Merge pull request #7 from workcontrolgit/develop

Add manual workflow to deploy Bicep infrastructure

Author: workcontrolgit

.github/workflows/deploy-infra.yml

@@ -0,0 +1,48 @@
+name: Deploy Azure Infrastructure (Bicep)
+
+on:
+  workflow_dispatch:
+    inputs:
+      environment:
+        description: 'Target environment'
+        required: true
+        default: 'dev'
+        type: choice
+        options:
+          - dev
+
+permissions:
+  id-token: write   # Required for OIDC token request
+  contents: read
+
+env:
+  RESOURCE_GROUP: 'rg-talent-dev'
+  BICEP_FILE: 'infra/main.bicep'
+  PARAMS_FILE: 'infra/parameters/dev.bicepparam'
+
+jobs:
+  deploy-infrastructure:
+    name: Deploy Bicep Infrastructure
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Log in to Azure
+        uses: azure/login@v2
+        with:
+          client-id: ${{ secrets.AZURE_CLIENT_ID }}
+          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+
+      - name: Deploy Bicep
+        env:
+          SQL_PASSWORD: ${{ secrets.SQL_ADMIN_PASSWORD }}
+        run: |
+          az deployment group create \
+            --resource-group ${{ env.RESOURCE_GROUP }} \
+            --template-file ${{ env.BICEP_FILE }} \
+            --parameters ${{ env.PARAMS_FILE }} \
+            --parameters sqlAdminPassword="$SQL_PASSWORD" \
+            --output json