Skip to content

Commit

Permalink
Merge pull request #3 from PerfectThymeTech/marvinbuss/update_runners
Browse files Browse the repository at this point in the history
Update workflows
  • Loading branch information
marvinbuss authored Sep 12, 2023
2 parents 9be8448 + 3f153d6 commit 0753f8d
Show file tree
Hide file tree
Showing 7 changed files with 58 additions and 231 deletions.
97 changes: 24 additions & 73 deletions .github/workflows/_terraformEnvironmentTemplate.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,15 @@ on:
required: true
type: string
description: "Specifies the working directory."
export_terraform_outputs:
required: false
type: boolean
default: false
description: "Specifies whether terraform outputs should be exported."
subscription_id:
required: true
type: string
description: "Specifies the Azure subscription id."
secrets:
TENANT_ID:
required: true
Expand All @@ -22,42 +31,15 @@ on:
CLIENT_SECRET:
required: true
description: "Specifies the client secret."
SUBSCRIPTION_ID:
required: true
description: "Specifies the client id."
PAT:
required: true
description: "Specifies the GitHub PAT."
DNS_API_PASSWORD:
required: true
description: "Specifies the API Password for DNS entries."
outputs:
mgmt_synapse_workspace_resource_group_name:
description: "The resource group name of the management synapse workspace."
value: ${{ jobs.apply.outputs.mgmt_synapse_workspace_resource_group_name }}
mgmt_synapse_workspace_name:
description: "The name of the management synapse workspace."
value: ${{ jobs.apply.outputs.mgmt_synapse_workspace_name }}
mgmt_synapse_workspace_sql_pool_name:
description: "The name of the management synapse workspace SQL Pool."
value: ${{ jobs.apply.outputs.mgmt_synapse_workspace_sql_pool_name }}
mgmt_synapse_workspace_uri_sql:
description: "The uri of the management synapse workspace."
value: ${{ jobs.apply.outputs.mgmt_synapse_workspace_uri_sql }}
mgmt_details:
description: "Specifies the mgmt details for the SQL deployment."
value: ${{ jobs.apply.outputs.mgmt_details }}
core_details:
description: "Specifies the core details for the SQL deployment."
value: ${{ jobs.apply.outputs.core_details }}
extension_details:
description: "Specifies the extension details for the SQL deployment."
value: ${{ jobs.apply.outputs.extension_details }}
test:
description: "A sample value."
value: ${{ jobs.apply.outputs.test }}

jobs:
lint:
name: Terraform Lint
runs-on: [self-hosted, linux, original]
runs-on: [self-hosted]
continue-on-error: false
needs: []

Expand All @@ -76,14 +58,14 @@ jobs:
plan:
name: Terraform Plan
runs-on: [self-hosted, linux, original]
runs-on: [self-hosted]
continue-on-error: false
environment: ${{ inputs.environment }}
needs: [lint]

env:
ARM_TENANT_ID: ${{ secrets.TENANT_ID }}
ARM_SUBSCRIPTION_ID: ${{ secrets.SUBSCRIPTION_ID }}
ARM_SUBSCRIPTION_ID: ${{ inputs.subscription_id }}
ARM_CLIENT_ID: ${{ secrets.CLIENT_ID }}
ARM_CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }}
ARM_USE_OIDC: false
Expand All @@ -99,11 +81,7 @@ jobs:
id: terraform_init
working-directory: ${{ inputs.working_directory }}
run: |
export HOME=$(pwd -P)
git config --global url."https://[email protected]".insteadOf https://github.developer.allianz.io
terraform init
env:
PAT: ${{ secrets.PAT }}
# Terraform Validate
- name: Terraform Validate
Expand All @@ -117,27 +95,21 @@ jobs:
id: terraform_plan
working-directory: ${{ inputs.working_directory }}
run: |
terraform plan -var-file vars.${{ inputs.environment }}.tfvars -var='dns_api_password=${{ secrets.DNS_API_PASSWORD }}' -input=false
terraform plan -var-file vars.${{ inputs.environment }}.tfvars -input=false
apply:
name: Terraform Apply
runs-on: [self-hosted, linux, original]
runs-on: [self-hosted]
continue-on-error: false
environment: ${{ inputs.environment }}
# if: github.event_name == 'push' || github.event_name == 'release'
needs: [lint, plan]
outputs:
mgmt_synapse_workspace_resource_group_name: ${{ steps.terraform_outputs.outputs.mgmt_synapse_workspace_resource_group_name }}
mgmt_synapse_workspace_name: ${{ steps.terraform_outputs.outputs.mgmt_synapse_workspace_name }}
mgmt_synapse_workspace_sql_pool_name: ${{ steps.terraform_outputs.outputs.mgmt_synapse_workspace_sql_pool_name }}
mgmt_synapse_workspace_uri_sql: ${{ steps.terraform_outputs.outputs.mgmt_synapse_workspace_uri_sql }}
mgmt_details: ${{ steps.terraform_outputs.outputs.mgmt_details }}
core_details: ${{ steps.terraform_outputs.outputs.core_details }}
extension_details: ${{ steps.terraform_outputs.outputs.extension_details }}
test: ${{ steps.terraform_outputs.outputs.test }}

env:
ARM_TENANT_ID: ${{ secrets.TENANT_ID }}
ARM_SUBSCRIPTION_ID: ${{ secrets.SUBSCRIPTION_ID }}
ARM_SUBSCRIPTION_ID: ${{ inputs.subscription_id }}
ARM_CLIENT_ID: ${{ secrets.CLIENT_ID }}
ARM_CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }}
ARM_USE_OIDC: false
Expand All @@ -153,49 +125,28 @@ jobs:
id: azure_login
uses: azure/login@v1
with:
creds: '{"clientId":"${{ secrets.CLIENT_ID }}","clientSecret":"${{ secrets.CLIENT_SECRET }}","subscriptionId":"${{ secrets.SUBSCRIPTION_ID }}","tenantId":"${{ secrets.TENANT_ID }}"}'
creds: '{"clientId":"${{ secrets.CLIENT_ID }}","clientSecret":"${{ secrets.CLIENT_SECRET }}","subscriptionId":"${{ inputs.subscription_id }}","tenantId":"${{ secrets.TENANT_ID }}"}'

# Terraform Init
- name: Terraform Init
working-directory: ${{ inputs.working_directory }}
run: |
export HOME=$(pwd -P)
git config --global url."https://[email protected]".insteadOf https://github.developer.allianz.io
terraform init
env:
PAT: ${{ secrets.PAT }}
# Terraform Apply
- name: Terraform Apply
working-directory: ${{ inputs.working_directory }}
run: |
terraform apply -var-file vars.${{ inputs.environment }}.tfvars -var='dns_api_password=${{ secrets.DNS_API_PASSWORD }}' -auto-approve -input=false
terraform apply -var-file vars.${{ inputs.environment }}.tfvars -auto-approve -input=false
# Terraform Export Outputs
- name: Terraform Export Outputs
id: terraform_outputs
working-directory: ${{ inputs.working_directory }}
if: inputs.export_terraform_outputs
run: |
mgmt_synapse_workspace_resource_group_name=$(terraform output -raw mgmt_synapse_workspace_resource_group_name)
echo "mgmt_synapse_workspace_resource_group_name=$mgmt_synapse_workspace_resource_group_name" >> "$GITHUB_OUTPUT"
mgmt_synapse_workspace_name=$(terraform output -raw mgmt_synapse_workspace_name)
echo "mgmt_synapse_workspace_name=$mgmt_synapse_workspace_name" >> "$GITHUB_OUTPUT"
mgmt_synapse_workspace_sql_pool_name=$(terraform output -raw mgmt_synapse_workspace_sql_pool_name)
echo "mgmt_synapse_workspace_sql_pool_name=$mgmt_synapse_workspace_sql_pool_name" >> "$GITHUB_OUTPUT"
mgmt_synapse_workspace_uri_sql=$(terraform output -raw mgmt_synapse_workspace_uri_sql)
echo "mgmt_synapse_workspace_uri_sql=$mgmt_synapse_workspace_uri_sql" >> "$GITHUB_OUTPUT"
mgmt_details=$(terraform output -raw mgmt_details)
echo "mgmt_details=$mgmt_details" >> "$GITHUB_OUTPUT"
core_details=$(terraform output -raw core_details)
echo "core_details=$core_details" >> "$GITHUB_OUTPUT"
extension_details=$(terraform output -raw extension_details)
echo "extension_details=$extension_details" >> "$GITHUB_OUTPUT"
test=$(terraform output -raw test)
echo "test=$test" >> "$GITHUB_OUTPUT"
# Log out from Azure
- name: Log out from Azure
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -8,11 +8,10 @@ on:
type: string
default: "dev"
description: "Specifies the environment of the deployment."
init_project_version:
required: false
subscription_id:
required: true
type: string
default: "main"
description: "Specifies the version of the Init project."
description: "Specifies the Azure subscription id."
target_server_uri:
required: true
type: string
Expand All @@ -21,18 +20,6 @@ on:
required: true
type: string
description: "Specifies the target database name of the SQL project."
mgmt_details:
required: true
type: string
description: "Specifies the mgmt details for the SQL deployment."
core_details:
required: true
type: string
description: "Specifies the core details for the SQL deployment."
extension_details:
required: true
type: string
description: "Specifies the extension details for the SQL deployment."
secrets:
TENANT_ID:
required: true
Expand All @@ -43,12 +30,6 @@ on:
CLIENT_SECRET:
required: true
description: "Specifies the client secret."
SUBSCRIPTION_ID:
required: true
description: "Specifies the client id."
PAT:
required: true
description: "Specifies the GitHub PAT."

env:
SQL_PROJECT_NAME: "sqlDbProject"
Expand All @@ -61,7 +42,7 @@ env:
jobs:
build:
name: Build SQL Project
runs-on: [self-hosted, linux, original]
runs-on: [self-hosted]
continue-on-error: false
needs: []

Expand All @@ -70,17 +51,12 @@ jobs:
- name: Check Out Repository
id: checkout_repository
uses: actions/checkout@v3
with:
repository: Financial-Data-Pool/content-template
ref: ${{ inputs.init_project_version }}
token: ${{ secrets.PAT }}

# Build Database project
- name: Build Database project
id: dotnet_build
working-directory: ${{ env.SQL_BUILD_PATH }}
run: |
export HOME=$(pwd -P)
dotnet build /p:NetCoreBuild=true --configuration Release --output ./${{ env.SQL_BUILD_OUTPUT_PATH }}
# Upload SQL Package Artifacts
Expand All @@ -93,7 +69,7 @@ jobs:

report:
name: Report SQL Project Changes
runs-on: [self-hosted, linux, original]
runs-on: [self-hosted]
continue-on-error: false
environment: ${{ inputs.environment }}
needs: [build]
Expand All @@ -112,14 +88,14 @@ jobs:
id: azure_login
uses: azure/login@v1
with:
creds: '{"clientId":"${{ secrets.CLIENT_ID }}","clientSecret":"${{ secrets.CLIENT_SECRET }}","subscriptionId":"${{ secrets.SUBSCRIPTION_ID }}","tenantId":"${{ secrets.TENANT_ID }}"}'
creds: '{"clientId":"${{ secrets.CLIENT_ID }}","clientSecret":"${{ secrets.CLIENT_SECRET }}","subscriptionId":"${{ inputs.subscription_id }}","tenantId":"${{ secrets.TENANT_ID }}"}'

# Generate Azure Active Directory Token
- name: Generate Azure Active Directory Token
id: azure_access_token
run: |
echo "Set Azure Context"
az account set -s "${{ secrets.SUBSCRIPTION_ID }}"
az account set -s "${{ inputs.subscription_id }}"
echo "Create Azure Access Token"
ACCESS_TOKEN=$(az account get-access-token --scope "https://database.windows.net/.default" --query "accessToken" -o tsv)
Expand All @@ -132,12 +108,6 @@ jobs:
id: output_directory
run: mkdir -p ${{ env.SQL_REPORT_OUTPUT_PATH }}

# Add sql package to path
- name: Add sqlpackage to PATH
id: sqlpackage_path
run: |
echo "/home/actions/sqlpackage" >> $GITHUB_PATH
# SQL Package Version
- name: SQL Package Version
id: sqlpackage_version
Expand Down Expand Up @@ -172,7 +142,7 @@ jobs:

deploy:
name: Deploy SQL Project
runs-on: [self-hosted, linux, original]
runs-on: [self-hosted]
continue-on-error: false
environment: ${{ inputs.environment }}
# if: github.event_name == 'push' || github.event_name == 'release'
Expand All @@ -192,27 +162,21 @@ jobs:
id: azure_login
uses: azure/login@v1
with:
creds: '{"clientId":"${{ secrets.CLIENT_ID }}","clientSecret":"${{ secrets.CLIENT_SECRET }}","subscriptionId":"${{ secrets.SUBSCRIPTION_ID }}","tenantId":"${{ secrets.TENANT_ID }}"}'
creds: '{"clientId":"${{ secrets.CLIENT_ID }}","clientSecret":"${{ secrets.CLIENT_SECRET }}","subscriptionId":"${{ inputs.subscription_id }}","tenantId":"${{ secrets.TENANT_ID }}"}'

# Generate Azure Active Directory Token
- name: Generate Azure Active Directory Token
id: azure_access_token
run: |
echo "Set Azure Context"
az account set -s "${{ secrets.SUBSCRIPTION_ID }}"
az account set -s "${{ inputs.subscription_id }}"
echo "Create Azure Access Token"
ACCESS_TOKEN=$(az account get-access-token --scope "https://database.windows.net/.default" --query "accessToken" -o tsv)
echo "Set secret value"
echo "azureAccessToken=$ACCESS_TOKEN" >> "$GITHUB_OUTPUT"
# Add sql package to path
- name: Add sqlpackage to PATH
id: sqlpackage_path
run: |
echo "/home/actions/sqlpackage" >> $GITHUB_PATH
# SQL Package Version
- name: SQL Package Version
id: sqlpackage_version
Expand Down
Loading

0 comments on commit 0753f8d

Please sign in to comment.