Fix infrastructure build #36
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Infrastructure | |
| on: | |
| push: | |
| branches: | |
| - main | |
| paths: | |
| - .github/workflows/infrastructure.yml | |
| - infrastructure/** | |
| pull_request: | |
| branches: | |
| - main | |
| paths: | |
| - .github/workflows/infrastructure.yml | |
| - infrastructure/** | |
| workflow_dispatch: {} | |
| permissions: {} | |
| jobs: | |
| build: | |
| name: Build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Lint Bicep Files | |
| uses: azure/cli@v2 | |
| with: | |
| azcliversion: latest | |
| inlineScript: | | |
| sudo apt-get install libicu-dev | |
| az bicep lint --file infrastructure/main.bicep | |
| az bicep lint --file infrastructure/main.bicepparam | |
| - name: Build Bicep Files | |
| uses: azure/cli@v2 | |
| with: | |
| azcliversion: latest | |
| inlineScript: | | |
| az bicep build --file infrastructure/main.bicep --outfile infrastructure/main.json | |
| az bicep build-params --file infrastructure/main.bicepparam --outfile infrastructure/main.parameters.json | |
| - name: Upload Bicep Files | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: infrastructure | |
| path: infrastructure/ | |
| test: | |
| name: Test | |
| runs-on: ubuntu-latest | |
| needs: build | |
| if: github.ref == 'refs/heads/main' || github.event_name == 'pull_request' | |
| environment: Staging | |
| permissions: | |
| id-token: write | |
| steps: | |
| - name: Download Bicep Files | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: infrastructure | |
| path: infrastructure/ | |
| - name: Azure Login | |
| uses: azure/login@v2 | |
| with: | |
| client-id: ${{ secrets.AZURE_CLIENT_ID }} | |
| tenant-id: ${{ secrets.AZURE_TENANT_ID }} | |
| subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
| - name: Create Resource Group | |
| uses: azure/cli@v2 | |
| with: | |
| azcliversion: latest | |
| inlineScript: | | |
| az group create --name ${{ vars.RESOURCE_GROUP }} --location ${{ vars.LOCATION }} | |
| - name: Validate ARM Deployment | |
| uses: azure/arm-deploy@v2 | |
| with: | |
| scope: resourcegroup | |
| resourceGroupName: ${{ vars.RESOURCE_GROUP }} | |
| template: infrastructure/main.bicep | |
| parameters: infrastructure/main.bicepparam | |
| deploymentMode: Validate | |
| - name: What-if ARM Deployment | |
| uses: azure/arm-deploy@v2 | |
| with: | |
| scope: resourcegroup | |
| resourceGroupName: ${{ vars.RESOURCE_GROUP }} | |
| template: infrastructure/main.bicep | |
| parameters: infrastructure/main.bicepparam | |
| deploymentMode: Incremental | |
| additionalArguments: --what-if | |
| deploy: | |
| name: Deploy | |
| runs-on: ubuntu-latest | |
| needs: test | |
| if: github.ref == 'refs/heads/main' | |
| environment: Production | |
| permissions: | |
| id-token: write | |
| steps: | |
| - name: Download Bicep Files | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: infrastructure | |
| path: infrastructure/ | |
| - name: Azure Login | |
| uses: azure/login@v2 | |
| with: | |
| client-id: ${{ secrets.AZURE_CLIENT_ID }} | |
| tenant-id: ${{ secrets.AZURE_TENANT_ID }} | |
| subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
| - name: Create Resource Group | |
| uses: azure/cli@v2 | |
| with: | |
| azcliversion: latest | |
| inlineScript: | | |
| az group create --name ${{ vars.RESOURCE_GROUP }} --location ${{ vars.LOCATION }} | |
| - name: Deploy Resources | |
| uses: azure/arm-deploy@v2 | |
| with: | |
| scope: resourcegroup | |
| resourceGroupName: ${{ vars.RESOURCE_GROUP }} | |
| template: infrastructure/main.bicep | |
| parameters: infrastructure/main.bicepparam | |
| deploymentMode: Incremental |