From 801a6f4550db512b7a1541bd4e2aa325e7b55ec5 Mon Sep 17 00:00:00 2001 From: min Date: Fri, 9 Aug 2024 09:41:50 +0900 Subject: [PATCH] Add GitHub Actions workflow for Azure deployment --- .github/workflows/azure-dev.yml | 91 +++++++++++++++++++++++++++++++++ .gitignore | 2 +- 2 files changed, 92 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/azure-dev.yml diff --git a/.github/workflows/azure-dev.yml b/.github/workflows/azure-dev.yml new file mode 100644 index 00000000..c2b15b39 --- /dev/null +++ b/.github/workflows/azure-dev.yml @@ -0,0 +1,91 @@ +on: + workflow_dispatch: + push: + # Run when commits are pushed to mainline branch (main or master) + # Set this to the mainline branch you are using + branches: + - main + - master + paths: + - 'workshop/**/*' + +# GitHub Actions workflow to deploy to Azure using azd +# To configure required secrets for connecting to Azure, simply run `azd pipeline config` + +# Set up permissions for deploying with secretless Azure federated credentials +# https://learn.microsoft.com/en-us/azure/developer/github/connect-from-azure?tabs=azure-portal%2Clinux#set-up-azure-login-with-openid-connect-authentication +permissions: + id-token: write + contents: read + +jobs: + build: + runs-on: ubuntu-latest + env: + AZURE_CLIENT_ID: ${{ vars.AZURE_CLIENT_ID }} + AZURE_TENANT_ID: ${{ vars.AZURE_TENANT_ID }} + AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }} + AZURE_ENV_NAME: ${{ vars.AZURE_ENV_NAME }} + AZURE_LOCATION: ${{ vars.AZURE_LOCATION }} + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Install .NET 8 SDK + uses: actions/setup-dotnet@v4 + with: + dotnet-version: 8.x + + - name: Install .NET Aspire workload + run: dotnet workload install aspire + + - name: Update appsettings.json + shell: pwsh + run: | + pushd ./workshop + $appsettings = Get-Content -Path ./AspireYouTubeSummariser.AppHost/appsettings.json | ConvertFrom-Json + $appsettings.OpenAI.Endpoint = "${{ secrets.AZURE_OPENAI_ENDPOINT }}" + $appsettings.OpenAI.ApiKey = "${{ secrets.AZURE_OPENAI_API_KEY }}" + $appsettings.OpenAI.DeploymentName = "${{ secrets.AZURE_OPENAI_DEPLOYMENT_NAME }}" + $appsettings | ConvertTo-Json -Depth 100 | Out-File -FilePath ./AspireYouTubeSummariser.AppHost/appsettings.json -Encoding utf8 -Force + popd + + - name: Install azd + uses: Azure/setup-azd@v1.0.0 + + - name: Log in with Azure (Federated Credentials) + if: ${{ env.AZURE_CLIENT_ID != '' }} + run: | + azd auth login ` + --client-id "$Env:AZURE_CLIENT_ID" ` + --federated-credential-provider "github" ` + --tenant-id "$Env:AZURE_TENANT_ID" + shell: pwsh + + - name: Log in with Azure (Client Credentials) + if: ${{ env.AZURE_CREDENTIALS != '' }} + run: | + $info = $Env:AZURE_CREDENTIALS | ConvertFrom-Json -AsHashtable; + Write-Host "::add-mask::$($info.clientSecret)" + + azd auth login ` + --client-id "$($info.clientId)" ` + --client-secret "$($info.clientSecret)" ` + --tenant-id "$($info.tenantId)" + shell: pwsh + env: + AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }} + + - name: Provision Infrastructure + run: | + pushd ./workshop + azd provision --no-prompt + popd + env: + AZD_INITIAL_ENVIRONMENT_CONFIG: ${{ secrets.AZD_INITIAL_ENVIRONMENT_CONFIG }} + + - name: Deploy Application + run: | + pushd ./workshop + azd deploy --no-prompt + popd diff --git a/.gitignore b/.gitignore index e55cd5b7..db934cef 100644 --- a/.gitignore +++ b/.gitignore @@ -489,5 +489,5 @@ appsettings.Development.json appsettings.Production.json bundle.js bundle.js.*.txt -workshop*/ +# workshop*/ z-demo*/