Remove the test build pipelines #82
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Description: This workflow is used to build the infrastructure for the Dashboard Service | |
name: Build the Infra Automation for Dashboard Service | |
on: | |
workflow_dispatch: # Allow manual trigger | |
push: | |
branches: | |
- main | |
- "feature/**" # Include feature branches for init and plan only | |
- "bugfix/**" | |
- "hotfix/**" | |
pull_request: | |
branches: | |
- main # Validate PRs to main with init and plan | |
jobs: | |
terraform: | |
runs-on: ubuntu-latest | |
steps: | |
# Step 1: Check out the repository | |
- name: Checkout Repository | |
uses: actions/checkout@v3 | |
# Step 2: Set up HashiCorp Terraform | |
- name: Set up Terraform | |
uses: hashicorp/setup-terraform@v2 | |
with: | |
terraform_wrapper: false | |
# Step 3: Set up Azure CLI for authentication | |
- name: Azure Login | |
uses: azure/login@v1 | |
with: | |
creds: ${{ secrets.AZURE_CREDENTIALS }} | |
# Step 4: Set up Azure Storage Backend if it doesn't already exist | |
- name: Set Up Azure Storage Backend for Terraform State | |
id: setup_azure_storage | |
run: | | |
if ! az group show --name "dashboard-state-rg" &>/dev/null; then | |
echo "Creating resource group: dashboard-state-rg" | |
az group create --name "dashboard-state-rg" --location "eastus" | |
fi | |
if ! az storage account show --name "dashboardstatestg" --resource-group "dashboard-state-rg" &>/dev/null; then | |
echo "Creating storage account: dashboardstatestg" | |
az storage account create --name "dashboardstatestg" --resource-group "dashboard-state-rg" --location "eastus" --sku Standard_LRS | |
fi | |
AZURE_STORAGE_KEY=$(az storage account keys list --resource-group "dashboard-state-rg" --account-name "dashboardstatestg" --query "[0].value" --output tsv) | |
echo "::set-output name=AZURE_STORAGE_KEY::$AZURE_STORAGE_KEY" | |
if ! az storage container show --name "dashboard-tfstate" --account-name "dashboardstatestg" --account-key "$AZURE_STORAGE_KEY" &>/dev/null; then | |
echo "Creating blob container: dashboard-tfstate" | |
az storage container create --name "dashboard-tfstate" --account-name "dashboardstatestg" --account-key "$AZURE_STORAGE_KEY" | |
fi | |
az vm image terms accept --publisher openvpn --offer openvpnas --plan openvpnas --subscription ${{ secrets.ARM_SUBSCRIPTION_ID }} || true | |
az vm image terms show --publisher openvpn --offer openvpnas --plan openvpnas --subscription ${{ secrets.ARM_SUBSCRIPTION_ID }} || true | |
# Step 5: Initialize Terraform with remote backend configuration | |
- name: Terraform Init | |
run: terraform init -input=false -backend-config="storage_account_name=dashboardstatestg" -backend-config="container_name=dashboard-tfstate" -backend-config="key=terraform.tfstate" -backend-config="access_key=${{ steps.setup_azure_storage.outputs.AZURE_STORAGE_KEY }}" | |
working-directory: infra_env_dashboard/infra-automation | |
env: | |
TF_VAR_client_id: ${{ secrets.ARM_CLIENT_ID }} | |
TF_VAR_client_secret: ${{ secrets.ARM_CLIENT_SECRET }} | |
TF_VAR_subscription_id: ${{ secrets.ARM_SUBSCRIPTION_ID }} | |
TF_VAR_tenant_id: ${{ secrets.ARM_TENANT_ID }} | |
# Step 6: Terraform Plan (Run on all branches) | |
- name: Terraform Plan | |
run: terraform plan -input=false -lock=true -refresh=true | |
working-directory: infra_env_dashboard/infra-automation | |
env: | |
TF_VAR_client_id: ${{ secrets.ARM_CLIENT_ID }} | |
TF_VAR_client_secret: ${{ secrets.ARM_CLIENT_SECRET }} | |
TF_VAR_subscription_id: ${{ secrets.ARM_SUBSCRIPTION_ID }} | |
TF_VAR_tenant_id: ${{ secrets.ARM_TENANT_ID }} | |
TF_VAR_admin_password: ${{ secrets.ADMIN_PASSWORD }} | |
TF_VAR_vm_admin_password: ${{ secrets.ADMIN_PASSWORD }} | |
TF_VAR_resource_group_name: "dashboard-service-rg" | |
# Step 7: Conditional Terraform Apply (Only on Main Branch or Manual Dispatch) | |
- name: Terraform Apply | |
if: github.ref == 'refs/heads/main' || github.event_name == 'workflow_dispatch' | |
run: terraform apply -input=false -auto-approve=true -lock=true -lock-timeout=7200s -refresh=true | |
working-directory: infra_env_dashboard/infra-automation | |
env: | |
TF_VAR_client_id: ${{ secrets.ARM_CLIENT_ID }} | |
TF_VAR_client_secret: ${{ secrets.ARM_CLIENT_SECRET }} | |
TF_VAR_subscription_id: ${{ secrets.ARM_SUBSCRIPTION_ID }} | |
TF_VAR_tenant_id: ${{ secrets.ARM_TENANT_ID }} | |
ARM_ACCESS_KEY: ${{ steps.setup_azure_storage.outputs.AZURE_STORAGE_KEY }} | |
TF_VAR_admin_password: ${{ secrets.ADMIN_PASSWORD }} | |
TF_VAR_vm_admin_password: ${{ secrets.ADMIN_PASSWORD }} | |
TF_VAR_resource_group_name: "dashboard-service-rg" |