⬆️ terraform: Bump hashicorp/azurerm from 3.105.0 to 4.2.0 in /infrastructure #572

Workflow file for this run

.github/workflows/publish.yml at 385df91

	name: publish

	on:
	push:
	branches: ["main"]
	# Publish semver tags as releases.
	tags: ["v..*"]
	pull_request:
	branches: ["main"]

	env:
	# Use docker.io for Docker Hub if empty
	REGISTRY: ghcr.io
	# github.repository as <account>/<repo>
	SITE_IMAGE_NAME: ${{ github.repository }}
	EDITOR_IMAGE_NAME: ${{ github.repository }}editor

	jobs:
	build:
	runs-on: ubuntu-latest
	permissions:
	contents: read
	packages: write
	id-token: write

	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	# Workaround: https://github.com/docker/build-push-action/issues/461
	- name: Setup Docker buildx
	uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db

	- name: Set commit hash
	id: set-commit-hash
	shell: bash
	run: \|
	export COMMIT_HASH=${GITHUB_SHA:0:7}
	echo "COMMIT_HASH=$COMMIT_HASH" >> $GITHUB_OUTPUT

	# Login against a Docker registry except on PR
	# https://github.com/docker/login-action
	- name: Log into registry ${{ env.REGISTRY }}
	if: github.event_name != 'pull_request'
	uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567
	with:
	registry: ${{ env.REGISTRY }}
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	# Extract metadata (tags, labels) for Docker
	# https://github.com/docker/metadata-action
	- name: Extract Docker metadata (site)
	id: meta-site
	uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81
	with:
	images: ${{ env.REGISTRY }}/${{ env.SITE_IMAGE_NAME }}
	tags: \|
	type=sha,format=long,prefix=,priority=100
	type=sha,prefix=,priority=80
	type=ref,event=branch,priority=60
	type=ref,event=pr,priority=40

	# Build and push Docker image with Buildx (don't push on PR)
	# https://github.com/docker/build-push-action
	- name: Build and push Docker image (site)
	id: build-and-push-site
	uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85
	with:
	context: .
	push: ${{ github.event_name != 'pull_request' }}
	tags: ${{ steps.meta-site.outputs.tags }}
	file: "src/GordonBeemingCom/Dockerfile"
	build-args: \|
	A_COMMIT_HASH=${{ steps.set-commit-hash.outputs.COMMIT_HASH }}
	A_BRANCH_NAME=${{ github.ref_name }}

	# Extract metadata (tags, labels) for Docker
	# https://github.com/docker/metadata-action
	- name: Extract Docker metadata (editor)
	id: meta-editor
	uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81
	with:
	images: ${{ env.REGISTRY }}/${{ env.EDITOR_IMAGE_NAME }}
	tags: \|
	type=sha,format=long,prefix=,priority=100
	type=sha,prefix=,priority=80
	type=ref,event=branch,priority=60
	type=ref,event=pr,priority=40

	# Build and push Docker image with Buildx (don't push on PR)
	# https://github.com/docker/build-push-action
	- name: Build and push Docker image (editor)
	id: build-and-push-editor
	uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85
	with:
	context: .
	push: ${{ github.event_name != 'pull_request' }}
	tags: ${{ steps.meta-editor.outputs.tags }}
	file: "src/GordonBeemingCom.Editor/Dockerfile"
	build-args: \|
	A_COMMIT_HASH=${{ steps.set-commit-hash.outputs.COMMIT_HASH }}
	A_BRANCH_NAME=${{ github.ref_name }}

	deployPreview:
	name: "Deploy to Preview"
	needs: build
	if: github.ref == 'refs/heads/main'
	concurrency:
	group: preview
	cancel-in-progress: false
	environment:
	name: "preview"
	url: "https://preview.gordonbeeming.com/"
	runs-on: ubuntu-latest
	permissions:
	id-token: write
	env:
	API_URL: "https://preview.gordonbeeming.com"

	steps:
	- name: Azure Login
	uses: azure/login@v2
	with:
	client-id: ${{ secrets.ARM_CLIENT_ID }}
	tenant-id: ${{ secrets.ARM_TENANT_ID }}
	subscription-id: ${{ secrets.ARM_SUBSCRIPTION_ID }}

	- name: Set commit hash
	id: set-commit-hash
	shell: bash
	run: \|
	export COMMIT_HASH=${GITHUB_SHA:0:7}
	echo "COMMIT_HASH=$COMMIT_HASH" >> $GITHUB_OUTPUT

	- name: Deploy Web App to Preview (editor)
	uses: Azure/cli@v2
	with:
	inlineScript: \|
	TAG=$(echo 'https://${{ env.REGISTRY }}/${{ env.EDITOR_IMAGE_NAME }}:${{ github.sha }}' \| tr '[:upper:]' '[:lower:]')
	az webapp config container set --resource-group ${{ secrets.AZURE_WEBAPP_RG }} --name ${{ secrets.EDITOR_AZURE_WEBAPP_NAME }} --docker-custom-image-name $TAG

	- name: Deploy Web App to Preview (site)
	uses: Azure/cli@v2
	with:
	inlineScript: \|
	TAG=$(echo 'https://${{ env.REGISTRY }}/${{ env.SITE_IMAGE_NAME }}:${{ github.sha }}' \| tr '[:upper:]' '[:lower:]')
	az webapp config container set --resource-group ${{ secrets.AZURE_WEBAPP_RG }} --name ${{ secrets.SITE_AZURE_WEBAPP_NAME }} --docker-custom-image-name $TAG

	- name: Check deployed version endpoint
	shell: pwsh
	run: \|
	$tries = 0
	$maxTries = 24
	$apiDeployed = $false
	$returnedVersion = ""
	$expectedCommitHash = $env:COMMIT_HASH
	$baseUrl = $env:API_URL
	$VersionApi = "$($baseUrl)/api/Deploy/Version"
	Write-Host "Waiting for API to deploy at $VersionApi"
	Write-Host "Expected Version: $expectedCommitHash"
	while ($tries -lt $maxTries -and $apiDeployed -eq $false) {
	try
	{
	$version = Invoke-WebRequest -Uri $VersionApi -Method POST -Body "" -ContentType "application/json"
	$returnedVersion = $version.Content.Trim('"')
	if ($version.StatusCode -eq 200 -and $returnedVersion -eq $expectedCommitHash) {
	$apiDeployed = $true
	} else {
	Write-Host "Waiting for API to deploy... (try $($tries + 1) of $maxTries)"
	Start-Sleep -Seconds 5
	$tries++
	}
	}
	catch
	{
	Write-Host "🔥 Error trying to get version... $($_.Exception)"
	Write-Host "Waiting for API to deploy... (try $($tries + 1) of $maxTries)"
	Start-Sleep -Seconds 5
	$tries++
	}
	}
	if ($apiDeployed -eq $false) {
	Write-Host "🔥 API did not deploy after $($maxTries * 5) seconds"
	Write-Host "🔥 Current Version: $($returnedVersion), Expected Version: $($expectedCommitHash)"
	exit(1)
	}

	# Write-Host "Health Check at $($baseUrl)/api/HealthCheck"
	# $response = Invoke-WebRequest -Uri $env:API_URL/api/HealthCheck -SslProtocol Tls12 -Method POST -Body "" -ContentType "application/json"
	# if ($response.Content -eq "OK") {
	# Write-Host "Health check succeeded"
	# } else {
	# Write-Error "Health check failed: $($response.StatusCode)"
	# exit 1
	# }
	env:
	COMMIT_HASH: ${{ steps.set-commit-hash.outputs.COMMIT_HASH }}

	- name: Azure Logout
	uses: azure/CLI@v2
	with:
	inlineScript: \|
	az logout

	deployLive:
	name: "Deploy to live"
	needs: deployPreview
	if: github.ref == 'refs/heads/main'
	concurrency:
	group: live
	cancel-in-progress: false
	environment:
	name: "live"
	url: "https://gordonbeeming.com/"
	runs-on: ubuntu-latest
	permissions:
	id-token: write
	env:
	API_URL: "https://gordonbeeming.com"

	steps:
	- name: Azure Login
	uses: azure/login@v2
	with:
	client-id: ${{ secrets.ARM_CLIENT_ID }}
	tenant-id: ${{ secrets.ARM_TENANT_ID }}
	subscription-id: ${{ secrets.ARM_SUBSCRIPTION_ID }}

	- name: Set commit hash
	id: set-commit-hash
	shell: bash
	run: \|
	export COMMIT_HASH=${GITHUB_SHA:0:7}
	echo "COMMIT_HASH=$COMMIT_HASH" >> $GITHUB_OUTPUT

	- name: Deploy Web App to Live (editor)
	uses: Azure/cli@v2
	with:
	inlineScript: \|
	TAG=$(echo 'https://${{ env.REGISTRY }}/${{ env.EDITOR_IMAGE_NAME }}:${{ github.sha }}' \| tr '[:upper:]' '[:lower:]')
	az webapp config container set --resource-group ${{ secrets.AZURE_WEBAPP_RG }} --name ${{ secrets.EDITOR_AZURE_WEBAPP_NAME }} --docker-custom-image-name $TAG

	- name: Deploy Web App to Live (site)
	uses: Azure/cli@v2
	with:
	inlineScript: \|
	TAG=$(echo 'https://${{ env.REGISTRY }}/${{ env.SITE_IMAGE_NAME }}:${{ github.sha }}' \| tr '[:upper:]' '[:lower:]')
	az webapp config container set --resource-group ${{ secrets.AZURE_WEBAPP_RG }} --name ${{ secrets.SITE_AZURE_WEBAPP_NAME }} --docker-custom-image-name $TAG

	- name: Check deployed version endpoint
	shell: pwsh
	run: \|
	$tries = 0
	$maxTries = 24
	$apiDeployed = $false
	$returnedVersion = ""
	$expectedCommitHash = $env:COMMIT_HASH
	$baseUrl = $env:API_URL
	$VersionApi = "$($baseUrl)/api/Deploy/Version"
	Write-Host "Waiting for API to deploy at $VersionApi"
	Write-Host "Expected Version: $expectedCommitHash"
	while ($tries -lt $maxTries -and $apiDeployed -eq $false) {
	try
	{
	$version = Invoke-WebRequest -Uri $VersionApi -Method POST -Body "" -ContentType "application/json"
	$returnedVersion = $version.Content.Trim('"')
	if ($version.StatusCode -eq 200 -and $returnedVersion -eq $expectedCommitHash) {
	$apiDeployed = $true
	} else {
	Write-Host "Waiting for API to deploy... (try $($tries + 1) of $maxTries)"
	Start-Sleep -Seconds 5
	$tries++
	}
	}
	catch
	{
	Write-Host "🔥 Error trying to get version... $($_.Exception)"
	Write-Host "Waiting for API to deploy... (try $($tries + 1) of $maxTries)"
	Start-Sleep -Seconds 5
	$tries++
	}
	}
	if ($apiDeployed -eq $false) {
	Write-Host "🔥 API did not deploy after $($maxTries * 5) seconds"
	Write-Host "🔥 Current Version: $($returnedVersion), Expected Version: $($expectedCommitHash)"
	exit(1)
	}

	# Write-Host "Health Check at $($baseUrl)/api/HealthCheck"
	# $response = Invoke-WebRequest -Uri $env:API_URL/api/HealthCheck -SslProtocol Tls12 -Method POST -Body "" -ContentType "application/json"
	# if ($response.Content -eq "OK") {
	# Write-Host "Health check succeeded"
	# } else {
	# Write-Error "Health check failed: $($response.StatusCode)"
	# exit 1
	# }
	env:
	COMMIT_HASH: ${{ steps.set-commit-hash.outputs.COMMIT_HASH }}

	- name: Azure Logout
	uses: azure/CLI@v2
	with:
	inlineScript: \|
	az logout

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

⬆️ terraform: Bump hashicorp/azurerm from 3.105.0 to 4.2.0 in /infrastructure #572

Workflow file

⬆️ terraform: Bump hashicorp/azurerm from 3.105.0 to 4.2.0 in /infrastructure #572

Jobs

Run details

Workflow file for this run