forked from Azure-Samples/dotnetcore-sqldb-ghactions
-
Notifications
You must be signed in to change notification settings - Fork 0
64 lines (56 loc) · 3.74 KB
/
infraworkflow.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
name: Create Azure Resources
on:
push:
paths:
- 'ARM/**'
- '.github/workflows/infraworkflow.yml'
env:
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} # set this to your Azure Subscription Id
AZURE_RESOURCEGROUP_NAME: demo-webappsql-gh-actions # set this to your preferred resource group name
AZURE_WEBAPP_NAME: demo-webappsql-gh-actions-unique # set this to your preferred web app name
ASP_NAME: demo-webappsql-gh-actions
SQLSERVER_NAME: demo-webappsql-gh-actions-srv # set this to your preferred sql server name
DATABASE_NAME: demo-webappsql-gh-actions-db # set this to your preferred sql database name
SQLADMIN_LOGIN: ${{ secrets.SQLADMIN_LOGIN }} # Create a secret in your Github repo for the SQL Admin login name you want to use
SQLADMIN_PASS: ${{ secrets.SQLADMIN_PASS }} # Create a secret in your Github repo for the SQL Admin password you want to use
jobs:
build-and-deploy-to-dev:
runs-on: ubuntu-latest
steps:
# Please refer to https://github.com/Azure/login#configure-deployment-credentials for help on the Azure login action and setting up your secrets
# This template also deploys the resourcegroup and not only the resources within the resource group. For this to work, your service principal needs access on the subscription level. You can create the service principal through:
# az ad sp create-for-rbac --name "spname" --sdk-auth --role contributor --scopes /subscriptions/<subscription-id>
# This example uses federated identity (OIDC) for authentication
- name: Azure Login with Federated Identity
uses: azure/login@v1
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
# Checkout
- name: Checkout
uses: actions/checkout@v2
with:
path: repo
# Deployment of template
- name: Deploy ARM Template resourcegroup
uses: azure/arm-deploy@v1
with:
# You can change these environment variables for your configuration: AZURE_SUBSCRIPTION_ID
scope: subscription
subscriptionId: ${{ env.AZURE_SUBSCRIPTION_ID }}
region: centralus # Set this to your target region
template: repo/templates/azuredeploy.resourcegroup.json # Set this to the location of your template file
parameters: repo/templates/azuredeploy.resourcegroup.parameters.json rgName=${{env.AZURE_RESOURCEGROUP_NAME}} #override rgName in parameters file
# Deployment of template
- name: Deploy ARM Template resources
uses: azure/arm-deploy@v1
with:
# You can change these environment variables for your configuration: AZURE_SUBSCRIPTION_ID
scope: resourcegroup
subscriptionId: ${{ env.AZURE_SUBSCRIPTION_ID }}
resourceGroupName: ${{env.AZURE_RESOURCEGROUP_NAME}}
region: centralus # Set this to your target region
template: repo/templates/azuredeploy.json # Set this to the location of your template file
parameters: repo/templates/azuredeploy.parameters.json webappName=${{env.AZURE_WEBAPP_NAME}} aspName=${{env.ASP_NAME}} sqlServerName=${{env.SQLSERVER_NAME}} databaseName=${{env.DATABASE_NAME}} sqlAdminLogin=${{env.SQLADMIN_LOGIN}} sqlAdminPass=${{env.SQLADMIN_PASS}} # Set this to the location of your parameters file
#TODO: Once the infrastructure got created, download web app publish profile of the staging slot and add it as a secret to the repo. It will be used by the workflow.yml file.