Skip to content

Update arm-deploy GitHub Action #132

Update arm-deploy GitHub Action

Update arm-deploy GitHub Action #132

Workflow file for this run

name: Build
on:
push:
branches:
- main
paths-ignore:
- .github/workflows/security-scanning.yml
- .github/workflows/skipped-security-scanning.yml
- .github/workflows/skipped-workflow.yml
- '.vscode/**'
- .editorconfig
- LICENSE
- README.md
pull_request:
types:
- opened
- reopened
- synchronize
- closed
branches:
- main
paths-ignore:
- .github/workflows/security-scanning.yml
- .github/workflows/skipped-security-scanning.yml
- .github/workflows/skipped-workflow.yml
- '.vscode/**'
- .editorconfig
- LICENSE
- README.md
permissions:
id-token: write
env:
RESOURCE_GROUP_NAME: cors-rg
STATIC_WEB_APP_NAME: cors-stapp
AZURE_LOCATION: eastasia
jobs:
build:
name: Build
if: github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.action != 'closed')
outputs:
deployPullRequest: ${{ steps.should_deploy_pr.outputs.deployPullRequest }}
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: yarn install
run: yarn install
- name: yarn lint
run: yarn lint
- name: yarn build-prod
run: yarn build-prod
- name: Version web artifact
run: jq --arg formattedDate $(date +%Y%m%d) '.build = $formattedDate + "." + $ENV.GITHUB_RUN_NUMBER | .commit = $ENV.GITHUB_SHA | .apiBaseUrl = "https://cors-func.azurewebsites.net"' dist/browser/environment.json > tmp.$$.json && mv tmp.$$.json dist/browser/environment.json
- name: Publish API
working-directory: ./api
run: |
dotnet publish --configuration Release --output ./dist
cd dist
zip -r ./api.zip ./*
- name: Upload API artifact
uses: actions/upload-artifact@v4
with:
name: api
path: api/dist/api.zip
if-no-files-found: error
- name: Upload web artifact
uses: actions/upload-artifact@v4
with:
name: web
path: dist/browser
if-no-files-found: error
- name: Upload bicep artifact
uses: actions/upload-artifact@v4
with:
name: bicep
path: deploy
if-no-files-found: error
- name: Determine if we're deploying on Pull Request
id: should_deploy_pr
if: ${{ github.event_name == 'pull_request' }}
run: |
headCommitMessage=$(git log ${{ github.event.pull_request.head.sha }} -n 1 --format=%B)
echo "HEAD commit message is: $headCommitMessage"
if [[ $headCommitMessage == *"[deploy-pr]"* ]]; then
echo "::notice ::Deploying Pull Request to preview environment"
echo "deployPullRequest=true" >> $GITHUB_OUTPUT
fi
release:
name: Release
if: ${{ github.ref == 'refs/heads/main' || needs.build.outputs.deployPullRequest == 'true' }}
runs-on: ubuntu-22.04
environment: PROD
needs: build
env:
resourceGroupName: cors-cache
storageAccountName: corscache
DEPLOYMENT_NAME:
DEPLOYMENT_TOKEN:
steps:
- name: Download bicep artifact
uses: actions/download-artifact@v4
with:
name: bicep
path: deploy
- name: Download web artifact
uses: actions/download-artifact@v4
with:
name: web
path: web
- name: Download API artifact
uses: actions/download-artifact@v4
with:
name: api
path: api
- name: Sign in to Azure
uses: azure/login@v1
with:
client-id: ${{ secrets.AZURE_CLIENT_ID_1 }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- name: Set deployment name
run: echo "DEPLOYMENT_NAME=cors-$(date +%y%m%d-%H%M%S)-$(uuidgen | cut -c 1-4)" >> $GITHUB_ENV
- name: Create / update resource group
run: az group create --name ${{ env.RESOURCE_GROUP_NAME }} --location ${{ env.AZURE_LOCATION }}
- name: Deploy Bicep file
uses: azure/arm-deploy@v2
with:
scope: resourcegroup
deploymentName: ${{ env.DEPLOYMENT_NAME }}
resourceGroupName: ${{ env.RESOURCE_GROUP_NAME }}
template: deploy/main.bicep
parameters: >
staticWebAppLocation=${{ env.AZURE_LOCATION }}
failOnStdErr: false
- name: Set Static Web App deployment token
run: |
jsonDeploymentToken=$(az staticwebapp secrets list --name ${{ env.STATIC_WEB_APP_NAME }} --resource-group ${{ env.RESOURCE_GROUP_NAME }} --query 'properties.apiKey')
deploymentToken="${jsonDeploymentToken:1:-1}"
echo "::add-mask::$deploymentToken"
echo "DEPLOYMENT_TOKEN=$deploymentToken" >> $GITHUB_ENV
- name: Deploy to Static Web App
uses: Azure/static-web-apps-deploy@v1
with:
azure_static_web_apps_api_token: ${{ env.DEPLOYMENT_TOKEN }}
action: 'upload'
app_location: 'web'
output_location: ''
skip_app_build: true
skip_api_build: true
- name: Deploy API
run: az functionapp deploy --resource-group ${{ env.RESOURCE_GROUP_NAME }} --name 'cors-func' --src-path 'api/api.zip'
delete_preview_environment:
name: Delete Static Web App Pull Request preview environment
if: github.event_name == 'pull_request' && github.event.action == 'closed'
runs-on: ubuntu-22.04
environment: PROD
env:
DEPLOYMENT_TOKEN:
steps:
- name: Sign in to Azure
uses: azure/login@v1
with:
client-id: ${{ secrets.AZURE_CLIENT_ID_1 }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- name: Set Static Web App deployment token
run: |
jsonDeploymentToken=$(az staticwebapp secrets list --name ${{ env.STATIC_WEB_APP_NAME }} --resource-group ${{ env.RESOURCE_GROUP_NAME }} --query 'properties.apiKey')
deploymentToken="${jsonDeploymentToken:1:-1}"
echo "::add-mask::$deploymentToken"
echo "DEPLOYMENT_TOKEN=$deploymentToken" >> $GITHUB_ENV
- name: Delete preview environment
uses: Azure/static-web-apps-deploy@v1
with:
azure_static_web_apps_api_token: ${{ env.DEPLOYMENT_TOKEN }}
action: 'close'
app_location: 'web'