Fix logger for Azure App Service and update deployment docs

- Fix logger to handle Azure App Service write restrictions
- Skip file logging in Azure App Service (console logs captured automatically)
- Add deployment scripts for App Service setup
- Update documentation with correct resource names
- Add Key Vault access request documentation
- Add alternative authentication methods for ACR and Key Vault

scripts/deploy-app-service.sh

@@ -0,0 +1,164 @@
+#!/bin/bash
+# Azure App Service Deployment Script
+# Deploys CMDB Insight backend and frontend to Azure App Service
+
+set -e  # Exit on error
+
+# Configuration
+RESOURCE_GROUP="zdl-cmdb-insight-prd-euwe-rg"
+APP_SERVICE_PLAN="zdl-cmdb-insight-prd-euwe-appsvc"
+ACR_NAME="zdlasacr"
+BACKEND_APP_NAME="zdl-cmdb-insight-prd-backend-webapp"
+FRONTEND_APP_NAME="zdl-cmdb-insight-prd-frontend-webapp"
+REPOSITORY_NAME="cmdb-insight"
+IMAGE_TAG="latest"
+
+echo "🚀 Starting Azure App Service Deployment..."
+echo "Resource Group: $RESOURCE_GROUP"
+echo "App Service Plan: $APP_SERVICE_PLAN"
+echo "ACR: $ACR_NAME"
+echo ""
+
+# Step 1: Create Backend Web App
+echo "📦 Step 1: Creating Backend Web App..."
+az webapp create \
+  --name $BACKEND_APP_NAME \
+  --resource-group $RESOURCE_GROUP \
+  --plan $APP_SERVICE_PLAN \
+  --container-image-name ${ACR_NAME}.azurecr.io/${REPOSITORY_NAME}/backend:${IMAGE_TAG}
+
+if [ $? -eq 0 ]; then
+  echo "✅ Backend web app created successfully"
+else
+  echo "❌ Failed to create backend web app"
+  exit 1
+fi
+
+# Step 2: Create Frontend Web App
+echo ""
+echo "📦 Step 2: Creating Frontend Web App..."
+az webapp create \
+  --name $FRONTEND_APP_NAME \
+  --resource-group $RESOURCE_GROUP \
+  --plan $APP_SERVICE_PLAN \
+  --container-image-name ${ACR_NAME}.azurecr.io/${REPOSITORY_NAME}/frontend:${IMAGE_TAG}
+
+if [ $? -eq 0 ]; then
+  echo "✅ Frontend web app created successfully"
+else
+  echo "❌ Failed to create frontend web app"
+  exit 1
+fi
+
+# Step 3: Enable Managed Identity for both apps
+echo ""
+echo "🔐 Step 3: Enabling Managed Identity..."
+az webapp identity assign \
+  --name $BACKEND_APP_NAME \
+  --resource-group $RESOURCE_GROUP
+
+az webapp identity assign \
+  --name $FRONTEND_APP_NAME \
+  --resource-group $RESOURCE_GROUP
+
+echo "✅ Managed Identity enabled for both apps"
+
+# Step 4: Get Principal IDs
+echo ""
+echo "🔑 Step 4: Getting Principal IDs..."
+BACKEND_PRINCIPAL_ID=$(az webapp identity show \
+  --name $BACKEND_APP_NAME \
+  --resource-group $RESOURCE_GROUP \
+  --query principalId -o tsv)
+
+FRONTEND_PRINCIPAL_ID=$(az webapp identity show \
+  --name $FRONTEND_APP_NAME \
+  --resource-group $RESOURCE_GROUP \
+  --query principalId -o tsv)
+
+if [ -z "$BACKEND_PRINCIPAL_ID" ] || [ -z "$FRONTEND_PRINCIPAL_ID" ]; then
+  echo "⚠️  Warning: Could not retrieve Principal IDs. Managed Identity may not be fully enabled yet."
+  echo "   Waiting 10 seconds and retrying..."
+  sleep 10
+  
+  BACKEND_PRINCIPAL_ID=$(az webapp identity show \
+    --name $BACKEND_APP_NAME \
+    --resource-group $RESOURCE_GROUP \
+    --query principalId -o tsv)
+  
+  FRONTEND_PRINCIPAL_ID=$(az webapp identity show \
+    --name $FRONTEND_APP_NAME \
+    --resource-group $RESOURCE_GROUP \
+    --query principalId -o tsv)
+fi
+
+echo "Backend Principal ID: $BACKEND_PRINCIPAL_ID"
+echo "Frontend Principal ID: $FRONTEND_PRINCIPAL_ID"
+
+# Step 5: Get ACR Resource ID
+echo ""
+echo "📋 Step 5: Getting ACR Resource ID..."
+ACR_ID=$(az acr show --name $ACR_NAME --query id -o tsv)
+
+if [ -z "$ACR_ID" ]; then
+  echo "❌ Failed to get ACR Resource ID. Is the ACR name correct?"
+  exit 1
+fi
+
+echo "ACR Resource ID: $ACR_ID"
+
+# Step 6: Grant AcrPull permissions
+echo ""
+echo "🔓 Step 6: Granting AcrPull permissions..."
+az role assignment create \
+  --assignee $BACKEND_PRINCIPAL_ID \
+  --role AcrPull \
+  --scope $ACR_ID \
+  --output none
+
+az role assignment create \
+  --assignee $FRONTEND_PRINCIPAL_ID \
+  --role AcrPull \
+  --scope $ACR_ID \
+  --output none
+
+echo "✅ AcrPull permissions granted"
+
+# Step 7: Configure container registry URL
+echo ""
+echo "🐳 Step 7: Configuring container registry settings..."
+az webapp config container set \
+  --name $BACKEND_APP_NAME \
+  --resource-group $RESOURCE_GROUP \
+  --docker-registry-server-url https://${ACR_NAME}.azurecr.io \
+  --output none
+
+az webapp config container set \
+  --name $FRONTEND_APP_NAME \
+  --resource-group $RESOURCE_GROUP \
+  --docker-registry-server-url https://${ACR_NAME}.azurecr.io \
+  --output none
+
+echo "✅ Container registry configured"
+
+# Step 8: Get web app URLs
+echo ""
+echo "🌐 Step 8: Getting web app URLs..."
+BACKEND_URL="https://${BACKEND_APP_NAME}.azurewebsites.net"
+FRONTEND_URL="https://${FRONTEND_APP_NAME}.azurewebsites.net"
+
+echo ""
+echo "✅ Deployment completed successfully!"
+echo ""
+echo "📋 Summary:"
+echo "   Backend URL:  $BACKEND_URL"
+echo "   Frontend URL: $FRONTEND_URL"
+echo ""
+echo "⚠️  Next Steps:"
+echo "   1. Configure environment variables (see docs/AZURE-APP-SERVICE-DEPLOYMENT.md)"
+echo "   2. Set up Azure Key Vault for secrets (recommended)"
+echo "   3. Configure custom domain and SSL certificate"
+echo "   4. Test the deployment:"
+echo "      curl $BACKEND_URL/api/health"
+echo "      curl $FRONTEND_URL"
+echo ""