ci(deploy): assert App Service secrets before calling az #19
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and deploy containers to Azure | |
| on: | |
| push: | |
| branches: [ main ] | |
| jobs: | |
| build-and-push: | |
| runs-on: ubuntu-latest | |
| env: | |
| REGISTRY: tpsappscriptingacr.azurecr.io | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Assert required ACR secrets are set | |
| run: | | |
| if [ -z "${{ secrets.ACR_USERNAME }}" ]; then echo "ERROR: secrets.ACR_USERNAME is not set"; exit 1; fi | |
| if [ -z "${{ secrets.ACR_PASSWORD }}" ]; then echo "ERROR: secrets.ACR_PASSWORD is not set"; exit 1; fi | |
| - name: Determine registry to use | |
| id: registry | |
| run: | | |
| if [ -n "${{ secrets.ACR_LOGIN_SERVER }}" ]; then echo "registry=${{ secrets.ACR_LOGIN_SERVER }}" >> $GITHUB_OUTPUT; else echo "registry=${{ env.REGISTRY }}" >> $GITHUB_OUTPUT; fi | |
| - name: Log in to Azure Container Registry | |
| uses: azure/docker-login@v1 | |
| with: | |
| login-server: ${{ steps.registry.outputs.registry }} | |
| username: ${{ secrets.ACR_USERNAME }} | |
| password: ${{ secrets.ACR_PASSWORD }} | |
| - name: Build and push editor image | |
| run: | | |
| docker build -t ${{ steps.registry.outputs.registry }}/app-scripting-editor:latest . | |
| docker push ${{ steps.registry.outputs.registry }}/app-scripting-editor:latest | |
| - name: Build and push editor-api image | |
| run: | | |
| docker build -t ${{ steps.registry.outputs.registry }}/app-scripting-editor-api:latest ./server | |
| docker push ${{ steps.registry.outputs.registry }}/app-scripting-editor-api:latest | |
| deploy-to-appservice: | |
| needs: build-and-push | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Azure Login | |
| uses: azure/login@v1 | |
| with: | |
| creds: ${{ secrets.AZURE_CREDENTIALS }} | |
| - name: Assert required App Service secrets are set | |
| run: | | |
| if [ -z "${{ secrets.EDITOR_APP_NAME }}" ]; then echo "ERROR: secrets.EDITOR_APP_NAME is not set"; exit 1; fi | |
| if [ -z "${{ secrets.RESOURCE_GROUP }}" ]; then echo "ERROR: secrets.RESOURCE_GROUP is not set"; exit 1; fi | |
| if [ -z "${{ secrets.EDITOR_API_APP_NAME }}" ]; then echo "ERROR: secrets.EDITOR_API_APP_NAME is not set"; exit 1; fi | |
| - name: Deploy editor to App Service (container) | |
| run: | | |
| az webapp config container set --name ${{ secrets.EDITOR_APP_NAME }} --resource-group ${{ secrets.RESOURCE_GROUP }} --docker-custom-image-name ${{ steps.registry.outputs.registry }}/app-scripting-editor:latest | |
| - name: Deploy editor-api to App Service (container) | |
| run: | | |
| az webapp config container set --name ${{ secrets.EDITOR_API_APP_NAME }} --resource-group ${{ secrets.RESOURCE_GROUP }} --docker-custom-image-name ${{ steps.registry.outputs.registry }}/app-scripting-editor-api:latest |