Postgres to Azure via CDK

Directory.Packages.props

@@ -25,7 +25,7 @@
     <PackageVersion Include="Azure.ResourceManager.Authorization" Version="1.2.0-alpha.20240227.2" />
     <PackageVersion Include="Azure.ResourceManager.KeyVault" Version="1.3.0-alpha.20240222.2" />
     <PackageVersion Include="Azure.ResourceManager.Resources" Version="1.8.0-alpha.20240222.2" />
-    <PackageVersion Include="Azure.Provisioning" Version="1.0.0-alpha.20240305.3" />
+    <PackageVersion Include="Azure.Provisioning" Version="1.0.0-alpha.20240307.2" />
     <!-- ASP.NET Core dependencies -->
     <PackageVersion Include="Microsoft.AspNetCore.OpenApi" Version="$(MicrosoftAspNetCoreOpenApiPackageVersion)" />
     <PackageVersion Include="Microsoft.AspNetCore.OutputCaching.StackExchangeRedis" Version="$(MicrosoftAspNetCoreOutputCachingStackExchangeRedisPackageVersion)" />

playground/cdk/CdkSample.ApiService/CdkSample.ApiService.csproj

@@ -10,6 +10,7 @@
     <ProjectReference Include="..\..\..\src\Components\Aspire.Azure.Security.KeyVault\Aspire.Azure.Security.KeyVault.csproj" />
     <ProjectReference Include="..\..\..\src\Components\Aspire.Azure.Storage.Blobs\Aspire.Azure.Storage.Blobs.csproj" />
     <ProjectReference Include="..\..\..\src\Components\Aspire.Microsoft.EntityFrameworkCore.SqlServer\Aspire.Microsoft.EntityFrameworkCore.SqlServer.csproj" />
+    <ProjectReference Include="..\..\..\src\Components\Aspire.Npgsql.EntityFrameworkCore.PostgreSQL\Aspire.Npgsql.EntityFrameworkCore.PostgreSQL.csproj" />
     <ProjectReference Include="..\..\..\src\Components\Aspire.StackExchange.Redis\Aspire.StackExchange.Redis.csproj" />
     <ProjectReference Include="..\..\Playground.ServiceDefaults\Playground.ServiceDefaults.csproj" />
   </ItemGroup>

playground/cdk/CdkSample.ApiService/Program.cs

@@ -15,17 +15,19 @@
 builder.AddSqlServerDbContext<SqlContext>("sqldb");
 builder.AddAzureKeyVaultClient("mykv");
 builder.AddRedisClient("cache");
+builder.AddNpgsqlDbContext<NpgsqlContext>("pgsqldb");
 
 var app = builder.Build();
 
-app.MapGet("/", async (BlobServiceClient bsc, SqlContext context, SecretClient sc, IConnectionMultiplexer connection) =>
+app.MapGet("/", async (BlobServiceClient bsc, SqlContext sqlContext, SecretClient sc, IConnectionMultiplexer connection, NpgsqlContext npgsqlContext) =>
 {
     return new
     {
         redisEntries = await TestRedisAsync(connection),
         secretChecked = await TestSecretAsync(sc),
         blobFiles = await TestBlobStorageAsync(bsc),
-        sqlRows = await TestSqlServerAsync(context)
+        sqlRows = await TestSqlServerAsync(sqlContext),
+        npgsqlRows = await TestNpgsqlAsync(npgsqlContext),
     };
 });
 app.Run();
@@ -89,10 +91,28 @@ static async Task<List<Entry>> TestSqlServerAsync(SqlContext context)
     return entries;
 }
 
+static async Task<List<Entry>> TestNpgsqlAsync(NpgsqlContext context)
+{
+    await context.Database.EnsureCreatedAsync();
+
+    var entry = new Entry();
+    await context.Entries.AddAsync(entry);
+    await context.SaveChangesAsync();
+
+    var entries = await context.Entries.ToListAsync();
+    return entries;
+}
+
+public class NpgsqlContext(DbContextOptions<NpgsqlContext> options) : DbContext(options)
+{
+    public DbSet<Entry> Entries { get; set; }
+}
+
 public class SqlContext(DbContextOptions<SqlContext> options) : DbContext(options)
 {
     public DbSet<Entry> Entries { get; set; }
 }
+
 public class Entry
 {
     public Guid Id { get; set; } = Guid.NewGuid();

playground/cdk/CdkSample.AppHost/Program.cs

@@ -28,11 +28,20 @@
 
 var cache = builder.AddRedis("cache").AsAzureRedisConstruct();
 
+var pgsqlAdministratorLogin = builder.AddParameter("pgsqlAdministratorLogin");
+var pgsqlAdministratorLoginPassword = builder.AddParameter("pgsqlAdministratorLoginPassword", secret: true);
+var pgsqldb = builder.AddPostgres("pgsql")
+                   .AsAzurePostgresFlexibleServerConstruct(pgsqlAdministratorLogin, pgsqlAdministratorLoginPassword)
+                   .AddDatabase("pgsqldb");
+
+var pgsql2 = builder.AddPostgres("pgsql2").AsAzurePostgresFlexibleServerConstruct();
+
 builder.AddProject<Projects.CdkSample_ApiService>("api")
        .WithReference(blobs)
        .WithReference(sqldb)
        .WithReference(keyvault)
-       .WithReference(cache);
+       .WithReference(cache)
+       .WithReference(pgsqldb);
 
 // This project is only added in playground projects to support development/debugging
 // of the dashboard. It is not required in end developer code. Comment out this code

playground/cdk/CdkSample.AppHost/aspire-manifest.json

@@ -48,6 +48,17 @@
       "params": {
         "principalId": "",
         "principalName": ""
+      },
+      "inputs": {
+        "password": {
+          "type": "string",
+          "secret": true,
+          "default": {
+            "generate": {
+              "minLength": 10
+            }
+          }
+        }
       }
     },
     "sqldb": {
@@ -73,6 +84,81 @@
         "keyVaultName": ""
       }
     },
+    "pgsqlAdministratorLogin": {
+      "type": "parameter.v0",
+      "value": "{pgsqlAdministratorLogin.inputs.value}",
+      "inputs": {
+        "value": {
+          "type": "string"
+        }
+      }
+    },
+    "pgsqlAdministratorLoginPassword": {
+      "type": "parameter.v0",
+      "value": "{pgsqlAdministratorLoginPassword.inputs.value}",
+      "inputs": {
+        "value": {
+          "type": "string",
+          "secret": true
+        }
+      }
+    },
+    "pgsql": {
+      "type": "azure.bicep.v0",
+      "connectionString": "{pgsql.secretOutputs.connectionString}",
+      "path": "pgsql.module.bicep",
+      "params": {
+        "principalId": "",
+        "keyVaultName": "",
+        "administratorLogin": "{pgsqlAdministratorLogin.value}",
+        "administratorLoginPassword": "{pgsqlAdministratorLoginPassword.value}"
+      },
+      "inputs": {
+        "password": {
+          "type": "string",
+          "secret": true,
+          "default": {
+            "generate": {
+              "minLength": 10
+            }
+          }
+        }
+      }
+    },
+    "pgsqldb": {
+      "type": "value.v0",
+      "connectionString": "{pgsql.connectionString};Database=pgsqldb"
+    },
+    "pgsql2": {
+      "type": "azure.bicep.v0",
+      "connectionString": "{pgsql2.secretOutputs.connectionString}",
+      "path": "pgsql2.module.bicep",
+      "params": {
+        "principalId": "",
+        "keyVaultName": "",
+        "administratorLogin": "{pgsql2.inputs.username}",
+        "administratorLoginPassword": "{pgsql2.inputs.password}"
+      },
+      "inputs": {
+        "password": {
+          "type": "string",
+          "secret": true,
+          "default": {
+            "generate": {
+              "minLength": 10
+            }
+          }
+        },
+        "username": {
+          "type": "string",
+          "default": {
+            "generate": {
+              "minLength": 10
+            }
+          }
+        }
+      }
+    },
     "api": {
       "type": "project.v0",
       "path": "../CdkSample.ApiService/CdkSample.ApiService.csproj",
@@ -82,7 +168,8 @@
         "ConnectionStrings__blobs": "{blobs.connectionString}",
         "ConnectionStrings__sqldb": "{sqldb.connectionString}",
         "ConnectionStrings__mykv": "{mykv.connectionString}",
-        "ConnectionStrings__cache": "{cache.connectionString}"
+        "ConnectionStrings__cache": "{cache.connectionString}",
+        "ConnectionStrings__pgsqldb": "{pgsqldb.connectionString}"
       },
       "bindings": {
         "http": {

playground/cdk/CdkSample.AppHost/aspire.hosting.azure.bicep.postgres.bicep

@@ -0,0 +1,68 @@
+param administratorLogin string
+param keyVaultName string
+
+@secure()
+param administratorLoginPassword string
+param location string = resourceGroup().location
+param serverName string
+param serverEdition string = 'Burstable'
+param skuSizeGB int = 32
+param dbInstanceType string = 'Standard_B1ms'
+param haMode string = 'Disabled'
+param availabilityZone string = '1'
+param version string = '16'
+param databases array = []
+
+var resourceToken = uniqueString(resourceGroup().id)
+
+resource pgserver 'Microsoft.DBforPostgreSQL/flexibleServers@2021-06-01' = {
+    name: '${serverName}-${resourceToken}'
+    location: location
+    sku: {
+        name: dbInstanceType
+        tier: serverEdition
+    }
+    properties: {
+        version: version
+        administratorLogin: administratorLogin
+        administratorLoginPassword: administratorLoginPassword
+        network: {
+            delegatedSubnetResourceId: null
+            privateDnsZoneArmResourceId: null
+        }
+        highAvailability: {
+            mode: haMode
+        }
+        storage: {
+            storageSizeGB: skuSizeGB
+        }
+        backup: {
+            backupRetentionDays: 7
+            geoRedundantBackup: 'Disabled'
+        }
+        availabilityZone: availabilityZone
+    }
+
+    resource firewallRules 'firewallRules@2021-06-01' = {
+        name: 'fw-pg-localdev'
+        properties: {
+            startIpAddress: '0.0.0.0'
+            endIpAddress: '255.255.255.255'
+        }
+    }
+
+    resource database 'databases@2021-06-01' = [for name in databases: {
+        name: name
+    }]
+}
+
+resource vault 'Microsoft.KeyVault/vaults@2023-07-01' existing = {
+    name: keyVaultName
+
+    resource secret 'secrets@2023-07-01' = {
+        name: 'connectionString'
+        properties: {
+            value: 'Host=${pgserver.properties.fullyQualifiedDomainName};Username=${administratorLogin};Password=${administratorLoginPassword}'
+        }
+    }
+}

playground/cdk/CdkSample.AppHost/cache.module.bicep

@@ -1,13 +1,13 @@
 targetScope = 'resourceGroup'
 
 @description('')
-param principalId string
+param location string = resourceGroup().location
 
 @description('')
 param keyVaultName string
 
 @description('')
-param location string = resourceGroup().location
+param principalId string
 
 
 resource keyVault_IeF8jZvXV 'Microsoft.KeyVault/vaults@2023-02-01' existing = {

playground/cdk/CdkSample.AppHost/mykv.module.bicep

@@ -1,13 +1,13 @@
 targetScope = 'resourceGroup'
 
 @description('')
-param principalId string
+param location string = resourceGroup().location
 
 @description('')
-param principalType string
+param principalId string
 
 @description('')
-param location string = resourceGroup().location
+param principalType string
 
 @description('')
 param signaturesecret string

playground/cdk/CdkSample.AppHost/pgsql.module.bicep

@@ -0,0 +1,72 @@
+targetScope = 'resourceGroup'
+
+@description('')
+param location string = resourceGroup().location
+
+@description('')
+param administratorLogin string
+
+@secure()
+@description('')
+param administratorLoginPassword string
+
+@description('')
+param principalId string
+
+@description('')
+param keyVaultName string
+
+
+resource keyVault_IeF8jZvXV 'Microsoft.KeyVault/vaults@2023-02-01' existing = {
+  name: keyVaultName
+}
+
+resource postgreSqlFlexibleServer_UTKFzAL0U 'Microsoft.DBforPostgreSQL/flexibleServers@2022-12-01' = {
+  name: toLower(take(concat('pgsql', uniqueString(resourceGroup().id)), 24))
+  location: location
+  sku: {
+    name: 'Standard_B1ms'
+    tier: 'Burstable'
+  }
+  properties: {
+    administratorLogin: administratorLogin
+    administratorLoginPassword: administratorLoginPassword
+    version: '16'
+    storage: {
+      storageSizeGB: 32
+    }
+    backup: {
+      backupRetentionDays: 7
+      geoRedundantBackup: 'Disabled'
+    }
+    highAvailability: {
+      mode: 'Disabled'
+    }
+    availabilityZone: '1'
+  }
+}
+
+resource postgreSqlFirewallRule_TT2MuwakC 'Microsoft.DBforPostgreSQL/flexibleServers/firewallRules@2023-03-01-preview' = {
+  parent: postgreSqlFlexibleServer_UTKFzAL0U
+  name: 'AllowAllAzureIps'
+  properties: {
+    startIpAddress: '0.0.0.0'
+    endIpAddress: '0.0.0.0'
+  }
+}
+
+resource postgreSqlFlexibleServerDatabase_MVhrhEeMJ 'Microsoft.DBforPostgreSQL/flexibleServers/databases@2022-12-01' = {
+  parent: postgreSqlFlexibleServer_UTKFzAL0U
+  name: 'pgsqldb'
+  properties: {
+  }
+}
+
+resource keyVaultSecret_Ddsc3HjrA 'Microsoft.KeyVault/vaults/secrets@2023-02-01' = {
+  parent: keyVault_IeF8jZvXV
+  name: 'connectionString'
+  location: location
+  properties: {
+    value: 'Host=${postgreSqlFlexibleServer_UTKFzAL0U.properties.fullyQualifiedDomainName};Username=${administratorLogin};Password=${administratorLoginPassword}'
+  }
+}