chore: use new monitor package w/ newly deployed resources

build/ci-build.yml

@@ -18,6 +18,10 @@ parameters:
   - name: 'Package.Version.ManualTrigger'
     type: string
     default: 'preview'
+  - name: azureServiceConnection
+    displayName: 'Azure service connection'
+    type: string
+    default: 'Azure Codit-Arcus Service Principal'
 
 resources:
   repositories:
@@ -27,7 +31,6 @@ resources:
       endpoint: arcus-azure
 
 variables:
-  - group: 'Arcus Observability - Integration Testing'
   - group: 'Arcus - GitHub Package Registry'
   - group: 'Build Configuration'
   - template: ./variables/build.yml
@@ -75,78 +78,27 @@ stages:
     dependsOn: Build
     condition: succeeded()
     jobs:
-      - job: UnitTests
-        displayName: 'Run unit tests'
-        pool:
-          vmImage: '$(Vm.Image)'
-        steps:
-          - task: DownloadPipelineArtifact@2
-            displayName: 'Download build artifacts'
-            inputs:
-              artifact: 'Build'
-              path: '$(Build.SourcesDirectory)'
-          - task: UseDotNet@2
-            displayName: 'Import .NET Core SDK ($(DotNet.Sdk.PreviousVersion))'
-            inputs:
-              packageType: 'sdk'
-              version: '$(DotNet.Sdk.PreviousVersion)'
-          - template: test/run-unit-tests.yml@templates
-            parameters:
-              dotnetSdkVersion: '$(DotNet.Sdk.Version)'
-              includePreviewVersions: $(DotNet.Sdk.IncludePreviewVersions)
-              projectName: '$(Project).Tests.Unit'
+      - template: templates/run-unit-tests.yml
 
   - stage: IntegrationTests
     displayName: Integration Tests
     dependsOn: Build
     condition: succeeded()
     jobs:
-      - job: IntegrationTests
-        displayName: 'Run integration tests'
-        pool:
-          vmImage: '$(Vm.Image)'
-        steps:
-          - task: DownloadPipelineArtifact@2
-            displayName: 'Download build artifacts'
-            inputs:
-              artifact: 'Build'
-              path: '$(Build.SourcesDirectory)'
-          - task: UseDotNet@2
-            displayName: 'Import .NET Core SDK ($(DotNet.Sdk.PreviousVersion))'
-            inputs:
-              packageType: 'sdk'
-              version: '$(DotNet.Sdk.PreviousVersion)'
-          - template: test/run-integration-tests.yml@templates
-            parameters:
-              dotnetSdkVersion: '$(DotNet.Sdk.Version)'
-              includePreviewVersions: $(DotNet.Sdk.IncludePreviewVersions)
-              projectName: '$(Project).Tests.Integration'
-              category: 'Integration'
+      - template: templates/run-self-contained-integration-tests.yml
+        parameters:
+          azureServiceConnection: '${{ parameters.azureServiceConnection }}'
 
   - stage: DockerTests
     displayName: Docker Tests
     dependsOn: Build
     condition: succeeded()
     jobs:
-      - job: DockerTests
-        displayName: 'Run Docker tests'
-        pool:
-          vmImage: '$(Vm.Image)'
-        steps:
-          - task: DownloadPipelineArtifact@2
-            displayName: 'Download build artifacts'
-            inputs:
-              artifact: 'Build'
-              path: '$(Build.SourcesDirectory)'
-          - task: UseDotNet@2
-            displayName: 'Import .NET Core SDK ($(DotNet.Sdk.PreviousVersion))'
-            inputs:
-              packageType: 'sdk'
-              version: '$(DotNet.Sdk.PreviousVersion)'
-          - template: templates/run-docker-integration-tests.yml
-            parameters:
-              dockerProjectName: '$(Project).Tests.Runtimes.AzureFunction'
-              httpPort: '$(AzureFunctions.HttpPort)'
+      - template: templates/run-docker-integration-tests.yml
+        parameters:
+          dockerProjectName: '$(Project).Tests.Runtimes.AzureFunction'
+          httpPort: '$(AzureFunctions.HttpPort)'
+          azureServiceConnection: '${{ parameters.azureServiceConnection }}'
 
   - stage: ReleaseToMyget
     displayName: 'Release to MyGet'

build/deploy-test-resources.yml

@@ -0,0 +1,45 @@
+name: Arcus Observability - Deploy test resources
+
+trigger: none
+pr: none
+
+parameters:
+  - name: azureServiceConnection
+    displayName: 'Azure service connection'
+    type: string
+    default: 'Azure Codit-Arcus Service Principal'
+  - name: resourceGroupName
+    displayName: 'Resource group name'
+    default: arcus-observability-dev-we-rg
+
+variables:
+  - template: ./variables/build.yml
+  - template: ./variables/test.yml
+
+stages:
+  - stage: Deploy
+    jobs:
+      - job: DeployBicep
+        displayName: 'Deploy test resources'
+        pool:
+          vmImage: '$(Vm.Image)'
+        steps:
+          - task: AzureCLI@2
+            env:
+              SYSTEM_ACCESSTOKEN: $(System.AccessToken)
+            inputs:
+              azureSubscription: '${{ parameters.azureServiceConnection }}'
+              addSpnToEnvironment: true
+              scriptType: 'pscore'
+              scriptLocation: 'inlineScript'
+              inlineScript: |
+                $objectId = (az ad sp show --id $env:servicePrincipalId | ConvertFrom-Json).id
+                az deployment sub create `
+                  --location westeurope `
+                  --template-file ./build/templates/deploy-test-resources.bicep `
+                  --parameters location=westeurope `
+                  --parameters resourceGroupName=${{ parameters.resourceGroupName }} `
+                  --parameters instrumentationKey_secretName=${{ variables['Arcus.Observability.ApplicationInsights.InstrumentationKey.SecretName'] }} `
+                  --parameters workspaceId_secretName=${{ variables['Arcus.Observability.LogAnalytics.WorkspaceId.SecretName'] }} `
+                  --parameters keyVaultName=${{ variables['Arcus.Observability.KeyVault.Name'] }} `
+                  --parameters servicePrincipal_objectId=$objectId

build/nuget-release.yml

@@ -6,6 +6,10 @@ pr: none
 parameters:
   - name: 'Package.Version'
     type: 'string'
+  - name: azureServiceConnection
+    displayName: 'Azure service connection'
+    type: string
+    default: 'Azure Codit-Arcus Service Principal'
 
 resources:
   repositories:
@@ -15,7 +19,6 @@ resources:
       endpoint: arcus-azure
 
 variables:
-  - group: 'Arcus Observability - Integration Testing'
   - group: 'Build Configuration'
   - template: ./variables/build.yml
   - template: ./variables/test.yml
@@ -57,78 +60,27 @@ stages:
     dependsOn: Build
     condition: succeeded()
     jobs:
-      - job: UnitTests
-        displayName: 'Run unit tests'
-        pool:
-          vmImage: '$(Vm.Image)'
-        steps:
-          - task: DownloadPipelineArtifact@2
-            displayName: 'Download build artifacts'
-            inputs:
-              artifact: 'Build'
-              path: '$(Build.SourcesDirectory)'
-          - task: UseDotNet@2
-            displayName: 'Import .NET Core SDK ($(DotNet.Sdk.PreviousVersion))'
-            inputs:
-              packageType: 'sdk'
-              version: '$(DotNet.Sdk.PreviousVersion)'
-          - template: test/run-unit-tests.yml@templates
-            parameters:
-              dotnetSdkVersion: '$(DotNet.Sdk.Version)'
-              includePreviewVersions: $(DotNet.Sdk.IncludePreviewVersions)
-              projectName: '$(Project).Tests.Unit'
+      - template: templates/run-unit-tests.yml
 
   - stage: IntegrationTests
     displayName: Integration Tests
     dependsOn: Build
     condition: succeeded()
     jobs:
-      - job: IntegrationTests
-        displayName: 'Run integration tests'
-        pool:
-          vmImage: '$(Vm.Image)'
-        steps:
-          - task: DownloadPipelineArtifact@2
-            displayName: 'Download build artifacts'
-            inputs:
-              artifact: 'Build'
-              path: '$(Build.SourcesDirectory)'
-          - task: UseDotNet@2
-            displayName: 'Import .NET Core SDK ($(DotNet.Sdk.PreviousVersion))'
-            inputs:
-              packageType: 'sdk'
-              version: '$(DotNet.Sdk.PreviousVersion)'
-          - template: test/run-integration-tests.yml@templates
-            parameters:
-              dotnetSdkVersion: '$(DotNet.Sdk.Version)'
-              includePreviewVersions: $(DotNet.Sdk.IncludePreviewVersions)
-              projectName: '$(Project).Tests.Integration'
-              category: 'Integration'
+      - template: templates/run-self-contained-integration-tests.yml
+        parameters:
+          azureServiceConnection: '${{ parameters.azureServiceConnection }}'
 
   - stage: DockerTests
     displayName: Docker Tests
     dependsOn: Build
     condition: succeeded()
     jobs:
-      - job: DockerTests
-        displayName: 'Run Docker tests'
-        pool:
-          vmImage: '$(Vm.Image)'
-        steps:
-          - task: DownloadPipelineArtifact@2
-            displayName: 'Download build artifacts'
-            inputs:
-              artifact: 'Build'
-              path: '$(Build.SourcesDirectory)'
-          - task: UseDotNet@2
-            displayName: 'Import .NET Core SDK ($(DotNet.Sdk.PreviousVersion))'
-            inputs:
-              packageType: 'sdk'
-              version: '$(DotNet.Sdk.PreviousVersion)'
-          - template: templates/run-docker-integration-tests.yml
-            parameters:
-              dockerProjectName: '$(Project).Tests.Runtimes.AzureFunction'
-              httpPort: '$(AzureFunctions.HttpPort)'
+      - template: templates/run-docker-integration-tests.yml
+        parameters:
+          dockerProjectName: '$(Project).Tests.Runtimes.AzureFunction'
+          httpPort: '$(AzureFunctions.HttpPort)'
+          azureServiceConnection: '${{ parameters.azureServiceConnection }}'
 
   - stage: Release
     displayName: 'Release to NuGet.org'

build/templates/deploy-test-resources.bicep

@@ -0,0 +1,90 @@
+// Define the location for the deployment of the components.
+param location string
+
+// Define the name of the resource group where the components will be deployed.
+param resourceGroupName string
+
+// Define the name of the secret that will store the Application Insights Instrumentation Key.
+param instrumentationKey_secretName string
+
+// Define the name of the secret that will store the Application Insights workspace resource ID.
+param workspaceId_secretName string
+
+// Define the name of the Key Vault.
+param keyVaultName string
+
+// Define the Service Principal ID that needs access full access to the deployed resource group.
+param servicePrincipal_objectId string
+
+targetScope='subscription'
+
+module resourceGroup 'br/public:avm/res/resources/resource-group:0.2.3' = {
+  name: 'resourceGroupDeployment'
+  params: {
+    name: resourceGroupName
+    location: location
+  }
+}
+
+resource rg 'Microsoft.Resources/resourceGroups@2021-04-01' existing = {
+  name: resourceGroupName
+}
+
+module workspace 'br/public:avm/res/operational-insights/workspace:0.3.4' = {
+  name: 'workspaceDeployment'
+  dependsOn: [
+    resourceGroup
+  ]
+  scope: rg
+  params: {
+    name: 'arcus-observability-dev-we-workspace'
+    location: location
+  }
+}
+
+module component 'br/public:avm/res/insights/component:0.3.0' = {
+  name: 'componentDeployment'
+  dependsOn: [
+    resourceGroup
+  ]
+  scope: rg
+  params: {
+    name: 'arcus-observability-dev-we-app-insights'
+    workspaceResourceId: workspace.outputs.resourceId
+    location: location
+    roleAssignments: [
+      {
+        principalId: servicePrincipal_objectId
+        roleDefinitionIdOrName: '73c42c96-874c-492b-b04d-ab87d138a893'
+      }
+    ]
+  }
+}
+
+module vault 'br/public:avm/res/key-vault/vault:0.6.1' = {
+  name: 'vaultDeployment'
+  dependsOn: [
+    resourceGroup
+  ]
+  scope: rg
+  params: {
+    name: keyVaultName
+    location: location
+    roleAssignments: [
+      {
+        principalId: servicePrincipal_objectId
+        roleDefinitionIdOrName: 'Key Vault Secrets officer'
+      }
+    ]
+    secrets: [
+      {
+        name: instrumentationKey_secretName
+        value: component.outputs.instrumentationKey
+      }
+      {
+        name: workspaceId_secretName
+        value: workspace.outputs.logAnalyticsWorkspaceId
+      }
+    ]
+  }
+}

build/templates/import-keyvault-secrets.yml

@@ -0,0 +1,31 @@
+parameters:
+  azureServiceConnection: ''
+
+steps:
+  - task: AzureCLI@2
+    displayName: 'Import secrets from Azure Key Vault'
+    inputs:
+      azureSubscription: '${{ parameters.azureServiceConnection }}'
+      addSpnToEnvironment: true
+      scriptType: 'pscore'
+      scriptLocation: 'inlineScript'
+      inlineScript: |
+        Set-PSRepository -Name PSGallery -InstallationPolicy Trusted
+        Install-Module -Name Arcus.Scripting.DevOps -AllowClobber
+
+        Set-AzDevOpsVariable -Name 'Arcus.Observability.TenantId' -Value $env:tenantId
+        Set-AzDevOpsVariable -Name 'Arcus.Observability.ServicePrincipal.ClientId' -Value $env:servicePrincipalId
+        Set-AzDevOpsVariable -Name 'Arcus.Observability.ServicePrincipal.ClientSecret' -Value $env:servicePrincipalKey
+
+        $keyVaultName = $env:ARCUS_OBSERVABILITY_KEYVAULT_NAME
+        Write-Host "Importing secrets from Key Vault: $keyVaultName"
+
+        $instrumentationKey_secretName = $env:ARCUS_OBSERVABILITY_APPLICATIONINSIGHTS_INSTRUMENTATIONKEY_SECRETNAME
+        Write-Host "Importing secret: $instrumentationKey_secretName"
+        $instrumentationKeySecret = az keyvault secret show --name "$instrumentationKey_secretName" --vault-name "$keyVaultName" | ConvertFrom-Json
+        Set-AzDevOpsVariable -AsSecret -Name 'Arcus.Observability.ApplicationInsights.InstrumentationKey' -Value $instrumentationKeySecret.value
+
+        $resourceId_secretName = $env:ARCUS_OBSERVABILITY_LOGANALYTICS_WORKSPACEID_SECRETNAME
+        Write-Host "Importing secret: $resourceId_secretName"
+        $resourceIdSecret = az keyvault secret show --name "$resourceId_secretName" --vault-name "$keyVaultName" | ConvertFrom-Json
+        Set-AzDevOpsVariable -AsSecret -Name 'Arcus.Observability.ApplicationInsights.LogAnalytics.WorkspaceId' -Value $resourceIdSecret.value