Skip to content

No longer allow one to provide service bus namespace or storage account #359

No longer allow one to provide service bus namespace or storage account

No longer allow one to provide service bus namespace or storage account #359

Workflow file for this run

name: Build
on:
push:
branches:
- main
tags:
- '*'
paths-ignore:
- .devcontainer/**
- .vscode/**
- docs/**
- README.md
- LICENSE
pull_request:
branches:
- main
paths-ignore:
- .devcontainer/**
- .vscode/**
- docs/**
- README.md
- LICENSE
workflow_dispatch:
env:
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
AZURE_RESOURCE_GROUP: ${{ secrets.AZURE_RESOURCE_GROUP }}
jobs:
Build:
runs-on: ubuntu-latest
env:
DOTNET_SKIP_FIRST_TIME_EXPERIENCE: 1
IMAGE_NAME: 'azure-resources-cleaner'
DOCKER_BUILDKIT: 1 # Enable Docker BuildKit
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0 # Required for GitVersion
- name: Install GitVersion
uses: gittools/actions/gitversion/setup@v0
with:
versionSpec: '5.x'
- name: Determine Version
uses: gittools/actions/gitversion/execute@v0
id: gitversion
with:
useConfigFile: true
- name: Setup .NET SDK
uses: actions/setup-dotnet@v4
with:
dotnet-version: 8.x
- name: Test
run: dotnet test -c Release --collect "Code coverage"
- name: Publish
run: |
dotnet publish \
${{ github.workspace }}/Tingle.AzureCleaner/Tingle.AzureCleaner.csproj \
-c Release \
-o ${{ github.workspace }}/drop/Tingle.AzureCleaner
- name: Replace tokens
uses: cschleiden/replace-tokens@v1
with:
files: '["${{ github.workspace }}/main.bicep"]'
- name: Build bicep file
uses: azure/cli@v2
with:
inlineScript: |
cp ${{ github.workspace }}/main.bicep ${{ github.workspace }}/drop/main.bicep && \
az bicep build --file main.bicep --outfile ${{ github.workspace }}/drop/main.json
- name: Upload Artifact (drop)
uses: actions/upload-artifact@v4
with:
path: ${{ github.workspace }}/drop/*
name: drop
retention-days: 1
- name: Create deploy folder
run: |
mkdir -p deploy
cp ${{ github.workspace }}/main.bicep ${{ github.workspace }}/deploy/main.bicep
cp ${{ github.workspace }}/main.parameters.json ${{ github.workspace }}/deploy/main.parameters.json
- name: Replace tokens in deploy folder
uses: cschleiden/replace-tokens@v1
with:
files: '["${{ github.workspace }}/deploy/main.parameters.json"]'
env:
DOCKER_IMAGE_TAG: ${{ steps.gitversion.outputs.shortSha }}
NOTIFICATION_PASSWORD: ${{ secrets.NOTIFICATION_PASSWORD }}
CLEANER_PROJECT_TOKEN: ${{ secrets.CLEANER_PROJECT_TOKEN }}
- name: Upload Artifact (drop)
uses: actions/upload-artifact@v4
with:
path: deploy
name: deploy
retention-days: 1
- name: Pull Docker base image & warm Docker cache
run: docker pull "ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:latest"
continue-on-error: true
- name: Build image
run: |
docker build \
-f Tingle.AzureCleaner/Dockerfile \
--label com.github.image.run.id=${{ github.run_id }} \
--label com.github.image.run.number=${{ github.run_number }} \
--label com.github.image.job.id=${{ github.job }} \
--label com.github.image.source.sha=${{ github.sha }} \
--label com.github.image.source.branch=${{ github.ref }} \
-t "ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:latest" \
-t "ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:${{ steps.gitversion.outputs.shortSha }}" \
-t "ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:${{ steps.gitversion.outputs.nuGetVersionV2 }}" \
-t "ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:${{ steps.gitversion.outputs.major}}.${{ steps.gitversion.outputs.minor }}" \
-t "ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:${{ steps.gitversion.outputs.major }}" \
--cache-from ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:latest \
--build-arg BUILDKIT_INLINE_CACHE=1 \
.
- name: Log into registry
if: ${{ (github.ref == 'refs/heads/main') || (!startsWith(github.ref, 'refs/pull')) || startsWith(github.ref, 'refs/tags') }}
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login https://ghcr.io -u ${{ github.actor }} --password-stdin
- name: Push image (latest, ShortSha)
if: ${{ (github.ref == 'refs/heads/main') || startsWith(github.ref, 'refs/tags') }}
run: |
docker push "ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:latest"
docker push "ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:${{ steps.gitversion.outputs.shortSha}}"
- name: Push image (NuGetVersionV2)
if: ${{ !startsWith(github.ref, 'refs/pull') }}
run: docker push "ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:${{ steps.gitversion.outputs.nuGetVersionV2 }}"
- name: Push image (major, minor)
if: startsWith(github.ref, 'refs/tags')
run: |
docker push "ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:${{ steps.gitversion.outputs.major }}.${{ steps.gitversion.outputs.minor }}"
docker push "ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:${{ steps.gitversion.outputs.major }}"
- name: Upload Release
if: startsWith(github.ref, 'refs/tags/')
uses: ncipollo/release-action@v1
with:
artifacts: >
${{ github.workspace }}/drop/main.bicep,
${{ github.workspace }}/drop/main.json
token: ${{ secrets.GITHUB_TOKEN }}
draft: true
allowUpdates: true
Deploy:
runs-on: ubuntu-latest
needs: Build
if: ${{ github.actor != 'dependabot[bot]' && ((github.ref == 'refs/heads/main') || startsWith(github.ref, 'refs/tags')) }}
concurrency:
group: ${{ github.workflow }}
steps:
- name: Download Artifact
uses: actions/download-artifact@v4
with:
name: deploy
path: ${{ github.workspace }}/deploy
- name: Azure Login
uses: azure/login@v2
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- name: Deploy
uses: azure/arm-deploy@v2
with:
subscriptionId: ${{ env.AZURE_SUBSCRIPTION_ID }}
resourceGroupName: ${{ env.AZURE_RESOURCE_GROUP }}
template: '${{ github.workspace }}/deploy/main.bicep'
parameters: '${{ github.workspace }}/deploy/main.parameters.json'
scope: 'resourcegroup'