azure-upload.yml

name: Azure Upload

on:
  workflow_dispatch:

permissions:
  contents: read

jobs:
  azure-upload:
    permissions:
      contents: write
    name: Azure Upload Release
    runs-on: ubuntu-22.04
    steps:
      - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
        with:
          fetch-depth: 0
      - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
        with:
          go-version-file: 'go.mod'
      - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
      - run: npm install semver@7.6.2
      - name: Setup build environment
        run: |
          if [ "${{ env.ACT }}" = "true" ]; then
            SUDO_CMD=""
          else
            SUDO_CMD="sudo"
          fi
          $SUDO_CMD apt-get update
          $SUDO_CMD apt-get install -y gpgv1 monkeysphere jq make git
          go install github.com/goreleaser/nfpm/v2/cmd/nfpm@v2.35.3
      - name: Set Environment Variables
        run: |
          echo "${{steps.release.outputs.result}}"
          echo "VERSION=$(echo '${{steps.release.outputs.result}}' | jq -r '.version')" >> $GITHUB_ENV
          echo "RELEASE_ID=$(echo '${{steps.release.outputs.result}}' | jq -r '.release_id')" >> $GITHUB_ENV
          echo "RELEASE_UPLOAD_URL=$(echo '${{steps.release.outputs.result}}' | jq -r '.release_upload_url')" >> $GITHUB_ENV
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0
      - name: Build Docker Image
        uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0
        with:
          file: scripts/packages/packager/Dockerfile
          tags: build-signed-packager:1.0.0
          context: '.'
          push: false
          load: true
          no-cache: true
          build-args: |
            package_type=signed-package
      - name: Build Packages
        env:
          INDIGO_GPG_AGENT: ${{ secrets.INDIGO_GPG_AGENT }}
          NFPM_SIGNING_KEY_FILE: .key.asc
        run: |
          echo "$INDIGO_GPG_AGENT" | base64 --decode > .key.asc
          make clean package
      - name: Azure Login
        uses: azure/login@6b2456866fc08b011acb422a92a4aa20e2c4de32 # v2.1.0
        with:
          creds: ${{ secrets.AZURE_CREDENTIALS }}
      - name: Azure Upload Release Packages
        uses: azure/CLI@965c8d7571d2231a54e321ddd07f7b10317f34d9 # v2.0.0
        with:
          inlineScript: |
            for i in ./build/azure/packages/nginx-agent*; do 
              az storage blob upload --auth-mode=login -f "$i" -c ${{ secrets.AZURE_CONTAINER_NAME }} \
              --account-name ${{ secrets.AZURE_ACCOUNT_NAME }} --overwrite -n nginx-agent/${GITHUB_REF##*/}/${i##*/}
            done 
      - name: Azure Logout
        run: |
          az logout
        if: always()