Skip to content

Commit 67ff54b

Browse files
fix: Deployment issue with container app
1 parent 5007782 commit 67ff54b

11 files changed

Lines changed: 227 additions & 158 deletions

.devcontainer/Dockerfile

Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,27 @@
1+
ARG UV_VERSION=latest
2+
ARG DEBIAN_VERSION=bookworm
3+
4+
# Use UV package as a base layer
5+
FROM ghcr.io/astral-sh/uv:$UV_VERSION AS uv
6+
7+
# Use Debian-based VS Code Dev Container as base
8+
FROM mcr.microsoft.com/vscode/devcontainers/base:$DEBIAN_VERSION
9+
10+
# Install dependencies and Node.js 20+ from NodeSource
11+
RUN apt-get update \
12+
&& apt-get install -y --no-install-recommends \
13+
python3-numpy poppler-utils build-essential python3-dev curl \
14+
&& curl -fsSL https://deb.nodesource.com/setup_20.x | bash - \
15+
&& apt-get install -y nodejs \
16+
&& apt-get clean \
17+
&& rm -rf /var/lib/apt/lists/* \
18+
&& curl -fsSL https://aka.ms/install-azd.sh | bash
19+
20+
# Copy UV binaries
21+
COPY --from=uv --chown=vscode: /uv /uvx /bin/
22+
23+
# Install global NPM packages
24+
RUN npm install -g tslint-to-eslint-config typescript yarn react-app-rewired
25+
26+
# Set default shell
27+
SHELL ["/bin/bash", "-c"]

.devcontainer/devcontainer.json

Lines changed: 58 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,58 @@
1+
{
2+
"name": "Multi-Project DevContainer",
3+
"build": {
4+
"dockerfile": "Dockerfile"
5+
},
6+
"features": {
7+
"ghcr.io/devcontainers/features/docker-in-docker:2": {
8+
"version": "latest"
9+
},
10+
"ghcr.io/va-h/devcontainers-features/uv:1": {
11+
"shellautocompletion": true,
12+
"version": "latest"
13+
},
14+
"azure-cli": "latest"
15+
},
16+
"customizations": {
17+
"vscode": {
18+
"extensions": [
19+
"ms-python.python",
20+
"charliermarsh.ruff",
21+
"exiasr.hadolint",
22+
"kevinrose.vsc-python-indent",
23+
"mosapride.zenkaku",
24+
"ms-azuretools.vscode-docker",
25+
"ms-python.python",
26+
"njpwerner.autodocstring",
27+
"redhat.vscode-yaml",
28+
"shardulm94.trailing-spaces",
29+
"tamasfe.even-better-toml",
30+
"yzhang.markdown-all-in-one",
31+
"ms-azuretools.azure-dev",
32+
"charliermarsh.ruff",
33+
"exiasr.hadolint",
34+
"kevinrose.vsc-python-indent",
35+
"mosapride.zenkaku",
36+
"ms-azuretools.vscode-docker",
37+
"ms-python.python",
38+
"njpwerner.autodocstring",
39+
"redhat.vscode-yaml",
40+
"shardulm94.trailing-spaces",
41+
"tamasfe.even-better-toml",
42+
"yzhang.markdown-all-in-one",
43+
"ms-azuretools.azure-dev",
44+
"ms-vscode.azurecli"
45+
]
46+
}
47+
},
48+
"containerEnv": {
49+
"DISPLAY": "dummy",
50+
"PYTHONUNBUFFERED": "True",
51+
"UV_LINK_MODE": "copy",
52+
"UV_PROJECT_ENVIRONMENT": "/home/vscode/.venv"
53+
},
54+
"postCreateCommand": "sed -i 's/\r$//' ./setupEnv.sh && sh ./setupEnv.sh",
55+
"remoteEnv": {
56+
"PYTHONPATH": "/home/vscode/.venv/bin"
57+
}
58+
}

.devcontainer/setupEnv.sh

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,22 @@
1+
#!/bin/sh
2+
3+
set -e # Exit on error
4+
5+
echo "Setting up ContentProcessor..."
6+
cd src/ContentProcessor
7+
uv sync --frozen
8+
cd ../../
9+
10+
pwd
11+
12+
echo "Setting up ContentProcessorApi..."
13+
cd src/ContentProcessorApi
14+
uv sync --frozen
15+
cd ../../
16+
pwd
17+
18+
echo "Installing dependencies for ContentProcessorWeb..."
19+
cd src/ContentProcessorWeb
20+
yarn install
21+
22+
echo "Setup complete! 🎉"

infra/container_app/deploy_container_app_env.bicep

Lines changed: 11 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -1,33 +1,30 @@
11
param solutionName string
2-
param containerEnvName string
2+
param containerEnvName string
33
param location string
44

5-
// Container related params
6-
param azureContainerRegistry string
7-
85
param logAnalyticsWorkspaceName string
96

107
resource logAnalyticsWorkspace 'Microsoft.OperationalInsights/workspaces@2023-09-01' existing = {
118
name: logAnalyticsWorkspaceName
129
}
1310

1411
resource containerRegistryReader 'Microsoft.ManagedIdentity/userAssignedIdentities@2023-01-31' = {
15-
name: '${ solutionName }-acr-managed-identity'
12+
name: '${solutionName }-acr-managed-identity'
1613
location: location
1714
tags: {
1815
app: solutionName
1916
location: location
2017
}
2118
}
2219

23-
resource acrPullRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
24-
name: guid(azureContainerRegistry, containerRegistryReader.id, 'acrpull')
25-
scope: resourceGroup()
26-
properties: {
27-
roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '7f951dda-4ed3-4680-a7ca-43fe172d538d') // AcrPull role
28-
principalId: containerRegistryReader.properties.principalId
29-
}
30-
}
20+
// resource acrPullRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
21+
// name: guid(azureContainerRegistry, containerRegistryReader.id, 'acrpull')
22+
// scope: resourceGroup()
23+
// properties: {
24+
// roleDefinitionId: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '7f951dda-4ed3-4680-a7ca-43fe172d538d') // AcrPull role
25+
// principalId: containerRegistryReader.properties.principalId
26+
// }
27+
// }
3128

3229
resource containerAppEnv 'Microsoft.App/managedEnvironments@2024-03-01' = {
3330
name: containerEnvName
@@ -53,3 +50,4 @@ resource containerAppEnv 'Microsoft.App/managedEnvironments@2024-03-01' = {
5350

5451
output containerEnvId string = containerAppEnv.id
5552
output containerRegistryReaderId string = containerRegistryReader.id
53+
output containerRegistryReaderPrincipalId string = containerRegistryReader.properties.principalId

infra/deploy_container_registry.bicep

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@ param environmentName string
77
var uniqueId = toLower(uniqueString(subscription().id, environmentName, resourceGroup().location))
88
var solutionName = 'cps-${padLeft(take(uniqueId, 12), 12, '0')}'
99

10-
var containerNameCleaned = replace('cr${ solutionName }', '-', '')
10+
var containerNameCleaned = replace('cr${solutionName }', '-', '')
1111

1212
@description('Provide a location for the registry.')
1313
param location string = resourceGroup().location

infra/deploy_cosmos_db.bicep

Lines changed: 34 additions & 34 deletions
Original file line numberDiff line numberDiff line change
@@ -1,24 +1,24 @@
11
param solutionLocation string
22

33
param cosmosAccountName string
4-
var databaseName = 'ContentProcess'
5-
var collectionNameProcess = 'Processes'
6-
var collectionNameSchema = 'Schemas'
4+
// var databaseName = 'ContentProcess'
5+
// var collectionNameProcess = 'Processes'
6+
// var collectionNameSchema = 'Schemas'
77

8-
var containers = [
9-
{
10-
name: collectionNameProcess
11-
id: collectionNameProcess
12-
partitionKey: '/userId'
13-
}
14-
{
15-
name: collectionNameSchema
16-
id: collectionNameSchema
17-
partitionKey: '/userId'
18-
}
19-
]
8+
// var containers = [
9+
// {
10+
// name: collectionNameProcess
11+
// id: collectionNameProcess
12+
// partitionKey: '/userId'
13+
// }
14+
// {
15+
// name: collectionNameSchema
16+
// id: collectionNameSchema
17+
// partitionKey: '/userId'
18+
// }
19+
// ]
2020

21-
@allowed([ 'GlobalDocumentDB', 'MongoDB', 'Parse' ])
21+
@allowed(['GlobalDocumentDB', 'MongoDB', 'Parse'])
2222
param kind string = 'GlobalDocumentDB'
2323

2424
param tags object = {}
@@ -41,29 +41,29 @@ resource cosmos 'Microsoft.DocumentDB/databaseAccounts@2024-12-01-preview' = {
4141
enableAutomaticFailover: false
4242
enableMultipleWriteLocations: false
4343
apiProperties: (kind == 'MongoDB') ? { serverVersion: '7.0' } : {}
44-
capabilities: kind == 'MongoDB' ? [{ name: 'EnableMongo' }] : [ { name: 'EnableServerless' } ]
44+
capabilities: kind == 'MongoDB' ? [{ name: 'EnableMongo' }] : [{ name: 'EnableServerless' }]
4545
capacityMode: 'Serverless'
4646
enableFreeTier: false
4747
}
4848
}
4949

50-
resource database 'Microsoft.DocumentDB/databaseAccounts/mongodbDatabases@2024-12-01-preview' = {
51-
parent: cosmos
52-
name: databaseName
53-
properties: {
54-
resource: { id: databaseName }
55-
}
50+
// resource database 'Microsoft.DocumentDB/databaseAccounts/mongodbDatabases@2024-12-01-preview' = {
51+
// parent: cosmos
52+
// name: databaseName
53+
// properties: {
54+
// resource: { id: databaseName }
55+
// }
5656

57-
resource list 'collections' = [for container in containers: {
58-
name: container.name
59-
properties: {
60-
resource: {
61-
id: container.id
62-
}
63-
options: {}
64-
}
65-
}]
66-
}
57+
// resource list 'collections' = [for container in containers: {
58+
// name: container.name
59+
// properties: {
60+
// resource: {
61+
// id: container.id
62+
// }
63+
// options: {}
64+
// }
65+
// }]
66+
// }
6767

6868
output cosmosAccountName string = cosmos.name
69-
output cosmosDatabaseName string = databaseName
69+
// output cosmosDatabaseName string = databaseName

infra/deploy_role_assignments.bicep

Lines changed: 21 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,16 @@
1-
param conainerAppPrincipalIds array // List of user/service principal IDs
2-
param containerApiPrincipalId string // API principal ID
3-
param containerAppPrincipalId string // APP principal ID
1+
param conainerAppPrincipalIds array // List of user/service principal IDs
2+
param containerApiPrincipalId string // API principal ID
3+
param containerAppPrincipalId string // APP principal ID
44

5-
param appConfigResourceId string // Resource ID of the App Configuration instance
6-
param storageResourceId string // Resource ID of the Storage account
7-
param storagePrincipalId string // Resource ID of the Storage account
5+
param appConfigResourceId string // Resource ID of the App Configuration instance
6+
param storageResourceId string // Resource ID of the Storage account
7+
param storagePrincipalId string // Resource ID of the Storage account
88

99
param aiServiceCUId string // Resource ID of the Content Understanding Service
1010
param aiServiceId string // Resource ID of the Open AI service
1111

12+
param containerRegistryReaderPrincipalId string
13+
1214
resource appConfigDataReader 'Microsoft.Authorization/roleDefinitions@2018-01-01-preview' existing = {
1315
scope: resourceGroup()
1416
name: '516239f1-63e1-4d78-a4de-a74fb236a071'
@@ -34,7 +36,7 @@ resource cognitiveServicesOpenAIUserRole 'Microsoft.Authorization/roleDefinition
3436
scope: resourceGroup()
3537
}
3638

37-
resource roleAssignments 'Microsoft.Authorization/roleAssignments@2020-04-01-preview' = [
39+
resource roleAssignments 'Microsoft.Authorization/roleAssignments@2020-04-01-preview' = [
3840
for principalId in conainerAppPrincipalIds: {
3941
name: guid('${appConfigResourceId}-${principalId}', appConfigDataReader.id)
4042
scope: resourceGroup()
@@ -128,3 +130,15 @@ resource cognitiveServicesUserRoleAssignment 'Microsoft.Authorization/roleAssign
128130
principalType: 'ServicePrincipal'
129131
}
130132
}
133+
134+
resource acrPullRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
135+
name: guid(containerRegistryReaderPrincipalId, 'acrpull')
136+
scope: resourceGroup()
137+
properties: {
138+
roleDefinitionId: subscriptionResourceId(
139+
'Microsoft.Authorization/roleDefinitions',
140+
'7f951dda-4ed3-4680-a7ca-43fe172d538d'
141+
) // AcrPull role
142+
principalId: containerRegistryReaderPrincipalId
143+
}
144+
}

infra/deploy_storage_account.bicep

Lines changed: 4 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@ param solutionLocation string
66

77
@description('Name')
88
param saName string
9-
var saNameCleaned = replace(saName, '-', '')
9+
var saNameCleaned = take(replace(saName, '-', ''), 24)
1010

1111
param managedIdentityObjectId string
1212

@@ -18,7 +18,7 @@ resource storageAccounts_resource 'Microsoft.Storage/storageAccounts@2022-09-01'
1818
}
1919
kind: 'StorageV2'
2020
identity: {
21-
type:'SystemAssigned'
21+
type: 'SystemAssigned'
2222
}
2323
properties: {
2424
minimumTlsVersion: 'TLS1_2'
@@ -62,7 +62,6 @@ resource storageAccounts_resource 'Microsoft.Storage/storageAccounts@2022-09-01'
6262
// }
6363
// }
6464

65-
6665
// resource storageAccounts_default_data 'Microsoft.Storage/storageAccounts/blobServices/containers@2022-09-01' = {
6766
// parent: storageAccounts_default
6867
// name: 'data'
@@ -86,8 +85,8 @@ resource roleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
8685
name: guid(resourceGroup().id, managedIdentityObjectId, blobDataContributor.id)
8786
properties: {
8887
principalId: managedIdentityObjectId
89-
roleDefinitionId:blobDataContributor.id
90-
principalType: 'ServicePrincipal'
88+
roleDefinitionId: blobDataContributor.id
89+
principalType: 'ServicePrincipal'
9190
}
9291
}
9392

0 commit comments

Comments
 (0)