Skip to content

Nightly and CICD Jobs #423

Nightly and CICD Jobs

Nightly and CICD Jobs #423

Workflow file for this run

name: Nightly and CICD Jobs
on:
pull_request:
branches: [ main ]
schedule:
- cron: '0 0 * * *' # Run at midnight every day
workflow_dispatch:
permissions:
id-token: write
contents: read
security-events: write
jobs:
validate-bicep:
name: "Infra Biceps Validation"
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Filter Changes
uses: dorny/paths-filter@v2
id: changes
with:
filters: |
app-service:
- 'deploy/app-service/**'
aks:
- 'deploy/aks/**'
aca:
- 'deploy/aca/**'
- name: Build App Service Bicep for linting
if: steps.changes.outputs.app-service == 'true'
uses: azure/CLI@v1
with:
inlineScript: az config set bicep.use_binary_from_path=false && az bicep build -f deploy/app-service/infra/main.bicep --stdout
- name: Build AKS Bicep for linting
if: steps.changes.outputs.aks == 'true'
uses: azure/CLI@v1
with:
inlineScript: az config set bicep.use_binary_from_path=false && az bicep build -f deploy/aks/infra/main.bicep --stdout
- name: Build ACA Bicep for linting
if: steps.changes.outputs.aca == 'true'
uses: azure/CLI@v1
with:
inlineScript: az config set bicep.use_binary_from_path=false && az bicep build -f deploy/aca/infra/main.bicep --stdout
- name: Run PSRule analysis on App Service deployment
uses: microsoft/[email protected]
with:
modules: PSRule.Rules.Azure
baseline: Azure.Pillar.Security
inputPath: deploy/app-service/infra/*.test.bicep
outputFormat: Sarif
outputPath: reports/ps-rule-results.sarif
summary: true
continue-on-error: true
env:
PSRULE_CONFIGURATION_AZURE_BICEP_FILE_EXPANSION: 'true'
PSRULE_CONFIGURATION_AZURE_BICEP_FILE_EXPANSION_TIMEOUT: '30'
- name: Upload results to security tab
uses: github/codeql-action/upload-sarif@v3
if: github.repository == 'Azure-Samples/azure-search-openai-demo-java'
with:
sarif_file: reports/ps-rule-results.sarif
frontend:
name: "Front-end validation"
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Build React Frontend
run: |
echo "Building front-end and merge into Spring Boot static folder."
cd ./app/frontend
npm install
npm run build
mkdir -p ../backend/src/main/resources/static
cp -r ./build/* ../backend/src/main/resources/static
backend:
name: "Backend validation"
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up Java version
uses: actions/setup-java@v2
with:
distribution: 'microsoft'
java-version: '17'
cache: 'maven'
- name: Verify Indexer project
run: |
echo "Testing indexer project."
cd ./app/indexer
mvn test
- name: Build Spring Boot App
run: |
echo "Building Spring Boot app."
cd ./app/backend
mvn verify