App fingerprinting finetuning/polish

[savannahostrowski]

Using this basic app for a case study https://github.com/savannahostrowski/cinest

Updates we should make...

Before 9/20

• The standard .gitignore for Python automatically adds lib/ as this is a subdirectory in venv. We should update our lib/ in infra/ to not conflict with this naming
• Consider adding common troubleshooting at the top of next-steps.md
  • Call out that the ports may need to be updated
  • Env variables used in api.bicep need to match the app right away)
  • Needed to update paths for API requests in front-end to use back-end container URL (a bit of a chicken and egg problem)
  • Explore how we can better direct users to update package.json or similar in their app to add what Oryx expects (e.g. a start script is needed and there's no Google-able results for users to debug this). At the very least, we should add to the top of next-steps.md
• Consider updating to check for asyncpg for Postgres DB detection

By Ignite:

• Advance to preview
• Spike on how we enable static frontend apps for simplified init #2750
• Improve UX of flowing API keys/env vars through infrastructure #2739
• Add more prompts for configuring DB/env vars in init flow #2740
• "Does not have secrets get permission on key vault" after azd in GHA #2742

Post Ignite:

• Support for managed add-ons - e.g. Redis running in container
• Support for overriding recommended services

[weikanglim]

Typing on mobile since home internet isn't working, apologies for the conciseness and simplistic formatting:

• Ports and DB. We may consider prompting early on for the desired values, as this is more aligned with progressive disclosure than the alternative. In dotnet, we can safely provide a default. If we want this experience to be better, we'd also want to offer different types of variable settings. A single psql connection string or discrete db properties.
• Back-end reference: We do provide an env var for the front end to reference the backend in the form of API_BASE_URL. This could be also exported to local env and have instructions in nextsteps.md on how to consume.
• Oryx treatment of static front-ends: this needs discussion with Oryx team. The current flow is not idiomatic and actually goes against most dev expectations.
• KeyVault CI/CD: may be able to adjust the bicep to PATCH instead of PUT. I suspect the same issue currently exists with other todo apps that uses secretOrRandomPassword.
• Secrets: there's two pathways, one is storing in CI provider and referencing via env var as done above. Alternative is to add it to the KeyVault. There's an overarching question here on whether azd's over-simplistic assumption that you can provision secrets and app in a single bicep deployment is the way to go long term. This may deserve it's own write-up.