fixup! amend! deploy: allow deploying in forks #14
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy to Azure | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: | |
| - main | |
| paths: | |
| - '.funcignore' | |
| - '.github/workflows/deploy.yml' | |
| - 'GitGitGadget/**' | |
| permissions: | |
| contents: read | |
| id-token: write | |
| jobs: | |
| deploy: | |
| if: github.event.repository.fork == false || vars.DEPLOY_WITH_WORKFLOWS != '' | |
| environment: deploy-to-azure | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - name: parse DEPLOY_WITH_WORKFLOWS | |
| if: vars.DEPLOY_WITH_WORKFLOWS != '' && contains(vars.DEPLOY_WITH_WORKFLOWS, '/') | |
| id: parsed | |
| run: | | |
| echo "owner=${WORKFLOWS_REPO%%/*}" >>$GITHUB_OUTPUT && | |
| echo "name=${WORKFLOWS_REPO#*/}" >>$GITHUB_OUTPUT | |
| - uses: actions/create-github-app-token@v1 | |
| if: steps.parsed.outputs.owner != '' && env.GITHUB_APP_ID != '' && env.GITHUB_APP_PRIVATE_KEY != '' | |
| id: workflows-repo-token | |
| with: | |
| app-id: ${{ secrets.GITGITGADGET_GITHUB_APP_ID }} | |
| private-key: ${{ secrets.GITGITGADGET_GITHUB_APP_PRIVATE_KEY }} | |
| owner: ${{ steps.parsed.outputs.owner }} | |
| repositories: ${{ steps.parsed.outputs.name }} | |
| - name: retrieve `vars.CONFIG` from workflows repo | |
| if: vars.DEPLOY_WITH_WORKFLOWS != '' | |
| env: | |
| WORKFLOWS_REPO: '${{ vars.DEPLOY_WITH_WORKFLOWS }}' | |
| GH_TOKEN: ${{ steps.workflows-repo-token.outputs.token || secrets.GITHUB_TOKEN }} | |
| run: | | |
| set -x && | |
| if ! CONFIG="$(gh variable get CONFIG --repo "$WORKFLOWS_REPO")" | |
| then | |
| echo "::warning::Could not retrieve variable CONFIG from $WORKFLOWS_REPO (please configure GITHUB_APP_ID and GITHUB_APP_PRIVATE_KEY)" | |
| CONFIG="$(cat GitGitGadget/gitgitgadget-config.json)" | |
| fi && | |
| jq '. + { | |
| "workflowsRepo": { | |
| "owner": "${{ steps.parsed.outputs.owner }}", | |
| "name": "${{ steps.parsed.outputs.name }}" | |
| } | |
| }' <<<"$CONFIG" >GitGitGadget/gitgitgadget-config.json && | |
| echo "Using the following configuration:" && | |
| cat GitGitGadget/gitgitgadget-config.json | |
| - name: 'Login via Azure CLI' | |
| uses: azure/login@v2 | |
| with: | |
| client-id: ${{ secrets.AZURE_CLIENT_ID }} | |
| tenant-id: ${{ secrets.AZURE_TENANT_ID }} | |
| subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
| - uses: Azure/functions-action@v1 | |
| with: | |
| app-name: ${{ secrets.AZURE_FUNCTION_NAME || 'GitGitGadget' }} | |
| respect-funcignore: true |