diff --git a/.github/workflows/build-and-stage.yml b/.github/workflows/build-and-stage.yml index 2c64dccd..fbe4a86a 100644 --- a/.github/workflows/build-and-stage.yml +++ b/.github/workflows/build-and-stage.yml @@ -1,46 +1,33 @@ name: Build and stage on: - pull_request: + push: branches: - main - push: + pull_request: branches: - - main + - main concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true permissions: - contents: 'read' - pull-requests: 'write' + contents: read + pull-requests: write env: IMAGE_NAME: initializr-web IMAGE_TAG: ${{ github.event_name == 'pull_request' && format('pr-{0}', github.event.number) || github.run_id }} - HAS_AZURE_CREDENTIALS: secrets.AZURE_CREDENTIALS != '' jobs: - build-push-deploy: + build-push: name: Build and push image - environment: - name: ${{ github.event_name == 'pull_request' && format('pr-{0}', github.event.number) || vars.STAGING_SLOT_NAME }} - url: ${{ steps.deploy-to-webapp.outputs.webapp-url }} - env: - SLOT_NAME: ${{ github.event_name == 'pull_request' && format('pr-{0}', github.event.number) || vars.STAGING_SLOT_NAME }} runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - name: Login to Azure - if: ${{ env.HAS_AZURE_CREDENTIALS }} - uses: azure/login@v1 - with: - creds: ${{ secrets.AZURE_CREDENTIALS }} - - name: Login to container registry - if: ${{ env.HAS_AZURE_CREDENTIALS }} uses: azure/docker-login@v1 with: login-server: "${{ vars.DOCKER_REGISTRY }}" @@ -51,24 +38,41 @@ jobs: run: docker build . --file "Dockerfile" -t ${{ vars.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }} - name: Push image - if: ${{ env.HAS_AZURE_CREDENTIALS }} run: docker push ${{ vars.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }} + deploy: + if: ${{ github.secret_source == 'Actions' }} + name: Deploy + environment: + name: ${{ github.event_name == 'pull_request' && format('pr-{0}', github.event.number) || vars.STAGING_SLOT_NAME }} + url: ${{ steps.deploy-to-webapp.outputs.webapp-url }} + env: + SLOT_NAME: ${{ github.event_name == 'pull_request' && format('pr-{0}', github.event.number) || vars.STAGING_SLOT_NAME }} + needs: build-push + runs-on: ubuntu-latest + steps: + - name: Login to Azure + uses: azure/login@v2 + with: + creds: ${{ secrets.AZURE_CREDENTIALS }} + - name: If PR, create a new staging slot - if: ${{ github.event_name == 'pull_request' && env.HAS_AZURE_CREDENTIALS }} + if: ${{ github.event_name == 'pull_request' }} run: az webapp deployment slot create --resource-group ${{ vars.AZURE_RESOURCE_GROUP }} --name ${{ vars.AZURE_WEBAPP_NAME}} --slot ${{ env.SLOT_NAME }} --configuration-source ${{ vars.STAGING_SLOT_NAME }} - name: Deploy to staging slot - if: ${{ env.HAS_AZURE_CREDENTIALS }} - uses: azure/webapps-deploy@v3 id: deploy-to-webapp + uses: azure/webapps-deploy@v3 with: app-name: ${{ vars.AZURE_WEBAPP_NAME }} images: ${{ vars.DOCKER_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }} slot-name: ${{ env.SLOT_NAME }} + + # Need to pair with a custom InitializrService address? + # az webapp config appsettings set --resource-group steeltoe --name initializr-web --slot Staging --settings "INITIALIZR_SERVICE_HOST=initializr-service-pr-99.azurewebsites.net" "INITIALIZR_SERVICE_URI=https://initializr-service-pr-99.azurewebsites.net/api/" - name: If PR, comment with the preview link - if: ${{ github.event_name == 'pull_request' && env.HAS_AZURE_CREDENTIALS }} + if: ${{ github.event_name == 'pull_request' }} uses: mshick/add-pr-comment@v2 with: message: | @@ -79,4 +83,3 @@ jobs: > *This is an automated message.* repo-token: ${{ secrets.GITHUB_TOKEN }} - \ No newline at end of file diff --git a/.github/workflows/pr-cleanup.yml b/.github/workflows/pr-cleanup.yml index 80f3a77c..bf4b9122 100644 --- a/.github/workflows/pr-cleanup.yml +++ b/.github/workflows/pr-cleanup.yml @@ -2,7 +2,8 @@ name: Delete a preview environment on: pull_request: - types: [closed] + types: + - closed env: SLOT_NAME: pr-${{ github.event.number }} @@ -13,7 +14,7 @@ jobs: steps: - name: Log into Azure CLI with service principal - uses: azure/login@v1 + uses: azure/login@v2 with: creds: ${{ secrets.AZURE_CREDENTIALS }} @@ -22,6 +23,7 @@ jobs: delete-deployment: runs-on: ubuntu-latest + permissions: write-all steps: - name: Delete Deployment Environment @@ -29,4 +31,3 @@ jobs: with: environment: "pr-${{ github.event.number }}" token: ${{ secrets.GITHUB_TOKEN }} - onlyRemoveDeployments: true diff --git a/.github/workflows/stage-prod-swap.yml b/.github/workflows/stage-prod-swap.yml index d917fe43..d69fc3be 100644 --- a/.github/workflows/stage-prod-swap.yml +++ b/.github/workflows/stage-prod-swap.yml @@ -8,15 +8,32 @@ jobs: name: Promote to production runs-on: ubuntu-latest environment: - name: 'Production' + name: Production url: 'https://${{ vars.AZURE_WEBAPP_NAME }}.azurewebsites.net/' steps: - name: Log into Azure CLI with service principal - uses: azure/login@v1 + uses: azure/login@v2 with: creds: ${{ secrets.AZURE_CREDENTIALS }} + - name: Change InitializrService link to prod and restart + shell: bash + run: | + az webapp config appsettings set --resource-group steeltoe --name initializr-web --slot Staging --settings "INITIALIZR_SERVICE_HOST=initializr-service.azurewebsites.net" "INITIALIZR_SERVICE_URI=https://initializr-service.azurewebsites.net/api/" + az webapp restart --resource-group steeltoe --name initializr-web --slot Staging + echo "Waiting 60 seconds until beginning to curl to see if the site is back up" + sleep 60 + until $(curl --output /dev/null --silent --head --fail https://start-staging.steeltoe.io); do + printf '.' + sleep 5 + done + - name: Swap slots run: az webapp deployment slot swap -s ${{ vars.STAGING_SLOT_NAME }} -n ${{ vars.AZURE_WEBAPP_NAME }} -g ${{ vars.AZURE_RESOURCE_GROUP }} + + - name: Change InitializrService link to staging and restart + run: | + az webapp config appsettings set --resource-group steeltoe --name initializr-web --slot Staging --settings "INITIALIZR_SERVICE_HOST=initializr-service-staging.azurewebsites.net" "INITIALIZR_SERVICE_URI=https://initializr-service-staging.azurewebsites.net/api/" + az webapp restart --resource-group steeltoe --name initializr-web --slot Staging \ No newline at end of file