Remove invalid changes

2022-12-13 10:38:28 +08:00
parent a4f4d69cec
commit 50a8268b2e
20 changed files with 0 additions and 1906 deletions
--- a/.devcontainer/Dockerfile
+++ b/.devcontainer/Dockerfile
@@ -20,7 +20,6 @@ ENV NVM_DIR=/usr/local/share/nvm
 # [Optional] Install the Azure CLI
 ARG INSTALL_AZURE_CLI="false"
 ARG INSTALL_AZURE_DEVELOPER_CLI="true"
 # Configure apt and install packages
 RUN curl -fsSL https://aka.ms/install-azd.sh | bash \
--- a/infra/core/database/cosmos/cosmos-account.bicep
+++ b/infra/core/database/cosmos/cosmos-account.bicep
@@ -1,48 +0,0 @@
 param name string
 param location string = resourceGroup().location
 param tags object = {}
 param connectionStringKey string = 'AZURE-COSMOS-CONNECTION-STRING'
 param keyVaultName string
@allowed([ 'GlobalDocumentDB', 'MongoDB', 'Parse' ])
 param kind string
 resource cosmos 'Microsoft.DocumentDB/databaseAccounts@2022-08-15' = {
  name: name
  kind: kind
  location: location
  tags: tags
  properties: {
    consistencyPolicy: { defaultConsistencyLevel: 'Session' }
    locations: [
      {
        locationName: location
        failoverPriority: 0
        isZoneRedundant: false
      }
    ]
    databaseAccountOfferType: 'Standard'
    enableAutomaticFailover: false
    enableMultipleWriteLocations: false
    apiProperties: (kind == 'MongoDB') ? { serverVersion: '4.0' } : {}
    capabilities: [ { name: 'EnableServerless' } ]
  }
 }
 resource cosmosConnectionString 'Microsoft.KeyVault/vaults/secrets@2022-07-01' = {
  parent: keyVault
  name: connectionStringKey
  properties: {
    value: cosmos.listConnectionStrings().connectionStrings[0].connectionString
  }
 }
 resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' existing = {
  name: keyVaultName
 }
 output connectionStringKey string = connectionStringKey
 output endpoint string = cosmos.properties.documentEndpoint
 output id string = cosmos.id
 output name string = cosmos.name
--- a/infra/core/database/cosmos/mongo/cosmos-mongo-account.bicep
+++ b/infra/core/database/cosmos/mongo/cosmos-mongo-account.bicep
@@ -1,22 +0,0 @@
 param name string
 param location string = resourceGroup().location
 param tags object = {}
 param keyVaultName string
 param connectionStringKey string = 'AZURE-COSMOS-CONNECTION-STRING'
 module cosmos '../../cosmos/cosmos-account.bicep' = {
  name: 'cosmos-account'
  params: {
    name: name
    location: location
    connectionStringKey: connectionStringKey
    keyVaultName: keyVaultName
    kind: 'MongoDB'
    tags: tags
  }
 }
 output connectionStringKey string = cosmos.outputs.connectionStringKey
 output endpoint string = cosmos.outputs.endpoint
 output id string = cosmos.outputs.id
--- a/infra/core/database/cosmos/mongo/cosmos-mongo-db.bicep
+++ b/infra/core/database/cosmos/mongo/cosmos-mongo-db.bicep
@@ -1,46 +0,0 @@
 param accountName string
 param databaseName string
 param location string = resourceGroup().location
 param tags object = {}
 param collections array = []
 param connectionStringKey string = 'AZURE-COSMOS-CONNECTION-STRING'
 param keyVaultName string
 module cosmos 'cosmos-mongo-account.bicep' = {
  name: 'cosmos-mongo-account'
  params: {
    name: accountName
    location: location
    keyVaultName: keyVaultName
    tags: tags
    connectionStringKey: connectionStringKey
  }
 }
 resource database 'Microsoft.DocumentDB/databaseAccounts/mongodbDatabases@2022-08-15' = {
  name: '${accountName}/${databaseName}'
  tags: tags
  properties: {
    resource: { id: databaseName }
  }
  resource list 'collections' = [for collection in collections: {
    name: collection.name
    properties: {
      resource: {
        id: collection.id
        shardKey: { _id: collection.shardKey }
        indexes: [ { key: { keys: [ collection.indexKey ] } } ]
      }
    }
  }]
  dependsOn: [
    cosmos
  ]
 }
 output connectionStringKey string = connectionStringKey
 output databaseName string = databaseName
 output endpoint string = cosmos.outputs.endpoint
--- a/infra/core/database/cosmos/sql/cosmos-sql-account.bicep
+++ b/infra/core/database/cosmos/sql/cosmos-sql-account.bicep
@@ -1,21 +0,0 @@
 param name string
 param location string = resourceGroup().location
 param tags object = {}
 param keyVaultName string
 module cosmos '../../cosmos/cosmos-account.bicep' = {
  name: 'cosmos-account'
  params: {
    name: name
    location: location
    tags: tags
    keyVaultName: keyVaultName
    kind: 'GlobalDocumentDB'
  }
 }
 output connectionStringKey string = cosmos.outputs.connectionStringKey
 output endpoint string = cosmos.outputs.endpoint
 output id string = cosmos.outputs.id
 output name string = cosmos.outputs.name
--- a/infra/core/database/cosmos/sql/cosmos-sql-db.bicep
+++ b/infra/core/database/cosmos/sql/cosmos-sql-db.bicep
@@ -1,73 +0,0 @@
 param accountName string
 param databaseName string
 param location string = resourceGroup().location
 param tags object = {}
 param containers array = []
 param keyVaultName string
 param principalIds array = []
 module cosmos 'cosmos-sql-account.bicep' = {
  name: 'cosmos-sql-account'
  params: {
    name: accountName
    location: location
    tags: tags
    keyVaultName: keyVaultName
  }
 }
 resource database 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases@2022-05-15' = {
  name: '${accountName}/${databaseName}'
  properties: {
    resource: { id: databaseName }
  }
  resource list 'containers' = [for container in containers: {
    name: container.name
    properties: {
      resource: {
        id: container.id
        partitionKey: { paths: [ container.partitionKey ] }
      }
      options: {}
    }
  }]
  dependsOn: [
    cosmos
  ]
 }
 module roleDefintion 'cosmos-sql-role-def.bicep' = {
  name: 'cosmos-sql-role-definition'
  params: {
    accountName: accountName
  }
  dependsOn: [
    cosmos
    database
  ]
 }
 // We need batchSize(1) here because sql role assignments have to be done sequentially
@batchSize(1)
 module userRole 'cosmos-sql-role-assign.bicep' = [for principalId in principalIds: if (!empty(principalId)) {
  name: 'cosmos-sql-user-role-${uniqueString(principalId)}'
  params: {
    accountName: accountName
    roleDefinitionId: roleDefintion.outputs.id
    principalId: principalId
  }
  dependsOn: [
    cosmos
    database
  ]
 }]
 output accountId string = cosmos.outputs.id
 output accountName string = cosmos.outputs.name
 output connectionStringKey string = cosmos.outputs.connectionStringKey
 output databaseName string = databaseName
 output endpoint string = cosmos.outputs.endpoint
 output roleDefinitionId string = roleDefintion.outputs.id
--- a/infra/core/database/cosmos/sql/cosmos-sql-role-assign.bicep
+++ b/infra/core/database/cosmos/sql/cosmos-sql-role-assign.bicep
@@ -1,18 +0,0 @@
 param accountName string
 param roleDefinitionId string
 param principalId string = ''
 resource role 'Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments@2022-05-15' = {
  parent: cosmos
  name: guid(roleDefinitionId, principalId, cosmos.id)
  properties: {
    principalId: principalId
    roleDefinitionId: roleDefinitionId
    scope: cosmos.id
  }
 }
 resource cosmos 'Microsoft.DocumentDB/databaseAccounts@2022-08-15' existing = {
  name: accountName
 }
--- a/infra/core/database/cosmos/sql/cosmos-sql-role-def.bicep
+++ b/infra/core/database/cosmos/sql/cosmos-sql-role-def.bicep
@@ -1,29 +0,0 @@
 param accountName string
 resource roleDefinition 'Microsoft.DocumentDB/databaseAccounts/sqlRoleDefinitions@2022-08-15' = {
  parent: cosmos
  name: guid(cosmos.id, accountName, 'sql-role')
  properties: {
    assignableScopes: [
      cosmos.id
    ]
    permissions: [
      {
        dataActions: [
          'Microsoft.DocumentDB/databaseAccounts/readMetadata'
          'Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/items/*'
          'Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/*'
        ]
        notDataActions: []
      }
    ]
    roleName: 'Reader Writer'
    type: 'CustomRole'
  }
 }
 resource cosmos 'Microsoft.DocumentDB/databaseAccounts@2022-08-15' existing = {
  name: accountName
 }
 output id string = roleDefinition.id
--- a/infra/core/host/container-app.bicep
+++ b/infra/core/host/container-app.bicep
@@ -1,77 +0,0 @@
 param name string
 param location string = resourceGroup().location
 param tags object = {}
 param containerAppsEnvironmentName string = ''
 param containerName string = 'main'
 param containerRegistryName string = ''
 param env array = []
 param external bool = true
 param imageName string
 param keyVaultName string = ''
 param managedIdentity bool = !empty(keyVaultName)
 param targetPort int = 80
@description('CPU cores allocated to a single container instance, e.g. 0.5')
 param containerCpuCoreCount string = '0.5'
@description('Memory allocated to a single container instance, e.g. 1Gi')
 param containerMemory string = '1.0Gi'
 resource app 'Microsoft.App/containerApps@2022-03-01' = {
  name: name
  location: location
  tags: tags
  identity: { type: managedIdentity ? 'SystemAssigned' : 'None' }
  properties: {
    managedEnvironmentId: containerAppsEnvironment.id
    configuration: {
      activeRevisionsMode: 'single'
      ingress: {
        external: external
        targetPort: targetPort
        transport: 'auto'
      }
      secrets: [
        {
          name: 'registry-password'
          value: containerRegistry.listCredentials().passwords[0].value
        }
      ]
      registries: [
        {
          server: '${containerRegistry.name}.azurecr.io'
          username: containerRegistry.name
          passwordSecretRef: 'registry-password'
        }
      ]
    }
    template: {
      containers: [
        {
          image: imageName
          name: containerName
          env: env
          resources: {
            cpu: json(containerCpuCoreCount)
            memory: containerMemory
          }
        }
      ]
    }
  }
 }
 resource containerAppsEnvironment 'Microsoft.App/managedEnvironments@2022-03-01' existing = {
  name: containerAppsEnvironmentName
 }
 // 2022-02-01-preview needed for anonymousPullEnabled
 resource containerRegistry 'Microsoft.ContainerRegistry/registries@2022-02-01-preview' existing = {
  name: containerRegistryName
 }
 output identityPrincipalId string = managedIdentity ? app.identity.principalId : ''
 output imageName string = imageName
 output name string = app.name
 output uri string = 'https://${app.properties.configuration.ingress.fqdn}'
--- a/infra/core/host/container-apps-environment.bicep
+++ b/infra/core/host/container-apps-environment.bicep
@@ -1,26 +0,0 @@
 param name string
 param location string = resourceGroup().location
 param tags object = {}
 param logAnalyticsWorkspaceName string
 resource containerAppsEnvironment 'Microsoft.App/managedEnvironments@2022-03-01' = {
  name: name
  location: location
  tags: tags
  properties: {
    appLogsConfiguration: {
      destination: 'log-analytics'
      logAnalyticsConfiguration: {
        customerId: logAnalyticsWorkspace.properties.customerId
        sharedKey: logAnalyticsWorkspace.listKeys().primarySharedKey
      }
    }
  }
 }
 resource logAnalyticsWorkspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' existing = {
  name: logAnalyticsWorkspaceName
 }
 output name string = containerAppsEnvironment.name
--- a/infra/core/host/container-apps.bicep
+++ b/infra/core/host/container-apps.bicep
@@ -1,30 +0,0 @@
 param name string
 param location string = resourceGroup().location
 param tags object = {}
 param containerAppsEnvironmentName string = ''
 param containerRegistryName string = ''
 param logAnalyticsWorkspaceName string = ''
 module containerAppsEnvironment 'container-apps-environment.bicep' = {
  name: '${name}-container-apps-environment'
  params: {
    name: containerAppsEnvironmentName
    location: location
    tags: tags
    logAnalyticsWorkspaceName: logAnalyticsWorkspaceName
  }
 }
 module containerRegistry 'container-registry.bicep' = {
  name: '${name}-container-registry'
  params: {
    name: containerRegistryName
    location: location
    tags: tags
  }
 }
 output environmentName string = containerAppsEnvironment.outputs.name
 output registryLoginServer string = containerRegistry.outputs.loginServer
 output registryName string = containerRegistry.outputs.name
--- a/infra/core/host/container-registry.bicep
+++ b/infra/core/host/container-registry.bicep
@@ -1,36 +0,0 @@
 param name string
 param location string = resourceGroup().location
 param tags object = {}
 param adminUserEnabled bool = true
 param anonymousPullEnabled bool = false
 param dataEndpointEnabled bool = false
 param encryption object = {
  status: 'disabled'
 }
 param networkRuleBypassOptions string = 'AzureServices'
 param publicNetworkAccess string = 'Enabled'
 param sku object = {
  name: 'Basic'
 }
 param zoneRedundancy string = 'Disabled'
 // 2022-02-01-preview needed for anonymousPullEnabled
 resource containerRegistry 'Microsoft.ContainerRegistry/registries@2022-02-01-preview' = {
  name: name
  location: location
  tags: tags
  sku: sku
  properties: {
    adminUserEnabled: adminUserEnabled
    anonymousPullEnabled: anonymousPullEnabled
    dataEndpointEnabled: dataEndpointEnabled
    encryption: encryption
    networkRuleBypassOptions: networkRuleBypassOptions
    publicNetworkAccess: publicNetworkAccess
    zoneRedundancy: zoneRedundancy
  }
 }
 output loginServer string = containerRegistry.properties.loginServer
 output name string = containerRegistry.name
--- a/infra/core/host/functions.bicep
+++ b/infra/core/host/functions.bicep
@@ -1,82 +0,0 @@
 param name string
 param location string = resourceGroup().location
 param tags object = {}
 // Reference Properties
 param applicationInsightsName string = ''
 param appServicePlanId string
 param keyVaultName string = ''
 param managedIdentity bool = !empty(keyVaultName)
 param storageAccountName string
 // Runtime Properties
@allowed([
  'dotnet', 'dotnetcore', 'dotnet-isolated', 'node', 'python', 'java', 'powershell', 'custom'
 ])
 param runtimeName string
 param runtimeNameAndVersion string = '${runtimeName}|${runtimeVersion}'
 param runtimeVersion string
 // Function Settings
@allowed([
  '~4', '~3', '~2', '~1'
 ])
 param extensionVersion string = '~4'
 // Microsoft.Web/sites Properties
 param kind string = 'functionapp,linux'
 // Microsoft.Web/sites/config
 param allowedOrigins array = []
 param alwaysOn bool = true
 param appCommandLine string = ''
 param appSettings object = {}
 param clientAffinityEnabled bool = false
 param enableOryxBuild bool = contains(kind, 'linux')
 param functionAppScaleLimit int = -1
 param linuxFxVersion string = runtimeNameAndVersion
 param minimumElasticInstanceCount int = -1
 param numberOfWorkers int = -1
 param scmDoBuildDuringDeployment bool = true
 param use32BitWorkerProcess bool = false
 module functions 'appservice.bicep' = {
  name: '${name}-functions'
  params: {
    name: name
    location: location
    tags: tags
    allowedOrigins: allowedOrigins
    alwaysOn: alwaysOn
    appCommandLine: appCommandLine
    applicationInsightsName: applicationInsightsName
    appServicePlanId: appServicePlanId
    appSettings: union(appSettings, {
        AzureWebJobsStorage: 'DefaultEndpointsProtocol=https;AccountName=${storage.name};AccountKey=${storage.listKeys().keys[0].value};EndpointSuffix=${environment().suffixes.storage}'
        FUNCTIONS_EXTENSION_VERSION: extensionVersion
        FUNCTIONS_WORKER_RUNTIME: runtimeName
      })
    clientAffinityEnabled: clientAffinityEnabled
    enableOryxBuild: enableOryxBuild
    functionAppScaleLimit: functionAppScaleLimit
    keyVaultName: keyVaultName
    kind: kind
    linuxFxVersion: linuxFxVersion
    managedIdentity: managedIdentity
    minimumElasticInstanceCount: minimumElasticInstanceCount
    numberOfWorkers: numberOfWorkers
    runtimeName: runtimeName
    runtimeVersion: runtimeVersion
    runtimeNameAndVersion: runtimeNameAndVersion
    scmDoBuildDuringDeployment: scmDoBuildDuringDeployment
    use32BitWorkerProcess: use32BitWorkerProcess
  }
 }
 resource storage 'Microsoft.Storage/storageAccounts@2021-09-01' existing = {
  name: storageAccountName
 }
 output identityPrincipalId string = managedIdentity ? functions.outputs.identityPrincipalId : ''
 output name string = functions.outputs.name
 output uri string = functions.outputs.uri
--- a/infra/core/host/staticwebapp.bicep
+++ b/infra/core/host/staticwebapp.bicep
@@ -1,21 +0,0 @@
 param name string
 param location string = resourceGroup().location
 param tags object = {}
 param sku object = {
  name: 'Free'
  tier: 'Free'
 }
 resource web 'Microsoft.Web/staticSites@2022-03-01' = {
  name: name
  location: location
  tags: tags
  sku: sku
  properties: {
    provider: 'Custom'
  }
 }
 output name string = web.name
 output uri string = 'https://${web.properties.defaultHostname}'
--- a/infra/core/monitor/applicationinsights-dashboard.bicep
+++ b/infra/core/monitor/applicationinsights-dashboard.bicep
--- a/infra/core/monitor/applicationinsights.bicep
+++ b/infra/core/monitor/applicationinsights.bicep
@@ -1,30 +0,0 @@
 param name string
 param dashboardName string
 param location string = resourceGroup().location
 param tags object = {}
 param logAnalyticsWorkspaceId string
 resource applicationInsights 'Microsoft.Insights/components@2020-02-02' = {
  name: name
  location: location
  tags: tags
  kind: 'web'
  properties: {
    Application_Type: 'web'
    WorkspaceResourceId: logAnalyticsWorkspaceId
  }
 }
 module applicationInsightsDashboard 'applicationinsights-dashboard.bicep' = {
  name: 'application-insights-dashboard'
  params: {
    name: dashboardName
    location: location
    applicationInsightsName: applicationInsights.name
  }
 }
 output connectionString string = applicationInsights.properties.ConnectionString
 output instrumentationKey string = applicationInsights.properties.InstrumentationKey
 output name string = applicationInsights.name
--- a/infra/core/monitor/loganalytics.bicep
+++ b/infra/core/monitor/loganalytics.bicep
@@ -1,21 +0,0 @@
 param name string
 param location string = resourceGroup().location
 param tags object = {}
 resource logAnalytics 'Microsoft.OperationalInsights/workspaces@2021-12-01-preview' = {
  name: name
  location: location
  tags: tags
  properties: any({
    retentionInDays: 30
    features: {
      searchVersion: 1
    }
    sku: {
      name: 'PerGB2018'
    }
  })
 }
 output id string = logAnalytics.id
 output name string = logAnalytics.name
--- a/infra/core/monitor/monitoring.bicep
+++ b/infra/core/monitor/monitoring.bicep
@@ -1,31 +0,0 @@
 param logAnalyticsName string
 param applicationInsightsName string
 param applicationInsightsDashboardName string
 param location string = resourceGroup().location
 param tags object = {}
 module logAnalytics 'loganalytics.bicep' = {
  name: 'loganalytics'
  params: {
    name: logAnalyticsName
    location: location
    tags: tags
  }
 }
 module applicationInsights 'applicationinsights.bicep' = {
  name: 'applicationinsights'
  params: {
    name: applicationInsightsName
    location: location
    tags: tags
    dashboardName: applicationInsightsDashboardName
    logAnalyticsWorkspaceId: logAnalytics.outputs.id
  }
 }
 output applicationInsightsConnectionString string = applicationInsights.outputs.connectionString
 output applicationInsightsInstrumentationKey string = applicationInsights.outputs.instrumentationKey
 output applicationInsightsName string = applicationInsights.outputs.name
 output logAnalyticsWorkspaceId string = logAnalytics.outputs.id
 output logAnalyticsWorkspaceName string = logAnalytics.outputs.name
--- a/infra/core/security/keyvault-access.bicep
+++ b/infra/core/security/keyvault-access.bicep
@@ -1,21 +0,0 @@
 param name string = 'add'
 param keyVaultName string = ''
 param permissions object = { secrets: [ 'get', 'list' ] }
 param principalId string
 resource keyVaultAccessPolicies 'Microsoft.KeyVault/vaults/accessPolicies@2022-07-01' = {
  parent: keyVault
  name: name
  properties: {
    accessPolicies: [ {
        objectId: principalId
        tenantId: subscription().tenantId
        permissions: permissions
      } ]
  }
 }
 resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' existing = {
  name: keyVaultName
 }
--- a/infra/core/storage/storage-account.bicep
+++ b/infra/core/storage/storage-account.bicep
@@ -1,38 +0,0 @@
 param name string
 param location string = resourceGroup().location
 param tags object = {}
 param allowBlobPublicAccess bool = false
 param containers array = []
 param kind string = 'StorageV2'
 param minimumTlsVersion string = 'TLS1_2'
 param sku object = { name: 'Standard_LRS' }
 resource storage 'Microsoft.Storage/storageAccounts@2022-05-01' = {
  name: name
  location: location
  tags: tags
  kind: kind
  sku: sku
  properties: {
    minimumTlsVersion: minimumTlsVersion
    allowBlobPublicAccess: allowBlobPublicAccess
    networkAcls: {
      bypass: 'AzureServices'
      defaultAction: 'Allow'
    }
  }
  resource blobServices 'blobServices' = if (!empty(containers)) {
    name: 'default'
    resource container 'containers' = [for container in containers: {
      name: container.name
      properties: {
        publicAccess: contains(container, 'publicAccess') ? container.publicAccess : 'None'
      }
    }]
  }
 }
 output name string = storage.name
 output primaryEndpoints object = storage.properties.primaryEndpoints