Azdevify eshopOnWeb

EnesBalay · Oct 25, 2022 · 04895cc · 04895cc
1 parent a72dd77
commit 04895cc
Show file tree

Hide file tree

Showing 37 changed files with 2,675 additions and 0 deletions.
diff --git a/.gitignore b/.gitignore
@@ -257,3 +257,5 @@ pub/
 
 #Ignore marker-file used to know which docker files we have.
 .eshopdocker_*
+
+.azure
diff --git a/azure.yaml b/azure.yaml
@@ -0,0 +1,14 @@
+# yaml-language-server: $schema=https://raw.githubusercontent.com/Azure/azure-dev/main/schemas/v1.0/azure.yaml.json
+
+name: eShopOnWeb
+services:
+    web:
+        project: ./src/Web
+        language: csharp
+        host: appservice
+infra:
+    provider: ""
+    path: ""
+    module: ""
+pipeline:
+    provider: ""
diff --git a/infra/abbreviations.json b/infra/abbreviations.json
@@ -0,0 +1,135 @@
+{
+    "analysisServicesServers": "as",
+    "apiManagementService": "apim-",
+    "appConfigurationConfigurationStores": "appcs-",
+    "appManagedEnvironments": "cae-",
+    "appContainerApps": "ca-",
+    "authorizationPolicyDefinitions": "policy-",
+    "automationAutomationAccounts": "aa-",
+    "blueprintBlueprints": "bp-",
+    "blueprintBlueprintsArtifacts": "bpa-",
+    "cacheRedis": "redis-",
+    "cdnProfiles": "cdnp-",
+    "cdnProfilesEndpoints": "cdne-",
+    "cognitiveServicesAccounts": "cog-",
+    "cognitiveServicesFormRecognizer": "cog-fr-",
+    "cognitiveServicesTextAnalytics": "cog-ta-",
+    "computeAvailabilitySets": "avail-",
+    "computeCloudServices": "cld-",
+    "computeDiskEncryptionSets": "des",
+    "computeDisks": "disk",
+    "computeDisksOs": "osdisk",
+    "computeGalleries": "gal",
+    "computeSnapshots": "snap-",
+    "computeVirtualMachines": "vm",
+    "computeVirtualMachineScaleSets": "vmss-",
+    "containerInstanceContainerGroups": "ci",
+    "containerRegistryRegistries": "cr",
+    "containerServiceManagedClusters": "aks-",
+    "databricksWorkspaces": "dbw-",
+    "dataFactoryFactories": "adf-",
+    "dataLakeAnalyticsAccounts": "dla",
+    "dataLakeStoreAccounts": "dls",
+    "dataMigrationServices": "dms-",
+    "dBforMySQLServers": "mysql-",
+    "dBforPostgreSQLServers": "psql-",
+    "devicesIotHubs": "iot-",
+    "devicesProvisioningServices": "provs-",
+    "devicesProvisioningServicesCertificates": "pcert-",
+    "documentDBDatabaseAccounts": "cosmos-",
+    "eventGridDomains": "evgd-",
+    "eventGridDomainsTopics": "evgt-",
+    "eventGridEventSubscriptions": "evgs-",
+    "eventHubNamespaces": "evhns-",
+    "eventHubNamespacesEventHubs": "evh-",
+    "hdInsightClustersHadoop": "hadoop-",
+    "hdInsightClustersHbase": "hbase-",
+    "hdInsightClustersKafka": "kafka-",
+    "hdInsightClustersMl": "mls-",
+    "hdInsightClustersSpark": "spark-",
+    "hdInsightClustersStorm": "storm-",
+    "hybridComputeMachines": "arcs-",
+    "insightsActionGroups": "ag-",
+    "insightsComponents": "appi-",
+    "keyVaultVaults": "kv-",
+    "kubernetesConnectedClusters": "arck",
+    "kustoClusters": "dec",
+    "kustoClustersDatabases": "dedb",
+    "logicIntegrationAccounts": "ia-",
+    "logicWorkflows": "logic-",
+    "machineLearningServicesWorkspaces": "mlw-",
+    "managedIdentityUserAssignedIdentities": "id-",
+    "managementManagementGroups": "mg-",
+    "migrateAssessmentProjects": "migr-",
+    "networkApplicationGateways": "agw-",
+    "networkApplicationSecurityGroups": "asg-",
+    "networkAzureFirewalls": "afw-",
+    "networkBastionHosts": "bas-",
+    "networkConnections": "con-",
+    "networkDnsZones": "dnsz-",
+    "networkExpressRouteCircuits": "erc-",
+    "networkFirewallPolicies": "afwp-",
+    "networkFirewallPoliciesWebApplication": "waf",
+    "networkFirewallPoliciesRuleGroups": "wafrg",
+    "networkFrontDoors": "fd-",
+    "networkFrontdoorWebApplicationFirewallPolicies": "fdfp-",
+    "networkLoadBalancersExternal": "lbe-",
+    "networkLoadBalancersInternal": "lbi-",
+    "networkLoadBalancersInboundNatRules": "rule-",
+    "networkLocalNetworkGateways": "lgw-",
+    "networkNatGateways": "ng-",
+    "networkNetworkInterfaces": "nic-",
+    "networkNetworkSecurityGroups": "nsg-",
+    "networkNetworkSecurityGroupsSecurityRules": "nsgsr-",
+    "networkNetworkWatchers": "nw-",
+    "networkPrivateDnsZones": "pdnsz-",
+    "networkPrivateLinkServices": "pl-",
+    "networkPublicIPAddresses": "pip-",
+    "networkPublicIPPrefixes": "ippre-",
+    "networkRouteFilters": "rf-",
+    "networkRouteTables": "rt-",
+    "networkRouteTablesRoutes": "udr-",
+    "networkTrafficManagerProfiles": "traf-",
+    "networkVirtualNetworkGateways": "vgw-",
+    "networkVirtualNetworks": "vnet-",
+    "networkVirtualNetworksSubnets": "snet-",
+    "networkVirtualNetworksVirtualNetworkPeerings": "peer-",
+    "networkVirtualWans": "vwan-",
+    "networkVpnGateways": "vpng-",
+    "networkVpnGatewaysVpnConnections": "vcn-",
+    "networkVpnGatewaysVpnSites": "vst-",
+    "notificationHubsNamespaces": "ntfns-",
+    "notificationHubsNamespacesNotificationHubs": "ntf-",
+    "operationalInsightsWorkspaces": "log-",
+    "portalDashboards": "dash-",
+    "powerBIDedicatedCapacities": "pbi-",
+    "purviewAccounts": "pview-",
+    "recoveryServicesVaults": "rsv-",
+    "resourcesResourceGroups": "rg-",
+    "searchSearchServices": "srch-",
+    "serviceBusNamespaces": "sb-",
+    "serviceBusNamespacesQueues": "sbq-",
+    "serviceBusNamespacesTopics": "sbt-",
+    "serviceEndPointPolicies": "se-",
+    "serviceFabricClusters": "sf-",
+    "signalRServiceSignalR": "sigr",
+    "sqlManagedInstances": "sqlmi-",
+    "sqlServers": "sql-",
+    "sqlServersDataWarehouse": "sqldw-",
+    "sqlServersDatabases": "sqldb-",
+    "sqlServersDatabasesStretch": "sqlstrdb-",
+    "storageStorageAccounts": "st",
+    "storageStorageAccountsVm": "stvm",
+    "storSimpleManagers": "ssimp",
+    "streamAnalyticsCluster": "asa-",
+    "synapseWorkspaces": "syn",
+    "synapseWorkspacesAnalyticsWorkspaces": "synw",
+    "synapseWorkspacesSqlPoolsDedicated": "syndp",
+    "synapseWorkspacesSqlPoolsSpark": "synsp",
+    "timeSeriesInsightsEnvironments": "tsi-",
+    "webServerFarms": "plan-",
+    "webSitesAppService": "app-",
+    "webSitesAppServiceEnvironment": "ase-",
+    "webSitesFunctions": "func-",
+    "webStaticSites": "stapp-"
+}
diff --git a/infra/app/dbCatalog.bicep b/infra/app/dbCatalog.bicep
@@ -0,0 +1,25 @@
+param environmentName string
+param location string = resourceGroup().location
+
+param databaseName string = 'CatalogDB'
+param keyVaultName string
+
+@secure()
+param sqlAdminPassword string
+@secure()
+param appUserPassword string
+
+module sqlServer1 '../core/database/sqlserver1.bicep' = {
+  name: 'sqlServer1'
+  params: {
+    environmentName: environmentName
+    location: location
+    dbName: databaseName
+    keyVaultName: keyVaultName
+    sqlAdminPassword: sqlAdminPassword
+    appUserPassword: appUserPassword
+  }
+}
+
+output sqlConnectionStringKey string = sqlServer1.outputs.sqlConnectionStringKey
+output sqlDatabase1Name string = databaseName
diff --git a/infra/app/dbIdentity.bicep b/infra/app/dbIdentity.bicep
@@ -0,0 +1,25 @@
+param environmentName string
+param location string = resourceGroup().location
+
+param databaseName string = 'IdentityDB'
+param keyVaultName string
+
+@secure()
+param sqlAdminPassword string
+@secure()
+param appUserPassword string
+
+module sqlServer2 '../core/database/sqlserver2.bicep' = {
+  name: 'sqlServer2'
+  params: {
+    environmentName: environmentName
+    location: location
+    dbName: databaseName
+    keyVaultName: keyVaultName
+    sqlAdminPassword: sqlAdminPassword
+    appUserPassword: appUserPassword
+  }
+}
+
+output sqlConnectionStringKey string = sqlServer2.outputs.sqlConnectionStringKey
+output sqlDatabase2Name string = databaseName
diff --git a/infra/app/web.bicep b/infra/app/web.bicep
@@ -0,0 +1,18 @@
+param environmentName string
+param location string = resourceGroup().location
+param appServicePlanId string
+
+param serviceName string = 'web'
+
+module web '../core/host/appservice-dotnet.bicep' = {
+  name: '${serviceName}-appservice-dotnet-module'
+  params: {
+    environmentName: environmentName
+    location: location
+    appServicePlanId: appServicePlanId
+    serviceName: serviceName
+  }
+}
+
+output WEB_NAME string = web.outputs.name
+output WEB_URI string = web.outputs.uri
diff --git a/infra/core/database/sqlserver1.bicep b/infra/core/database/sqlserver1.bicep
@@ -0,0 +1,131 @@
+param environmentName string
+param location string = resourceGroup().location
+
+param appUser string = 'appUser'
+param dbName string
+param keyVaultName string
+param sqlAdmin string = 'sqlAdmin'
+param sqlConnectionStringKey string = 'AZURE-SQL-CATALOG-CONNECTION-STRING'
+
+@secure()
+param sqlAdminPassword string
+@secure()
+param appUserPassword string
+
+var abbrs = loadJsonContent('../../abbreviations.json')
+var resourceToken = toLower(uniqueString(subscription().id, environmentName, location))
+var tags = { 'azd-env-name': environmentName }
+
+resource sqlServer 'Microsoft.Sql/servers@2022-02-01-preview' = {
+  name: '${abbrs.sqlServers}${resourceToken}-Catalog'
+  location: location
+  tags: tags
+  properties: {
+    version: '12.0'
+    minimalTlsVersion: '1.2'
+    publicNetworkAccess: 'Enabled'
+    administratorLogin: sqlAdmin
+    administratorLoginPassword: sqlAdminPassword
+  }
+
+  resource database 'databases' = {
+    name: dbName
+    location: location
+  }
+
+  resource firewall 'firewallRules' = {
+    name: 'Azure Services'
+    properties: {
+      // Allow all clients 
+      // Note: range [0.0.0.0-0.0.0.0] means "allow all Azure-hosted clients only".
+      // This is not sufficient, because we also want to allow direct access from developer machine, for debugging purposes.
+      startIpAddress: '0.0.0.1'
+      endIpAddress: '255.255.255.254'
+    }
+  }
+}
+
+resource sqlDeploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = {
+  name: 'script-${resourceToken}-Catalog'
+  location: location
+  kind: 'AzureCLI'
+  properties: {
+    azCliVersion: '2.37.0'
+    retentionInterval: 'PT1H' // Retain the script resource for 1 hour after it ends running
+    timeout: 'PT5M' // Five minutes
+    cleanupPreference: 'OnSuccess'
+    environmentVariables: [
+      {
+        name: 'APPUSERNAME'
+        value: appUser
+      }
+      {
+        name: 'APPUSERPASSWORD'
+        secureValue: appUserPassword
+      }
+      {
+        name: 'DBNAME'
+        value: dbName
+      }
+      {
+        name: 'DBSERVER'
+        value: sqlServer.properties.fullyQualifiedDomainName
+      }
+      {
+        name: 'SQLCMDPASSWORD'
+        secureValue: sqlAdminPassword
+      }
+      {
+        name: 'SQLADMIN'
+        value: sqlAdmin
+      }
+    ]
+
+    scriptContent: '''
+wget https://github.com/microsoft/go-sqlcmd/releases/download/v0.8.1/sqlcmd-v0.8.1-linux-x64.tar.bz2
+tar x -f sqlcmd-v0.8.1-linux-x64.tar.bz2 -C .
+
+cat <<SCRIPT_END > ./initDb.sql
+drop user ${APPUSERNAME}
+go
+create user ${APPUSERNAME} with password = '${APPUSERPASSWORD}'
+go
+alter role db_owner add member ${APPUSERNAME}
+go
+SCRIPT_END
+
+./sqlcmd -S ${DBSERVER} -d ${DBNAME} -U ${SQLADMIN} -i ./initDb.sql
+    '''
+  }
+}
+
+resource sqlAdminPasswordSecret 'Microsoft.KeyVault/vaults/secrets@2022-07-01' = {
+  parent: keyVault
+  name: 'sqlAdminPassword'
+  properties: {
+    value: sqlAdminPassword
+  }
+}
+
+resource appUserPasswordSecret 'Microsoft.KeyVault/vaults/secrets@2022-07-01' = {
+  parent: keyVault
+  name: 'appUserPassword'
+  properties: {
+    value: appUserPassword
+  }
+}
+
+resource sqlAzureConnectionStringSercret 'Microsoft.KeyVault/vaults/secrets@2022-07-01' = {
+  parent: keyVault
+  name: sqlConnectionStringKey
+  properties: {
+    value: '${azureSqlConnectionString}; Password=${appUserPassword}'
+  }
+}
+
+resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' existing = {
+  name: keyVaultName
+}
+
+var azureSqlConnectionString = 'Server=${sqlServer.properties.fullyQualifiedDomainName}; Database=${sqlServer::database.name}; User=${appUser}'
+output sqlConnectionStringKey string = sqlConnectionStringKey
Original file line number	Diff line number	Diff line change
Expand Up		@@ -257,3 +257,5 @@ pub/

		#Ignore marker-file used to know which docker files we have.
		.eshopdocker_*

		.azure