test workflow

.github/workflows/deploy.yml

@@ -1,19 +1,23 @@
 name: 'Deploy'
 
 on:
-  pull_request:
+  push:
     branches: ['workshop/*']
 
 jobs:
-  set_name:
-    name: 'Get name from branch name and set env'
+  set-name:
+    name: 'Get name from branch name and set output'
+    outputs:
+      my_name: ${{ steps.set-name.outputs.my_name }}
     runs-on: ubuntu-latest
     steps:
-      - run: echo "MY_NAME=${BRANCH##*/}" >> "$GITHUB_ENV"
+      - name: 'Set name'
+        id: set-name
+        run: echo "my_name=${BRANCH##*/}" >> "$GITHUB_OUTPUT"
         env:
           BRANCH: ${{ github.ref_name }}
 
-  run_tests:
+  run-tests:
     name: 'Run frontend tests'
     runs-on: ubuntu-latest
     defaults:
@@ -44,36 +48,45 @@ jobs:
   build:
     name: 'Build Docker image and push to registry'
     # Task A.2:
-    # needs: [set_name]
+    # needs: [set-name]
     # Answer A.2:
-    needs: [set_name, run_tests]
+    needs: [set-name, run-tests]
     #
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
     steps:
       - name: Checkout repository
         uses: actions/checkout@v4
 
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: 'ghcr.io'
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
 
       - name: Build and push image to registry
         uses: docker/build-push-action@v5
         with:
           push: 'true'
-          tags: 'ghcr.io/${{ github.repository }}/${{ env.MY_NAME }}:latest'
-          file: 'frontend/Dockerfile'
+          tags: 'ghcr.io/${{ github.repository }}/${{ needs.set-name.outputs.my_name }}:latest'
+          context: 'frontend'
 
   deploy:
     name: 'Deploy using Terraform'
     runs-on: ubuntu-latest
     needs: [build]
     env:
       TF_VAR_revision_suffix: ${{ github.sha }}
-      TF_VAR_my_name: ${{ env.MY_NAME }}
-      ARM_CLIENT_ID: ${{ vars.ARM_CLIENT_ID }}
-      ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
-      ARM_SUBSCRIPTION_ID: ${{ vars.ARM_SUBSCRIPTION_ID }}
-      ARM_TENANT_ID: ${{ vars.ARM_TENANT_ID }}
+      TF_VAR_my_name: ${{ needs.set-name.outputs.my_name }}
+    permissions:
+      contents: read
+      id-token: write
     defaults:
       run:
         working-directory: 'terraform'
@@ -84,6 +97,13 @@ jobs:
       - name: Setup Terraform
         uses: hashicorp/setup-terraform@v3
 
+      - name: Authenticate with Azure
+        uses: azure/login@v2
+        with:
+          client-id: ${{ vars.ARM_CLIENT_ID }}
+          tenant-id: ${{ vars.ARM_TENANT_ID }}
+          subscription-id: ${{ vars.ARM_SUBSCRIPTION_ID }}
+
       - name: Init Terraform
         run: terraform init
 

README.md

@@ -229,3 +229,5 @@ resource "azurerm_container_app" "devops" {
 ```
 
 </details>
+
+# Setup (ikke en del av workshop'en)

bootstrap.sh

@@ -9,12 +9,6 @@ create() {
     local location="$4"
     local subscription_id="$5"
 
-    # Create service principal
-    az ad sp create-for-rbac \
-        --name "terraform" \
-        --role "Contributor" \
-        --scopes "/subscriptions/$subscription_id"
-
     # Create resource group
     az group create \
         --name "$resource_group_name" \
@@ -78,11 +72,6 @@ delete() {
     az group delete \
         --name "$resource_group_name" \
         --yes
-
-    # Delete service principal
-    local sp_name
-    sp_name=$(az ad sp list --display-name terraform --query '[0].appId' -o tsv)
-    az ad sp delete --id "$sp_name"
 }
 
 main() {

terraform/providers.tf

@@ -7,10 +7,10 @@ terraform {
   }
 
   backend "azurerm" {
-    resource_group_name  = "tfstate"
-    storage_account_name = "tfstate24321"
-    container_name       = "tfstate"
-    key                  = "terraform.tfstate"
+    resource_group_name   = "tfstate"
+    storage_account_name  = "tfstate27968"
+    container_name        = "tfstate"
+    key                   = "terraform.tfstate"
   }
 }