-
Notifications
You must be signed in to change notification settings - Fork 8
98 lines (87 loc) · 3 KB
/
admin-deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
on:
workflow_call:
inputs:
environment:
required: true
type: string
resourceGroupName:
required: true
type: string
secrets:
AZURE_CREDENTIALS:
required: true
permissions:
id-token: write
contents: read
jobs:
deploy:
name: Admin - ${{ inputs.environment }}
runs-on: ubuntu-latest
environment:
name: ${{ inputs.environment }}
url: ${{ steps.bicep.outputs.storageAccountUrl }}
steps:
- uses: actions/download-artifact@v4
- name: Set appsettings.json
if: ${{ inputs.environment == 'staging' }}
run: |
cd ui
cp appsettings.json appsettings.json.bak
cp appsettings.${{ inputs.environment }}.json appsettings.json
- uses: azure/login@v2
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
enable-AzPSSession: true
- name: Deploy Bicep
id: bicep
shell: pwsh
run: |
$out = az deployment group create `
--resource-group ${{ inputs.resourceGroupName }} `
--template-file .\infra\admin-main.bicep `
--parameters environment=${{ inputs.environment }} `
| convertfrom-json | foreach properties | foreach outputs
$out.PSObject.Properties | ForEach-Object {
$name = $_.Name
$value = $_.Value.value
Write-Output "::set-output name=$($name)::$($value)"
}
- name: Enable Static Website on Azure Storage
id: enable-static-site
shell: pwsh
run: |
az storage blob service-properties update `
--account-name ${{ steps.bicep.outputs.storageAccountName }} `
--static-website `
--404-document index.html `
--index-document index.html
- name: Get SAS key
id: storage
shell: pwsh
run: |
$expiry = (Get-Date -AsUTC).AddMinutes(10).ToString('yyyy-MM-ddTHH:mm:ssZ')
$token = az storage container generate-sas `
--account-name ${{ steps.bicep.outputs.storageAccountName }} `
--name '$web' `
--permissions acdrw `
--expiry $expiry --https-only --permissions dlrw -o tsv
Write-Output "::set-output name=sastoken::$($token)"
- name: Upload UI
uses: bacongobbler/azure-blob-storage-upload@main
with:
source_dir: "ui"
container_name: "$web"
account_name: ${{ steps.bicep.outputs.storageAccountName }}
sas_token: ${{ steps.storage.outputs.sastoken }}
sync: "true"
- name: Purge Front Door cache
id: purge-front-door
shell: pwsh
run: |
az afd endpoint purge \
--resource-group ${{ inputs.resourceGroupName }} `
--profile-name ${{ inputs.frontDoorProfileName }} `
--endpoint-name ${{ inputs.frontDoorEndpointName }} `
--domains ${{ inputs.frontDoorDomain }} `
--content-paths '/*' `
--no-wait