generated from Avanade/avanade-template
-
Notifications
You must be signed in to change notification settings - Fork 0
143 lines (128 loc) · 6.21 KB
/
setup-logicapp-resource.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
name: Setup Logic App
run-name: Setup Logic App [${{inputs.selected_environment}}]
on:
workflow_dispatch:
inputs:
selected_environment:
type: environment
description: Select environment
default: test
deploy_logicapp_resource:
type: boolean
description: Run deployment of Logic App resource
default: true
upload_logicapp_workflows:
type: boolean
description: Upload Logic App workflows
default: true
jobs:
setup-logic-app-resource:
if: ${{ github.event.inputs.deploy_logicapp_resource == 'true' }}
runs-on: ubuntu-latest
outputs:
accountName: ${{steps.deploy_main_bicep.outputs.accountName}}
destination: ${{steps.deploy_main_bicep.outputs.destination}}
logicAppName: ${{steps.deploy_main_bicep.outputs.logicAppName}}
fileShare: ${{steps.deploy_main_bicep.outputs.fileShare}}
environment: ${{ github.event.inputs.selected_environment }}
steps:
- uses: actions/checkout@v2
- name: Login Azure
uses: azure/login@v2
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
enable-AzPSSession: true
- name: Setup Workflow Parameters
uses: microsoft/variable-substitution@v1
with:
files: ./.bicep/logicapps/parameters.json
env:
parameters.env.value: ${{ vars.HOME_URL }}
parameters.appsettings.value.Workflows.CommunityOrganizationsScan.FlowState: ${{ vars.WORKFLOWS_COMMUNITY_ORGANIZATIONS_SCAN_FLOWSTATE }}
parameters.appSettings.value.Workflows.CleanupOrganization.FlowState: ${{ vars.WORKFLOWS_CLEANUP_ORGANIZATION_FLOWSTATE }}
parameters.appSettings.value.Workflows.ExpiringInvitation.FlowState: ${{ vars.WORKFLOWS_EXPIRING_INVITATION_FLOWSTATE }}
parameters.appSettings.value.Workflows.IndexOrgRepos.FlowState: ${{ vars.WORKFLOWS_INDEX_ORG_REPOS_FLOWSTATE }}
parameters.appSettings.value.Workflows.InnersourceCheckOutsideCollaborators.FlowState: ${{ vars.WORKFLOWS_INNERSOURCE_CHECK_OUTSIDE_COLLABORATORS_FLOWSTATE }}
parameters.appSettings.value.Workflows.OpensourceCheckOutsideCollaborators.FlowState: ${{ vars.WORKFLOWS_OPENSOURCE_CHECK_OUTSIDE_COLLABORATORS_FLOWSTATE }}
parameters.appSettings.value.Workflows.RecurringApproval.FlowState: ${{ vars.WORKFLOWS_RECURRING_APPROVAL_FLOWSTATE }}
parameters.appSettings.value.Workflows.RepoOwnerScan.FlowState: ${{ vars.WORKFLOWS_REPO_OWNER_SCAN_FLOWSTATE }}
- name: Deploy Bicep File
uses: azure/arm-deploy@v1
id: deploy_main_bicep
with:
subscriptionId: ${{ fromJSON(secrets.AZURE_CREDENTIALS)['subscriptionId'] }}
resourceGroupName: ${{ secrets.AZURE_RESOURCE_GROUP }}
template: ./.bicep/logicapps/deployGhMgmtLogicApp.bicep
parameters: ./.bicep/logicapps/parameters.json env=${{ github.event.inputs.selected_environment }} laManageIdentityName=${{ secrets.LOGIC_APP_MANAGE_IDENTITY }}
failOnStdErr: false
scope: resourcegroup
- name: Store deploy_main_bicep outputs to file
run: |
echo "accountName=${{steps.deploy_main_bicep.outputs.accountName}}" >> deploy_outputs.txt
echo "destination=${{steps.deploy_main_bicep.outputs.destination}}" >> deploy_outputs.txt
echo "logicAppName=${{steps.deploy_main_bicep.outputs.logicAppName}}" >> deploy_outputs.txt
echo "fileShare=${{steps.deploy_main_bicep.outputs.fileShare}}" >> deploy_outputs.txt
- name: Upload deploy outputs to artifacts
uses: actions/upload-artifact@v4
with:
name: deploy-outputs
path: deploy_outputs.txt
deploy-logic-app-workflows:
if: ${{ github.event.inputs.upload_logicapp_workflows == 'true' }}
runs-on: ubuntu-latest
environment: ${{ github.event.inputs.selected_environment }}
steps:
- uses: actions/checkout@v2
- name: Login Azure
uses: azure/login@v2
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
enable-AzPSSession: true
- name: Download deploy outputs artifact
uses: actions/download-artifact@v4
with:
name: deploy-outputs
path: .
- name: Set environment variables from deploy outputs
run: |
set -a
source deploy_outputs.txt
set +a
- name: Setup Workflow Parameters
uses: microsoft/variable-substitution@v1
with:
files: ./.bicep/logicapps/workflows/parameters.json
env:
GHMgmDomain.value: ${{ vars.HOME_URL }}
ManagedIdentityName.value: ${{ secrets.LOGIC_APP_MANAGE_IDENTITY }}
ApprovalSystemDomain.value: ${{ vars.APPROVAL_SYSTEM_APP_URL }}
- name: Upload Logic App Workflows
uses: azure/CLI@v1
with:
azcliversion: 2.44.1
inlineScript: |
chmod +x ./.bicep/logicapps/upload_workflows.sh
./.bicep/logicapps/upload_workflows.sh $accountName $destination ./.bicep/logicapps/workflows
- name: Deploy Connection Bicep File
uses: azure/arm-deploy@v1
id: deploy_connection_bicep
with:
subscriptionId: ${{ fromJSON(secrets.AZURE_CREDENTIALS)['subscriptionId'] }}
resourceGroupName: ${{ secrets.AZURE_RESOURCE_GROUP }}
template: ./.bicep/logicapps/connection.bicep
parameters: env=${{ github.event.inputs.selected_environment }} storageAccountName=$accountName logicAppName=$logicAppName laManageIdentityName=${{ secrets.LOGIC_APP_MANAGE_IDENTITY }}
failOnStdErr: false
scope: resourcegroup
- name: Deploy connection to storage file system
uses: azure/powershell@v1
with:
inlineScript: |
. ./.bicep/logicapps/deploy_connection.ps1
New-WorkflowConnection `
-ResourceGroup ${{secrets.AZURE_RESOURCE_GROUP}} `
-StorageAccount $accountName `
-Api ${{steps.deploy_connection_bicep.outputs.api}} `
-Id ${{steps.deploy_connection_bicep.outputs.id}} `
-RuntimeUrl ${{steps.deploy_connection_bicep.outputs.connectionRuntimeUrl}} `
-FileShareName $fileShare
azPSVersion: "latest"