imageName | ||
output name string = app.outputs.name | ||
output uri string = app.outputs.uri |
Oops, something went wrong.