From ac0e3e914b0ca31573c54ccb847a4c9fde83b122 Mon Sep 17 00:00:00 2001 From: ramirezmorac2 Date: Thu, 19 Feb 2026 11:55:06 -0400 Subject: [PATCH 1/3] feat: add Azure SQL Database configuration parameters and module --- infra/main.bicep | 44 ++++++++++++++++++++++++++++++++++---- infra/main.parameters.json | 18 ++++++++++++++++ 2 files changed, 58 insertions(+), 4 deletions(-) diff --git a/infra/main.bicep b/infra/main.bicep index 86a91d39..f67c07c5 100644 --- a/infra/main.bicep +++ b/infra/main.bicep @@ -406,9 +406,27 @@ var dbAccountName = !empty(azureDbAccountName) ? azureDbAccountName : 'dbgpt0-${ @description('Cosmos DB Database Name. Use your own name convention or leave as it is to generate a random name.') param azureDbDatabaseName string = '' var dbDatabaseName = !empty(azureDbDatabaseName) ? azureDbDatabaseName : 'db0-${resourceToken}' +@description('Azure SQL Server Name.') +param azureSqlServerName string = '' +var sqlServerName = !empty(azureSqlServerName) ? azureSqlServerName : 'sqlgpt0-${resourceToken}' +@description('Azure SQL Database Name.') +param azureSqlDatabaseName string = '' +var sqlDatabaseName = !empty(azureSqlDatabaseName) ? azureSqlDatabaseName : 'sqldb0-${resourceToken}' +@description('Azure SQL administrator login name.') +param azureSqlAdministratorLogin string = 'sqladmin' +@description('Azure SQL administrator password.') +@secure() +param azureSqlAdministratorPassword string +@description('Key Vault secret name to store the Azure SQL administrator password.') +param azureSqlAdminSecretName string = 'sqlAdminPassword' +@description('Public network access setting for Azure SQL Server.') +@allowed(['Enabled', 'Disabled']) +param azureSqlPublicNetworkAccess string = 'Enabled' @description('Log Analytics Workspace Name. Use your own name convention or leave as it is to generate a random name.') param azureLogAnalyticsWorkspaceName string = '' -var logAnalyticsWorkspaceName = !empty(azureLogAnalyticsWorkspaceName) ? azureLogAnalyticsWorkspaceName : 'law0-${resourceToken}' +var logAnalyticsWorkspaceName = !empty(azureLogAnalyticsWorkspaceName) + ? azureLogAnalyticsWorkspaceName + : 'law0-${resourceToken}' @description('Enable PartitionKeyRUConsumption logs for multi-tenant billing') param enablePartitionKeyRUConsumption bool = true @description('Key Vault Name. Use your own name convention or leave as it is to generate a random name.') @@ -954,6 +972,22 @@ module keyVault './core/security/keyvault.bicep' = { } } +module sqlServer './core/db/sqlserver.bicep' = { + name: 'sqlserver' + scope: resourceGroup + params: { + name: sqlServerName + location: location + tags: tags + administratorLogin: azureSqlAdministratorLogin + administratorLoginPassword: azureSqlAdministratorPassword + databaseName: sqlDatabaseName + keyVaultName: keyVault.outputs.name + publicNetworkAccess: azureSqlPublicNetworkAccess + secretName: azureSqlAdminSecretName + } +} + module keyvaultpe './core/network/private-endpoint.bicep' = if (networkIsolation) { name: 'keyvaultpe' scope: resourceGroup @@ -1523,7 +1557,7 @@ module frontEnd 'core/host/appservice.bicep' = { { name: 'USER_FEEDBACK_URL' value: userFeedbackUrl - } + } { name: 'ANTHROPIC_API_KEY' value: orchestratorAnthropicApiKeyVar @@ -1649,7 +1683,7 @@ module dataIngestion './core/host/functions.bicep' = { value: 'text-embedding-3-small' } { - name:'FORM_REC_API_VERSION' + name: 'FORM_REC_API_VERSION' value: '2024-11-30' } { @@ -1685,7 +1719,7 @@ module dataIngestion './core/host/functions.bicep' = { value: 'INFO' } { - name:'COGNITIVE_SERVICES_KEY' + name: 'COGNITIVE_SERVICES_KEY' value: cognitiveServices.outputs.key } { @@ -2118,6 +2152,8 @@ output AZURE_RESOURCE_GROUP_NAME string = azureResourceGroupName output AZURE_NETWORK_ISOLATION bool = networkIsolation output AZURE_DB_ACCOUNT_NAME string = azureDbAccountName output AZURE_DB_DATABASE_NAME string = azureDbDatabaseName +output AZURE_SQL_SERVER_NAME string = sqlServerName +output AZURE_SQL_DATABASE_NAME string = sqlDatabaseName output AZURE_STORAGE_ACCOUNT_NAME string = storageAccountName output AZURE_COGNITIVE_SERVICE_NAME string = azureCognitiveServiceName output AZURE_APP_SERVICE_PLAN_NAME string = azureAppServicePlanName diff --git a/infra/main.parameters.json b/infra/main.parameters.json index 7dadf38c..6d26c746 100644 --- a/infra/main.parameters.json +++ b/infra/main.parameters.json @@ -50,6 +50,24 @@ "azureDbDatabaseName": { "value": "${AZURE_DB_DATABASE_NAME}" }, + "azureSqlServerName": { + "value": "" + }, + "azureSqlDatabaseName": { + "value": "" + }, + "azureSqlAdministratorLogin": { + "value": "${AZURE_SQL_ADMIN_LOGIN}" + }, + "azureSqlAdministratorPassword": { + "value": "$(secretOrRandomPassword ${AZURE_KEY_VAULT_NAME} ${AZURE_SQL_ADMIN_SECRET_NAME})" + }, + "azureSqlAdminSecretName": { + "value": "${AZURE_SQL_ADMIN_SECRET_NAME}" + }, + "azureSqlPublicNetworkAccess": { + "value": "${AZURE_SQL_PUBLIC_NETWORK_ACCESS=Enabled}" + }, "azureLogAnalyticsWorkspaceName": { "value": "${AZURE_LOG_ANALYTICS_WORKSPACE_NAME}" }, From 7f3dcc99fbeb5aa53b9938cfe4017006564cc2fd Mon Sep 17 00:00:00 2001 From: ramirezmorac2 Date: Thu, 19 Feb 2026 11:56:50 -0400 Subject: [PATCH 2/3] feat: set default location for SQL Server to 'eastus2' --- infra/main.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infra/main.bicep b/infra/main.bicep index f67c07c5..6722458d 100644 --- a/infra/main.bicep +++ b/infra/main.bicep @@ -977,7 +977,7 @@ module sqlServer './core/db/sqlserver.bicep' = { scope: resourceGroup params: { name: sqlServerName - location: location + location: 'eastus2' tags: tags administratorLogin: azureSqlAdministratorLogin administratorLoginPassword: azureSqlAdministratorPassword From 82d843e7729a55b6f35f766a70f304779512f0be Mon Sep 17 00:00:00 2001 From: ramirezmorac2 Date: Thu, 19 Feb 2026 11:59:10 -0400 Subject: [PATCH 3/3] feat: update Azure SQL Database parameters for flexibility in configuration --- infra/main.bicep | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/infra/main.bicep b/infra/main.bicep index 6722458d..5722afd3 100644 --- a/infra/main.bicep +++ b/infra/main.bicep @@ -413,12 +413,12 @@ var sqlServerName = !empty(azureSqlServerName) ? azureSqlServerName : 'sqlgpt0-$ param azureSqlDatabaseName string = '' var sqlDatabaseName = !empty(azureSqlDatabaseName) ? azureSqlDatabaseName : 'sqldb0-${resourceToken}' @description('Azure SQL administrator login name.') -param azureSqlAdministratorLogin string = 'sqladmin' +param azureSqlAdministratorLogin string = '' @description('Azure SQL administrator password.') @secure() param azureSqlAdministratorPassword string @description('Key Vault secret name to store the Azure SQL administrator password.') -param azureSqlAdminSecretName string = 'sqlAdminPassword' +param azureSqlAdminSecretName string = '' @description('Public network access setting for Azure SQL Server.') @allowed(['Enabled', 'Disabled']) param azureSqlPublicNetworkAccess string = 'Enabled'