.github/workflows/deploy.yml

name: deploy

on:
  workflow_call:
    inputs:
      environment:
        description: "Name of the environment to deploy to"
        required: true
        type: string
      url:
        description: "URL of the site"
        required: false
        type: string

permissions:
  id-token: write
  contents: read
  checks: write

defaults:
  run:
    shell: pwsh

jobs:
  deploy-bicep:
    runs-on: ubuntu-latest
    environment: 
      name: ${{ inputs.environment }}
      url: ${{ inputs.url }}
    outputs:
      storageName: ${{steps.deploy-bicep.outputs.websiteStorageAccountName}}
    env:
      AZURE_RESOURCE_GROUP: ${{ secrets.AZURE_RESOURCE_GROUP}}
      CLIENT_ID: ${{ secrets.CLIENT_ID }}
      TENANT_ID: ${{ secrets.TENANT_ID }}
      SUBSCRIPTION_ID: ${{ secrets.SUBSCRIPTION_ID }}

    steps:
      - name: Checkout Repo
        uses: actions/checkout@v3

      - name: Login to Azure
        uses: azure/login@v1
        with:
          client-id: ${{ env.CLIENT_ID }}
          tenant-id: ${{ env.TENANT_ID }}
          subscription-id: ${{ env.SUBSCRIPTION_ID }}

      - name: Validate Bicep
        uses: azure/arm-deploy@v1
        with:
          failOnStdErr: false
          template: infra/deploy.bicep
          resourceGroupName: ${{env.AZURE_RESOURCE_GROUP}}
          subscriptionId: ${{secrets.SUBSCRIPTION_ID}}
          scope: resourcegroup
          additionalArguments: "--what-if"
          parameters: projectName=SSW.Dory environment=${{inputs.environment}} tags="{\"Deployed\":\"yes\", \"cost-category\":\"value\"}"

      - name: Deploy Bicep
        id: deploy-bicep
        uses: azure/arm-deploy@v1
        with:
          failOnStdErr: false
          template: infra/deploy.bicep
          resourceGroupName: ${{env.AZURE_RESOURCE_GROUP}}
          subscriptionId: ${{secrets.SUBSCRIPTION_ID}}
          scope: resourcegroup
          parameters: projectName=SSW.Dory environment=${{inputs.environment}} tags="{\"Deployed\":\"yes\", \"cost-category\":\"value\"}"

      - name: Staging Preview Url
        if: ${{ inputs.environment == 'staging' }}
        run: |
          echo "## Staging Preview Url" >> $GITHUB_STEP_SUMMARY
          echo "https://staging.sswdory.com" >> $GITHUB_STEP_SUMMARY

  deploy-site-prod:
    uses: ./.github/workflows/deploy-static-site.yml
    with:
      environment: ${{inputs.environment}}
      storageName: ${{needs.deploy-bicep.outputs.storageName}}
    secrets: inherit
    needs: deploy-bicep