1+ # We only want to run this script manually.
2+ on:
3+ workflow_dispatch
4+
5+ # Environment variables are defined in an "env" section.
6+ # We set the target environment to dev.
7+ # Open the deploy-advanced.yml file to see how we can accept user input
8+ # instead of needing to change this file to switch environments.
9+ env:
10+ targetEnv: dev
11+
12+ # The overall workflow name will be Azure Bicep. This will show up in the
13+ # GitHub Action page.
14+ name: Azure Bicep
15+ jobs:
16+ # This script has one job: build and deploy the IaC resources
17+ build-and-deploy:
18+ # We run this on an Ubuntu-based GitHub hosted runner. This hosted runner
19+ # has certain software already installed, including az cli
20+ runs-on: ubuntu-latest
21+ steps:
22+ # Check out the code. This grabs code from the repository and
23+ # makes it available to the GitHub hosted runner. It will usually be the
24+ # first task for any workflow
25+ - uses: actions/checkout@main
26+
27+ # Log into Azure using a federated credential. We have already set up the
28+ # federation process in a prior step, so we need to pass in the following:
29+ # Client ID = Application registration ID
30+ # Tenant ID = Application owner organization ID (previously called Tenant ID in Azure)
31+ # Subscription ID
32+ # https://github.com/azure/login
33+ 34+ with:
35+ client-id: $
36+ tenant-id: $
37+ subscription-id: $
38+ # We also need to ensure that enable-AzPSSession is true. This is important for
39+ # using OIDC in Azure. If we were to pass in a client secret instead, we would not need
40+ # this setting enabled
41+ enable-AzPSSession: true
42+
43+ # Deploy ARM template
44+ - name: Run ARM deploy
45+ # https://github.com/azure/arm-deploy
46+ uses: azure/arm-deploy@v1
47+ with:
48+ subscriptionId: $
49+ resourceGroupName: $
50+ template: ./InfrastructureAsCode/main.bicep
51+ # Use the environment variable called targetEnv
52+ parameters: environment=$
0 commit comments