Merge pull request #46 from h2floh/h2floh/azurefrontdoor

Add Azure Front Door option

Author: Florian Wagner

AzureDevOps/oneclickdeploytest_afd.yaml

@@ -0,0 +1,105 @@
+resources:
+  containers:
+  - container: geobotagent
+    image: h2floh/geobotagent
+
+# No CI trigger
+trigger: none
+
+# PR builds
+pr:
+  branches:
+    include:
+    - master
+  paths:
+    include:
+    - Deploy
+    - AzureDevOps/oneclickdeploytest.yaml
+
+# Scheduled Build on change Mo-Sa
+schedules:
+- cron: "0 18 * * 1-6"
+  displayName: Daily 3am build on change (Seoul)
+  branches:
+    include:
+    - master
+  always: false
+- cron: "0 18 * * 0"
+  displayName: Weekly 3am build (Seoul)
+  branches:
+    include:
+    - master
+  always: true
+
+jobs:
+- job: deploy_destroy
+  displayName: 'Deploy & Destroy'
+  timeoutInMinutes: 120
+  pool:
+    name: Default
+    demands:
+    - docker
+  container: geobotagent
+  variables:
+  # This group must include following variables: 
+  # - ServicePrincipalID (Client/App ID)
+  # - ServicePrincipalSecret (Client Secret)
+  # - TenantId (AAD Id)
+  # - SubscriptionId (Azure Subscription)
+  - group: SubscriptionDetails
+  steps:
+  - pwsh: |
+      # generate random bot name
+      $BOTNAME = -join ((97..122) | Get-Random -Count 1 | % {[char]$_}) + -join ((48..57) + (97..122) | Get-Random -Count 9 | % {[char]$_})
+      
+      Write-Host "##vso[task.setvariable variable=BOTNAME]$BOTNAME"
+    displayName: 'Generate Bot Name'
+    errorActionPreference: continue
+
+  - pwsh: |
+      # Azure Login
+      az login --service-principal --username $(ServicePrincipalID) --password $(ServicePrincipalSecret) --tenant $(TenantId)
+      
+      # Terraform
+      Write-Host "##vso[task.setvariable variable=ARM_CLIENT_ID]$(ServicePrincipalID)"
+      Write-Host "##vso[task.setvariable variable=ARM_CLIENT_SECRET]$(ServicePrincipalSecret)"
+      Write-Host "##vso[task.setvariable variable=ARM_SUBSCRIPTION_ID]$(SubscriptionId)"
+      Write-Host "##vso[task.setvariable variable=ARM_TENANT_ID]$(TenantId)"
+    displayName: 'Prepare Azure connection for CLI & Terraform '
+
+  - pwsh: |
+      # One Click Deploy
+      
+      Deploy/OneClickDeploy.ps1 -BOT_NAME $env:BOTNAME -AZUREFRONTDOOR $True -AUTOAPPROVE $True
+      
+      # $Lastexitcode $True -> Success, we have to change it to 0
+      exit -not $LASTEXITCODE
+    errorActionPreference: continue
+    displayName: OneClickDeploy
+
+  - pwsh: |
+      # One Click Destroy
+      
+      Deploy/OneClickDestroy.ps1 -BOT_NAME $env:BOTNAME -AUTOAPPROVE $True
+      
+      # $Lastexitcode $True -> Success, we have to change it to 0
+      exit -not $LASTEXITCODE
+    errorActionPreference: continue
+    displayName: OneClickDestroy
+    condition: always()
+
+  - pwsh: |
+      # Az logout
+      az logout
+      
+      # Clear ENV Variables
+      # Terraform
+      $env:ARM_CLIENT_ID=""
+      $env:ARM_CLIENT_SECRET=""
+      $env:ARM_SUBSCRIPTION_ID=""
+      $env:ARM_TENANT_ID=""
+    failOnStderr: true
+    displayName: 'Az Logout'
+    condition: always()
+
+

Deploy/.gitignore

@@ -5,4 +5,6 @@ botnotselfcontained.zip
 # Ignore Terraform tfvars
 *.tfvars.*
 # Ignore Terraform plan files (we just use this notation since internet search didn't brought any ideas)
-*.tfplan
+*.tfplan
+# Ignore IaC Folder
+IaC/

Deploy/DeployInfrastructure.ps1

@@ -7,7 +7,8 @@ Terraform Deployment of the base infrastructure
 
 This script will do following steps:
 
-1. Deploy Infrastructure with Terraform
+1. Determine which variant will be deployed
+2. Deploy Infrastructure with Terraform
 
 After the script is successfully executed the Bot can be deployed to WebApps and infrastructure is ready for import 
 a SSL certificate and activation of TrafficManager
@@ -36,6 +37,10 @@ param(
     [Parameter(HelpMessage="Region used for global services")]
     [string] $BOT_GLOBAL_REGION = "japaneast",
 
+    # Distribution Service: TrafficManager or Azure FrontDoor - Default: $False -> TrafficManager, $True -> AzureFrontDoor
+    [Parameter(HelpMessage="Distribution Service: TrafficManager or Azure FrontDoor - Default: `$False -> TrafficManager, `$True -> AzureFrontDoor")]
+    [bool] $AZUREFRONTDOOR = $False,
+
     # Terraform and SSL creation Automation Flag. $False -> Interactive, Approval $True -> Automatic Approval
     [Parameter(HelpMessage="Terraform and SSL creation Automation Flag. `$False -> Interactive, Approval `$True -> Automatic Approval")]
     [bool] $AUTOAPPROVE = $False
@@ -50,8 +55,20 @@ $azureBotRegions = "$(Get-ScriptPath)/$terraformFolder/azure_bot_regions.tfvars.
 # Tell who you are (See HelperFunction.ps1)
 Write-WhoIAm
 
+# Choosing Terraform "Template", it is easier to copy everything to IaC folder for the script flow after deployment (retrieval of Outputs)
+Write-Host "## 1. Determine which variant will be deployed"
+if ($AZUREFRONTDOOR)
+{
+    Write-Host "### Front Door, copying template to IaC folder..."
+    Copy-TerraformFolder -FROM "IaCAFD"
+}
+else {
+    Write-Host "### TrafficManager, copying template to IaC folder..."
+    Copy-TerraformFolder -FROM "IaCTM"
+}
+
 # Execute first Terraform to create the infrastructure
-Write-Host "## 1. Deploy Infrastructure with Terraform"
+Write-Host "## 2. Deploy Infrastructure with Terraform"
 
 # Create Variable file for Terraform
 $result = Set-RegionalVariableFile -FILENAME $azureBotRegions -BOT_REGIONS $BOT_REGIONS

Deploy/HelperFunctions.ps1

@@ -66,16 +66,37 @@ function Check-ServiceAvailability {
         [Parameter(HelpMessage="Full Qualified Domain Name to check")]
         [string] $FQDN
     )
-    # Not working in PowerShellCore: Resolve-DnsName -Name $FQDN -DnsOnly > $null 2> $1
-    # Changing to nslookup
-    $resolved = nslookup $FQDN 2> $null
-    if ((($resolved | Select-String $FQDN).Length -gt 0) -and (($resolved | Select-String "server can't find").Length -eq 0))
+
+    $available = $True
+
+    if ($Service -eq "FrontDoor")
+    {
+        # FrontDoor DNS always exists, curl on unavailable resource reveals 302 redirect to /pages/404.html (notfound)
+        # curl -I https://mygeobot2.azurefd.net
+        # HTTP/1.1 302 Found
+        # Content-Length: 0
+        # Location: /pages/404.html
+        # Server: Microsoft-IIS/10.0
+        # X-MSEdge-Ref: Ref A: C18D49B3B18F4EBB950B562E01AB4347 Ref B: SLAEDGE0808 Ref C: 2020-01-30T04:40:26Z
+        # Date: Thu, 30 Jan 2020 04:40:26 GMT
+        $CurlArgument = '-I', "https://$FQDN"
+        $httpresult = curl @CurlArgument 2> $null
+        $result = [string]::Concat($httpresult)
+        $available = $result.Contains("302 Found") -and $result.Contains("404.html")
+    }
+    else {
+        # Not working in PowerShellCore: Resolve-DnsName -Name $FQDN -DnsOnly > $null 2> $1
+        # Changing to nslookup
+        $resolved = nslookup $FQDN 2> $null
+        $available = -not ((($resolved | Select-String $FQDN).Length -gt 0) -and (($resolved | Select-String "server can't find").Length -eq 0))
+    }
+
+    if (-not $available)
     {
         Write-Host -ForegroundColor Red "### ERROR, $Service with name '$FQDN' already exists. Please try another Bot Name."
-        return $False
-    } else {
-        return $True
     }
+
+    return $available
 }
 
 function Set-RegionalVariableFile {
@@ -210,4 +231,24 @@ function Invoke-Terraform {
     # Forward Execution result of Terraform
     $LASTEXITCODE=$TFEXEC
     $global:LastExitCode=$TFEXEC
+}
+
+function Copy-TerraformFolder {
+    <#
+    .SYNOPSIS
+    Copys contents from one Terraform Folder to another folder
+    #>
+    param(
+        [Parameter(Mandatory=$True, HelpMessage="Source Folder")]
+        [string] $FROM,
+
+        [Parameter(HelpMessage="Destination Folder")]
+        [string] $TO = "IaC"
+    )
+    # Ensure target folder exists
+    New-Item -ItemType Directory -Force -Path "$(Get-ScriptPath)\$TO" > $null
+    # Remove any content in target folder
+    Get-ChildItem "$(Get-ScriptPath)\$TO" -Recurse -Force | Remove-Item -Recurse -Force
+    # Copy content
+    Copy-Item "$(Get-ScriptPath)\$FROM\*" -Destination "$(Get-ScriptPath)\$TO" -Recurse -Force
 }