name: Deploy App on: workflow_dispatch: push: branches: - main # pull_request: # paths-ignore: # - infrastructure/** # types: [opened, synchronize, reopened, closed] # branches: # - main env: IMAGE_NAME: calque-app permissions: id-token: write contents: read jobs: versionize: name: Calculate next version runs-on: ubuntu-latest outputs: semver: ${{ steps.gitversion.outputs.SemVer }} steps: - name: Checkout uses: actions/checkout@v4 with: fetch-depth: 0 - name: Install GitVersion uses: gittools/actions/gitversion/setup@v3.1.11 with: versionSpec: "5.x" - name: Determine Version id: gitversion uses: gittools/actions/gitversion/execute@v3.1.11 with: useConfigFile: true build_and_publish: name: Build & Publish runs-on: ubuntu-latest needs: versionize steps: - uses: actions/checkout@v4 - name: Build container images run: | echo 'SESSION_SECRET=${{ secrets.SESSION_PASSWORD }}' > .env docker build . --file Dockerfile --tag ${{ secrets.ACR_LOGIN_SERVER }}/$IMAGE_NAME:${{needs.versionize.outputs.semver}} docker build . --file Dockerfile --tag ${{ secrets.ACR_LOGIN_SERVER }}/$IMAGE_NAME:latest - name: Login to ACR uses: azure/docker-login@v2 with: login-server: ${{ secrets.ACR_LOGIN_SERVER }} username: ${{ secrets.ACR_USERNAME }} password: ${{ secrets.ACR_PASSWORD }} - name: Push container images run: | docker push ${{ secrets.ACR_LOGIN_SERVER }}/$IMAGE_NAME:${{needs.versionize.outputs.semver}} docker push ${{ secrets.ACR_LOGIN_SERVER }}/$IMAGE_NAME:latest deploy: name: Deploy app runs-on: ubuntu-latest needs: [ versionize, build_and_publish ] strategy: matrix: environment: [ 'prd' ] steps: - uses: actions/checkout@v4 with: sparse-checkout: | infrastructure - name: Az CLI login uses: azure/login@v2 with: client-id: ${{ secrets.CALQUE_PRD_CLIENT_ID }} tenant-id: ${{ secrets.CALQUE_PRD_TENANT_ID }} subscription-id: ${{ secrets.CALQUE_PRD_SUBSCRIPTION_ID }} - name: Deploy bicep uses: Azure/cli@v2 with: azcliversion: 2.66.0 inlineScript: | az deployment sub create \ --location westeurope \ --template-file infrastructure/main.bicep \ --parameters infrastructure/params/${{ matrix.environment }}.bicepparam \ --parameters version=${{needs.versionize.outputs.semver}} \ --parameters registryUrl=${{ secrets.ACR_LOGIN_SERVER }}