Add CI/CD workflow for Azure deployment with DNS/SSL verification

[Copilot]

Repository lacked automated deployment workflows for Azure infrastructure. Added complete CI/CD pipeline with containerization, deployment verification, and production readiness monitoring.

Changes

Azure Deployment (azure-deploy.yml)

• Build → Docker image → GHCR push → Azure Web App deploy
• Triggers on main branch pushes
• Deployment health verification with retry logic

Docker Configuration

• Multi-stage build: Node.js 20 Alpine builder + nginx Alpine
• nginx.conf with health endpoint, security headers, SPA routing, API proxy to Azure APIM

DNS/SSL Verification (dns-ssl-verification.yml)

• Scheduled every 6 hours
• CNAME verification against gratech-api-gateway.azure-api.net
• DNS propagation checks across global resolvers (Google, Cloudflare, OpenDNS, Neustar, Quad9, Verisign)
• SSL certificate expiry monitoring with 30-day warning threshold
• Production readiness confidence scoring

Production Tests (production-tests.yml)

• Unit tests, build verification, endpoint health checks
• Infrastructure validation (DNS, CNAME, SSL connectivity)
• Confidence metrics: 100% = production ready

Housekeeping

• Removed misplaced components/deploy.yml duplicate
• Updated README with deployment documentation
• Explicit workflow permissions for security compliance

Example: Health Endpoint

location /health {
    access_log off;
    add_header Content-Type application/json;
    return 200 '{"status":"healthy","timestamp":"$time_iso8601"}';
}

Required Secrets

• AZURE_CREDENTIALS - Azure service principal JSON (format documented in workflow)

Original prompt

The repository aims to deploy and manage an AI Dashboard application effectively within Azure infrastructure. From the evidence gathered:

1. The repository involves multiple deployment phases, including resource group creation, DNS configurations, and SSL certificate management.
2. The README contains instructions for local environment setups but lacks concrete automated deployment workflows.
3. TypeScript files like PhaseTracker.tsx and BackboneDeclaration.tsx suggest infrastructure readiness with real-time status monitoring but no CI/CD integration.
4. The repository hosts DNS health checks and automated verification from assets such as EndpointHealth.tsx.

Task Requirements:

1. Develop and commit a workflow for deploying the dashboard via CI/CD using GitHub Actions integrated with Azure platform services.
   • Trigger the workflow on code pushes to branches such as main.
   • Containerize the app using Docker or comparable solutions.
   • Incorporate Azure service connections, such as their WebApp configurations, database setups, and resource dependencies.
   • Automate DNS records and SSL verifications listed in the CNAME steps for production readiness.
2. Provide verification test suites for a Production Ready (tested, reachable endpoint showcasing 100% confidence metrics).

This pull request was created as a result of the following prompt from Copilot chat.

The repository aims to deploy and manage an AI Dashboard application effectively within Azure infrastructure. From the evidence gathered:

1. The repository involves multiple deployment phases, including resource group creation, DNS configurations, and SSL certificate management.
2. The README contains instructions for local environment setups but lacks concrete automated deployment workflows.
3. TypeScript files like PhaseTracker.tsx and BackboneDeclaration.tsx suggest infrastructure readiness with real-time status monitoring but no CI/CD integration.
4. The repository hosts DNS health checks and automated verification from assets such as EndpointHealth.tsx.

Task Requirements:

1. Develop and commit a workflow for deploying the dashboard via CI/CD using GitHub Actions integrated with Azure platform services.
   • Trigger the workflow on code pushes to branches such as main.
   • Containerize the app using Docker or comparable solutions.
   • Incorporate Azure service connections, such as their WebApp configurations, database setups, and resource dependencies.
   • Automate DNS records and SSL verifications listed in the CNAME steps for production readiness.
2. Provide verification test suites for a Production Ready (tested, reachable endpoint showcasing 100% confidence metrics).

---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

[SULIMAN ALSHAMMARI (Grar00t)]

Copilot مرحبا