'Me', a technology demonstration

A rewrite of Microsofts Microservice reference project to demonstrate full-stack aspects of a microservice based solution hosted in Azure.

Environment

• Azure Container Apps - IaaS, easy orchestration, scalable, pay-as-you-go. NET Core 8.x preview
• Azure API Management
• Bicep provisioning
• Docker Container Registry
• GitHub Actions CI/CD
• AAD B2C - Customer identity access management (CIAM).
• Azure Blob Storage - login customization
• MariaDb Container App service for demo purposes
• RabbitMQ Event Bus Container App service for demo purposes
• Redis Container App service for demo purposes
• Angular v16 SPA with Tailwind CSS
• Stripe for order checkout (using integrated intent instead of redirect)
• gRPC - currently restricted in Azure Container Apps
• SignalR - connected after login, APIM limitations with consumption plans
• Webhooks - from Stripe for fulfillment (only wired up "Paid" webhook for now, many more available)
• Unity - The Showroom experience uses ECS/DOTS, compiled to WebGL with javascript hooks (code managed separately)

Notes

• The steps below were established on a Windows 10 machine
• The Azure resources can be configured to auto scale based upon demand
• Global scaling can be configured using a geode or stamped pattern
• Azure hosting for demo is configured with free or consumption plans, some of which scale to 0 when unused. Initial perfomance might lag as services "wake up".

Currently working on

• Link to current version
• I'm expanding the AI assited navigation in Showroom. The current demo dynamically renders over 2000 objects that connect with each other based upon proximity. Later, I'm planning on ChatGPT integration for context based guided navigation.

Deploying Me

General prereqs

• Stripe dev account - bicep secure parameters will prompt you
• Docker - used by Bicep and Github CI/CD

Local

After cloning Me

docker-compose up
cd Frontends/Angular/Me
npm install
npm run start (for Node server)
npm run swa   (for Azure Static Web App emulator)

Azure

Prereqs

Deploying Me to Azure requires:

1. Azure account (Free is fine)
2. [az CLI]

Fork Me

Me uses GitHub Actions for CI/CD so you'll need your own copy

After provisioning the Me infrastructure (below) we'll configure the GitHub environment to enable Actions to deploy the Container Apps and Angular frontends.

Clone Me

So you can run the scripts

Push initial images to Docker

Upload to Docker a "latest" version of the initial images. The provisioning that follows will pull them and import the APIs into APIM.

./uploadDockerImages.ps1 your-docker-login

Provision Me

Create the Azure infrastructure for Me in an Azure Resource Group of your choosing¹. Confirm the Azure resources are all available in the location you choose (I used eastus).

az configure --defaults group=your-resource-group
az deployment group create --template-file bicep/main.bicep

Note: AAD B2C infrastructure is not yet part of automated provisioning. It requires manual provision and config. (claims, apis, scopes)

GitHub Actions CI/CD Repository Secrets

The following Repository Secrets support CI/CD deployments:

• DOCKERHUB_TOKEN - Container images will be pushed to Docker
• DOCKERHUB_USERNAME
• AZURE_SUBSCRIPTION_ID - Azure Container App Revisions will pull images from Docker (Supports OIDC login)
• AZURE_TENANT_ID - (Supports OIDC login)
• STATIC_WEB_APP_DEPLOY_TOKEN

GitHub Actions CI/CD Environment Secrets (dev)

The following Environment Secrets support the beginning of CI/CD dev/prod isolation

• AZURE_CLIENT_ID - User Assigned Identity "uai-GitHubOIDC" provisioned above -> Settings -> Properties
• STORAGE_ACCOUNT_KEY - For login customization deployment

Testing

• Verify the .github/*.yml env variables match your configuration
• You might want to comment out "on: push: paths:" from GitHub yml files to force CI/CD to run
• Test APIs that were imported into APIM
• Open Container App console in Azure portal and curl the APIs, view the logs. The Container Apps are configured to scale to 0. An APIM call will wake them.
• Navigate to your static web app.

That's it so far

Container Apps Environment is external. Container Apps ingress is limited to APIM and internal container services. The containers have curl installed for quick API checks but you can change ingress to allow public access. EventBus and gRPC enable inter-service communication. APIM connects to the Container Apps as Backend Services. CORS is handled in APIM.

TO DO

• Improve mobile UI
• Fulfillment integration
• Full catalog with paging, eliminate dead links
• Customize profile form?
• Script AAD-B2C environment provisioning
• Implement semantic-release versioning

Thanks

A quick shoutout to a few of my heavier influencers

• [Les Jackson]
• [Cristian Mihal]

¹ The Azure Container Apps Managed Environment creates an additional Resource Group for Kubernetes that it controls