ci: use env per step

NordicSemiconductor · Apr 7, 2021 · 99e5ad4 · 99e5ad4
1 parent 0430d1e
commit 99e5ad4
Show file tree

Hide file tree

Showing 2 changed files with 35 additions and 10 deletions.
diff --git a/.github/workflows/cd.yaml b/.github/workflows/cd.yaml
@@ -19,8 +19,7 @@ jobs:
       LOCATION: northeurope
       APP_NAME: nrfassettrackerprod
       B2C_TENANT: nrfassettrackerprod
-
-    if: ${{ env.CD == '1' }}
+      AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
 
     steps:
       - uses: actions/checkout@v2
@@ -32,19 +31,24 @@ jobs:
           echo Version: ${VERSION}
           echo "VERSION=${VERSION}" >> $GITHUB_ENV
       - name: Install Azure CLI
+        if: env.AZURE_CREDENTIALS != ''
         run: curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash
       - name: Install Azures Functions CLI
+        if: env.AZURE_CREDENTIALS != ''
         run: |
           curl https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor > microsoft.gpg
           sudo mv microsoft.gpg /etc/apt/trusted.gpg.d/microsoft.gpg
           sudo sh -c 'echo "deb [arch=amd64] https://packages.microsoft.com/repos/microsoft-ubuntu-$(lsb_release -cs)-prod $(lsb_release -cs) main" > /etc/apt/sources.list.d/dotnetdev.list'
           sudo apt-get update
           sudo apt-get install azure-functions-core-tools-3
       - name: Login to Azure
+        if: env.AZURE_CREDENTIALS != ''
         uses: azure/login@v1
         with:
           creds: ${{ secrets.AZURE_CREDENTIALS }}
-      - run: az account list --output table
+      - name: List Azure Accounts
+        if: env.AZURE_CREDENTIALS != ''
+        run: az account list --output table
       - uses: actions/setup-node@v2
         with:
           node-version: "15.x"
@@ -56,7 +60,9 @@ jobs:
       - name: Install dependencies
         run: npm ci --no-audit
       - run: npx tsc
-      - run: |
+      - name: Deploy
+        if: env.AZURE_CREDENTIALS != ''
+        run: |
           az deployment group create \
             --resource-group ${RESOURCE_GROUP:-nrfassettracker} \
             --mode Complete \
@@ -67,17 +73,23 @@ jobs:
               location=$LOCATION \
               appRegistrationClientId=$APP_REG_CLIENT_ID \
               b2cTenant=${B2C_TENANT}
-      - run:
+      - name: Publish Function App
+        if: env.AZURE_CREDENTIALS != ''
+        run:
           func azure functionapp publish ${APP_NAME:-nrfassettracker}api
           --typescript
+
       - name: Enable static site hosting for the app
+        if: env.AZURE_CREDENTIALS != ''
         run:
           az storage blob service-properties update --auth-mode login
           --account-name ${APP_NAME:-nrfassettracker}app --static-website
           --404-document index.html --index-document index.html
       - name: Determine Web App settings
+        if: env.AZURE_CREDENTIALS != ''
         run: node cli react-config >> $GITHUB_ENV
       - name: Build app
+        if: env.AZURE_CREDENTIALS != ''
         id: web-app-deploy
         run: |
           echo Hosting at ${{ env.REACT_APP_WEB_APP_URL }}
@@ -93,6 +105,7 @@ jobs:
           npm ci --no-audit
           npm run build
       - name: Publish app
+        if: env.AZURE_CREDENTIALS != ''
         run: |
           export APP_STORAGE_CONNECTION_STRING=`az storage account show-connection-string --name ${APP_NAME:-nrfassettracker}app --query 'connectionString'` 
           az storage blob upload-batch --connection-string ${APP_STORAGE_CONNECTION_STRING} --account-name ${APP_NAME:-nrfassettracker}app -s ./app/build -d '$web'
diff --git a/.github/workflows/test-and-release.yaml b/.github/workflows/test-and-release.yaml
@@ -24,19 +24,23 @@ jobs:
       APP_REG_CLIENT_ID: ${{ secrets.APP_REG_CLIENT_ID }}
       B2C_CLIENT_SECRET: ${{ secrets.B2C_CLIENT_SECRET }}
       B2C_TENANT_ID: ${{ secrets.B2C_TENANT_ID }}
-
-    if: ${{ env.ENABLE_E2E_TESTS == '1' }}
+      AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
 
     steps:
       - uses: actions/checkout@v2
       - name: Install Azure CLI
+        if: env.AZURE_CREDENTIALS != ''
         run: curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash
       - name: Login to Azure
+        if: env.AZURE_CREDENTIALS != ''
         uses: azure/login@v1
         with:
           creds: ${{ secrets.AZURE_CREDENTIALS }}
-      - run: az account list --output table
+      - name: List Azure accounts
+        if: env.AZURE_CREDENTIALS != ''
+        run: az account list --output table
       - name: Install Azures Functions CLI
+        if: env.AZURE_CREDENTIALS != ''
         run: |
           curl https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor > microsoft.gpg
           sudo mv microsoft.gpg /etc/apt/trusted.gpg.d/microsoft.gpg
@@ -57,6 +61,7 @@ jobs:
       - name: Run Unit Tests
         run: npm test
       - name: Deploy solution
+        if: env.AZURE_CREDENTIALS != ''
         uses: nick-invision/retry@v2
         with:
           timeout_minutes: 10
@@ -75,6 +80,7 @@ jobs:
                 b2cTenant=${B2C_TENANT} \
                 b2cFlowName=B2C_1_developer
       - name: Deploy Function App
+        if: env.AZURE_CREDENTIALS != ''
         uses: nick-invision/retry@v2
         with:
           timeout_minutes: 10
@@ -84,10 +90,12 @@ jobs:
             func azure functionapp publish ${APP_NAME:-nrfassettracker}api
             --typescript
       - name: Determine API endpoint
+        if: env.AZURE_CREDENTIALS != ''
         run: |
           API_ENDPOINT=https://`az functionapp show --resource-group ${RESOURCE_GROUP:-nrfassettracker} -n ${APP_NAME:-nrfassettracker}api --query 'defaultHostName' --output tsv | tr -d '\n'`/
           echo "API_ENDPOINT=${API_ENDPOINT}" >> $GITHUB_ENV
       - name: Cache certificates
+        if: env.AZURE_CREDENTIALS != ''
         uses: actions/cache@v2
         with:
           path: ./certificates
@@ -97,15 +105,18 @@ jobs:
           echo "SKIP_CERT_GENERATION=1" >> $GITHUB_ENV
         continue-on-error: true
       - name: Create Intermediate CA certificate
-        if: env.SKIP_CERT_GENERATION != '1'
+        if: env.AZURE_CREDENTIALS != '' && env.SKIP_CERT_GENERATION != '1'
         run: |
           node cli create-ca-root
           node cli proof-ca-root-possession
           node cli create-ca-intermediate
-      - run: |
+      - name: Determine tenenant ID
+        if: env.AZURE_CREDENTIALS != ''
+        run: |
           TENANT_ID=`echo ${{ secrets.AZURE_CREDENTIALS }} | jq -r '.tenantId' | tr -d '\n'`
           echo "TENANT_ID=${TENANT_ID}" >> $GITHUB_ENV
       - name: Run End-to-End Tests
+        if: env.AZURE_CREDENTIALS != ''
         uses: nick-invision/retry@v2
         env:
           FORCE_COLOR: 3
@@ -114,6 +125,7 @@ jobs:
           max_attempts: 3
           command: npm run test:e2e
       - name: Delete device certificates
+        if: env.AZURE_CREDENTIALS != ''
         run: rm ./certificates/device-*
       - name: Semantic release
         if: success()