generated from ubiquity/ts-template
-
Notifications
You must be signed in to change notification settings - Fork 19
137 lines (113 loc) · 4.03 KB
/
azure-deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
# Docs for the Azure Web Apps Deploy action: https://github.com/azure/functions-action
# More GitHub Actions for Azure: https://github.com/Azure/actions
name: Build and deploy Node.js project to Azure Function App - ubiquity-os
on:
push:
branches:
- development
workflow_dispatch:
env:
AZURE_FUNCTIONAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root
NODE_VERSION: '20.10.0'
jobs:
build:
runs-on: windows-latest
steps:
- name: 'Checkout GitHub Action'
uses: actions/checkout@v4
- name: Setup Node ${{ env.NODE_VERSION }} Environment
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
- uses: oven-sh/setup-bun@v2
- name: 'Resolve Project Dependencies Using Bun'
shell: pwsh
run: |
pushd './${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }}'
bun install --frozen-lockfile
bun run jest:test
bun run build
bun rimraf node_modules
bun install --frozen-lockfile --production
popd
- name: Upload artifact for deployment job
uses: actions/upload-artifact@v4
with:
name: node-app
path: .
update-environment:
runs-on: ubuntu-latest
needs: build
permissions:
id-token: write
steps:
- name: Generate local.settings.json
env:
GITHUB_SECRETS: ${{ toJson(secrets) }}
shell: bash
run: |
# Parse the JSON secrets
secrets=$(echo "$GITHUB_SECRETS" | jq -c '.')
# Create the base settings object
settings=$(jq -n '{
"IsEncrypted": false,
"Values": {}
}')
# Define excluded prefixes
excluded_prefixes=("GITHUB_" "ACTIONS_" "AZUREAPPSERVICE_")
# Iterate through secrets and add non-excluded ones
for secret_name in $(echo "$secrets" | jq -r 'keys[]'); do
# Check if the secret should be included
include=true
for prefix in "${excluded_prefixes[@]}"; do
if [[ "$secret_name" == "$prefix"* ]]; then
include=false
break
fi
done
# Add the secret if it passes the filter
if [ "$include" = true ]; then
secret_value=$(echo "$secrets" | jq -r ".[\"$secret_name\"]")
settings=$(echo "$settings" | jq --arg name "$secret_name" --arg value "$secret_value" '.Values[$name] = $value')
fi
done
# Output the final settings to local.settings.json
echo "$settings" | jq '.' > local.settings.json
- uses: azure/login@v2
with:
client-id: ${{ secrets.AZUREAPPSERVICE_CLIENTID }}
tenant-id: ${{ secrets.AZUREAPPSERVICE_TENANTID }}
subscription-id: ${{ secrets.AZUREAPPSERVICE_SUBSCRIPTIONID }}
- name: Azure CLI script to upload environment
uses: azure/cli@v2
with:
azcliversion: latest
inlineScript: |
az account show
az functionapp config appsettings set \
--name ubiquity-os \
--resource-group ubiquity-os_group \
--settings @local.settings.json
deploy:
runs-on: windows-latest
needs: build
permissions:
id-token: write #This is required for requesting the JWT
steps:
- name: Download artifact from build job
uses: actions/download-artifact@v4
with:
name: node-app
- name: Login to Azure
uses: azure/login@v2
with:
client-id: ${{ secrets.AZUREAPPSERVICE_CLIENTID }}
tenant-id: ${{ secrets.AZUREAPPSERVICE_TENANTID }}
subscription-id: ${{ secrets.AZUREAPPSERVICE_SUBSCRIPTIONID }}
- name: 'Run Azure Functions Action'
uses: Azure/functions-action@v1
id: fa
with:
app-name: 'ubiquity-os'
slot-name: 'Production'
package: ${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }}