Update cd pipeline to deploy to microsoft.com tenant #11
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "deploy-mccf-resource" | |
on: | |
pull_request: | |
workflow_dispatch: | |
permissions: | |
id-token: write | |
jobs: | |
deploy: | |
name: Managed CCF | |
runs-on: ubuntu-20.04 | |
environment: dev | |
env: | |
ccfName: ccf-app-samples-test-${{ github.run_number }} | |
rgName: ccf-app-samples-test-${{ github.run_number }}-rg | |
ResourceGroupLocation: "westeurope" | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
persist-credentials: false | |
- name: Azure Login | |
uses: Azure/[email protected] | |
with: | |
client-id: ${{ secrets.AZURE_CLIENT_ID }} | |
tenant-id: ${{ secrets.AZURE_TENANT_ID }} | |
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
- name: Login to GH-CR to push the updated devcontainer image | |
uses: docker/login-action@v1 | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Create Resource Group | |
uses: Azure/CLI@v1 | |
with: | |
inlineScript: | | |
#!/bin/bash | |
az group create --name ${{ env.rgName }} --location ${{ env.ResourceGroupLocation }} | |
- name: Deploy Managed CCF Network | |
uses: azure/arm-deploy@v1 | |
with: | |
resourceGroupName: ${{ env.rgName }} | |
template: ./deploy/arm/mccf.json | |
parameters: ./deploy/arm/parameters.json mccfMemberBasedSecurityPrincipals="[{\"cert\":\"${{ secrets.ARM_TEMPLATE_PUBLIC_CERT }}\", \"encryptionKey\":\"\"}]" resourceName="${{ env.ccfName }}" | |
- name: Deploy Banking Sample to mCCF | |
uses: devcontainers/[email protected] | |
with: | |
imageName: ghcr.io/microsoft/ccf-samples-devcontainer | |
cacheFrom: ghcr.io/microsoft/ccf-samples-devcontainer | |
runCmd: | | |
cd banking-app && make test-mccf | |
env: | | |
PUBLIC_CERT=${{ secrets.PUBLIC_CERT }} | |
PRIVATE_CERT=${{ secrets.PRIVATE_CERT }} | |
CCF_NAME=${{ env.ccfName }} | |
- name: Delete Resource Group | |
uses: Azure/CLI@v1 | |
if: always() | |
with: | |
inlineScript: | | |
#!/bin/bash | |
echo "Always delete resource group because of quota" | |
az group delete --name ${{ env.rgName }} --yes --no-wait |