AngularNetTutorial/.github/workflows/deploy-infra.yml at master · workcontrolgit/AngularNetTutorial · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
name: Deploy Azure Infrastructure (Bicep)

on:
  workflow_dispatch:
    inputs:
      environment:
        description: 'Target environment'
        required: true
        default: 'dev'
        type: choice
        options:
          - dev

permissions:
  id-token: write   # Required for OIDC token request
  contents: read

env:
  RESOURCE_GROUP: 'rg-talent-dev'
  BICEP_FILE: 'infra/main.bicep'
  PARAMS_FILE: 'infra/parameters/dev.bicepparam'

jobs:
  deploy-infrastructure:
    name: Deploy Bicep Infrastructure
    runs-on: ubuntu-latest

    steps:
      - name: Checkout repository
        uses: actions/checkout@v4

      - name: Log in to Azure
        uses: azure/login@v2
        with:
          client-id: ${{ secrets.AZURE_CLIENT_ID }}
          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}

      - name: Deploy Bicep
        env:
          # readEnvironmentVariable('SQL_ADMIN_PASSWORD') in dev.bicepparam reads this
          SQL_ADMIN_PASSWORD: ${{ secrets.SQL_ADMIN_PASSWORD }}
        run: |
          az deployment group create \
            --resource-group ${{ env.RESOURCE_GROUP }} \
            --template-file ${{ env.BICEP_FILE }} \
            --parameters ${{ env.PARAMS_FILE }} \
            --output json