From 45506c9fb2f31b9feb2e971e8ecac07ec5197191 Mon Sep 17 00:00:00 2001 From: Lukas Rottach <50323692+lrottach@users.noreply.github.com> Date: Sun, 21 Mar 2021 18:58:57 +0100 Subject: [PATCH 01/14] feat: updated pipeline to use plan script --- .github/workflows/workflow_verbose.yml | 2 +- plan.sh | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/workflow_verbose.yml b/.github/workflows/workflow_verbose.yml index f06e43a..e141072 100644 --- a/.github/workflows/workflow_verbose.yml +++ b/.github/workflows/workflow_verbose.yml @@ -39,4 +39,4 @@ jobs: with: azcliversion: 2.20.0 inlineScript: | - az deployment sub what-if --location 'West Europe' --no-prompt --template-file $GITHUB_WORKSPACE/Templates/main.bicep + sh $GITHUB_WORKSPACE/plan.sh diff --git a/plan.sh b/plan.sh index e69de29..f0e90ac 100644 --- a/plan.sh +++ b/plan.sh @@ -0,0 +1,3 @@ +# Script for What-If deployments + +az deployment sub what-if --name 'bicep-development' --location 'Switzerland North' -f ./Templates/main.bicep -p location='switzerlandnorth' \ No newline at end of file From 3802e975bd7b0b6e1dd1f19afb82468223a119c4 Mon Sep 17 00:00:00 2001 From: Lukas Rottach <50323692+lrottach@users.noreply.github.com> Date: Sun, 21 Mar 2021 19:16:07 +0100 Subject: [PATCH 02/14] feat: echo statement to debug pipeline --- plan.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/plan.sh b/plan.sh index f0e90ac..263e596 100644 --- a/plan.sh +++ b/plan.sh @@ -1,3 +1,4 @@ # Script for What-If deployments +echo 'Start evaluating deployment...' az deployment sub what-if --name 'bicep-development' --location 'Switzerland North' -f ./Templates/main.bicep -p location='switzerlandnorth' \ No newline at end of file From 8ffca7d5e68ed8f5d6dd85aeb3e4efe0f8d16335 Mon Sep 17 00:00:00 2001 From: Lukas Rottach <50323692+lrottach@users.noreply.github.com> Date: Tue, 23 Mar 2021 11:45:11 +0100 Subject: [PATCH 03/14] feat: step to provision bicep --- .github/workflows/workflow_verbose.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.github/workflows/workflow_verbose.yml b/.github/workflows/workflow_verbose.yml index e141072..9025557 100644 --- a/.github/workflows/workflow_verbose.yml +++ b/.github/workflows/workflow_verbose.yml @@ -33,6 +33,13 @@ jobs: inlineScript: | az account show + - name: Azure CLI - Install Bicep + uses: azure/CLI@v1 + with: + azcliversion: 2.20.0 + inlineScript: | + az bicep install + - name: Azure CLI - Plan if: github.event_name == 'pull_request' uses: azure/CLI@v1 From e629bc01f8ae7f955731e8f867348fa2176a636d Mon Sep 17 00:00:00 2001 From: Lukas Rottach <50323692+lrottach@users.noreply.github.com> Date: Tue, 23 Mar 2021 13:19:18 +0100 Subject: [PATCH 04/14] feat: changed bicep install to official tooling guide --- .github/workflows/workflow_verbose.yml | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/.github/workflows/workflow_verbose.yml b/.github/workflows/workflow_verbose.yml index 9025557..b24dff9 100644 --- a/.github/workflows/workflow_verbose.yml +++ b/.github/workflows/workflow_verbose.yml @@ -21,6 +21,12 @@ jobs: - name: Checkout uses: actions/checkout@v2 + - run: | + curl -Lo bicep https://github.com/Azure/bicep/releases/latest/download/bicep-linux-x64 + chmod +x ./bicep + sudo mv ./bicep /usr/local/bin/bicep + bicep --help + - name: Azure Login uses: azure/login@v1 with: @@ -33,13 +39,6 @@ jobs: inlineScript: | az account show - - name: Azure CLI - Install Bicep - uses: azure/CLI@v1 - with: - azcliversion: 2.20.0 - inlineScript: | - az bicep install - - name: Azure CLI - Plan if: github.event_name == 'pull_request' uses: azure/CLI@v1 From 54ec75f116c861c495c6e00e747df13d4e61066c Mon Sep 17 00:00:00 2001 From: Lukas Rottach <50323692+lrottach@users.noreply.github.com> Date: Tue, 23 Mar 2021 13:27:27 +0100 Subject: [PATCH 05/14] fix: broken yml syntax --- .github/workflows/workflow_verbose.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/workflow_verbose.yml b/.github/workflows/workflow_verbose.yml index b24dff9..0b18368 100644 --- a/.github/workflows/workflow_verbose.yml +++ b/.github/workflows/workflow_verbose.yml @@ -22,10 +22,10 @@ jobs: uses: actions/checkout@v2 - run: | - curl -Lo bicep https://github.com/Azure/bicep/releases/latest/download/bicep-linux-x64 - chmod +x ./bicep - sudo mv ./bicep /usr/local/bin/bicep - bicep --help + curl -Lo bicepinstall https://github.com/Azure/bicep/releases/latest/download/bicep-linux-x64 + chmod +x ./bicepinstall + sudo mv ./bicepinstall /usr/local/bin/bicep + bicep --help - name: Azure Login uses: azure/login@v1 From 91b10944f207db1c4f6b5a90515713d9aea082b1 Mon Sep 17 00:00:00 2001 From: Lukas Rottach <50323692+lrottach@users.noreply.github.com> Date: Tue, 23 Mar 2021 13:45:02 +0100 Subject: [PATCH 06/14] fix: switched from script to direkt command --- .github/workflows/workflow_verbose.yml | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/.github/workflows/workflow_verbose.yml b/.github/workflows/workflow_verbose.yml index 0b18368..58d1fe9 100644 --- a/.github/workflows/workflow_verbose.yml +++ b/.github/workflows/workflow_verbose.yml @@ -21,12 +21,6 @@ jobs: - name: Checkout uses: actions/checkout@v2 - - run: | - curl -Lo bicepinstall https://github.com/Azure/bicep/releases/latest/download/bicep-linux-x64 - chmod +x ./bicepinstall - sudo mv ./bicepinstall /usr/local/bin/bicep - bicep --help - - name: Azure Login uses: azure/login@v1 with: @@ -39,10 +33,17 @@ jobs: inlineScript: | az account show + - name: Azure CLI - Bicep Installation + uses: azure/CLI@v1 + with: + azcliversion: 2.20.0 + inlineScript: | + az account show + - name: Azure CLI - Plan if: github.event_name == 'pull_request' uses: azure/CLI@v1 with: azcliversion: 2.20.0 inlineScript: | - sh $GITHUB_WORKSPACE/plan.sh + az deployment sub what-if --location 'Switzerland North' -f $GITHUB_WORKSPACE/Templates/main.bicep -p location='switzerlandnorth' From 019217e210276fd475d132f6ba06091b9154bd24 Mon Sep 17 00:00:00 2001 From: Lukas Rottach <50323692+lrottach@users.noreply.github.com> Date: Tue, 23 Mar 2021 13:45:22 +0100 Subject: [PATCH 07/14] refactor: removed cli version option --- .github/workflows/workflow_verbose.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/.github/workflows/workflow_verbose.yml b/.github/workflows/workflow_verbose.yml index 58d1fe9..12c0667 100644 --- a/.github/workflows/workflow_verbose.yml +++ b/.github/workflows/workflow_verbose.yml @@ -29,21 +29,19 @@ jobs: - name: Azure CLI - Show Status uses: azure/CLI@v1 with: - azcliversion: 2.20.0 inlineScript: | az account show - name: Azure CLI - Bicep Installation uses: azure/CLI@v1 with: - azcliversion: 2.20.0 inlineScript: | - az account show + az bicep install + az bicep --help - name: Azure CLI - Plan if: github.event_name == 'pull_request' uses: azure/CLI@v1 with: - azcliversion: 2.20.0 inlineScript: | az deployment sub what-if --location 'Switzerland North' -f $GITHUB_WORKSPACE/Templates/main.bicep -p location='switzerlandnorth' From 16dd6187370ef009a282072a1a45d597c9960458 Mon Sep 17 00:00:00 2001 From: Lukas Rottach <50323692+lrottach@users.noreply.github.com> Date: Tue, 23 Mar 2021 13:48:04 +0100 Subject: [PATCH 08/14] fix: merged all az commands into one step --- .github/workflows/workflow_verbose.yml | 16 +++------------- 1 file changed, 3 insertions(+), 13 deletions(-) diff --git a/.github/workflows/workflow_verbose.yml b/.github/workflows/workflow_verbose.yml index 12c0667..42c1572 100644 --- a/.github/workflows/workflow_verbose.yml +++ b/.github/workflows/workflow_verbose.yml @@ -25,23 +25,13 @@ jobs: uses: azure/login@v1 with: creds: ${{ secrets.AZURE_CREDENTIALS }} - - - name: Azure CLI - Show Status - uses: azure/CLI@v1 - with: - inlineScript: | - az account show - - - name: Azure CLI - Bicep Installation - uses: azure/CLI@v1 - with: - inlineScript: | - az bicep install - az bicep --help - name: Azure CLI - Plan if: github.event_name == 'pull_request' uses: azure/CLI@v1 with: inlineScript: | + az account show + az bicep install + az bicep --help az deployment sub what-if --location 'Switzerland North' -f $GITHUB_WORKSPACE/Templates/main.bicep -p location='switzerlandnorth' From 8d6eb9fd9eecdd1a050b92a3ff06e2f72919ca31 Mon Sep 17 00:00:00 2001 From: Lukas Rottach <50323692+lrottach@users.noreply.github.com> Date: Wed, 24 Mar 2021 07:39:41 +0000 Subject: [PATCH 09/14] refactor: workflow file name and title --- .github/workflows/{workflow_verbose.yml => workflow.yml} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename .github/workflows/{workflow_verbose.yml => workflow.yml} (96%) diff --git a/.github/workflows/workflow_verbose.yml b/.github/workflows/workflow.yml similarity index 96% rename from .github/workflows/workflow_verbose.yml rename to .github/workflows/workflow.yml index 42c1572..16594b3 100644 --- a/.github/workflows/workflow_verbose.yml +++ b/.github/workflows/workflow.yml @@ -1,6 +1,6 @@ # This is a basic workflow to help you get started with Actions -name: Azure CI +name: Azure Bicep - Plan & Deploy # Controls when the action will run. on: From 83795d03c7ab6d19f4dd6463901e15b76140ffea Mon Sep 17 00:00:00 2001 From: Lukas Rottach <50323692+lrottach@users.noreply.github.com> Date: Wed, 24 Mar 2021 22:21:22 +0000 Subject: [PATCH 10/14] feat: first draft network module --- Templates/Modules/network.bicep | 23 +++++++++++++++++++++++ Templates/Modules/sessionHost.bicep | 3 --- 2 files changed, 23 insertions(+), 3 deletions(-) create mode 100644 Templates/Modules/network.bicep delete mode 100644 Templates/Modules/sessionHost.bicep diff --git a/Templates/Modules/network.bicep b/Templates/Modules/network.bicep new file mode 100644 index 0000000..4ac7c7a --- /dev/null +++ b/Templates/Modules/network.bicep @@ -0,0 +1,23 @@ +param location string = resourceGroup().location +param vnetName string +param vnetRange string +param subnetAdresses array +param subnetNames array + +resource vnet 'Microsoft.Network/virtualNetworks@2020-08-01' = { + name : vnetName + location : location + properties : { + addressSpace : { + addressPrefixes : [ + vnetRange + ] + } + subnets : [for (adress, i) in subnetAdresses: { + name : subnetNames[i] + properties : { + addressPrefix : adress + } + }] + } +} diff --git a/Templates/Modules/sessionHost.bicep b/Templates/Modules/sessionHost.bicep deleted file mode 100644 index c4da059..0000000 --- a/Templates/Modules/sessionHost.bicep +++ /dev/null @@ -1,3 +0,0 @@ -param sessionHostName string = '' -param sessionHostRg string = '' - From 8a8ba967a5bedd686a6094dbf3dfd186fa399808 Mon Sep 17 00:00:00 2001 From: Lukas Rottach <50323692+lrottach@users.noreply.github.com> Date: Wed, 24 Mar 2021 22:21:56 +0000 Subject: [PATCH 11/14] feat: network specific parameter and module call --- Templates/main.bicep | 29 ++++++++++++++++++++++++++++- 1 file changed, 28 insertions(+), 1 deletion(-) diff --git a/Templates/main.bicep b/Templates/main.bicep index 9ed99c7..032eb2f 100644 --- a/Templates/main.bicep +++ b/Templates/main.bicep @@ -1,7 +1,23 @@ targetScope = 'subscription' +// General parameter param location string = 'switzerlandnorth' +// Virtual network parameter +param vnetName string = 'vnet-sn-01' +param vnetRange string = '10.100.0.0/16' +param subnetAdresses array = [ + '10.100.1.0/24' + '10.100.2.0/24' + '10.100.3.0/24' +] +param subnetNames array = [ + 'GatewaySubnet' + 'BastionSubnet' + 'FirewallSubnet' +] + +// Resource Group variables var rgName_Network = 'rg-network-sn-01' var rgName_Storage = 'rg-storage-sn-01' var rgName_Vault = 'rg-vault-sn-01' @@ -33,4 +49,15 @@ resource rg_wvd 'Microsoft.Resources/resourceGroups@2020-06-01' = { resource rg_hosts 'Microsoft.Resources/resourceGroups@2020-06-01' = { name: rgName_WvdHosts location: location -} \ No newline at end of file +} + +module vnet 'Modules/network.bicep' = { + name : 'networkDeployment' + scope : resourceGroup(rg_network.name) + params : { + vnetName : vnetName + vnetRange : vnetRange + subnetAdresses : subnetAdresses + subnetNames : subnetNames + } +} From e94892fd22db5497ed8c61ba0a8ce5f899168fe7 Mon Sep 17 00:00:00 2001 From: Lukas Rottach <50323692+lrottach@users.noreply.github.com> Date: Fri, 4 Jun 2021 22:54:29 +0200 Subject: [PATCH 12/14] refactor: virtual network parameter --- Templates/main.bicep | 21 +++++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/Templates/main.bicep b/Templates/main.bicep index 032eb2f..9753367 100644 --- a/Templates/main.bicep +++ b/Templates/main.bicep @@ -4,14 +4,27 @@ targetScope = 'subscription' param location string = 'switzerlandnorth' // Virtual network parameter -param vnetName string = 'vnet-sn-01' -param vnetRange string = '10.100.0.0/16' -param subnetAdresses array = [ +param vnet1Name string = 'network1' +param vnet1Range string = '10.100.0.0/16' +param vnet1SubnetAdresses array = [ '10.100.1.0/24' '10.100.2.0/24' '10.100.3.0/24' ] -param subnetNames array = [ +param vnet1SubnetNames array = [ + 'GatewaySubnet' + 'BastionSubnet' + 'FirewallSubnet' +] + +param vnet2Name string = 'network2' +param vnet2Range string = '10.101.0.0/16' +param vnet2SubnetAdresses array = [ + '10.101.1.0/24' + '10.101.2.0/24' + '10.101.3.0/24' +] +param vnet2SubnetNames array = [ 'GatewaySubnet' 'BastionSubnet' 'FirewallSubnet' From bbf2eecfad3307df3645fa0aeb977dfb3824ce18 Mon Sep 17 00:00:00 2001 From: Lukas Rottach <50323692+lrottach@users.noreply.github.com> Date: Fri, 4 Jun 2021 22:55:35 +0200 Subject: [PATCH 13/14] feat: added allowed properties --- Templates/main.bicep | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/Templates/main.bicep b/Templates/main.bicep index 9753367..5787576 100644 --- a/Templates/main.bicep +++ b/Templates/main.bicep @@ -1,8 +1,21 @@ targetScope = 'subscription' // General parameter +@allowed([ + 'switzerlandnorth' + 'westeurope' + 'centralus' + 'centralindia' +]) param location string = 'switzerlandnorth' +@allowed([ + 'production' + 'development' + 'test' +]) +param environment string + // Virtual network parameter param vnet1Name string = 'network1' param vnet1Range string = '10.100.0.0/16' From 46307ff9d97ea6bec5555f51aa921f4b56fc755c Mon Sep 17 00:00:00 2001 From: Lukas Rottach <50323692+lrottach@users.noreply.github.com> Date: Fri, 4 Jun 2021 22:56:10 +0200 Subject: [PATCH 14/14] refactor: removed unused network module call --- Templates/main.bicep | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/Templates/main.bicep b/Templates/main.bicep index 5787576..becf58b 100644 --- a/Templates/main.bicep +++ b/Templates/main.bicep @@ -76,14 +76,3 @@ resource rg_hosts 'Microsoft.Resources/resourceGroups@2020-06-01' = { name: rgName_WvdHosts location: location } - -module vnet 'Modules/network.bicep' = { - name : 'networkDeployment' - scope : resourceGroup(rg_network.name) - params : { - vnetName : vnetName - vnetRange : vnetRange - subnetAdresses : subnetAdresses - subnetNames : subnetNames - } -}