graphrag-accelerator/infra/core/scripts/deployment-script.bicep

param name string
param utcValue string
param location string
param subscriptionId string
param tenantid string
param acrserver string
param azure_location string
param azure_acr_login_server string
param azure_acr_name string
param azure_aks_name string
param azure_aks_controlplanefqdn string
param azure_aks_managed_rg string
param azure_aks_service_account_name string
param azure_apim_gateway_url string
param azure_apim_name string
param managed_identity_aks string
param ai_search_name string

param imagename string
param imageversion string
param script_file string


param azure_aoai_endpoint string
param azure_aoai_llm_model string
param azure_aoai_llm_model_deployment_name string
param azure_aoai_llm_model_api_version string
param azure_aoai_embedding_model string
param azure_aoai_embedding_model_deployment_name string
param azure_aoai_embedding_model_api_version string

param azure_app_hostname string
param azure_app_url string
param azure_app_insights_connection_string string

param azure_cosmosdb_endpoint string
param azure_cosmosdb_name string
param azure_cosmosdb_id string
param azure_dns_zone_name string


param azure_storage_account string
param azure_storage_account_blob_url string

param azure_workload_identity_client_id string
param azure_workload_identity_principal_id string
param  azure_workload_identity_name string
param cognitive_services_audience string = 'https://cognitiveservices.azure.com/default'
param public_storage_account_name string
param public_storage_account_key string

var clusterAdminRoleDefinitionId = resourceId('Microsoft.Authorization/roleDefinitions', '0ab0b1a8-8aac-4efd-b8c2-3ee1fb270be8')

// Resources
resource aksCluster 'Microsoft.ContainerService/managedClusters@2022-11-02-preview' existing = {
  name: azure_aks_name
}

resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2023-01-31' = {
  name: uniqueString(resourceGroup().id)
  location: location
}


resource clusterAdminContributorRoleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = {
  name:  guid(managed_identity_aks, aksCluster.id, clusterAdminRoleDefinitionId)
  scope: aksCluster
  properties: {
    roleDefinitionId: clusterAdminRoleDefinitionId
    principalId: managedIdentity.properties.principalId
    principalType: 'ServicePrincipal'
  }
}

resource deploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01'= {
  name: name
  location: location
  kind: 'AzureCLI'
  identity: {
    type: 'UserAssigned'
    userAssignedIdentities: {
      '${managedIdentity.id}': {}
    }
  }
  properties: {
    storageAccountSettings: {
      storageAccountName: public_storage_account_name
      storageAccountKey: public_storage_account_key
    }
    forceUpdateTag: utcValue
    azCliVersion: '2.7.0'
    timeout: 'PT1H'
    environmentVariables: [
        {
        name: 'AZURE_SUBSCRIPTION_ID'
        value: subscriptionId
        }
        {
        name: 'AZURE_TENANT_ID'
        value: tenantid
        }
        {
        name: 'ACR_SERVER'
        value: acrserver
        }
        {
        name: 'AZURE_LOCATION'
        value: azure_location
        }
        {
        name: 'AZURE_ACR_LOGIN_SERVER'
        value: azure_acr_login_server
        }
        {
        name: 'AZURE_ACR_NAME'
        value: azure_acr_name
        }
        {
        name: 'AZURE_AKS_NAME'
        value: azure_aks_name
        }
        {
        name: 'AZURE_AKS_CONTROLPLANEFQDN'
        value: azure_aks_controlplanefqdn
        }
        {
        name: 'AZURE_AKS_MANAGED_RG'
        value: azure_aks_managed_rg
        }
        {
        name: 'AZURE_AKS_SERVICE_ACCOUNT_NAME'
        value: azure_aks_service_account_name
        }
        {
        name: 'AZURE_APIM_GATEWAY_URL'
        value: azure_apim_gateway_url
        }
        {
        name: 'AZURE_APIM_NAME'
        value: azure_apim_name
        }
        {
          name: 'MANAGED_IDENTITY_AKS'
          value: managed_identity_aks

        }
        {
          name: 'IMAGE_NAME'
          value: imagename
        }
        {
            name: 'IMAGE_VERSION'
            value: imageversion
        }
        {
          name: 'AI_SEARCH_NAME'
          value: ai_search_name
      }


      { 
        name: 'AZURE_AOAI_LLM_MODEL' 
        value: azure_aoai_llm_model 
      }
  { 
    name: 'AZURE_AOAI_LLM_MODEL_DEPLOYMENT_NAME'
    value: azure_aoai_llm_model_deployment_name 
  }
  { 
    name: 'AZURE_AOAI_LLM_MODEL_API_VERSION' 
    value: azure_aoai_llm_model_api_version 
  }
  { 
      name: 'AZURE_AOAI_EMBEDDING_MODEL' 
      value: azure_aoai_embedding_model 
  }
  { 
    name: 'AZURE_AOAI_EMBEDDING_MODEL_DEPLOYMENT_NAME'
    value: azure_aoai_embedding_model_deployment_name 
}
  { name: 'AZURE_AOAI_EMBEDDING_MODEL_API_VERSION'
  value: azure_aoai_embedding_model_api_version
}
  { name: 'AZURE_APP_HOSTNAME' 
  value: azure_app_hostname 
}
  { name: 'AZURE_APP_URL' 
  value: azure_app_url 
}
  { name: 'AZURE_APP_INSIGHTS_CONNECTION_STRING' 
  value: azure_app_insights_connection_string 
}
  { name: 'AZURE_COSMOSDB_ENDPOINT' 
  
  value: azure_cosmosdb_endpoint }
  { name: 'AZURE_COSMOSDB_NAME' 
  value: azure_cosmosdb_name
  }
  { name: 'AZURE_COSMOSDB_ID' 
  value: azure_cosmosdb_id 
}
  { name: 'AZURE_DNS_ZONE_NAME' 
  value: azure_dns_zone_name 
}
  { name: 'AZURE_STORAGE_ACCOUNT' 
  value: azure_storage_account 
}
  { name: 'AZURE_STORAGE_ACCOUNT_BLOB_URL' 
  value: azure_storage_account_blob_url 
}
  { 
    name: 'AZURE_WORKLOAD_IDENTITY_CLIENT_ID' 
  value: azure_workload_identity_client_id
}
  { 
    name: 'AZURE_WORKLOAD_IDENTITY_PRINCIPAL_ID'
  value: azure_workload_identity_principal_id 
}
  { 
    name: 'AZURE_WORKLOAD_IDENTITY_NAME'
  value: azure_workload_identity_name 
}
  { 
    name: 'COGNITIVE_SERVICES_AUDIENCE'
  value: cognitive_services_audience 
}
  {   
    name: 'AZURE_OPENAI_ENDPOINT'
  
    value: azure_aoai_endpoint 
  }

  {   
    name: 'AZURE_RESOURCE_GROUP'
  
    value: resourceGroup().name 
  }
        
    
      ]
    cleanupPreference: 'OnSuccess'
    retentionInterval: 'P1D'
    //primaryScriptUri: primaryScriptUri
    scriptContent:script_file
    }
    dependsOn: [
      aksCluster
    ]

}