| .. | ||
| _.azurewebsites.net.crt | ||
| .env | ||
| .env.example | ||
| .gitignore | ||
| app.py | ||
| backup.sh | ||
| Dockerfile | ||
| init.sql | ||
| prepare-app.sh | ||
| README.md | ||
| remove-app.sh | ||
| requirements.txt | ||
| setup.sh | ||
TaskFlow — Cloud Deployment (sk1)
A task management web application deployed on Microsoft Azure. Live at: https://taskflow-14802.azurewebsites.net
1. What the Application Does
TaskFlow is a simple web-based task manager for individuals or small teams.
Users can:
- Create tasks with a title and optional description
- Advance tasks through three stages:
To Do → In Progress → Done - Delete tasks they no longer need
All data is stored in a managed PostgreSQL database and persists across restarts and redeployments.
2. Public Cloud and Infrastructure Description
Cloud Provider
Microsoft Azure — Azure for Students subscription.
Azure Services Used
| Service | Purpose |
|---|---|
| Azure Container Registry (ACR) — Basic | Stores the Docker image for the Flask app |
| Azure App Service Plan — Linux B1 | Managed hosting platform for the container |
| Azure Web App (container) | Runs the Flask app with built-in HTTPS and auto-restart |
| Azure Database for PostgreSQL Flexible Server — Burstable B1ms | Managed PostgreSQL 15 database with persistent storage |
Components
| Component | Type | Role |
|---|---|---|
taskflow-web |
Docker container on App Service | Python 3.11 / Flask app served by Gunicorn |
postgres |
Azure managed database | PostgreSQL 15 — stores all tasks |
taskflow-registry |
Azure Container Registry | Private Docker image registry |
How Traffic Flows
Browser (HTTPS)
→ Azure App Service (built-in TLS, azurewebsites.net cert)
→ Flask container (Gunicorn :5000)
→ Azure PostgreSQL Flexible Server (:5432, SSL required)
→ Managed persistent storage (Azure-managed disk)
HTTPS / TLS
Azure App Service provides a free, automatic, browser-trusted TLS certificate for all *.azurewebsites.net domains. HTTPS-only mode is enforced — HTTP requests are automatically redirected to HTTPS.
Persistent Storage
Data is stored in Azure Database for PostgreSQL Flexible Server. This is a fully managed service — Azure handles backups, high availability, and storage automatically. Data persists independently of the application container.
Automatic Restart
Azure App Service automatically restarts the container if it crashes or exits. The platform monitors the /health endpoint and restarts unhealthy instances without manual intervention.
Configuration
All secrets (database host, user, password) are stored as App Service Application Settings — Azure's equivalent of environment variables. They are injected into the container at runtime and never stored in code or GIT.
3. Cost Analysis — 1,000 Users/Day, 50 GB Data (Azure, 1 Year)
| Resource | Specification | Unit Price | Billing | Annual Cost |
|---|---|---|---|---|
| App Service Plan | Linux B1 (1 vCPU, 1.75 GB RAM) | ~$13.14/month | Monthly | ~$157.68 |
| PostgreSQL Flexible Server | Burstable B1ms (1 vCPU, 2 GB) | ~$12.41/month | Monthly | ~$148.92 |
| PostgreSQL Storage | 50 GB | ~$5.76/month | Monthly | ~$69.12 |
| Azure Container Registry | Basic tier | ~$5.00/month | Monthly | ~$60.00 |
| Outbound bandwidth | First 100 GB free, ~60 GB/month at 1k users | $0 | Per GB | ~$0 |
| HTTPS certificate | Free (azurewebsites.net) | $0 | — | $0 |
| Total | ≈ $435.72 / year |
For the exam demo period the actual cost is ~$35/month (B1 plan + B1ms PostgreSQL). Delete resources after the exam with
remove-app.shto stop billing.
4. Uploaded Files and Their Content
sk1/
├── app/
│ ├── app.py Flask app — routes, DB connection, Kanban UI, /health endpoint
│ ├── Dockerfile Builds taskflow-web image (Python 3.11, Gunicorn, non-root)
│ └── requirements.txt Python deps: flask, gunicorn, psycopg2-binary
├── db/
│ └── init.sql SQL schema — tasks table, trigger, sample data
├── setup.sh Full deployment — writes files, creates all Azure resources
├── prepare-app.sh Rebuilds and redeploys container after code changes
├── remove-app.sh Deletes entire Azure resource group
├── backup.sh pg_dump backup and restore via psql
├── .env.example Template for required environment variables (no secrets)
├── .gitignore Excludes .env and backups from GIT
└── README.md This file
5. Configuration Description
Secrets and Environment Variables
Secrets are stored as Azure App Service Application Settings — never in GIT.
| Variable | Where stored | Used by |
|---|---|---|
POSTGRES_HOST |
App Service settings | Flask app |
POSTGRES_USER |
App Service settings | Flask app |
POSTGRES_PASSWORD |
App Service settings | Flask app |
POSTGRES_DB |
App Service settings | Flask app |
POSTGRES_PORT |
App Service settings | Flask app |
FLASK_ENV |
App Service settings | Gunicorn |
WEBSITES_PORT |
App Service settings | Azure (tells it app runs on 5000) |
DB_PASSWORD |
Shell env var at deploy time | setup.sh only, not stored |
A local .env file is written during deployment for use by backup.sh. It is excluded from GIT by .gitignore.
6. How to View and Use the Application
Prerequisites
- Azure CLI installed and
az logincompleted - Docker installed and running
psqlinstalled (for backup/restore and schema init)DB_PASSWORDenvironment variable set
Deploy (first time — creates all Azure resources)
export DB_PASSWORD="YourStrongPassword123!"
chmod +x setup.sh && ./setup.sh
Takes approximately 5–8 minutes.
Open in Browser
https://taskflow-14802.azurewebsites.net
Redeploy after code changes
./prepare-app.sh
Remove all Azure resources
./remove-app.sh
7. How to Perform a Data Backup
Install psql if needed: sudo apt install postgresql-client
# Create a timestamped backup
source .env && ./backup.sh
# List backups
ls -lh backups/
# Restore
source .env && ./backup.sh --restore backups/taskflow-20250601-120000.sql
8. How to View Access Logs from the Internet
Azure App Service logs all HTTP requests. View them via Azure CLI:
# Stream live access logs (all internet requests to the app)
az webapp log tail --resource-group taskflow-rg --name taskflow-14802
# Enable detailed logging first if needed
az webapp log config --resource-group taskflow-rg --name taskflow-14802 --application-logging filesystem --web-server-logging filesystem --level information
# Download logs as zip
az webapp log download --resource-group taskflow-rg --name taskflow-14802
Each log entry contains: timestamp, client IP, HTTP method, path, status code, response time.
9. Conditions for Running prepare-app.sh and remove-app.sh
prepare-app.sh
- Azure CLI installed and
az logincompleted - Docker installed and running
.envfile must exist in the same directory (created bysetup.sh)- ACR name and App name are hardcoded from the initial deployment — re-run
setup.shto create fresh resources
remove-app.sh
- Azure CLI installed and
az logincompleted - Resource group
taskflow-rgmust exist - Prompts for confirmation before deleting
- All data will be lost unless
backup.shwas run first
10. External Resources and Use of Generative AI
External Resources
| Resource | Type | How Used |
|---|---|---|
| Azure App Service Documentation | Official docs | Web app creation, container config, app settings, logging |
| Azure PostgreSQL Flexible Server | Official docs | Server creation, firewall, connection strings |
| Azure Container Registry | Official docs | Image push, admin credentials |
| Flask Documentation | Official docs | Routing, templates |
| PostgreSQL pg_dump | Official docs | Backup commands |
| Azure Pricing Calculator | Tool | Cost analysis |
| Course lectures (azure, certbot, compose) | Lecture slides | Architecture, PaaS concepts, IaaS vs PaaS |
Generative AI Usage
Tool: Claude by Anthropic (claude.ai) Type: Productivity assistance — Azure CLI commands, shell scripts, Dockerfile, Flask app, README. Method: Student described requirements, reviewed all output, verified understanding before submission. All architectural decisions directed by the student. AI accelerated writing; understanding was the student's own.