From 99e5ad4cfb6c55e22aff42f985ad43369174a733 Mon Sep 17 00:00:00 2001 From: Markus Tacker Date: Wed, 7 Apr 2021 11:36:09 +0200 Subject: [PATCH] ci: use env per step --- .github/workflows/cd.yaml | 23 ++++++++++++++++++----- .github/workflows/test-and-release.yaml | 22 +++++++++++++++++----- 2 files changed, 35 insertions(+), 10 deletions(-) diff --git a/.github/workflows/cd.yaml b/.github/workflows/cd.yaml index 2a5f5fb46..50ab33069 100644 --- a/.github/workflows/cd.yaml +++ b/.github/workflows/cd.yaml @@ -19,8 +19,7 @@ jobs: LOCATION: northeurope APP_NAME: nrfassettrackerprod B2C_TENANT: nrfassettrackerprod - - if: ${{ env.CD == '1' }} + AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }} steps: - uses: actions/checkout@v2 @@ -32,8 +31,10 @@ jobs: echo Version: ${VERSION} echo "VERSION=${VERSION}" >> $GITHUB_ENV - name: Install Azure CLI + if: env.AZURE_CREDENTIALS != '' run: curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash - name: Install Azures Functions CLI + if: env.AZURE_CREDENTIALS != '' run: | curl https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor > microsoft.gpg sudo mv microsoft.gpg /etc/apt/trusted.gpg.d/microsoft.gpg @@ -41,10 +42,13 @@ jobs: sudo apt-get update sudo apt-get install azure-functions-core-tools-3 - name: Login to Azure + if: env.AZURE_CREDENTIALS != '' uses: azure/login@v1 with: creds: ${{ secrets.AZURE_CREDENTIALS }} - - run: az account list --output table + - name: List Azure Accounts + if: env.AZURE_CREDENTIALS != '' + run: az account list --output table - uses: actions/setup-node@v2 with: node-version: "15.x" @@ -56,7 +60,9 @@ jobs: - name: Install dependencies run: npm ci --no-audit - run: npx tsc - - run: | + - name: Deploy + if: env.AZURE_CREDENTIALS != '' + run: | az deployment group create \ --resource-group ${RESOURCE_GROUP:-nrfassettracker} \ --mode Complete \ @@ -67,17 +73,23 @@ jobs: location=$LOCATION \ appRegistrationClientId=$APP_REG_CLIENT_ID \ b2cTenant=${B2C_TENANT} - - run: + - name: Publish Function App + if: env.AZURE_CREDENTIALS != '' + run: func azure functionapp publish ${APP_NAME:-nrfassettracker}api --typescript + - name: Enable static site hosting for the app + if: env.AZURE_CREDENTIALS != '' run: az storage blob service-properties update --auth-mode login --account-name ${APP_NAME:-nrfassettracker}app --static-website --404-document index.html --index-document index.html - name: Determine Web App settings + if: env.AZURE_CREDENTIALS != '' run: node cli react-config >> $GITHUB_ENV - name: Build app + if: env.AZURE_CREDENTIALS != '' id: web-app-deploy run: | echo Hosting at ${{ env.REACT_APP_WEB_APP_URL }} @@ -93,6 +105,7 @@ jobs: npm ci --no-audit npm run build - name: Publish app + if: env.AZURE_CREDENTIALS != '' run: | export APP_STORAGE_CONNECTION_STRING=`az storage account show-connection-string --name ${APP_NAME:-nrfassettracker}app --query 'connectionString'` az storage blob upload-batch --connection-string ${APP_STORAGE_CONNECTION_STRING} --account-name ${APP_NAME:-nrfassettracker}app -s ./app/build -d '$web' diff --git a/.github/workflows/test-and-release.yaml b/.github/workflows/test-and-release.yaml index 64d3ec241..3c588cf9a 100644 --- a/.github/workflows/test-and-release.yaml +++ b/.github/workflows/test-and-release.yaml @@ -24,19 +24,23 @@ jobs: APP_REG_CLIENT_ID: ${{ secrets.APP_REG_CLIENT_ID }} B2C_CLIENT_SECRET: ${{ secrets.B2C_CLIENT_SECRET }} B2C_TENANT_ID: ${{ secrets.B2C_TENANT_ID }} - - if: ${{ env.ENABLE_E2E_TESTS == '1' }} + AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }} steps: - uses: actions/checkout@v2 - name: Install Azure CLI + if: env.AZURE_CREDENTIALS != '' run: curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash - name: Login to Azure + if: env.AZURE_CREDENTIALS != '' uses: azure/login@v1 with: creds: ${{ secrets.AZURE_CREDENTIALS }} - - run: az account list --output table + - name: List Azure accounts + if: env.AZURE_CREDENTIALS != '' + run: az account list --output table - name: Install Azures Functions CLI + if: env.AZURE_CREDENTIALS != '' run: | curl https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor > microsoft.gpg sudo mv microsoft.gpg /etc/apt/trusted.gpg.d/microsoft.gpg @@ -57,6 +61,7 @@ jobs: - name: Run Unit Tests run: npm test - name: Deploy solution + if: env.AZURE_CREDENTIALS != '' uses: nick-invision/retry@v2 with: timeout_minutes: 10 @@ -75,6 +80,7 @@ jobs: b2cTenant=${B2C_TENANT} \ b2cFlowName=B2C_1_developer - name: Deploy Function App + if: env.AZURE_CREDENTIALS != '' uses: nick-invision/retry@v2 with: timeout_minutes: 10 @@ -84,10 +90,12 @@ jobs: func azure functionapp publish ${APP_NAME:-nrfassettracker}api --typescript - name: Determine API endpoint + if: env.AZURE_CREDENTIALS != '' run: | API_ENDPOINT=https://`az functionapp show --resource-group ${RESOURCE_GROUP:-nrfassettracker} -n ${APP_NAME:-nrfassettracker}api --query 'defaultHostName' --output tsv | tr -d '\n'`/ echo "API_ENDPOINT=${API_ENDPOINT}" >> $GITHUB_ENV - name: Cache certificates + if: env.AZURE_CREDENTIALS != '' uses: actions/cache@v2 with: path: ./certificates @@ -97,15 +105,18 @@ jobs: echo "SKIP_CERT_GENERATION=1" >> $GITHUB_ENV continue-on-error: true - name: Create Intermediate CA certificate - if: env.SKIP_CERT_GENERATION != '1' + if: env.AZURE_CREDENTIALS != '' && env.SKIP_CERT_GENERATION != '1' run: | node cli create-ca-root node cli proof-ca-root-possession node cli create-ca-intermediate - - run: | + - name: Determine tenenant ID + if: env.AZURE_CREDENTIALS != '' + run: | TENANT_ID=`echo ${{ secrets.AZURE_CREDENTIALS }} | jq -r '.tenantId' | tr -d '\n'` echo "TENANT_ID=${TENANT_ID}" >> $GITHUB_ENV - name: Run End-to-End Tests + if: env.AZURE_CREDENTIALS != '' uses: nick-invision/retry@v2 env: FORCE_COLOR: 3 @@ -114,6 +125,7 @@ jobs: max_attempts: 3 command: npm run test:e2e - name: Delete device certificates + if: env.AZURE_CREDENTIALS != '' run: rm ./certificates/device-* - name: Semantic release if: success()