config sqlAdmin string {
	__logicalName = "sqlAdmin"
	default = "pulumi"
}

config retentionInDays int {
	__logicalName = "retentionInDays"
	default = 30
}

sharedKey = secret(invoke("azure-native:operationalinsights:getSharedKeys", {
	resourceGroupName = resourceGroup.name,
	workspaceName = workspace.name
}).primarySharedKey)
adminRegistryCreds = invoke("azure-native:containerregistry:listRegistryCredentials", {
	resourceGroupName = resourceGroup.name,
	registryName = registry.name
})
adminUsername = adminRegistryCreds.username
adminPasswords = secret(adminRegistryCreds.passwords)

resource resourceGroup "azure-native:resources:ResourceGroup" {
	__logicalName = "resourceGroup"
}

resource workspace "azure-native:operationalinsights:Workspace" {
	__logicalName = "workspace"
	resourceGroupName = resourceGroup.name
	sku = {
		name = "PerGB2018"
	}
	retentionInDays = retentionInDays
}

resource kubeEnv "azure-native:web:KubeEnvironment" {
	__logicalName = "kubeEnv"
	resourceGroupName = resourceGroup.name
	environmentType = "Managed"
	appLogsConfiguration = {
		destination = "log-analytics",
		logAnalyticsConfiguration = {
			customerId = workspace.customerId,
			sharedKey = sharedKey
		}
	}
}

resource registry "azure-native:containerregistry:Registry" {
	__logicalName = "registry"
	resourceGroupName = resourceGroup.name
	sku = {
		name = "Basic"
	}
	adminUserEnabled = true
}

resource provider "pulumi:providers:docker" {
	__logicalName = "provider"
	registryAuth = [{
		address = registry.loginServer,
		username = adminUsername,
		password = adminPasswords[0].value
	}]
}

resource myImage "docker:index/registryImage:RegistryImage" {
	__logicalName = "myImage"
	name = "${registry.loginServer}/node-app:v1.0.0"
	build = {
		context = "${cwd()}/node-app"
	}

	options {
		provider = provider
	}
}

resource containerapp "azure-native:web:ContainerApp" {
	__logicalName = "containerapp"
	resourceGroupName = resourceGroup.name
	kubeEnvironmentId = kubeEnv.id
	configuration = {
		ingress = {
			external = true,
			targetPort = 80
		},
		registries = [{
			server = registry.loginServer,
			username = adminUsername,
			passwordSecretRef = "pwd"
		}],
		secrets = [{
			name = "pwd",
			value = adminPasswords[0].value
		}]
	}
	template = {
		containers = [{
			name = "myapp",
			image = myImage.name
		}]
	}
}

output endpoint {
	__logicalName = "endpoint"
	value = "https://${containerapp.configuration.ingress.fqdn}"
}