feat(#990): Foundry V3 hosted-agents pilot end-to-end (with portal-vi… #51
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: deploy-azd-truth-export (entrypoint) | |
| on: | |
| push: | |
| branches: | |
| - main | |
| paths: | |
| - apps/truth-export/** | |
| - lib/** | |
| - azure.yaml | |
| - .infra/** | |
| - .kubernetes/** | |
| - .github/workflows/deploy-azd.yml | |
| - .github/workflows/deploy-azd-truth-export.yml | |
| workflow_dispatch: | |
| inputs: | |
| location: | |
| description: Azure location | |
| required: true | |
| default: centralus | |
| projectName: | |
| description: Project prefix used by naming convention | |
| required: true | |
| default: holidaypeakhub405 | |
| imageTag: | |
| description: Image tag to deploy | |
| required: true | |
| default: latest | |
| testedSourceSha: | |
| description: Optional tested source commit SHA to deploy | |
| required: false | |
| default: '' | |
| testedSourceRef: | |
| description: Optional tested source ref to deploy when testedSourceSha is empty | |
| required: false | |
| default: '' | |
| skipProvision: | |
| description: Skip azd provision and reuse the current environment infrastructure | |
| required: true | |
| type: boolean | |
| default: true | |
| forceApimSync: | |
| description: Force APIM sync and smoke checks even when no changed services are detected | |
| required: true | |
| type: boolean | |
| default: true | |
| autoAllowAcrRunnerIp: | |
| description: Temporarily allow GitHub runner egress IP in ACR firewall during deploy | |
| required: true | |
| type: boolean | |
| default: true | |
| skipPromptGates: | |
| description: Skip the prompt-sync CI gates (image prompt verification and Foundry instructions verification) | |
| required: true | |
| type: boolean | |
| default: false | |
| skipPostgresPreflight: | |
| description: Skip the PostgreSQL password preflight probe (CRUD only; ignored for agent services) | |
| required: true | |
| type: boolean | |
| default: false | |
| permissions: | |
| id-token: write | |
| contents: write | |
| concurrency: | |
| group: deploy-azd-dev-truth-export | |
| cancel-in-progress: false | |
| jobs: | |
| deploy: | |
| permissions: | |
| id-token: write | |
| contents: write | |
| issues: write | |
| uses: ./.github/workflows/deploy-azd.yml | |
| with: | |
| environment: dev | |
| githubEnvironment: dev | |
| location: ${{ github.event_name == 'workflow_dispatch' && inputs.location || 'centralus' }} | |
| projectName: ${{ github.event_name == 'workflow_dispatch' && inputs.projectName || 'holidaypeakhub405' }} | |
| imageTag: ${{ github.event_name == 'workflow_dispatch' && inputs.imageTag || github.sha }} | |
| sourceSha: ${{ github.event_name == 'workflow_dispatch' && inputs.testedSourceSha || github.sha }} | |
| sourceRef: ${{ github.event_name == 'workflow_dispatch' && inputs.testedSourceRef || github.ref }} | |
| deployStatic: false | |
| uiOnly: false | |
| apiBaseUrl: '' | |
| deployChangedOnly: true | |
| skipProvision: ${{ fromJSON(github.event_name == 'workflow_dispatch' && toJSON(inputs.skipProvision) || 'true') }} | |
| serviceFilter: truth-export | |
| forceApimSync: ${{ fromJSON(github.event_name == 'workflow_dispatch' && toJSON(inputs.forceApimSync) || 'true') }} | |
| autoAllowAcrRunnerIp: ${{ fromJSON(github.event_name == 'workflow_dispatch' && toJSON(inputs.autoAllowAcrRunnerIp) || 'true') }} | |
| skipApiSmokeChecks: false | |
| skipPromptGates: ${{ fromJSON(github.event_name == 'workflow_dispatch' && toJSON(inputs.skipPromptGates) || 'false') }} | |
| skipPostgresPreflight: ${{ fromJSON(github.event_name == 'workflow_dispatch' && toJSON(inputs.skipPostgresPreflight) || 'false') }} | |
| secrets: | |
| AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} | |
| AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} | |
| AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} |