changed azure subscription #44
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow will build and push a Docker container to an Azure Web App when a commit is pushed to your default branch. | |
| # | |
| # This workflow assumes you have already created the target Azure App Service web app. | |
| # For instructions see https://docs.microsoft.com/en-us/azure/app-service/quickstart-custom-container?tabs=dotnet&pivots=container-linux | |
| # | |
| # To configure this workflow: | |
| # | |
| # 1. Download the Publish Profile for your Azure Web App. You can download this file from the Overview page of your Web App in the Azure Portal. | |
| # For more information: https://docs.microsoft.com/en-us/azure/app-service/deploy-github-actions?tabs=applevel#generate-deployment-credentials | |
| # | |
| # 2. Create a secret in your repository named AZURE_WEBAPP_PUBLISH_PROFILE, paste the publish profile contents as the value of the secret. | |
| # For instructions on obtaining the publish profile see: https://docs.microsoft.com/azure/app-service/deploy-github-actions#configure-the-github-secret | |
| # | |
| # 3. Create a GitHub Personal access token with "repo" and "read:packages" permissions. | |
| # | |
| # 4. Create three app settings on your Azure Web app: | |
| # DOCKER_REGISTRY_SERVER_URL: Set this to "https://ghcr.io" | |
| # DOCKER_REGISTRY_SERVER_USERNAME: Set this to the GitHub username or organization that owns the repository | |
| # DOCKER_REGISTRY_SERVER_PASSWORD: Set this to the value of your PAT token from the previous step | |
| # | |
| # 5. Change the value for the AZURE_WEBAPP_NAME. | |
| # | |
| # For more information on GitHub Actions for Azure: https://github.com/Azure/Actions | |
| # For more information on the Azure Web Apps Deploy action: https://github.com/Azure/webapps-deploy | |
| # For more samples to get started with GitHub Action workflows to deploy to Azure: https://github.com/Azure/actions-workflow-samples | |
| name: Build and deploy a container to an Azure Web App | |
| env: | |
| AZURE_WEBAPP_NAME: KickeventBackend | |
| JWT_SECRET: ${{ secrets.JWT_SECRET }} | |
| KEYSTORE_PASS: ${{ secrets.KEYSTORE_PASS }} | |
| MYSQL_PASSWORD: ${{ secrets.MYSQL_PASSWORD }} | |
| MYSQL_USER: ${{ secrets.MYSQL_USER }} | |
| on: | |
| push: | |
| branches: [ "master" ] | |
| workflow_dispatch: | |
| permissions: | |
| contents: read | |
| packages: write | |
| id-token: write | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 | |
| - name: Log in to GitHub container registry | |
| uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ github.token }} | |
| - name: Lowercase the repo name and username | |
| run: echo "REPO=${GITHUB_REPOSITORY,,}" >>${GITHUB_ENV} | |
| - name: Curl Runner Ip | |
| run: echo "agentIP=$(curl -s https://api.ipify.org/)" >>${GITHUB_ENV} | |
| - name: Azure Login | |
| uses: azure/login@v1 | |
| with: | |
| client-id: ${{ secrets.AZURE_CLIENT_ID }} | |
| tenant-id: ${{ secrets.AZURE_TENANT_ID }} | |
| subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
| enable-AzPSSession: true | |
| - name: Whitelist Github Runner IP | |
| uses: azure/CLI@v1 | |
| with: | |
| inlineScript: | | |
| az account set --subscription "Azure for Students" | |
| az sql server firewall-rule create \ | |
| --resource-group "${{ secrets.AZURE_RESSOURCE_GROUP }}" \ | |
| --name "${{ secrets.AZURE_RULE_NAME }}" \ | |
| --server "${{ secrets.AZURE_SERVER_NAME }}" \ | |
| --start-ip-address ${{ env.agentIP }} \ | |
| --end-ip-address ${{ env.agentIP }} | |
| - name: Build and push container image to registry | |
| uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 | |
| env: | |
| JWT_SECRET: ${{ secrets.JWT_SECRET }} | |
| KEYSTORE_PASS: ${{ secrets.KEYSTORE_PASS }} | |
| MYSQL_PASSWORD: ${{ secrets.MYSQL_PASSWORD }} | |
| MYSQL_USER: ${{ secrets.MYSQL_USER }} | |
| with: | |
| push: true | |
| tags: ghcr.io/${{ env.REPO }}:${{ github.sha }} | |
| file: ./Dockerfile | |
| secrets: | | |
| JWT_SECRET=${{ secrets.JWT_SECRET }} | |
| KEYSTORE_PASS=${{ secrets.KEYSTORE_PASS }} | |
| MYSQL_PASSWORD=${{ secrets.MYSQL_PASSWORD }} | |
| MYSQL_USER=${{ secrets.MYSQL_USER }} | |
| - name: Remove GitHub Runner IP from Whitelist | |
| if: always() | |
| uses: azure/CLI@v1 | |
| with: | |
| inlineScript: | | |
| az account set --subscription "Azure for Students" | |
| az sql server firewall-rule delete \ | |
| --resource-group "${{ secrets.AZURE_RESSOURCE_GROUP }}" \ | |
| --name "${{ secrets.AZURE_RULE_NAME }}" \ | |
| --server "${{ secrets.AZURE_SERVER_NAME }}" \ | |
| deploy: | |
| permissions: | |
| contents: none | |
| runs-on: ubuntu-latest | |
| needs: build | |
| environment: | |
| name: 'Development' | |
| url: ${{ steps.deploy-to-webapp.outputs.webapp-url }} | |
| steps: | |
| - name: Lowercase the repo name and username | |
| run: echo "REPO=${GITHUB_REPOSITORY,,}" >>${GITHUB_ENV} | |
| - name: Deploy to Azure Web App | |
| id: deploy-to-webapp | |
| uses: azure/webapps-deploy@v2 | |
| with: | |
| app-name: ${{ env.AZURE_WEBAPP_NAME }} | |
| publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }} | |
| images: 'ghcr.io/${{ env.REPO }}:${{ github.sha }}' |