Add azd #58
Add azd #58
Conversation
* Copied `infra` and `azure.yaml` * Merged parts of `devcontainer.json`
There was a problem hiding this comment.
What are all these *.bicep files and were do they come from?
(I imagine they come from here: https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/overview?tabs=bicep)
They look pretty cryptic and extensive and if they are need to deploy on Azure we should explain what do they do and some reference to build your own.
| var _quarkusContainerAppName = !empty(quarkusContainerAppName) ? quarkusContainerAppName : take('${abbreviations.appContainerApps}quarkus-${environmentName}', 32) | ||
| var _springBootContainerAppName = !empty(springBootContainerAppName) ? springBootContainerAppName : take('${abbreviations.appContainerApps}spring-boot-${environmentName}', 32) | ||
| var _postgresFlexibleServerName = !empty(postgresFlexibleServerName) ? postgresFlexibleServerName : take(toLower('${abbreviations.dBforPostgreSQLServers}${take(environmentName, 44)}-${resourceToken}'), 63) | ||
| var _keyVaultName = !empty(keyVaultName) ? keyVaultName : take('${abbreviations.keyVaultVaults}${take(alphaNumericEnvironmentName, 8)}${resourceToken}', 24) |
There was a problem hiding this comment.
I think it is a better practice to provide these names only in the one line where you need them. If you store them as variables, you may be tempted to reference the variable name instead of module.outputs.name, and then Bicep won't realize there's a dependency between two modules.
There was a problem hiding this comment.
I understand your concern. The generation of names and counting of how many characters are truncated is quite complex and prone to mistakes. I prefer to have all name wrangling in the same place for the main file. Also, the extra long lines make for less readable resources & modules.
Misuse of those variables is mitigated by their '_' prefix.
| var _keyVaultSecrets = [ | ||
| { | ||
| name: 'postgres-admin-password' | ||
| value: postgresAdminPassword |
There was a problem hiding this comment.
We are trying to move to passwordless auth for PG but that is a larger change (as it also effects code)
There was a problem hiding this comment.
Yes, it wouldn't be a great fit for this example as it is already very complex. Or WDYT @brunobat and @jeanbisutti ?
There was a problem hiding this comment.
I would propose we make this a separate issue. I'm not sure the exact impact it would have on the native part,
| } | ||
|
|
||
| /* Give access to the keyvault to the current identity */ | ||
| module principalKeyVaultAccess './core/security/keyvault-access.bicep' = { |
There was a problem hiding this comment.
See my comment in chat re moving to RBAC
There was a problem hiding this comment.
They all come from https://github.com/Azure-Samples/azd-starter-bicep I did an initial cleanup and left some that we might use. My latest commit should have cleaned any unused bicep files. This directory structure is pretty common in AZD templates out there and naming is pretty self-explanatory. |
|
this needs to be updated to the latest version |
|
add documentation links to the readme and explain high level |
|
@SandraAhlgrimm can you please explain in the docs or even the readme the structure of the infra repo and what are these .bicep files?... Maybe with a link to their documentation? |
Create the infrastructure as requested in #53