Skip to content

Commit

Permalink
Test workflow
Browse files Browse the repository at this point in the history
  • Loading branch information
peterdavidhamilton committed Apr 23, 2024
1 parent b642162 commit 08b1d46
Show file tree
Hide file tree
Showing 3 changed files with 191 additions and 0 deletions.
45 changes: 45 additions & 0 deletions .github/workflows/azure-deploy-review-teardown.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
name: 'App Deploy [Azure - REVIEW TEARDOWN]'

on:
pull_request:
types:
- closed

# Permissions for OIDC authentication
permissions:
id-token: write

env:
ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
DOCKER_IMAGE: ghcr.io/dfe-digital/help-for-early-years-providers
PR_NUMBER: pr-${{ github.event.number }}

jobs:
teardown:
runs-on: ubuntu-latest
environment: development

steps:
# Login to Azure using OIDC
- name: Login to Azure CLI
uses: azure/login@v2
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}

# Destroy Web Application
- name: Destroy Azure Web Application
uses: azure/CLI@v2
with:
azcliversion: 2.50.0
inlineScript: |
az webapp deployment slot delete --resource-group ${{ secrets.AZURE_RESOURCE_GROUP }} \
--name ${{ vars.REVIEWAPP_NAME }} \
--slot ${{ env.PR_NUMBER }}
az postgres flexible-server db delete --resource-group ${{ secrets.AZURE_RESOURCE_GROUP }} \
--server-name ${{ vars.RESOURCE_NAME_PREFIX }}-psqlfs \
--database-name ${{ env.PR_NUMBER }} \
--yes
137 changes: 137 additions & 0 deletions .github/workflows/azure-deploy-review.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,137 @@
name: 'App Deploy [Azure - REVIEW]'

on:
pull_request:
types:
- labeled # uses 'review'
- synchronize
paths-ignore:
- '**/*.md'
- .docker*
- .env.example
- .gitignore
- .tool-versions
- .yardopts
- bin/*
- docker-compose.*
- Dockerfile
- terraform-azure
- uml/*

# Permissions for OIDC authentication and URL comment step
permissions:
id-token: write
contents: write
packages: write
pull-requests: write

env:
ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
DOCKER_IMAGE: ghcr.io/dfe-digital/help-for-early-years-providers
PR_NUMBER: pr-${{ github.event.number }}

jobs:
build-and-deploy:
if: contains(github.event.pull_request.labels.*.name, 'review')
runs-on: ubuntu-latest
environment: development

steps:
# Checkout the repository to the GitHub Actions runner
- name: Checkout Code
uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.sha }}

# Create and boot Docker image builder
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: v0.9.1

# Login to the container registry
- name: Login to Github Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}

# Build and push image
# - name: Build and push dependencies
# uses: docker/build-push-action@v5
# with:
# target: deps
# context: .
# push: true
# build-args: |
# BUILDKIT_INLINE_CACHE=1
# SHA=${{ github.event.pull_request.head.sha }}
# cache-from: |
# ${{ env.DOCKER_IMAGE }}:deps
# tags: ${{ env.DOCKER_IMAGE }}:deps

- name: Build and push Docker image
uses: docker/build-push-action@v5
with:
target: app
context: .
push: true
build-args: |
BUILDKIT_INLINE_CACHE=1
SHA=${{ github.event.pull_request.head.sha }}
cache-from: |
${{ env.DOCKER_IMAGE }}:${{ github.event.pull_request.head.sha }}
${{ env.DOCKER_IMAGE }}:${{ env.PR_NUMBER }}
${{ env.DOCKER_IMAGE }}:latest
tags: |
${{ env.DOCKER_IMAGE }}:${{ github.event.pull_request.head.sha }}
${{ env.DOCKER_IMAGE }}:${{ env.PR_NUMBER }}
# Login to Azure using OIDC
- name: Login to Azure CLI
uses: azure/login@v2
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}

# Deploy Web Application
- name: Deploy to Azure App Services
uses: azure/CLI@v2
with:
azcliversion: 2.50.0
inlineScript: |
az postgres flexible-server db create --resource-group ${{ secrets.AZURE_RESOURCE_GROUP }} \
--server-name ${{ vars.RESOURCE_NAME_PREFIX }}-psqlfs \
--database-name ${{ env.PR_NUMBER }} \
--output none
az webapp config appsettings set --resource-group ${{ secrets.AZURE_RESOURCE_GROUP }} \
--name ${{ vars.REVIEWAPP_NAME }} \
--settings DATABASE_URL="postgresql://${{ secrets.PSQLFS_USERNAME }}:${{ secrets.PSQLFS_PASSWORD }}@${{ vars.RESOURCE_NAME_PREFIX }}-psqlfs.postgres.database.azure.com/${{ env.PR_NUMBER }}?sslmode=require" \
--output none
az webapp deployment slot create --resource-group ${{ secrets.AZURE_RESOURCE_GROUP }} \
--name ${{ vars.REVIEWAPP_NAME }} \
--slot ${{ env.PR_NUMBER }} \
--configuration-source ${{ vars.REVIEWAPP_NAME }} \
--deployment-container-image-name ${{ env.DOCKER_IMAGE }}:${{ env.PR_NUMBER }} \
--output none
az webapp vnet-integration add --resource-group ${{ secrets.AZURE_RESOURCE_GROUP }} \
--name ${{ vars.REVIEWAPP_NAME }} \
--slot ${{ env.PR_NUMBER }} \
--subnet ${{ secrets.AZURE_REVIEW_APP_SUBNET }} \
--vnet ${{ secrets.AZURE_VNET }}
az webapp config appsettings set --resource-group ${{ secrets.AZURE_RESOURCE_GROUP }} \
--name ${{ vars.REVIEWAPP_NAME }} \
--slot ${{ env.PR_NUMBER }} \
--slot-settings DOMAIN="${{ vars.REVIEWAPP_NAME }}-${{ env.PR_NUMBER }}.azurewebsites.net" \
--output none
# Add URL to Pull Request
- name: Comment URL to PR
uses: mshick/add-pr-comment@v2
with:
message: https://${{ vars.REVIEWAPP_NAME }}-${{ env.PR_NUMBER }}.azurewebsites.net
repo-token: ${{ secrets.GITHUB_TOKEN }}
9 changes: 9 additions & 0 deletions .yardopts
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
--title "Help for Early Years Providers"
--plugin junk
--protected
--private
--markup markdown
-
adr/*.md
RELEASE.md
LICENCE

0 comments on commit 08b1d46

Please sign in to comment.