Last active
October 29, 2020 20:44
-
-
Save remojansen/b925e7b86cba628bd1fd9a3e7be060eb to your computer and use it in GitHub Desktop.
Pulumi Azure NextGen Static Website
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import * as pulumi from "@pulumi/pulumi"; | |
import * as azure from "@pulumi/azure"; | |
import * as azure_nextgen from "@pulumi/azure-nextgen"; | |
import * as cdnManagement from "@azure/arm-cdn"; | |
import { ServiceClientCredentials } from "@azure/ms-rest-js"; | |
import * as msRestAzure from "@azure/ms-rest-nodeauth"; | |
export interface StaticWebsiteArgs { | |
customDomain: string; | |
location: string; | |
storageSku: string; | |
} | |
export class StaticWebsite extends pulumi.ComponentResource { | |
readonly resourceGroup: azure_nextgen.resources.latest.ResourceGroup; | |
readonly storageAccount: azure.storage.Account; | |
readonly cdnProfile: azure_nextgen.cdn.latest.Profile; | |
readonly cdnEndpoint: azure_nextgen.cdn.latest.Endpoint; | |
readonly cdnCustomDomain: azure_nextgen.cdn.latest.CustomDomain; | |
readonly cdnEndpointUrl: pulumi.Output<string>; | |
constructor( | |
name: string, | |
args: StaticWebsiteArgs, | |
opts?: pulumi.ResourceOptions | |
) { | |
super("static-website", name, opts); | |
this.resourceGroup = new azure_nextgen.resources.latest.ResourceGroup( | |
name, | |
{ | |
resourceGroupName: name, | |
location: args.location, | |
} | |
); | |
// USE the classic azure provider for the storageaccount creation and website file upload | |
// since ARM and thus nextgen does not support configuring a storageaccount at a static website. | |
this.storageAccount = new azure.storage.Account(name, { | |
resourceGroupName: this.resourceGroup.name, | |
accountReplicationType: "LRS", | |
accountTier: "Standard", | |
accountKind: "StorageV2", | |
staticWebsite: { | |
indexDocument: "index.html", | |
}, | |
}); | |
this.cdnProfile = new azure_nextgen.cdn.latest.Profile(name, { | |
profileName: name, | |
resourceGroupName: this.resourceGroup.name, | |
location: this.resourceGroup.location, | |
sku: { | |
name: "Standard_Microsoft", | |
}, | |
}); | |
this.cdnEndpoint = new azure_nextgen.cdn.latest.Endpoint(name, { | |
endpointName: name, // CDN endpoint {name}.azureedge.net | |
isCompressionEnabled: true, | |
isHttpAllowed: true, | |
isHttpsAllowed: true, | |
location: this.resourceGroup.location, | |
resourceGroupName: this.resourceGroup.name, | |
profileName: this.cdnProfile.name, | |
originHostHeader: this.storageAccount.primaryWebHost, | |
contentTypesToCompress: [ | |
"text/plain", | |
"text/html", | |
"text/css", | |
"text/javascript", | |
"application/x-javascript", | |
"application/javascript", | |
"application/json", | |
"application/xml", | |
"image/png", | |
"image/jpeg", | |
], | |
origins: [ | |
{ | |
enabled: true, | |
name: "cdn-origin", | |
hostName: this.storageAccount.primaryWebHost, | |
httpsPort: 443, | |
httpPort: 80, | |
}, | |
], | |
deliveryPolicy: { | |
rules: [ | |
{ | |
name: "HttpToHttps", | |
order: 1, | |
conditions: [ | |
{ | |
name: "RequestScheme", | |
parameters: { | |
matchValues: ["HTTP"], | |
odataType: | |
"#Microsoft.Azure.Cdn.Models.DeliveryRuleRequestSchemeConditionParameters", | |
operator: "Equal", | |
negateCondition: false, | |
}, | |
}, | |
], | |
actions: [ | |
{ | |
name: "UrlRedirect", | |
parameters: { | |
redirectType: "Found", | |
destinationProtocol: "Https", | |
odataType: | |
"#Microsoft.Azure.Cdn.Models.DeliveryRuleUrlRedirectActionParameters", | |
}, | |
}, | |
], | |
}, | |
], | |
}, | |
}); | |
// CDN endpoint to the website. | |
// Allow it some time after the deployment to get ready. | |
this.cdnEndpointUrl = pulumi.interpolate`https://${this.cdnEndpoint.hostName}`; | |
// Custom domain | |
this.cdnCustomDomain = new azure_nextgen.cdn.latest.CustomDomain(name, { | |
customDomainName: args.customDomain.split(".").join("-dot-"), | |
endpointName: this.cdnEndpoint.name, | |
hostName: args.customDomain, | |
profileName: this.cdnProfile.name, | |
resourceGroupName: this.resourceGroup.name, | |
}); | |
} | |
// TEMP: Solution until httpsEnabled is supported | |
public async enableHttps() { | |
let clientID = azure.config.clientId; | |
let clientSecret = azure.config.clientSecret; | |
let tenantID = azure.config.tenantId; | |
let subscriptionID = azure.config.subscriptionId; | |
if (clientID && clientSecret && tenantID && subscriptionID) { | |
let credentials = await msRestAzure.loginWithServicePrincipalSecret( | |
clientID, | |
clientSecret, | |
tenantID | |
); | |
const cdnClient = new cdnManagement.CdnManagementClient( | |
credentials, | |
subscriptionID | |
); | |
await cdnClient.customDomains.enableCustomHttps( | |
this.resourceGroup.name.get(), | |
this.cdnProfile.name.get(), | |
this.cdnEndpoint.name.get(), | |
this.cdnCustomDomain.name.get() | |
); | |
} | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import { StaticWebsite } from "./azure-atatic-website.ts"; | |
const website = new StaticWebsite("wolkdemo", { | |
customDomain: "demo.wolksoftware.com", | |
location: "North Europe", | |
storageSku: "Standard_LRS", | |
cdnSku: "Standard_Verizon", | |
}); | |
await website.enableHttps(); // TEMP: Solution until httpsEnabled is supported | |
export const cdnEndpointUrl = website.cdnEndpointUrl; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment