nik/OMDSCloud
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merged PR 262: [Sprint13-1着手]Pipelineのbuild/pushを固定IPで行えるようにする

Browse Source 
## 概要
[Task2109: [Sprint13-1着手]Pipelineのbuild/pushを固定IPで行えるようにする](https://paruru.nds-tyo.co.jp:8443/tfs/ReciproCollection/fa4924a4-d079-4fab-9fb5-a9a11eb205f0/_workitems/edit/2109)

- 新たに作成したリソース
  - maintenance-rg
    - vm-odms-deploy-maintenance(Pipeline実行環境のVM)
    - vm-odms-deploy-maintenance_disk1_1cbaf8f9bfdf4548902316f7be8189ed(VMのディスク)
    - nsg-odms-deploy-maintenance(VMがあるサブネットに付与したNSG)
    - vm-odms-deploy-maintenance759(VMに付与されたNIC)
    - vm-odms-deploy-maintenance_key_0720(SSH接続するために割り当てられたアクセスキー)
- 変更したリソース
  - Key Vault
    - PipelineVMがあるサブネットからのアクセスを許可する
  - nsg-odms-private-dev(DBのあるサブネットのNSG)
    - PipelineVMからのアクセスを許可する
  - Pieplineの処理

## レビューポイント
- 特にレビューしてほしい箇所
- 軽微なものや自明なものは記載不要
- 修正範囲が大きい場合などに記載
- 全体的にや仕様を満たしているか等は本当に必要な時のみ記載

## UIの変更
- Before/Afterのスクショなど
- スクショ置き場

## 動作確認状況
- deployされていることを確認

## 補足
- 相談、参考資料などがあれば
This commit is contained in:
saito.k 2023-07-25 08:08:38 +00:00
parent 1f5bfdaf3e
commit 4f0e4f4a74
8 changed files with 3537 additions and 2211 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2911
configurations/azure/dev-application-rg.json
View File

File diff suppressed because it is too large Load Diff

116
configurations/azure/dev-database-rg.json
View File

@ -58,70 +58,6 @@
},
"type": "Microsoft.DBforMySQL/flexibleServers"
},
{
"apiVersion": "2022-09-30-preview",
"dependsOn": [
"[resourceId('Microsoft.DBforMySQL/flexibleServers', parameters('flexibleServers_mysql_odms_db_dev_name'))]"
],
"name": "[concat(parameters('flexibleServers_mysql_odms_db_dev_name'), '/daily-20230711t101200-6cc69487-0eb7-4530-8f35-d1ce130a7df7')]",
"type": "Microsoft.DBforMySQL/flexibleServers/backups"
},
{
"apiVersion": "2022-09-30-preview",
"dependsOn": [
"[resourceId('Microsoft.DBforMySQL/flexibleServers', parameters('flexibleServers_mysql_odms_db_dev_name'))]"
],
"name": "[concat(parameters('flexibleServers_mysql_odms_db_dev_name'), '/daily-20230712t101200-6cc69487-0eb7-4530-8f35-d1ce130a7df7')]",
"type": "Microsoft.DBforMySQL/flexibleServers/backups"
},
{
"apiVersion": "2022-09-30-preview",
"dependsOn": [
"[resourceId('Microsoft.DBforMySQL/flexibleServers', parameters('flexibleServers_mysql_odms_db_dev_name'))]"
],
"name": "[concat(parameters('flexibleServers_mysql_odms_db_dev_name'), '/daily-20230713t110741-6cc69487-0eb7-4530-8f35-d1ce130a7df7')]",
"type": "Microsoft.DBforMySQL/flexibleServers/backups"
},
{
"apiVersion": "2022-09-30-preview",
"dependsOn": [
"[resourceId('Microsoft.DBforMySQL/flexibleServers', parameters('flexibleServers_mysql_odms_db_dev_name'))]"
],
"name": "[concat(parameters('flexibleServers_mysql_odms_db_dev_name'), '/daily-20230713t181400-6cc69487-0eb7-4530-8f35-d1ce130a7df7')]",
"type": "Microsoft.DBforMySQL/flexibleServers/backups"
},
{
"apiVersion": "2022-09-30-preview",
"dependsOn": [
"[resourceId('Microsoft.DBforMySQL/flexibleServers', parameters('flexibleServers_mysql_odms_db_dev_name'))]"
],
"name": "[concat(parameters('flexibleServers_mysql_odms_db_dev_name'), '/daily-20230714t184451-6cc69487-0eb7-4530-8f35-d1ce130a7df7')]",
"type": "Microsoft.DBforMySQL/flexibleServers/backups"
},
{
"apiVersion": "2022-09-30-preview",
"dependsOn": [
"[resourceId('Microsoft.DBforMySQL/flexibleServers', parameters('flexibleServers_mysql_odms_db_dev_name'))]"
],
"name": "[concat(parameters('flexibleServers_mysql_odms_db_dev_name'), '/daily-20230714t201400-6cc69487-0eb7-4530-8f35-d1ce130a7df7')]",
"type": "Microsoft.DBforMySQL/flexibleServers/backups"
},
{
"apiVersion": "2022-09-30-preview",
"dependsOn": [
"[resourceId('Microsoft.DBforMySQL/flexibleServers', parameters('flexibleServers_mysql_odms_db_dev_name'))]"
],
"name": "[concat(parameters('flexibleServers_mysql_odms_db_dev_name'), '/daily-20230715t201400-6cc69487-0eb7-4530-8f35-d1ce130a7df7')]",
"type": "Microsoft.DBforMySQL/flexibleServers/backups"
},
{
"apiVersion": "2022-09-30-preview",
"dependsOn": [
"[resourceId('Microsoft.DBforMySQL/flexibleServers', parameters('flexibleServers_mysql_odms_db_dev_name'))]"
],
"name": "[concat(parameters('flexibleServers_mysql_odms_db_dev_name'), '/daily-20230716t201400-6cc69487-0eb7-4530-8f35-d1ce130a7df7')]",
"type": "Microsoft.DBforMySQL/flexibleServers/backups"
},
{
"apiVersion": "2022-09-30-preview",
"dependsOn": [
@ -130,6 +66,54 @@
"name": "[concat(parameters('flexibleServers_mysql_odms_db_dev_name'), '/daily-20230717t201400-6cc69487-0eb7-4530-8f35-d1ce130a7df7')]",
"type": "Microsoft.DBforMySQL/flexibleServers/backups"
},
{
"apiVersion": "2022-09-30-preview",
"dependsOn": [
"[resourceId('Microsoft.DBforMySQL/flexibleServers', parameters('flexibleServers_mysql_odms_db_dev_name'))]"
],
"name": "[concat(parameters('flexibleServers_mysql_odms_db_dev_name'), '/daily-20230718t201400-6cc69487-0eb7-4530-8f35-d1ce130a7df7')]",
"type": "Microsoft.DBforMySQL/flexibleServers/backups"
},
{
"apiVersion": "2022-09-30-preview",
"dependsOn": [
"[resourceId('Microsoft.DBforMySQL/flexibleServers', parameters('flexibleServers_mysql_odms_db_dev_name'))]"
],
"name": "[concat(parameters('flexibleServers_mysql_odms_db_dev_name'), '/daily-20230719t201400-6cc69487-0eb7-4530-8f35-d1ce130a7df7')]",
"type": "Microsoft.DBforMySQL/flexibleServers/backups"
},
{
"apiVersion": "2022-09-30-preview",
"dependsOn": [
"[resourceId('Microsoft.DBforMySQL/flexibleServers', parameters('flexibleServers_mysql_odms_db_dev_name'))]"
],
"name": "[concat(parameters('flexibleServers_mysql_odms_db_dev_name'), '/daily-20230720t162400-6cc69487-0eb7-4530-8f35-d1ce130a7df7')]",
"type": "Microsoft.DBforMySQL/flexibleServers/backups"
},
{
"apiVersion": "2022-09-30-preview",
"dependsOn": [
"[resourceId('Microsoft.DBforMySQL/flexibleServers', parameters('flexibleServers_mysql_odms_db_dev_name'))]"
],
"name": "[concat(parameters('flexibleServers_mysql_odms_db_dev_name'), '/daily-20230721t162400-6cc69487-0eb7-4530-8f35-d1ce130a7df7')]",
"type": "Microsoft.DBforMySQL/flexibleServers/backups"
},
{
"apiVersion": "2022-09-30-preview",
"dependsOn": [
"[resourceId('Microsoft.DBforMySQL/flexibleServers', parameters('flexibleServers_mysql_odms_db_dev_name'))]"
],
"name": "[concat(parameters('flexibleServers_mysql_odms_db_dev_name'), '/daily-20230722t162400-6cc69487-0eb7-4530-8f35-d1ce130a7df7')]",
"type": "Microsoft.DBforMySQL/flexibleServers/backups"
},
{
"apiVersion": "2022-09-30-preview",
"dependsOn": [
"[resourceId('Microsoft.DBforMySQL/flexibleServers', parameters('flexibleServers_mysql_odms_db_dev_name'))]"
],
"name": "[concat(parameters('flexibleServers_mysql_odms_db_dev_name'), '/daily-20230723t162400-6cc69487-0eb7-4530-8f35-d1ce130a7df7')]",
"type": "Microsoft.DBforMySQL/flexibleServers/backups"
},
{
"apiVersion": "2022-01-01",
"dependsOn": [
@ -5322,9 +5306,9 @@
],
"name": "[concat(parameters('flexibleServers_mysql_odms_db_dev_name'), '/slow_query_log_file')]",
"properties": {
"currentValue": "/app/serverlogs/slowlogs/mysql-slow-mysql-odms-db-dev-2023071709.log",
"currentValue": "/app/serverlogs/slowlogs/mysql-slow-mysql-odms-db-dev-2023072409.log",
"source": "user-override",
"value": "/app/serverlogs/slowlogs/mysql-slow-mysql-odms-db-dev-2023071709.log"
"value": "/app/serverlogs/slowlogs/mysql-slow-mysql-odms-db-dev-2023072409.log"
},
"type": "Microsoft.DBforMySQL/flexibleServers/configurations"
},

390
configurations/azure/dev-network-rg.json
View File

@ -11,9 +11,15 @@
"networkInterfaces_pep_odms_app_dev_nic_6b27b52b_0703_4bfa_b69a_66b82ec6ca3e_name": {
"type": "String"
},
"networkInterfaces_pep_odms_app_test_nic_e7e4687e_685e_4023_bbab_a16ccfe8822b_name": {
"type": "String"
},
"networkInterfaces_pep_odms_staapp_dev_nic_a67c70a7_750f_47d4_9844_b82b66095ef1_name": {
"type": "String"
},
"networkInterfaces_vnet_odms_network_test_nic_fc58cc80_a813_4513_b04f_e61cfaaf2132_name": {
"type": "String"
},
"networkSecurityGroups_nsg_odms_private_dev_name": {
"type": "String"
},
@ -35,15 +41,24 @@
"privateEndpoints_pep_odms_app_dev_name": {
"type": "String"
},
"privateEndpoints_pep_odms_app_test_name": {
"type": "String"
},
"privateEndpoints_pep_odms_staapp_dev_name": {
"type": "String"
},
"privateEndpoints_vnet_odms_network_test_name": {
"type": "String"
},
"publicIPAddresses_pip_odms_webapp_dev_name": {
"type": "String"
},
"sites_app_odms_dictation_dev_externalid": {
"type": "String"
},
"sites_app_odms_dictation_test_externalid": {
"type": "String"
},
"staticSites_staapp_odms_dictation_dev_externalid": {
"type": "String"
},
@ -1527,6 +1542,26 @@
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_private_dev_name'), 'AllowDeployMigrationInbound')]",
"name": "AllowDeployMigrationInbound",
"properties": {
"access": "Allow",
"description": "deploy時のマイグレーションを許可",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "3306",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 1004,
"protocol": "TCP",
"sourceAddressPrefix": "10.0.4.4/32",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
}
]
},
@ -1608,7 +1643,7 @@
"maxNumberOfRecordSets": 25000,
"maxNumberOfVirtualNetworkLinks": 1000,
"maxNumberOfVirtualNetworkLinksWithRegistration": 100,
"numberOfRecordSets": 3,
"numberOfRecordSets": 5,
"numberOfVirtualNetworkLinks": 0,
"numberOfVirtualNetworkLinksWithRegistration": 0,
"provisioningState": "Succeeded"
@ -1716,6 +1751,51 @@
},
"type": "Microsoft.Network/networkInterfaces"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_dev_name'), 'snet-odms-public-dev')]"
],
"kind": "Regular",
"location": "japaneast",
"name": "[parameters('networkInterfaces_pep_odms_app_test_nic_e7e4687e_685e_4023_bbab_a16ccfe8822b_name')]",
"properties": {
"disableTcpStateTracking": false,
"dnsSettings": {
"dnsServers": []
},
"enableAcceleratedNetworking": false,
"enableIPForwarding": false,
"ipConfigurations": [
{
"etag": "W/\"4ae02394-b8c4-4949-b8c9-afa8f9a4816c\"",
"id": "[concat(resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_pep_odms_app_test_nic_e7e4687e_685e_4023_bbab_a16ccfe8822b_name')), '/ipConfigurations/privateEndpointIpConfig.2c5fae85-4959-4d63-ae7b-569ad00b2fdc')]",
"name": "privateEndpointIpConfig.2c5fae85-4959-4d63-ae7b-569ad00b2fdc",
"properties": {
"primary": true,
"privateIPAddress": "10.1.1.9",
"privateIPAddressVersion": "IPv4",
"privateIPAllocationMethod": "Dynamic",
"privateLinkConnectionProperties": {
"fqdns": [
"app-odms-dictation-test.azurewebsites.net",
"app-odms-dictation-test.scm.azurewebsites.net"
],
"groupId": "sites",
"requiredMemberName": "sites"
},
"provisioningState": "Succeeded",
"subnet": {
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_dev_name'), 'snet-odms-public-dev')]"
}
},
"type": "Microsoft.Network/networkInterfaces/ipConfigurations"
}
],
"nicType": "Standard"
},
"type": "Microsoft.Network/networkInterfaces"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
@ -1781,6 +1861,48 @@
},
"type": "Microsoft.Network/networkInterfaces"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_dev_name'), 'snet-odms-public-dev')]"
],
"kind": "Regular",
"location": "japaneast",
"name": "[parameters('networkInterfaces_vnet_odms_network_test_nic_fc58cc80_a813_4513_b04f_e61cfaaf2132_name')]",
"properties": {
"disableTcpStateTracking": false,
"dnsSettings": {
"dnsServers": []
},
"enableAcceleratedNetworking": false,
"enableIPForwarding": false,
"ipConfigurations": [
{
"etag": "W/\"6d390108-7c0d-43db-a409-64ec2159619f\"",
"id": "[concat(resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_vnet_odms_network_test_nic_fc58cc80_a813_4513_b04f_e61cfaaf2132_name')), '/ipConfigurations/privateEndpointIpConfig.aeb84aa5-5ca0-4382-9eee-b17119776cde')]",
"name": "privateEndpointIpConfig.aeb84aa5-5ca0-4382-9eee-b17119776cde",
"properties": {
"primary": true,
"privateIPAddress": "10.1.1.8",
"privateIPAddressVersion": "IPv4",
"privateIPAllocationMethod": "Dynamic",
"privateLinkConnectionProperties": {
"fqdns": [],
"groupId": "sites",
"requiredMemberName": "sites"
},
"provisioningState": "Succeeded",
"subnet": {
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_dev_name'), 'snet-odms-public-dev')]"
}
},
"type": "Microsoft.Network/networkInterfaces/ipConfigurations"
}
],
"nicType": "Standard"
},
"type": "Microsoft.Network/networkInterfaces"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
@ -1804,6 +1926,29 @@
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_private_dev_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_private_dev_name'), '/AllowDeployMigrationInbound')]",
"properties": {
"access": "Allow",
"description": "deploy時のマイグレーションを許可",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "3306",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 1004,
"protocol": "TCP",
"sourceAddressPrefix": "10.0.4.4/32",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
@ -1930,6 +2075,44 @@
},
"type": "Microsoft.Network/privateDnsZones/A"
},
{
"apiVersion": "2018-09-01",
"dependsOn": [
"[resourceId('Microsoft.Network/privateDnsZones', parameters('privateDnsZones_privatelink_azurewebsites_net_name'))]"
],
"name": "[concat(parameters('privateDnsZones_privatelink_azurewebsites_net_name'), '/app-odms-dictation-test')]",
"properties": {
"aRecords": [
{
"ipv4Address": "10.1.1.9"
}
],
"metadata": {
"creator": "created by private endpoint pep-odms-app-test with resource guid 78a4dbd3-7b3f-436e-a7ae-3aba5cea7341"
},
"ttl": 10
},
"type": "Microsoft.Network/privateDnsZones/A"
},
{
"apiVersion": "2018-09-01",
"dependsOn": [
"[resourceId('Microsoft.Network/privateDnsZones', parameters('privateDnsZones_privatelink_azurewebsites_net_name'))]"
],
"name": "[concat(parameters('privateDnsZones_privatelink_azurewebsites_net_name'), '/app-odms-dictation-test.scm')]",
"properties": {
"aRecords": [
{
"ipv4Address": "10.1.1.9"
}
],
"metadata": {
"creator": "created by private endpoint pep-odms-app-test with resource guid 78a4dbd3-7b3f-436e-a7ae-3aba5cea7341"
},
"ttl": 10
},
"type": "Microsoft.Network/privateDnsZones/A"
},
{
"apiVersion": "2018-09-01",
"dependsOn": [
@ -2143,6 +2326,39 @@
},
"type": "Microsoft.Network/privateEndpoints"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_dev_name'), 'snet-odms-public-dev')]"
],
"location": "japaneast",
"name": "[parameters('privateEndpoints_pep_odms_app_test_name')]",
"properties": {
"customDnsConfigs": [],
"ipConfigurations": [],
"manualPrivateLinkServiceConnections": [],
"privateLinkServiceConnections": [
{
"id": "[concat(resourceId('Microsoft.Network/privateEndpoints', parameters('privateEndpoints_pep_odms_app_test_name')), concat('/privateLinkServiceConnections/', parameters('privateEndpoints_pep_odms_app_test_name'), '-81c1'))]",
"name": "[concat(parameters('privateEndpoints_pep_odms_app_test_name'), '-81c1')]",
"properties": {
"groupIds": [
"sites"
],
"privateLinkServiceConnectionState": {
"actionsRequired": "None",
"status": "Approved"
},
"privateLinkServiceId": "[parameters('sites_app_odms_dictation_test_externalid')]"
}
}
],
"subnet": {
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_dev_name'), 'snet-odms-public-dev')]"
}
},
"type": "Microsoft.Network/privateEndpoints"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
@ -2175,6 +2391,38 @@
},
"type": "Microsoft.Network/privateEndpoints"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_dev_name'), 'snet-odms-public-dev')]"
],
"location": "japaneast",
"name": "[parameters('privateEndpoints_vnet_odms_network_test_name')]",
"properties": {
"customDnsConfigs": [],
"ipConfigurations": [],
"manualPrivateLinkServiceConnections": [],
"privateLinkServiceConnections": [
{
"id": "[concat(resourceId('Microsoft.Network/privateEndpoints', parameters('privateEndpoints_vnet_odms_network_test_name')), concat('/privateLinkServiceConnections/', parameters('privateEndpoints_vnet_odms_network_test_name'), '-a1c6'))]",
"name": "[concat(parameters('privateEndpoints_vnet_odms_network_test_name'), '-a1c6')]",
"properties": {
"groupIds": [
"sites"
],
"privateLinkServiceConnectionState": {
"status": "Disconnected"
},
"privateLinkServiceId": "[parameters('sites_app_odms_dictation_test_externalid')]"
}
}
],
"subnet": {
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_dev_name'), 'snet-odms-public-dev')]"
}
},
"type": "Microsoft.Network/privateEndpoints"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
@ -10502,6 +10750,25 @@
},
"type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/privateEndpoints', parameters('privateEndpoints_pep_odms_app_test_name'))]",
"[resourceId('Microsoft.Network/privateDnsZones', parameters('privateDnsZones_privatelink_azurewebsites_net_name'))]"
],
"name": "[concat(parameters('privateEndpoints_pep_odms_app_test_name'), '/default')]",
"properties": {
"privateDnsZoneConfigs": [
{
"name": "privatelink-azurewebsites-net",
"properties": {
"privateDnsZoneId": "[resourceId('Microsoft.Network/privateDnsZones', parameters('privateDnsZones_privatelink_azurewebsites_net_name'))]"
}
}
]
},
"type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
@ -10521,6 +10788,25 @@
},
"type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/privateEndpoints', parameters('privateEndpoints_vnet_odms_network_test_name'))]",
"[resourceId('Microsoft.Network/privateDnsZones', parameters('privateDnsZones_privatelink_azurewebsites_net_name'))]"
],
"name": "[concat(parameters('privateEndpoints_vnet_odms_network_test_name'), '/default')]",
"properties": {
"privateDnsZoneConfigs": [
{
"name": "privatelink-azurewebsites-net",
"properties": {
"privateDnsZoneId": "[resourceId('Microsoft.Network/privateDnsZones', parameters('privateDnsZones_privatelink_azurewebsites_net_name'))]"
}
}
]
},
"type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
@ -10585,6 +10871,13 @@
"*"
],
"service": "Microsoft.KeyVault"
},
{
"locations": [
"japaneast",
"japanwest"
],
"service": "Microsoft.Storage"
}
]
},
@ -10687,6 +10980,17 @@
}
]
}
},
{
"id": "[concat(resourceId('Microsoft.Network/applicationGateways', parameters('applicationGateways_agw_odms_webapp_dev_name')), '/backendAddressPools/pool-odms-app-test')]",
"name": "pool-odms-app-test",
"properties": {
"backendAddresses": [
{
"fqdn": "app-odms-dictation-test.azurewebsites.net"
}
]
}
}
],
"backendHttpSettingsCollection": [
@ -10868,6 +11172,21 @@
"/dictation/api/*"
]
}
},
{
"id": "[concat(resourceId('Microsoft.Network/applicationGateways', parameters('applicationGateways_agw_odms_webapp_dev_name')), '/urlPathMaps/rule-odms-private-dev/pathRules/target-odms-app-test')]",
"name": "target-odms-app-test",
"properties": {
"backendAddressPool": {
"id": "[concat(resourceId('Microsoft.Network/applicationGateways', parameters('applicationGateways_agw_odms_webapp_dev_name')), '/backendAddressPools/pool-odms-app-test')]"
},
"backendHttpSettings": {
"id": "[concat(resourceId('Microsoft.Network/applicationGateways', parameters('applicationGateways_agw_odms_webapp_dev_name')), '/backendHttpSettingsCollection/setting-odms-https-dev')]"
},
"paths": [
"/test/api/*"
]
}
}
]
}
@ -10916,37 +11235,6 @@
},
"type": "Microsoft.Network/virtualNetworks/subnets"
},
{
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_dev_name'), 'snet-odms-integration-dev')]",
"name": "snet-odms-integration-dev",
"properties": {
"addressPrefix": "10.1.10.0/24",
"delegations": [
{
"id": "[concat(resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_dev_name'), 'snet-odms-integration-dev'), '/delegations/Microsoft.Web.serverFarms')]",
"name": "Microsoft.Web.serverFarms",
"properties": {
"serviceName": "Microsoft.Web/serverFarms"
},
"type": "Microsoft.Network/virtualNetworks/subnets/delegations"
}
],
"networkSecurityGroup": {
"id": "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_public_dev_name'))]"
},
"privateEndpointNetworkPolicies": "Disabled",
"privateLinkServiceNetworkPolicies": "Enabled",
"serviceEndpoints": [
{
"locations": [
"*"
],
"service": "Microsoft.KeyVault"
}
]
},
"type": "Microsoft.Network/virtualNetworks/subnets"
},
{
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_dev_name'), 'snet-odms-public-dev')]",
"name": "snet-odms-public-dev",
@ -11029,6 +11317,44 @@
]
},
"type": "Microsoft.Network/virtualNetworks/subnets"
},
{
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_dev_name'), 'snet-odms-integration-dev')]",
"name": "snet-odms-integration-dev",
"properties": {
"addressPrefix": "10.1.10.0/24",
"delegations": [
{
"id": "[concat(resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_dev_name'), 'snet-odms-integration-dev'), '/delegations/Microsoft.Web.serverFarms')]",
"name": "Microsoft.Web.serverFarms",
"properties": {
"serviceName": "Microsoft.Web/serverFarms"
},
"type": "Microsoft.Network/virtualNetworks/subnets/delegations"
}
],
"networkSecurityGroup": {
"id": "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_public_dev_name'))]"
},
"privateEndpointNetworkPolicies": "Disabled",
"privateLinkServiceNetworkPolicies": "Enabled",
"serviceEndpoints": [
{
"locations": [
"*"
],
"service": "Microsoft.KeyVault"
},
{
"locations": [
"japaneast",
"japanwest"
],
"service": "Microsoft.Storage"
}
]
},
"type": "Microsoft.Network/virtualNetworks/subnets"
}
],
"virtualNetworkPeerings": [

331
configurations/azure/maintenance-rg.json
View File

@ -8,7 +8,7 @@
"networkInterfaces_pep_odms_registry_maintenance_nic_name": {
"type": "String"
},
"networkInterfaces_vm_odms_deploy_maintenance459_name": {
"networkInterfaces_vm_odms_deploy_maintenance759_name": {
"type": "String"
},
"networkInterfaces_vm_odms_maintenance600_name": {
@ -23,24 +23,21 @@
"networkSecurityGroups_nsg_odms_bas_maintenance_name": {
"type": "String"
},
"networkSecurityGroups_nsg_odms_deploy_maintenance_name": {
"type": "String"
},
"networkSecurityGroups_nsg_odms_pipeline_maintenance_name": {
"type": "String"
},
"networkSecurityGroups_nsg_odms_vm_maintenance_name": {
"type": "String"
},
"networkSecurityGroups_vm_odms_deploy_maintenance_nsg_name": {
"type": "String"
},
"privateDnsZones_privatelink_azurecr_io_name": {
"type": "String"
},
"privateEndpoints_pep_odms_registry_maintenance_name": {
"type": "String"
},
"publicIPAddresses_vm_odms_deploy_maintenance_ip_name": {
"type": "String"
},
"publicIPAddresses_vm_odms_staging_maintenance_ip_name": {
"type": "String"
},
@ -56,10 +53,7 @@
"schedules_shutdown_computevm_vm_odms_staging_maintenance_name": {
"type": "String"
},
"sshPublicKeys_vm_odms_deploy_maintenance_key_0714_name": {
"type": "String"
},
"sshPublicKeys_vm_odms_deploy_maintenance_key_name": {
"sshPublicKeys_vm_odms_deploy_maintenance_key_0720_name": {
"type": "String"
},
"sshPublicKeys_vm_odms_pipeline_maintenance_key_name": {
@ -100,31 +94,17 @@
{
"apiVersion": "2023-03-01",
"location": "japaneast",
"name": "[parameters('sshPublicKeys_vm_odms_deploy_maintenance_key_name')]",
"name": "[parameters('sshPublicKeys_vm_odms_deploy_maintenance_key_0720_name')]",
"properties": {
"publicKey": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDMmdlqk+S0DVNpJ28JsnhNBzadekFk//I7ywvU5AnQwtZaLTiZcYTjlVJIQFFzYwBXUdIHsjLD9SIKWU3IPJ/bwKBzPYqCscsQ83YvTlFjx/xighl42kSspA6C4rY+soh7b4tDab22O81JwwdGHdAJJM0OV3oaWYcUIlUGRWG8dCqbb8fkJiVXv32rPmgOY9xuNkOlFhtfDwr+lMUDDJha+dihXJvZ1Yf8fETSxX6u4ubAkrkJrETozncBuqTnSirU5qsGU17i2I1Ug5Wq/mwpKdtuHznmOGLbtGwdCR31s8/CW3qwO5b7XSN+oDUpFNvTaSq833HYmHnypgvdFEphfEEhp5RZGOAkoYoEwkx0tFP894IpcPgRURQMl0bL9tVbjGbM5eHkwCyf7lyQLMQ1effPvpGWaNVkmoZ1NuRjmZeelKRRyzEoseGGrknTDLkR6eX4zRfTke248s21yj8KP6P3SbpOhn/21VX+eYj1woeTC1hrjQSQQ5SV7tG0Vwk= generated-by-azure"
"publicKey": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDQHikRMWS6PAEmjEAiYHgwnufRHsWDWxyIPYDr0RrHXzOdGT+7T3eCgZvuvggGZQkdssziqOLCa2BaA162091/o1JCta8fgfXwl4uFd/j5FNnXH9+f6I6ShwM3cKThd7FYUKZXD6OidudZyMYUNE49bv42GRG1vwNCPpoYF49dfyiWoFqYCd+Mtd5K6VPoA8d/n7o86eS2Ue33Z5HdyPP79ZJbrBquKrQBwCWFSyFkhC1rnaU+m2zMJ8M/+lf/W1cKsQJDMSfYzuu6CUdNHtJ6c+q8CNJJqbBX7QVc34AlR4vBc+dNMyGF+h6i6jU/eNToRrWZqEPfWvEaZQledmeITW5FAYaoCAlCW4r9u+iCKf3ifOMNDcaV+0Bxhni2mX8HrGzlzN3h7nxGzG0oGuvoTIxuAjq9+pY3tn3u2jcNUztEAL9x4Idg0uUom5dFxMN1K42KdttFKnhuWsKJMHe/o1tDPNrWnQ47Yr/jw9k4YTUkBfpHu8zBJS7uErhOyAk= generated-by-azure"
},
"tags": {
"Environment": "maintenance",
"Project": "OMDS",
"environment": "maintenance",
"ms-resource-usage": "pipeline-self-hosted-agent"
},
"type": "Microsoft.Compute/sshPublicKeys"
},
{
"apiVersion": "2023-03-01",
"location": "japaneast",
"name": "[parameters('sshPublicKeys_vm_odms_deploy_maintenance_key_0714_name')]",
"properties": {
"publicKey": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDSuF1GDi4CsxsG6Yi+SurQLU8LByiuQyPgAwaZKAzhKcuyvJ4lXdk4POJBKPTqNNQZSORoaj3VrcU2kChovtWISnk3AopWzBExNCnpIUBo6p3R5teMzy2u4iUfdi7wUFet7/I5RyRdTHZxpLE8NrkC8XisKhO7mejKu/n/SIYoq1EU2uTvatzuMwXnEhgcnm4rVQIfvAHEHie90EUBAUgjiVoy4VcR5e4c4//Y/957g6eVLJprg5bDwyhTgaZG8Y+ltT5bxVFE994ApTgHkw0/Tmu0p3CvLAc1VM82xcRKBj20nCPoUrE7rWeue8otPf7+fCGxs7KXwIZsv96Y/WQABPUneoCK7QR0eGX6ydJilKTwIT7tMZozXJ/VboSZW396ZtahhX827VEZdnw/4ey4giNurW6SYODwBy3tlNyigly/Xd/kJhdnTklu5aq8x2Ddvzdtasy0juOGWc0lpgr5KOU7v0M2I8S+H04kEBH22dRK3yrJEx95elBi8rH68JE= generated-by-azure"
},
"tags": {
"Environment": "maintenance",
"Project": "OMDS",
"ms-resource-usage": "deploy-pipeline"
},
"type": "Microsoft.Compute/sshPublicKeys"
},
{
"apiVersion": "2023-03-01",
"location": "japaneast",
@ -177,6 +157,10 @@
{
"action": "Allow",
"value": "4.194.0.0/16"
},
{
"action": "Allow",
"value": "175.177.42.28"
}
]
},
@ -561,6 +545,40 @@
},
"type": "Microsoft.Network/networkSecurityGroups"
},
{
"apiVersion": "2022-11-01",
"location": "japaneast",
"name": "[parameters('networkSecurityGroups_nsg_odms_deploy_maintenance_name')]",
"properties": {
"securityRules": [
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_deploy_maintenance_name'), 'DenyAllInbound')]",
"name": "DenyAllInbound",
"properties": {
"access": "Deny",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "*",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 4096,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
}
]
},
"tags": {
"Project": "OMDS",
"environment": "maintenance",
"ms-resource-usage": "pipeline-self-hosted-agent"
},
"type": "Microsoft.Network/networkSecurityGroups"
},
{
"apiVersion": "2022-11-01",
"location": "japaneast",
@ -862,59 +880,6 @@
},
"type": "Microsoft.Network/networkSecurityGroups"
},
{
"apiVersion": "2022-11-01",
"location": "japaneast",
"name": "[parameters('networkSecurityGroups_vm_odms_deploy_maintenance_nsg_name')]",
"properties": {
"securityRules": [
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_vm_odms_deploy_maintenance_nsg_name'), 'SSH')]",
"name": "SSH",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "22",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 300,
"protocol": "TCP",
"sourceAddressPrefix": "175.177.42.29",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_vm_odms_deploy_maintenance_nsg_name'), 'DenyAllInbound')]",
"name": "DenyAllInbound",
"properties": {
"access": "Deny",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "8080",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 4096,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
}
]
},
"tags": {
"Environment": "maintenance",
"Project": "OMDS",
"ms-resource-usage": "deploy-pipeline"
},
"type": "Microsoft.Network/networkSecurityGroups"
},
{
"apiVersion": "2018-09-01",
"location": "global",
@ -934,28 +899,6 @@
},
"type": "Microsoft.Network/privateDnsZones"
},
{
"apiVersion": "2022-11-01",
"location": "japaneast",
"name": "[parameters('publicIPAddresses_vm_odms_deploy_maintenance_ip_name')]",
"properties": {
"idleTimeoutInMinutes": 4,
"ipAddress": "52.253.102.178",
"ipTags": [],
"publicIPAddressVersion": "IPv4",
"publicIPAllocationMethod": "Static"
},
"sku": {
"name": "Standard",
"tier": "Regional"
},
"tags": {
"Environment": "maintenance",
"Project": "OMDS",
"ms-resource-usage": "deploy-pipeline"
},
"type": "Microsoft.Network/publicIPAddresses"
},
{
"apiVersion": "2022-11-01",
"location": "japaneast",
@ -1040,7 +983,7 @@
{
"apiVersion": "2023-03-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_vm_odms_deploy_maintenance459_name'))]"
"[resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_vm_odms_deploy_maintenance759_name'))]"
],
"location": "japaneast",
"name": "[parameters('virtualMachines_vm_odms_deploy_maintenance_name')]",
@ -1051,12 +994,12 @@
}
},
"hardwareProfile": {
"vmSize": "Standard_B1s"
"vmSize": "Standard_B2s"
},
"networkProfile": {
"networkInterfaces": [
{
"id": "[resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_vm_odms_deploy_maintenance459_name'))]",
"id": "[resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_vm_odms_deploy_maintenance759_name'))]",
"properties": {
"deleteOption": "Detach"
}
@ -1078,7 +1021,7 @@
"ssh": {
"publicKeys": [
{
"keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDSuF1GDi4CsxsG6Yi+SurQLU8LByiuQyPgAwaZKAzhKcuyvJ4lXdk4POJBKPTqNNQZSORoaj3VrcU2kChovtWISnk3AopWzBExNCnpIUBo6p3R5teMzy2u4iUfdi7wUFet7/I5RyRdTHZxpLE8NrkC8XisKhO7mejKu/n/SIYoq1EU2uTvatzuMwXnEhgcnm4rVQIfvAHEHie90EUBAUgjiVoy4VcR5e4c4//Y/957g6eVLJprg5bDwyhTgaZG8Y+ltT5bxVFE994ApTgHkw0/Tmu0p3CvLAc1VM82xcRKBj20nCPoUrE7rWeue8otPf7+fCGxs7KXwIZsv96Y/WQABPUneoCK7QR0eGX6ydJilKTwIT7tMZozXJ/VboSZW396ZtahhX827VEZdnw/4ey4giNurW6SYODwBy3tlNyigly/Xd/kJhdnTklu5aq8x2Ddvzdtasy0juOGWc0lpgr5KOU7v0M2I8S+H04kEBH22dRK3yrJEx95elBi8rH68JE= generated-by-azure",
"keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDQHikRMWS6PAEmjEAiYHgwnufRHsWDWxyIPYDr0RrHXzOdGT+7T3eCgZvuvggGZQkdssziqOLCa2BaA162091/o1JCta8fgfXwl4uFd/j5FNnXH9+f6I6ShwM3cKThd7FYUKZXD6OidudZyMYUNE49bv42GRG1vwNCPpoYF49dfyiWoFqYCd+Mtd5K6VPoA8d/n7o86eS2Ue33Z5HdyPP79ZJbrBquKrQBwCWFSyFkhC1rnaU+m2zMJ8M/+lf/W1cKsQJDMSfYzuu6CUdNHtJ6c+q8CNJJqbBX7QVc34AlR4vBc+dNMyGF+h6i6jU/eNToRrWZqEPfWvEaZQledmeITW5FAYaoCAlCW4r9u+iCKf3ifOMNDcaV+0Bxhni2mX8HrGzlzN3h7nxGzG0oGuvoTIxuAjq9+pY3tn3u2jcNUztEAL9x4Idg0uUom5dFxMN1K42KdttFKnhuWsKJMHe/o1tDPNrWnQ47Yr/jw9k4YTUkBfpHu8zBJS7uErhOyAk= generated-by-azure",
"path": "/home/azureuser/.ssh/authorized_keys"
}
]
@ -1098,9 +1041,9 @@
"dataDisks": [],
"diskControllerType": "SCSI",
"imageReference": {
"offer": "0001-com-ubuntu-confidential-vm-focal",
"offer": "0001-com-ubuntu-server-focal",
"publisher": "canonical",
"sku": "20_04-lts-cvm",
"sku": "20_04-lts-gen2",
"version": "latest"
},
"osDisk": {
@ -1109,18 +1052,18 @@
"deleteOption": "Delete",
"diskSizeGB": 30,
"managedDisk": {
"id": "[resourceId('Microsoft.Compute/disks', concat(parameters('virtualMachines_vm_odms_deploy_maintenance_name'), '_OsDisk_1_d2f654d3e1fa462bbb49d22a6cbddd07'))]",
"id": "[resourceId('Microsoft.Compute/disks', concat(parameters('virtualMachines_vm_odms_deploy_maintenance_name'), '_disk1_1cbaf8f9bfdf4548902316f7be8189ed'))]",
"storageAccountType": "Premium_LRS"
},
"name": "[concat(parameters('virtualMachines_vm_odms_deploy_maintenance_name'), '_OsDisk_1_d2f654d3e1fa462bbb49d22a6cbddd07')]",
"name": "[concat(parameters('virtualMachines_vm_odms_deploy_maintenance_name'), '_disk1_1cbaf8f9bfdf4548902316f7be8189ed')]",
"osType": "Linux"
}
}
},
"tags": {
"Environment": "maintenance",
"Project": "OMDS",
"ms-resource-usage": "deploy-pipeline"
"environment": "maintenance",
"ms-resource-usage": "pipeline-self-hosted-agent"
},
"type": "Microsoft.Compute/virtualMachines"
},
@ -1180,8 +1123,10 @@
"caching": "ReadWrite",
"createOption": "FromImage",
"deleteOption": "Delete",
"diskSizeGB": 127,
"managedDisk": {
"id": "[resourceId('Microsoft.Compute/disks', concat(parameters('virtualMachines_vm_odms_maintenance_name'), '_OsDisk_1_fb725b02a0b34e4c997367611eeb9f2f'))]"
"id": "[resourceId('Microsoft.Compute/disks', concat(parameters('virtualMachines_vm_odms_maintenance_name'), '_OsDisk_1_fb725b02a0b34e4c997367611eeb9f2f'))]",
"storageAccountType": "Premium_LRS"
},
"name": "[concat(parameters('virtualMachines_vm_odms_maintenance_name'), '_OsDisk_1_fb725b02a0b34e4c997367611eeb9f2f')]",
"osType": "Windows"
@ -1344,8 +1289,10 @@
"caching": "ReadWrite",
"createOption": "FromImage",
"deleteOption": "Delete",
"diskSizeGB": 127,
"managedDisk": {
"id": "[resourceId('Microsoft.Compute/disks', concat(parameters('virtualMachines_vm_odms_staging_maintenance_name'), '_OsDisk_1_903a7540b5a64475b512aedc10487661'))]"
"id": "[resourceId('Microsoft.Compute/disks', concat(parameters('virtualMachines_vm_odms_staging_maintenance_name'), '_OsDisk_1_903a7540b5a64475b512aedc10487661'))]",
"storageAccountType": "Premium_LRS"
},
"name": "[concat(parameters('virtualMachines_vm_odms_staging_maintenance_name'), '_OsDisk_1_903a7540b5a64475b512aedc10487661')]",
"osType": "Windows"
@ -1560,6 +1507,48 @@
},
"type": "Microsoft.Network/networkInterfaces"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-deploy-maintenance')]"
],
"kind": "Regular",
"location": "japaneast",
"name": "[parameters('networkInterfaces_vm_odms_deploy_maintenance759_name')]",
"properties": {
"disableTcpStateTracking": false,
"dnsSettings": {
"dnsServers": []
},
"enableAcceleratedNetworking": false,
"enableIPForwarding": false,
"ipConfigurations": [
{
"etag": "W/\"8b476f19-5be7-4912-b266-c571f58f54d8\"",
"id": "[concat(resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_vm_odms_deploy_maintenance759_name')), '/ipConfigurations/ipconfig1')]",
"name": "ipconfig1",
"properties": {
"primary": true,
"privateIPAddress": "10.0.4.4",
"privateIPAddressVersion": "IPv4",
"privateIPAllocationMethod": "Dynamic",
"provisioningState": "Succeeded",
"subnet": {
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-deploy-maintenance')]"
}
},
"type": "Microsoft.Network/networkInterfaces/ipConfigurations"
}
],
"nicType": "Standard"
},
"tags": {
"Project": "OMDS",
"environment": "maintenance",
"ms-resource-usage": "pipeline-self-hosted-agent"
},
"type": "Microsoft.Network/networkInterfaces"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
@ -1577,7 +1566,7 @@
"enableIPForwarding": false,
"ipConfigurations": [
{
"etag": "W/\"90c76ff4-8723-45d1-bee3-806018b05be2\"",
"etag": "W/\"c9ca18a9-39d8-41b0-8a66-c58e6548c7f7\"",
"id": "[concat(resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_vm_odms_maintenance600_name')), '/ipConfigurations/ipconfig1')]",
"name": "ipconfig1",
"properties": {
@ -1660,7 +1649,7 @@
"enableIPForwarding": false,
"ipConfigurations": [
{
"etag": "W/\"037fab00-a210-45da-a192-fa3feea233d9\"",
"etag": "W/\"b1ccd000-f216-4102-8493-ca82ec2ded02\"",
"id": "[concat(resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_vm_odms_staging_maintenance158_name')), '/ipConfigurations/ipconfig1')]",
"name": "ipconfig1",
"properties": {
@ -2250,9 +2239,9 @@
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_pipeline_maintenance_name'))]"
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_deploy_maintenance_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_pipeline_maintenance_name'), '/DenyAllInbound')]",
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_deploy_maintenance_name'), '/DenyAllInbound')]",
"properties": {
"access": "Deny",
"destinationAddressPrefix": "*",
@ -2272,14 +2261,14 @@
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_vm_odms_deploy_maintenance_nsg_name'))]"
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_pipeline_maintenance_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_vm_odms_deploy_maintenance_nsg_name'), '/DenyAllInbound')]",
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_pipeline_maintenance_name'), '/DenyAllInbound')]",
"properties": {
"access": "Deny",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "8080",
"destinationPortRange": "*",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 4096,
@ -2403,28 +2392,6 @@
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_vm_odms_deploy_maintenance_nsg_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_vm_odms_deploy_maintenance_nsg_name'), '/SSH')]",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "22",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 300,
"protocol": "TCP",
"sourceAddressPrefix": "175.177.42.29",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2018-09-01",
"dependsOn": [
@ -2823,14 +2790,14 @@
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/virtualNetworks', parameters('virtualNetworks_vnet_odms_network_maintenance_name'))]",
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_vm_odms_deploy_maintenance_nsg_name'))]"
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_deploy_maintenance_name'))]"
],
"name": "[concat(parameters('virtualNetworks_vnet_odms_network_maintenance_name'), '/snet-odms-deploy-maintenance')]",
"properties": {
"addressPrefix": "10.0.4.0/24",
"delegations": [],
"networkSecurityGroup": {
"id": "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_vm_odms_deploy_maintenance_nsg_name'))]"
"id": "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_deploy_maintenance_name'))]"
},
"privateEndpointNetworkPolicies": "Disabled",
"privateLinkServiceNetworkPolicies": "Enabled",
@ -2904,81 +2871,13 @@
},
"type": "Microsoft.Storage/storageAccounts/fileServices/shares"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/publicIPAddresses', parameters('publicIPAddresses_vm_odms_deploy_maintenance_ip_name'))]",
"[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-acr-maintenance')]",
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_vm_odms_deploy_maintenance_nsg_name'))]"
],
"kind": "Regular",
"location": "japaneast",
"name": "[parameters('networkInterfaces_vm_odms_deploy_maintenance459_name')]",
"properties": {
"disableTcpStateTracking": false,
"dnsSettings": {
"dnsServers": []
},
"enableAcceleratedNetworking": false,
"enableIPForwarding": false,
"ipConfigurations": [
{
"etag": "W/\"7ffa1731-cb2d-47bd-af27-b6e7072fcc68\"",
"id": "[concat(resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_vm_odms_deploy_maintenance459_name')), '/ipConfigurations/ipconfig1')]",
"name": "ipconfig1",
"properties": {
"primary": true,
"privateIPAddress": "10.0.0.6",
"privateIPAddressVersion": "IPv4",
"privateIPAllocationMethod": "Dynamic",
"provisioningState": "Succeeded",
"publicIPAddress": {
"id": "[resourceId('Microsoft.Network/publicIPAddresses', parameters('publicIPAddresses_vm_odms_deploy_maintenance_ip_name'))]",
"name": "vm-odms-deploy-maintenance-ip",
"properties": {
"deleteOption": "Detach",
"idleTimeoutInMinutes": 4,
"ipConfiguration": {
"id": "[concat(resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_vm_odms_deploy_maintenance459_name')), '/ipConfigurations/ipconfig1')]"
},
"ipTags": [],
"provisioningState": "Succeeded",
"publicIPAddressVersion": "IPv4",
"publicIPAllocationMethod": "Dynamic",
"resourceGuid": "06fbefdf-861a-4211-bfb5-8f9ee8da1325"
},
"sku": {
"name": "Basic",
"tier": "Regional"
},
"type": "Microsoft.Network/publicIPAddresses"
},
"subnet": {
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-acr-maintenance')]"
}
},
"type": "Microsoft.Network/networkInterfaces/ipConfigurations"
}
],
"networkSecurityGroup": {
"id": "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_vm_odms_deploy_maintenance_nsg_name'))]"
},
"nicType": "Standard"
},
"tags": {
"Environment": "maintenance",
"Project": "OMDS",
"ms-resource-usage": "deploy-pipeline"
},
"type": "Microsoft.Network/networkInterfaces"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]",
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_pipeline_maintenance_name'))]",
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]",
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_vm_odms_deploy_maintenance_nsg_name'))]"
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_deploy_maintenance_name'))]"
],
"location": "japaneast",
"name": "[parameters('virtualNetworks_vnet_odms_network_maintenance_name')]",
@ -3068,7 +2967,7 @@
"addressPrefix": "10.0.4.0/24",
"delegations": [],
"networkSecurityGroup": {
"id": "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_vm_odms_deploy_maintenance_nsg_name'))]"
"id": "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_deploy_maintenance_name'))]"
},
"privateEndpointNetworkPolicies": "Disabled",
"privateLinkServiceNetworkPolicies": "Enabled",

1840
configurations/azure/stg-application-rg.json
View File

File diff suppressed because it is too large Load Diff

116
configurations/azure/stg-database-rg.json
View File

@ -58,62 +58,6 @@
},
"type": "Microsoft.DBforMySQL/flexibleServers"
},
{
"apiVersion": "2022-09-30-preview",
"dependsOn": [
"[resourceId('Microsoft.DBforMySQL/flexibleServers', parameters('flexibleServers_mysql_odms_db_stg_name'))]"
],
"name": "[concat(parameters('flexibleServers_mysql_odms_db_stg_name'), '/daily-20230712t011300-c3fd140d-3620-488c-9516-d0c0fb44c636')]",
"type": "Microsoft.DBforMySQL/flexibleServers/backups"
},
{
"apiVersion": "2022-09-30-preview",
"dependsOn": [
"[resourceId('Microsoft.DBforMySQL/flexibleServers', parameters('flexibleServers_mysql_odms_db_stg_name'))]"
],
"name": "[concat(parameters('flexibleServers_mysql_odms_db_stg_name'), '/daily-20230713t011300-c3fd140d-3620-488c-9516-d0c0fb44c636')]",
"type": "Microsoft.DBforMySQL/flexibleServers/backups"
},
{
"apiVersion": "2022-09-30-preview",
"dependsOn": [
"[resourceId('Microsoft.DBforMySQL/flexibleServers', parameters('flexibleServers_mysql_odms_db_stg_name'))]"
],
"name": "[concat(parameters('flexibleServers_mysql_odms_db_stg_name'), '/daily-20230713t112100-c3fd140d-3620-488c-9516-d0c0fb44c636')]",
"type": "Microsoft.DBforMySQL/flexibleServers/backups"
},
{
"apiVersion": "2022-09-30-preview",
"dependsOn": [
"[resourceId('Microsoft.DBforMySQL/flexibleServers', parameters('flexibleServers_mysql_odms_db_stg_name'))]"
],
"name": "[concat(parameters('flexibleServers_mysql_odms_db_stg_name'), '/daily-20230714t114514-c3fd140d-3620-488c-9516-d0c0fb44c636')]",
"type": "Microsoft.DBforMySQL/flexibleServers/backups"
},
{
"apiVersion": "2022-09-30-preview",
"dependsOn": [
"[resourceId('Microsoft.DBforMySQL/flexibleServers', parameters('flexibleServers_mysql_odms_db_stg_name'))]"
],
"name": "[concat(parameters('flexibleServers_mysql_odms_db_stg_name'), '/daily-20230714t121600-c3fd140d-3620-488c-9516-d0c0fb44c636')]",
"type": "Microsoft.DBforMySQL/flexibleServers/backups"
},
{
"apiVersion": "2022-09-30-preview",
"dependsOn": [
"[resourceId('Microsoft.DBforMySQL/flexibleServers', parameters('flexibleServers_mysql_odms_db_stg_name'))]"
],
"name": "[concat(parameters('flexibleServers_mysql_odms_db_stg_name'), '/daily-20230715t121600-c3fd140d-3620-488c-9516-d0c0fb44c636')]",
"type": "Microsoft.DBforMySQL/flexibleServers/backups"
},
{
"apiVersion": "2022-09-30-preview",
"dependsOn": [
"[resourceId('Microsoft.DBforMySQL/flexibleServers', parameters('flexibleServers_mysql_odms_db_stg_name'))]"
],
"name": "[concat(parameters('flexibleServers_mysql_odms_db_stg_name'), '/daily-20230716t121600-c3fd140d-3620-488c-9516-d0c0fb44c636')]",
"type": "Microsoft.DBforMySQL/flexibleServers/backups"
},
{
"apiVersion": "2022-09-30-preview",
"dependsOn": [
@ -122,6 +66,62 @@
"name": "[concat(parameters('flexibleServers_mysql_odms_db_stg_name'), '/daily-20230717t121600-c3fd140d-3620-488c-9516-d0c0fb44c636')]",
"type": "Microsoft.DBforMySQL/flexibleServers/backups"
},
{
"apiVersion": "2022-09-30-preview",
"dependsOn": [
"[resourceId('Microsoft.DBforMySQL/flexibleServers', parameters('flexibleServers_mysql_odms_db_stg_name'))]"
],
"name": "[concat(parameters('flexibleServers_mysql_odms_db_stg_name'), '/daily-20230718t121600-c3fd140d-3620-488c-9516-d0c0fb44c636')]",
"type": "Microsoft.DBforMySQL/flexibleServers/backups"
},
{
"apiVersion": "2022-09-30-preview",
"dependsOn": [
"[resourceId('Microsoft.DBforMySQL/flexibleServers', parameters('flexibleServers_mysql_odms_db_stg_name'))]"
],
"name": "[concat(parameters('flexibleServers_mysql_odms_db_stg_name'), '/daily-20230719t121600-c3fd140d-3620-488c-9516-d0c0fb44c636')]",
"type": "Microsoft.DBforMySQL/flexibleServers/backups"
},
{
"apiVersion": "2022-09-30-preview",
"dependsOn": [
"[resourceId('Microsoft.DBforMySQL/flexibleServers', parameters('flexibleServers_mysql_odms_db_stg_name'))]"
],
"name": "[concat(parameters('flexibleServers_mysql_odms_db_stg_name'), '/daily-20230720t121600-c3fd140d-3620-488c-9516-d0c0fb44c636')]",
"type": "Microsoft.DBforMySQL/flexibleServers/backups"
},
{
"apiVersion": "2022-09-30-preview",
"dependsOn": [
"[resourceId('Microsoft.DBforMySQL/flexibleServers', parameters('flexibleServers_mysql_odms_db_stg_name'))]"
],
"name": "[concat(parameters('flexibleServers_mysql_odms_db_stg_name'), '/daily-20230721t053700-c3fd140d-3620-488c-9516-d0c0fb44c636')]",
"type": "Microsoft.DBforMySQL/flexibleServers/backups"
},
{
"apiVersion": "2022-09-30-preview",
"dependsOn": [
"[resourceId('Microsoft.DBforMySQL/flexibleServers', parameters('flexibleServers_mysql_odms_db_stg_name'))]"
],
"name": "[concat(parameters('flexibleServers_mysql_odms_db_stg_name'), '/daily-20230722t053700-c3fd140d-3620-488c-9516-d0c0fb44c636')]",
"type": "Microsoft.DBforMySQL/flexibleServers/backups"
},
{
"apiVersion": "2022-09-30-preview",
"dependsOn": [
"[resourceId('Microsoft.DBforMySQL/flexibleServers', parameters('flexibleServers_mysql_odms_db_stg_name'))]"
],
"name": "[concat(parameters('flexibleServers_mysql_odms_db_stg_name'), '/daily-20230723t053700-c3fd140d-3620-488c-9516-d0c0fb44c636')]",
"type": "Microsoft.DBforMySQL/flexibleServers/backups"
},
{
"apiVersion": "2022-09-30-preview",
"dependsOn": [
"[resourceId('Microsoft.DBforMySQL/flexibleServers', parameters('flexibleServers_mysql_odms_db_stg_name'))]"
],
"name": "[concat(parameters('flexibleServers_mysql_odms_db_stg_name'), '/daily-20230724t053700-c3fd140d-3620-488c-9516-d0c0fb44c636')]",
"type": "Microsoft.DBforMySQL/flexibleServers/backups"
},
{
"apiVersion": "2022-01-01",
"dependsOn": [
@ -5314,9 +5314,9 @@
],
"name": "[concat(parameters('flexibleServers_mysql_odms_db_stg_name'), '/slow_query_log_file')]",
"properties": {
"currentValue": "/app/serverlogs/slowlogs/mysql-slow-mysql-odms-db-stg-2023071801.log",
"currentValue": "/app/serverlogs/slowlogs/mysql-slow-mysql-odms-db-stg-2023072401.log",
"source": "user-override",
"value": "/app/serverlogs/slowlogs/mysql-slow-mysql-odms-db-stg-2023071801.log"
"value": "/app/serverlogs/slowlogs/mysql-slow-mysql-odms-db-stg-2023072401.log"
},
"type": "Microsoft.DBforMySQL/flexibleServers/configurations"
},

4
configurations/azure/stg-network-rg.json
View File

@ -813,7 +813,7 @@
"direction": "Inbound",
"priority": 903,
"protocol": "TCP",
"sourceAddressPrefix": "202.213.234.1",
"sourceAddressPrefix": "211.125.140.64",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
@ -1331,7 +1331,7 @@
"direction": "Inbound",
"priority": 903,
"protocol": "TCP",
"sourceAddressPrefix": "202.213.234.1",
"sourceAddressPrefix": "211.125.140.64",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []

40
configurations/pipeline/ODMS Deploy.yml
View File

@ -1,4 +1,4 @@
# Variable 'static_dictation_deployment_token' was defined in the Variables tab
# Variable 'static_dictation_deployment_token' was defined in the Variables tab
trigger:
branches:
include:
@ -7,7 +7,7 @@ jobs:
- job: Job_1
displayName: Dictation App Service Deploy
pool:
vmImage: ubuntu-latest
name: odms-deploy-pipeline
steps:
- checkout: self
clean: true
@ -20,16 +20,17 @@ jobs:
verbose: false
- task: AzureKeyVault@2
displayName: 'Azure Key Vault: kv-odms-secret-dev'
enabled: False
inputs:
ConnectedServiceName: 82047c72-0cfe-43b0-bb2f-cdfd8b165e68
KeyVaultName: kv-odms-secret-dev
SecretsFilter: token-public-key
- task: Bash@3
displayName: Bash Script (Test)
inputs:
targetType: inline
filePath: cd dictation_server && JWT_PUBLIC_KEY="$JWT_PUBLIC_KEY" && npm run test
script: cd dictation_server && npm run test
script: >
cd dictation_server && JWT_PUBLIC_KEY="$JWT_PUBLIC_KEY" && npm run test
- task: Docker@0
displayName: build
inputs:
@ -79,21 +80,11 @@ jobs:
- Job_1
- Job_2
pool:
name: db-migrate-pipelines
name: odms-deploy-pipeline
steps:
- checkout: self
clean: true
fetchDepth: 1
- task: GoTool@0
displayName: Use Go 1.18
inputs:
version: 1.18
- task: Go@0
displayName: go install
inputs:
command: custom
customCommand: install
arguments: github.com/rubenv/sql-migrate/sql-migrate@latest
- task: AzureKeyVault@2
displayName: 'Azure Key Vault: kv-odms-secret-dev'
inputs:
@ -109,8 +100,23 @@ jobs:
sed -i -e "s/DB_USERNAME/$(db-user)/g" ./dictation_server/db/dbconfig.yml
sed -i -e "s/DB_PORT/$(db-port)/g" ./dictation_server/db/dbconfig.yml
sed -i -e "s/DB_HOST/$(db-host)/g" ./dictation_server/db/dbconfig.yml
/home/azureuser/go/bin/sql-migrate --version
sql-migrate --version
cat ./dictation_server/db/dbconfig.yml
# migration実行
/home/azureuser/go/bin/sql-migrate up -config=dictation_server/db/dbconfig.yml -env=ci
sql-migrate up -config=./dictation_server/db/dbconfig.yml -env=ci
- job: Job_4
displayName: Docker Image Clean Up
dependsOn: Job_1
pool:
name: odms-deploy-pipeline
steps:
- checkout: self
clean: true
fetchDepth: 1
- task: Docker@0
displayName: Clean up
inputs:
action: Run a Docker command
imageName: $(Build.Repository.Name)/dictation:latest
customCommand: 'image prune -af '
...