deploy-infra-and-apis #118
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: deploy-infra-and-apis | |
| on: | |
| push: | |
| paths: | |
| - "infra/**" | |
| workflow_dispatch: | |
| permissions: | |
| packages: write | |
| env: | |
| TEMPLATE_FILE_PATH: ./infra/main.bicep | |
| PHOTO_API_NAME: 'photo' | |
| PHOTO_API_PORT: 8080 | |
| RESIZE_API_NAME: 'resize' | |
| RESIZE_API_PORT: 8080 | |
| VERSION: 1.0.0 | |
| CLOUDFLARE_ZONE_ID: 'b553a0e598bd23879036daf46b81cbb3' | |
| CLOUDFLARE_EMAIL: '[email protected]' | |
| CLOUDFLARE_API_KEY: 'cloudflare_api_key' | |
| DNS_SCRIPT_URI: 'https://raw.githubusercontent.com/cbellee/photo-api/refs/heads/main/scripts/cloudflare-dns.ps1' | |
| CLOUD_CONNECTOR_SCRIPT_URI: 'https://raw.githubusercontent.com/cbellee/photo-api/refs/heads/main/scripts/cloudflare-connector-rule.ps1' | |
| jobs: | |
| deploy-rg-job: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| rgName: ${{ steps.gen-rg-name.outputs.rgName }} | |
| photoApiImage: ${{ steps.gen-image-names.outputs.photoApiImage }} | |
| resizeApiImage: ${{ steps.gen-image-names.outputs.resizeApiImage }} | |
| steps: | |
| - name: checkout-code | |
| id: checkout-code | |
| uses: actions/checkout@main | |
| - name: gen-rg-name | |
| id: gen-rg-name | |
| run: | | |
| echo "rgName: ${{ vars.APP_NAME }}-${{ vars.LOCATION }}-rg" | |
| echo "rgName=${{ vars.APP_NAME }}-${{ vars.LOCATION }}-rg" >> "$GITHUB_OUTPUT" | |
| echo "RG_NAME=${{ vars.APP_NAME }}-${{ vars.LOCATION }}-rg" >> "$GITHUB_ENV" | |
| - name: short-sha | |
| id: short-sha | |
| run: | | |
| echo "sha: sha=$(git rev-parse --short HEAD)" | |
| echo "SHA=$(git rev-parse --short HEAD)" >> "$GITHUB_ENV" | |
| - name: login-azure | |
| id: login-azure | |
| uses: azure/login@v2 | |
| with: | |
| creds: ${{ secrets.AZURE_CREDENTIALS }} | |
| - name: create-resource-group | |
| id: create-resource-group | |
| uses: azure/CLI@v1 | |
| with: | |
| azcliversion: 2.67.0 | |
| inlineScript: | | |
| az group create --name $RG_NAME --location ${{ vars.LOCATION }} | |
| - name: gen-image-names | |
| id: gen-image-names | |
| run: | | |
| echo "photoApiImage: ghcr.io/${GITHUB_REPOSITORY_OWNER}/${{ env.PHOTO_API_NAME }}:${{ env.VERSION }}-$SHA" | |
| echo "photoApiImage=ghcr.io/${GITHUB_REPOSITORY_OWNER}/${{ env.PHOTO_API_NAME }}:${{ env.VERSION }}-$SHA" >> $GITHUB_OUTPUT | |
| echo "resizeApiImage: ghcr.io/${GITHUB_REPOSITORY_OWNER}/${{ env.RESIZE_API_NAME }}:${{ env.VERSION }}-$SHA" | |
| echo "resizeApiImage=ghcr.io/${GITHUB_REPOSITORY_OWNER}/${{ env.RESIZE_API_NAME }}:${{ env.VERSION }}-$SHA" >> $GITHUB_OUTPUT | |
| build-photo-api-job: | |
| runs-on: ubuntu-latest | |
| needs: [deploy-rg-job] | |
| steps: | |
| - name: checkout-code | |
| id: checkout-code | |
| uses: actions/checkout@main | |
| - name: login-ghcr | |
| id: login-ghcr | |
| uses: docker/login-action@v1 | |
| with: | |
| registry: ghcr.io | |
| username: ${{github.actor}} | |
| password: ${{secrets.GITHUB_TOKEN}} | |
| - name: build-and-push-image | |
| run: | | |
| docker build --tag "${{ needs.deploy-rg-job.outputs.photoApiImage }}" \ | |
| --build-arg SERVICE_NAME=${{ env.PHOTO_API_NAME }} \ | |
| --build-arg SERVICE_PORT=${{ env.PHOTO_API_PORT }} \ | |
| -f ./Dockerfile . | |
| docker push "${{ needs.deploy-rg-job.outputs.photoApiImage }}" | |
| build-resize-api-job: | |
| runs-on: ubuntu-latest | |
| needs: deploy-rg-job | |
| steps: | |
| - name: checkout-code | |
| id: checkout-code | |
| uses: actions/checkout@main | |
| - name: login-ghcr | |
| id: login-ghcr | |
| uses: docker/login-action@v1 | |
| with: | |
| registry: ghcr.io | |
| username: ${{github.actor}} | |
| password: ${{secrets.GITHUB_TOKEN}} | |
| - name: build-and-push-image | |
| run: | | |
| docker build --tag "${{ needs.deploy-rg-job.outputs.resizeApiImage }}" \ | |
| --build-arg SERVICE_NAME=${{ env.RESIZE_API_NAME }} \ | |
| --build-arg SERVICE_PORT=${{ env.RESIZE_API_PORT }} \ | |
| -f ./Dockerfile . | |
| docker push "${{ needs.deploy-rg-job.outputs.resizeApiImage }}" | |
| build-and-deploy-infra-job: | |
| runs-on: ubuntu-latest | |
| needs: [deploy-rg-job, build-photo-api-job, build-resize-api-job] | |
| steps: | |
| - name: checkout-code | |
| id: checkout-code | |
| uses: actions/checkout@main | |
| - name: login-azure | |
| id: login-azure | |
| uses: azure/login@v2 | |
| with: | |
| creds: ${{ secrets.AZURE_CREDENTIALS }} | |
| - name: deploy-infra-cli | |
| id: deploy-infra-cli | |
| uses: azure/cli@v2 | |
| continue-on-error: false | |
| with: | |
| azcliversion: 2.67.0 | |
| inlineScript: | | |
| az deployment group create \ | |
| --name deploy-infra \ | |
| --resource-group ${{ needs.deploy-rg-job.outputs.rgName}} \ | |
| --template-file ${{ env.TEMPLATE_FILE_PATH }} \ | |
| --parameters photoApiContainerImage=${{ needs.deploy-rg-job.outputs.photoApiImage }} \ | |
| --parameters resizeApiContainerImage=${{ needs.deploy-rg-job.outputs.resizeApiImage }} \ | |
| --parameters ghcrPullToken=${{ secrets.PAT_TOKEN }} \ | |
| --parameters ghcrName='ghcr.io' \ | |
| --parameters githubUsername=${{ github.actor }} \ | |
| --parameters cNameRecord=${{ vars.CNAME }} \ | |
| --parameters zoneName=${{ vars.ZONE_NAME }} \ | |
| --parameters cloudFlareApiToken=${{ secrets.CLOUDFLARE_API_TOKEN }} \ | |
| --parameters cloudFlareZoneId=${{ secrets.CLOUDFLARE_ZONE_ID }} \ | |
| --parameters dnsScriptUri=${{ env.DNS_SCRIPT_URI }} \ | |
| --parameters cloudConnectorScriptUri=${{ env.CLOUD_CONNECTOR_SCRIPT_URI }} |