Cruft Update (force)

.cruft.json

@@ -1,6 +1,6 @@
 {
   "template": "https://github.com/Azure-Samples/Azure-Python-Standardization-Template-Generator",
-  "commit": "c75367846861bc3563aefae0831a06d715b75286",
+  "commit": "3300bfb387c4ce2cbd9ae2c48e77fc069f3d977e",
   "checkout": null,
   "context": {
     "cookiecutter": {
@@ -11,7 +11,7 @@
       "project_host": "aca",
       "web_port": "8000",
       "__repo_name": "Relecloud-django-postgres-flexible-aca",
-      "__src_folder_name": "relecloud_django_postgres_flexible_aca",
+      "__src_folder_name": "azure-django-postgres-flexible-aca",
       "__project_short_description": "Create a relecloud demo application with django and postgres-flexible",
       "_copy_without_render": [
         ".github/workflows/azure-dev.yml",
@@ -30,4 +30,4 @@
     }
   },
   "directory": null
-}
+}

infra/core/database/cosmos/cosmos-account.bicep

@@ -3,6 +3,7 @@ param name string
 param location string = resourceGroup().location
 param tags object = {}
 
+@secure()
 param connectionStringKey string = 'AZURE-COSMOS-CONNECTION-STRING'
 param keyVaultName string
 

infra/core/network/azure-front-door-cdn-profile.bicep

@@ -0,0 +1,101 @@
+metadata description = 'Creates an Azure Frontdoor CDN profile in front of a storage domain.'
+
+param name string
+param origin string
+param tags object = {}
+param allowHttp bool = false
+param httpsRedirect bool = true
+param defaultRouteName string = 'default-route'
+param defaultOriginGroupName string = 'default-origin-group'
+param defaultOriginName string = 'default-origin'
+
+@allowed(['Enabled', 'Disabled'])
+param sessionAffinityState string = 'Disabled'
+
+var supportedProtocols = allowHttp ? [
+  'Http'
+  'Https'
+] : [
+  'Https'
+]
+
+@allowed(['Standard_AzureFrontDoor', 'Premium_AzureFrontDoor'])
+param sku string = 'Standard_AzureFrontDoor'
+
+param originResponseTimeoutSeconds int = 60
+
+resource cdnProfile 'Microsoft.Cdn/profiles@2023-07-01-preview' = {
+  name: name
+  location: 'Global'
+  tags: tags
+  sku: {
+    name: sku
+  }
+  properties: {
+    originResponseTimeoutSeconds: originResponseTimeoutSeconds
+  }
+}
+
+resource originGroups 'Microsoft.Cdn/profiles/origingroups@2022-11-01-preview' = {
+  name: defaultOriginGroupName
+  parent: cdnProfile
+  properties: {
+    loadBalancingSettings: {
+      sampleSize: 4
+      successfulSamplesRequired: 3
+      additionalLatencyInMilliseconds: 50
+    }
+    healthProbeSettings: {
+      probePath: '/'
+      probeRequestType: 'HEAD'
+      probeProtocol: allowHttp ? 'Http' : 'Https'
+      probeIntervalInSeconds: 100
+    }
+    sessionAffinityState: sessionAffinityState
+  }
+
+  resource origins 'origins@2022-11-01-preview' = {
+    name: defaultOriginName
+    properties: {
+      hostName: origin
+      httpPort: 80
+      httpsPort: 443
+      originHostHeader: origin
+      priority: 1
+      weight: 1000
+      enabledState: 'Enabled'
+      enforceCertificateNameCheck: true
+    }
+  }
+}
+
+resource afdEndpoints 'Microsoft.Cdn/profiles/afdEndpoints@2023-05-01' = {
+  parent: cdnProfile
+  name: name
+  location: 'Global'
+  properties: {
+    enabledState: 'Enabled'
+  }
+
+  resource routes 'routes@2022-11-01-preview' = {
+    name: defaultRouteName
+    properties: {
+      customDomains: []
+      originGroup: {
+        id: originGroups.id
+      }
+      ruleSets: []
+      supportedProtocols: supportedProtocols
+      patternsToMatch: [
+        '/*'
+      ]
+      forwardingProtocol: 'MatchRequest'
+      linkToDefaultDomain: 'Enabled'
+      httpsRedirect: httpsRedirect ? 'Enabled' : 'Disabled'
+      enabledState: 'Enabled'
+    }
+  }
+}
+
+output cdnProfileId string = cdnProfile.id
+output endpointHostname string = afdEndpoints.properties.hostName

infra/main.bicep

@@ -88,7 +88,7 @@ module web 'web.bicep' = {
   name: 'web'
   scope: resourceGroup
   params: {
-    name: replace('${take(prefix, 19)}-ca', '--', '-')
+    name: replace('${take(prefix,19)}-ca', '--', '-')
     location: location
     tags: tags
     applicationInsightsName: monitoring.outputs.applicationInsightsName
@@ -116,15 +116,17 @@ var secrets = [
 ]
 
 @batchSize(1)
-module keyVaultSecrets './core/security/keyvault-secret.bicep' = [for secret in secrets: {
-  name: 'keyvault-secret-${secret.name}'
-  scope: resourceGroup
-  params: {
-    keyVaultName: keyVault.outputs.name
-    name: secret.name
-    secretValue: secret.value
+module keyVaultSecrets './core/security/keyvault-secret.bicep' = [
+  for secret in secrets: {
+    name: 'keyvault-secret-${secret.name}'
+    scope: resourceGroup
+    params: {
+      keyVaultName: keyVault.outputs.name
+      name: secret.name
+      secretValue: secret.value
+    }
   }
-}]
+]
 
 output AZURE_LOCATION string = location
 output AZURE_CONTAINER_ENVIRONMENT_NAME string = containerApps.outputs.environmentName
@@ -138,4 +140,4 @@ output AZURE_KEY_VAULT_ENDPOINT string = keyVault.outputs.endpoint
 output AZURE_KEY_VAULT_NAME string = keyVault.outputs.name
 output APPLICATIONINSIGHTS_NAME string = monitoring.outputs.applicationInsightsName
 
-output BACKEND_URI string = web.outputs.uri
+output BACKEND_URI string = web.outputs.uri