Iac

[yortch]

This pull request introduces a comprehensive Azure deployment implementation for the Three Rivers Bank Credit Card application, focused on Infrastructure as Code (IaC) using Terraform and automated CI/CD with GitHub Actions and Azure Developer CLI (azd). The changes include new infrastructure files, detailed documentation, and two major GitHub Actions workflows for automated validation, build, deployment, and cleanup. The implementation supports multi-environment deployments (dev, staging, production), robust smoke testing, and production-ready operational practices.

Key changes:

Infrastructure as Code and Configuration:

• Added full Terraform-based Azure infrastructure definitions, including resource group, container registry, log analytics, and container apps for backend and frontend, with environment-specific configuration and outputs. (infra/terraform/main.tf, infra/terraform/variables.tf, infra/terraform/outputs.tf, azd-config.json, azure.yaml)

CI/CD Pipeline Enhancements:

• Introduced a new GitHub Actions workflow (.github/workflows/azure-azd-deploy.yml) for end-to-end deployment using azd CLI, featuring infrastructure validation, application build and test, deployment, smoke testing, and automatic cleanup on failure, with support for manual and branch-triggered deployments.
• Updated the main deployment workflow (.github/workflows/deploy.yml) to add an azd CLI-based deployment job for production, replacing the previous Azure Container Apps deploy steps, and streamlined environment variable and secret handling.

Documentation:

• Added a comprehensive Azure deployment guide (README-AZURE-DEPLOYMENT.md) covering prerequisites, local and CI/CD deployment steps, infrastructure details, monitoring, troubleshooting, security, and next steps for production readiness.
• Added an implementation summary (AZURE-DEPLOYMENT-SUMMARY.md) outlining completed work, architecture benefits, resource configuration, and operational workflows.

Developer Experience and Operations:

• Provided developer tooling for local development via Docker Compose, easy environment management with azd, and detailed operational guidance for monitoring, scaling, and cleaning up resources. [1] [2]

Security and Production Readiness:

• Implemented secure secret management, HTTPS ingress, private networking for container apps, and RBAC for Azure resources, with recommendations for future enhancements like Key Vault, custom domains, and advanced monitoring. [1] [2]