Merge pull request #226 from gentlementlegen/fix/logs #2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Docs for the Azure Web Apps Deploy action: https://github.com/azure/functions-action | |
# More GitHub Actions for Azure: https://github.com/Azure/actions | |
name: Build and deploy Node.js project to Azure Function App - ubiquity-os | |
on: | |
push: | |
branches: | |
- development | |
workflow_dispatch: | |
env: | |
AZURE_FUNCTIONAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root | |
NODE_VERSION: '20.10.0' | |
jobs: | |
build: | |
runs-on: windows-latest | |
steps: | |
- name: 'Checkout GitHub Action' | |
uses: actions/checkout@v4 | |
- name: Setup Node ${{ env.NODE_VERSION }} Environment | |
uses: actions/setup-node@v4 | |
with: | |
node-version: ${{ env.NODE_VERSION }} | |
- uses: oven-sh/setup-bun@v2 | |
- name: 'Resolve Project Dependencies Using Bun' | |
shell: pwsh | |
run: | | |
pushd './${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }}' | |
bun install --frozen-lockfile | |
bun run jest:test | |
bun run build | |
bun rimraf node_modules | |
bun install --frozen-lockfile --production | |
popd | |
- name: Upload artifact for deployment job | |
uses: actions/upload-artifact@v4 | |
with: | |
name: node-app | |
path: . | |
update-environment: | |
runs-on: ubuntu-latest | |
needs: build | |
permissions: | |
id-token: write | |
steps: | |
- name: Generate local.settings.json | |
env: | |
GITHUB_SECRETS: ${{ toJson(secrets) }} | |
shell: bash | |
run: | | |
# Parse the JSON secrets | |
secrets=$(echo "$GITHUB_SECRETS" | jq -c '.') | |
# Create the base settings object | |
settings=$(jq -n '{ | |
"IsEncrypted": false, | |
"Values": {} | |
}') | |
# Define excluded prefixes | |
excluded_prefixes=("GITHUB_" "ACTIONS_" "AZUREAPPSERVICE_") | |
# Iterate through secrets and add non-excluded ones | |
for secret_name in $(echo "$secrets" | jq -r 'keys[]'); do | |
# Check if the secret should be included | |
include=true | |
for prefix in "${excluded_prefixes[@]}"; do | |
if [[ "$secret_name" == "$prefix"* ]]; then | |
include=false | |
break | |
fi | |
done | |
# Add the secret if it passes the filter | |
if [ "$include" = true ]; then | |
secret_value=$(echo "$secrets" | jq -r ".[\"$secret_name\"]") | |
settings=$(echo "$settings" | jq --arg name "$secret_name" --arg value "$secret_value" '.Values[$name] = $value') | |
fi | |
done | |
# Output the final settings to local.settings.json | |
echo "$settings" | jq '.' > local.settings.json | |
- uses: azure/login@v2 | |
with: | |
client-id: ${{ secrets.AZUREAPPSERVICE_CLIENTID }} | |
tenant-id: ${{ secrets.AZUREAPPSERVICE_TENANTID }} | |
subscription-id: ${{ secrets.AZUREAPPSERVICE_SUBSCRIPTIONID }} | |
- name: Azure CLI script to upload environment | |
uses: azure/cli@v2 | |
with: | |
azcliversion: latest | |
inlineScript: | | |
az account show | |
az functionapp config appsettings set \ | |
--name ubiquity-os \ | |
--resource-group ubiquity-os_group \ | |
--settings @local.settings.json | |
deploy: | |
runs-on: windows-latest | |
needs: build | |
permissions: | |
id-token: write #This is required for requesting the JWT | |
steps: | |
- name: Download artifact from build job | |
uses: actions/download-artifact@v4 | |
with: | |
name: node-app | |
- name: Login to Azure | |
uses: azure/login@v2 | |
with: | |
client-id: ${{ secrets.AZUREAPPSERVICE_CLIENTID }} | |
tenant-id: ${{ secrets.AZUREAPPSERVICE_TENANTID }} | |
subscription-id: ${{ secrets.AZUREAPPSERVICE_SUBSCRIPTIONID }} | |
- name: 'Run Azure Functions Action' | |
uses: Azure/functions-action@v1 | |
id: fa | |
with: | |
app-name: 'ubiquity-os' | |
slot-name: 'Production' | |
package: ${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }} | |