This change allows the SQL server password to be fetched during pipeline runtime to allow easier rotation of the secret.
Breaking change to sql-dacpac-deploy.yml. Removed ${{ parameters.SqlPassword }} which is passed into template from service pipelines, no longer required when using AZ CLI. Any pipeline using this template will need to remove the parameter before bumping to this version.
Added applicaton insights failed request template and get product app insights infomation step
Setting default value of WEBSITE_ADD_SITENAME_BINDINGS_IN_APPHOST_CONFIG to 1
Added encrypyion at host property on AKS and AKS node pools
Adding the health check property to app-service-v2.json
Addition to the role-assignments.json, created a template for Log Analytics role assignment
Updated SonarCloud config to use the latest version currently 2.x
Removed unused azure-pipelines-templates/deploy/job/arm-deploy.yml and moved placeholder file.
templates/cosmos-db.json: Set backupPolicy to Continuous mode (30 days) for Azure Cosmos DB accounts.
Migrated from azure-pipelines.yml to .github/workflows/release.yml to avoid PAT token usage.
Addition to the app-build.yml azure-pipelines-template to comment on a Pull Request if the Package Scanning step detects any vulnerabilities.
Addition of two azure-pipelines-templates to allow app services including function apps to whitelist and remove the whilist of the pipeline agents.
Needed for automation test suite pipelines.
Two new building block templates added to allow pipelines to be whitelisted on a singular or multiple app services and then be removed again.
Addition of the following files -
Breaking change to generate-config.yml. Additional parameters have been added to this step template and changes have been made to the way secrets are handled. When updating to version 2 or beyond you will need to add EnvironmentName, StorageAccountName & StorageResourceGroup inputs. You will also need to map any secret variables that are used in config generation in the ConfigurationSecrets variable. Typically your call to the step template should look something like:
- template: azure-pipelines-templates/deploy/step/generate-config.yml@das-platform-building-blocks
parameters:
EnvironmentName: $(EnvironmentName)
ServiceConnection: ${{ parameters.ServiceConnection }}
SourcePath: $(Pipeline.Workspace)/das-employer-config/Configuration/das-foo-web
StorageAccountName: $(ConfigurationStorageAccountName)
StorageAccountResourceGroup: $(SharedEnvResourceGroup)
ConfigurationSecrets:
FooSecretConnectionString: $(FooSecretConnectionString)
BarSecretKey: $(BarSecretKey)
Start of changelog