Merge pull request #36 from baoduy/develop

Develop
baoduy · Jul 2, 2024 · 3f5de24 · 3f5de24
2 parents 486a54b + 64b8cff
commit 3f5de24
Show file tree

Hide file tree

Showing 26 changed files with 432 additions and 348 deletions.
diff --git a/src/Apps/LogicApp.ts b/src/Apps/LogicApp.ts
@@ -1,21 +1,32 @@
-import * as logic from '@pulumi/azure-native/logic';
-import { BasicResourceArgs, DefaultResourceArgs } from '../types';
-import creator from '../Core/ResourceCreator';
-import { global } from '../Common';
-import { getCertOrderName } from '../Common/Naming';
+import * as logic from "@pulumi/azure-native/logic";
+import { BasicResourceArgs, DefaultResourceArgs } from "../types";
+import { getWorkflowName } from "../Common/Naming";
 
-interface Props extends BasicResourceArgs, DefaultResourceArgs {}
+export type WorkflowProps = BasicResourceArgs &
+  DefaultResourceArgs &
+  Pick<logic.WorkflowArgs, "accessControl">;
 
-export default ({ name, ...others }: Props) => {
-  const n = getCertOrderName(name);
+export default ({
+  name,
+  group,
+  dependsOn,
+  ignoreChanges,
+  importUri,
+  ...others
+}: WorkflowProps) => {
+  const n = getWorkflowName(name);
 
-  const order = creator(logic.Workflow, {
-    workflowName: n,
-    ...global.groupInfo,
-    ...others,
-    sku: '',
+  const workFlow = new logic.Workflow(
+    name,
+    {
+      workflowName: n,
+      ...group,
+      ...others,
+      identity: { type: logic.ManagedServiceIdentityType.SystemAssigned },
+      accessControl: { actions: {} },
+    },
+    { dependsOn, ignoreChanges, import: importUri },
+  );
 
-  } as logic.WorkflowArgs & DefaultResourceArgs);
-
-  return order;
+  return workFlow;
 };
diff --git a/src/AzAd/RoleAssignment.ts b/src/AzAd/RoleAssignment.ts
@@ -34,14 +34,17 @@ export const roleAssignment = ({
   dependsOn,
 }: RoleAssignmentProps) => {
   const role = getRoleDefinitionByName({ roleName });
-  return new native.authorization.RoleAssignment(
-    `${name}-${roleName.split(" ").join("")}`,
-    {
-      principalId,
-      principalType,
-      roleDefinitionId: role.id,
-      scope,
-    },
-    { dependsOn },
-  );
+  return pulumi.output(principalId).apply((id) => {
+    if (!id) return undefined;
+    return new native.authorization.RoleAssignment(
+      `${name}-${roleName.split(" ").join("")}`,
+      {
+        principalId,
+        principalType,
+        roleDefinitionId: role.id,
+        scope,
+      },
+      { dependsOn },
+    );
+  });
 };
diff --git a/src/Builder/ApimBuilder.ts b/src/Builder/ApimBuilder.ts
@@ -336,12 +336,17 @@ class ApimBuilder
   private buildPrivateLink() {
     if (!this._privateLink) return;
     PrivateEndpoint({
-      ...this.commonProps,
-      name: this._instanceName!,
-      resourceId: this._apimInstance!.id,
+      resourceInfo: {
+        resourceName: this._instanceName!,
+        group: this.commonProps.group,
+        id: this._apimInstance!.id,
+      },
+
       privateDnsZoneName: "privatelink.azure-api.net",
       subnetIds: this._privateLink.subnetIds,
-      linkServiceGroupIds: ["Gateway"],
+      linkServiceGroupIds: this._privateLink.type
+        ? [this._privateLink.type]
+        : ["Gateway"],
       dependsOn: this._apimInstance,
     });
   }

diff --git a/src/Builder/ResourceBuilder.ts b/src/Builder/ResourceBuilder.ts
@@ -184,7 +184,6 @@ class ResourceBuilder
 
     if (asPrivateLink && subIds.length > 0) {
       createVaultPrivateLink({
-        name: `${this.name}-vault`,
         vaultInfo: this._vaultInfo!.info(),
         subnetIds: subIds,
       });

diff --git a/src/Builder/VaultBuilder.ts b/src/Builder/VaultBuilder.ts
@@ -35,7 +35,6 @@ export class VaultBuilderResults implements IVaultBuilderResults {
 
   public privateLinkTo(subnetIds: Input<string>[]): IVaultBuilderResults {
     createVaultPrivateLink({
-      name: `${this.vaultInfo.name}-vault`,
       vaultInfo: this.vaultInfo,
       subnetIds,
     });

diff --git a/src/Builder/VnetBuilder.ts b/src/Builder/VnetBuilder.ts
@@ -1,3 +1,4 @@
+import { ResourceInfo } from "../types";
 import IpAddressPrefix, {
   PublicIpAddressPrefixResult,
 } from "../VNet/IpAddressPrefix";
@@ -12,6 +13,7 @@ import { input as inputs } from "@pulumi/azure-native/types";
 import NetworkPeering from "../VNet/NetworkPeering";
 import { LogInfoResults } from "../Logs/Helpers";
 import VPNGateway from "../VNet/VPNGateway";
+import PrivateDnsZoneBuilder from "./PrivateDnsZoneBuilder";
 import {
   BastionCreationProps,
   FirewallCreationProps,
@@ -27,6 +29,7 @@ import {
   VnetBuilderResults,
   VpnGatewayCreationProps,
   BuilderProps,
+  VnetPrivateDnsBuilderFunc,
 } from "./types";
 import { getVnetInfo, parseVnetInfoFromId } from "../VNet/Helper";
 import Bastion from "../VNet/Bastion";
@@ -51,6 +54,8 @@ class VnetBuilder
   private _peeringProps: PeeringProps[] = [];
   private _logInfo: LogInfoResults | undefined = undefined;
   private _ipType: "prefix" | "individual" = "prefix";
+  private _privateDns: Record<string, VnetPrivateDnsBuilderFunc | undefined> =
+    {};
 
   /** The Instances */
   private _ipAddressInstance: PublicIpAddressPrefixResult | undefined =
@@ -60,6 +65,7 @@ class VnetBuilder
   private _natGatewayInstance: network.NatGateway | undefined = undefined;
   private _vnpGatewayInstance: network.VirtualNetworkGateway | undefined =
     undefined;
+  private _privateDnsInstances: Record<string, ResourceInfo> = {};
 
   constructor(commonProps: BuilderProps) {
     super(commonProps);
@@ -122,6 +128,13 @@ class VnetBuilder
     this._enableRoute = true;
     return this;
   }
+  public withPrivateDns(
+    domain: string,
+    builder?: VnetPrivateDnsBuilderFunc,
+  ): IVnetBuilder {
+    this._privateDns[domain] = builder;
+    return this;
+  }
 
   public peeringTo(props: PeeringProps): IVnetBuilder {
     this._peeringProps.push(props);
@@ -134,20 +147,6 @@ class VnetBuilder
   }
 
   /** Builders methods */
-  // private validate() {
-  //   if (this._firewallProps) {
-  //     if (!this._firewallProps.sku)
-  //       this._firewallProps.sku = this._natGatewayEnabled
-  //         ? { tier: "Basic", name: "AZFW_VNet" }
-  //         : { tier: "Basic", name: "AZFW_VNet" };
-  //
-  //     // if (this._natGatewayEnabled && this._firewallProps.sku.tier === "Basic")
-  //     //   throw new Error(
-  //     //     'The Firewall tier "Basic" is not support Nat Gateway.',
-  //     //   );
-  //   }
-  // }
-
   private buildIpAddress() {
     const ipNames = [];
 
@@ -316,6 +315,22 @@ class VnetBuilder
     });
   }
 
+  private buildPrivateDns() {
+    Object.keys(this._privateDns).forEach((k) => {
+      const bFunc = this._privateDns[k];
+      const builder = PrivateDnsZoneBuilder({
+        ...this.commonProps,
+        name: k,
+      }).linkTo({
+        vnetIds: [this._vnetInstance!.id],
+        registrationEnabled: false,
+      });
+
+      if (bFunc) bFunc(builder);
+      this._privateDnsInstances[k] = builder.build();
+    });
+  }
+
   private buildPeering() {
     if (!this._peeringProps || !this._vnetInstance) return;
 
@@ -348,6 +363,7 @@ class VnetBuilder
     this.buildFirewall();
     this.buildVpnGateway();
     this.buildBastion();
+    this.buildPrivateDns();
     this.buildPeering();
 
     return {

diff --git a/src/Builder/types/apimBuilder.ts b/src/Builder/types/apimBuilder.ts
@@ -1,7 +1,7 @@
 import { SkuType } from "@pulumi/azure-native/apimanagement";
 import { Input } from "@pulumi/pulumi";
 import { IBuilder } from "./genericBuilder";
-import { ResourceInfo } from "../../types";
+import { PrivateLinkPropsType, ResourceInfo } from "../../types";
 import { AppInsightInfo } from "../../Logs/Helpers";
 
 export type ApimSkuBuilderType = {
@@ -40,8 +40,7 @@ export type ApimVnetType = {
    * */
   type: "External" | "Internal";
 };
-export type ApimPrivateLinkType = {
-  subnetIds: Input<string>[];
+export type ApimPrivateLinkType = PrivateLinkPropsType & {
   disablePublicAccess?: boolean;
 };
 export type ApimAuthType = {

diff --git a/src/Builder/types/vnetBuilder.ts b/src/Builder/types/vnetBuilder.ts
@@ -10,6 +10,7 @@ import { VpnGatewayProps } from "../../VNet/VPNGateway";
 import { CustomSecurityRuleArgs, RouteArgs } from "../../VNet/types";
 import { LogInfoResults } from "../../Logs/Helpers";
 import { PublicIpAddressPrefixResult } from "../../VNet/IpAddressPrefix";
+import { IPrivateDnsZoneBuilder } from "./privateDnsZoneBuilder";
 
 //VNet Builder Types
 export type VnetBuilderResults = VnetResult & {
@@ -45,6 +46,10 @@ export type VpnGatewayCreationProps = Pick<
   "sku" | "vpnClientAddressPools"
 > & { subnetSpace: string };
 
+export type VnetPrivateDnsBuilderFunc = (
+  builder: IPrivateDnsZoneBuilder,
+) => IPrivateDnsZoneBuilder;
+
 //Starting Interface
 export interface IVnetBuilderStart {
   asHub(props?: VnetBuilderProps): IPublicIpBuilder;
@@ -64,9 +69,13 @@ export interface IGatewayFireWallBuilder extends IFireWallOrVnetBuilder {
 
 export interface IVnetBuilder extends IBuilder<VnetBuilderResults> {
   withBastion(props: BastionCreationProps): IVnetBuilder;
-  peeringTo(props: PeeringProps): IVnetBuilder;
+  withPrivateDns(
+    domain: string,
+    builder?: VnetPrivateDnsBuilderFunc,
+  ): IVnetBuilder;
   withSecurityRules(rules: CustomSecurityRuleArgs[]): IVnetBuilder;
   withRouteRules(rules: RouteArgs[]): IVnetBuilder;
   withLogInfo(info: LogInfoResults): IVnetBuilder;
   withVpnGateway(props: VpnGatewayCreationProps): IVnetBuilder;
+  peeringTo(props: PeeringProps): IVnetBuilder;
 }
diff --git a/src/Common/AzureEnv.ts b/src/Common/AzureEnv.ts
@@ -1,9 +1,8 @@
 import * as pulumi from "@pulumi/pulumi";
 import { authorization } from "@pulumi/azure-native";
 import { registerAutoTags } from "./AutoTags";
-import { KeyVaultInfo, ResourceGroupInfo } from "../types";
+import { KeyVaultInfo, ResourceGroupInfo, ResourceInfoArg } from "../types";
 import { getKeyVaultName, getResourceGroupName } from "./Naming";
-import { ResourceInfoArg } from "./ResourceEnv";
 import { organization, projectName, stack } from "./StackEnv";
 import { getCountryCode, getRegionCode } from "./Location";
 

diff --git a/src/Common/Helpers.ts b/src/Common/Helpers.ts
@@ -8,22 +8,61 @@ export function replaceAll(value: string, search: string, replace: string) {
 }
 
 export const toBase64 = (value: string) =>
-  Buffer.from(value).toString('base64');
+  Buffer.from(value).toString("base64");
 
 export const shallowEquals = (obj1: any, obj2: any) =>
   Object.keys(obj1).length === Object.keys(obj2).length &&
   Object.keys(obj1).every((key) => obj1[key] === obj2[key]);
 
 /** Get Domain from Url*/
 export const getDomainFromUrl = (url: string) =>
-  url.replace('https://', '').replace('http://', '').split('/')[0];
+  url.replace("https://", "").replace("http://", "").split("/")[0];
 
 /** Get Root Domain from Url or Sub domain*/
 export const getRootDomainFromUrl = (url: string) => {
-  const array = getDomainFromUrl(url).split('.');
-  return array.slice(Math.max(array.length - 2, 0)).join('.');
+  const array = getDomainFromUrl(url).split(".");
+  return array.slice(Math.max(array.length - 2, 0)).join(".");
 };
 
 /** Create Range*/
 export const RangeOf = (length: number) =>
   Array.from({ length: length }, (v, k) => k);
+
+/**
+ * Simple object check.
+ * @param item
+ * @returns {boolean}
+ */
+export function isObject(item: any): boolean {
+  return item !== null && typeof item === "object" && !Array.isArray(item);
+}
+
+/**
+ * Deep merge two or more objects.
+ * @param target
+ * @param sources
+ * @returns {T}
+ */
+export function mergeDeep<T>(target: T, ...sources: any[]): T {
+  if (!sources.length) return target;
+
+  for (const source of sources) {
+    if (isObject(source)) {
+      for (const key of Object.keys(source)) {
+        const sourceValue = source[key];
+        const targetValue = (target as any)[key];
+
+        if (isObject(sourceValue)) {
+          if (!targetValue) {
+            (target as any)[key] = {};
+          }
+          mergeDeep((target as any)[key], sourceValue);
+        } else {
+          (target as any)[key] = sourceValue;
+        }
+      }
+    }
+  }
+
+  return target;
+}
diff --git a/src/Common/Naming/index.ts b/src/Common/Naming/index.ts
@@ -4,8 +4,12 @@ import { getResourceName } from "../ResourceEnv";
 import { organization, stack } from "../StackEnv";
 
 /** The method to get Resource group Name*/
-export const getResourceGroupName = (name: string): string =>
+export const getResourceGroupName = (
+  name: string,
+  convention: ConventionProps = {},
+): string =>
   getResourceName(name, {
+    ...convention,
     suffix: organization ? `grp-${organization}` : "grp",
   });
 
@@ -19,8 +23,8 @@ export const getStorageName = (name: string): string => {
 
 /** Get Vault Secret Name. Remove the stack name and replace all _ with - then lower cases. */
 export const getSecretName = (name: string) => {
-  name = name.replace(`${stack}-`, "");
-  name = name.replace(stack, "");
+  name = replaceAll(name, `${stack}-`, "");
+  name = replaceAll(name, stack, "");
   name = replaceAll(name, " ", "-");
   name = replaceAll(name, ".", "-");
   return replaceAll(name, "_", "-").toLowerCase();
@@ -142,8 +146,8 @@ export const getNICName = (name: string) =>
 export const getVpnName = (name: string) =>
   getResourceName(name, { suffix: "vpn" });
 
-export const getVnetName = (name: string) =>
-  getResourceName(name, { suffix: "vnt" });
+export const getVnetName = (name: string, convention: ConventionProps = {}) =>
+  getResourceName(name, { ...convention, suffix: "vnt" });
 
 export const getWanName = (name: string) =>
   getResourceName(name, { suffix: "wan" });
@@ -160,6 +164,9 @@ export const getRouteName = (name: string) =>
 export const getRouteItemName = (name: string) =>
   getResourceName(name, { suffix: "", includeOrgName: false });
 
+export const getWorkflowName = (name: string) =>
+  getResourceName(name, { suffix: "wkp" });
+
 export const getNetworkSecurityGroupName = (name: string) =>
   getResourceName(name, { suffix: "nsg" });