#!/usr/bin/env bash set -Eeuo pipefail ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" ENV_FILE="${ENV_FILE:-$ROOT_DIR/.env.azure}" log() { echo "==> $*" } fail() { echo "Chyba: $*" >&2 exit 1 } if [[ ! -f "$ENV_FILE" ]]; then echo "Chýba $ENV_FILE" echo "uprav ACR_NAME, PG_SERVER a PG_PASSWORD." exit 1 fi set -a # shellcheck disable=SC1090 source "$ENV_FILE" set +a : "${RG_NAME:?Missing RG_NAME}" : "${LOCATION:?Missing LOCATION}" : "${CONTAINERAPPS_ENV:?Missing CONTAINERAPPS_ENV}" : "${ACR_NAME:?Missing ACR_NAME}" : "${FRONTEND_APP:?Missing FRONTEND_APP}" : "${BACKEND_APP:?Missing BACKEND_APP}" : "${PG_SERVER:?Missing PG_SERVER}" : "${PG_DB:?Missing PG_DB}" : "${PG_ADMIN:?Missing PG_ADMIN}" : "${PG_PASSWORD:?Missing PG_PASSWORD}" : "${FRONTEND_IMAGE:=zkt-frontend:latest}" : "${BACKEND_IMAGE:=zkt-backend:latest}" log "Kontrola Azure Container Apps rozsirenia a resource providerov" az extension add --name containerapp --upgrade --yes >/dev/null az provider register --namespace Microsoft.App --wait >/dev/null az provider register --namespace Microsoft.ContainerRegistry --wait >/dev/null az provider register --namespace Microsoft.DBforPostgreSQL --wait >/dev/null az provider register --namespace Microsoft.OperationalInsights --wait >/dev/null log "Vytvaram alebo kontrolujem resource group: $RG_NAME ($LOCATION)" az group create --name "$RG_NAME" --location "$LOCATION" >/dev/null if ! az acr show --name "$ACR_NAME" --resource-group "$RG_NAME" >/dev/null 2>&1; then log "Vytvaram Azure Container Registry: $ACR_NAME" az acr create \ --resource-group "$RG_NAME" \ --name "$ACR_NAME" \ --sku Basic \ --admin-enabled true >/dev/null else log "ACR uz existuje: $ACR_NAME" az acr update \ --name "$ACR_NAME" \ --resource-group "$RG_NAME" \ --admin-enabled true >/dev/null fi ACR_LOGIN_SERVER="$(az acr show --name "$ACR_NAME" --resource-group "$RG_NAME" --query loginServer -o tsv)" ACR_PASSWORD="$(az acr credential show --name "$ACR_NAME" --resource-group "$RG_NAME" --query 'passwords[0].value' -o tsv)" log "Build a push backend image do ACR" az acr build --registry "$ACR_NAME" --image "$BACKEND_IMAGE" "$ROOT_DIR/backend" log "Build a push frontend image do ACR" az acr build --registry "$ACR_NAME" --image "$FRONTEND_IMAGE" "$ROOT_DIR/frontend" if ! az postgres flexible-server show --resource-group "$RG_NAME" --name "$PG_SERVER" >/dev/null 2>&1; then log "Vytvaram Azure Database for PostgreSQL Flexible Server: $PG_SERVER" az postgres flexible-server create \ --resource-group "$RG_NAME" \ --name "$PG_SERVER" \ --location "$LOCATION" \ --admin-user "$PG_ADMIN" \ --admin-password "$PG_PASSWORD" \ --sku-name Standard_B1ms \ --tier Burstable \ --storage-size 32 \ --version 16 \ --public-access 0.0.0.0 \ --backup-retention 7 \ --yes >/dev/null else log "PostgreSQL server už existuje: $PG_SERVER" fi log "Nastavujem firewall pravidlo pre Azure služby k PostgreSQL" az postgres flexible-server firewall-rule create \ --resource-group "$RG_NAME" \ --name "$PG_SERVER" \ --rule-name allowazureservices \ --start-ip-address 0.0.0.0 \ --end-ip-address 0.0.0.0 >/dev/null 2>&1 || true log "Kontrolujem alebo vytvaram databazu: $PG_DB" DB_READY="false" for i in {1..18}; do if az postgres flexible-server db show \ --resource-group "$RG_NAME" \ --server-name "$PG_SERVER" \ --database-name "$PG_DB" >/dev/null 2>&1; then log "Databaza uz existuje: $PG_DB" DB_READY="true" break fi if az postgres flexible-server db create \ --resource-group "$RG_NAME" \ --server-name "$PG_SERVER" \ --database-name "$PG_DB" >/dev/null 2>&1; then log "Databaza vytvorena: $PG_DB" DB_READY="true" break fi log "PostgreSQL ešte nemusi byt pripraveny, cakam a skusam znova ($i/18)..." sleep 10 done if [[ "$DB_READY" != "true" ]]; then fail "Nepodarilo sa vytvorit alebo overit databazu $PG_DB. Skontroluj PostgreSQL server a firewall." fi if ! az containerapp env show --name "$CONTAINERAPPS_ENV" --resource-group "$RG_NAME" >/dev/null 2>&1; then log "Vytvaram Container Apps environment: $CONTAINERAPPS_ENV" az containerapp env create \ --name "$CONTAINERAPPS_ENV" \ --resource-group "$RG_NAME" \ --location "$LOCATION" >/dev/null else log "Container Apps environment už existuje: $CONTAINERAPPS_ENV" fi delete_containerapp_if_exists() { local app_name="$1" if az containerapp show --name "$app_name" --resource-group "$RG_NAME" >/dev/null 2>&1; then log "Mažem existujúcu Container App: $app_name" az containerapp delete --name "$app_name" --resource-group "$RG_NAME" --yes >/dev/null fi } log "Nasadzujem backend ako internu Container App" delete_containerapp_if_exists "$BACKEND_APP" az containerapp create \ --name "$BACKEND_APP" \ --resource-group "$RG_NAME" \ --environment "$CONTAINERAPPS_ENV" \ --image "$ACR_LOGIN_SERVER/$BACKEND_IMAGE" \ --target-port 5000 \ --ingress internal \ --transport auto \ --registry-server "$ACR_LOGIN_SERVER" \ --registry-username "$ACR_NAME" \ --registry-password "$ACR_PASSWORD" \ --min-replicas 1 \ --max-replicas 1 \ --cpu 0.25 \ --memory 0.5Gi \ --secrets db-password="$PG_PASSWORD" \ --env-vars \ DB_HOST="$PG_SERVER.postgres.database.azure.com" \ DB_PORT=5432 \ DB_NAME="$PG_DB" \ DB_USER="$PG_ADMIN" \ DB_PASSWORD=secretref:db-password \ DB_SSLMODE=require \ APP_PORT=5000 >/dev/null log "Nasadzujem frontend ako verejnú Container App" delete_containerapp_if_exists "$FRONTEND_APP" az containerapp create \ --name "$FRONTEND_APP" \ --resource-group "$RG_NAME" \ --environment "$CONTAINERAPPS_ENV" \ --image "$ACR_LOGIN_SERVER/$FRONTEND_IMAGE" \ --target-port 80 \ --ingress external \ --transport auto \ --registry-server "$ACR_LOGIN_SERVER" \ --registry-username "$ACR_NAME" \ --registry-password "$ACR_PASSWORD" \ --min-replicas 1 \ --max-replicas 1 \ --cpu 0.25 \ --memory 0.5Gi \ --env-vars BACKEND_URL="http://$BACKEND_APP" >/dev/null FRONTEND_FQDN="$(az containerapp show --name "$FRONTEND_APP" --resource-group "$RG_NAME" --query 'properties.configuration.ingress.fqdn' -o tsv)" cat <