diff --git a/.github/workflows/build-and-push-image.yml b/.github/workflows/build-and-push-image.yml index cf514717d..74382fad8 100644 --- a/.github/workflows/build-and-push-image.yml +++ b/.github/workflows/build-and-push-image.yml @@ -46,9 +46,13 @@ jobs: echo "release=${RELEASE}" >> $GITHUB_OUTPUT deploy-image: + permissions: + id-token: write + contents: read + packages: write name: Deploy '${{ needs.set-env.outputs.branch }}' to ${{ needs.set-env.outputs.environment }} needs: [ set-env ] - uses: DFE-Digital/deploy-azure-container-apps-action/.github/workflows/build-push-deploy.yml@v2.5.0 + uses: DFE-Digital/deploy-azure-container-apps-action/.github/workflows/build-push-deploy.yml@v3.0.0 strategy: matrix: image: [ @@ -57,11 +61,11 @@ jobs: ] include: - image: "Dockerfile" - aca_name_secret: "AZURE_ACA_NAME" + aca_name: "ACA_CONTAINERAPP_NAME" prefix: "" name: "tramsapi-app" - image: "Dockerfile.PersonsApi" - aca_name_secret: "AZURE_PERSONS_API_ACA_NAME" + aca_name: "ACA_CONTAINERAPP_PERSONS_API_NAME" prefix: "persons-api-" name: "personsapi-app" with: @@ -75,11 +79,13 @@ jobs: COMMIT_SHA="${{ needs.set-env.outputs.checked-out-sha }}" CI=true secrets: + azure-tenant-id: ${{ secrets.AZURE_TENANT_ID }} + azure-subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + azure-acr-client-id: ${{ secrets.ACR_CLIENT_ID }} azure-acr-name: ${{ secrets.ACR_NAME }} - azure-acr-credentials: ${{ secrets.ACR_CREDENTIALS }} - azure-aca-credentials: ${{ secrets.AZURE_ACA_CREDENTIALS }} - azure-aca-name: ${{ secrets[matrix.aca_name_secret] }} - azure-aca-resource-group: ${{ secrets.AZURE_ACA_RESOURCE_GROUP }} + azure-aca-client-id: ${{ secrets.ACA_CLIENT_ID }} + azure-aca-name: ${{ secrets.[matrix.aca_name] }} + azure-aca-resource-group: ${{ secrets.ACA_RESOURCE_GROUP }} create-tag: name: Tag and release