-
Notifications
You must be signed in to change notification settings - Fork 22
137 lines (121 loc) · 4.49 KB
/
dataProductDeployment.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
name: Data Product Deployment
on:
push:
branches: [main]
paths:
- "code/**"
- "infra/**"
- ".github/workflows/dataProductDeployment.yml"
pull_request:
branches: [main]
paths:
- "code/**"
- "infra/**"
- ".github/workflows/dataProductDeployment.yml"
env:
AZURE_SUBSCRIPTION_ID: "2150d511-458f-43b9-8691-6819ba2e6c7b" # Update to '{dataLandingZoneSubscriptionId}'
AZURE_RESOURCE_GROUP_NAME: "dlz01-dev-di001" # Update to '{dataLandingZoneName}-rg'
AZURE_LOCATION: "northeurope" # Update to '{regionName}'
jobs:
validation:
name: "Validation of IaC templates"
runs-on: ubuntu-latest
continue-on-error: false
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- name: Check Out Repository
id: checkout_repository
uses: actions/checkout@v2
# Login to Azure
- name: Azure Login
id: azure_login
uses: azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
# Generate Password 001
- name: Generate Password 001
id: generate_password_001
run: |
echo "Generating Password"
pwsh "${GITHUB_WORKSPACE}/code/GeneratePassword.ps1" -GitHub
# Deploy Data Product - validation
- name: Deploy Data Product - validation
id: data_product_validation
uses: azure/arm-deploy@v1
with:
scope: resourcegroup
subscriptionId: ${{ env.AZURE_SUBSCRIPTION_ID }}
resourceGroupName: ${{ env.AZURE_RESOURCE_GROUP_NAME }}
region: ${{ env.AZURE_LOCATION }}
template: ${{ github.workspace }}/infra/main.json
parameters: ${{ github.workspace }}/infra/params.dev.json administratorPassword="${{ steps.generate_password_001.outputs.password }}"
deploymentMode: Validate
failOnStdErr: false
# Deploy Data Product - what-if
- name: Deploy Data Product - what-if
id: data_product_whatif
uses: azure/cli@v1
with:
azcliversion: "agentazcliversion"
inlineScript: |
az account set \
--subscription ${{ env.AZURE_SUBSCRIPTION_ID }}
az deployment group what-if \
--resource-group ${{ env.AZURE_RESOURCE_GROUP_NAME }} \
--exclude-change-types Ignore NoChange Unsupported \
--mode "Incremental" \
--template-file "${GITHUB_WORKSPACE}/infra/main.json" \
--parameters "${GITHUB_WORKSPACE}/infra/params.dev.json" administratorPassword="${{ steps.generate_password_001.outputs.password }}" \
--result-format "FullResourcePayloads"
# Log out from Azure
- name: Log out from Azure
id: azure_logout
uses: azure/cli@v1
with:
azcliversion: "agentazcliversion"
inlineScript: |
az logout
deployment:
name: "Deployment of IaC templates"
needs: [validation]
runs-on: ubuntu-latest
if: github.event_name == 'push'
continue-on-error: false
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- name: Check Out Repository
id: checkout_repository
uses: actions/checkout@v2
# Login to Azure
- name: Azure Login
id: azure_login
uses: azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
# Generate Password 001
- name: Generate Password 001
id: generate_password_001
run: |
echo "Generating Password"
pwsh "${GITHUB_WORKSPACE}/code/GeneratePassword.ps1" -GitHub
# Deploy Data Product
- name: Deploy Data Product
id: data_product_deployment
uses: azure/arm-deploy@v1
with:
scope: resourcegroup
subscriptionId: ${{ env.AZURE_SUBSCRIPTION_ID }}
resourceGroupName: ${{ env.AZURE_RESOURCE_GROUP_NAME }}
region: ${{ env.AZURE_LOCATION }}
template: ${{ github.workspace }}/infra/main.json
parameters: ${{ github.workspace }}/infra/params.dev.json administratorPassword="${{ steps.generate_password_001.outputs.password }}"
deploymentMode: Incremental
failOnStdErr: false
# Log out from Azure
- name: Log out from Azure
id: azure_logout
uses: azure/cli@v1
with:
azcliversion: "agentazcliversion"
inlineScript: |
az logout