-
Notifications
You must be signed in to change notification settings - Fork 16
62 lines (58 loc) · 1.95 KB
/
detect-drift.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
name: Detect Infrastructure Drift
permissions:
id-token: write
contents: read
on:
pull_request:
branches:
- main
paths:
- '**.bicep'
env:
RESOURCE_GROUP: ${{ vars.RESOURCE_GROUP }}
STORAGE_ACCOUNT_NAME: ${{ vars.STORAGE_ACCOUNT_NAME }}
APP_INSIGHTS_ACCOUNT_NAME: ${{ vars.APP_INSIGHTS_ACCOUNT_NAME }}
jobs:
detect-drift-staging:
name: Detect Drift - Staging
runs-on: ubuntu-latest
environment: staging-pr
steps:
- name: Checkout
uses: actions/checkout@v1
- uses: azure/login@v1
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- name: Detect Drift
uses: azure/CLI@v1
with:
inlineScript: |
az deployment group create --name ftaaas --template-file infra/deploytostorageaccount.bicep --parameters accountName=$STORAGE_ACCOUNT_NAME appInsightsName=$APP_INSIGHTS_ACCOUNT_NAME skuName=Standard_LRS -g $RESOURCE_GROUP --what-if
- name: logout
run: |
az logout
if: always()
detect-drift-production:
name: Detect Drift - Production
runs-on: ubuntu-latest
needs: detect-drift-staging
environment: production-pr
steps:
- name: Checkout
uses: actions/checkout@v1
- uses: azure/login@v1
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- name: Detect Drift
uses: azure/CLI@v1
with:
inlineScript: |
az deployment group create --name ftaaas --template-file infra/deploytostorageaccount.bicep --parameters accountName=$STORAGE_ACCOUNT_NAME appInsightsName=$APP_INSIGHTS_ACCOUNT_NAME skuName=Standard_LRS -g $RESOURCE_GROUP --what-if
- name: logout
run: |
az logout
if: always()