Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update Standard to establish a peering to an existing hub VNET #1300

Merged
merged 10 commits into from
Aug 1, 2024
Merged

Update Standard to establish a peering to an existing hub VNET #1300

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
c324820
Update Standard to establish a peering to an existing hub VNET
hatboyzero Jul 30, 2024
4e1d4c9
Removed generation of host entries for /etc/hosts for resources
hatboyzero Jul 30, 2024
c3a3454
Updated PR based on comments and adding parameter to set allowed exte…
hatboyzero Jul 30, 2024
3d3d674
Consolidating dns into networking-rg.bicep
hatboyzero Jul 30, 2024
26463ad
Addressing PR comments around allowedExternalCidr and networkName
hatboyzero Jul 30, 2024
cc55af7
Merge remote-tracking branch 'origin/main' into mg-hub-integration
hatboyzero Jul 31, 2024
5357610
Correcting secret names
hatboyzero Jul 31, 2024
09d8a9f
Merge remote-tracking branch 'origin/main' into mg-hub-integration
hatboyzero Jul 31, 2024
062e2b6
Merge remote-tracking branch 'origin/main' into mg-hub-integration
hatboyzero Aug 1, 2024
7ff2388
Aligning standard appconfig.template.json with the generated template
hatboyzero Aug 1, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
42 changes: 0 additions & 42 deletions deploy/standard/azd-hooks/postprovision.ps1
View file
Open in desktop
jamesrcounts marked this conversation as resolved.
Show resolved Hide resolved

This file was deleted.

5 changes: 0 additions & 5 deletions deploy/standard/azure.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,11 +9,6 @@ hooks:
continueOnError: false
interactive: true
run: azd-hooks/preprovision.ps1
postprovision:
shell: pwsh
continueOnError: false
interactive: true
run: azd-hooks/postprovision.ps1
predeploy:
shell: pwsh
continueOnError: false
Expand Down
39 changes: 8 additions & 31 deletions deploy/standard/infra/app-rg.bicep
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,20 +5,12 @@ param actionGroupId string
@description('Administrator Object Id')
param administratorObjectId string

@description('Chat UI OIDC Client Secret')
@secure()
param chatUiClientSecret string

@description('Core API OIDC Client Secret')
@secure()
param coreApiClientSecret string

@description('DNS Resource Group Name')
param dnsResourceGroupName string

@description('The environment name token used in naming resources.')
param environmentName string

param hubResourceGroup string
param hubSubscriptionId string = subscription().subscriptionId

@description('AKS namespace')
param k8sNamespace string

Expand All @@ -31,14 +23,6 @@ param logAnalyticsWorkspaceId string
@description('Log Analytics Workspace Resource Id to use for diagnostics')
param logAnalyticsWorkspaceResourceId string

@description('Management UI OIDC Client Secret')
@secure()
param managementUiClientSecret string

@description('Management API OIDC Client Secret')
@secure()
param managementApiClientSecret string

@description('Networking Resource Group Name')
param networkingResourceGroupName string

Expand All @@ -57,10 +41,6 @@ param storageResourceGroupName string
@description('Timestamp used in naming nested deployments.')
param timestamp string = utcNow()

@description('Vectorization API OIDC Client Secret')
@secure()
param vectorizationApiClientSecret string

@description('Vectorization Resource Group name')
param vectorizationResourceGroupName string
param vnetName string
Expand Down Expand Up @@ -152,7 +132,8 @@ module aksBackend 'modules/aks.bicep' = {
params: {
actionGroupId: actionGroupId
admnistratorObjectIds: [ administratorObjectId ]
dnsResourceGroupName: dnsResourceGroupName
hubResourceGroup: hubResourceGroup
hubSubscriptionId: hubSubscriptionId
location: location
logAnalyticWorkspaceId: logAnalyticsWorkspaceId
logAnalyticWorkspaceResourceId: logAnalyticsWorkspaceResourceId
Expand All @@ -171,7 +152,8 @@ module aksFrontend 'modules/aks.bicep' = {
params: {
actionGroupId: actionGroupId
admnistratorObjectIds: [ administratorObjectId ]
dnsResourceGroupName: dnsResourceGroupName
hubResourceGroup: hubResourceGroup
hubSubscriptionId: hubSubscriptionId
location: location
logAnalyticWorkspaceId: logAnalyticsWorkspaceId
logAnalyticWorkspaceResourceId: logAnalyticsWorkspaceResourceId
Expand All @@ -187,7 +169,7 @@ module aksFrontend 'modules/aks.bicep' = {

module dnsZones 'modules/utility/dnsZoneData.bicep' = {
name: 'dnsZones-${timestamp}'
scope: resourceGroup(dnsResourceGroupName)
scope: resourceGroup(hubSubscriptionId, hubResourceGroup)
params: {
location: location
}
Expand Down Expand Up @@ -297,7 +279,6 @@ module srBackend 'modules/service.bicep' = [for service in items(backendServices
module srCoreApi 'modules/service.bicep' = [for service in items(coreApiService): {
name: 'srCoreApi-${service.key}-${timestamp}'
params: {
clientSecret: coreApiClientSecret
location: location
namespace: k8sNamespace
oidcIssuerUrl: aksBackend.outputs.oidcIssuerUrl
Expand All @@ -316,7 +297,6 @@ module srCoreApi 'modules/service.bicep' = [for service in items(coreApiService)
module srChatUi 'modules/service.bicep' = [for service in items(chatUiService): {
name: 'srChatUi-${service.key}-${timestamp}'
params: {
clientSecret: chatUiClientSecret
location: location
namespace: k8sNamespace
oidcIssuerUrl: aksFrontend.outputs.oidcIssuerUrl
Expand All @@ -335,7 +315,6 @@ module srChatUi 'modules/service.bicep' = [for service in items(chatUiService):
module srManagementApi 'modules/service.bicep' = [for service in items(managementApiService): {
name: 'srManagementApi-${service.key}-${timestamp}'
params: {
clientSecret: managementApiClientSecret
location: location
namespace: k8sNamespace
oidcIssuerUrl: aksBackend.outputs.oidcIssuerUrl
Expand All @@ -354,7 +333,6 @@ module srManagementApi 'modules/service.bicep' = [for service in items(managemen
module srManagementUi 'modules/service.bicep' = [for service in items(managementUiService): {
name: 'srManagementUi-${service.key}-${timestamp}'
params: {
clientSecret: managementUiClientSecret
location: location
namespace: k8sNamespace
oidcIssuerUrl: aksFrontend.outputs.oidcIssuerUrl
Expand All @@ -373,7 +351,6 @@ module srManagementUi 'modules/service.bicep' = [for service in items(management
module srVectorizationApi 'modules/service.bicep' = [for service in items(vectorizationApiService): {
name: 'srVectorizationApi-${service.key}-${timestamp}'
params: {
clientSecret: vectorizationApiClientSecret
location: location
namespace: k8sNamespace
oidcIssuerUrl: aksBackend.outputs.oidcIssuerUrl
Expand Down
8 changes: 4 additions & 4 deletions deploy/standard/infra/auth-rg.bicep
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,12 +14,12 @@ param authAppRegistrationTenantId string
param authAppRegistrationClientId string
param instanceId string

@description('DNS Resource Group Name')
param dnsResourceGroupName string

@description('The environment name token used in naming resources.')
param environmentName string

param hubResourceGroup string
param hubSubscriptionId string = subscription().subscriptionId

@description('AKS namespace')
param k8sNamespace string

Expand Down Expand Up @@ -84,7 +84,7 @@ var workload = 'svc'
@description('Read DNS Zones')
module dnsZones 'modules/utility/dnsZoneData.bicep' = {
name: 'dnsZones-${timestamp}'
scope: resourceGroup(dnsResourceGroupName)
scope: resourceGroup(hubSubscriptionId, hubResourceGroup)
params: {
location: location
}
Expand Down
39 changes: 2 additions & 37 deletions deploy/standard/infra/dns-rg.bicep
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,17 +1,9 @@
/** Inputs **/
param environmentName string
param location string
param networkResourceGroupName string
param project string
param timestamp string = utcNow()
param vnetName string

@description('Workload Token used in naming resources.')
var workload = 'net'
// TODO: use the namer function from main.bicep
var resourceSuffix = '${project}-${environmentName}-${location}-${workload}'

var resolverName = 'dns-${resourceSuffix}'
param vnetId string

/** Locals **/
@description('Private DNS Zones to create.')
Expand Down Expand Up @@ -41,40 +33,13 @@ var privateDnsZone = {

/** Outputs **/

/** Resources **/
resource resolver 'Microsoft.Network/dnsResolvers@2022-07-01' = {
name: resolverName
location: location
properties: {
virtualNetwork: {
id: resourceId(networkResourceGroupName, 'Microsoft.Network/virtualNetworks', vnetName)
}
}
}

resource inboundEndpoint 'Microsoft.Network/dnsResolvers/inboundEndpoints@2022-07-01' = {
parent: resolver
name: resolverName
location: location
properties: {
ipConfigurations: [
{
privateIpAllocationMethod: 'Dynamic'
subnet: {
id: resourceId(networkResourceGroupName, 'Microsoft.Network/virtualNetworks/subnets', vnetName, 'FLLMNetSvc')
}
}
]
}
}

/** Nested Modules **/
@description('Create the specified private DNS zones.')
jamesrcounts marked this conversation as resolved.
Show resolved Hide resolved
module dns './modules/dns.bicep' = [for zone in items(privateDnsZone): {
name: '${zone.value}-${timestamp}'
params: {
key: zone.key
vnetId: resourceId(networkResourceGroupName, 'Microsoft.Network/virtualNetworks', vnetName)
vnetId: vnetId
zone: zone.value

tags: {
Expand Down
Loading
Loading