MCPcopy Index your code
hub / github.com/microsoft/PyRIT / deploy_bicep

Function deploy_bicep

infra/deploy_instance.py:781–871  ·  view source on GitHub ↗

Deploy the Bicep template. The .env contents are passed via a temp parameters file (not inline --parameters key=value) because the value is multi-line, contains '=' characters, and is marked @secure() in Bicep — passing it inline is fragile and can leak the value into shell his

(
    *,
    resource_group: str,
    app_name: str,
    container_image: str,
    tenant_id: str,
    client_id: str,
    group_ids: str,
    sql_server_fqdn: str,
    sql_database_name: str,
    kv_resource_id: str,
    acr_name: str,
    env_file_contents: str,
    owner_tag: str = "",
)

Source from the content-addressed store, hash-verified

779
780
781def deploy_bicep(
782 *,
783 resource_group: str,
784 app_name: str,
785 container_image: str,
786 tenant_id: str,
787 client_id: str,
788 group_ids: str,
789 sql_server_fqdn: str,
790 sql_database_name: str,
791 kv_resource_id: str,
792 acr_name: str,
793 env_file_contents: str,
794 owner_tag: str = "",
795) -> dict:
796 """
797 Deploy the Bicep template.
798
799 The .env contents are passed via a temp parameters file (not inline
800 --parameters key=value) because the value is multi-line, contains '='
801 characters, and is marked @secure() in Bicep — passing it inline is
802 fragile and can leak the value into shell history. The temp file is
803 deleted after deployment.
804
805 Args:
806 resource_group (str): The resource group name.
807 app_name (str): The Container App name.
808 container_image (str): The container image reference.
809 tenant_id (str): The Entra tenant ID.
810 client_id (str): The Entra app registration client ID.
811 group_ids (str): Comma-separated group object IDs.
812 sql_server_fqdn (str): The SQL server FQDN.
813 sql_database_name (str): The SQL database name.
814 kv_resource_id (str): The Key Vault resource ID (kept for the
815 keyVaultName output; not referenced at container runtime).
816 acr_name (str): The ACR name.
817 env_file_contents (str): The prepared .env content to inject as
818 the Container App's `env-file` secret.
819 owner_tag (str): Value for the Owner tag on Bicep-managed resources.
820
821 Returns:
822 dict: The deployment outputs.
823 """
824 logger.info("Deploying Bicep template to resource group: %s", resource_group)
825
826 parameters: dict = {
827 "appName": {"value": app_name},
828 "containerImage": {"value": container_image},
829 "entraTenantId": {"value": tenant_id},
830 "entraClientId": {"value": client_id},
831 "allowedGroupObjectIds": {"value": group_ids},
832 "sqlServerFqdn": {"value": sql_server_fqdn},
833 "sqlDatabaseName": {"value": sql_database_name},
834 "keyVaultResourceId": {"value": kv_resource_id},
835 "acrName": {"value": acr_name},
836 "enablePrivateEndpoint": {"value": False},
837 "envFileContents": {"value": env_file_contents},
838 }

Callers 1

mainFunction · 0.85

Calls 1

run_az_jsonFunction · 0.70

Tested by

no test coverage detected