From f04c8dcf4849da8fc1d679b037b8537f65f55b6d Mon Sep 17 00:00:00 2001 From: Brian Denicola Date: Tue, 22 Oct 2024 19:37:43 +0000 Subject: [PATCH 01/46] =?UTF-8?q?=F0=9F=A5=8D=20Tue=20Oct=2022=2019:37:43?= =?UTF-8?q?=20UTC=202024?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/pages.yml | 62 ------------------------------------- 1 file changed, 62 deletions(-) delete mode 100644 .github/workflows/pages.yml diff --git a/.github/workflows/pages.yml b/.github/workflows/pages.yml deleted file mode 100644 index cedae546..00000000 --- a/.github/workflows/pages.yml +++ /dev/null @@ -1,62 +0,0 @@ -# This workflow uses actions that are not certified by GitHub. -# They are provided by a third-party and are governed by -# separate terms of service, privacy policy, and support -# documentation. - -# Sample workflow for building and deploying a Jekyll site to GitHub Pages -name: Deploy Jekyll site to Pages - -on: - push: - branches: ["main"] - - # Allows you to run this workflow manually from the Actions tab - workflow_dispatch: - -# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages -permissions: - contents: read - pages: write - id-token: write - -# Allow one concurrent deployment -concurrency: - group: "pages" - cancel-in-progress: true - -jobs: - # Build job - build: - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v3 - - name: Setup Ruby - uses: ruby/setup-ruby@v1 - with: - ruby-version: '3.1' # Not needed with a .ruby-version file - bundler-cache: true # runs 'bundle install' and caches installed gems automatically - cache-version: 0 # Increment this number if you need to re-download cached gems - - name: Setup Pages - id: pages - uses: actions/configure-pages@v2 - - name: Build with Jekyll - # Outputs to the './_site' directory by default - run: bundle exec jekyll build --baseurl "${{ steps.pages.outputs.base_path }}" - env: - JEKYLL_ENV: production - - name: Upload artifact - # Automatically uploads an artifact from the './_site' directory by default - uses: actions/upload-pages-artifact@v1 - - # Deployment job - deploy: - environment: - name: github-pages - url: "${{ steps.deployment.outputs.page_url }}" - runs-on: ubuntu-latest - needs: build - steps: - - name: Deploy to GitHub Pages - id: deployment - uses: actions/deploy-pages@v1 From 58352f2625f5fb1f3b1e5ffaf215bf9752f58318 Mon Sep 17 00:00:00 2001 From: Brian Denicola Date: Tue, 22 Oct 2024 19:50:52 +0000 Subject: [PATCH 02/46] =?UTF-8?q?=F0=9F=8F=93=20Tue=20Oct=2022=2019:50:52?= =?UTF-8?q?=20UTC=202024?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/first-workflow.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 .github/workflows/first-workflow.yml diff --git a/.github/workflows/first-workflow.yml b/.github/workflows/first-workflow.yml new file mode 100644 index 00000000..06f874b3 --- /dev/null +++ b/.github/workflows/first-workflow.yml @@ -0,0 +1,12 @@ +name: First Workflow +on: + workflow_dispatch: + +jobs: + job1: + runs-on: ubuntu-latest + steps: + - name: Step one + run: echo "Step 1 complete!" + - name: Step two + run: echo "Step 2 complete!" From 6ec0817a15b19399b01203485394feadec4eee33 Mon Sep 17 00:00:00 2001 From: Brian Denicola Date: Tue, 22 Oct 2024 19:52:16 +0000 Subject: [PATCH 03/46] =?UTF-8?q?=F0=9F=8F=8F=20Tue=20Oct=2022=2019:52:16?= =?UTF-8?q?=20UTC=202024?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/first-workflow.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/.github/workflows/first-workflow.yml b/.github/workflows/first-workflow.yml index 06f874b3..aaced164 100644 --- a/.github/workflows/first-workflow.yml +++ b/.github/workflows/first-workflow.yml @@ -10,3 +10,13 @@ jobs: run: echo "Step 1 complete!" - name: Step two run: echo "Step 2 complete!" + + + job2: + runs-on: ubuntu-latest + steps: + - name: Cowsays + uses: mscoutermarsh/cowsays-action@master + with: + text: 'Ready for prod--ship it!' + color: 'magenta' From 9d0d9a8fc4918789f779de9fcbf8193bc29d50bf Mon Sep 17 00:00:00 2001 From: Brian Denicola Date: Tue, 22 Oct 2024 19:53:43 +0000 Subject: [PATCH 04/46] =?UTF-8?q?=F0=9F=8F=80=20Tue=20Oct=2022=2019:53:43?= =?UTF-8?q?=20UTC=202024?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/first-workflow.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/first-workflow.yml b/.github/workflows/first-workflow.yml index aaced164..dc9b0571 100644 --- a/.github/workflows/first-workflow.yml +++ b/.github/workflows/first-workflow.yml @@ -13,6 +13,7 @@ jobs: job2: + needs: job1 runs-on: ubuntu-latest steps: - name: Cowsays From 14fc2044f12c248753f9dcb4f5bfcd00fa843cc1 Mon Sep 17 00:00:00 2001 From: Brian Denicola Date: Tue, 22 Oct 2024 20:17:07 +0000 Subject: [PATCH 05/46] =?UTF-8?q?=F0=9F=8F=93=20Tue=20Oct=2022=2020:17:07?= =?UTF-8?q?=20UTC=202024?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/first-workflow.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/first-workflow.yml b/.github/workflows/first-workflow.yml index dc9b0571..d53701c9 100644 --- a/.github/workflows/first-workflow.yml +++ b/.github/workflows/first-workflow.yml @@ -5,9 +5,11 @@ on: jobs: job1: runs-on: ubuntu-latest + env: + COW_SAYS: "Moo" steps: - name: Step one - run: echo "Step 1 complete!" + run: echo "Step 1 Cow says ${{ env.COW_SAYS }}!" - name: Step two run: echo "Step 2 complete!" From 76cb79f1a00c6d8ecc30b3874a8cb2c7d5c75f2e Mon Sep 17 00:00:00 2001 From: Brian Denicola Date: Tue, 22 Oct 2024 20:24:44 +0000 Subject: [PATCH 06/46] Resolves #2 --- src/Application/src/RazorPagesTestSample/Data/Message.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Application/src/RazorPagesTestSample/Data/Message.cs b/src/Application/src/RazorPagesTestSample/Data/Message.cs index ea99cbd6..59f24395 100644 --- a/src/Application/src/RazorPagesTestSample/Data/Message.cs +++ b/src/Application/src/RazorPagesTestSample/Data/Message.cs @@ -9,7 +9,7 @@ public class Message [Required] [DataType(DataType.Text)] - [StringLength(200, ErrorMessage = "There's a 200 character limit on messages. Please shorten your message.")] + [StringLength(250, ErrorMessage = "There's a 250 character limit on messages. Please shorten your message.")] public string Text { get; set; } } #endregion From 6b1c6628891adb80fa231d794b76fce01fa9cd6a Mon Sep 17 00:00:00 2001 From: Brian Denicola Date: Tue, 22 Oct 2024 20:50:08 +0000 Subject: [PATCH 07/46] IaaC --- .github/workflows/deploy.yml | 28 +++++++++++ src/InfrastructureAsCode/main.bicep | 73 ++++++++++++++++++++++++++++- 2 files changed, 100 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/deploy.yml diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml new file mode 100644 index 00000000..e7d11ca1 --- /dev/null +++ b/.github/workflows/deploy.yml @@ -0,0 +1,28 @@ + on: + workflow_dispatch + + env: + targetEnv: dev + + name: Azure Bicep + jobs: + + build-and-deploy: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@main + + - uses: azure/login@v2.1.1 + with: + client-id: ${{ secret.AZURE_CLIENT_ID }} + tenant-id: ${{ secret.AZURE_TENANT_ID }} + subscription-id: ${{ secret.AZURE_SUBSCRIPTION_ID }} + enable-AzPSSession: true + + - name: Run ARM deploy + uses: azure/arm-deploy@v1 + with: + subscriptionId: $ + resourceGroupName: $ + template: ./InfrastructureAsCode/main.bicep + parameters: environment=$ diff --git a/src/InfrastructureAsCode/main.bicep b/src/InfrastructureAsCode/main.bicep index 6dc69618..65f677b7 100644 --- a/src/InfrastructureAsCode/main.bicep +++ b/src/InfrastructureAsCode/main.bicep @@ -14,4 +14,75 @@ var registrySku = 'Standard' var imageName = 'techexcel/dotnetcoreapp' var startupCommand = '' -// TODO: complete this script +// App Service Plan, a Web App, Application Insights, and Azure Container Registry in your resource group. + +// Generate bicep code to create an Azure Application Insights +resource appInsights 'Microsoft.Insights/components@2020-02-02' = { + name: appInsightsName + location: location + kind: 'web' + properties: { + Application_Type: 'web' + WorkspaceResourceId: logAnalytics.id + } +} + +// Generate bicep code to create an Azure Log Analytics Workspace +resource logAnalytics 'Microsoft.OperationalInsights/workspaces@2023-09-01' = { + name: logAnalyticsName + location: location + properties: { + sku: { + name: 'PerGB2018' + } + } +} + +// Generate bicep code to create an Azure Container Registry +resource acr 'Microsoft.ContainerRegistry/registries@2020-11-01-preview' = { + name: registryName + location: location + sku: { + name: registrySku + } +} + + +// Generate bicep code to create an Azure App Service Plan +resource appServicePlan 'Microsoft.Web/serverfarms@2020-06-01' = { + name: appServicePlanName + location: location + properties: { + name: appServicePlanName + reserved: true + sku: { + name: sku + tier: 'Standard' + size: 'S1' + } + } +} + +// Generate bicep code to create an Azure Web App using docker image name imageName and startup command of startupCommand + +resource webApp 'Microsoft.Web/sites@2020-06-01' = { + name: webAppName + location: location + properties: { + serverFarmId: appServicePlan.id + siteConfig: { + linuxFxVersion: 'DOCKER|${imageName}' + appCommandLine: startupCommand + appSettings: [ + { + name: 'WEBSITES_ENABLE_APP_SERVICE_STORAGE' + value: 'false' + } + { + name: 'APPINSIGHTS_INSTRUMENTATIONKEY' + value: appInsights.properties.InstrumentationKey + } + ] + } + } + } From 18253c97954e9a15c0986e37703bcb9136d5748c Mon Sep 17 00:00:00 2001 From: Brian Date: Wed, 23 Oct 2024 10:15:23 -0500 Subject: [PATCH 08/46] Update deploy.yml --- .github/workflows/deploy.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index e7d11ca1..d716af6f 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -14,9 +14,9 @@ - uses: azure/login@v2.1.1 with: - client-id: ${{ secret.AZURE_CLIENT_ID }} - tenant-id: ${{ secret.AZURE_TENANT_ID }} - subscription-id: ${{ secret.AZURE_SUBSCRIPTION_ID }} + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} enable-AzPSSession: true - name: Run ARM deploy From c577599fbe314ccd87e78963c44dbaaab9ceb061 Mon Sep 17 00:00:00 2001 From: Brian Date: Wed, 23 Oct 2024 10:18:55 -0500 Subject: [PATCH 09/46] Create sample --- .github/workflows/sample | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 .github/workflows/sample diff --git a/.github/workflows/sample b/.github/workflows/sample new file mode 100644 index 00000000..95b5bcde --- /dev/null +++ b/.github/workflows/sample @@ -0,0 +1,25 @@ +# File: .github/workflows/workflow.yml + +name: Run Azure Login with OIDC +on: [push] + +permissions: + id-token: write + contents: read +jobs: + build-and-deploy: + runs-on: ubuntu-latest + steps: + - name: Azure login + uses: azure/login@v2 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + + - name: Azure CLI script + uses: azure/cli@v2 + with: + azcliversion: latest + inlineScript: | + az account show From 513f8ef61ad936f6018641f0183cb27a229a34de Mon Sep 17 00:00:00 2001 From: Brian Date: Wed, 23 Oct 2024 10:19:40 -0500 Subject: [PATCH 10/46] Update and rename sample to sample.yaml --- .github/workflows/{sample => sample.yaml} | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) rename .github/workflows/{sample => sample.yaml} (95%) diff --git a/.github/workflows/sample b/.github/workflows/sample.yaml similarity index 95% rename from .github/workflows/sample rename to .github/workflows/sample.yaml index 95b5bcde..a872ee62 100644 --- a/.github/workflows/sample +++ b/.github/workflows/sample.yaml @@ -1,11 +1,13 @@ # File: .github/workflows/workflow.yml name: Run Azure Login with OIDC -on: [push] +on: + workflow_dispatch permissions: id-token: write contents: read + jobs: build-and-deploy: runs-on: ubuntu-latest From bebd6876e2eba3ae59889016cb40474da1d8a825 Mon Sep 17 00:00:00 2001 From: Brian Date: Wed, 23 Oct 2024 10:25:07 -0500 Subject: [PATCH 11/46] Update deploy.yml --- .github/workflows/deploy.yml | 57 ++++++++++++++++++++---------------- 1 file changed, 31 insertions(+), 26 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index d716af6f..7a9588e1 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -1,28 +1,33 @@ - on: +name: Azure Bicep +on: workflow_dispatch - env: - targetEnv: dev - - name: Azure Bicep - jobs: - - build-and-deploy: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@main - - - uses: azure/login@v2.1.1 - with: - client-id: ${{ secrets.AZURE_CLIENT_ID }} - tenant-id: ${{ secrets.AZURE_TENANT_ID }} - subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - enable-AzPSSession: true - - - name: Run ARM deploy - uses: azure/arm-deploy@v1 - with: - subscriptionId: $ - resourceGroupName: $ - template: ./InfrastructureAsCode/main.bicep - parameters: environment=$ +env: + targetEnv: dev + RG: TechExcel_RG + +permissions: + id-token: write + contents: read + +jobs: + build-and-deploy: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@main + + - name: Azure login + uses: azure/login@v2 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + enable-AzPSSession: true + + - name: Run ARM deploy + uses: azure/arm-deploy@v1 + with: + subscriptionId: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + resourceGroupName: ${{ env.RG }} + template: ./InfrastructureAsCode/main.bicep + parameters: environment=${{ env.targetEnv }} From 83adc47418a4a57522c08ab45fa05388ac5e4ad9 Mon Sep 17 00:00:00 2001 From: Brian Date: Wed, 23 Oct 2024 10:28:46 -0500 Subject: [PATCH 12/46] Update deploy.yml --- .github/workflows/deploy.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 7a9588e1..45e7a823 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -14,6 +14,7 @@ jobs: build-and-deploy: runs-on: ubuntu-latest steps: + - working-directory: ./src/InfrastructureAsCode/ - uses: actions/checkout@main - name: Azure login @@ -29,5 +30,5 @@ jobs: with: subscriptionId: ${{ secrets.AZURE_SUBSCRIPTION_ID }} resourceGroupName: ${{ env.RG }} - template: ./InfrastructureAsCode/main.bicep + template: ./main.bicep parameters: environment=${{ env.targetEnv }} From 81560a002a040291d77a74385a7e95eb6a928209 Mon Sep 17 00:00:00 2001 From: Brian Date: Wed, 23 Oct 2024 10:31:46 -0500 Subject: [PATCH 13/46] Update deploy.yml --- .github/workflows/deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 45e7a823..e9449b86 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -14,7 +14,7 @@ jobs: build-and-deploy: runs-on: ubuntu-latest steps: - - working-directory: ./src/InfrastructureAsCode/ + - working-directory: ./src/InfrastructureAsCode - uses: actions/checkout@main - name: Azure login From 6981bfbb93e99edca1f523fe36266e8508ff3a5e Mon Sep 17 00:00:00 2001 From: Brian Date: Wed, 23 Oct 2024 10:32:36 -0500 Subject: [PATCH 14/46] Update deploy.yml --- .github/workflows/deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index e9449b86..d573e7d2 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -14,7 +14,6 @@ jobs: build-and-deploy: runs-on: ubuntu-latest steps: - - working-directory: ./src/InfrastructureAsCode - uses: actions/checkout@main - name: Azure login @@ -27,6 +26,7 @@ jobs: - name: Run ARM deploy uses: azure/arm-deploy@v1 + working-directory: ./src/InfrastructureAsCode with: subscriptionId: ${{ secrets.AZURE_SUBSCRIPTION_ID }} resourceGroupName: ${{ env.RG }} From ef329b5e6e16cd984bfcb1863486eda7708c3e62 Mon Sep 17 00:00:00 2001 From: Brian Date: Wed, 23 Oct 2024 10:33:58 -0500 Subject: [PATCH 15/46] Update deploy.yml --- .github/workflows/deploy.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index d573e7d2..862352f8 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -13,6 +13,9 @@ permissions: jobs: build-and-deploy: runs-on: ubuntu-latest + defaults: + run: + working-directory: ./src/InfrastructureAsCode steps: - uses: actions/checkout@main @@ -26,7 +29,6 @@ jobs: - name: Run ARM deploy uses: azure/arm-deploy@v1 - working-directory: ./src/InfrastructureAsCode with: subscriptionId: ${{ secrets.AZURE_SUBSCRIPTION_ID }} resourceGroupName: ${{ env.RG }} From 2aa1f09b896b469a39cd5bbade36e1e9aa11f9ea Mon Sep 17 00:00:00 2001 From: Brian Date: Wed, 23 Oct 2024 10:40:15 -0500 Subject: [PATCH 16/46] Update deploy.yml --- .github/workflows/deploy.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 862352f8..a6855f58 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest defaults: run: - working-directory: ./src/InfrastructureAsCode + working-directory: 'src/InfrastructureAsCode' steps: - uses: actions/checkout@main @@ -32,5 +32,5 @@ jobs: with: subscriptionId: ${{ secrets.AZURE_SUBSCRIPTION_ID }} resourceGroupName: ${{ env.RG }} - template: ./main.bicep + template: main.bicep parameters: environment=${{ env.targetEnv }} From db74265fb87e78827fc1b45a9ae1eb010f029e60 Mon Sep 17 00:00:00 2001 From: Brian Date: Wed, 23 Oct 2024 10:43:08 -0500 Subject: [PATCH 17/46] Update deploy.yml --- .github/workflows/deploy.yml | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index a6855f58..b150e5e5 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -13,9 +13,6 @@ permissions: jobs: build-and-deploy: runs-on: ubuntu-latest - defaults: - run: - working-directory: 'src/InfrastructureAsCode' steps: - uses: actions/checkout@main @@ -32,5 +29,5 @@ jobs: with: subscriptionId: ${{ secrets.AZURE_SUBSCRIPTION_ID }} resourceGroupName: ${{ env.RG }} - template: main.bicep + template: ./src/InfrastructureAsCode/main.bicep parameters: environment=${{ env.targetEnv }} From c62e2826c9e79fd55a3d187eafda79d32a5ca096 Mon Sep 17 00:00:00 2001 From: Brian Denicola Date: Wed, 23 Oct 2024 15:56:12 +0000 Subject: [PATCH 18/46] =?UTF-8?q?=F0=9F=A5=8D=20Wed=20Oct=2023=2015:56:12?= =?UTF-8?q?=20UTC=202024?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/InfrastructureAsCode/main.bicep | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/src/InfrastructureAsCode/main.bicep b/src/InfrastructureAsCode/main.bicep index 65f677b7..370f97ae 100644 --- a/src/InfrastructureAsCode/main.bicep +++ b/src/InfrastructureAsCode/main.bicep @@ -49,23 +49,23 @@ resource acr 'Microsoft.ContainerRegistry/registries@2020-11-01-preview' = { // Generate bicep code to create an Azure App Service Plan -resource appServicePlan 'Microsoft.Web/serverfarms@2020-06-01' = { +resource appServicePlan 'Microsoft.Web/serverfarms@2022-09-01' = { name: appServicePlanName location: location + kind: 'linux' properties: { - name: appServicePlanName - reserved: true - sku: { - name: sku - tier: 'Standard' - size: 'S1' - } + zoneRedundant: false + } + sku: { + capacity: 1 + tier: 'Standard' + size: sku } } // Generate bicep code to create an Azure Web App using docker image name imageName and startup command of startupCommand -resource webApp 'Microsoft.Web/sites@2020-06-01' = { +resource webApp 'Microsoft.Web/sites@2022-09-01' = { name: webAppName location: location properties: { From 91e1fb9989b43d7f09967f33f8571411c540b0eb Mon Sep 17 00:00:00 2001 From: Brian Denicola Date: Wed, 23 Oct 2024 16:06:43 +0000 Subject: [PATCH 19/46] =?UTF-8?q?=F0=9F=8F=93=20Wed=20Oct=2023=2016:06:43?= =?UTF-8?q?=20UTC=202024?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/InfrastructureAsCode/main.bicep | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/src/InfrastructureAsCode/main.bicep b/src/InfrastructureAsCode/main.bicep index 370f97ae..6445d6b2 100644 --- a/src/InfrastructureAsCode/main.bicep +++ b/src/InfrastructureAsCode/main.bicep @@ -54,12 +54,10 @@ resource appServicePlan 'Microsoft.Web/serverfarms@2022-09-01' = { location: location kind: 'linux' properties: { - zoneRedundant: false + reserved: true } sku: { - capacity: 1 - tier: 'Standard' - size: sku + name: sku } } From e5191c4915748b397c81255a9476defa63b21eec Mon Sep 17 00:00:00 2001 From: Brian Date: Wed, 23 Oct 2024 11:19:51 -0500 Subject: [PATCH 20/46] Create dotnet.yml --- .github/workflows/dotnet.yml | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 .github/workflows/dotnet.yml diff --git a/.github/workflows/dotnet.yml b/.github/workflows/dotnet.yml new file mode 100644 index 00000000..d485b2a1 --- /dev/null +++ b/.github/workflows/dotnet.yml @@ -0,0 +1,36 @@ +# This workflow will build a .NET project +# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-net + +name: .NET Build + +on: + workflow_dispatch: + push: + paths: + - '/src/Application/**' + pull_request: + paths: + - '/src/Application/**' + +defaults: + run: + shell: bash + working-directory: ./src/Application + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v4 + - name: Setup .NET + uses: actions/setup-dotnet@v4 + with: + dotnet-version: 8.0.x + - name: Restore dependencies + run: dotnet restore + - name: Build + run: dotnet build --no-restore + - name: Test + run: dotnet test --no-build --verbosity normal From 8e54154e4a7b630ad5c952c605ba336d9de8f2ab Mon Sep 17 00:00:00 2001 From: Brian Denicola Date: Wed, 23 Oct 2024 16:22:38 +0000 Subject: [PATCH 21/46] =?UTF-8?q?=F0=9F=A5=8A=20Wed=20Oct=2023=2016:22:38?= =?UTF-8?q?=20UTC=202024?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/dotnet.yml | 3 +-- .github/workflows/sample.yaml | 27 --------------------------- 2 files changed, 1 insertion(+), 29 deletions(-) delete mode 100644 .github/workflows/sample.yaml diff --git a/.github/workflows/dotnet.yml b/.github/workflows/dotnet.yml index d485b2a1..af97ee4a 100644 --- a/.github/workflows/dotnet.yml +++ b/.github/workflows/dotnet.yml @@ -15,11 +15,10 @@ on: defaults: run: shell: bash - working-directory: ./src/Application + working-directory: ./src/Application/src/RazorPagesTestSample jobs: build: - runs-on: ubuntu-latest steps: diff --git a/.github/workflows/sample.yaml b/.github/workflows/sample.yaml deleted file mode 100644 index a872ee62..00000000 --- a/.github/workflows/sample.yaml +++ /dev/null @@ -1,27 +0,0 @@ -# File: .github/workflows/workflow.yml - -name: Run Azure Login with OIDC -on: - workflow_dispatch - -permissions: - id-token: write - contents: read - -jobs: - build-and-deploy: - runs-on: ubuntu-latest - steps: - - name: Azure login - uses: azure/login@v2 - with: - client-id: ${{ secrets.AZURE_CLIENT_ID }} - tenant-id: ${{ secrets.AZURE_TENANT_ID }} - subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - - - name: Azure CLI script - uses: azure/cli@v2 - with: - azcliversion: latest - inlineScript: | - az account show From c22fe293a501134c8b312cc6aef49ec8d09b2061 Mon Sep 17 00:00:00 2001 From: Brian Denicola Date: Wed, 23 Oct 2024 16:35:01 +0000 Subject: [PATCH 22/46] =?UTF-8?q?=F0=9F=8F=88=20Wed=20Oct=2023=2016:35:01?= =?UTF-8?q?=20UTC=202024?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/Application/src/RazorPagesTestSample/Dockerfile | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 src/Application/src/RazorPagesTestSample/Dockerfile diff --git a/src/Application/src/RazorPagesTestSample/Dockerfile b/src/Application/src/RazorPagesTestSample/Dockerfile new file mode 100644 index 00000000..87a924ee --- /dev/null +++ b/src/Application/src/RazorPagesTestSample/Dockerfile @@ -0,0 +1,10 @@ +FROM mcr.microsoft.com/dotnet/sdk:8.0 AS build-env +WORKDIR /src +COPY . . +RUN dotnet restore +RUN dotnet publish -c Release --nologo -o publish/linux + +FROM mcr.microsoft.com/dotnet/aspnet:8.0 +WORKDIR /app +COPY --from=build-env /src/publish/linux . +ENTRYPOINT [ "dotnet", "RazorPagesTestSample.dll" ] \ No newline at end of file From 87bd7dc58052ff8863e1edc84ed4b1ad3971b95e Mon Sep 17 00:00:00 2001 From: Brian Denicola Date: Wed, 23 Oct 2024 16:37:23 +0000 Subject: [PATCH 23/46] =?UTF-8?q?=F0=9F=8F=80=20Wed=20Oct=2023=2016:37:23?= =?UTF-8?q?=20UTC=202024?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/dotnet.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/dotnet.yml b/.github/workflows/dotnet.yml index af97ee4a..90ab9071 100644 --- a/.github/workflows/dotnet.yml +++ b/.github/workflows/dotnet.yml @@ -7,10 +7,10 @@ on: workflow_dispatch: push: paths: - - '/src/Application/**' + - src/Application/** pull_request: paths: - - '/src/Application/**' + - src/Application/** defaults: run: From 29fcd6bcf17ba467d41f96bedd5258b9215733c9 Mon Sep 17 00:00:00 2001 From: Brian Denicola Date: Wed, 23 Oct 2024 16:46:50 +0000 Subject: [PATCH 24/46] =?UTF-8?q?=F0=9F=8E=AE=20Wed=20Oct=2023=2016:46:50?= =?UTF-8?q?=20UTC=202024?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/dotnet.yml | 45 ++++++++++++++++++++++++++++-------- 1 file changed, 36 insertions(+), 9 deletions(-) diff --git a/.github/workflows/dotnet.yml b/.github/workflows/dotnet.yml index 90ab9071..969ce6df 100644 --- a/.github/workflows/dotnet.yml +++ b/.github/workflows/dotnet.yml @@ -17,19 +17,46 @@ defaults: shell: bash working-directory: ./src/Application/src/RazorPagesTestSample +env: + ACR_NAME: 'f3jiczwhl7laimpnpreg.azurecr.io' + CONTAINER_NAME: 'razorpagestestsample' + TAG_NAME: ${{ github.sha }} + jobs: build: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - name: Setup .NET - uses: actions/setup-dotnet@v4 + # - name: Setup .NET + # uses: actions/setup-dotnet@v4 + # with: + # dotnet-version: 8.0.x + # - name: Restore dependencies + # run: dotnet restore + # - name: Build + # run: dotnet build --no-restore + # - name: Test + # run: dotnet test --no-build --verbosity normal + + - name: Azure login + uses: azure/login@v2 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + enable-AzPSSession: true + + - uses: docker/login-action@v3 + with: + login-server: ${{ env.ACR_NAME }} + username: ${{ secrets.AZURE_CLIENT_ID }} + password: ${{ secrets.AZURE_CLIENT_SECRET }} + + - name: Build and push container image to registry + uses: docker/build-push-action@v2 with: - dotnet-version: 8.0.x - - name: Restore dependencies - run: dotnet restore - - name: Build - run: dotnet build --no-restore - - name: Test - run: dotnet test --no-build --verbosity normal + context: . + push: true + tags: ${{ env.ACR_NAME }}/${{ env.CONTAINER_NAME }}:${{ env.TAG_NAME }} + file: ./Dockerfile \ No newline at end of file From 84e443cf700473b2a9c600756241124efa48a653 Mon Sep 17 00:00:00 2001 From: Brian Denicola Date: Wed, 23 Oct 2024 16:48:12 +0000 Subject: [PATCH 25/46] =?UTF-8?q?=F0=9F=8E=B2=20Wed=20Oct=2023=2016:48:12?= =?UTF-8?q?=20UTC=202024?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/dotnet.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/dotnet.yml b/.github/workflows/dotnet.yml index 969ce6df..83adebda 100644 --- a/.github/workflows/dotnet.yml +++ b/.github/workflows/dotnet.yml @@ -17,6 +17,10 @@ defaults: shell: bash working-directory: ./src/Application/src/RazorPagesTestSample +permissions: + id-token: write + contents: read + env: ACR_NAME: 'f3jiczwhl7laimpnpreg.azurecr.io' CONTAINER_NAME: 'razorpagestestsample' From 580765f7a20b661842314e293f83f7fc22722307 Mon Sep 17 00:00:00 2001 From: Brian Denicola Date: Wed, 23 Oct 2024 16:51:59 +0000 Subject: [PATCH 26/46] =?UTF-8?q?=F0=9F=A5=8D=20Wed=20Oct=2023=2016:51:59?= =?UTF-8?q?=20UTC=202024?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/dotnet.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/dotnet.yml b/.github/workflows/dotnet.yml index 83adebda..485e75ac 100644 --- a/.github/workflows/dotnet.yml +++ b/.github/workflows/dotnet.yml @@ -50,10 +50,11 @@ jobs: tenant-id: ${{ secrets.AZURE_TENANT_ID }} subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} enable-AzPSSession: true - - - uses: docker/login-action@v3 + + - name: Log into registry ${{ env.ACR_NAME }} + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 with: - login-server: ${{ env.ACR_NAME }} + registry: ${{ env.ACR_NAME }} username: ${{ secrets.AZURE_CLIENT_ID }} password: ${{ secrets.AZURE_CLIENT_SECRET }} From 0daaac383e6e12c4b721a4eb1722f9f225aeceda Mon Sep 17 00:00:00 2001 From: Brian Denicola Date: Wed, 23 Oct 2024 16:56:05 +0000 Subject: [PATCH 27/46] =?UTF-8?q?=E2=9A=BE=20Wed=20Oct=2023=2016:56:05=20U?= =?UTF-8?q?TC=202024?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/dotnet.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/dotnet.yml b/.github/workflows/dotnet.yml index 485e75ac..2546a2f4 100644 --- a/.github/workflows/dotnet.yml +++ b/.github/workflows/dotnet.yml @@ -12,10 +12,10 @@ on: paths: - src/Application/** -defaults: - run: - shell: bash - working-directory: ./src/Application/src/RazorPagesTestSample +# defaults: +# run: +# shell: bash +# working-directory: ./src/Application/src/RazorPagesTestSample permissions: id-token: write @@ -61,7 +61,7 @@ jobs: - name: Build and push container image to registry uses: docker/build-push-action@v2 with: - context: . + context: ./src/Application/src/RazorPagesTestSample push: true tags: ${{ env.ACR_NAME }}/${{ env.CONTAINER_NAME }}:${{ env.TAG_NAME }} - file: ./Dockerfile \ No newline at end of file + file: ./src/Application/src/RazorPagesTestSample/Dockerfile \ No newline at end of file From 45c5558c9973cb0f7fae0d43bdd7ca248934a2ce Mon Sep 17 00:00:00 2001 From: Brian Denicola Date: Wed, 23 Oct 2024 17:01:36 +0000 Subject: [PATCH 28/46] =?UTF-8?q?=F0=9F=8F=88=20Wed=20Oct=2023=2017:01:36?= =?UTF-8?q?=20UTC=202024?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/dotnet.yml | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/.github/workflows/dotnet.yml b/.github/workflows/dotnet.yml index 2546a2f4..3793f55d 100644 --- a/.github/workflows/dotnet.yml +++ b/.github/workflows/dotnet.yml @@ -24,6 +24,7 @@ permissions: env: ACR_NAME: 'f3jiczwhl7laimpnpreg.azurecr.io' CONTAINER_NAME: 'razorpagestestsample' + WEB_APP_NAME: 'f3jiczwhl7lai-dev' TAG_NAME: ${{ github.sha }} jobs: @@ -64,4 +65,17 @@ jobs: context: ./src/Application/src/RazorPagesTestSample push: true tags: ${{ env.ACR_NAME }}/${{ env.CONTAINER_NAME }}:${{ env.TAG_NAME }} - file: ./src/Application/src/RazorPagesTestSample/Dockerfile \ No newline at end of file + file: ./src/Application/src/RazorPagesTestSample/Dockerfile + + deploy: + needs: build + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v4 + + - name: Deploys to + uses: Azure/webapps-deploy@v2 + with: + app-name: ${{ env.WEB_APP_NAME }} + images: '${{ env.ACR_NAME }}/${{ env.CONTAINER_NAME }}:${{ env.TAG_NAME }}' \ No newline at end of file From 99ae1b05a8ce7b0e1a2386c88ed17fcd312e8616 Mon Sep 17 00:00:00 2001 From: Brian Denicola Date: Wed, 23 Oct 2024 17:04:20 +0000 Subject: [PATCH 29/46] =?UTF-8?q?=E2=9A=BE=20Wed=20Oct=2023=2017:04:20=20U?= =?UTF-8?q?TC=202024?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/dotnet.yml | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/.github/workflows/dotnet.yml b/.github/workflows/dotnet.yml index 3793f55d..2825ffd4 100644 --- a/.github/workflows/dotnet.yml +++ b/.github/workflows/dotnet.yml @@ -52,7 +52,7 @@ jobs: subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} enable-AzPSSession: true - - name: Log into registry ${{ env.ACR_NAME }} + - name: Log into registry ACR uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 with: registry: ${{ env.ACR_NAME }} @@ -74,7 +74,15 @@ jobs: steps: - uses: actions/checkout@v4 - - name: Deploys to + - name: Azure login + uses: azure/login@v2 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + enable-AzPSSession: true + + - name: Deploys to WebApp uses: Azure/webapps-deploy@v2 with: app-name: ${{ env.WEB_APP_NAME }} From 2f0de5cce842b5d47857eadb4aa26b85b752bc30 Mon Sep 17 00:00:00 2001 From: Brian Denicola Date: Wed, 23 Oct 2024 17:15:16 +0000 Subject: [PATCH 30/46] =?UTF-8?q?=F0=9F=A5=8A=20Wed=20Oct=2023=2017:15:16?= =?UTF-8?q?=20UTC=202024?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/InfrastructureAsCode/main.bicep | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/InfrastructureAsCode/main.bicep b/src/InfrastructureAsCode/main.bicep index 6445d6b2..69f3a9c9 100644 --- a/src/InfrastructureAsCode/main.bicep +++ b/src/InfrastructureAsCode/main.bicep @@ -72,6 +72,10 @@ resource webApp 'Microsoft.Web/sites@2022-09-01' = { linuxFxVersion: 'DOCKER|${imageName}' appCommandLine: startupCommand appSettings: [ + { + name: 'WEBSITES_PORT' + value: '8080' + } { name: 'WEBSITES_ENABLE_APP_SERVICE_STORAGE' value: 'false' From 82f9f29f0bb6076af8324dc7dce44e1f3c6c9353 Mon Sep 17 00:00:00 2001 From: Brian Denicola Date: Wed, 23 Oct 2024 17:24:28 +0000 Subject: [PATCH 31/46] =?UTF-8?q?=F0=9F=8E=B2=20Wed=20Oct=2023=2017:24:28?= =?UTF-8?q?=20UTC=202024?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/Application/src/RazorPagesTestSample/Pages/Index.cshtml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Application/src/RazorPagesTestSample/Pages/Index.cshtml b/src/Application/src/RazorPagesTestSample/Pages/Index.cshtml index f7645733..4b970a2e 100644 --- a/src/Application/src/RazorPagesTestSample/Pages/Index.cshtml +++ b/src/Application/src/RazorPagesTestSample/Pages/Index.cshtml @@ -1,7 +1,7 @@ @page @model IndexModel @{ - ViewData["Title"] = "Munson's Pickles and Preserves Team Messaging System"; + ViewData["Title"] = "Brian's Pickles and Preserves Team Messaging System"; }

@ViewData["Title"]

From 8d829454cc5207417420a9879f4686eaa888326a Mon Sep 17 00:00:00 2001 From: Brian Denicola Date: Wed, 23 Oct 2024 17:37:42 +0000 Subject: [PATCH 32/46] created code owners --- CODEOWNERS | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 CODEOWNERS diff --git a/CODEOWNERS b/CODEOWNERS new file mode 100644 index 00000000..fe260178 --- /dev/null +++ b/CODEOWNERS @@ -0,0 +1,12 @@ +# Specify owners for all files +* @briandenicola + +# Specify owners for specific directories +/src/ @briandenicola + +# Specify owners for specific files +#/scripts/deploy.sh @devops-owner + +# Specify owners for files with specific extensions +#*.js @js-owner +#*.css @css-owner \ No newline at end of file From fbeaaff6e7ddd425be3352af45e36cdd85789d5d Mon Sep 17 00:00:00 2001 From: Brian Denicola Date: Wed, 23 Oct 2024 17:38:14 +0000 Subject: [PATCH 33/46] =?UTF-8?q?=E2=9A=BE=20Wed=20Oct=2023=2017:38:14=20U?= =?UTF-8?q?TC=202024?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- test.txt | 1 + 1 file changed, 1 insertion(+) create mode 100644 test.txt diff --git a/test.txt b/test.txt new file mode 100644 index 00000000..45b983be --- /dev/null +++ b/test.txt @@ -0,0 +1 @@ +hi From e13385e820900a29cb71226fbccaddae6f67ef38 Mon Sep 17 00:00:00 2001 From: Brian Denicola Date: Wed, 23 Oct 2024 17:39:09 +0000 Subject: [PATCH 34/46] =?UTF-8?q?=F0=9F=8F=92=20Wed=20Oct=2023=2017:39:09?= =?UTF-8?q?=20UTC=202024?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- test.txt | 1 - 1 file changed, 1 deletion(-) delete mode 100644 test.txt diff --git a/test.txt b/test.txt deleted file mode 100644 index 45b983be..00000000 --- a/test.txt +++ /dev/null @@ -1 +0,0 @@ -hi From 1fb655974cd4cdbc85d6edc4279bc6c6e08b934e Mon Sep 17 00:00:00 2001 From: Brian Denicola Date: Wed, 23 Oct 2024 17:40:42 +0000 Subject: [PATCH 35/46] =?UTF-8?q?=F0=9F=A5=8A=20Wed=20Oct=2023=2017:40:42?= =?UTF-8?q?=20UTC=202024?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- test.txt | 1 + 1 file changed, 1 insertion(+) create mode 100644 test.txt diff --git a/test.txt b/test.txt new file mode 100644 index 00000000..45b983be --- /dev/null +++ b/test.txt @@ -0,0 +1 @@ +hi From 89b7a603c594f3f22f35b5ac39d3d53e5ef3c634 Mon Sep 17 00:00:00 2001 From: Brian Denicola Date: Wed, 23 Oct 2024 17:41:57 +0000 Subject: [PATCH 36/46] Updated Page --- src/Application/src/RazorPagesTestSample/Pages/Index.cshtml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Application/src/RazorPagesTestSample/Pages/Index.cshtml b/src/Application/src/RazorPagesTestSample/Pages/Index.cshtml index 4b970a2e..c7b4cdb1 100644 --- a/src/Application/src/RazorPagesTestSample/Pages/Index.cshtml +++ b/src/Application/src/RazorPagesTestSample/Pages/Index.cshtml @@ -1,7 +1,7 @@ @page @model IndexModel @{ - ViewData["Title"] = "Brian's Pickles and Preserves Team Messaging System"; + ViewData["Title"] = "Brian's Pickles Team Messaging System"; }

@ViewData["Title"]

From 56f3ac2e96efc25069d926cbd9dab35ba002f780 Mon Sep 17 00:00:00 2001 From: Brian Denicola Date: Wed, 23 Oct 2024 17:52:02 +0000 Subject: [PATCH 37/46] Security Policy Update --- SECURITY.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/SECURITY.md b/SECURITY.md index b3c89efc..f13e4f55 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -6,6 +6,15 @@ Microsoft takes the security of our software products and services seriously, wh If you believe you have found a security vulnerability in any Microsoft-owned repository that meets [Microsoft's definition of a security vulnerability](https://aka.ms/security.md/definition), please report it to us as described below. +## Supported Versions + +We release patches for security vulnerabilities in the following versions: + +| Version | Supported | +| ------- | ------------------ | +| 1.x | :white_check_mark: | +| 0.x | :x: | + ## Reporting Security Issues **Please do not report security vulnerabilities through public GitHub issues.** @@ -38,4 +47,5 @@ We prefer all communications to be in English. Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://aka.ms/security.md/cvd). +We will respond to your report within 48 hours and keep you updated on the progress. We appreciate your help in keeping our project secure. From 7a0512815cac7439333e4c77340f7668fed88461 Mon Sep 17 00:00:00 2001 From: Brian Date: Wed, 23 Oct 2024 12:55:31 -0500 Subject: [PATCH 38/46] Create codeql.yml --- .github/workflows/codeql.yml | 94 ++++++++++++++++++++++++++++++++++++ 1 file changed, 94 insertions(+) create mode 100644 .github/workflows/codeql.yml diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 00000000..3af396b2 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,94 @@ +# For most projects, this workflow file will not need changing; you simply need +# to commit it to your repository. +# +# You may wish to alter this file to override the set of languages analyzed, +# or to provide custom queries or build logic. +# +# ******** NOTE ******** +# We have attempted to detect the languages in your repository. Please check +# the `language` matrix defined below to confirm you have the correct set of +# supported CodeQL languages. +# +name: "CodeQL Advanced" + +on: + push: + branches: [ "main" ] + pull_request: + branches: [ "main" ] + schedule: + - cron: '42 2 * * 1' + +jobs: + analyze: + name: Analyze (${{ matrix.language }}) + # Runner size impacts CodeQL analysis time. To learn more, please see: + # - https://gh.io/recommended-hardware-resources-for-running-codeql + # - https://gh.io/supported-runners-and-hardware-resources + # - https://gh.io/using-larger-runners (GitHub.com only) + # Consider using larger runners or machines with greater resources for possible analysis time improvements. + runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} + permissions: + # required for all workflows + security-events: write + + # required to fetch internal or private CodeQL packs + packages: read + + # only required for workflows in private repositories + actions: read + contents: read + + strategy: + fail-fast: false + matrix: + include: + - language: csharp + build-mode: none + - language: ruby + build-mode: none + # CodeQL supports the following values keywords for 'language': 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'swift' + # Use `c-cpp` to analyze code written in C, C++ or both + # Use 'java-kotlin' to analyze code written in Java, Kotlin or both + # Use 'javascript-typescript' to analyze code written in JavaScript, TypeScript or both + # To learn more about changing the languages that are analyzed or customizing the build mode for your analysis, + # see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning. + # If you are analyzing a compiled language, you can modify the 'build-mode' for that language to customize how + # your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: ${{ matrix.language }} + build-mode: ${{ matrix.build-mode }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + + # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs + # queries: security-extended,security-and-quality + + # If the analyze step fails for one of the languages you are analyzing with + # "We were unable to automatically build your code", modify the matrix above + # to set the build mode to "manual" for that language. Then modify this step + # to build your code. + # ℹ️ Command-line programs to run using the OS shell. + # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun + - if: matrix.build-mode == 'manual' + shell: bash + run: | + echo 'If you are using a "manual" build mode for one or more of the' \ + 'languages you are analyzing, replace this with the commands to build' \ + 'your code, for example:' + echo ' make bootstrap' + echo ' make release' + exit 1 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 + with: + category: "/language:${{matrix.language}}" From 4364c7bd144c2139a96387c91738c1abc2fd1b75 Mon Sep 17 00:00:00 2001 From: Brian Date: Wed, 23 Oct 2024 13:13:47 -0500 Subject: [PATCH 39/46] Fix code scanning alert no. 1: Arbitrary file access during archive extraction ("Zip Slip") Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .../src/RazorPagesTestSample/Pages/Index.cshtml.cs | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/Application/src/RazorPagesTestSample/Pages/Index.cshtml.cs b/src/Application/src/RazorPagesTestSample/Pages/Index.cshtml.cs index 2e6d94bb..f69b8623 100644 --- a/src/Application/src/RazorPagesTestSample/Pages/Index.cshtml.cs +++ b/src/Application/src/RazorPagesTestSample/Pages/Index.cshtml.cs @@ -94,7 +94,12 @@ public async Task OnPostAnalyzeMessagesAsync() public static void WriteToDirectory(ZipArchiveEntry entry, string destDirectory) { - string destFileName = Path.Combine(destDirectory, entry.FullName); + string destFileName = Path.GetFullPath(Path.Combine(destDirectory, entry.FullName)); + string fullDestDirPath = Path.GetFullPath(destDirectory + Path.DirectorySeparatorChar); + if (!destFileName.StartsWith(fullDestDirPath)) + { + throw new InvalidOperationException("Entry is outside the target dir: " + destFileName); + } entry.ExtractToFile(destFileName); } } From 81097d11e87d0ab6e0ce5199e9e3b74ff57070b1 Mon Sep 17 00:00:00 2001 From: Brian Denicola Date: Wed, 23 Oct 2024 18:24:33 +0000 Subject: [PATCH 40/46] Dependency Updates --- .../RazorPagesTestSample.csproj | 4 ++-- .../RazorPagesTestSample.Tests.csproj | 16 ++++++++-------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/src/Application/src/RazorPagesTestSample/RazorPagesTestSample.csproj b/src/Application/src/RazorPagesTestSample/RazorPagesTestSample.csproj index 34070413..7d39b2f5 100644 --- a/src/Application/src/RazorPagesTestSample/RazorPagesTestSample.csproj +++ b/src/Application/src/RazorPagesTestSample/RazorPagesTestSample.csproj @@ -5,8 +5,8 @@ - - + + diff --git a/src/Application/tests/RazorPagesTestSample.Tests/RazorPagesTestSample.Tests.csproj b/src/Application/tests/RazorPagesTestSample.Tests/RazorPagesTestSample.Tests.csproj index a66e0a92..76c41e73 100644 --- a/src/Application/tests/RazorPagesTestSample.Tests/RazorPagesTestSample.Tests.csproj +++ b/src/Application/tests/RazorPagesTestSample.Tests/RazorPagesTestSample.Tests.csproj @@ -8,16 +8,16 @@ - - - - - - + + + + + + - - + + all runtime; build; native; contentfiles; analyzers; buildtransitive From 26b6c154b75de692854ab4c911e5e8cf8739c5f4 Mon Sep 17 00:00:00 2001 From: Brian Denicola Date: Wed, 23 Oct 2024 19:01:31 +0000 Subject: [PATCH 41/46] =?UTF-8?q?=F0=9F=8E=B2=20Wed=20Oct=2023=2019:01:31?= =?UTF-8?q?=20UTC=202024?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/InfrastructureAsCode/main.bicep | 60 ++++++++++++++++++----------- 1 file changed, 38 insertions(+), 22 deletions(-) diff --git a/src/InfrastructureAsCode/main.bicep b/src/InfrastructureAsCode/main.bicep index 69f3a9c9..f7ea15c6 100644 --- a/src/InfrastructureAsCode/main.bicep +++ b/src/InfrastructureAsCode/main.bicep @@ -10,6 +10,8 @@ var logAnalyticsName = '${uniqueString(resourceGroup().id)}-mpnp-la' var appInsightsName = '${uniqueString(resourceGroup().id)}-mpnp-ai' var sku = 'S1' var registryName = '${uniqueString(resourceGroup().id)}mpnpreg' +var redisCacheName = '${uniqueString(resourceGroup().id)}-mpnp-cache' + var registrySku = 'Standard' var imageName = 'techexcel/dotnetcoreapp' var startupCommand = '' @@ -64,27 +66,41 @@ resource appServicePlan 'Microsoft.Web/serverfarms@2022-09-01' = { // Generate bicep code to create an Azure Web App using docker image name imageName and startup command of startupCommand resource webApp 'Microsoft.Web/sites@2022-09-01' = { - name: webAppName - location: location - properties: { - serverFarmId: appServicePlan.id - siteConfig: { - linuxFxVersion: 'DOCKER|${imageName}' - appCommandLine: startupCommand - appSettings: [ - { - name: 'WEBSITES_PORT' - value: '8080' - } - { - name: 'WEBSITES_ENABLE_APP_SERVICE_STORAGE' - value: 'false' - } - { - name: 'APPINSIGHTS_INSTRUMENTATIONKEY' - value: appInsights.properties.InstrumentationKey - } - ] - } + name: webAppName + location: location + properties: { + serverFarmId: appServicePlan.id + siteConfig: { + linuxFxVersion: 'DOCKER|${imageName}' + appCommandLine: startupCommand + appSettings: [ + { + name: 'WEBSITES_PORT' + value: '8080' + } + { + name: 'WEBSITES_ENABLE_APP_SERVICE_STORAGE' + value: 'false' + } + { + name: 'APPINSIGHTS_INSTRUMENTATIONKEY' + value: appInsights.properties.InstrumentationKey + } + ] } } +} + +// Resource: Azure Redis Cache +resource redisCache 'Microsoft.Cache/Redis@2021-06-01' = { + name: redisCacheName + location: location + properties: { + sku: { + name: 'Basic' + family: 'C' + capacity: '0' + } + enableNonSslPort: false + } +} From 13a141946170383db3b6cc5cf7a05f7025b80ebc Mon Sep 17 00:00:00 2001 From: Brian Denicola Date: Wed, 23 Oct 2024 19:17:43 +0000 Subject: [PATCH 42/46] Updated connection string value --- src/InfrastructureAsCode/main.bicep | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/InfrastructureAsCode/main.bicep b/src/InfrastructureAsCode/main.bicep index f7ea15c6..81bd6b7e 100644 --- a/src/InfrastructureAsCode/main.bicep +++ b/src/InfrastructureAsCode/main.bicep @@ -86,6 +86,10 @@ resource webApp 'Microsoft.Web/sites@2022-09-01' = { name: 'APPINSIGHTS_INSTRUMENTATIONKEY' value: appInsights.properties.InstrumentationKey } + { + name: 'APPLICATIONINSIGHTS_CONNECTION_STRING' + value: appInsights.properties.ConnectionString + } ] } } From 66329a78aa1dfc9de8360231fd54262be5263ca2 Mon Sep 17 00:00:00 2001 From: Brian Denicola Date: Wed, 23 Oct 2024 19:24:44 +0000 Subject: [PATCH 43/46] Bug fix --- src/InfrastructureAsCode/main.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/InfrastructureAsCode/main.bicep b/src/InfrastructureAsCode/main.bicep index 81bd6b7e..00facd2f 100644 --- a/src/InfrastructureAsCode/main.bicep +++ b/src/InfrastructureAsCode/main.bicep @@ -103,7 +103,7 @@ resource redisCache 'Microsoft.Cache/Redis@2021-06-01' = { sku: { name: 'Basic' family: 'C' - capacity: '0' + capacity: 0 } enableNonSslPort: false } From ad5c7e8051e79df7cdc65d16beeb1356d2427f7a Mon Sep 17 00:00:00 2001 From: Brian Denicola Date: Wed, 23 Oct 2024 19:43:05 +0000 Subject: [PATCH 44/46] Updated job --- .github/workflows/dotnet.yml | 22 +++++++++---------- .../UnitTests/DataAccessLayerTest.cs | 5 +++-- 2 files changed, 14 insertions(+), 13 deletions(-) diff --git a/.github/workflows/dotnet.yml b/.github/workflows/dotnet.yml index 2825ffd4..067fff73 100644 --- a/.github/workflows/dotnet.yml +++ b/.github/workflows/dotnet.yml @@ -28,22 +28,22 @@ env: TAG_NAME: ${{ github.sha }} jobs: - build: + test: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - # - name: Setup .NET - # uses: actions/setup-dotnet@v4 - # with: - # dotnet-version: 8.0.x - # - name: Restore dependencies - # run: dotnet restore - # - name: Build - # run: dotnet build --no-restore - # - name: Test - # run: dotnet test --no-build --verbosity normal + - name: Restore dependencies + run: dotnet restore ./src/Application/src/RazorPagesTestSample/RazorPagesTestSample.csproj + - name: Build + run: dotnet build --no-restore ./src/Application/src/RazorPagesTestSample/RazorPagesTestSample.csproj + - name: Test + run: dotnet test --verbosity normal ./src/Application/tests/RazorPagesTestSample.Tests/RazorPagesTestSample.Tests.csproj + build: + runs-on: ubuntu-latest + needs: test + steps: - name: Azure login uses: azure/login@v2 with: diff --git a/src/Application/tests/RazorPagesTestSample.Tests/UnitTests/DataAccessLayerTest.cs b/src/Application/tests/RazorPagesTestSample.Tests/UnitTests/DataAccessLayerTest.cs index 91a91aaa..d973be36 100644 --- a/src/Application/tests/RazorPagesTestSample.Tests/UnitTests/DataAccessLayerTest.cs +++ b/src/Application/tests/RazorPagesTestSample.Tests/UnitTests/DataAccessLayerTest.cs @@ -38,13 +38,14 @@ public async Task AddMessageAsync_MessageIsAdded() // Arrange var recId = 10; var expectedMessage = new Message() { Id = recId, Text = "Message" }; - + var failedMessage = new Message() { Id = recId, Text = "Fake!" }; // Act + await db.AddMessageAsync(expectedMessage); // Assert var actualMessage = await db.FindAsync(recId); - Assert.Equal(expectedMessage, actualMessage); + Assert.Equal(failedMessage, actualMessage); } } From 134d6d817640822bd8a2800492ae1fbafc998fff Mon Sep 17 00:00:00 2001 From: Brian Denicola Date: Wed, 23 Oct 2024 19:45:32 +0000 Subject: [PATCH 45/46] Bug fix --- .../RazorPagesTestSample.Tests/UnitTests/DataAccessLayerTest.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Application/tests/RazorPagesTestSample.Tests/UnitTests/DataAccessLayerTest.cs b/src/Application/tests/RazorPagesTestSample.Tests/UnitTests/DataAccessLayerTest.cs index d973be36..db305ead 100644 --- a/src/Application/tests/RazorPagesTestSample.Tests/UnitTests/DataAccessLayerTest.cs +++ b/src/Application/tests/RazorPagesTestSample.Tests/UnitTests/DataAccessLayerTest.cs @@ -45,7 +45,7 @@ public async Task AddMessageAsync_MessageIsAdded() // Assert var actualMessage = await db.FindAsync(recId); - Assert.Equal(failedMessage, actualMessage); + Assert.Equal(expectedMessage, actualMessage); } } From fa8564c6ad8502b90e5f7a4a53e65339bfeb3092 Mon Sep 17 00:00:00 2001 From: Brian Denicola Date: Wed, 23 Oct 2024 19:53:04 +0000 Subject: [PATCH 46/46] Bug fix --- .github/workflows/dotnet.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/dotnet.yml b/.github/workflows/dotnet.yml index 067fff73..68e50139 100644 --- a/.github/workflows/dotnet.yml +++ b/.github/workflows/dotnet.yml @@ -44,6 +44,7 @@ jobs: runs-on: ubuntu-latest needs: test steps: + - uses: actions/checkout@v4 - name: Azure login uses: azure/login@v2 with: