From 99dfa7c605bdc9d48e9361470b3018cc71258ad8 Mon Sep 17 00:00:00 2001 From: Fraser Molyneux Date: Sun, 22 Dec 2024 10:32:43 +0000 Subject: [PATCH] Evelyn can do wrong --- .github/workflows/destroy-development.yml | 6 +- .github/workflows/feature-development.yml | 30 +++++----- .github/workflows/integration-tests.yml | 24 ++++---- .github/workflows/pull-request-validation.yml | 36 +++++------ .github/workflows/release-to-production.yml | 60 +++++++++---------- .../update-dashboard-from-staging.yml | 18 +++--- 6 files changed, 87 insertions(+), 87 deletions(-) diff --git a/.github/workflows/destroy-development.yml b/.github/workflows/destroy-development.yml index 7b5d7f35..54e98fcf 100644 --- a/.github/workflows/destroy-development.yml +++ b/.github/workflows/destroy-development.yml @@ -23,6 +23,6 @@ jobs: terraform-folder: "terraform" terraform-var-file: "tfvars/dev.tfvars" terraform-backend-file: "backends/dev.backend.hcl" - AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} - AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} - AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + AZURE_CLIENT_ID: ${{ env.AZURE_CLIENT_ID }} + AZURE_TENANT_ID: ${{ env.AZURE_TENANT_ID }} + AZURE_SUBSCRIPTION_ID: ${{ env.AZURE_SUBSCRIPTION_ID }} diff --git a/.github/workflows/feature-development.yml b/.github/workflows/feature-development.yml index 3c1efc2a..b1c73888 100644 --- a/.github/workflows/feature-development.yml +++ b/.github/workflows/feature-development.yml @@ -52,9 +52,9 @@ jobs: terraform-folder: "terraform" terraform-var-file: "tfvars/dev.tfvars" terraform-backend-file: "backends/dev.backend.hcl" - AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} - AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} - AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + AZURE_CLIENT_ID: ${{ env.AZURE_CLIENT_ID }} + AZURE_TENANT_ID: ${{ env.AZURE_TENANT_ID }} + AZURE_SUBSCRIPTION_ID: ${{ env.AZURE_SUBSCRIPTION_ID }} - id: terraform-output shell: bash @@ -69,9 +69,9 @@ jobs: echo "integration_tests_account_name=$(terraform output -raw integration_tests_account_name)" >> $GITHUB_OUTPUT echo "api_audience=$(terraform output -raw api_audience)" >> $GITHUB_OUTPUT env: - ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} - ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} + ARM_CLIENT_ID: ${{ env.AZURE_CLIENT_ID }} + ARM_SUBSCRIPTION_ID: ${{ env.AZURE_SUBSCRIPTION_ID }} + ARM_TENANT_ID: ${{ env.AZURE_TENANT_ID }} ARM_USE_AZUREAD: true ARM_USE_OIDC: true @@ -103,9 +103,9 @@ jobs: sql-database-name: ${{ needs.terraform-plan-and-apply-dev.outputs.sql_database_name }} project-folder: "src/database" project-file: "database.sqlproj" - AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} - AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} - AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + AZURE_CLIENT_ID: ${{ env.AZURE_CLIENT_ID }} + AZURE_TENANT_ID: ${{ env.AZURE_TENANT_ID }} + AZURE_SUBSCRIPTION_ID: ${{ env.AZURE_SUBSCRIPTION_ID }} app-service-deploy-dev: environment: Development @@ -122,9 +122,9 @@ jobs: with: web-artifact-name: "repository-webapi" web-app-name: ${{ needs.terraform-plan-and-apply-dev.outputs.web_app_name }} - AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} - AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} - AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + AZURE_CLIENT_ID: ${{ env.AZURE_CLIENT_ID }} + AZURE_TENANT_ID: ${{ env.AZURE_TENANT_ID }} + AZURE_SUBSCRIPTION_ID: ${{ env.AZURE_SUBSCRIPTION_ID }} run-api-integration-tests-dev: environment: Development @@ -138,9 +138,9 @@ jobs: - name: "Az CLI Login" uses: azure/login@v2 with: - client-id: ${{ secrets.AZURE_CLIENT_ID }} - tenant-id: ${{ secrets.AZURE_TENANT_ID }} - subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + client-id: ${{ env.AZURE_CLIENT_ID }} + tenant-id: ${{ env.AZURE_TENANT_ID }} + subscription-id: ${{ env.AZURE_SUBSCRIPTION_ID }} - shell: bash run: | diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index 04b19852..ad04a419 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -24,9 +24,9 @@ jobs: - name: "Az CLI Login" uses: azure/login@v2 with: - client-id: ${{ secrets.AZURE_CLIENT_ID }} - tenant-id: ${{ secrets.AZURE_TENANT_ID }} - subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + client-id: ${{ env.AZURE_CLIENT_ID }} + tenant-id: ${{ env.AZURE_TENANT_ID }} + subscription-id: ${{ env.AZURE_SUBSCRIPTION_ID }} - name: Setup Terraform uses: hashicorp/setup-terraform@v3 @@ -39,9 +39,9 @@ jobs: cd terraform terraform init -backend-config=backends/dev.backend.hcl -var-file=tfvars/dev.tfvars env: - ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} - ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} + ARM_CLIENT_ID: ${{ env.AZURE_CLIENT_ID }} + ARM_SUBSCRIPTION_ID: ${{ env.AZURE_SUBSCRIPTION_ID }} + ARM_TENANT_ID: ${{ env.AZURE_TENANT_ID }} ARM_USE_AZUREAD: true ARM_USE_OIDC: true @@ -54,9 +54,9 @@ jobs: echo "integration_tests_account_name=$(terraform output -raw integration_tests_account_name)" >> $GITHUB_OUTPUT echo "api_audience=$(terraform output -raw api_audience)" >> $GITHUB_OUTPUT env: - ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} - ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} + ARM_CLIENT_ID: ${{ env.AZURE_CLIENT_ID }} + ARM_SUBSCRIPTION_ID: ${{ env.AZURE_SUBSCRIPTION_ID }} + ARM_TENANT_ID: ${{ env.AZURE_TENANT_ID }} ARM_USE_AZUREAD: true ARM_USE_OIDC: true @@ -78,9 +78,9 @@ jobs: - name: "Az CLI Login" uses: azure/login@v2 with: - client-id: ${{ secrets.AZURE_CLIENT_ID }} - tenant-id: ${{ secrets.AZURE_TENANT_ID }} - subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + client-id: ${{ env.AZURE_CLIENT_ID }} + tenant-id: ${{ env.AZURE_TENANT_ID }} + subscription-id: ${{ env.AZURE_SUBSCRIPTION_ID }} - shell: bash run: | diff --git a/.github/workflows/pull-request-validation.yml b/.github/workflows/pull-request-validation.yml index 0ce136a9..68126e21 100644 --- a/.github/workflows/pull-request-validation.yml +++ b/.github/workflows/pull-request-validation.yml @@ -49,9 +49,9 @@ jobs: terraform-folder: "terraform" terraform-var-file: "tfvars/dev.tfvars" terraform-backend-file: "backends/dev.backend.hcl" - AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} - AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} - AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + AZURE_CLIENT_ID: ${{ env.AZURE_CLIENT_ID }} + AZURE_TENANT_ID: ${{ env.AZURE_TENANT_ID }} + AZURE_SUBSCRIPTION_ID: ${{ env.AZURE_SUBSCRIPTION_ID }} - id: terraform-output shell: bash @@ -66,9 +66,9 @@ jobs: echo "integration_tests_account_name=$(terraform output -raw integration_tests_account_name)" >> $GITHUB_OUTPUT echo "api_audience=$(terraform output -raw api_audience)" >> $GITHUB_OUTPUT env: - ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} - ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} + ARM_CLIENT_ID: ${{ env.AZURE_CLIENT_ID }} + ARM_SUBSCRIPTION_ID: ${{ env.AZURE_SUBSCRIPTION_ID }} + ARM_TENANT_ID: ${{ env.AZURE_TENANT_ID }} ARM_USE_AZUREAD: true ARM_USE_OIDC: true @@ -100,9 +100,9 @@ jobs: sql-database-name: ${{ needs.terraform-plan-and-apply-dev.outputs.sql_database_name }} project-folder: "src/database" project-file: "database.sqlproj" - AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} - AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} - AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + AZURE_CLIENT_ID: ${{ env.AZURE_CLIENT_ID }} + AZURE_TENANT_ID: ${{ env.AZURE_TENANT_ID }} + AZURE_SUBSCRIPTION_ID: ${{ env.AZURE_SUBSCRIPTION_ID }} app-service-deploy-dev: environment: Development @@ -119,9 +119,9 @@ jobs: with: web-artifact-name: "repository-webapi" web-app-name: ${{ needs.terraform-plan-and-apply-dev.outputs.web_app_name }} - AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} - AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} - AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + AZURE_CLIENT_ID: ${{ env.AZURE_CLIENT_ID }} + AZURE_TENANT_ID: ${{ env.AZURE_TENANT_ID }} + AZURE_SUBSCRIPTION_ID: ${{ env.AZURE_SUBSCRIPTION_ID }} run-api-integration-tests-dev: environment: Development @@ -135,9 +135,9 @@ jobs: - name: "Az CLI Login" uses: azure/login@v2 with: - client-id: ${{ secrets.AZURE_CLIENT_ID }} - tenant-id: ${{ secrets.AZURE_TENANT_ID }} - subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + client-id: ${{ env.AZURE_CLIENT_ID }} + tenant-id: ${{ env.AZURE_TENANT_ID }} + subscription-id: ${{ env.AZURE_SUBSCRIPTION_ID }} - shell: bash run: | @@ -184,6 +184,6 @@ jobs: terraform-folder: "terraform" terraform-var-file: "tfvars/prd.tfvars" terraform-backend-file: "backends/prd.backend.hcl" - AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} - AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} - AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + AZURE_CLIENT_ID: ${{ env.AZURE_CLIENT_ID }} + AZURE_TENANT_ID: ${{ env.AZURE_TENANT_ID }} + AZURE_SUBSCRIPTION_ID: ${{ env.AZURE_SUBSCRIPTION_ID }} diff --git a/.github/workflows/release-to-production.yml b/.github/workflows/release-to-production.yml index cbb64250..5c6164fe 100644 --- a/.github/workflows/release-to-production.yml +++ b/.github/workflows/release-to-production.yml @@ -57,9 +57,9 @@ jobs: terraform-folder: "terraform" terraform-var-file: "tfvars/dev.tfvars" terraform-backend-file: "backends/dev.backend.hcl" - AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} - AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} - AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + AZURE_CLIENT_ID: ${{ env.AZURE_CLIENT_ID }} + AZURE_TENANT_ID: ${{ env.AZURE_TENANT_ID }} + AZURE_SUBSCRIPTION_ID: ${{ env.AZURE_SUBSCRIPTION_ID }} - id: terraform-output shell: bash @@ -74,9 +74,9 @@ jobs: echo "integration_tests_account_name=$(terraform output -raw integration_tests_account_name)" >> $GITHUB_OUTPUT echo "api_audience=$(terraform output -raw api_audience)" >> $GITHUB_OUTPUT env: - ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} - ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} + ARM_CLIENT_ID: ${{ env.AZURE_CLIENT_ID }} + ARM_SUBSCRIPTION_ID: ${{ env.AZURE_SUBSCRIPTION_ID }} + ARM_TENANT_ID: ${{ env.AZURE_TENANT_ID }} ARM_USE_AZUREAD: true ARM_USE_OIDC: true @@ -108,9 +108,9 @@ jobs: sql-database-name: ${{ needs.terraform-plan-and-apply-dev.outputs.sql_database_name }} project-folder: "src/database" project-file: "database.sqlproj" - AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} - AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} - AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + AZURE_CLIENT_ID: ${{ env.AZURE_CLIENT_ID }} + AZURE_TENANT_ID: ${{ env.AZURE_TENANT_ID }} + AZURE_SUBSCRIPTION_ID: ${{ env.AZURE_SUBSCRIPTION_ID }} app-service-deploy-dev: environment: Development @@ -127,9 +127,9 @@ jobs: with: web-artifact-name: "repository-webapi" web-app-name: ${{ needs.terraform-plan-and-apply-dev.outputs.web_app_name }} - AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} - AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} - AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + AZURE_CLIENT_ID: ${{ env.AZURE_CLIENT_ID }} + AZURE_TENANT_ID: ${{ env.AZURE_TENANT_ID }} + AZURE_SUBSCRIPTION_ID: ${{ env.AZURE_SUBSCRIPTION_ID }} run-api-integration-tests-dev: environment: Development @@ -143,9 +143,9 @@ jobs: - name: "Az CLI Login" uses: azure/login@v2 with: - client-id: ${{ secrets.AZURE_CLIENT_ID }} - tenant-id: ${{ secrets.AZURE_TENANT_ID }} - subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + client-id: ${{ env.AZURE_CLIENT_ID }} + tenant-id: ${{ env.AZURE_TENANT_ID }} + subscription-id: ${{ env.AZURE_SUBSCRIPTION_ID }} - shell: bash run: | @@ -191,9 +191,9 @@ jobs: terraform-folder: "terraform" terraform-var-file: "tfvars/prd.tfvars" terraform-backend-file: "backends/prd.backend.hcl" - AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} - AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} - AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + AZURE_CLIENT_ID: ${{ env.AZURE_CLIENT_ID }} + AZURE_TENANT_ID: ${{ env.AZURE_TENANT_ID }} + AZURE_SUBSCRIPTION_ID: ${{ env.AZURE_SUBSCRIPTION_ID }} - id: terraform-output shell: bash @@ -208,9 +208,9 @@ jobs: echo "integration_tests_account_name=$(terraform output -raw integration_tests_account_name)" >> $GITHUB_OUTPUT echo "api_audience=$(terraform output -raw api_audience)" >> $GITHUB_OUTPUT env: - ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} - ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} + ARM_CLIENT_ID: ${{ env.AZURE_CLIENT_ID }} + ARM_SUBSCRIPTION_ID: ${{ env.AZURE_SUBSCRIPTION_ID }} + ARM_TENANT_ID: ${{ env.AZURE_TENANT_ID }} ARM_USE_AZUREAD: true ARM_USE_OIDC: true @@ -242,9 +242,9 @@ jobs: sql-database-name: ${{ needs.terraform-plan-and-apply-prd.outputs.sql_database_name }} project-folder: "src/database" project-file: "database.sqlproj" - AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} - AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} - AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + AZURE_CLIENT_ID: ${{ env.AZURE_CLIENT_ID }} + AZURE_TENANT_ID: ${{ env.AZURE_TENANT_ID }} + AZURE_SUBSCRIPTION_ID: ${{ env.AZURE_SUBSCRIPTION_ID }} app-service-deploy-prd: environment: Production @@ -261,9 +261,9 @@ jobs: with: web-artifact-name: "repository-webapi" web-app-name: ${{ needs.terraform-plan-and-apply-prd.outputs.web_app_name }} - AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} - AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} - AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + AZURE_CLIENT_ID: ${{ env.AZURE_CLIENT_ID }} + AZURE_TENANT_ID: ${{ env.AZURE_TENANT_ID }} + AZURE_SUBSCRIPTION_ID: ${{ env.AZURE_SUBSCRIPTION_ID }} run-api-integration-tests-prd: environment: Production @@ -277,9 +277,9 @@ jobs: - name: "Az CLI Login" uses: azure/login@v2 with: - client-id: ${{ secrets.AZURE_CLIENT_ID }} - tenant-id: ${{ secrets.AZURE_TENANT_ID }} - subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + client-id: ${{ env.AZURE_CLIENT_ID }} + tenant-id: ${{ env.AZURE_TENANT_ID }} + subscription-id: ${{ env.AZURE_SUBSCRIPTION_ID }} - shell: bash run: | diff --git a/.github/workflows/update-dashboard-from-staging.yml b/.github/workflows/update-dashboard-from-staging.yml index 414c2bc3..65a2eacc 100644 --- a/.github/workflows/update-dashboard-from-staging.yml +++ b/.github/workflows/update-dashboard-from-staging.yml @@ -22,18 +22,18 @@ jobs: - name: 'Az CLI Login' uses: azure/login@v2 with: - client-id: ${{ secrets.AZURE_CLIENT_ID }} - tenant-id: ${{ secrets.AZURE_TENANT_ID }} - subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + client-id: ${{ env.AZURE_CLIENT_ID }} + tenant-id: ${{ env.AZURE_TENANT_ID }} + subscription-id: ${{ env.AZURE_SUBSCRIPTION_ID }} - uses: frasermolyneux/actions/terraform-plan@main with: terraform-folder: "terraform" terraform-var-file: "tfvars/dev.tfvars" terraform-backend-file: "backends/dev.backend.hcl" - AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} - AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} - AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + AZURE_CLIENT_ID: ${{ env.AZURE_CLIENT_ID }} + AZURE_TENANT_ID: ${{ env.AZURE_TENANT_ID }} + AZURE_SUBSCRIPTION_ID: ${{ env.AZURE_SUBSCRIPTION_ID }} - id: terraform-output shell: bash @@ -42,9 +42,9 @@ jobs: echo "resource_group_name=$(terraform output -raw resource_group_name)" >> $GITHUB_OUTPUT echo "staging_dashboard_name=$(terraform output -raw staging_dashboard_name)" >> $GITHUB_OUTPUT env: - ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} - ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} + ARM_CLIENT_ID: ${{ env.AZURE_CLIENT_ID }} + ARM_SUBSCRIPTION_ID: ${{ env.AZURE_SUBSCRIPTION_ID }} + ARM_TENANT_ID: ${{ env.AZURE_TENANT_ID }} ARM_USE_AZUREAD: true ARM_USE_OIDC: true