Merge pull request #10 from manekinekko/azd-support

feat: add support for azd 🎉

Author: glaucia86

.gitignore

@@ -0,0 +1,2 @@
+
+.azure

README.md

@@ -9,6 +9,7 @@ A real study case application how to apply Node.Js with:
 * **Vue.Js**
 * **Azure Functions** 
 * **Azure Static Web Apps**
+* **Azure Dev CLI**
 
 ## 🚀 Resources Used
 
@@ -123,6 +124,43 @@ Unless you have changed the database name, login and password in the Dockerfile
 
 If you want to test Azure SQL database, to make sure everything will work perfectly even when deployed on Azure, you need to create an Azure SQL database before.
 
+***Using the Azure Dev CLI***
+
+The following prerequisites are required to use this application. Please ensure that you have them all installed locally.
+
+- [Azure Developer CLI](https://aka.ms/azure-dev/install)
+  - Windows:
+    ```powershell
+    powershell -ex AllSigned -c "Invoke-RestMethod 'https://aka.ms/install-azd.ps1' | Invoke-Expression"
+    ```
+  - Linux/MacOS:
+    ```
+    curl -fsSL https://aka.ms/install-azd.sh | bash
+    ```
+- [Azure CLI (2.38.0+)](https://docs.microsoft.com/cli/azure/install-azure-cli)
+
+To create the necessary infrastructure on Azure:
+
+1. Open a terminal, change directory to the root of this project.
+1. Run the following command to initialize the project, provision Azure resources.
+
+```bash
+azd provision
+```
+For more details, [read the Azure Dev CLI documentation](https://learn.microsoft.com/en-us/azure/developer/azure-developer-cli/).
+
+Once the infrastructure has been created, create a `.env` file in the `api` folder and copy/paste content from `.azure/azure-sql-prisma-vue/.env`. We only care about the `DATABASE_URL` and `SHADOW_DATABASE_URL` variables:
+
+```bash
+# Database connection string
+DATABASE_URL="sqlserver://DB_SERVER_NAME.database.windows.net:1433;database=DB_NAME;user=DB_USER@DB_SERVER_NAME;password={PASSWORD};encrypt=true"
+
+# Shadow database connection string for development
+SHADOW_DATABASE_URL="sqlserver://DB_SERVER_NAME.database.windows.net:1433;database=DB_NAME;user=DB_USER@DB_SERVER_NAME;password={PASSWORD};encrypt=true"
+```
+
+***Using the Azure Portal***
+
 The are different ways you can create an Azure SQL Database. Using the Portal, using AZ CLI or Powershell. The easiest is using the Portal, and you can have see complete walk-through in this recording: **[Demo: Deploy Azure SQL Database | Azure SQL for beginners (Ep. 14)](https://www.youtube.com/watch?v=wiBC4OxFX60&list=PLlrxD0HtieHi5c9-i_Dnxw9vxBY-TqaeN&index=21)**. If you prefer reading instead of watching, here a complete quickstart guide available, with detailed steps for each option: **[Quickstart: Create an Azure SQL Database single database](https://docs.microsoft.com/en-us/azure/azure-sql/database/single-database-create-quickstart?view=azuresql&tabs=azure-portal)**. If you want something more concise and direct, you can to follow the simple 6-steps guide available here: **[Create and connect to an Azure SQL DB](https://dev.to/azure/create-and-connect-to-an-azure-sql-db-9k0)**. 
 
 Make sure you create *two* Azure SQL databases:

azure.yaml

@@ -0,0 +1,14 @@
+# yaml-language-server: $schema=https://raw.githubusercontent.com/Azure/azure-dev/main/schemas/v1.0/azure.yaml.json
+
+name: azure-sql-prisma-vue
+
+infra:
+    provider: bicep
+    path: main
+
+services:
+    web:
+        project: ./client
+        dist: dist
+        language: js
+        host: staticwebapp

infra/main.bicep

@@ -0,0 +1,118 @@
+targetScope = 'subscription'
+
+@minLength(1)
+@maxLength(64)
+@description('Name of the the environment which is used to generate a short unique hash used in all resources.')
+param name string
+
+@minLength(1)
+@description('Primary location for all resources')
+param location string
+
+@description('Id of the user or app to assign app roles')
+param principalId string = ''
+
+var resourceToken = toLower(uniqueString(subscription().id, name, location))
+var tags = { 'azd-env-name': name }
+
+resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = {
+  name: 'rg-${name}'
+  location: location
+  tags: tags
+}
+
+// TODO: make KeyVault optional
+var deployKeyVault = false
+
+// Note: Application Insights is required for "azd monitor"
+var deployAppInsights = true
+
+module keyVaultResources 'resources/key-vault.bicep' = if (deployKeyVault) {
+  name: 'key-vault-resources'
+  scope: resourceGroup
+  params: {
+    enableSoftDelete: false
+    keyVaultName: 'kv-${resourceToken}'
+    location: location
+    roleAssignments: [
+      {
+        // https://docs.microsoft.com/en-us/azure/key-vault/general/rbac-guide?tabs=azure-cli#azure-built-in-roles-for-key-vault-data-plane-operations
+        roleDefinitionId: '4633458b-17de-408a-b874-0445c86b69e6'
+        principalType: 'ServicePrincipal'
+        principalId: principalId
+      }
+    ]
+    tags: tags
+  }
+}
+
+module swaResources 'resources/static-sites.bicep' = {
+  name: 'static-sites-resources'
+  scope: resourceGroup
+  params: {
+    appSettings: {
+      APPINSIGHTS_INSTRUMENTATIONKEY: deployAppInsights ? applicationInsightsResources.outputs.connectionString : null
+      STORAGE_CONNECTION_STRING: storageResources.outputs.connectionString
+      DATABASE_URL: databaseResources.outputs.url
+      SHADOW_DATABASE_URL: databaseResources.outputs.urlShadow
+      AzureWebJobsStorage: storageResources.outputs.connectionString
+      FUNCTIONS_EXTENSION_VERSION: '~4'
+      FUNCTIONS_WORKER_RUNTIME: 'node'
+      SCM_DO_BUILD_DURING_DEPLOYMENT: 'true'
+    }
+    buildProperties: {
+      skipGithubActionWorkflowGeneration: true
+    }
+    location: location
+    staticSiteName: 'stapp-${resourceToken}'
+    tags: tags
+  }
+}
+
+module storageResources 'resources/storage.bicep' = {
+  name: 'storage-resources'
+  scope: resourceGroup
+  params: {
+    location: location
+    storageName: 'st${resourceToken}'
+    tags: tags
+  }
+}
+
+module logAnalyticsResources 'resources/log-analytics.bicep' = {
+  name: 'log-analytics-resources'
+  scope: resourceGroup
+  params: {
+    logAnalyticsName: 'log-${resourceToken}'
+    location: location
+    tags: tags
+  }
+}
+
+module applicationInsightsResources 'resources/applicationinsights.bicep' = if (deployAppInsights) {
+  name: 'applicationinsights-resources'
+  scope: resourceGroup
+  params: {
+    applicationInsightsName: resourceToken
+    location: location
+    workspaceId: logAnalyticsResources.outputs.workspaceId
+    tags: tags
+  }
+}
+
+module databaseResources 'resources/sql-server.bicep' = {
+  name: 'database-resources'
+  scope: resourceGroup
+  params: {
+    sqlServerName: 'sql-${resourceToken}'
+    databaseName: 'sqldb-${resourceToken}'
+    administratorLogin: 'prisma-azure'
+    location: location
+    tags: tags
+  }
+}
+
+output DATABASE_URL string = databaseResources.outputs.url
+output SHADOW_DATABASE_URL string = databaseResources.outputs.urlShadow
+output AZURE_LOCATION string = location
+output AZURE_TENANT_ID string = tenant().tenantId

infra/main.parameters.json

@@ -0,0 +1,15 @@
+{
+    "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
+    "contentVersion": "1.0.0.0",
+    "parameters": {
+      "name": {
+        "value": "${AZURE_ENV_NAME}"
+      },
+      "location": {
+        "value": "${AZURE_LOCATION}"
+      },
+      "principalId": {
+        "value": "${AZURE_PRINCIPAL_ID}"
+      }
+    }
+  }

infra/resources/applicationinsights.bicep

@@ -0,0 +1,17 @@
+param applicationInsightsName string
+param location string
+param tags object
+param workspaceId string
+
+resource applicationInsights 'Microsoft.Insights/components@2020-02-02' = {
+  name: 'appi-${applicationInsightsName}'
+  location: location
+  tags: tags
+  kind: 'web'
+  properties: {
+    Application_Type: 'web'
+    WorkspaceResourceId: workspaceId
+  }
+}
+
+output connectionString string = applicationInsights.properties.ConnectionString

infra/resources/key-vault.bicep

@@ -0,0 +1,66 @@
+@description('Resource tags.')
+param tags object
+
+@description('Resource location.')
+param location string
+
+@description('The name of the key vault. e.g. kv-swa-sso')
+param keyVaultName string
+
+@description('The name of the SKU for the key vault.')
+param sku string = 'Standard'
+
+@description('Tenant id for the subscription.')
+param tenant string = subscription().tenantId
+
+@description('Enables soft delete.')
+param enableSoftDelete bool = true
+
+@description('Soft delete retention period.')
+param softDeleteRetentionInDays int = 7
+
+@description('An array of role assignment objects. Format: [{ roleDefinitionId: xxx, principalType: xxx, principalId: xxx }]')
+param roleAssignments array
+// E.g.
+// [
+//   {
+//     roleDefinitionId: 'replace'
+//     principalType: 'replace'
+//     principalId: 'replace'
+//   }
+// ]
+
+resource keyVault 'Microsoft.KeyVault/vaults@2021-06-01-preview' = {
+  name: keyVaultName
+  location: location
+  tags: tags
+  properties: {
+    sku: {
+      name: sku
+      family: 'A'
+    }
+    tenantId: tenant
+    enabledForTemplateDeployment: true
+    enableRbacAuthorization: true
+    enableSoftDelete: enableSoftDelete
+    softDeleteRetentionInDays: softDeleteRetentionInDays
+    networkAcls: {
+      bypass: 'AzureServices'
+      defaultAction: 'Allow'
+    }
+  }
+}
+
+resource keyVaultRoleAssignments 'Microsoft.Authorization/roleAssignments@2020-04-01-preview' = [for role in roleAssignments: {
+  name: guid(keyVault.name, role.roleDefinitionId, role.principalId)
+  scope: keyVault
+  properties: {
+    principalType: role.principalType
+    roleDefinitionId: resourceId('microsoft.authorization/roleDefinitions', role.roleDefinitionId)
+    principalId: role.principalId
+  }
+}]
+
+output keyVaultName string = keyVault.name
+output keyVaultResourceId string = keyVault.id
+output keyVaultEndpoint string = keyVault.properties.vaultUri

infra/resources/log-analytics.bicep

@@ -0,0 +1,25 @@
+@description('Resource tags.')
+param tags object
+
+@description('Resource location.')
+param location string
+
+@description('The name of the log Analytics workspace. e.g. log-demo')
+param logAnalyticsName string
+
+resource logAnalyticsWorkspace 'Microsoft.OperationalInsights/workspaces@2021-12-01-preview' = {
+  name: logAnalyticsName
+  location: location
+  tags: tags
+  properties: any({
+    retentionInDays: 30
+    features: {
+      searchVersion: 1
+    }
+    sku: {
+      name: 'PerGB2018'
+    }
+  })
+}
+
+output workspaceId string = logAnalyticsWorkspace.id