From 9c27c744784ec29c95b969871e7807f96b288c03 Mon Sep 17 00:00:00 2001 From: Are Almaas Date: Mon, 22 Jan 2024 14:25:40 +0100 Subject: [PATCH] feat(azure): parameterize SKUs (#364) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Issue: #303 Parameterisering av SKUer. Blir litt mange parametre, men blir. også veldig fleksibelt per miljø. --- .azure/.test.bicepparam | 14 ++++ .azure/apim/create.bicep | 6 +- .azure/appConfiguration/create.bicep | 13 ++-- .azure/applicationInsights/create.bicep | 3 +- .azure/functionApp/slackNotifier.bicep | 9 ++- .azure/keyvault/create.bicep | 6 +- .azure/main.bicep | 88 +++++++++++++++++++++++++ .azure/postgreSql/create.bicep | 6 +- 8 files changed, 129 insertions(+), 16 deletions(-) diff --git a/.azure/.test.bicepparam b/.azure/.test.bicepparam index 1b430332c..074ade2dc 100644 --- a/.azure/.test.bicepparam +++ b/.azure/.test.bicepparam @@ -5,8 +5,22 @@ param location = 'norwayeast' param keyVaultSourceKeys = json(readEnvironmentVariable('KEYVAULT_SOURCE_KEYS', '[]')) param gitSha = readEnvironmentVariable('GIT_SHA', '') +// secrets param dialogportenPgAdminPassword = readEnvironmentVariable('PG_ADMIN_PASSWORD', '') param apiManagementDigDirEmail = readEnvironmentVariable('APIM_DIGDIR_EMAIL', '') param sourceKeyVaultSubscriptionId = readEnvironmentVariable('SOURCE_KEYVAULT_SUBSCRIPTION_ID', '') param sourceKeyVaultResourceGroup = readEnvironmentVariable('SOURCE_KEYVAULT_RESOURCE_GROUP', '') param sourceKeyVaultName = readEnvironmentVariable('SOURCE_KEYVAULT_NAME', '') + +// SKUs +param APIMSKUName = 'Developer' +param APIMSKUCapcity = 1 +param keyVaultSKUName = 'standard' +param keyVaultSKUFamily = 'A' +param appConfigurationSKUName = 'standard' +param appInsightsSKUName = 'PerGB2018' +param slackNotifierStorageAccountSKUName = 'Standard_LRS' +param slackNotifierApplicationServicePlanSKUName = 'Y1' +param slackNotifierApplicationServicePlanSKUTier = 'Dynamic' +param postgresServerSKUName = 'Standard_B1ms' +param postgresServerSKUTier = 'Burstable' diff --git a/.azure/apim/create.bicep b/.azure/apim/create.bicep index 6113c81c0..7f3c6e025 100644 --- a/.azure/apim/create.bicep +++ b/.azure/apim/create.bicep @@ -1,13 +1,15 @@ param location string param namePrefix string param publisherEmail string +param skuName string +param skuCapacity int resource apim 'Microsoft.ApiManagement/service@2023-03-01-preview' = { location: location name: '${namePrefix}-apim' sku: { - name: 'Developer' - capacity: 1 + name: skuName + capacity: skuCapacity } properties: { publisherEmail: publisherEmail diff --git a/.azure/appConfiguration/create.bicep b/.azure/appConfiguration/create.bicep index 3df017e11..3e82fb0ad 100644 --- a/.azure/appConfiguration/create.bicep +++ b/.azure/appConfiguration/create.bicep @@ -1,22 +1,23 @@ param namePrefix string param location string +param skuName string resource appConfig 'Microsoft.AppConfiguration/configurationStores@2023-03-01' = { name: '${namePrefix}-appConfiguration' location: location sku: { - name: 'standard' + name: skuName } properties: { // TODO: Remove enablePurgeProtection: false } resource configStoreKeyValue 'keyValues' = { - name: 'Sentinel' - properties: { - value: '1' - } - } + name: 'Sentinel' + properties: { + value: '1' + } + } } output endpoint string = appConfig.properties.endpoint diff --git a/.azure/applicationInsights/create.bicep b/.azure/applicationInsights/create.bicep index e85ed881a..a53081493 100644 --- a/.azure/applicationInsights/create.bicep +++ b/.azure/applicationInsights/create.bicep @@ -1,5 +1,6 @@ param namePrefix string param location string +param skuName string resource appInsightsWorkspace 'Microsoft.OperationalInsights/workspaces@2022-10-01' = { name: '${namePrefix}-insightsWorkspace' @@ -7,7 +8,7 @@ resource appInsightsWorkspace 'Microsoft.OperationalInsights/workspaces@2022-10- properties: { retentionInDays: 30 sku: { - name: 'PerGB2018' + name: skuName } workspaceCapping: { dailyQuotaGb: -1 diff --git a/.azure/functionApp/slackNotifier.bicep b/.azure/functionApp/slackNotifier.bicep index 844e89a45..b05195a05 100644 --- a/.azure/functionApp/slackNotifier.bicep +++ b/.azure/functionApp/slackNotifier.bicep @@ -2,6 +2,9 @@ param location string param applicationInsightsName string param namePrefix string param keyVaultName string +param storageAccountSKUName string +param applicationServicePlanSKUName string +param applicationServicePlanSKUTier string // Storage account names only supports lower case and numbers var storageAccountName = '${replace(namePrefix, '-', '')}slacknotifiersa' @@ -10,7 +13,7 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2023-01-01' = { name: storageAccountName location: location sku: { - name: 'Standard_LRS' + name: storageAccountSKUName } kind: 'Storage' properties: { @@ -23,8 +26,8 @@ resource applicationServicePlan 'Microsoft.Web/serverfarms@2021-03-01' = { name: '${namePrefix}-slacknotifier-asp' location: location sku: { - name: 'Y1' - tier: 'Dynamic' + name: applicationServicePlanSKUName + tier: applicationServicePlanSKUTier } properties: {} } diff --git a/.azure/keyvault/create.bicep b/.azure/keyvault/create.bicep index 2e3b937ca..96701d3ca 100644 --- a/.azure/keyvault/create.bicep +++ b/.azure/keyvault/create.bicep @@ -1,5 +1,7 @@ param namePrefix string param location string +param skuName string +param skuFamily string var keyVaultName = take('${namePrefix}-kv-${uniqueString(resourceGroup().id)}', 24) @@ -11,8 +13,8 @@ resource keyVault 'Microsoft.KeyVault/vaults@2023-07-01' = { enablePurgeProtection: null // Null is the same as false and false is invalid for some reason enabledForTemplateDeployment: false sku: { - family: 'A' - name: 'standard' + name: skuName + family: skuFamily } tenantId: subscription().tenantId accessPolicies: [] diff --git a/.azure/main.bicep b/.azure/main.bicep index 93f899bb3..d83056de5 100644 --- a/.azure/main.bicep +++ b/.azure/main.bicep @@ -16,6 +16,83 @@ param sourceKeyVaultResourceGroup string @secure() param sourceKeyVaultName string +@allowed( + [ + 'Basic' + 'Consumption' + 'Developer' + 'Isolated' + 'Premium' + 'Standard' + ] +) +param APIMSKUName string + +@minValue(1) +param APIMSKUCapcity int + +@allowed( + [ + 'premium' + 'standard' + ] +) +param keyVaultSKUName string + +@allowed([ + 'A' +]) +param keyVaultSKUFamily string + +@allowed([ + 'standard' +]) +param appConfigurationSKUName string + +@allowed([ + 'CapacityReservation' + 'Free' + 'LACluster' + 'PerGB2018' + 'PerNode' + 'Premium' + 'Standalone' + 'Standard' +]) +param appInsightsSKUName string + +@allowed([ + 'Standard_LRS' + 'Standard_GRS' + 'Standard_RAGRS' + 'Standard_ZRS' + 'Premium_LRS' + 'Premium_ZRS' +]) +param slackNotifierStorageAccountSKUName string + +@allowed([ + 'Y1' +]) +param slackNotifierApplicationServicePlanSKUName string + +@allowed([ + 'Dynamic' + +]) +param slackNotifierApplicationServicePlanSKUTier string + +@allowed([ + 'Standard_B1ms' +]) +param postgresServerSKUName string +@allowed([ + 'Burstable' + 'GeneralPurpose' + 'MemoryOptimized' +]) +param postgresServerSKUTier string + var secrets = { dialogportenPgAdminPassword: dialogportenPgAdminPassword apiManagementDigDirEmail: apiManagementDigDirEmail @@ -40,6 +117,8 @@ module apiManagement 'apim/create.bicep' = { publisherEmail: secrets.apiManagementDigDirEmail location: location namePrefix: namePrefix + skuName: APIMSKUName + skuCapacity: APIMSKUCapcity } } @@ -49,6 +128,8 @@ module keyVaultModule 'keyvault/create.bicep' = { params: { namePrefix: namePrefix location: location + skuName: keyVaultSKUName + skuFamily: keyVaultSKUFamily } } @@ -58,6 +139,7 @@ module appConfiguration 'appConfiguration/create.bicep' = { params: { namePrefix: namePrefix location: location + skuName: appConfigurationSKUName } } @@ -67,6 +149,7 @@ module appInsights 'applicationInsights/create.bicep' = { params: { namePrefix: namePrefix location: location + skuName: appInsightsSKUName } } @@ -99,6 +182,8 @@ module postgresql 'postgreSql/create.bicep' = { srcKeyVault: srcKeyVault srcSecretName: 'dialogportenPgAdminPassword${environment}' administratorLoginPassword: contains(keyVaultSourceKeys, 'dialogportenPgAdminPassword${environment}') ? srcKeyVaultResource.getSecret('dialogportenPgAdminPassword${environment}') : secrets.dialogportenPgAdminPassword + skuName: postgresServerSKUName + skuTier: postgresServerSKUTier } } @@ -135,6 +220,9 @@ module slackNotifier 'functionApp/slackNotifier.bicep' = { keyVaultName: keyVaultModule.outputs.name namePrefix: namePrefix applicationInsightsName: appInsights.outputs.appInsightsName + storageAccountSKUName: slackNotifierStorageAccountSKUName + applicationServicePlanSKUName: slackNotifierApplicationServicePlanSKUName + applicationServicePlanSKUTier: slackNotifierApplicationServicePlanSKUTier } } diff --git a/.azure/postgreSql/create.bicep b/.azure/postgreSql/create.bicep index 2ed5cb4aa..d7481f22c 100644 --- a/.azure/postgreSql/create.bicep +++ b/.azure/postgreSql/create.bicep @@ -2,6 +2,8 @@ param namePrefix string param location string param keyVaultName string param srcSecretName string +param skuName string +param skuTier string @secure() param srcKeyVault object @@ -49,8 +51,8 @@ resource postgres 'Microsoft.DBforPostgreSQL/flexibleServers@2022-12-01' = { replicationRole: 'Primary' } sku: { - name: 'Standard_B1ms' - tier: 'Burstable' + name: skuName + tier: skuTier } resource database 'databases' = { name: databaseName