pulumi-django-azure 1.0.16__py3-none-any.whl → 1.0.18__py3-none-any.whl

pulumi_django_azure/django_deployment.py

@@ -65,12 +65,14 @@ class DjangoDeployment(pulumi.ComponentResource):
         vnet: azure.network.VirtualNetwork,
         pgsql_sku: azure.dbforpostgresql.SkuArgs,
         pgsql_ip_prefix: str,
-        appservice_ip_prefix: str,
+        app_service_ip_prefix: str,
         app_service_sku: azure.web.SkuDescriptionArgs,
         storage_account_name: str,
         storage_allowed_origins: Optional[Sequence[str]] = None,
         pgadmin_access_ip: Optional[Sequence[str]] = None,
         pgadmin_dns_zone: Optional[azure.network.Zone] = None,
+        cache_ip_prefix: Optional[str] = None,
+        cache_sku: Optional[azure.cache.SkuArgs] = None,
         cdn_host: Optional[HostDefinition] = None,
         opts=None,
     ):
@@ -83,12 +85,14 @@ class DjangoDeployment(pulumi.ComponentResource):
         :param vnet: The virtual network to create the subnets in.
         :param pgsql_sku: The SKU for the PostgreSQL server.
         :param pgsql_ip_prefix: The IP prefix for the PostgreSQL subnet.
-        :param appservice_ip_prefix: The IP prefix for the app service subnet.
+        :param app_service_ip_prefix: The IP prefix for the app service subnet.
         :param app_service_sku: The SKU for the app service plan.
         :param storage_account_name: The name of the storage account. Should be unique across Azure.
         :param storage_allowed_origins: The origins (hosts) to allow access through CORS policy. You can specify '*' to allow all.
         :param pgadmin_access_ip: The IP addresses to allow access to pgAdmin. If empty, all IP addresses are allowed.
         :param pgadmin_dns_zone: The Azure DNS zone to a pgadmin DNS record in. (optional)
+        :param cache_ip_prefix: The IP prefix for the cache subnet. (optional)
+        :param cache_sku: The SKU for the cache. (optional)
         :param cdn_host: A custom CDN host name. (optional)
         :param opts: The resource options
         """
@@ -110,10 +114,16 @@ class DjangoDeployment(pulumi.ComponentResource):
         # PostgreSQL resources
         self._create_database(sku=pgsql_sku, ip_prefix=pgsql_ip_prefix)
 
+        # Cache resources
+        if cache_ip_prefix and cache_sku:
+            self._create_cache(sku=cache_sku, ip_prefix=cache_ip_prefix)
+        else:
+            self._cache = None
+
         # Subnet for the apps
         self._app_subnet = self._create_subnet(
             name="app-service",
-            prefix=appservice_ip_prefix,
+            prefix=app_service_ip_prefix,
             delegation_service="Microsoft.Web/serverFarms",
             service_endpoints=["Microsoft.Storage"],
         )
@@ -299,6 +309,85 @@ class DjangoDeployment(pulumi.ComponentResource):
 
         pulumi.export("pgsql_host", self._pgsql.fully_qualified_domain_name)
 
+    def _create_cache(self, sku: azure.cache.SkuArgs, ip_prefix: str):
+        # Create a Redis cache
+        self._cache = azure.cache.Redis(
+            f"cache-{self._name}",
+            resource_group_name=self._rg,
+            sku=sku,
+            enable_non_ssl_port=False,
+            public_network_access=azure.cache.PublicNetworkAccess.DISABLED,
+        )
+
+        # Create an access policy that gives us access to the cache
+        self._cache_access_policy = azure.cache.AccessPolicy(
+            f"cache-access-policy-{self._name}",
+            resource_group_name=self._rg,
+            cache_name=self._cache.name,
+            # Same as the built in Data Contributor policy
+            permissions="+@all -@dangerous +cluster|info +cluster|nodes +cluster|slots allkeys",
+        )
+
+        # Allocate a subnet for the cache
+        subnet = self._create_subnet(
+            name="cache",
+            prefix=ip_prefix,
+        )
+
+        # Create a private DNS zone for the cache
+        dns = azure.network.PrivateZone(
+            f"dns-cache-{self._name}",
+            resource_group_name=self._rg,
+            location="global",
+            private_zone_name="privatelink.redis.cache.windows.net",
+        )
+
+        # Link the private DNS zone to the VNet in order to make resolving work
+        azure.network.VirtualNetworkLink(
+            f"vnet-link-cache-{self._name}",
+            resource_group_name=self._rg,
+            location="global",
+            private_zone_name=dns.name,
+            virtual_network=azure.network.SubResourceArgs(id=self._vnet.id),
+            registration_enabled=True,
+        )
+
+        # Create a private endpoint for the cache
+        endpoint = azure.network.PrivateEndpoint(
+            f"private-endpoint-cache-{self._name}",
+            resource_group_name=self._rg,
+            subnet=azure.network.SubnetArgs(id=subnet.id),
+            custom_network_interface_name=f"nic-cache-{self._name}",
+            private_link_service_connections=[
+                azure.network.PrivateLinkServiceConnectionArgs(
+                    name=f"pls-cache-{self._name}",
+                    private_link_service_id=self._cache.id,
+                    group_ids=["redisCache"],
+                )
+            ],
+        )
+
+        # Get the private IP address of the endpoint NIC
+        ip = endpoint.network_interfaces.apply(
+            lambda nics: azure.network.get_network_interface(
+                network_interface_name=nics[0].id.split("/")[-1],
+                resource_group_name=self._rg,
+            )
+            .ip_configurations[0]
+            .private_ip_address
+        )
+
+        # Create a DNS record for the cache
+        azure.network.PrivateRecordSet(
+            f"dns-a-cache-{self._name}",
+            resource_group_name=self._rg,
+            private_zone_name=dns.name,
+            relative_record_set_name=self._cache.name,
+            record_type="A",
+            ttl=300,
+            a_records=[azure.network.ARecordArgs(ipv4_address=ip)],
+        )
+
     def _create_subnet(
         self,
         name,
@@ -329,7 +418,8 @@ class DjangoDeployment(pulumi.ComponentResource):
             resource_group_name=self._rg,
             virtual_network_name=self._vnet.name,
             address_prefix=prefix,
-            delegations=[delegation_service],
+            # We cannot pass an empty list to the delegations parameter, so either list or None
+            delegations=[delegation_service] if delegation_service else None,
             service_endpoints=service_endpoints,
         )
 
@@ -562,7 +652,7 @@ class DjangoDeployment(pulumi.ComponentResource):
 
         # DKIM records (two CNAME records)
         for record in ("d_kim", "d_kim2"):
-            if host.host == "@":
+            if host.host == "@":  # noqa: SIM108
                 relative_record_set_name = records[record]["name"]
             else:
                 relative_record_set_name = f"{records[record]['name']}.{host.host}"
@@ -751,7 +841,9 @@ class DjangoDeployment(pulumi.ComponentResource):
         secrets: Optional[dict[str, str]] = None,
         comms_data_location: Optional[str] = None,
         comms_domains: Optional[list[HostDefinition]] = None,
+        dedicated_app_service_sku: Optional[azure.web.SkuDescriptionArgs] = None,
         vault_administrators: Optional[list[str]] = None,
+        cache_db: Optional[int] = None,
     ) -> azure.web.WebApp:
         """
         Create a Django website with it's own database and storage containers.
@@ -768,7 +860,9 @@ class DjangoDeployment(pulumi.ComponentResource):
             and the name of the secret in the Key Vault.
         :param comms_data_location: The data location for the Communication Services (optional if you don't need it).
         :param comms_domains: The list of custom domains for the E-mail Communication Services (optional).
-        :param vault_administrator: The principal ID of the vault administrator (optional).
+        :param dedicated_app_service_sku: The SKU for the dedicated App Service Plan (optional).
+        :param vault_administrators: The principal IDs of the vault administrators (optional).
+        :param cache_db: The index of the cache database to use (optional).
         """
 
         # Create a database
@@ -817,6 +911,12 @@ class DjangoDeployment(pulumi.ComponentResource):
             s = self._add_webapp_secret(vault, env_name, config_name, f"{name}-{self._name}")
             environment_variables[f"{env_name}_SECRET_NAME"] = s.name
 
+        # Cache
+        if self._cache and cache_db:
+            environment_variables["REDIS_CACHE_HOST"] = self._cache.host_name
+            environment_variables["REDIS_CACHE_PORT"] = self._cache.ssl_port.apply(lambda port: str(port))
+            environment_variables["REDIS_CACHE_DB"] = str(cache_db)
+
         # Create a Django Secret Key (random)
         secret_key = pulumi_random.RandomString(f"django-secret-{name}-{self._name}", length=50)
 
@@ -831,10 +931,22 @@ class DjangoDeployment(pulumi.ComponentResource):
 
         allowed_hosts = pulumi.Output.concat(*[pulumi.Output.concat(host.full_host, ",") for host in website_hosts])
 
+        # Create a dedicated App Service Plan if requested
+        if dedicated_app_service_sku:
+            app_service_plan = azure.web.AppServicePlan(
+                f"asp-{self._name}-{name}",
+                resource_group_name=self._rg,
+                kind="Linux",
+                reserved=True,
+                sku=dedicated_app_service_sku,
+            )
+        else:
+            app_service_plan = self._app_service_plan
+
         app = azure.web.WebApp(
             f"app-{name}-{self._name}",
             resource_group_name=self._rg,
-            server_farm_id=self._app_service_plan.id,
+            server_farm_id=app_service_plan.id,
             virtual_network_subnet_id=self._app_subnet.id,
             identity=azure.web.ManagedServiceIdentityArgs(
                 type=azure.web.ManagedServiceIdentityType.SYSTEM_ASSIGNED,
@@ -863,14 +975,8 @@ class DjangoDeployment(pulumi.ComponentResource):
                     # Vault settings
                     azure.web.NameValuePairArgs(name="AZURE_KEY_VAULT", value=vault.name),
                     # Storage settings
-                    azure.web.NameValuePairArgs(
-                        name="AZURE_STORAGE_ACCOUNT_NAME",
-                        value=self._storage_account.name,
-                    ),
-                    azure.web.NameValuePairArgs(
-                        name="AZURE_STORAGE_CONTAINER_STATICFILES",
-                        value=static_container.name,
-                    ),
+                    azure.web.NameValuePairArgs(name="AZURE_STORAGE_ACCOUNT_NAME", value=self._storage_account.name),
+                    azure.web.NameValuePairArgs(name="AZURE_STORAGE_CONTAINER_STATICFILES", value=static_container.name),
                     azure.web.NameValuePairArgs(name="AZURE_STORAGE_CONTAINER_MEDIA", value=media_container.name),
                     # CDN
                     azure.web.NameValuePairArgs(name="CDN_HOST", value=self._cdn_host),
@@ -1010,6 +1116,17 @@ class DjangoDeployment(pulumi.ComponentResource):
             scope=self._storage_account.id,
         )
 
+        # Grant the app access to the cache if needed
+        if self._cache and cache_db:
+            azure.cache.AccessPolicyAssignment(
+                f"ra-{name}-cache",
+                resource_group_name=self._rg,
+                cache_name=self._cache.name,
+                object_id=principal_id,
+                object_id_alias=f"app-{name}-managed-identity",
+                access_policy_name=self._cache_access_policy.name,
+            )
+
         # Grant the app to send e-mails
         if comms:
             comms_role = comms.id.apply(

{pulumi_django_azure-1.0.16.dist-info → pulumi_django_azure-1.0.18.dist-info}/LICENSE

@@ -18,4 +18,4 @@ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
+SOFTWARE.

{pulumi_django_azure-1.0.16.dist-info → pulumi_django_azure-1.0.18.dist-info}/METADATA

@@ -1,6 +1,6 @@
-Metadata-Version: 2.1
+Metadata-Version: 2.2
 Name: pulumi-django-azure
-Version: 1.0.16
+Version: 1.0.18
 Summary: Simply deployment of Django on Azure with Pulumi
 Author-email: Maarten Ureel <maarten@youreal.eu>
 License: MIT License
@@ -33,9 +33,9 @@ Classifier: Programming Language :: Python :: 3
 Requires-Python: >=3.9
 Description-Content-Type: text/markdown
 License-File: LICENSE
-Requires-Dist: pulumi>=3.99.0
-Requires-Dist: pulumi-azure-native>=2.24.0
-Requires-Dist: pulumi-random>=4.14.0
+Requires-Dist: pulumi>=3.146.0
+Requires-Dist: pulumi-azure-native>=2.82.0
+Requires-Dist: pulumi-random>=4.17.0
 
 # Pulumi Django Deployment
 

pulumi_django_azure-1.0.18.dist-info/RECORD

@@ -0,0 +1,7 @@
+pulumi_django_azure/__init__.py,sha256=5RY9reSVNw-HULrOXfhcq3cyPne-94ojFmeV1m6kIVg,79
+pulumi_django_azure/django_deployment.py,sha256=dL_IiQEjY6M-xI-ZEZarirtaQTe5DRYjYTQARJ79onA,49053
+pulumi_django_azure-1.0.18.dist-info/LICENSE,sha256=NX2LN3U319Zaac8b7ZgfNOco_nTBbN531X_M_13niSg,1087
+pulumi_django_azure-1.0.18.dist-info/METADATA,sha256=oe7FrZIcRWMRKL2JljxqvqebA9LiCBz4LumwmA_SlYQ,13955
+pulumi_django_azure-1.0.18.dist-info/WHEEL,sha256=jB7zZ3N9hIM9adW7qlTAyycLYW9npaWKLRzaoVcLKcM,91
+pulumi_django_azure-1.0.18.dist-info/top_level.txt,sha256=MNPRJhq-_G8EMCHRkjdcb_xrqzOkmKogXUGV7Ysz3g0,20
+pulumi_django_azure-1.0.18.dist-info/RECORD,,

{pulumi_django_azure-1.0.16.dist-info → pulumi_django_azure-1.0.18.dist-info}/WHEEL

@@ -1,5 +1,5 @@
 Wheel-Version: 1.0
-Generator: setuptools (75.3.0)
+Generator: setuptools (75.8.2)
 Root-Is-Purelib: true
 Tag: py3-none-any
 

pulumi_django_azure-1.0.16.dist-info/RECORD

@@ -1,7 +0,0 @@
-pulumi_django_azure/__init__.py,sha256=5RY9reSVNw-HULrOXfhcq3cyPne-94ojFmeV1m6kIVg,79
-pulumi_django_azure/django_deployment.py,sha256=NorAfJ8i4zhzY6dZ7TBDB3NKwqfAMH2-PyMQv5IurPw,43986
-pulumi_django_azure-1.0.16.dist-info/LICENSE,sha256=tlZQiilfsHDYlvhWMA5PvDV2FxpaCQbE9aapcygnhEQ,1088
-pulumi_django_azure-1.0.16.dist-info/METADATA,sha256=SZX_zbLE-ytF-NYk3krUN8k3hbKzfyiGil0Sz9ATk3g,13954
-pulumi_django_azure-1.0.16.dist-info/WHEEL,sha256=P9jw-gEje8ByB7_hXoICnHtVCrEwMQh-630tKvQWehc,91
-pulumi_django_azure-1.0.16.dist-info/top_level.txt,sha256=MNPRJhq-_G8EMCHRkjdcb_xrqzOkmKogXUGV7Ysz3g0,20
-pulumi_django_azure-1.0.16.dist-info/RECORD,,