forked from Azure/Enterprise-Scale
-
Notifications
You must be signed in to change notification settings - Fork 0
76 lines (74 loc) · 2.67 KB
/
azops-pull.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
name: AzOps-Pull
on:
#schedule:
# This is an [optional] event to get latest Azure hierarchy of Management Group and Subscription in your Git in recurring manner. Default is every 6 hours.
# Adjust frequency based on your organization need. Please note that * is a special character in YAML so you have to quote this string.
# - cron: "0 */6 * * *"
workflow_dispatch:
# To invoke this action from portal
inputs:
action:
description: "Action to trigger pull"
required: true
default: "pull"
repository_dispatch:
# To invoke this action based on event/webhook
types:
- "Azure Activity Logs"
- "GitHub CLI"
- "PowerShell"
- "Bash"
env:
AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
AZOPS_STATE: "azops"
AZOPS_DEFAULT_DEPLOYMENT_REGION: "northeurope"
AZOPS_ENROLLMENT_ACCOUNT: ""
AZOPS_OFFER_TYPE: "MS-AZR-0017P"
AZOPS_IGNORE_CONTEXT_CHECK: "0"
AZOPS_INVALIDATE_CACHE: "1"
AZOPS_SKIP_RESOURCE_GROUP: "1"
AZOPS_SKIP_POLICY: "0"
AZOPS_THROTTLE_LIMIT: "10"
AZOPS_SUPPORT_PARTIAL_MG_DISCOVERY: 0
GITHUB_USERNAME: "AzOps"
GITHUB_EMAIL: "[email protected]"
GITHUB_PULL_REQUEST: "Azure Change Notification"
GITHUB_CONTEXT: ${{ toJson(github) }}
GITHUB_ISSUE: ${{ github.event.pull_request._links.issue.href }}
GITHUB_COMMENTS: ${{ github.event.pull_request._links.comments.href }}
GITHUB_BASE_REF: ${{ github.event.pull_request.base.ref }}
GITHUB_HEAD_REF: ${{ github.event.pull_request.head.ref }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SCM_PLATFORM: "GitHub"
VERBOSE: "0"
DEBUG: "0"
jobs:
build:
runs-on: self-hosted
#runs-on: ubuntu-latest
outputs:
azurecredentials: ${{ steps.azurecredentials.outputs.azurecredentials }}
steps:
- name: Check if AZURE_CREDENTIALS secret is available
id: azurecredentials
env:
IS_AZURE_CREDENTIALS_SET: ${{ secrets.AZURE_CREDENTIALS }}
run: |
echo "Is AZURE_CREDENTIALS secret defined: ${{ env.IS_AZURE_CREDENTIALS_SET != '' }}"
echo "::set-output name=azurecredentials::${{ env.IS_AZURE_CREDENTIALS_SET != '' }}"
pull:
timeout-minutes: 60
needs: [build]
# condition to filter upstream repository. Upstream repository is used as a template to clone hence no pull action is required.
if: github.repository != 'Azure/Enterprise-Scale' && needs.build.outputs.azurecredentials == 'true'
name: Pull
runs-on: ubuntu-latest
steps:
- name: Actions checkout
uses: actions/checkout@v2
- name: GitHub context
run: echo "$GITHUB_CONTEXT"
- name: Actions azops
uses: Azure/AzOps@main
with:
mode: pull