Incorporate testing feedback #429
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This file is part of our engineering process to build and maintain this file. | |
| # See the README markdown file for further details | |
| on: | |
| workflow_dispatch: | |
| pull_request: | |
| types: [opened, synchronize, ready_for_review, reopened] | |
| schedule: | |
| - cron: '0 12 1 * *' # Run at 12:00 on the 1st day of the month | |
| # https://learn.microsoft.com/en-us/azure/developer/github/connect-from-azure?tabs=azure-portal%2Clinux#set-up-azure-login-with-openid-connect-authentication | |
| permissions: | |
| id-token: write | |
| contents: read | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| container: | |
| # Pinned to 1.3.0 while we await feedback on an issue that surfaces after upgrading Bicep starting in version 1.3.1 | |
| image: mcr.microsoft.com/azure-dev-cli-apps:1.3.0 | |
| env: | |
| AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} | |
| AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} | |
| AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
| AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }} | |
| AZURE_ENV_NAME: ${{ secrets.AZURE_ENV_NAME }}scheduled | |
| AZURE_LOCATION: ${{ secrets.AZURE_LOCATION2 }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v2 | |
| # login to run ado commands such provision, deploy, and down | |
| - name: Log in with Azure (Client Credentials) for AZD | |
| if: ${{ env.AZURE_CREDENTIALS != '' }} | |
| run: | | |
| $info = $Env:AZURE_CREDENTIALS | ConvertFrom-Json -AsHashtable; | |
| Write-Host "::add-mask::$($info.clientSecret)" | |
| azd login ` | |
| --client-id "$($info.clientId)" ` | |
| --client-secret "$($info.clientSecret)" ` | |
| --tenant-id "$($info.tenantId)" | |
| shell: pwsh | |
| env: | |
| AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }} | |
| - name: Create AZD environment | |
| # Creating an azd environment so we can set the principal type | |
| # https://github.com/Azure/reliable-web-app-pattern-dotnet/issues/241 | |
| run: azd env new ${{ secrets.AZURE_ENV_NAME }}scheduled --subscription ${{ secrets.AZURE_SUBSCRIPTION_ID }} --location ${{ secrets.AZURE_LOCATION2 }} | |
| - name: Set AZD PRINCIPAL_TYPE | |
| # Adding RBAC permissions via the script enables the sample to work around a permission propagation issue outlined in the issue | |
| # https://github.com/Azure/reliable-web-app-pattern-dotnet/issues/138 | |
| run: azd env set PRINCIPAL_TYPE servicePrincipal | |
| - name: Azure Dev Provision | |
| run: azd provision --no-prompt | |
| - name: Set AZD AZURE_RESOURCE_GROUP | |
| # temporary work around for known issue with multiple resource groups | |
| # https://github.com/Azure/azure-dev/issues/690 | |
| run: azd env set AZURE_RESOURCE_GROUP ${{ secrets.AZURE_ENV_NAME }}scheduled-rg | |
| - name: Azure Dev Deploy | |
| run: azd deploy --no-prompt | |
| # login to run az cli commands such as validateDeployment.sh | |
| - name: Log in with Azure CLI | |
| uses: azure/login@v1 | |
| with: | |
| creds: ${{ secrets.AZURE_CREDENTIALS }} | |
| - name: QA - Validate Deployment | |
| run: | | |
| chmod +x ./infra/devOpsScripts/validateDeployment.sh | |
| ./infra/devOpsScripts/validateDeployment.sh -g ${{ secrets.AZURE_ENV_NAME }}scheduled-rg | |
| teardown: | |
| needs: [build] | |
| runs-on: ubuntu-latest | |
| container: | |
| image: mcr.microsoft.com/azure-dev-cli-apps:latest | |
| env: | |
| AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} | |
| AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} | |
| AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
| AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }} | |
| AZURE_ENV_NAME: ${{ secrets.AZURE_ENV_NAME }}scheduled | |
| AZURE_LOCATION: ${{ secrets.AZURE_LOCATION2 }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v2 | |
| # login to run ado commands such provision, deploy, and down | |
| - name: Log in with Azure (Client Credentials) for AZD | |
| if: ${{ env.AZURE_CREDENTIALS != '' }} | |
| run: | | |
| $info = $Env:AZURE_CREDENTIALS | ConvertFrom-Json -AsHashtable; | |
| Write-Host "::add-mask::$($info.clientSecret)" | |
| azd login ` | |
| --client-id "$($info.clientId)" ` | |
| --client-secret "$($info.clientSecret)" ` | |
| --tenant-id "$($info.tenantId)" | |
| shell: pwsh | |
| env: | |
| AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }} | |
| - name: Create AZD environment | |
| # Creating an azd environment so we can set the principal type | |
| # https://github.com/Azure/reliable-web-app-pattern-dotnet/issues/241 | |
| run: azd env new ${{ secrets.AZURE_ENV_NAME }}scheduled --subscription ${{ secrets.AZURE_SUBSCRIPTION_ID }} --location ${{ secrets.AZURE_LOCATION2 }} | |
| - name: Azure Dev Down | |
| run: azd down --force --purge --no-prompt | |