diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml deleted file mode 100644 index 7fe85df..0000000 --- a/.github/workflows/deploy.yml +++ /dev/null @@ -1,58 +0,0 @@ -name: Auto Deploy - -# Controls when the workflow will run -on: - pull_request: - branches: - - main - types: [ closed ] - - - # Allows you to run this workflow manually from the Actions tab - workflow_dispatch: - -# A workflow run is made up of one or more jobs that can run sequentially or in parallel -jobs: - build: - if: ${{ github.event.pull_request.merged }} - name: Call Azure Build Pipeline - # The type of runner that the job will run on - runs-on: ubuntu-latest - - # Steps represent a sequence of tasks that will be executed as part of the job - steps: - - # default skip bump versioning - - name: Set as default skip bump versioning - run: | - echo "SEMVER=skip" >> $GITHUB_ENV - - - name: Set major - run: | - echo "SEMVER=major" >> $GITHUB_ENV - if: ${{ contains(github.event.pull_request.labels.*.name, 'breaking-change') }} - - - name: Set minor - run: | - echo "SEMVER=minor" >> $GITHUB_ENV - if: ${{ contains(github.event.pull_request.labels.*.name, 'enhancement') }} - - - name: Set patch - run: | - echo "SEMVER=patch" >> $GITHUB_ENV - if: ${{ contains(github.event.pull_request.labels.*.name, 'bug') }} - - - name: Set skip - run: | - echo "SEMVER=skip" >> $GITHUB_ENV - if: ${{ contains(github.event.pull_request.labels.*.name, 'ignore-for-release') }} - - - name: Azure Pipelines Action - Jversion - uses: jacopocarlini/azure-pipelines@b9721743a54e862597395b4a70727cfdc03028fb # v1.3 - with: - azure-devops-project-url: https://dev.azure.com/pagopaspa/pagoPA-projects - azure-pipeline-name: 'pagopa-function-template.deploy' - azure-devops-token: ${{ secrets.AZURE_DEVOPS_TOKEN }} - azure-template-parameters: '{"ENV": "dev", "SEMVER": "${{env.SEMVER}}", "TEST": "true"}' - azure-pipeline-variables: '{"system.debug": "true"}' - diff --git a/.identity/00_data.tf b/.identity/00_data.tf index 4079dde..2be2418 100644 --- a/.identity/00_data.tf +++ b/.identity/00_data.tf @@ -50,3 +50,8 @@ data "azurerm_key_vault_secret" "flow_sa_connection_string" { name = "flows-sa-${var.env_short}-connection-string" key_vault_id = data.azurerm_key_vault.domain_key_vault.id } + +data "azurerm_user_assigned_identity" "identity_cd_01"{ + name = "${local.prefix}-${var.env_short}-${local.domain_gps}-01-github-cd-identity" + resource_group_name = "${local.prefix}-${var.env_short}-identity-rg" +} \ No newline at end of file diff --git a/.identity/03_github_environment.tf b/.identity/03_github_environment.tf index 34d3a43..ab3dded 100644 --- a/.identity/03_github_environment.tf +++ b/.identity/03_github_environment.tf @@ -21,7 +21,7 @@ resource "github_repository_environment" "github_repository_environment" { locals { env_secrets = { - "CLIENT_ID" : module.github_runner_app.application_id, + "CLIENT_ID" : data.azurerm_user_assigned_identity.identity_cd_01.client_id, "TENANT_ID" : data.azurerm_client_config.current.tenant_id, "SUBSCRIPTION_ID" : data.azurerm_subscription.current.subscription_id, "API_SUBSCRIPTION_KEY" : data.azurerm_key_vault_secret.key_vault_integration_test_subkey.value, diff --git a/.identity/99_variables.tf b/.identity/99_variables.tf index 15d1354..fae659f 100644 --- a/.identity/99_variables.tf +++ b/.identity/99_variables.tf @@ -6,6 +6,7 @@ locals { prefix = "pagopa" domain = "gps" + domain_gps = "gps" location_short = "weu" product = "${var.prefix}-${var.env_short}"