-
-
Notifications
You must be signed in to change notification settings - Fork 1
79 lines (74 loc) · 2.08 KB
/
sandbox-deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
name: Sandbox Deploy
on:
workflow_dispatch:
inputs:
tag:
description: 'docker image tag'
required: true
default: 'main'
type: choice
options:
- main
- latest
- nightly
release:
types: [released]
jobs:
resolve-tag:
runs-on: ubuntu-latest
outputs:
tag: ${{ steps.resolve-tag.outputs.tag }}
steps:
- id: resolve-tag
run: |
if [ ${{ github.event_name }} == "release" ]; then
echo "tag=latest" >> $GITHUB_OUTPUT
else
echo "tag=${{ github.event.inputs.tag }}" >> $GITHUB_OUTPUT
fi
deploy:
name: Deploy
needs: resolve-tag
concurrency:
group: sandbox
cancel-in-progress: true
uses: ./.github/workflows/deploy-azure-container-app.yml
secrets: inherit
permissions:
id-token: write
packages: read
actions: write
with:
environment: sandbox
tag: ${{ needs.resolve-tag.outputs.tag }}
test:
needs:
- deploy
permissions:
id-token: write
runs-on: ubuntu-latest
environment: sandbox
steps:
- name: GetToken
id: getToken
uses: helaili/github-oidc-auth@main
with:
login: ${{ vars.LOGIN }}
endpoint: ${{ vars.ENDPOINT }}
- name: Use the token from the output
uses: actions/github-script@v6
with:
github-token: ${{ steps.getToken.outputs.scopedToken }}
script: |
github.rest.repos.get({
owner: '${{ vars.TEST_ORG }}',
repo: '${{ vars.TEST_REPO }}'
}).then((response) => {
if(!response.data.full_name) {
core.setFailed(`Failed to access repo ${{ vars.TEST_ORG }}/${{ vars.TEST_REPO }}. Response was ${response}`);
} else {
console.log('Successfully accessed repo ${{ vars.TEST_ORG }}/${{ vars.TEST_REPO }}');
}
}).catch((error) => {
core.setFailed(`Failed to access repo. Error was ${error}`);
})