From 635b88b81d081a04ef6a9bf4d88b4e00ad1fd5e4 Mon Sep 17 00:00:00 2001 From: Alastair Lock Date: Tue, 21 Apr 2026 22:11:21 +0100 Subject: [PATCH 1/4] Create 500 error alert --- .../modules/container-apps/alerts.tf | 35 +++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 infrastructure/modules/container-apps/alerts.tf diff --git a/infrastructure/modules/container-apps/alerts.tf b/infrastructure/modules/container-apps/alerts.tf new file mode 100644 index 00000000..3d0e4309 --- /dev/null +++ b/infrastructure/modules/container-apps/alerts.tf @@ -0,0 +1,35 @@ +resource "azurerm_monitor_scheduled_query_rules_alert_v2" "five_hundred_error_alert" { + count = var.enable_alerting ? 1 : 0 + + auto_mitigation_enabled = false + description = "An alert triggered by 500 errors logged in code" + enabled = var.enable_alerting + evaluation_frequency = "PT5M" + location = var.region + name = "${var.app_short_name}-500-error-alert" + resource_group_name = azurerm_resource_group.main.name + scopes = [var.action_group_id] + severity = 2 + skip_query_validation = false + window_duration = "PT5M" + workspace_alerts_storage_enabled = false + + action { + action_groups = [var.action_group_id] + } + + criteria { + operator = "GreaterThan" + query = <<-QUERY + ContainerAppConsoleLogs_CL + | where Log_s contains "500" + QUERY + threshold = 0 + time_aggregation_method = "Count" + + failing_periods { + minimum_failing_periods_to_trigger_alert = 1 + number_of_evaluation_periods = 1 + } + } +} From bab5142bfb3d7eccdeaf01e56ea81ce2af4f1f91 Mon Sep 17 00:00:00 2001 From: Alastair Lock Date: Tue, 21 Apr 2026 22:15:15 +0100 Subject: [PATCH 2/4] Add instructions to connect to the db manually --- docs/infrastructure/create-environment.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/docs/infrastructure/create-environment.md b/docs/infrastructure/create-environment.md index d12dd4ae..f75a1d43 100644 --- a/docs/infrastructure/create-environment.md +++ b/docs/infrastructure/create-environment.md @@ -133,3 +133,16 @@ Add the infrastructure secrets to the _inf_ key vault `kv-lungcs-[environment]-i - assign yourself "Key Vault Secrets User" to application key vault to run the terraform code from the CLI inside the AVD when first trying to deploy the application. - assign yourself "Data Blob Reader" to State file storage account to run the terraform code from the CLI inside the AVD when first trying to deploy the application. + +## Connect to Postgres Database + +- Add your user as a memeber to the respective Entra ID group: + - `postgres_lungcs_[environment]_uks_admin` +- Log into the correct ADV for your environment type (either nonlive or live) +- Run the following commands on the CLI to log into the database: - + - `export PGPASSWORD="$(az account get-access-token --resource https://ossrdbms-aad.database.windows.net --query accessToken --output tsv)"` + - `psql "host=postgres-lungcs-[environment]-uks.postgres.database.azure.com \ + port=5432 \ + dbname=[database] \ + user=postgres_lungcs_[environment]_uks_admin \ + sslmode=require"` From 06e77749a4afd618c98605e655baa4788659baf2 Mon Sep 17 00:00:00 2001 From: Andy Mitchell <326561+Themitchell@users.noreply.github.com> Date: Wed, 22 Apr 2026 11:10:38 +0100 Subject: [PATCH 3/4] PPHA-785: Use [ERROR] string for log alerting --- infrastructure/modules/container-apps/alerts.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infrastructure/modules/container-apps/alerts.tf b/infrastructure/modules/container-apps/alerts.tf index 3d0e4309..855311f5 100644 --- a/infrastructure/modules/container-apps/alerts.tf +++ b/infrastructure/modules/container-apps/alerts.tf @@ -22,7 +22,7 @@ resource "azurerm_monitor_scheduled_query_rules_alert_v2" "five_hundred_error_al operator = "GreaterThan" query = <<-QUERY ContainerAppConsoleLogs_CL - | where Log_s contains "500" + | where Log contains "[ERROR]" QUERY threshold = 0 time_aggregation_method = "Count" From e341a17f8cdf216dc3f7deadfb427dc8a209c207 Mon Sep 17 00:00:00 2001 From: Andy Mitchell <326561+Themitchell@users.noreply.github.com> Date: Wed, 22 Apr 2026 11:11:55 +0100 Subject: [PATCH 4/4] Add nonlne to vale language exceptions --- docs/infrastructure/create-environment.md | 2 +- scripts/config/vale/styles/config/vocabularies/words/accept.txt | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/infrastructure/create-environment.md b/docs/infrastructure/create-environment.md index f75a1d43..e62c336a 100644 --- a/docs/infrastructure/create-environment.md +++ b/docs/infrastructure/create-environment.md @@ -136,7 +136,7 @@ Add the infrastructure secrets to the _inf_ key vault `kv-lungcs-[environment]-i ## Connect to Postgres Database -- Add your user as a memeber to the respective Entra ID group: +- Add your user as a member to the respective Entra ID group: - `postgres_lungcs_[environment]_uks_admin` - Log into the correct ADV for your environment type (either nonlive or live) - Run the following commands on the CLI to log into the database: - diff --git a/scripts/config/vale/styles/config/vocabularies/words/accept.txt b/scripts/config/vale/styles/config/vocabularies/words/accept.txt index d4c2e7b4..3bb4f9d7 100644 --- a/scripts/config/vale/styles/config/vocabularies/words/accept.txt +++ b/scripts/config/vale/styles/config/vocabularies/words/accept.txt @@ -30,3 +30,4 @@ yaml jq choco CLI +nonlive