fix(runtime): escape nginx variables in generated api-proxy.conf #44

Workflow file for this run

.github/workflows/docker-deploy.yml at c3cd6dd

	name: Build and deploy containers to Azure

	on:
	push:
	branches: [ main ]

	jobs:
	build-and-push:
	runs-on: ubuntu-latest
	env:
	REGISTRY: tpsappscriptingacr.azurecr.io
	outputs:
	registry: ${{ steps.registry.outputs.registry }}
	steps:
	- uses: actions/checkout@v4

	- name: Assert required ACR secrets are set
	run: \|
	if [ -z "${{ secrets.ACR_USERNAME }}" ]; then echo "ERROR: secrets.ACR_USERNAME is not set"; exit 1; fi
	if [ -z "${{ secrets.ACR_PASSWORD }}" ]; then echo "ERROR: secrets.ACR_PASSWORD is not set"; exit 1; fi

	- name: Determine registry to use
	id: registry
	run: \|
	if [ -n "${{ secrets.ACR_LOGIN_SERVER }}" ]; then echo "registry=${{ secrets.ACR_LOGIN_SERVER }}" >> $GITHUB_OUTPUT; else echo "registry=${{ env.REGISTRY }}" >> $GITHUB_OUTPUT; fi

	- name: Log in to Azure Container Registry
	uses: azure/docker-login@v1
	with:
	login-server: ${{ steps.registry.outputs.registry }}
	username: ${{ secrets.ACR_USERNAME }}
	password: ${{ secrets.ACR_PASSWORD }}

	- name: Build and push editor image
	run: \|
	docker build \
	--build-arg VITE_APP_BUILD_TIME=${{ github.event.head_commit.timestamp }} \
	--build-arg VITE_APP_COMMIT_SHA=${{ github.sha }} \
	--build-arg VITE_APP_VERSION=1.0.0 \
	-t ${{ steps.registry.outputs.registry }}/app-scripting-editor:latest .
	docker push ${{ steps.registry.outputs.registry }}/app-scripting-editor:latest

	- name: Build and push editor-api image
	run: \|
	docker build \
	--build-arg REGISTRY=${{ steps.registry.outputs.registry }} \
	--build-arg VITE_APP_BUILD_TIME=${{ github.event.head_commit.timestamp }} \
	--build-arg VITE_APP_COMMIT_SHA=${{ github.sha }} \
	--build-arg VITE_APP_VERSION=1.0.0 \
	-t ${{ steps.registry.outputs.registry }}/app-scripting-editor-api:latest -f server/Dockerfile .
	docker push ${{ steps.registry.outputs.registry }}/app-scripting-editor-api:latest

	deploy-to-appservice:
	needs: build-and-push
	runs-on: ubuntu-latest
	steps:
	- name: Check required App Service secrets
	id: check-secrets
	run: \|
	if [ -z "${{ secrets.EDITOR_APP_NAME }}" ] \|\| [ -z "${{ secrets.RESOURCE_GROUP }}" ] \|\| [ -z "${{ secrets.EDITOR_API_APP_NAME }}" ]; then
	echo "deploy_ready=false" >> $GITHUB_OUTPUT
	echo "One or more App Service secrets are missing; skipping deploy steps."
	else
	echo "deploy_ready=true" >> $GITHUB_OUTPUT
	fi

	- name: Azure Login
	if: ${{ steps.check-secrets.outputs.deploy_ready == 'true' }}
	uses: azure/login@v1
	with:
	creds: ${{ secrets.AZURE_CREDENTIALS }}

	- name: Deploy editor to App Service (container)
	if: ${{ steps.check-secrets.outputs.deploy_ready == 'true' }}
	run: \|
	# Deploy the API image to the public editor App Service so the same hostname serves the SPA and the /api endpoints.
	az webapp config container set --name ${{ secrets.EDITOR_APP_NAME }} --resource-group ${{ secrets.RESOURCE_GROUP }} --docker-custom-image-name ${{ needs.build-and-push.outputs.registry }}/app-scripting-editor-api:latest

	- name: Set WEBSITES_PORT for editor (public) app
	if: ${{ steps.check-secrets.outputs.deploy_ready == 'true' }}
	run: \|
	echo "Setting WEBSITES_PORT=4000 for ${{ secrets.EDITOR_APP_NAME }}"
	az webapp config appsettings set --name ${{ secrets.EDITOR_APP_NAME }} --resource-group ${{ secrets.RESOURCE_GROUP }} --settings WEBSITES_PORT=4000

	- name: Deploy editor-api to App Service (container)
	if: ${{ steps.check-secrets.outputs.deploy_ready == 'true' }}
	run: \|
	az webapp config container set --name ${{ secrets.EDITOR_API_APP_NAME }} --resource-group ${{ secrets.RESOURCE_GROUP }} --docker-custom-image-name ${{ needs.build-and-push.outputs.registry }}/app-scripting-editor-api:latest

	- name: Set WEBSITES_PORT for editor-api
	if: ${{ steps.check-secrets.outputs.deploy_ready == 'true' }}
	run: \|
	echo "Setting WEBSITES_PORT=4000 for ${EDITOR_API_APP_NAME}"
	az webapp config appsettings set --name ${{ secrets.EDITOR_API_APP_NAME }} --resource-group ${{ secrets.RESOURCE_GROUP }} --settings WEBSITES_PORT=4000

	- name: Smoke test editor-api
	if: ${{ steps.check-secrets.outputs.deploy_ready == 'true' }}
	run: \|
	host=$(az webapp show --name ${{ secrets.EDITOR_API_APP_NAME }} --resource-group ${{ secrets.RESOURCE_GROUP }} --query defaultHostName -o tsv)
	echo "Testing https://$host/api/health"
	for i in 1 2 3 4 5 6 7 8 9 10; do
	status=$(curl -s -o /dev/null -w "%{http_code}" "https://$host/api/health" \|\| echo "000")
	if [ "$status" = "200" ]; then
	echo "OK: health returned 200"
	exit 0
	fi
	echo "Attempt $i: status=$status; retrying in 5s..."
	sleep 5
	done
	echo "ERROR: editor-api did not become healthy"
	az webapp log tail --name ${{ secrets.EDITOR_API_APP_NAME }} --resource-group ${{ secrets.RESOURCE_GROUP }} &
	exit 1

	- name: Smoke test public editor app
	if: ${{ steps.check-secrets.outputs.deploy_ready == 'true' }}
	run: \|
	host=$(az webapp show --name ${{ secrets.EDITOR_APP_NAME }} --resource-group ${{ secrets.RESOURCE_GROUP }} --query defaultHostName -o tsv)
	echo "Testing https://$host/api/health"
	for i in 1 2 3 4 5 6 7 8 9 10; do
	status=$(curl -s -o /dev/null -w "%{http_code}" "https://$host/api/health" \|\| echo "000")
	if [ "$status" = "200" ]; then
	echo "OK: public editor health returned 200"
	exit 0
	fi
	echo "Attempt $i: status=$status; retrying in 5s..."
	sleep 5
	done
	echo "ERROR: public editor did not become healthy"
	az webapp log tail --name ${{ secrets.EDITOR_APP_NAME }} --resource-group ${{ secrets.RESOURCE_GROUP }} &
	exit 1

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

fix(runtime): escape nginx variables in generated api-proxy.conf #44

Workflow file

fix(runtime): escape nginx variables in generated api-proxy.conf #44

Uh oh!

Workflow file for this run