1- name : Build and deploy Python app to Azure Web App - EOAgriTool
2-
3- on :
4- push :
5- branches :
6- - main
7- workflow_dispatch :
8-
9- jobs :
10- build :
11- runs-on : ubuntu-latest
12- permissions :
13- contents : read
14-
15- steps :
16- - uses : actions/checkout@v4
17-
18- - name : Set up Python version
19- uses : actions/setup-python@v5
20- with :
21- python-version : ' 3.9'
22-
23- - name : Create and start virtual environment
24- run : |
25- python -m venv venv
26- source venv/bin/activate
27-
28- - name : Install dependencies
29- run : pip install -r requirements.txt
30-
31- # Optional: Add step to run tests here (PyTest, Django test suites, etc.)
32-
33- - name : Zip artifact for deployment
34- run : zip -r release.zip . -x 'venv/*' # Exclude venv from zip
35-
36- - name : Upload artifact for deployment jobs
37- uses : actions/upload-artifact@v4
38- with :
39- name : python-app
40- path : release.zip # Simplified path since we excluded venv in zip
41-
42- deploy :
43- runs-on : ubuntu-latest
44- needs : build
1+ # Docs for the Azure Web Apps Deploy action: https://github.com/Azure/webapps-deploy
2+ # More GitHub Actions for Azure: https://github.com/Azure/actions
3+ # More info on Python, GitHub Actions, and Azure App Service: https://aka.ms/python-webapps-actions
4+
5+ name : Build and deploy Python app to Azure Web App - EOAgriTool
6+
7+ on :
8+ push :
9+ branches :
10+ - main
11+ workflow_dispatch :
12+
13+ jobs :
14+ build :
15+ runs-on : ubuntu-latest
16+ permissions :
17+ contents : read # This is required for actions/checkout
18+
19+ steps :
20+ - uses : actions/checkout@v4
21+
22+ - name : Set up Python version
23+ uses : actions/setup-python@v5
24+ with :
25+ python-version : ' 3.9'
26+
27+ - name : Create and start virtual environment
28+ run : |
29+ python -m venv venv
30+ source venv/bin/activate
31+
32+ - name : Install dependencies
33+ run : pip install -r requirements.txt
34+
35+ # Optional: Add step to run tests here (PyTest, Django test suites, etc.)
36+
37+ - name : Zip artifact for deployment
38+ run : zip release.zip ./* -r
39+
40+ - name : Upload artifact for deployment jobs
41+ uses : actions/upload-artifact@v4
42+ with :
43+ name : python-app
44+ path : |
45+ release.zip
46+ !venv/
47+
48+ deploy :
49+ runs-on : ubuntu-latest
50+ needs : build
4551 environment :
4652 name : ' Production'
47- url : ${{ steps.deploy-to-webapp.outputs.webapp-url }}
53+ url : ${{ steps.deploy-to-webapp.outputs.webapp-url }}
4854 permissions :
49- id-token : write
50- contents : read
51-
52- steps :
53- - name : Download artifact from build job
54- uses : actions/download-artifact@v4
55- with :
56- name : python-app
57-
58- - name : Unzip artifact for deployment
59- run : unzip release.zip
60-
55+ id-token : write # This is required for requesting the JWT
56+ contents : read # This is required for actions/checkout
57+
58+ steps :
59+ - name : Download artifact from build job
60+ uses : actions/download-artifact@v4
61+ with :
62+ name : python-app
63+
64+ - name : Unzip artifact for deployment
65+ run : unzip release.zip
66+
67+
6168 - name : Login to Azure
6269 uses : azure/login@v2
6370 with :
64- client-id : ${{ secrets.AZUREAPPSERVICE_CLIENTID }}
65- tenant-id : ${{ secrets.AZUREAPPSERVICE_TENANTID }}
66- subscription-id : ${{ secrets.AZUREAPPSERVICE_SUBSCRIPTIONID }}
67-
68- - name : Deploy to Azure Web App
69- uses : azure/webapps-deploy@v3
70- id : deploy-to-webapp
71- with :
72- app-name : ' EOAgriTool'
73- slot-name : ' Production'
74-
75- # Removed insecure PAT token usage and third-party action
76- # GitHub deployments are now handled natively through environment configuration
71+ client-id : ${{ secrets.AZUREAPPSERVICE_CLIENTID_4B2AA51C8F3E408F929B19AAB9401302 }}
72+ tenant-id : ${{ secrets.AZUREAPPSERVICE_TENANTID_39535BE70D534ABDB745C9214BE55081 }}
73+ subscription-id : ${{ secrets.AZUREAPPSERVICE_SUBSCRIPTIONID_BB2D4206F5AC44CDA3289568B63A38F7 }}
74+
75+ - name : ' Deploy to Azure Web App'
76+ uses : azure/webapps-deploy@v3
77+ id : deploy-to-webapp
78+ with :
79+ app-name : ' EOAgriTool'
80+ slot-name : ' Production'
81+
0 commit comments