feat: Implement deployment script for function app code and remove JSON template

- Added a deployment script to copy function app code from GitHub to Azure Storage using Azure CLI.
- Removed the JSON deployment template in favor of Bicep for better maintainability.
- Updated function app configuration to depend on the new deployment script.
- Created a PowerShell script to facilitate manual deployment of function code to Azure Storage.

Author: JacobWLMS

.github/workflows/release-function-app.yml

@@ -3,11 +3,6 @@ name: Release Function App
 on:
   push:
     branches: [main]
-    paths:
-      - 'fn_*/**'
-      - 'shared/**'
-      - 'requirements.txt'
-      - 'host.json'
   workflow_dispatch:
 
 permissions:
@@ -60,6 +55,6 @@ jobs:
       - name: Verify release
         run: |
           echo "✅ Release published successfully"
-          echo "📥 Download URL: https://github.com/${{ github.repository }}/releases/latest/download/function-app.zip"
+          echo "📥 Download URL: https://github.com/${{ github.repository }}/releases/download/latest/released-package.zip"
         env:
           GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

README.md

@@ -90,17 +90,17 @@ az group create --name rg-intune-analytics --location uksouth
 # For ADX backend:
 az deployment group create \
   --resource-group rg-intune-analytics \
-  --template-file deployment/deploy-adx.json \
-  --parameters baseName=intune-analytics
+  --template-file deployment/adx/main.json \
+  --parameters baseName=intune
 
 # For Log Analytics backend:
 az deployment group create \
   --resource-group rg-intune-analytics \
-  --template-file deployment/deploy-loganalytics.json \
-  --parameters baseName=intune-analytics
+  --template-file deployment/loganalytics/main.json \
+  --parameters baseName=intune
 ```
 
-> ✅ **Automatically deployed**: Storage, Function App, database (ADX or Log Analytics), schema, and function code from GitHub
+> ✅ **Automatically deployed**: Storage, Function App, and function code from GitHub releases
 
 ### 2. Grant Graph API Permissions (Required Post-Deployment Step)
 

deployment/adx/main.bicep

@@ -69,6 +69,46 @@ resource deploymentContainer 'Microsoft.Storage/storageAccounts/blobServices/con
   }
 }
 
+// ============================================================================
+// Deployment Script: Copy function app code from GitHub to storage
+// ============================================================================
+
+resource deploymentScript 'Microsoft.Resources/deploymentScripts@2023-08-01' = {
+  name: '${baseName}-deploy-code'
+  location: location
+  kind: 'AzureCLI'
+  properties: {
+    azCliVersion: '2.52.0'
+    timeout: 'PT10M'
+    retentionInterval: 'PT1H'
+    cleanupPreference: 'OnSuccess'
+    environmentVariables: [
+      { name: 'STORAGE_ACCOUNT', value: storageAccount.name }
+      { name: 'STORAGE_KEY', value: storageAccount.listKeys().keys[0].value }
+      { name: 'CONTAINER_NAME', value: 'deploymentpackage' }
+      { name: 'ZIP_URL', value: 'https://github.com/JacobWLMS/IntuneReporting/releases/download/latest/released-package.zip' }
+    ]
+    scriptContent: '''
+      # Download from GitHub
+      curl -L -o /tmp/released-package.zip "$ZIP_URL"
+      
+      # Upload to storage using account key
+      az storage blob upload \
+        --account-name "$STORAGE_ACCOUNT" \
+        --account-key "$STORAGE_KEY" \
+        --container-name "$CONTAINER_NAME" \
+        --name "released-package.zip" \
+        --file /tmp/released-package.zip \
+        --overwrite
+      
+      echo "✅ Function code deployed to storage"
+    '''
+  }
+  dependsOn: [
+    deploymentContainer
+  ]
+}
+
 // ============================================================================
 // App Service Plan (Flex Consumption)
 // ============================================================================
@@ -169,19 +209,9 @@ resource functionApp 'Microsoft.Web/sites@2024-04-01' = {
       ]
     }
   }
-}
-
-// ============================================================================
-// One Deploy: Deploy function code from GitHub release
-// ============================================================================
-
-resource oneDeploy 'Microsoft.Web/sites/extensions@2024-04-01' = {
-  parent: functionApp
-  name: 'onedeploy'
-  properties: {
-    packageUri: 'https://github.com/JacobWLMS/IntuneReporting/releases/download/latest/released-package.zip'
-    type: 'zip'
-  }
+  dependsOn: [
+    deploymentScript
+  ]
 }
 
 // ============================================================================
@@ -194,5 +224,5 @@ output managedIdentityObjectId string = managedIdentity.properties.principalId
 output managedIdentityClientId string = managedIdentity.properties.clientId
 output storageAccountName string = storageAccount.name
 
-output nextStep string = 'IMPORTANT: Run scripts/Grant-GraphPermissions.ps1 to grant Microsoft Graph API permissions to the Managed Identity. This requires the Application Administrator role in Entra ID.'
+output nextStep string = 'IMPORTANT: Run scripts/Grant-GraphPermissions.ps1 to grant Microsoft Graph API permissions to the Managed Identity.'
 output grantPermissionsCommand string = '.\\scripts\\Grant-GraphPermissions.ps1 -ManagedIdentityObjectId "${managedIdentity.properties.principalId}"'