eShop Build, Provision, and Deploy to Azure #43
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: eShop Build, Provision, and Deploy to Azure | |
on: | |
workflow_dispatch: | |
push: | |
# Run when commits are pushed to mainline branch (main or master) | |
# Set this to the mainline branch you are using | |
branches: | |
- main | |
permissions: | |
id-token: write | |
contents: read | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
env: | |
AZURE_CLIENT_ID: ${{ vars.AZURE_CLIENT_ID }} | |
AZURE_TENANT_ID: ${{ vars.AZURE_TENANT_ID }} | |
AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }} | |
AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }} | |
AZURE_ENV_NAME: ${{ vars.AZURE_ENV_NAME }} | |
AZURE_LOCATION: ${{ vars.AZURE_LOCATION }} | |
AZURE_OPENAI: "Endpoint=${{ vars.OPEN_ENDPOINT }};Key=${{ secrets.OPENKEY }}" | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Install azd | |
uses: Azure/[email protected] | |
- name: Install .NET SDK from global.json | |
uses: actions/setup-dotnet@v4 | |
with: | |
global-json-file: global.json | |
- name: Install .NET Aspire workload | |
run: dotnet workload install aspire | |
- name: Log in with Azure (Federated Credentials) | |
if: ${{ env.AZURE_CLIENT_ID != '' }} | |
run: | | |
azd auth login ` | |
--client-id "$Env:AZURE_CLIENT_ID" ` | |
--federated-credential-provider "github" ` | |
--tenant-id "$Env:AZURE_TENANT_ID" | |
shell: pwsh | |
- name: Log in with Azure (Client Credentials) | |
if: ${{ env.AZURE_CREDENTIALS != '' }} | |
run: | | |
$info = $Env:AZURE_CREDENTIALS | ConvertFrom-Json -AsHashtable; | |
Write-Host "::add-mask::$($info.clientSecret)" | |
azd auth login ` | |
--client-id "$($info.clientId)" ` | |
--client-secret "$($info.clientSecret)" ` | |
--tenant-id "$($info.tenantId)" | |
shell: pwsh | |
- name: Set azd ENV | |
run: | | |
azd env new ${{ vars.AZURE_ENV_NAME }} --location ${{ vars.AZURE_LOCATION }} --subscription ${{ vars.AZURE_SUBSCRIPTION_ID }} --no-prompt | |
azd env set OPENAI_CONNECTIONSTRING "${{ env.AZURE_OPENAI }}" --no-prompt | |
- name: Provision Infrastructure | |
run: azd provision --no-prompt | |
env: | |
#AZD_INITIAL_ENVIRONMENT_CONFIG: ${{ secrets.AZD_INITIAL_ENVIRONMENT_CONFIG }} | |
ConnectionStrings__OpenAi: "${{ env.AZURE_OPENAI }}" | |
- name: Deploy Application | |
run: | | |
azd env set OPENAI_CONNECTIONSTRING "${{ env.AZURE_OPENAI }}" --no-prompt | |
azd deploy --no-prompt |