266 update bicep settings (#320)

* chore: Update bicep template with additional ENV variables * version bump
final-hill · Aug 11, 2024 · 9545cdd · 9545cdd
1 parent 6fbd4e8
commit 9545cdd
Show file tree

Hide file tree

Showing 5 changed files with 114 additions and 24 deletions.
diff --git a/.github/workflows/azure-deploy.yml b/.github/workflows/azure-deploy.yml
@@ -33,16 +33,24 @@ jobs:
           resourceGroupName: ${{ secrets.AZURE_RG }}
           template: ./azure/bicep/main.bicep
           parameters: >
-            ghClientId=${{ secrets.GH_CLIENT_ID }}
-            ghClientSecret=${{ secrets.GH_CLIENT_SECRET }}
-            postgresDb=${{ secrets.POSTGRES_DB }}
-            postgresHost=${{ secrets.POSTGRES_HOST }}
-            postgresPassword=${{ secrets.POSTGRES_PASSWORD }}
-            postgresPort=${{ secrets.POSTGRES_PORT }}
-            postgresUser=${{ secrets.POSTGRES_USER }}
-            slackAdminMemberId=${{ secrets.SLACK_ADMIN_MEMBER_ID }}
-            slackBotToken=${{ secrets.SLACK_BOT_TOKEN }}
-            slackSigningSecret=${{ secrets.SLACK_SIGNING_SECRET }}
+            ghClientId="${{ secrets.GH_CLIENT_ID }}"
+            ghClientSecret="${{ secrets.GH_CLIENT_SECRET }}"
+            postgresDb="${{ secrets.POSTGRES_DB }}"
+            postgresHost="${{ secrets.POSTGRES_HOST }}"
+            postgresPassword="${{ secrets.POSTGRES_PASSWORD }}"
+            postgresPort="${{ secrets.POSTGRES_PORT }}"
+            postgresUser="${{ secrets.POSTGRES_USER }}"
+            slackAdminMemberId="${{ secrets.SLACK_ADMIN_MEMBER_ID }}"
+            slackBotToken="${{ secrets.SLACK_BOT_TOKEN }}"
+            slackSigningSecret="${{ secrets.SLACK_SIGNING_SECRET }}"
+            nuxtOrigin="${{ secrets.NUXT_ORIGIN }}"
+            nuxtSessionPassword="${{ secrets.NUXT_SESSION_PASSWORD }}"
+            nuxtAuthClientId="${{ secrets.NUXT_AUTH_CLIENT_ID }}"
+            nuxtAuthClientSecret="${{ secrets.NUXT_AUTH_CLIENT_SECRET }}"
+            nuxtAuthTenantName="${{ secrets.NUXT_AUTH_TENANT_NAME }}"
+            nuxtAuthTenantId="${{ secrets.NUXT_AUTH_TENANT_ID }}"
+            nuxtAuthAuthorityDomain="${{ secrets.NUXT_AUTH_AUTHORITY_DOMAIN }}"
+            nuxtAuthPrimaryUserFlow="${{ secrets.NUXT_AUTH_PRIMARY_USER_FLOW }}"
           scope: 'resourcegroup'
           deploymentMode: 'Incremental'
           failOnStdErr: false
@@ -124,16 +132,24 @@ jobs:
           template: ./azure/bicep/main.bicep
           deploymentMode: 'Incremental'
           parameters: >
-            ghClientId=${{ secrets.GH_CLIENT_ID }}
-            ghClientSecret=${{ secrets.GH_CLIENT_SECRET }}
-            postgresDb=${{ secrets.POSTGRES_DB }}
-            postgresHost=${{ secrets.POSTGRES_HOST }}
-            postgresPassword=${{ secrets.POSTGRES_PASSWORD }}
-            postgresPort=${{ secrets.POSTGRES_PORT }}
-            postgresUser=${{ secrets.POSTGRES_USER }}
-            slackAdminMemberId=${{ secrets.SLACK_ADMIN_MEMBER_ID }}
-            slackBotToken=${{ secrets.SLACK_BOT_TOKEN }}
-            slackSigningSecret=${{ secrets.SLACK_SIGNING_SECRET }}
+            ghClientId="${{ secrets.GH_CLIENT_ID }}"
+            ghClientSecret="${{ secrets.GH_CLIENT_SECRET }}"
+            postgresDb="${{ secrets.POSTGRES_DB }}"
+            postgresHost="${{ secrets.POSTGRES_HOST }}"
+            postgresPassword="${{ secrets.POSTGRES_PASSWORD }}"
+            postgresPort="${{ secrets.POSTGRES_PORT }}"
+            postgresUser="${{ secrets.POSTGRES_USER }}"
+            slackAdminMemberId="${{ secrets.SLACK_ADMIN_MEMBER_ID }}"
+            slackBotToken="${{ secrets.SLACK_BOT_TOKEN }}"
+            slackSigningSecret="${{ secrets.SLACK_SIGNING_SECRET }}"
+            nuxtOrigin="${{ secrets.NUXT_ORIGIN }}"
+            nuxtSessionPassword="${{ secrets.NUXT_SESSION_PASSWORD }}"
+            nuxtAuthClientId="${{ secrets.NUXT_AUTH_CLIENT_ID }}"
+            nuxtAuthClientSecret="${{ secrets.NUXT_AUTH_CLIENT_SECRET }}"
+            nuxtAuthTenantName="${{ secrets.NUXT_AUTH_TENANT_NAME }}"
+            nuxtAuthTenantId="${{ secrets.NUXT_AUTH_TENANT_ID }}"
+            nuxtAuthAuthorityDomain="${{ secrets.NUXT_AUTH_AUTHORITY_DOMAIN }}"
+            nuxtAuthPrimaryUserFlow="${{ secrets.NUXT_AUTH_PRIMARY_USER_FLOW }}"
           scope: 'resourcegroup'
           failOnStdErr: false
       - name: logout

diff --git a/azure/bicep/main.bicep b/azure/bicep/main.bicep
@@ -27,6 +27,22 @@ param slackAdminMemberId string
 param slackBotToken string
 @secure()
 param slackSigningSecret string
+@secure()
+param nuxtOrigin string
+@secure()
+param nuxtSessionPassword string
+@secure()
+param nuxtAuthClientId string
+@secure()
+param nuxtAuthClientSecret string
+@secure()
+param nuxtAuthTenantName string
+@secure()
+param nuxtAuthTenantId string
+@secure()
+param nuxtAuthAuthorityDomain string
+@secure()
+param nuxtAuthPrimaryUserFlow string
 
 module appInsights './modules/appInsights.bicep' = {
   name: 'appInsights'
@@ -66,5 +82,14 @@ module appService './modules/appService.bicep' = {
     slackAdminMemberId: slackAdminMemberId
     slackBotToken: slackBotToken
     slackSigningSecret: slackSigningSecret
+    nodeEnv: 'production'
+    nuxtAuthAuthorityDomain: nuxtAuthAuthorityDomain
+    nuxtAuthClientId: nuxtAuthClientId
+    nuxtAuthClientSecret: nuxtAuthClientSecret
+    nuxtAuthPrimaryUserFlow: nuxtAuthPrimaryUserFlow
+    nuxtAuthTenantId: nuxtAuthTenantId
+    nuxtAuthTenantName: nuxtAuthTenantName
+    nuxtOrigin: nuxtOrigin
+    nuxtSessionPassword: nuxtSessionPassword
   }
 }
diff --git a/azure/bicep/modules/appService.bicep b/azure/bicep/modules/appService.bicep
@@ -1,6 +1,7 @@
 param name string
 param location string
 param appInsightsInstrumentationKey string
+param nodeEnv string
 @secure()
 param appInsightsConnectionString string
 @secure()
@@ -23,6 +24,22 @@ param slackAdminMemberId string
 param slackBotToken string
 @secure()
 param slackSigningSecret string
+@secure()
+param nuxtOrigin string
+@secure()
+param nuxtSessionPassword string
+@secure()
+param nuxtAuthClientId string
+@secure()
+param nuxtAuthClientSecret string
+@secure()
+param nuxtAuthTenantName string
+@secure()
+param nuxtAuthTenantId string
+@secure()
+param nuxtAuthAuthorityDomain string
+@secure()
+param nuxtAuthPrimaryUserFlow string
 
 resource appServicePlan 'Microsoft.Web/serverfarms@2023-12-01' = {
   name: toLower('plan-${name}')
@@ -128,7 +145,39 @@ resource appService 'Microsoft.Web/sites@2023-12-01' = {
         }
         {
           name: 'NODE_ENV'
-          value: 'production'
+          value: nodeEnv
+        }
+        {
+          name: 'NUXT_ORIGIN'
+          value: nuxtOrigin
+        }
+        {
+          name: 'NUXT_SESSION_PASSWORD'
+          value: nuxtSessionPassword
+        }
+        {
+          name: 'NUXT_AUTH_CLIENT_ID'
+          value: nuxtAuthClientId
+        }
+        {
+          name: 'NUXT_AUTH_CLIENT_SECRET'
+          value: nuxtAuthClientSecret
+        }
+        {
+          name: 'NUXT_AUTH_TENANT_NAME'
+          value: nuxtAuthTenantName
+        }
+        {
+          name: 'NUXT_AUTH_TENANT_ID'
+          value: nuxtAuthTenantId
+        }
+        {
+          name: 'NUXT_AUTH_AUTHORITY_DOMAIN'
+          value: nuxtAuthAuthorityDomain
+        }
+        {
+          name: 'NUXT_AUTH_PRIMARY_USER_FLOW'
+          value: nuxtAuthPrimaryUserFlow
         }
       ]
     }

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
     "name": "@final-hill/cathedral",
-    "version": "0.12.1",
+    "version": "0.12.2",
     "description": "Requirements management system",
     "keywords": [],
     "private": true,