Adding vouchers to rev proxy #27
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Reverse Proxy | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| types: [opened, synchronize, reopened, closed] | |
| branches: | |
| - main | |
| env: | |
| IMAGE_NAME: wam-proxy-api | |
| permissions: | |
| id-token: write | |
| contents: read | |
| jobs: | |
| versionize: | |
| if: github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.action != 'closed') | |
| runs-on: ubuntu-latest | |
| outputs: | |
| semver: ${{ steps.gitversion.outputs.SemVer }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| - name: Install GitVersion | |
| uses: gittools/actions/gitversion/setup@v0.9.15 | |
| with: | |
| versionSpec: "5.x" | |
| - name: Determine Version | |
| id: gitversion | |
| uses: gittools/actions/gitversion/execute@v0.9.15 | |
| with: | |
| useConfigFile: true | |
| build: | |
| if: github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.action != 'closed') | |
| runs-on: ubuntu-latest | |
| needs: versionize | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Build container images | |
| working-directory: src | |
| run: | | |
| docker build . --file Dockerfile --tag ${{ secrets.ACR_LOGIN_SERVER }}/$IMAGE_NAME:${{needs.versionize.outputs.semver}} | |
| docker build . --file Dockerfile --tag ${{ secrets.ACR_LOGIN_SERVER }}/$IMAGE_NAME:latest | |
| - name: Login to ACR | |
| uses: azure/docker-login@v1 | |
| with: | |
| login-server: ${{ secrets.ACR_LOGIN_SERVER }} | |
| username: ${{ secrets.ACR_USERNAME }} | |
| password: ${{ secrets.ACR_PASSWORD }} | |
| - name: Push container images | |
| working-directory: src | |
| run: | | |
| docker push ${{ secrets.ACR_LOGIN_SERVER }}/$IMAGE_NAME:${{needs.versionize.outputs.semver}} | |
| docker push ${{ secrets.ACR_LOGIN_SERVER }}/$IMAGE_NAME:latest | |
| publish-bicep: | |
| if: github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.action != 'closed') | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Transpile Infra | |
| working-directory: infrastructure | |
| run: | | |
| bicep build-params test.main.bicepparam | |
| az bicep build --file main.bicep | |
| - name: Publish Artifact | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: bicep-templates | |
| path: infrastructure/*.json | |
| infrastructure-incremental-test: | |
| if: github.event_name == 'push' | |
| needs: [build, publish-bicep, versionize] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| - name: Download Artifact | |
| uses: actions/download-artifact@v2 | |
| with: | |
| name: bicep-templates | |
| path: ./infrastructure | |
| - name: Az CLI login | |
| uses: azure/login@v1 | |
| with: | |
| client-id: ${{ secrets.WAM_TST_CLIENT_ID }} | |
| tenant-id: ${{ secrets.WAM_TST_TENANT_ID }} | |
| subscription-id: ${{ secrets.WAM_TST_SUBSCRIPTION_ID }} | |
| - name: Deploy Infrastructure | |
| id: arm | |
| uses: Azure/cli@v1 | |
| with: | |
| inlineScript: az deployment sub create --name $IMAGE_NAME --location northeurope --template-file ./infrastructure/main.json --parameters ./infrastructure/test.main.json --parameters containerVersion=${{needs.versionize.outputs.semver}} acrLoginServer=${{ secrets.ACR_LOGIN_SERVER }} acrUsername=${{ secrets.ACR_USERNAME }} acrPassword=${{ secrets.ACR_PASSWORD }} |