-
-
Notifications
You must be signed in to change notification settings - Fork 242
77 lines (64 loc) · 2.29 KB
/
publish.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
name: Publish
on:
push:
tags: [ v* ]
env:
DOTNET_VERSION: 6.0.x
BICEP_VERSION: 0.26.170
jobs:
publish:
runs-on: ubuntu-latest
outputs:
version: ${{ steps.setup_version.outputs.version }}
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Use .NET ${{ env.DOTNET_VERSION }}
uses: actions/setup-dotnet@v4
with:
dotnet-version: ${{ env.DOTNET_VERSION }}
- name: Setup Version
id: setup_version
run: echo "VERSION=${GITHUB_REF/refs\/tags\/v/}" >> $GITHUB_OUTPUT
- name: Publish Function app
run: dotnet publish -c Release -r win-x86 --no-self-contained -o ./dist -p:Version=${{ steps.setup_version.outputs.version }} KeyVault.Acmebot
- name: Zip Function app
run: 7z a -mx=9 latest.zip ./dist/*
- name: Upload artifacts
uses: actions/upload-artifact@v4
with:
name: dist
path: |
latest.zip
azuredeploy.bicep
deploy:
environment: production
needs: publish
permissions:
id-token: write
contents: read
runs-on: ubuntu-latest
steps:
- name: Azure Login
uses: azure/login@v2
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- name: Use Bicep ${{ env.BICEP_VERSION }}
run: |
az config set bicep.use_binary_from_path=false
az bicep install --version v${{ env.BICEP_VERSION }}
- name: Download artifacts
uses: actions/download-artifact@v4
with:
name: dist
- name: Upload to Blob
run: |
az storage blob upload --auth-mode login -f latest.zip --account-name stacmebotprod -c keyvault-acmebot -n v4/latest.zip --overwrite
az storage blob upload --auth-mode login -f latest.zip --account-name stacmebotprod -c keyvault-acmebot -n v4/${{ needs.publish.outputs.version }}.zip --overwrite
- name: Publish to Private Registry
run: |
az bicep publish --file azuredeploy.bicep --target br:cracmebotprod.azurecr.io/bicep/modules/keyvault-acmebot:v4 --force
az bicep publish --file azuredeploy.bicep --target br:cracmebotprod.azurecr.io/bicep/modules/keyvault-acmebot:v${{ needs.publish.outputs.version }} --force