Fr4nc3 · Fr4nc3 · Nov 29, 2024 · Nov 28, 2024 · Nov 28, 2024 · Nov 28, 2024
@@ -28,6 +28,7 @@ param speechKeyName string = ''
 param authType string
 param dockerFullImageName string = ''
 param useDocker bool = dockerFullImageName != ''
+param databaseType string = 'CosmosDB' // 'CosmosDB' or 'PostgreSQL'
 
 var azureFormRecognizerInfoUpdated = useKeyVault
   ? azureFormRecognizerInfo
@@ -68,6 +69,7 @@ module adminweb '../core/host/appservice.bicep' = {
     scmDoBuildDuringDeployment: useDocker ? false : true
     applicationInsightsName: applicationInsightsName
     appServicePlanId: appServicePlanId
+    managedIdentity: databaseType == 'PostgreSQL'
     appSettings: union(appSettings, {
       AZURE_AUTH_TYPE: authType
       USE_KEY_VAULT: useKeyVault ? useKeyVault : ''

@@ -168,6 +168,7 @@ module web '../core/host/appservice.bicep' = {
     dockerFullImageName: dockerFullImageName
     scmDoBuildDuringDeployment: useDocker ? false : true
     healthCheckPath: healthCheckPath
+    managedIdentity: databaseType == 'PostgreSQL'
   }
 }
 
@@ -223,7 +224,7 @@ resource cosmosRoleDefinition 'Microsoft.DocumentDB/databaseAccounts/sqlRoleDefi
   name: '${json(appSettings.AZURE_COSMOSDB_INFO).accountName}/00000000-0000-0000-0000-000000000002'
 }
 
-module cosmosUserRole '../core/database/cosmos-sql-role-assign.bicep' = {
+module cosmosUserRole '../core/database/cosmos-sql-role-assign.bicep' = if(databaseType == 'CosmosDB') {
   name: 'cosmos-sql-user-role-${web.name}'
   params: {
     accountName: json(appSettings.AZURE_COSMOSDB_INFO).accountName

@@ -5,6 +5,9 @@ param baseUrl string
 param keyVaultName string
 param identity string
 param postgresSqlServerName string
+param webAppPrincipalName string
+param adminAppPrincipalName string
+param managedIdentityName string
 
 resource create_index 'Microsoft.Resources/deploymentScripts@2020-10-01' = {
   kind:'AzureCLI'
@@ -19,7 +22,7 @@ resource create_index 'Microsoft.Resources/deploymentScripts@2020-10-01' = {
   properties: {
     azCliVersion: '2.52.0'
     primaryScriptUri: '${baseUrl}scripts/run_create_table_script.sh'
-    arguments: '${baseUrl} ${keyVaultName} ${resourceGroup().name} ${postgresSqlServerName}' // Specify any arguments for the script
+    arguments: '${baseUrl} ${keyVaultName} ${resourceGroup().name} ${postgresSqlServerName} ${webAppPrincipalName} ${adminAppPrincipalName} ${managedIdentityName}' // Specify any arguments for the script
     timeout: 'PT1H' // Specify the desired timeout duration
     retentionInterval: 'PT1H' // Specify the desired retention interval
     cleanupPreference:'OnSuccess'

@@ -65,7 +65,7 @@ resource delayScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = {
   kind: 'AzurePowerShell'
   properties: {
     azPowerShellVersion: '3.0'
-    scriptContent: 'start-sleep -Seconds 180'
+    scriptContent: 'start-sleep -Seconds 300'
     cleanupPreference: 'Always'
     retentionInterval: 'PT1H'
   }

@@ -344,7 +344,7 @@ resource rg 'Microsoft.Resources/resourceGroups@2021-04-01' = {
 }
 
 // ========== Managed Identity ========== //
-module managedIdentityModule './core/security/managed-identity.bicep' = if (databaseType == 'postgres') {
+module managedIdentityModule './core/security/managed-identity.bicep' = if (databaseType == 'PostgreSQL') {
   name: 'deploy_managed_identity'
   params: {
     solutionName: resourceToken
@@ -353,7 +353,7 @@ module managedIdentityModule './core/security/managed-identity.bicep' = if (data
   scope: rg
 }
 
-module cosmosDBModule './core/database/cosmosdb.bicep' = if (databaseType == 'cosmos') {
+module cosmosDBModule './core/database/cosmosdb.bicep' = if (databaseType == 'CosmosDB') {
   name: 'deploy_cosmos_db'
   params: {
     name: azureCosmosDBAccountName
@@ -830,6 +830,7 @@ module adminweb './app/adminweb.bicep' = if (hostingModel == 'code') {
     useKeyVault: useKeyVault
     keyVaultName: useKeyVault || authType == 'rbac' ? keyvault.outputs.name : ''
     authType: authType
+    databaseType: databaseType
     appSettings: {
       AZURE_COMPUTER_VISION_ENDPOINT: useAdvancedImageProcessing ? computerVision.outputs.endpoint : ''
       AZURE_COMPUTER_VISION_VECTORIZE_IMAGE_API_VERSION: computerVisionVectorizeImageApiVersion
@@ -903,6 +904,7 @@ module adminweb_docker './app/adminweb.bicep' = if (hostingModel == 'container')
     useKeyVault: useKeyVault
     keyVaultName: useKeyVault || authType == 'rbac' ? keyvault.outputs.name : ''
     authType: authType
+    databaseType: databaseType
     appSettings: {
       AZURE_COMPUTER_VISION_ENDPOINT: useAdvancedImageProcessing ? computerVision.outputs.endpoint : ''
       AZURE_COMPUTER_VISION_VECTORIZE_IMAGE_API_VERSION: computerVisionVectorizeImageApiVersion
@@ -1247,17 +1249,22 @@ module machineLearning 'app/machinelearning.bicep' = if (orchestrationStrategy =
   }
 }
 
-module createIndex './core/database/deploy_create_table_script.bicep' = if (databaseType == 'postgres') {
+module createIndex './core/database/deploy_create_table_script.bicep' = if (databaseType == 'PostgreSQL') {
   name: 'deploy_create_table_script'
   params: {
     solutionLocation: location
     identity: managedIdentityModule.outputs.managedIdentityOutput.id
     baseUrl: baseUrl
     keyVaultName: keyvault.outputs.name
     postgresSqlServerName: postgresDBModule.outputs.postgresDbOutput.postgresSQLName
+    webAppPrincipalName: hostingModel == 'code' ? web.outputs.FRONTEND_API_NAME : web_docker.outputs.FRONTEND_API_NAME
+    adminAppPrincipalName: hostingModel == 'code' ? adminweb.outputs.WEBSITE_ADMIN_NAME : adminweb_docker.outputs.WEBSITE_ADMIN_NAME
+    managedIdentityName: managedIdentityModule.outputs.managedIdentityOutput.name
   }
   scope: rg
-  dependsOn: [keyvault, postgresDBModule, storekeys]
+  dependsOn: hostingModel == 'code' ? [keyvault, postgresDBModule, storekeys, web, adminweb] : [
+    [keyvault, postgresDBModule, storekeys, web_docker, adminweb_docker]
+  ]
 }
 
 output APPLICATIONINSIGHTS_CONNECTION_STRING string = monitoring.outputs.applicationInsightsConnectionString