HfEYP App Deploy [Azure - PROD] #2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 'HfEYP App Deploy [Azure - PROD]' | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| version: | |
| description: 'Create release version ("vx.x.x")' | |
| type: string | |
| required: true | |
| ref: | |
| description: 'Release candidate to deploy ("rcx.x.x")' | |
| type: string | |
| required: true | |
| push: | |
| tags: | |
| - v* | |
| # Permissions for OIDC authentication | |
| permissions: | |
| id-token: write | |
| contents: write | |
| packages: write | |
| env: | |
| ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} | |
| ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
| ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} | |
| DOCKER_IMAGE: ghcr.io/dfe-digital/help-for-early-years-providers | |
| RELEASE_VERSION: ${{ inputs.version || github.sha }} | |
| jobs: | |
| build-and-deploy: | |
| runs-on: ubuntu-latest | |
| environment: production | |
| steps: | |
| - name: Check tag format | |
| run: | | |
| echo ${{ inputs.ref }} | grep -E '^rc[0-9]+\.[0-9]+\.[0-9]+$' | |
| # Login to the container registry | |
| - name: Login to Github Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: retag docker image | |
| run: | | |
| docker pull ${{ env.DOCKER_IMAGE }}:${{ inputs.ref }} | |
| docker tag ${{ env.DOCKER_IMAGE }}:${{ inputs.ref }} ${{ env.DOCKER_IMAGE }}:${{ github.event.inputs.version }} | |
| docker push ${{ env.DOCKER_IMAGE }}:${{ inputs.version }} | |
| # Login to Azure using OIDC | |
| - name: Login to Azure CLI | |
| uses: azure/login@v1 | |
| with: | |
| client-id: ${{ secrets.AZURE_CLIENT_ID }} | |
| tenant-id: ${{ secrets.AZURE_TENANT_ID }} | |
| subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
| # Deploy Web Application | |
| - name: Deploy to Azure App Services | |
| uses: azure/webapps-deploy@v2 | |
| with: | |
| app-name: ${{ vars.WEBAPP_NAME }} | |
| images: ${{ env.DOCKER_IMAGE }}:${{ inputs.version }} | |
| slot-name: ${{ vars.WEBAPP_DEPLOY_SLOT }} |