Add support to automatically generate ARM templates and Deploy to Azu… #1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build Policy Sets | |
on: | |
push: | |
branches: | |
- main | |
workflow_dispatch: # This allows the workflow to be triggered manually | |
jobs: | |
cleanup-arm-templates: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Delete ARMTemplates folder if it exists | |
run: | | |
if [ -d "ARMTemplates" ]; then | |
rm -rf ARMTemplates | |
fi | |
- name: Commit changes | |
run: | | |
git config --global user.name "github-actions[bot]" | |
git config --global user.email "github-actions[bot]@users.noreply.github.com" | |
git add -A | |
git commit -m "Delete ARMTemplates folder" --allow-empty | |
git push --force | |
cleanup-readme-files: | |
needs: cleanup-arm-templates | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Sync with main branch | |
run: git pull | |
- name: Remove Deploy to Azure button from README.md files | |
run: | | |
find PolicyInitiatives -name "README.md" | while read file; do | |
sed -i '/\[!\[Deploy to Azure\](.*)\](.*)/d' "$file" | |
done | |
- name: Commit changes | |
run: | | |
git config --global user.name "github-actions[bot]" | |
git config --global user.email "github-actions[bot]@users.noreply.github.com" | |
git add -A | |
git commit -m "Remove Deploy to Azure button from README.md files" --allow-empty | |
git push --force | |
list-bicep-files: | |
needs: cleanup-readme-files | |
runs-on: ubuntu-latest | |
outputs: | |
files: ${{ steps.list.outputs.files }} | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: List Bicep files | |
id: list | |
run: | | |
files=$(find PolicyInitiatives -name "*.bicep" | jq -R -s -c 'split("\n")[:-1]') | |
echo "FILES=$files" >> "$GITHUB_OUTPUT" | |
build: | |
needs: list-bicep-files | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
file: ${{ fromJson(needs.list-bicep-files.outputs.FILES) }} | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Sync with main branch | |
run: git pull | |
- name: Extract branch name | |
id: extract_branch | |
run: echo "BRANCH_NAME=${GITHUB_REF#refs/heads/}" >> "$GITHUB_OUTPUT" | |
- name: Make output directory | |
run: mkdir -p ARMTemplates | |
- name: Set output file path | |
id: set-output-path | |
run: echo "OUTPUT_FILE_PATH=ARMTemplates/$(basename ${{ matrix.file }} .bicep).json" >> "$GITHUB_OUTPUT" | |
- name: Set output file name | |
id: set-output-name | |
run: echo "OUTPUT_FILE_NAME=$(basename ${{ matrix.file }} .bicep).json" >> "$GITHUB_OUTPUT" | |
- name: Bicep Build | |
uses: Azure/[email protected] | |
with: | |
bicepFilePath: ${{ matrix.file }} | |
outputFilePath: ${{ steps.set-output-path.outputs.OUTPUT_FILE_PATH }} | |
- name: Update README.md with Deploy to Azure button | |
run: | | |
urlencode() { | |
local length="${#1}" | |
for (( i = 0; i < length; i++ )); do | |
local c="${1:i:1}" | |
case $c in | |
[a-zA-Z0-9.~_-]) printf "$c" ;; | |
*) printf '%%%02X' "'$c" ;; | |
esac | |
done | |
} | |
dir=$(dirname ${{ matrix.file }}) | |
readme="$dir/README.md" | |
if [ -f "$readme" ]; then | |
arm_template_url="https://raw.githubusercontent.com/${{ github.repository }}/${{ steps.extract_branch.outputs.BRANCH_NAME }}/ARMTemplates/${{ steps.set-output-name.outputs.OUTPUT_FILE_NAME }}" | |
encoded_url=$(urlencode "$arm_template_url") | |
button="[![Deploy to Azure](https://aka.ms/deploytoazurebutton)](https://portal.azure.com/#create/Microsoft.Template/uri/$encoded_url)" | |
first_line=$(head -n 1 $readme) | |
if [[ $first_line == *"[![Deploy to Azure]"* ]]; then | |
tail -n +2 $readme > $readme.tmp | |
echo -e "$button\n$(cat $readme.tmp)" > $readme | |
rm $readme.tmp | |
else | |
temp_file=$(mktemp) | |
echo -e "$button\n$(cat $readme)" > $temp_file | |
mv $temp_file $readme | |
fi | |
fi | |
- name: Set git user | |
run: git config --global user.name "GitHub Actions" && git config --global user.email "GitHub Actions" | |
- name: Commit changes | |
run: | | |
git pull | |
git add ${{ steps.set-output-path.outputs.OUTPUT_FILE_PATH }} | |
git add $(dirname ${{ matrix.file }})/README.md | |
git commit -m "Add generated ARM templates and update README.md" --allow-empty | |
git push --force |