update workflow

Author: thomast1906

.github/workflows/README.md

@@ -0,0 +1,98 @@
+# GitHub Actions Workflows
+
+This directory contains GitHub Actions workflows for the DevOps The Hard Way - Azure tutorial.
+
+## 📋 Workflow Files
+
+### 🔧 `main.yml` - Tutorial Example Workflow
+**Purpose**: Educational content demonstrating CI/CD pipeline setup
+**Status**: ⚠️ **DISABLED** - Tutorial content only
+
+This workflow is provided as an example for learning purposes and is **not intended to run** in this tutorial repository.
+
+**Features:**
+- Terraform deployment automation
+- Azure OIDC authentication
+- Static code analysis hooks (commented)
+- Terraform documentation generation hooks (commented)
+
+**To Use This Workflow:**
+1. Fork or copy this repository to your own GitHub account
+2. Set up Azure OIDC authentication (see tutorial)
+3. Enable the workflow by modifying the `on:` triggers
+4. Customize the configuration for your environment
+
+### 🚀 `deploy-full.yml` - Complete Deployment Pipeline
+**Purpose**: Full infrastructure and application deployment
+**Status**: ✅ **ACTIVE** - Manual trigger only
+
+This workflow provides complete deployment automation including:
+- Infrastructure provisioning (ACR, VNET, Log Analytics, AKS)
+- Docker image building and pushing
+- Kubernetes application deployment
+- ALB Controller and Gateway setup
+- Optional resource cleanup
+
+**Triggers:**
+- Manual execution only (`workflow_dispatch`)
+- Environment selection (dev/staging/prod)
+- Optional cleanup after deployment
+
+## 🎓 Educational Notes
+
+### Why Two Workflows?
+
+1. **`main.yml`**: Demonstrates traditional CI/CD patterns
+   - Shows basic Terraform automation
+   - Includes hooks for advanced features
+   - Focuses on single component (AKS)
+   - Educational and reference material
+
+2. **`deploy-full.yml`**: Complete solution approach
+   - Deploys entire infrastructure stack
+   - Production-ready patterns
+   - Multi-environment support
+   - Practical automation tool
+
+### Security Considerations
+
+Both workflows use:
+- ✅ Azure OIDC authentication (no stored secrets)
+- ✅ Least privilege access patterns
+- ✅ Environment-specific configurations
+- ✅ Manual approval workflows for production
+
+### Best Practices Demonstrated
+
+- **Infrastructure as Code**: All resources defined in Terraform
+- **GitOps**: Infrastructure changes through Git workflows
+- **Immutable Infrastructure**: Complete rebuilds vs. updates
+- **Environment Isolation**: Separate state files and configurations
+- **Automated Testing**: Built-in validation and testing steps
+
+## 🔧 Setup Instructions
+
+### For Tutorial Learning:
+1. Study the workflow files as examples
+2. Understand the patterns and practices
+3. Follow the tutorial documentation
+
+### For Practical Use:
+1. Copy/fork this repository
+2. Set up Azure service principal or OIDC
+3. Configure GitHub secrets
+4. Customize for your environment
+5. Enable and run workflows
+
+## 📚 Related Documentation
+
+- [CI/CD Tutorial](../2-Terraform-AZURE-Services-Creation/5-Run-CICD-For-AKS-Cluster.md)
+- [Deployment Scripts](../scripts/README.md)
+- [Azure OIDC Setup](../2-Terraform-AZURE-Services-Creation/scripts/5-create-github-oidc.sh)
+
+## 🤝 Contributing
+
+These workflows are part of the tutorial content. If you find improvements or issues:
+- Open an issue for discussion
+- Submit a pull request with improvements
+- Update related documentation

.github/workflows/main.yml

@@ -1,18 +1,50 @@
-name: Terrform-Deploy
+# TUTORIAL WORKFLOW - NOT ACTIVE
+# This workflow is part of the DevOps The Hard Way tutorial content
+# It is disabled to prevent accidental runs in the tutorial repository
+# Copy this to their own repositories and modify as needed
 
+name: Terraform-Deploy (Tutorial Example)
+
+# This workflow only runs manually and is intended as tutorial content
 on:
-  push:
-    branches:
-      - main
-  pull_request:
-    branches:
-      - main
   workflow_dispatch:
+    inputs:
+      tutorial_mode:
+        description: 'This is a tutorial workflow - copy to your own repo to use'
+        required: true
+        default: 'tutorial-only'
+        type: choice
+        options:
+          - tutorial-only
 
 jobs:
+  tutorial-info:
+    name: ⚠️ Tutorial Workflow Information
+    runs-on: ubuntu-latest
+    if: ${{ github.event.inputs.tutorial_mode == 'tutorial-only' }}
+    
+    steps:
+    - name: Tutorial Information
+      run: |
+        echo "🎓 This is a TUTORIAL workflow from DevOps The Hard Way - Azure"
+        echo ""
+        echo "📋 This workflow is provided as example content for learning purposes."
+        echo "📋 It is not intended to run in the tutorial repository."
+        echo ""
+        echo "✅ To use this workflow:"
+        echo "1. Copy this repository to your own GitHub account"
+        echo "2. Set up Azure OIDC authentication secrets"
+        echo "3. Modify the workflow for your specific needs"
+        echo "4. Update the terraform.tfvars and backend configuration"
+        echo ""
+        echo "📚 For full instructions, see the tutorial documentation."
+        echo ""
+        echo "❌ This workflow will not deploy any resources in tutorial mode."
+
   terraform:
-    name: Terrform-Deploy
+    name: Terraform-Deploy
     runs-on: ubuntu-latest
+    if: ${{ github.event.inputs.tutorial_mode != 'tutorial-only' }}
     permissions:
       contents: write
       id-token: write  # Required for OIDC

2-Terraform-AZURE-Services-Creation/5-Run-CICD-For-AKS-Cluster.md

@@ -67,19 +67,50 @@ In this lab, you'll learn how to create an Azure Kubernetes Service (AKS) cluste
    Note: All three values will be automatically displayed in the output of the `5-create-github-oidc.sh` script, so you can copy them directly from there.
 
 4. **Set Up GitHub Actions Workflow**
-   - Navigate to the Actions tab in your GitHub repository.
-   - Select the existing `CI` workflow.
-   - Choose to run the workflow from the main branch.
+
+   ⚠️ **Important**: The workflow file `.github/workflows/main.yml` in this repository is **tutorial content only** and is disabled to prevent accidental runs.
+   
+   **To use this workflow in your own project:**
+   
+   a) **Copy the Repository**: 
+      - Fork this repository to your own GitHub account, or
+      - Copy the workflow file to your own repository
+   
+   b) **Enable the Workflow**:
+      - Open `.github/workflows/main.yml` in your repository
+      - Remove the `tutorial_mode` input and the tutorial job
+      - Change the `on:` section to:
+        ```yaml
+        on:
+          push:
+            branches:
+              - main
+          pull_request:
+            branches:
+              - main
+          workflow_dispatch:
+        ```
+   
+   c) **Customize for Your Environment**:
+      - Update the `terraform.tfvars` values in the workflow
+      - Update resource group names and storage account names
+      - Modify the backend configuration to match your setup
+   
+   d) **Run the Workflow**:
+      - Navigate to the Actions tab in your GitHub repository
+      - Select the `Terraform-Deploy` workflow
+      - Choose to run the workflow manually or trigger via push/PR
 
 ## 🔍 Verification
-After running the workflow:
-1. Check the GitHub Actions logs for successful completion.
+**Note**: Since the workflow in this tutorial repository is disabled, these verification steps apply when you run the workflow in your own repository:
+
+1. Check the GitHub Actions logs in your repository for successful completion.
 2. Log into the [Azure Portal](https://portal.azure.com)
 3. Navigate to Kubernetes services
 4. Verify that your new AKS cluster has been updated or created.
 
 ### 🧠 Knowledge Check
-The GitHub Actions workflow:
+The GitHub Actions workflow (when enabled in your own repository):
 - [ ] Triggers manually (`workflow_dispatch`) or on pull requests/pushes to main
 - [ ] Checks out the code
 - [ ] Authenticates with Azure using OIDC (no secrets stored in GitHub)

README.md

@@ -83,6 +83,8 @@ Before you start, ensure you have the following [prerequisites](https://github.c
 
 5. **CICD** - Automatically update AKS cluster with CICD using GitHub Actions
     - [ ] [Create a GitHub Actions CICD pipeline](https://github.com/thomast1906/DevOps-The-Hard-Way-Azure/blob/main/2-Terraform-AZURE-Services-Creation/5-Run-CICD-For-AKS-Cluster.md)
+    
+    ⚠️ **Note**: The GitHub Actions workflows in this repository are **tutorial content only** and are disabled to prevent accidental runs. To use them, copy this repository to your own account and follow the instructions in the tutorial.
 
 6. **Terraform Documentation** - Automate Terraform documentation generation
     - [ ] [Set Up Terraform-docs with GitHub Actions](https://github.com/thomast1906/DevOps-The-Hard-Way-Azure/blob/main/6-Terraform-Docs/1-Setup-Terraform-Docs.md)