[Marketing] Github pipelines to build and deploy the project (#65)

* initial pipeline * setting branches * renaming workflow to workflows * no needed permissions for building * testing pipeline * testing pipeline * testing pipeline * tweak marketing workflow * tweak paths * change to pwsh * updating run-names * trying if I can pass --no-state as a param * setting --no-state second try * renaming * powershell * add PR number to the run-name * run-name * run name test # 2000 * Confident that this will be the last try --------- Co-authored-by: Kosta Petan <kostapetan@gmail.com>
microsoft · May 22, 2024 · 71ed485 · 71ed485
1 parent 49758d8
commit 71ed485
Show file tree

Hide file tree

Showing 3 changed files with 129 additions and 2 deletions.
diff --git a/.github/workflows/marketing-build.yml b/.github/workflows/marketing-build.yml
@@ -0,0 +1,29 @@
+run-name: '[PR #${{github.event.pull_request.number}}] [Marketing Sample] Build frontend and backend containers'
+
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - '**'
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Build the backend
+        run: |
+          docker build -t marketing-backend -f samples/marketing/src/backend/Dockerfile .
+        shell: pwsh
+
+      - name: Build the frontend
+        run: |
+          cd samples/marketing/src/frontend/
+          docker build -t marketing-frontend .
+        shell: pwsh
diff --git a/.github/workflows/marketing-builddeploy.yml b/.github/workflows/marketing-builddeploy.yml
@@ -0,0 +1,98 @@
+# GitHub Actions workflow to deploy to Azure using azd
+# To configure required secrets for connecting to Azure, simply run `azd pipeline config`
+# Set up permissions for deploying with secretless Azure federated credentials
+# https://learn.microsoft.com/en-us/azure/developer/github/connect-from-azure?tabs=azure-portal%2Clinux#set-up-azure-login-with-openid-connect-authentication
+
+# This workflow needs Owner rights on the Azure Subscription:
+# $assignee = "<Enterprise_App_Object_ID>"
+# $scope = "/subscriptions/<Subscription_ID>
+# az role assignment create --assignee $assignee --role "Owner"  --scope $scope
+
+run-name: '[PR #${{github.event.pull_request.number}}] [Marketing Sample] - Build and Deploy frontend and backend'
+
+on:
+  workflow_dispatch:
+    inputs:
+      azdnostate:
+        type: choice
+        description: azd --no-state flag
+        options: 
+        - 'false'
+        - 'true'
+  push:
+    branches:
+      - main
+    paths:
+      - samples/marketing/*
+  pull_request:
+    branches:
+      - 'main'
+
+permissions:
+  id-token: write
+  contents: read
+
+defaults:
+  run:
+    shell: pwsh
+    working-directory: ./samples/marketing
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    env:
+      AZURE_SUBSCRIPTION_ID: ${{ secrets.MARKETING_AZURE_SUBSCRIPTION_ID }}
+      AZURE_ENV_NAME: ${{ secrets.MARKETING_AZURE_ENV_NAME }}
+      AZURE_LOCATION: ${{ secrets.MARKETING_AZURE_LOCATION }}
+      AZURE_TENANT_ID: ${{ secrets.MARKETING_AZURE_TENANT_ID }}
+      AZURE_CLIENT_ID: ${{ secrets.MARKETING_AZURE_CLIENT_ID }}
+      # AZURE_CREDENTIALS: ${{ secrets.MARKETING_AZURE_CREDENTIALS }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Install azd
+        uses: Azure/setup-azd@v1.0.0
+
+      # https://learn.microsoft.com/en-us/azure/developer/github/connect-from-azure?tabs=azure-portal%2Cwindows#use-the-azure-login-action-with-openid-connect
+      - name: Log in with Azure (Federated Credentials)
+        if: ${{ env.AZURE_CLIENT_ID != '' }}
+        run: |
+          azd auth login `
+            --client-id "$Env:AZURE_CLIENT_ID" `
+            --federated-credential-provider "github" `
+            --tenant-id "$Env:AZURE_TENANT_ID"
+
+      # - name: Log in with Azure (Client Credentials)
+      #   if: ${{ env.AZURE_CREDENTIALS != '' }}
+      #   run: |
+      #     $info = $Env:AZURE_CREDENTIALS | ConvertFrom-Json -AsHashtable;
+      #     Write-Host "::add-mask::$($info.clientSecret)"
+      #     azd auth login `
+      #       --client-id "$($info.clientId)" `
+      #       --client-secret "$($info.clientSecret)" `
+      #       --tenant-id "$($info.tenantId)"
+      #   shell: pwsh
+      #   env:
+      #     AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
+
+      - name: Set --no-state flag for azd
+        id: no-state
+        run: |
+          if ("${{ github.event.inputs.azdnostate }}" -eq "true") {
+            echo "::set-output name=azd-no-state-flag::--no-state"
+            Write-Warning "Using --no-state flag for azd provision"
+          } else {
+            Write-Verbose "No --no-state flag for azd provision" -Verbose
+            echo "::set-output name=azd-no-state-flag::"
+          }
+
+      - name: Provision Infrastructure
+        run: |
+          azd provision `
+          --no-prompt `
+          --environment ${{ secrets.MARKETING_AZURE_ENV_NAME }} `
+          ${{ steps.no-state.outputs.azd-no-state-flag }}
+
+      - name: Deploy Application
+        run: azd deploy --no-prompt --environment ${{ secrets.MARKETING_AZURE_ENV_NAME }}
diff --git a/samples/marketing/azure.yaml b/samples/marketing/azure.yaml
@@ -5,14 +5,14 @@ metadata:
     template: azd-init@1.8.2
 services:
     backend:
-        project: src\backend
+        project: "src/backend"
         host: containerapp
         language: dotnet
         docker:
             path: Dockerfile
             context: ../../../../
     frontend:
-        project: src\frontend
+        project: "src/frontend"
         host: containerapp
         language: ts
         dist: build