definições para o azure

Author: andreLuizSB

Dockerfile

@@ -3,6 +3,10 @@ FROM mcr.microsoft.com/dotnet/aspnet:8.0 AS base
 WORKDIR /app
 EXPOSE 8080
 
+# Configurar variáveis de ambiente para produção
+ENV ASPNETCORE_URLS=http://+:8080
+ENV ASPNETCORE_ENVIRONMENT=Production
+
 # Usando a imagem SDK para build
 FROM mcr.microsoft.com/dotnet/sdk:8.0 AS build
 WORKDIR /src

azure.yaml

@@ -0,0 +1,18 @@
+# yaml-language-server: $schema=https://raw.githubusercontent.com/Azure/azure-dev/main/schemas/v1.0/azure.yaml.json
+
+name: cnpj-api-csharp
+metadata:
+  template: [email protected]
+
+services:
+  cnpj-api:
+    project: .
+    language: dotnet
+    host: containerapp
+
+infra:
+  provider: bicep
+  path: infra
+
+pipeline:
+  provider: github

infra/abbreviations.json

@@ -0,0 +1,8 @@
+{
+  "appContainerApps": "ca-",
+  "appManagedEnvironments": "cae-",
+  "containerRegistryRegistries": "cr",
+  "insightsComponents": "appi-",
+  "managedIdentityUserAssignedIdentities": "id-",
+  "operationalInsightsWorkspaces": "log-"
+}

infra/main.bicep

@@ -0,0 +1,184 @@
+targetScope = 'resourceGroup'
+
+@minLength(1)
+@maxLength(64)
+@description('Name of the environment that will be used to name resources')
+param environmentName string
+
+@minLength(1)
+@description('Primary location for all resources')
+param location string
+
+@description('Name of the resource group')
+param resourceGroupName string = ''
+
+@description('Log Analytics workspace name')
+param logAnalyticsName string = ''
+
+@description('Application Insights dashboard name')
+param applicationInsightsName string = ''
+
+@description('Container Apps Environment name')
+param containerAppsEnvironmentName string = ''
+
+@description('Container Registry name')
+param containerRegistryName string = ''
+
+@description('Service name')
+param serviceName string = 'cnpj-api'
+
+@description('The image name for the api service')
+param apiImageName string = ''
+
+// Generate a unique token for resource names
+var resourceToken = toLower(uniqueString(subscription().id, resourceGroup().id, environmentName))
+
+// Resource names
+var abbrs = loadJsonContent('abbreviations.json')
+var actualLogAnalyticsName = !empty(logAnalyticsName) ? logAnalyticsName : '${abbrs.operationalInsightsWorkspaces}${resourceToken}'
+var actualApplicationInsightsName = !empty(applicationInsightsName) ? applicationInsightsName : '${abbrs.insightsComponents}${resourceToken}'
+var actualContainerAppsEnvironmentName = !empty(containerAppsEnvironmentName) ? containerAppsEnvironmentName : '${abbrs.appManagedEnvironments}${resourceToken}'
+var actualContainerRegistryName = !empty(containerRegistryName) ? containerRegistryName : '${abbrs.containerRegistryRegistries}${resourceToken}'
+
+// Tags that should be applied to all resources.
+var tags = {
+  'azd-env-name': environmentName
+}
+
+// Log analytics workspace for monitoring
+resource logAnalytics 'Microsoft.OperationalInsights/workspaces@2022-10-01' = {
+  name: actualLogAnalyticsName
+  location: location
+  tags: tags
+  properties: {
+    retentionInDays: 30
+    features: {
+      searchVersion: 1
+    }
+    sku: {
+      name: 'PerGB2018'
+    }
+  }
+}
+
+// Application insights for telemetry
+resource applicationInsights 'Microsoft.Insights/components@2020-02-02' = {
+  name: actualApplicationInsightsName
+  location: location
+  tags: tags
+  kind: 'web'
+  properties: {
+    Application_Type: 'web'
+    WorkspaceResourceId: logAnalytics.id
+    Flow_Type: 'Redfield'
+    Request_Source: 'AzureTfsExtensionAzureProject'
+  }
+}
+
+// Container registry for storing container images
+resource containerRegistry 'Microsoft.ContainerRegistry/registries@2023-07-01' = {
+  name: actualContainerRegistryName
+  location: location
+  tags: tags
+  sku: {
+    name: 'Basic'
+  }
+  properties: {
+    adminUserEnabled: true
+  }
+}
+
+// User assigned managed identity for container apps
+resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2023-01-31' = {
+  name: '${abbrs.managedIdentityUserAssignedIdentities}${resourceToken}'
+  location: location
+  tags: tags
+}
+
+// Role assignment for managed identity to pull images from container registry
+resource acrPullRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
+  name: guid(containerRegistry.id, managedIdentity.id, 'acrPull')
+  scope: containerRegistry
+  properties: {
+    roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '7f951dda-4ed3-4680-a7ca-43fe172d538d') // AcrPull
+    principalId: managedIdentity.properties.principalId
+    principalType: 'ServicePrincipal'
+  }
+}
+
+// Container Apps environment
+resource containerAppsEnvironment 'Microsoft.App/managedEnvironments@2024-03-01' = {
+  name: actualContainerAppsEnvironmentName
+  location: location
+  tags: tags
+  properties: {
+    appLogsConfiguration: {
+      destination: 'log-analytics'
+      logAnalyticsConfiguration: {
+        customerId: logAnalytics.properties.customerId
+        sharedKey: logAnalytics.listKeys().primarySharedKey
+      }
+    }
+  }
+}
+
+// Container App for the API
+resource api 'Microsoft.App/containerApps@2024-03-01' = {
+  name: '${abbrs.appContainerApps}api-${resourceToken}'
+  location: location
+  tags: union(tags, { 'azd-service-name': serviceName })
+  identity: {
+    type: 'UserAssigned'
+    userAssignedIdentities: {
+      '${managedIdentity.id}': {}
+    }
+  }
+  properties: {
+    managedEnvironmentId: containerAppsEnvironment.id
+    configuration: {
+      ingress: {
+        external: true
+        targetPort: 8080
+        corsPolicy: {
+          allowedOrigins: ['*']
+          allowedMethods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS']
+          allowedHeaders: ['*']
+          allowCredentials: false
+        }
+      }
+      registries: [
+        {
+          server: containerRegistry.properties.loginServer
+          identity: managedIdentity.id
+        }
+      ]
+    }
+    template: {
+      containers: [
+        {
+          image: !empty(apiImageName) ? apiImageName : 'mcr.microsoft.com/azuredocs/containerapps-helloworld:latest'
+          name: 'api'
+          resources: {
+            cpu: json('0.25')
+            memory: '0.5Gi'
+          }
+        }
+      ]
+      scale: {
+        minReplicas: 1
+        maxReplicas: 10
+      }
+    }
+  }
+}
+
+// Outputs
+output AZURE_LOCATION string = location
+output AZURE_CONTAINER_REGISTRY_ENDPOINT string = containerRegistry.properties.loginServer
+output AZURE_CONTAINER_REGISTRY_NAME string = containerRegistry.name
+output AZURE_CONTAINER_APPS_ENVIRONMENT_NAME string = containerAppsEnvironment.name
+output AZURE_CONTAINER_APPS_ENVIRONMENT_ID string = containerAppsEnvironment.id
+output AZURE_CONTAINER_APPS_ENVIRONMENT_DEFAULT_DOMAIN string = containerAppsEnvironment.properties.defaultDomain
+output SERVICE_API_ENDPOINT_URL string = 'https://${api.properties.configuration.ingress.fqdn}'
+output SERVICE_API_NAME string = api.name
+output RESOURCE_GROUP_ID string = resourceGroup().id

infra/main.parameters.json

@@ -0,0 +1,15 @@
+{
+  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
+  "contentVersion": "1.0.0.0",
+  "parameters": {
+    "environmentName": {
+      "value": "${AZURE_ENV_NAME}"
+    },
+    "location": {
+      "value": "${AZURE_LOCATION}"
+    },
+    "resourceGroupName": {
+      "value": "rg-${AZURE_ENV_NAME}"
+    }
+  }
+}