💪 [Enhancement]: Update of the deployment

[MichaelMorozovCodit]

Category

Deployment

Description

After testing out a clean install of 6.0.0 beta as if I were a customer, not knowing anything about Invictus I ran into some issues on different fronts. Furthermore, I'd also like suggest some improvements.

Additional context

Pipeline files

1. Change parameters section in framework.release.yaml to:

parameters:
  - name: Version
    displayName: Invictus Version
    type: string
    default: 'latest'
  - name: useBeta
    displayName: Use Beta
    type: string
    default: $False

in accordance with framework.build.yaml.

2. Organize parameters in framework.release.yaml into new lines:

ScriptArguments: > 
  -version ${{parameters.Version}} 
  -location 'West Europe'
  -useBeta ${{parameters.UseBeta}} 
  -acrPath 'invictusreleases.azurecr.io'
  -acrUsername '$(Infra.Environment.ACRUsername)'
  -acrPassword '$(Infra.Environment.ACRPassword)'
  -resourcePrefix '$(Infra.Environment.ResourcePrefix)'
  -artifactsPath '$(Pipeline.Workspace)/_build/framework'
  -resourceGroupName '$(Infra.Environment.ResourceGroup)' 
  -variableGroupName 'invictus.$(Infra.Environment.ShortName)'
  -devOpsObjectId '$(Infra.DevOps.Object.Id)'
  -identityProviderApplicationId '$(Infra.AzAD.Client.IdentityProviderApplicationId)'
  -identityProviderClientSecret '$(Infra.AzAD.Client.IdentityProviderClientSecret)'
  -containerAppsEnvironmentLocation '$(Infra.Environment.ContainerAppsEnvironmentLocation)'

in accordance with framework.build.yaml.

3. Remove the last parameter containerAppsEnvironmentLocation, from framework.release.yaml since it's not used.

Deploy.ps1

1. $acrName parameter: Replace line 178-201 with:

if ([string]::IsNullOrEmpty($acrName)) {
    $acrName = $resourcePrefix.Replace("-", "") + "acr"
}
$ACRPathLocal = $acrName + ".azurecr.io"

2. There's a couple of unused variables in the scripts. I suggest using them, for example by making sections and outputting them like this:

$BicepOutputsAcr = az deployment group create `
    --resource-group $resourceGroupName `
    --name $deploymentNameAcr `
    --template-file $templateFilePathAcr `
    --parameters @$parametersAcrFilePath `
    --output json
Write-Host "##[section]Acr Deployment Output:"
$BicepOutputsAcr | ConvertFrom-Json | ConvertTo-Json -Depth 10 | Write-Host

This can be implemented on lines:

• 99-105
• 266-271
• 280-285
• 360-365
• 372-377

3. Add debug flag to see Write-Debug outputs of Deploy.ps1.
4. Improve readability by dividing the different parts of the code into separate functions. I have some suggestions for this.

Bicep files

I ran into the following error twice, both with azuredeploy-acr and azuredeploy-main:

Principal ... does not exist in the directory ... Check that you have the correct principal ID. If you are creating this principal and then immediately assigning a role, this error might be related to a replication delay. In this case, set the role assignment principalType property to a value, such as ServicePrincipal, User, or Group. See https://aka.ms/docs-principaltype

Since I'm probably not the only one running into this problem, adding principalType: 'ServicePrincipal' to the DevOps Object Id role assignment resolves this issue.

Input and/or suggestions on this is greatly appreciated.

[stijnmoreels]

For the Bicep + Deploy.ps1 files, these will need to be handled on the Azure DevOps; for the YAML temples, yes we can have a look. This PR #417 , will probably also help a lot with future installations.