Add auth #8
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # deploy dashboard to Azure Container Registry via bash script | |
| name: deploy_via_bash | |
| # run on push to any branch | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| branches: | |
| - main | |
| jobs: | |
| deploy: | |
| runs-on: ubuntu-latest | |
| # if branch = main, environment = prod, else environment = dev | |
| environment: ${{ ((github.head_ref || github.ref_name) == 'main') && 'prod' || 'dev' }} | |
| permissions: | |
| id-token: write | |
| contents: read | |
| # retrieve variables from environment secrets and variables | |
| env: | |
| # deplyoment variables | |
| AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }} | |
| AZURE_TENANT_ID: ${{ vars.AZURE_TENANT_ID }} | |
| AZURE_CLIENT_ID: ${{ vars.AZURE_CLIENT_ID }} | |
| AZURE_CLIENT_CERT_NAME: ${{ vars.AZURE_CLIENT_CERT_NAME }} | |
| AZURE_CLIENT_CERT: ${{ secrets.AZURE_CLIENT_CERT }} | |
| AZURE_RESOURCE_GROUP: ${{ vars.AZURE_RESOURCE_GROUP }} | |
| # App env variables | |
| OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }} | |
| LANGCHAIN_API_KEY: ${{ secrets.LANGCHAIN_API_KEY }} | |
| STREAMLIT_PASSWORD: ${{ secrets.STREAMLIT_PASSWORD }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| - name: run deploy.sh | |
| shell: bash | |
| run: | | |
| echo "$AZURE_CLIENT_CERT" > ${{ vars.AZURE_CLIENT_CERT_NAME }} | |
| bash deployment/deploy.sh | |
| - name: clean up | |
| if: always() | |
| shell: bash | |
| run: | | |
| az logout | |
| rm ${{ vars.AZURE_CLIENT_CERT_NAME }} |