Let's say I have created an Azure function app (with function A,B in it), also I will need a logic app to orchestrate the running sequence of A and B. A simple diagram like following:
Now my issue came when writing bicep for this.
In general, we separate the infrastructure code from the application code. So I have one CI/CD for just creating the function app (no function deployed). Then another application CI/CD will only do zip deployment for pushing the functions (A, B) into the function app.
The problem is where should I put the bicep for my logic app? in the infrastructure repo or the application repo?
- If I put the logic app bicep in the infrastructure repo, it will look like this:
But this won't work, as the application CI/CD will redeploy the functions which will cause the logic app to throw an "unauthorized" error as the deployment will break the function key, see second answer in this ticket.
- If I put the bicep file with the application code:
It will work as expected, but this means I will have to include a bicep file and ps1 file inside my application code. Now both my infrastructure repo and application repo will hold bicep files and deal with azure resource creation.
To me, none of the approaches is ideal....
Wondering which way should I go and why.