-
Notifications
You must be signed in to change notification settings - Fork 127
136 lines (120 loc) Β· 4.47 KB
/
container.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
# Create containers and deploy to a test environment
# ---
# Note that this workflow uses OpenID Connect for secretless deployment to Azure.
#
# Variables that are not secrets and can be configured as Actions variables _or_ secrets:
# - AAD tenant ID, subscription ID, client ID for OpenID Connect
# - Azure Container Registry name and username
# - App Service endpoints, app names, and slot names
# - Test environment URLs
name: Ship it πΏοΈ
on:
push:
branches: [main]
permissions:
id-token: write
contents: read
jobs:
lint-and-test:
name: "Lint 'n test π§Ί"
runs-on: ubuntu-latest
steps:
- name: Checkout π
uses: actions/checkout@v4
- name: Packages π¦
run: |
npm ci
- name: Lint π
run: |
npm run lint
- name: Test πββοΈ
run: |
npm run test
# npm run-script build
# npm run-script test:ci
build:
name: 'Container delivery π'
runs-on: ubuntu-latest
environment:
name: development
steps:
- uses: actions/checkout@v4
#- uses: docker/build-push-action@v3
- name: Azure OpenID Connect β¨
if: github.repository == 'microsoft/opensource-management-portal' # official repo only
uses: azure/login@v1
with:
client-id: ${{ secrets.CLIENT_ID }}
tenant-id: ${{ secrets.TENANT_ID }}
subscription-id: ${{ secrets.SUBSCRIPTION_ID }}
- name: Connect to Azure Container Registry π
if: github.repository == 'microsoft/opensource-management-portal' # official repo only
run: |
az acr login -n opensource
- name: Stamp build information π
run: |
sed -i "s/__Build_BuildNumber__/${{ github.run_number }}/" package.json
sed -i "s/__Build_SourceVersion__/${{ github.sha }}/" package.json
echo package.json-stamped version:
cat package.json
- name: Use opensource deployment values π
if: github.repository == 'microsoft/opensource-management-portal' # official repo only
run: |
node .ossdev/build/packageBurn.js
node .ossdev/build/dockerfileForEnvironment.js
- name: Container build β΄οΈ
run: |
docker build \
-t ${{ github.event.repository.name }}:${{ github.run_number }} \
-t opensource.azurecr.io/${{ github.event.repository.name }}:${{ github.run_number }} \
-t opensource.azurecr.io/${{ github.event.repository.name }}:latest \
.
- name: Push to ACR π
if: github.repository == 'microsoft/opensource-management-portal' # official repo only
run: |
docker image push opensource.azurecr.io/${{ github.event.repository.name }}:${{ github.run_number }}
docker image push opensource.azurecr.io/${{ github.event.repository.name }}:latest
development-stage:
name: Stage to development ποΈ
if: github.repository == 'microsoft/opensource-management-portal' # official repo only
runs-on: ubuntu-latest
needs: [build, lint-and-test]
environment:
name: development
url: https://portal-staging.ospo.dev
steps:
- name: Azure OpenID Connect β¨
uses: azure/login@v1
with:
client-id: ${{ secrets.CLIENT_ID }}
tenant-id: ${{ secrets.TENANT_ID }}
subscription-id: ${{ secrets.SUBSCRIPTION_ID }}
- name: Prepare staging slots π°
run: |
az webapp config container set \
--docker-custom-image-name opensource.azurecr.io/${{ github.event.repository.name }}:${{ github.run_number }} \
--docker-registry-server-url https://opensource.azurecr.io \
--name portalwestus3 \
--resource-group portal \
--slot staging
development:
name: Swap to live ποΈ
if: github.repository == 'microsoft/opensource-management-portal' # official repo only
runs-on: ubuntu-latest
needs: [development-stage]
environment:
name: development
url: https://portal.ospo.dev
steps:
- name: Azure OpenID Connect β¨
uses: azure/login@v1
with:
client-id: ${{ secrets.CLIENT_ID }}
tenant-id: ${{ secrets.TENANT_ID }}
subscription-id: ${{ secrets.SUBSCRIPTION_ID }}
- name: Swap staging to live π
run: |
az webapp deployment slot swap \
--name portalwestus3 \
--resource-group portal \
--slot staging