From e729dd58eabc87c7137c419b9cfc189e04404e18 Mon Sep 17 00:00:00 2001 From: System Administrator Date: Tue, 10 Sep 2024 13:09:00 +0100 Subject: [PATCH 01/21] worklow added --- .github/workflows/first-worklow.yml | 58 +++++++++++++++++++++++++++++ 1 file changed, 58 insertions(+) create mode 100644 .github/workflows/first-worklow.yml diff --git a/.github/workflows/first-worklow.yml b/.github/workflows/first-worklow.yml new file mode 100644 index 00000000..3ac22286 --- /dev/null +++ b/.github/workflows/first-worklow.yml @@ -0,0 +1,58 @@ +# The name of the job is what will display on the GitHub repository in the Actions tab. +name: First Workflow + +# The 'on' section tells GitHub under what conditions we want to run this workflow. +# https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows +# Common scenarios include: + # workflow-dispatch (manual execution) + # issues + # push + # pull_request + # schedule +on: + workflow_dispatch: + issues: + types: [opened] +env: + VARIABLE_NAME: value +# This section covers the work to perform. +# We include one or more jobs in this section. +jobs: + # Each individual job will include details like execution order, + # pre-requisite jobs, and execution platform. + job1: + # We can run jobs on GitHub hosted VM runners in Windows, Ubuntu, and Mac OS. + # We can also run jobs on self-hosted hardware. + runs-on: ubuntu-latest + + # Each job contains one or more steps. A step needs to have at least a name and a command. + steps: + - name: Step one + # The 'run' command executes a shell or command script. Because this is Ubuntu, the + # default run command will be /bin/bash + run: | + echo "Log from step one" + echo "env variable value $VARIABLE_NAME" + # This section does not appear in the solution file but demonstrates how to set + # custom variables that will be available in the run script. + + - name: Step two + run: echo "Log from step two" + + job2: + # Job 2 will only run after job 1 completes. + # Removing this 'needs' section would make the jobs run simultaneously. + needs: job1 + runs-on: ubuntu-latest + + steps: + - name: Cowsays + # The 'uses' command executes a remote GitHub action. + # A command like mscoutermarsh/cowsays-action means you can + # find this code at https://github.com/mscoutermarsh/cowsays-action + uses: mscoutermarsh/cowsays-action@master + # The 'with' block includes parameters that the workflow will pass + # to this action. Parameters are all in key-value format. + with: + text: 'Ready for prod--ship it! and use env value ${{ env.VARIABLE_NAME }}' + color: 'magenta' From 9d5e0bfe7a1ff1553bc82beb9ac739c3bf57a486 Mon Sep 17 00:00:00 2001 From: System Administrator Date: Tue, 10 Sep 2024 13:14:47 +0100 Subject: [PATCH 02/21] worklow update --- .github/workflows/first-worklow.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/first-worklow.yml b/.github/workflows/first-worklow.yml index 3ac22286..26850bf4 100644 --- a/.github/workflows/first-worklow.yml +++ b/.github/workflows/first-worklow.yml @@ -14,7 +14,7 @@ on: issues: types: [opened] env: - VARIABLE_NAME: value + VARIABLE_NAME: 'test123' # This section covers the work to perform. # We include one or more jobs in this section. jobs: @@ -32,7 +32,7 @@ jobs: # default run command will be /bin/bash run: | echo "Log from step one" - echo "env variable value $VARIABLE_NAME" + echo "env variable: $VARIABLE_NAME" # This section does not appear in the solution file but demonstrates how to set # custom variables that will be available in the run script. @@ -54,5 +54,5 @@ jobs: # The 'with' block includes parameters that the workflow will pass # to this action. Parameters are all in key-value format. with: - text: 'Ready for prod--ship it! and use env value ${{ env.VARIABLE_NAME }}' + text: 'Ready for prod--ship it! and use env var: ${{ env.VARIABLE_NAME }}' color: 'magenta' From e51a635a8e878d1d8dca5f0baf2e10b953eab1d4 Mon Sep 17 00:00:00 2001 From: System Administrator Date: Tue, 10 Sep 2024 13:18:22 +0100 Subject: [PATCH 03/21] worklow update --- .github/workflows/pages.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pages.yml b/.github/workflows/pages.yml index cedae546..c8d8bcab 100644 --- a/.github/workflows/pages.yml +++ b/.github/workflows/pages.yml @@ -8,7 +8,7 @@ name: Deploy Jekyll site to Pages on: push: - branches: ["main"] + branches: ["feature"] # Allows you to run this workflow manually from the Actions tab workflow_dispatch: From 12e8fd8ad9b6e0ada6120e2b8e0445752c897e3a Mon Sep 17 00:00:00 2001 From: System Administrator Date: Tue, 10 Sep 2024 13:33:51 +0100 Subject: [PATCH 04/21] Update text limit --- src/Application/src/RazorPagesTestSample/Data/Message.cs | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/src/Application/src/RazorPagesTestSample/Data/Message.cs b/src/Application/src/RazorPagesTestSample/Data/Message.cs index ea99cbd6..063688fa 100644 --- a/src/Application/src/RazorPagesTestSample/Data/Message.cs +++ b/src/Application/src/RazorPagesTestSample/Data/Message.cs @@ -7,9 +7,16 @@ public class Message { public int Id { get; set; } + /// + /// Gets or sets the text of the message. + /// + /// + /// This property is required and should contain text data. + /// The maximum length of the text is 250 characters. + /// [Required] [DataType(DataType.Text)] - [StringLength(200, ErrorMessage = "There's a 200 character limit on messages. Please shorten your message.")] + [StringLength(250, ErrorMessage = "There's a 250 character limit on messages. Please shorten your message.")] public string Text { get; set; } } #endregion From f8b59ec191e722f326907eb14dc334d6cf5c29fe Mon Sep 17 00:00:00 2001 From: Admin user Date: Tue, 10 Sep 2024 13:36:29 +0100 Subject: [PATCH 05/21] Update character limit validation for message text. Resolve #4 --- src/Application/src/RazorPagesTestSample/Data/Message.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Application/src/RazorPagesTestSample/Data/Message.cs b/src/Application/src/RazorPagesTestSample/Data/Message.cs index 063688fa..7ff1dbd8 100644 --- a/src/Application/src/RazorPagesTestSample/Data/Message.cs +++ b/src/Application/src/RazorPagesTestSample/Data/Message.cs @@ -16,7 +16,7 @@ public class Message /// [Required] [DataType(DataType.Text)] - [StringLength(250, ErrorMessage = "There's a 250 character limit on messages. Please shorten your message.")] + [StringLength(250, ErrorMessage = "There's a 250 character limit on messages. Please shorten your message.")] public string Text { get; set; } } #endregion From 861a238e88f22d64c984f361e059f1df903927d9 Mon Sep 17 00:00:00 2001 From: Admin user Date: Wed, 11 Sep 2024 10:36:42 +0100 Subject: [PATCH 06/21] Add credentials.json and deploy.yml for Azure resource deployment --- src/InfrastructureAsCode/credentials.json | 9 ++++ src/InfrastructureAsCode/deploy.yml | 62 +++++++++++++++++++++++ src/InfrastructureAsCode/main.bicep | 49 +++++++++++++++++- 3 files changed, 119 insertions(+), 1 deletion(-) create mode 100644 src/InfrastructureAsCode/credentials.json create mode 100644 src/InfrastructureAsCode/deploy.yml diff --git a/src/InfrastructureAsCode/credentials.json b/src/InfrastructureAsCode/credentials.json new file mode 100644 index 00000000..e29e1ff0 --- /dev/null +++ b/src/InfrastructureAsCode/credentials.json @@ -0,0 +1,9 @@ +{ + "name": "GitHubDevOpsCredential", + "issuer": "https://token.actions.githubusercontent.com", + "subject": "repo:puneet-minhas/TechExcel-Accelerate-developer-productivity-with-GitHub-Copilot-and-Dev-Box:ref:refs/heads/main", + "description": "Deploy Azure resources from the TechExcel DevOps practices GitHub repo", + "audiences": [ + "api://AzureADTokenExchange" + ] +} diff --git a/src/InfrastructureAsCode/deploy.yml b/src/InfrastructureAsCode/deploy.yml new file mode 100644 index 00000000..c2777833 --- /dev/null +++ b/src/InfrastructureAsCode/deploy.yml @@ -0,0 +1,62 @@ + name: Provision Azure Resources + # We only want to run this script manually. + on: + workflow_dispatch: + inputs: + # We can add inputs to the workflow_dispatch event. This allows us to + # accept user input when running the workflow manually. In this case, we + # have a dropdown that allows us to select the target environment. + inputs: + targetEnv: + description: 'Target environment' + required: true + default: 'dev' + options: + - 'dev' + - 'prod' + + # Environment variables are defined in an "env" section. + # We set the target environment to dev. + # Open the deploy-advanced.yml file to see how we can accept user input + # instead of needing to change this file to switch environments. + env: + targetEnv2: dev + + + jobs: + # This script has one job: build and deploy the IaC resources + build-and-deploy: + # We run this on an Ubuntu-based GitHub hosted runner. This hosted runner + # has certain software already installed, including az cli + runs-on: ubuntu-latest + steps: + # Check out the code. This grabs code from the repository and + # makes it available to the GitHub hosted runner. It will usually be the + # first task for any workflow + - uses: actions/checkout@main + + # Log into Azure using a federated credential. We have already set up the + # federation process in a prior step, so we need to pass in the following: + # Client ID = Application registration ID + # Tenant ID = Application owner organization ID (previously called Tenant ID in Azure) + # Subscription ID + # https://github.com/azure/login + - uses: azure/login@v2.1.1 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + # We also need to ensure that enable-AzPSSession is true. This is important for + # using OIDC in Azure. If we were to pass in a client secret instead, we would not need + # this setting enabled + enable-AzPSSession: true + + # Deploy ARM template + - name: Run ARM deploy + # https://github.com/azure/arm-deploy + uses: azure/arm-deploy@v1 + with: + subscriptionId: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + resourceGroupName: ${{ secrets.AZURE_RG }} + template: ./src/InfrastructureAsCode/main.bicep + parameters: environment=${{ github.event.inputs.targetenv }} \ No newline at end of file diff --git a/src/InfrastructureAsCode/main.bicep b/src/InfrastructureAsCode/main.bicep index 6dc69618..48d8b0b5 100644 --- a/src/InfrastructureAsCode/main.bicep +++ b/src/InfrastructureAsCode/main.bicep @@ -14,4 +14,51 @@ var registrySku = 'Standard' var imageName = 'techexcel/dotnetcoreapp' var startupCommand = '' -// TODO: complete this script +resource appServicePlan 'Microsoft.Web/serverfarms@2021-02-01' = { + name: appServicePlanName + location: location + sku: { + name: sku + tier: 'Standard' + } + properties: { + reserved: true + } +} + +resource webApp 'Microsoft.Web/sites@2021-02-01' = { + name: webAppName + location: location + properties: { + serverFarmId: appServicePlan.id + siteConfig: { + linuxFxVersion: 'DOCKER|${imageName}' + appCommandLine: startupCommand + } + } +} + +resource appInsights 'Microsoft.Insights/components@2020-02-02' = { + name: appInsightsName + location: location + kind: 'web' + properties: { + Application_Type: 'web' + } +} + +resource containerRegistry 'Microsoft.ContainerRegistry/registries@2021-06-01-preview' = { + name: registryName + location: location + sku: { + name: registrySku + } + properties: { + adminUserEnabled: true + } +} + +//az ad sp create --id dd0d73a2-dd3e-4752-a7eb-8b9c5fefc8bc +// sp "id": "08f2fb0c-e135-49b5-bacc-8f444275b12a" +// az ad app federated-credential create --id dd0d73a2-dd3e-4752-a7eb-8b9c5fefc8bc --parameters credentials.json +//az role assignment create --role contributor --scope /subscriptions/699f3eb4-18f1-491c-ac3a-a7f89f164bd1/resourceGroups/TechExcelTraining-Day2 --subscription 699f3eb4-18f1-491c-ac3a-a7f89f164bd1 --assignee-object-id 08f2fb0c-e135-49b5-bacc-8f444275b12a --assignee-principal-type ServicePrincipal From 1d68a576dd7556b06cd204e729283cf8bdc21e0d Mon Sep 17 00:00:00 2001 From: Puneet-Minhas <81772545+Puneet-Minhas@users.noreply.github.com> Date: Wed, 11 Sep 2024 10:44:03 +0100 Subject: [PATCH 07/21] Create deploy.yml --- .github/workflows/deploy.yml | 62 ++++++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) create mode 100644 .github/workflows/deploy.yml diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml new file mode 100644 index 00000000..00e105c9 --- /dev/null +++ b/.github/workflows/deploy.yml @@ -0,0 +1,62 @@ + name: Provision Azure Resources + # We only want to run this script manually. + on: + workflow_dispatch: + inputs: + # We can add inputs to the workflow_dispatch event. This allows us to + # accept user input when running the workflow manually. In this case, we + # have a dropdown that allows us to select the target environment. + inputs: + targetEnv: + description: 'Target environment' + required: true + default: 'dev' + options: + - 'dev' + - 'prod' + + # Environment variables are defined in an "env" section. + # We set the target environment to dev. + # Open the deploy-advanced.yml file to see how we can accept user input + # instead of needing to change this file to switch environments. + env: + targetEnv2: dev + + + jobs: + # This script has one job: build and deploy the IaC resources + build-and-deploy: + # We run this on an Ubuntu-based GitHub hosted runner. This hosted runner + # has certain software already installed, including az cli + runs-on: ubuntu-latest + steps: + # Check out the code. This grabs code from the repository and + # makes it available to the GitHub hosted runner. It will usually be the + # first task for any workflow + - uses: actions/checkout@main + + # Log into Azure using a federated credential. We have already set up the + # federation process in a prior step, so we need to pass in the following: + # Client ID = Application registration ID + # Tenant ID = Application owner organization ID (previously called Tenant ID in Azure) + # Subscription ID + # https://github.com/azure/login + - uses: azure/login@v2.1.1 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + # We also need to ensure that enable-AzPSSession is true. This is important for + # using OIDC in Azure. If we were to pass in a client secret instead, we would not need + # this setting enabled + enable-AzPSSession: true + + # Deploy ARM template + - name: Run ARM deploy + # https://github.com/azure/arm-deploy + uses: azure/arm-deploy@v1 + with: + subscriptionId: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + resourceGroupName: ${{ secrets.AZURE_RG }} + template: ./src/InfrastructureAsCode/main.bicep + parameters: environment=${{ github.event.inputs.targetenv }} From 8d8973518c8ffef3e2936a52e5c751c277ad5037 Mon Sep 17 00:00:00 2001 From: Puneet-Minhas <81772545+Puneet-Minhas@users.noreply.github.com> Date: Wed, 11 Sep 2024 10:44:24 +0100 Subject: [PATCH 08/21] Delete src/InfrastructureAsCode/deploy.yml --- src/InfrastructureAsCode/deploy.yml | 62 ----------------------------- 1 file changed, 62 deletions(-) delete mode 100644 src/InfrastructureAsCode/deploy.yml diff --git a/src/InfrastructureAsCode/deploy.yml b/src/InfrastructureAsCode/deploy.yml deleted file mode 100644 index c2777833..00000000 --- a/src/InfrastructureAsCode/deploy.yml +++ /dev/null @@ -1,62 +0,0 @@ - name: Provision Azure Resources - # We only want to run this script manually. - on: - workflow_dispatch: - inputs: - # We can add inputs to the workflow_dispatch event. This allows us to - # accept user input when running the workflow manually. In this case, we - # have a dropdown that allows us to select the target environment. - inputs: - targetEnv: - description: 'Target environment' - required: true - default: 'dev' - options: - - 'dev' - - 'prod' - - # Environment variables are defined in an "env" section. - # We set the target environment to dev. - # Open the deploy-advanced.yml file to see how we can accept user input - # instead of needing to change this file to switch environments. - env: - targetEnv2: dev - - - jobs: - # This script has one job: build and deploy the IaC resources - build-and-deploy: - # We run this on an Ubuntu-based GitHub hosted runner. This hosted runner - # has certain software already installed, including az cli - runs-on: ubuntu-latest - steps: - # Check out the code. This grabs code from the repository and - # makes it available to the GitHub hosted runner. It will usually be the - # first task for any workflow - - uses: actions/checkout@main - - # Log into Azure using a federated credential. We have already set up the - # federation process in a prior step, so we need to pass in the following: - # Client ID = Application registration ID - # Tenant ID = Application owner organization ID (previously called Tenant ID in Azure) - # Subscription ID - # https://github.com/azure/login - - uses: azure/login@v2.1.1 - with: - client-id: ${{ secrets.AZURE_CLIENT_ID }} - tenant-id: ${{ secrets.AZURE_TENANT_ID }} - subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - # We also need to ensure that enable-AzPSSession is true. This is important for - # using OIDC in Azure. If we were to pass in a client secret instead, we would not need - # this setting enabled - enable-AzPSSession: true - - # Deploy ARM template - - name: Run ARM deploy - # https://github.com/azure/arm-deploy - uses: azure/arm-deploy@v1 - with: - subscriptionId: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - resourceGroupName: ${{ secrets.AZURE_RG }} - template: ./src/InfrastructureAsCode/main.bicep - parameters: environment=${{ github.event.inputs.targetenv }} \ No newline at end of file From 1799f2ca72901be9b9293ec320f732c8c7307d7d Mon Sep 17 00:00:00 2001 From: Puneet-Minhas <81772545+Puneet-Minhas@users.noreply.github.com> Date: Wed, 11 Sep 2024 10:44:33 +0100 Subject: [PATCH 09/21] Delete src/InfrastructureAsCode/credentials.json --- src/InfrastructureAsCode/credentials.json | 9 --------- 1 file changed, 9 deletions(-) delete mode 100644 src/InfrastructureAsCode/credentials.json diff --git a/src/InfrastructureAsCode/credentials.json b/src/InfrastructureAsCode/credentials.json deleted file mode 100644 index e29e1ff0..00000000 --- a/src/InfrastructureAsCode/credentials.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "name": "GitHubDevOpsCredential", - "issuer": "https://token.actions.githubusercontent.com", - "subject": "repo:puneet-minhas/TechExcel-Accelerate-developer-productivity-with-GitHub-Copilot-and-Dev-Box:ref:refs/heads/main", - "description": "Deploy Azure resources from the TechExcel DevOps practices GitHub repo", - "audiences": [ - "api://AzureADTokenExchange" - ] -} From 32d8ff93050fcd6e7299b50c2b93b864bb94e4dd Mon Sep 17 00:00:00 2001 From: Puneet-Minhas <81772545+Puneet-Minhas@users.noreply.github.com> Date: Wed, 11 Sep 2024 10:44:44 +0100 Subject: [PATCH 10/21] Update main.bicep --- src/InfrastructureAsCode/main.bicep | 4 ---- 1 file changed, 4 deletions(-) diff --git a/src/InfrastructureAsCode/main.bicep b/src/InfrastructureAsCode/main.bicep index 48d8b0b5..9d303cab 100644 --- a/src/InfrastructureAsCode/main.bicep +++ b/src/InfrastructureAsCode/main.bicep @@ -58,7 +58,3 @@ resource containerRegistry 'Microsoft.ContainerRegistry/registries@2021-06-01-pr } } -//az ad sp create --id dd0d73a2-dd3e-4752-a7eb-8b9c5fefc8bc -// sp "id": "08f2fb0c-e135-49b5-bacc-8f444275b12a" -// az ad app federated-credential create --id dd0d73a2-dd3e-4752-a7eb-8b9c5fefc8bc --parameters credentials.json -//az role assignment create --role contributor --scope /subscriptions/699f3eb4-18f1-491c-ac3a-a7f89f164bd1/resourceGroups/TechExcelTraining-Day2 --subscription 699f3eb4-18f1-491c-ac3a-a7f89f164bd1 --assignee-object-id 08f2fb0c-e135-49b5-bacc-8f444275b12a --assignee-principal-type ServicePrincipal From 5890b1d95d47127b19302dbc27595dc0eee08193 Mon Sep 17 00:00:00 2001 From: Admin user Date: Wed, 11 Sep 2024 10:55:15 +0100 Subject: [PATCH 11/21] Update deploy.yml --- .github/workflows/deploy.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 00e105c9..5ebc1239 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -6,9 +6,10 @@ # We can add inputs to the workflow_dispatch event. This allows us to # accept user input when running the workflow manually. In this case, we # have a dropdown that allows us to select the target environment. - inputs: + targetEnv: description: 'Target environment' + type: 'choice' required: true default: 'dev' options: @@ -29,6 +30,10 @@ # We run this on an Ubuntu-based GitHub hosted runner. This hosted runner # has certain software already installed, including az cli runs-on: ubuntu-latest + permissions: + contents: read + pages: write + id-token: write steps: # Check out the code. This grabs code from the repository and # makes it available to the GitHub hosted runner. It will usually be the From 3e45aa37a7335db3c376d71105cbcfda31a31529 Mon Sep 17 00:00:00 2001 From: Admin user Date: Wed, 11 Sep 2024 11:04:30 +0100 Subject: [PATCH 12/21] Update main.bicep --- src/InfrastructureAsCode/main.bicep | 85 ++++++++++++++++++++++------- 1 file changed, 65 insertions(+), 20 deletions(-) diff --git a/src/InfrastructureAsCode/main.bicep b/src/InfrastructureAsCode/main.bicep index 9d303cab..d8e740d2 100644 --- a/src/InfrastructureAsCode/main.bicep +++ b/src/InfrastructureAsCode/main.bicep @@ -8,46 +8,38 @@ var webAppName = '${uniqueString(resourceGroup().id)}-${environment}' var appServicePlanName = '${uniqueString(resourceGroup().id)}-mpnp-asp' var logAnalyticsName = '${uniqueString(resourceGroup().id)}-mpnp-la' var appInsightsName = '${uniqueString(resourceGroup().id)}-mpnp-ai' -var sku = 'S1' +var sku = 'P0V3' var registryName = '${uniqueString(resourceGroup().id)}mpnpreg' var registrySku = 'Standard' var imageName = 'techexcel/dotnetcoreapp' var startupCommand = '' -resource appServicePlan 'Microsoft.Web/serverfarms@2021-02-01' = { - name: appServicePlanName - location: location - sku: { - name: sku - tier: 'Standard' - } - properties: { - reserved: true - } -} -resource webApp 'Microsoft.Web/sites@2021-02-01' = { - name: webAppName +resource logAnalyticsWorkspace 'Microsoft.OperationalInsights/workspaces@2021-12-01-preview' = { + name: logAnalyticsName location: location properties: { - serverFarmId: appServicePlan.id - siteConfig: { - linuxFxVersion: 'DOCKER|${imageName}' - appCommandLine: startupCommand + sku: { + name: 'PerGB2018' + } + retentionInDays: 90 + workspaceCapping: { + dailyQuotaGb: 1 } } } -resource appInsights 'Microsoft.Insights/components@2020-02-02' = { +resource appInsights 'Microsoft.Insights/components@2020-02-02-preview' = { name: appInsightsName location: location kind: 'web' properties: { Application_Type: 'web' + WorkspaceResourceId: logAnalyticsWorkspace.id } } -resource containerRegistry 'Microsoft.ContainerRegistry/registries@2021-06-01-preview' = { +resource containerRegistry 'Microsoft.ContainerRegistry/registries@2020-11-01-preview' = { name: registryName location: location sku: { @@ -58,3 +50,56 @@ resource containerRegistry 'Microsoft.ContainerRegistry/registries@2021-06-01-pr } } +resource appServicePlan 'Microsoft.Web/serverFarms@2022-09-01' = { + name: appServicePlanName + location: location + kind: 'linux' + properties: { + reserved: true + } + sku: { + name: sku + } +} + +resource appServiceApp 'Microsoft.Web/sites@2020-12-01' = { + name: webAppName + location: location + properties: { + serverFarmId: appServicePlan.id + httpsOnly: true + clientAffinityEnabled: false + siteConfig: { + linuxFxVersion: 'DOCKER|${containerRegistry.name}.azurecr.io/${uniqueString(resourceGroup().id)}/${imageName}' + http20Enabled: true + minTlsVersion: '1.2' + appCommandLine: startupCommand + appSettings: [ + { + name: 'WEBSITES_ENABLE_APP_SERVICE_STORAGE' + value: 'false' + } + { + name: 'DOCKER_REGISTRY_SERVER_URL' + value: 'https://${containerRegistry.name}.azurecr.io' + } + { + name: 'DOCKER_REGISTRY_SERVER_USERNAME' + value: containerRegistry.name + } + { + name: 'DOCKER_REGISTRY_SERVER_PASSWORD' + value: containerRegistry.listCredentials().passwords[0].value + } + { + name: 'APPINSIGHTS_INSTRUMENTATIONKEY' + value: appInsights.properties.InstrumentationKey + } + ] + } + } +} + +output application_name string = appServiceApp.name +output application_url string = appServiceApp.properties.hostNames[0] +output container_registry_name string = containerRegistry.name From 25ceb5b7fe12c9da9a864b80dfd030230a6e6425 Mon Sep 17 00:00:00 2001 From: Puneet-Minhas <81772545+Puneet-Minhas@users.noreply.github.com> Date: Wed, 11 Sep 2024 11:16:42 +0100 Subject: [PATCH 13/21] Update and rename deploy.yml to IaC.yml --- .github/workflows/{deploy.yml => IaC.yml} | 1 + 1 file changed, 1 insertion(+) rename .github/workflows/{deploy.yml => IaC.yml} (99%) diff --git a/.github/workflows/deploy.yml b/.github/workflows/IaC.yml similarity index 99% rename from .github/workflows/deploy.yml rename to .github/workflows/IaC.yml index 5ebc1239..bcdddf1a 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/IaC.yml @@ -14,6 +14,7 @@ default: 'dev' options: - 'dev' + - 'test' - 'prod' # Environment variables are defined in an "env" section. From 45fa8afdf6670215fed42bc9d8c55cf5ecf46c3c Mon Sep 17 00:00:00 2001 From: Admin user Date: Wed, 11 Sep 2024 12:03:25 +0100 Subject: [PATCH 14/21] Docker build push reusable worflow add --- .github/workflows/ci-cd.yml | 124 ++++++++++++++++++++++++++++++ .github/workflows/reusable-cd.yml | 37 +++++++++ 2 files changed, 161 insertions(+) create mode 100644 .github/workflows/ci-cd.yml create mode 100644 .github/workflows/reusable-cd.yml diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml new file mode 100644 index 00000000..72e1d86d --- /dev/null +++ b/.github/workflows/ci-cd.yml @@ -0,0 +1,124 @@ +name: .NET CI-CD + +env: + registryName: ${{ secrets.CONTAINER_REGISTRY_NAME }}.azurecr.io + repositoryName: techexcel/dotnetcoreapp + dockerFolderPath: ./src/Application/src/RazorPagesTestSample + tag: ${{github.run_number}} + +on: + push: + branches: [ main ] + paths: src/Application/** + pull_request: + branches: [ main ] + paths: src/Application/** + # Allows you to run this workflow manually from the Actions tab + workflow_dispatch: +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + - name: Setup .NET + uses: actions/setup-dotnet@v3 + with: + dotnet-version: 8.0 + + - name: Restore dependencies + run: dotnet restore ./src/Application/src/RazorPagesTestSample/RazorPagesTestSample.csproj + - name: Build + run: dotnet build --no-restore ./src/Application/src/RazorPagesTestSample/RazorPagesTestSample.csproj + - name: Test + run: dotnet test --no-build --verbosity normal ./src/Application/tests/RazorPagesTestSample.Tests/RazorPagesTestSample.Tests.csproj + - uses: actions/github-script@v6 + if: failure() + with: + github-token: ${{secrets.GITHUB_TOKEN}} + script: | + let body = "${{ env.build_name }} Workflow Failure \n Build Number: ${{ github.run_number }} \n Build Log: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }} \n SHA: [${{ github.sha }}](https://github.com/${{ github.repository }}/commit/${{ github.sha }}) \n"; + github.issues.create({ + owner: context.repo.owner, + repo: context.repo.repo, + title: "${{ env.build_name }} Workflow ${{ github.run_number }} Failed! ", + body: body + }); + + dockerBuildPush: + runs-on: ubuntu-latest + needs: build + + steps: + - uses: actions/checkout@v3 + + - name: Docker Login + # You may pin to the exact commit or the version. + # uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c + uses: docker/login-action@v1.9.0 + with: + # Server address of Docker registry. If not set then will default to Docker Hub + registry: ${{ secrets.ACR_LOGIN_SERVER }} + # Username used to log against the Docker registry + username: ${{ secrets.ACR_USERNAME }} + # Password or personal access token used to log against the Docker registry + password: ${{ secrets.ACR_PASSWORD }} + # Log out from the Docker registry at the end of a job + logout: true + + - name: Docker Build + run: docker build -t $registryName/$repositoryName:$tag --build-arg build_version=$tag $dockerFolderPath + + - name: Docker Push + run: docker push $registryName/$repositoryName:$tag + + deploy: + needs: dockerBuildPush + uses: ./.github/workflows/reusable-cd.yml + with: + environment: dev + secrets: + inherit: true + +# deploy-to-test: + +# runs-on: ubuntu-latest +# needs: deploy-to-dev +# environment: +# name: test +# url: https://{your_prefix}-test.azurewebsites.net/ + +# steps: +# - uses: actions/checkout@v3 + +# - name: 'Login via Azure CLI' +# uses: azure/login@v2.1.1 +# with: +# creds: ${{ secrets.AZURE_CREDENTIALS }} + +# - uses: azure/webapps-deploy@v2 +# with: +# app-name: '{your_prefix}-test' +# images: {your_registry_name}.azurecr.io/techexcel/dotnetcoreapp:${{github.run_number}} + +# deploy-to-prod: + +# runs-on: ubuntu-latest +# needs: deploy-to-test +# environment: +# name: prod +# url: https://{your_prefix}-prod.azurewebsites.net/ + +# steps: +# - uses: actions/checkout@v3 + +# - name: 'Login via Azure CLI' +# uses: azure/login@v2.1.1 +# with: +# creds: ${{ secrets.AZURE_CREDENTIALS }} + +# - uses: azure/webapps-deploy@v2 +# with: +# app-name: '{your_prefix}-prod' +# images: {your_registry_name}.azurecr.io/techexcel/dotnetcoreapp:${{github.run_number}} diff --git a/.github/workflows/reusable-cd.yml b/.github/workflows/reusable-cd.yml new file mode 100644 index 00000000..19a14995 --- /dev/null +++ b/.github/workflows/reusable-cd.yml @@ -0,0 +1,37 @@ +name: .NET CD Workflow + +on: + workflow_call: + inputs: + environment: + description: 'Environment' + required: true + default: 'dev' + type: string + +jobs: + deploy: + runs-on: ubuntu-latest + + environment: + name: ${{ inputs.environment }} + url: "https://techexcel-${{ inputs.environment }}.azurewebsites.net/" + steps: + - uses: azure/login@v2.1.1 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + # We also need to ensure that enable-AzPSSession is true. This is important for + # using OIDC in Azure. If we were to pass in a client secret instead, we would not need + # this setting enabled + enable-AzPSSession: true + + - uses: azure/webapps-deploy@v2 + with: + app-name: 'techexcel-${{ inputs.environment }}' + images: ${{ secrets.ACR_LOGIN_SERVER }}/techexcel/dotnetcoreapp:${{ github.run_number }} + + + + From f12dca140de10cb0f797b6b00e3f0bb8363ba590 Mon Sep 17 00:00:00 2001 From: Puneet-Minhas <81772545+Puneet-Minhas@users.noreply.github.com> Date: Wed, 11 Sep 2024 12:04:50 +0100 Subject: [PATCH 15/21] Update Index.cshtml --- src/Application/src/RazorPagesTestSample/Pages/Index.cshtml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Application/src/RazorPagesTestSample/Pages/Index.cshtml b/src/Application/src/RazorPagesTestSample/Pages/Index.cshtml index f7645733..445a027c 100644 --- a/src/Application/src/RazorPagesTestSample/Pages/Index.cshtml +++ b/src/Application/src/RazorPagesTestSample/Pages/Index.cshtml @@ -1,7 +1,7 @@ @page @model IndexModel @{ - ViewData["Title"] = "Munson's Pickles and Preserves Team Messaging System"; + ViewData["Title"] = "Munson's Pickles and Preserves Team Messaging System!"; }

@ViewData["Title"]

From 34b05f861efb12aa167467f28dadbfb403c35728 Mon Sep 17 00:00:00 2001 From: Puneet-Minhas <81772545+Puneet-Minhas@users.noreply.github.com> Date: Wed, 11 Sep 2024 12:10:07 +0100 Subject: [PATCH 16/21] Update ci-cd.yml --- .github/workflows/ci-cd.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml index 72e1d86d..063627f1 100644 --- a/.github/workflows/ci-cd.yml +++ b/.github/workflows/ci-cd.yml @@ -78,8 +78,7 @@ jobs: uses: ./.github/workflows/reusable-cd.yml with: environment: dev - secrets: - inherit: true + secrets: inherit # deploy-to-test: From cea4c464f131cdacce570b992ccc797e26193db4 Mon Sep 17 00:00:00 2001 From: Puneet-Minhas <81772545+Puneet-Minhas@users.noreply.github.com> Date: Wed, 11 Sep 2024 12:10:31 +0100 Subject: [PATCH 17/21] Update Index.cshtml --- src/Application/src/RazorPagesTestSample/Pages/Index.cshtml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Application/src/RazorPagesTestSample/Pages/Index.cshtml b/src/Application/src/RazorPagesTestSample/Pages/Index.cshtml index 445a027c..8e4814fe 100644 --- a/src/Application/src/RazorPagesTestSample/Pages/Index.cshtml +++ b/src/Application/src/RazorPagesTestSample/Pages/Index.cshtml @@ -1,7 +1,7 @@ @page @model IndexModel @{ - ViewData["Title"] = "Munson's Pickles and Preserves Team Messaging System!"; + ViewData["Title"] = "Munson's Pickles and Preserves Team Messaging System!!"; }

@ViewData["Title"]

From 505ef314e478bdd80f54316abba297f11fc81152 Mon Sep 17 00:00:00 2001 From: Admin user Date: Wed, 11 Sep 2024 12:12:48 +0100 Subject: [PATCH 18/21] added docker file --- .../src/RazorPagesTestSample/Dockerfile | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 src/Application/src/RazorPagesTestSample/Dockerfile diff --git a/src/Application/src/RazorPagesTestSample/Dockerfile b/src/Application/src/RazorPagesTestSample/Dockerfile new file mode 100644 index 00000000..ab3fcaf2 --- /dev/null +++ b/src/Application/src/RazorPagesTestSample/Dockerfile @@ -0,0 +1,18 @@ +FROM mcr.microsoft.com/dotnet/sdk:8.0 AS build-env +WORKDIR /app + +# Copy csproj and restore as distinct layers +COPY *.csproj ./ +RUN dotnet restore + +# Copy everything else and build +COPY . ./ +RUN dotnet publish -c Release -o out + +# Build runtime image +FROM mcr.microsoft.com/dotnet/aspnet:8.0 +WORKDIR /app +COPY --from=build-env /app/out . +# Default ASP.NET port changed with .NET 8.0 +ENV ASPNETCORE_HTTP_PORTS=80 +ENTRYPOINT ["dotnet", "RazorPagesTestSample.dll"] \ No newline at end of file From 5c11703d45c7de830e6bebc0bcdb6483f3bacb9f Mon Sep 17 00:00:00 2001 From: Admin user Date: Wed, 11 Sep 2024 12:16:28 +0100 Subject: [PATCH 19/21] update file --- .github/workflows/reusable-cd.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/reusable-cd.yml b/.github/workflows/reusable-cd.yml index 19a14995..196a5f1c 100644 --- a/.github/workflows/reusable-cd.yml +++ b/.github/workflows/reusable-cd.yml @@ -12,7 +12,10 @@ on: jobs: deploy: runs-on: ubuntu-latest - + permissions: + contents: read + pages: write + id-token: write environment: name: ${{ inputs.environment }} url: "https://techexcel-${{ inputs.environment }}.azurewebsites.net/" From 58c2eb15dc92487cd8293a70792de4fe8bfed547 Mon Sep 17 00:00:00 2001 From: Admin user Date: Wed, 11 Sep 2024 12:27:03 +0100 Subject: [PATCH 20/21] update --- .github/workflows/reusable-cd.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/reusable-cd.yml b/.github/workflows/reusable-cd.yml index 196a5f1c..142b8d3e 100644 --- a/.github/workflows/reusable-cd.yml +++ b/.github/workflows/reusable-cd.yml @@ -32,7 +32,7 @@ jobs: - uses: azure/webapps-deploy@v2 with: - app-name: 'techexcel-${{ inputs.environment }}' + app-name: 'ghwxvgb4jngfa-${{ inputs.environment }}' images: ${{ secrets.ACR_LOGIN_SERVER }}/techexcel/dotnetcoreapp:${{ github.run_number }} From 9e93b19c10d4566fa6721fb37e57c5896e9e8d9b Mon Sep 17 00:00:00 2001 From: Puneet-Minhas <81772545+Puneet-Minhas@users.noreply.github.com> Date: Wed, 11 Sep 2024 12:32:41 +0100 Subject: [PATCH 21/21] Create CODEOWNERS --- CODEOWNERS | 1 + 1 file changed, 1 insertion(+) create mode 100644 CODEOWNERS diff --git a/CODEOWNERS b/CODEOWNERS new file mode 100644 index 00000000..90185b87 --- /dev/null +++ b/CODEOWNERS @@ -0,0 +1 @@ +* puneet-minhas