An Azure Function App for flushing items out of Akamai's cache using Fast Purge.
The API of the app has been documented using OpenAPI 3.0 Specification. The file is available in the repo - swagger.yml. To view the file in an online editor, click this link. Note: there is no link between the editor and the repository. Any changes made in the editor will not be saved back to the repository.
- Install the appropriate version of Azure Functions Core Tools version 2.x for your development platform of choice
- Clone the repository -
git clone https://github.com/nhsuk/cache-flush.git - Install npm dependencies -
npm install - Rename example.local.settings.json to local.settings.json. Edit the file to include valid values. Akamai's documentation provides details on how to setup API credentials.
- Start the Function app -
func start
Deployments to all environments are fully automated and are tested to confirm the deployment has been successful as part of the deployment process. Therefore, if the deployment job succeeds you can be confident the application is working.
Deployments are configured via azure-pipelines.yml and run within the nhsuk.utilities project. The pipeline is not public. In order to view it a login is required. The deployed applications are protected using the standard function app authorisation mechanism i.e. authorization keys. The keys are maintained as secrets to prevent abuse and unwanted use.
Review environments are deployed for every PR and are available at
https://nhsuk-cache-flush-func-dev-uks-pr-<PR_NUMBER>.azurewebsites.net/.
When a PR is merged into master the review environment will be deleted.
Merges to master generate a deployment to the integration environment.
The creation of a release generates a deployment to the staging environment.
Deployments to production are only possible if the change has been deployed to the staging environment. The deployment to production must be approved. Using approvals enables a pause between the deployment to staging and the deployment to production. It is often necessary to seek a sign-off prior to deploying to production and this setup allows that to happen.
Environment variables are expected to be managed by the environment in which
the application is being run. This is best practice as described by
twelve-factor. Environment variables are stored
in an instance of Azure keyvault and retrieved
by azure AzureKeyVault@2 task in the deployment-job.yml file.
The script requires the following environment variables to run successfully. There are no default values and they all must have a value set.
| Variable | Description |
|---|---|
azureSubscription |
The name/subscrption of the resource group where the keyvault is created. nhsuk.cache-flush-rg-dev-uks |
KeyVaultName |
The name of the keyvault where the env vars should be retrieved from e.g. nhsukcacheflushdevuks |
The following environment variables are required for the application to run successfully. There are no default values and they all must have a value set.
| Variable | Description |
|---|---|
access-token |
Akamai API access token |
client-secret |
Akamai API client secret |
client-token |
Akamai API client token |
host |
Akamai API base hostname without the scheme |
During deployment of the application additional environment variables are retrieved from keyvault. They define the details of where the application will be deployed within Azure.
The variables vary for each environment. There are no default values and they all must have a value set.
| Variable | Description |
|---|---|
APP-PLAN |
The App Service plan used by the function app |
LOCATION |
The location where the function app is deployed to |
RESOURCE-GROUP |
The Resource Group the function app belongs to |
WEBSITE-NODE-DEFAULT-VERSION |
Version of node used by function app runtime |