-
Notifications
You must be signed in to change notification settings - Fork 0
61 lines (45 loc) · 2.15 KB
/
deploy-identity-tf.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
# https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/guides/service_principal_client_secret
name: 3 Deploy Identity (TF)
# Controls when the workflow will run
on: workflow_dispatch
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
# This workflow contains a single job called "build"
terraform-cli-deploy-identity:
# The type of runner that the job will run on
runs-on: ubuntu-latest
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v3
- name: Login to Azure
uses: azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
# Runs a single command using the runners shell
- name: Install Terraform
run: |
wget -O- https://apt.releases.hashicorp.com/gpg | gpg --dearmor | sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg
echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
sudo apt update && sudo apt install terraform
# Runs a set of commands using the runners shell
- name: Terreform Init
run: |
cd IaC/identity
terraform init
- name: Terreform Plan
run: |
terraform -chdir=IaC/identity plan
env:
ARM_CLIENT_ID: ${{ secrets.CLIENTID }}
ARM_CLIENT_SECRET: ${{ secrets.CLIENTSECRET }}
ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION }}
ARM_TENANT_ID: ${{ secrets.TENANTID }}
- name: Terreform Apply
run: |
terraform -chdir=IaC/identity apply -auto-approve
env:
ARM_CLIENT_ID: ${{ secrets.CLIENTID }}
ARM_CLIENT_SECRET: ${{ secrets.CLIENTSECRET }}
ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION }}
ARM_TENANT_ID: ${{ secrets.TENANTID }}