fix: App job documentation updates - avm/res/app/job (#2074)

## Description - changed secure parameter from an as secure decorated object to a custom type. - improved documentation with examples and tests Unfortunately, there is a breaking change in this change. The secrets parameter required a `secureList` property, which is not required anymore ``` // this is the old usage secrets: { secureList: [ { name: 'connection-string' value: '<secretValue>' } ] } // which has now changed to a custom type and must be used like this: secrets: [ { name: 'connection-string' value: '<secretValue>' } ] ``` #2070 Fixes #2071 ## Pipeline Reference  | Pipeline | | -------- | | [![avm.res.app.job](https://github.com/ReneHezser/bicep-registry-modules/actions/workflows/avm.res.app.job.yml/badge.svg?branch=app-job-documentation-updates)](https://github.com/ReneHezser/bicep-registry-modules/actions/workflows/avm.res.app.job.yml) | ## Type of Change  - [ ] Update to CI Environment or utlities (Non-module effecting changes) - [x] Azure Verified Module updates: - [ ] Bugfix containing backwards compatible bug fixes, and I have NOT bumped the MAJOR or MINOR version in `version.json`: - [ ] Someone has opened a bug report issue, and I have included "Closes #{bug_report_issue_number}" in the PR description. - [ ] The bug was found by the module author, and no one has opened an issue to report it yet. - [ ] Feature update backwards compatible feature updates, and I have bumped the MINOR version in `version.json`. - [x] Breaking changes and I have bumped the MAJOR version in `version.json`. - [x] Update to documentation ## Checklist - [x] I'm sure there are no other open Pull Requests for the same update/change - [x] I have run `Set-AVMModule` locally to generate the supporting module files. - [x] My corresponding pipelines / checks run clean and green without any errors or warnings --------- Co-authored-by: Alexander Sehr <[email protected]>
Azure · Jun 5, 2024 · d5ba296 · d5ba296
1 parent 8fd24b5
commit d5ba296
Show file tree

Hide file tree

Showing 8 changed files with 2,450 additions and 224 deletions.
diff --git a/avm/res/app/job/README.md b/avm/res/app/job/README.md
diff --git a/avm/res/app/job/main.bicep b/avm/res/app/job/main.bicep
diff --git a/avm/res/app/job/main.json b/avm/res/app/job/main.json
diff --git a/avm/res/app/job/tests/e2e/defaults/main.test.bicep b/avm/res/app/job/tests/e2e/defaults/main.test.bicep
@@ -54,17 +54,13 @@ module testDeployment '../../../main.bicep' = [
       environmentResourceId: nestedDependencies.outputs.managedEnvironmentResourceId
       location: resourceLocation
       triggerType: 'Manual'
-      manualTriggerConfig: {
-        replicaCompletionCount: 1
-        parallelism: 1
-      }
+      manualTriggerConfig: {}
       containers: [
         {
           name: 'simple-hello-world-container'
           image: 'mcr.microsoft.com/azuredocs/containerapps-helloworld:latest'
           resources: {
-            // workaround as 'float' values are not supported in Bicep, yet the resource providers expects them. Related issue: https://github.com/Azure/bicep/issues/1386
-            cpu: json('0.25')
+            cpu: '0.25'
             memory: '0.5Gi'
           }
         }

diff --git a/avm/res/app/job/tests/e2e/max/dependencies.bicep b/avm/res/app/job/tests/e2e/max/dependencies.bicep
@@ -10,6 +10,9 @@ param managedIdentityName string
 @description('Required. The name of the workload profile to create.')
 param workloadProfileName string
 
+@description('Required. The name of the storage account to create.')
+param storageAccountName string
+
 resource managedEnvironment 'Microsoft.App/managedEnvironments@2023-05-01' = {
   name: managedEnvironmentName
   location: location
@@ -30,6 +33,36 @@ resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2022-
   location: location
 }
 
+resource storageAccount 'Microsoft.Storage/storageAccounts@2023-04-01' = {
+  name: storageAccountName
+  location: location
+  kind: 'StorageV2'
+  sku: {
+    name: 'Standard_LRS'
+  }
+  properties: {
+    allowSharedKeyAccess: true
+    allowBlobPublicAccess: false
+    minimumTlsVersion: 'TLS1_2'
+    networkAcls: {
+      bypass: 'AzureServices'
+      defaultAction: 'Deny'
+    }
+  }
+  tags: {
+    'hidden-title': 'This is visible in the resource name'
+    Env: 'test'
+  }
+
+  resource storageQueueService 'queueServices@2023-04-01' = {
+    name: 'default'
+
+    resource storageQueue 'queues@2023-04-01' = {
+      name: 'jobs-queue'
+    }
+  }
+}
+
 @description('The resource ID of the created Managed Identity.')
 output managedIdentityResourceId string = managedIdentity.id
 
@@ -38,3 +71,12 @@ output managedEnvironmentResourceId string = managedEnvironment.id
 
 @description('The principal ID of the created Managed Identity.')
 output managedIdentityPrincipalId string = managedIdentity.properties.principalId
+
+@description('The resource ID of the created storage account')
+output storageAccountResourceId string = storageAccount.id
+
+@description('The name of the storage account created.')
+output storageAccountName string = storageAccount.name
+
+@description('The name of the storage queue created.')
+output storageQueueName string = storageAccount::storageQueueService::storageQueue.name
diff --git a/avm/res/app/job/tests/e2e/max/main.test.bicep b/avm/res/app/job/tests/e2e/max/main.test.bicep
@@ -20,6 +20,9 @@ param serviceShort string = 'ajmax'
 @description('Optional. A token to inject into the name of each resource.')
 param namePrefix string = '#_namePrefix_#'
 
+// needed for the storage account itself and for using listKeys in the secrets, as the storage account is created in the nested deployment and the value needs to exist at the time of deployment
+var storageAccountName = uniqueString('dep-${namePrefix}-menv-${serviceShort}storage')
+
 // =========== //
 // Deployments //
 // =========== //
@@ -39,6 +42,7 @@ module nestedDependencies 'dependencies.bicep' = {
     managedEnvironmentName: 'dep-${namePrefix}-menv-${serviceShort}'
     managedIdentityName: 'dep-${namePrefix}-msi-${serviceShort}'
     workloadProfileName: serviceShort
+    storageAccountName: storageAccountName
   }
 }
 
@@ -70,27 +74,49 @@ module testDeployment '../../../main.bicep' = [
           nestedDependencies.outputs.managedIdentityResourceId
         ]
       }
-      secrets: {
-        secureList: [
-          {
-            name: 'customtest'
-            value: guid(deployment().name)
-          }
-        ]
-      }
-      triggerType: 'Manual'
-      manualTriggerConfig: {
-        replicaCompletionCount: 1
+      triggerType: 'Event'
+      eventTriggerConfig: {
         parallelism: 1
+        replicaCompletionCount: 1
+        scale: {
+          minExecutions: 1
+          maxExecutions: 1
+          pollingInterval: 55
+          rules: [
+            {
+              name: 'queue'
+              type: 'azure-queue'
+              metadata: {
+                queueName: nestedDependencies.outputs.storageQueueName
+                storageAccountResourceId: nestedDependencies.outputs.storageAccountResourceId
+              }
+              auth: [
+                {
+                  secretRef: 'connectionString'
+                  triggerParameter: 'connection'
+                }
+              ]
+            }
+          ]
+        }
       }
+      secrets: [
+        {
+          name: 'connection-string'
+          // needed for using listKeys in the secrets, as the storage account is created in the nested deployment and the value needs to exist at the time of deployment
+          value: listKeys(
+            '${resourceGroup.id}/providers/Microsoft.Storage/storageAccounts/${storageAccountName}',
+            '2023-04-01'
+          ).keys[0].value
+        }
+      ]
       containers: [
         {
           name: 'simple-hello-world-container'
           image: 'mcr.microsoft.com/azuredocs/containerapps-helloworld:latest'
           resources: {
-            // workaround as 'float' values are not supported in Bicep, yet the resource providers expects them. Related issue: https://github.com/Azure/bicep/issues/1386
-            cpu: json('0.25')
-            memory: '0.5Gi'
+            cpu: '1.25'
+            memory: '1.5Gi'
           }
           probes: [
             {
@@ -109,6 +135,48 @@ module testDeployment '../../../main.bicep' = [
               periodSeconds: 3
             }
           ]
+          env: [
+            {
+              name: 'AZURE_STORAGE_QUEUE_NAME'
+              value: nestedDependencies.outputs.storageQueueName
+            }
+            {
+              name: 'AZURE_STORAGE_CONNECTION_STRING'
+              secretRef: 'connection-string'
+            }
+          ]
+          volumeMounts: [
+            {
+              volumeName: '${namePrefix}${serviceShort}emptydir'
+              mountPath: '/mnt/data'
+            }
+          ]
+        }
+        {
+          name: 'second-simple-container'
+          image: 'mcr.microsoft.com/azuredocs/containerapps-helloworld:latest'
+          env: [
+            {
+              name: 'SOME_ENV_VAR'
+              value: 'some-value'
+            }
+          ]
+          args: [
+            'arg1'
+            'arg2'
+          ]
+          command: [
+            '/bin/bash'
+            '-c'
+            'echo hello'
+            'sleep 100000'
+          ]
+        }
+      ]
+      volumes: [
+        {
+          storageType: 'EmptyDir'
+          name: '${namePrefix}${serviceShort}emptydir'
         }
       ]
       roleAssignments: [

diff --git a/avm/res/app/job/tests/e2e/waf-aligned/main.test.bicep b/avm/res/app/job/tests/e2e/waf-aligned/main.test.bicep
@@ -60,18 +60,16 @@ module testDeployment '../../../main.bicep' = [
       environmentResourceId: nestedDependencies.outputs.managedEnvironmentResourceId
       workloadProfileName: serviceShort
       location: resourceLocation
-      triggerType: 'Manual'
-      manualTriggerConfig: {
-        replicaCompletionCount: 1
-        parallelism: 1
+      triggerType: 'Schedule'
+      scheduleTriggerConfig: {
+        cronExpression: '0 0 * * *'
       }
       containers: [
         {
           name: 'simple-hello-world-container'
           image: 'mcr.microsoft.com/azuredocs/containerapps-helloworld:latest'
           resources: {
-            // workaround as 'float' values are not supported in Bicep, yet the resource providers expects them. Related issue: https://github.com/Azure/bicep/issues/1386
-            cpu: json('0.25')
+            cpu: '0.25'
             memory: '0.5Gi'
           }
           probes: [

diff --git a/avm/res/app/job/version.json b/avm/res/app/job/version.json
@@ -1,7 +1,7 @@
 {
     "$schema": "https://aka.ms/bicep-registry-module-version-file-schema#",
-    "version": "0.1",
+    "version": "0.2",
     "pathFilters": [
         "./main.json"
     ]
-}
+}