Skip to content

Merge branch 'main' of https://github.com/frasermolyneux/portal-repos… #89

Merge branch 'main' of https://github.com/frasermolyneux/portal-repos…

Merge branch 'main' of https://github.com/frasermolyneux/portal-repos… #89

Workflow file for this run

name: Deploy Prd
on:
push:
branches:
- main
workflow_dispatch:
schedule:
- cron: "0 4 * * 3"
permissions: {}
concurrency:
group: ${{ github.workflow }}
jobs:
detect-changes:
permissions:
contents: read
runs-on: ubuntu-latest
outputs:
src: ${{ steps.changes.outputs.src }}
terraform: ${{ steps.changes.outputs.terraform }}
steps:
- id: changes
uses: frasermolyneux/actions/detect-changes@main
with:
filters: |
src:src/**
terraform:terraform/**
terraform-state-check-dev:
if: github.event_name != 'schedule'
permissions:
contents: read
id-token: write
environment: Development
runs-on: ubuntu-latest
outputs:
has_resources: ${{ steps.state-check.outputs.has_resources }}
state_tainted: ${{ steps.state-check.outputs.state_tainted }}
steps:
- id: state-check
uses: frasermolyneux/actions/terraform-state-check@terraform-state-check/v1.1
with:
terraform-folder: "terraform"
terraform-var-file: "tfvars/dev.tfvars"
terraform-backend-file: "backends/dev.backend.hcl"
AZURE_CLIENT_ID: ${{ vars.AZURE_CLIENT_ID }}
AZURE_TENANT_ID: ${{ vars.AZURE_TENANT_ID }}
AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }}
build-and-test:
permissions:
contents: read
id-token: write
if: |
!failure() && !cancelled() && (github.event_name != 'push' || github.ref == 'refs/heads/main') && (needs.detect-changes.outputs.src == 'true' || needs.terraform-state-check-dev.outputs.state_tainted == 'true')
needs:
- detect-changes
- terraform-state-check-dev
runs-on: ubuntu-latest
steps:
- uses: frasermolyneux/actions/dotnet-func-ci@dotnet-func-ci/v1.4
with:
dotnet-project: "XtremeIdiots.Portal.Repository.App"
dotnet-version: 9.0.x
src-folder: "src"
terraform-plan-and-apply-dev:
if: github.event_name != 'schedule'
permissions:
contents: read
id-token: write
environment: Development
needs:
- detect-changes
- terraform-state-check-dev
runs-on: ubuntu-latest
concurrency:
group: ${{ github.repository }}-dev
steps:
- uses: frasermolyneux/actions/terraform-plan-and-apply@terraform-plan-and-apply/v1.4
if: needs.detect-changes.outputs.terraform == 'true' || needs.terraform-state-check-dev.outputs.state_tainted == 'true'
with:
terraform-folder: "terraform"
terraform-var-file: "tfvars/dev.tfvars"
terraform-backend-file: "backends/dev.backend.hcl"
AZURE_CLIENT_ID: ${{ vars.AZURE_CLIENT_ID }}
AZURE_TENANT_ID: ${{ vars.AZURE_TENANT_ID }}
AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }}
- uses: frasermolyneux/actions/terraform-output@terraform-output/v1.0
if: needs.detect-changes.outputs.terraform != 'true' && needs.terraform-state-check-dev.outputs.state_tainted != 'true'
with:
terraform-folder: "terraform"
terraform-var-file: "tfvars/dev.tfvars"
terraform-backend-file: "backends/dev.backend.hcl"
AZURE_CLIENT_ID: ${{ vars.AZURE_CLIENT_ID }}
AZURE_TENANT_ID: ${{ vars.AZURE_TENANT_ID }}
AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }}
- id: terraform-output
shell: bash
run: |
cd terraform
echo "function_app_name=$(terraform output -raw function_app_name)" >> $GITHUB_OUTPUT
echo "resource_group_name=$(terraform output -raw resource_group_name)" >> $GITHUB_OUTPUT
env:
ARM_CLIENT_ID: ${{ vars.AZURE_CLIENT_ID }}
ARM_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }}
ARM_TENANT_ID: ${{ vars.AZURE_TENANT_ID }}
ARM_USE_AZUREAD: true
ARM_USE_OIDC: true
outputs:
function_app_name: ${{ steps.terraform-output.outputs.function_app_name }}
resource_group_name: ${{ steps.terraform-output.outputs.resource_group_name }}
function-app-deploy-dev:
permissions:
contents: read
id-token: write
environment: Development
needs:
- detect-changes
- terraform-state-check-dev
- build-and-test
- terraform-plan-and-apply-dev
runs-on: ubuntu-latest
concurrency:
group: ${{ github.repository }}-dev
if: |
!failure() && !cancelled() &&
github.event_name != 'schedule' &&
(needs.detect-changes.outputs.src == 'true' || needs.terraform-state-check-dev.outputs.state_tainted == 'true')
steps:
- uses: frasermolyneux/actions/deploy-function-app@deploy-function-app/v1.2
with:
function-app-artifact-name: "XtremeIdiots.Portal.Repository.App"
function-app-name: ${{ needs.terraform-plan-and-apply-dev.outputs.function_app_name }}
function-app-resource-group: ${{ needs.terraform-plan-and-apply-dev.outputs.resource_group_name }}
AZURE_CLIENT_ID: ${{ vars.AZURE_CLIENT_ID }}
AZURE_TENANT_ID: ${{ vars.AZURE_TENANT_ID }}
AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }}
terraform-plan-and-apply-prd:
permissions:
contents: read
id-token: write
environment: Production
needs:
- detect-changes
- build-and-test
- terraform-plan-and-apply-dev
- function-app-deploy-dev
runs-on: ubuntu-latest
concurrency:
group: ${{ github.repository }}-prd
if: |
!failure() && !cancelled() &&
(needs.terraform-plan-and-apply-dev.result == 'success' || github.event_name == 'schedule')
steps:
- uses: frasermolyneux/actions/terraform-plan-and-apply@terraform-plan-and-apply/v1.4
if: needs.detect-changes.outputs.terraform == 'true'
with:
terraform-folder: "terraform"
terraform-var-file: "tfvars/prd.tfvars"
terraform-backend-file: "backends/prd.backend.hcl"
AZURE_CLIENT_ID: ${{ vars.AZURE_CLIENT_ID }}
AZURE_TENANT_ID: ${{ vars.AZURE_TENANT_ID }}
AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }}
- uses: frasermolyneux/actions/terraform-output@terraform-output/v1.0
if: needs.detect-changes.outputs.terraform != 'true'
with:
terraform-folder: "terraform"
terraform-var-file: "tfvars/prd.tfvars"
terraform-backend-file: "backends/prd.backend.hcl"
AZURE_CLIENT_ID: ${{ vars.AZURE_CLIENT_ID }}
AZURE_TENANT_ID: ${{ vars.AZURE_TENANT_ID }}
AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }}
- id: terraform-output
shell: bash
run: |
cd terraform
echo "function_app_name=$(terraform output -raw function_app_name)" >> $GITHUB_OUTPUT
echo "resource_group_name=$(terraform output -raw resource_group_name)" >> $GITHUB_OUTPUT
env:
ARM_CLIENT_ID: ${{ vars.AZURE_CLIENT_ID }}
ARM_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }}
ARM_TENANT_ID: ${{ vars.AZURE_TENANT_ID }}
ARM_USE_AZUREAD: true
ARM_USE_OIDC: true
outputs:
function_app_name: ${{ steps.terraform-output.outputs.function_app_name }}
resource_group_name: ${{ steps.terraform-output.outputs.resource_group_name }}
function-app-deploy-prd:
permissions:
contents: read
id-token: write
environment: Production
needs:
- detect-changes
- terraform-plan-and-apply-prd
- function-app-deploy-dev
runs-on: ubuntu-latest
concurrency:
group: ${{ github.repository }}-prd
if: |
!failure() && !cancelled() &&
needs.terraform-plan-and-apply-prd.result == 'success' &&
needs.detect-changes.outputs.src == 'true'
steps:
- uses: frasermolyneux/actions/deploy-function-app@deploy-function-app/v1.2
with:
function-app-artifact-name: "XtremeIdiots.Portal.Repository.App"
function-app-name: ${{ needs.terraform-plan-and-apply-prd.outputs.function_app_name }}
function-app-resource-group: ${{ needs.terraform-plan-and-apply-prd.outputs.resource_group_name }}
AZURE_CLIENT_ID: ${{ vars.AZURE_CLIENT_ID }}
AZURE_TENANT_ID: ${{ vars.AZURE_TENANT_ID }}
AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }}