Exercise 13 #49

	name: Continuous Integration

	on:
	push:
	paths-ignore:
	- "ansible"
	- "README.md"
	pull_request:
	paths-ignore:
	- "ansible"
	- "README.md"

	jobs:
	test:
	name: Build docker image and run tests
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- run: docker build --target test --tag todo-app:test .
	- run: docker run --env-file .env.test todo-app:test
	- run: docker run --entrypoint poetry todo-app:test run safety check
	continue-on-error: true

	build-and-push:
	name: Build docker image and push to docker hub
	runs-on: ubuntu-latest
	needs: test
	if: github.ref_name == github.event.repository.default_branch
	steps:
	- name: Set up QEMU
	uses: docker/setup-qemu-action@v3
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3
	- name: Login to Docker Hub
	uses: docker/login-action@v3
	with:
	username: aleyipsoftwire
	password: ${{ secrets.DOCKER_HUB_PAT }}
	- name: Build and push
	uses: docker/build-push-action@v6
	with:
	push: true
	tags: aleyipsoftwire/todo-app:prod

	apply-terraform-and-deploy:
	name: Apply terraform changes and deploy to Azure
	runs-on: ubuntu-latest
	needs: build-and-push
	env:
	ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
	ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
	ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
	ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
	steps:
	- uses: actions/checkout@v4
	- name: Initialise terraform
	run: terraform init
	- name: Apply terraform changes
	env:
	TF_VAR_prefix: "live"
	run: terraform apply -auto-approve
	- name: Release to Azure
	run: curl -X POST "$(terraform output -raw webhook_url)"

Provide feedback