-
Notifications
You must be signed in to change notification settings - Fork 1
104 lines (91 loc) · 3.26 KB
/
deploy-to-radix.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
name: "Deploy to radix"
on:
push:
branches:
- ci/demo-deploy
workflow_dispatch:
inputs:
radix-environment:
description: "Which radix environment to deploy into"
default: "dev"
required: true
type: string
workflow_call: # Workflow is meant to be called from another workflow
inputs:
radix-environment:
description: "Which radix environment to deploy into"
default: "dev"
required: true
type: string
permissions:
id-token: write
contents: read
env:
RADIX_APP: dm-demos
RADIX_USER: [email protected]
jobs:
deploy-on-radix:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@master
# You'll need an app registration with a Federated Credential for this to
# work. Note that the credential will need to specify a branch name. This
# step will therefore fail for all branches not mentioned in the credentials
- name: Az CLI login
uses: azure/login@v1
with:
client-id: 9bc1cfd7-c616-45d2-8827-22ae9d1e0567 # app registration Application ID
tenant-id: 3aa4a235-b6e2-48d5-9195-7fcf05b459b0
allow-no-subscriptions: true
- name: Get Azure principal token for Radix
# The resource 6dae42f8-4368-4678-94ff-3960e28e3630 is a fixed Application ID,
# corresponding to the Azure Kubernetes Service AAD Server.
run: |
token=$(az account get-access-token --resource 6dae42f8-4368-4678-94ff-3960e28e3630 --query=accessToken -otsv)
echo "::add-mask::$token"
echo "APP_SERVICE_ACCOUNT_TOKEN=$token" >> $GITHUB_ENV
- name: Deploy on Radix
uses: equinor/radix-github-actions@master
env:
APP_SERVICE_ACCOUNT_TOKEN: ${{ env.APP_SERVICE_ACCOUNT_TOKEN }}
with:
args: >
create job
build-deploy
--application dm-demos
--context production
--branch main
--follow
- name: Get Azure principal token for Azure application
run: |
token=$(az account get-access-token --resource 9bc1cfd7-c616-45d2-8827-22ae9d1e0567 --query=accessToken -otsv)
echo "::add-mask::$token"
echo "RESET_APP_TOKEN=$token" >> $GITHUB_ENV
- uses: actions/setup-python@v4
with:
python-version: '3.11'
- name: Install dm-cli
working-directory: ./example
run: pip install dm-cli
- uses: actions/setup-node@v4
with:
node-version: 20
- name: Cache node modules
uses: actions/cache@v3
env:
cache-name: cache-example-node-modules
with:
path: ./example/node_modules
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('./example/package.json')}}
- name: Install dependencies
working-directory: ./example
run: yarn install
- name: Reset application
working-directory: ./example
env:
RESET_APP_TOKEN: ${{ env.RESET_APP_TOKEN }}
MONGO_PASSWORD: ${{ secrets.MONGO_PASSWORD_DEV }}
run: |
rm -rf app/data_source_templates
mv app/data_source_templates_radix_demo app/data_source_templates
./reset-app.sh dev ${{ env.RESET_APP_TOKEN }}