Pamela Fox commited on
Commit
d9e656a
·
1 Parent(s): e04d5c2

Update azd pipeline

Browse files
Files changed (1) hide show
  1. .github/workflows/azure-dev.yaml +21 -15
.github/workflows/azure-dev.yaml CHANGED
@@ -1,11 +1,16 @@
1
- name: Azure Developer CLI
2
-
3
  on:
4
  workflow_dispatch:
5
  push:
 
 
6
  branches:
7
  - main
8
 
 
 
 
 
 
9
  permissions:
10
  id-token: write
11
  contents: read
@@ -14,9 +19,9 @@ jobs:
14
  build:
15
  runs-on: ubuntu-latest
16
  env:
17
- AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
18
- AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
19
- AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
20
  AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
21
  steps:
22
  - name: Checkout
@@ -28,7 +33,7 @@ jobs:
28
  - name: Log in with Azure (Federated Credentials)
29
  if: ${{ env.AZURE_CLIENT_ID != '' }}
30
  run: |
31
- azd login `
32
  --client-id "$Env:AZURE_CLIENT_ID" `
33
  --federated-credential-provider "github" `
34
  --tenant-id "$Env:AZURE_TENANT_ID"
@@ -39,7 +44,8 @@ jobs:
39
  run: |
40
  $info = $Env:AZURE_CREDENTIALS | ConvertFrom-Json -AsHashtable;
41
  Write-Host "::add-mask::$($info.clientSecret)"
42
- azd login `
 
43
  --client-id "$($info.clientId)" `
44
  --client-secret "$($info.clientSecret)" `
45
  --tenant-id "$($info.tenantId)"
@@ -47,16 +53,16 @@ jobs:
47
  env:
48
  AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
49
 
50
- - name: Azure Dev Provision
51
  run: azd provision --no-prompt
52
  env:
53
- AZURE_ENV_NAME: ${{ secrets.AZURE_ENV_NAME }}
54
- AZURE_LOCATION: ${{ secrets.AZURE_LOCATION }}
55
- AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
56
 
57
- - name: Azure Dev Deploy
58
  run: azd deploy --no-prompt
59
  env:
60
- AZURE_ENV_NAME: ${{ secrets.AZURE_ENV_NAME }}
61
- AZURE_LOCATION: ${{ secrets.AZURE_LOCATION }}
62
- AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
 
 
 
1
  on:
2
  workflow_dispatch:
3
  push:
4
+ # Run when commits are pushed to mainline branch (main or master)
5
+ # Set this to the mainline branch you are using
6
  branches:
7
  - main
8
 
9
+ # GitHub Actions workflow to deploy to Azure using azd
10
+ # To configure required secrets for connecting to Azure, simply run `azd pipeline config`
11
+
12
+ # Set up permissions for deploying with secretless Azure federated credentials
13
+ # https://learn.microsoft.com/en-us/azure/developer/github/connect-from-azure?tabs=azure-portal%2Clinux#set-up-azure-login-with-openid-connect-authentication
14
  permissions:
15
  id-token: write
16
  contents: read
 
19
  build:
20
  runs-on: ubuntu-latest
21
  env:
22
+ AZURE_CLIENT_ID: ${{ vars.AZURE_CLIENT_ID }}
23
+ AZURE_TENANT_ID: ${{ vars.AZURE_TENANT_ID }}
24
+ AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }}
25
  AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
26
  steps:
27
  - name: Checkout
 
33
  - name: Log in with Azure (Federated Credentials)
34
  if: ${{ env.AZURE_CLIENT_ID != '' }}
35
  run: |
36
+ azd auth login `
37
  --client-id "$Env:AZURE_CLIENT_ID" `
38
  --federated-credential-provider "github" `
39
  --tenant-id "$Env:AZURE_TENANT_ID"
 
44
  run: |
45
  $info = $Env:AZURE_CREDENTIALS | ConvertFrom-Json -AsHashtable;
46
  Write-Host "::add-mask::$($info.clientSecret)"
47
+
48
+ azd auth login `
49
  --client-id "$($info.clientId)" `
50
  --client-secret "$($info.clientSecret)" `
51
  --tenant-id "$($info.tenantId)"
 
53
  env:
54
  AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
55
 
56
+ - name: Provision Infrastructure
57
  run: azd provision --no-prompt
58
  env:
59
+ AZURE_ENV_NAME: ${{ vars.AZURE_ENV_NAME }}
60
+ AZURE_LOCATION: ${{ vars.AZURE_LOCATION }}
61
+ AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }}
62
 
63
+ - name: Deploy Application
64
  run: azd deploy --no-prompt
65
  env:
66
+ AZURE_ENV_NAME: ${{ vars.AZURE_ENV_NAME }}
67
+ AZURE_LOCATION: ${{ vars.AZURE_LOCATION }}
68
+ AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }}