Provision Azure Managed Grafana workspace

azure-pipelines.yml

@@ -252,4 +252,23 @@ extends:
             GrafanaKeyVault: dotnet-grafana
             GrafanaVariableGroup: Dotnet-Grafana-Production
             ServiceConnectionClientId: fc1eb341-aea4-4a11-8f80-d14b8775b2ba
-            ServiceConnectionId: 4a511f6f-b538-48e6-a389-207e430634d1
+            ServiceConnectionId: 4a511f6f-b538-48e6-a389-207e430634d1
+
+      - template: /eng/deploy-managed-grafana.yml@self
+        parameters:
+          ${{ if ne(variables['Build.SourceBranch'], 'refs/heads/production') }}:
+            DeploymentEnvironment: Staging
+            ServiceConnectionName: dnceng-managed-grafana-staging
+            GrafanaWorkspaceName: dnceng-grafana-staging
+            GrafanaKeyVault: dnceng-grafana-int-kv
+            GrafanaVariableGroup: Dnceng-Managed-Grafana-Staging-Vg
+            ServiceConnectionClientId: 4ad9ae35-2d42-4245-a954-9003b7e31349
+            ServiceConnectionId: f955b932-c7e3-48f7-9d67-4e6542b3568a
+          ${{ else }}:
+            DeploymentEnvironment: Production
+            ServiceConnectionName: dnceng-managed-grafana
+            GrafanaWorkspaceName: dnceng-grafana
+            GrafanaKeyVault: dnceng-grafana-prod-kv
+            GrafanaVariableGroup: Dnceng-Managed-Grafana-Vg
+            ServiceConnectionClientId: 0ceeca1a-31e7-49ee-9bf4-15f14ed28fa4
+            ServiceConnectionId: 332b249e-769b-49a9-9dc9-d82afe28ec0a

eng/deploy-managed-grafana.yml

@@ -0,0 +1,32 @@
+parameters:
+- name: ServiceConnectionName
+  type: string
+- name: ServiceConnectionClientId
+  type: string
+- name: ServiceConnectionId
+  type: string
+- name: DeploymentEnvironment
+  type: string
+- name: GrafanaWorkspaceName
+  type: string
+- name: GrafanaKeyVault
+  type: string
+- name: GrafanaVariableGroup
+  type: string
+
+stages:
+- stage: ProvisionGrafana
+  displayName: 'Provision Grafana Infrastructure'
+  dependsOn:
+  - predeploy
+  - approval
+  jobs:
+  - template: /eng/provision-grafana.yaml@self
+    parameters:
+      DeploymentEnvironment: ${{ parameters.DeploymentEnvironment }}
+      ServiceConnectionName: ${{ parameters.ServiceConnectionName }}
+      GrafanaResourceGroup: 'monitoring-managed'
+      GrafanaWorkspaceName: ${{ parameters.GrafanaWorkspaceName }}
+      GrafanaLocation: 'westus2'
+      GrafanaKeyVault: ${{ parameters.GrafanaKeyVault }}
+      GrafanaVariableGroup: ${{ parameters.GrafanaVariableGroup }}

eng/deploy.yaml

@@ -156,6 +156,7 @@ stages:
     demands: ImageOverride -equals 1es-windows-2019
   dependsOn:
   - deploy
+  - ProvisionGrafana
   variables:
   - group: ${{ parameters.StatusVariableGroup }}
   - group: ${{ parameters.GrafanaVariableGroup }}
@@ -201,6 +202,7 @@ stages:
     demands: ImageOverride -equals 1es-windows-2019
   dependsOn:
   - deploy
+  - ProvisionGrafana
   jobs:
   - job: scenario
     displayName: Scenario tests

eng/deployment/azure-managed-grafana.bicep

@@ -0,0 +1,43 @@
+// Azure Managed Grafana Workspace Bicep Template
+@description('The Azure region where the Grafana workspace will be deployed')
+param location string
+
+@description('The name of the Grafana workspace')
+param grafanaWorkspaceName string
+
+@description('The pricing tier for the Grafana workspace')
+@allowed([
+  'Standard'
+  'Essential'
+])
+param skuName string = 'Standard'
+
+// Azure Managed Grafana Workspace
+resource grafanaWorkspace 'Microsoft.Dashboard/grafana@2023-09-01' = {
+  name: grafanaWorkspaceName
+  location: location
+  sku: {
+    name: skuName
+  }
+  identity: {
+    type: 'SystemAssigned'
+  }
+  properties: {
+    deterministicOutboundIP: 'Enabled'
+    apiKey: 'Enabled'
+    autoGeneratedDomainNameLabelScope: 'TenantReuse'
+    zoneRedundancy: 'Disabled'
+    publicNetworkAccess: 'Enabled'
+    grafanaIntegrations: {
+      azureMonitorWorkspaceIntegrations: []
+    }
+  }
+}
+
+// Output the Grafana workspace details
+output grafanaWorkspaceId string = grafanaWorkspace.id
+output grafanaWorkspaceName string = grafanaWorkspace.name
+output grafanaWorkspaceUrl string = grafanaWorkspace.properties.endpoint
+output grafanaPrincipalId string = grafanaWorkspace.identity.principalId
+output grafanaTenantId string = grafanaWorkspace.identity.tenantId
+output grafanaWorkspaceLocation string = grafanaWorkspace.location

eng/deployment/deploy-grafana.ps1

@@ -0,0 +1,141 @@
+# Azure Managed Grafana Deployment Script
+# This script deploys an Azure Managed Grafana workspace using Bicep
+
+param(
+    [Parameter(Mandatory = $true)]
+    [string]$SubscriptionId,
+
+    [Parameter(Mandatory = $true)]
+    [string]$ResourceGroupName,
+
+    [Parameter(Mandatory = $true)]
+    [string]$Location,
+
+    [Parameter(Mandatory = $true)]
+    [string]$GrafanaWorkspaceName,
+
+    [Parameter(Mandatory = $false)]
+    [string]$DeploymentName = "grafana-deployment-$(Get-Date -Format 'yyyyMMdd-HHmmss')",
+
+    [Parameter(Mandatory = $false)]
+    [switch]$WhatIf = $false
+)
+
+# Set error action preference
+$ErrorActionPreference = "Stop"
+
+Write-Host "=======================================" -ForegroundColor Cyan
+Write-Host "Azure Managed Grafana Deployment Script" -ForegroundColor Cyan
+Write-Host "=======================================" -ForegroundColor Cyan
+
+try {
+    # Check if Azure CLI is installed
+    Write-Host "Checking Azure CLI installation..." -ForegroundColor Yellow
+    az version 2>$null | Out-Null
+    if ($LASTEXITCODE -ne 0) {
+        throw "Azure CLI is not installed or not in PATH. Please install Azure CLI first."
+    }
+    Write-Host "✓ Azure CLI is installed" -ForegroundColor Green
+
+    # Check if user is logged in
+    Write-Host "Checking Azure authentication..." -ForegroundColor Yellow
+    $account = az account show 2>$null | ConvertFrom-Json
+    if ($LASTEXITCODE -ne 0) {
+        Write-Host "Not logged in to Azure. Please login..." -ForegroundColor Yellow
+        az login
+        if ($LASTEXITCODE -ne 0) {
+            throw "Failed to login to Azure"
+        }
+    }
+    Write-Host "✓ Authenticated as: $($account.user.name)" -ForegroundColor Green
+
+    # Set the subscription
+    Write-Host "Setting subscription to: $SubscriptionId" -ForegroundColor Yellow
+    az account set --subscription $SubscriptionId
+    if ($LASTEXITCODE -ne 0) {
+        throw "Failed to set subscription. Please check if the subscription ID is correct and you have access."
+    }
+    Write-Host "✓ Subscription set successfully" -ForegroundColor Green
+
+    # Check if resource group exists, create if it doesn't
+    Write-Host "Checking if resource group '$ResourceGroupName' exists..." -ForegroundColor Yellow
+    az group show --name $ResourceGroupName 2>$null | Out-Null
+    if ($LASTEXITCODE -ne 0) {
+        Write-Host "Resource group doesn't exist. Creating..." -ForegroundColor Yellow
+        az group create --name $ResourceGroupName --location $Location
+        if ($LASTEXITCODE -ne 0) {
+            throw "Failed to create resource group"
+        }
+        Write-Host "✓ Resource group created successfully" -ForegroundColor Green
+    } else {
+        Write-Host "✓ Resource group already exists" -ForegroundColor Green
+    }
+
+    # Get the Bicep file path
+    $bicepFile = Join-Path $PSScriptRoot "azure-managed-grafana.bicep"
+    if (!(Test-Path $bicepFile)) {
+        throw "Bicep file not found at: $bicepFile"
+    }
+    Write-Host "✓ Bicep file found: $bicepFile" -ForegroundColor Green
+
+    # Prepare deployment parameters
+    $parameters = @{
+        location = $Location
+        grafanaWorkspaceName = $GrafanaWorkspaceName
+        skuName = "Standard"
+    }
+
+    # Convert parameters to string format for Azure CLI
+    $paramString = ($parameters.GetEnumerator() | ForEach-Object { "$($_.Key)=`"$($_.Value)`"" }) -join " "
+
+    # Run deployment
+    if ($WhatIf) {
+        Write-Host "Running what-if deployment..." -ForegroundColor Yellow
+        $cmd = "az deployment group what-if --resource-group $ResourceGroupName --template-file `"$bicepFile`" --parameters $paramString"
+        Write-Host "Command: $cmd" -ForegroundColor Gray
+        Invoke-Expression $cmd
+    } else {
+        Write-Host "Starting deployment..." -ForegroundColor Yellow
+        Write-Host "Deployment name: $DeploymentName" -ForegroundColor Gray
+        Write-Host "Resource group: $ResourceGroupName" -ForegroundColor Gray
+        Write-Host "Grafana workspace name: $GrafanaWorkspaceName" -ForegroundColor Gray
+
+        $cmd = "az deployment group create --resource-group $ResourceGroupName --name $DeploymentName --template-file `"$bicepFile`" --parameters $paramString"
+        Write-Host "Command: $cmd" -ForegroundColor Gray
+
+        $result = Invoke-Expression $cmd | ConvertFrom-Json
+
+        if ($LASTEXITCODE -eq 0) {
+            Write-Host "=======================================" -ForegroundColor Green
+            Write-Host "✓ Deployment completed successfully!" -ForegroundColor Green
+            Write-Host "=======================================" -ForegroundColor Green
+
+            # Display outputs
+            if ($result.properties.outputs) {
+                Write-Host "Deployment Outputs:" -ForegroundColor Cyan
+                $result.properties.outputs | ConvertTo-Json -Depth 3 | Write-Host
+            }
+
+            # Get the Grafana workspace details
+            Write-Host "`nGrafana Workspace Details:" -ForegroundColor Cyan
+            $grafana = az grafana show --name $GrafanaWorkspaceName --resource-group $ResourceGroupName | ConvertFrom-Json
+            Write-Host "Workspace Name: $($grafana.name)" -ForegroundColor White
+            Write-Host "Workspace URL: $($grafana.properties.endpoint)" -ForegroundColor White
+            Write-Host "Location: $($grafana.location)" -ForegroundColor White
+            Write-Host "SKU: $($grafana.sku.name)" -ForegroundColor White
+            Write-Host "System Managed Identity: $($grafana.identity.principalId)" -ForegroundColor White
+        } else {
+            throw "Deployment failed"
+        }
+    }
+}
+catch {
+    Write-Host "=======================================" -ForegroundColor Red
+    Write-Host "❌ Error occurred during deployment:" -ForegroundColor Red
+    Write-Host $_.Exception.Message -ForegroundColor Red
+    Write-Host "=======================================" -ForegroundColor Red
+    exit 1
+}
+
+Write-Host "`n🎉 Script completed successfully!" -ForegroundColor Green
+Write-Host "You can now access your Grafana workspace and configure it as needed." -ForegroundColor Yellow