ARM Credentials #8
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| on: | |
| push: | |
| branches: [ "feat/terraform" ] | |
| jobs: | |
| deploy_infrastructure: | |
| name: 'Provision Infrastructure' | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| id-token: write | |
| environment: | |
| name: 'Test' | |
| env: | |
| ARM_CLIENT_ID: "${{ secrets.AZURE_CLIENT_ID }}" | |
| ARM_SUBSCRIPTION_ID: "${{ secrets.AZURE_SUBSCRIPTION_ID }}" | |
| ARM_TENANT_ID: "${{ secrets.AZURE_TENANT_ID }}" | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: hashicorp/setup-terraform@v3 | |
| with: | |
| terraform_wrapper: false | |
| terraform_version: 1.10.4 | |
| - name: 'Az CLI login' | |
| uses: azure/login@v2 | |
| with: | |
| creds: | | |
| { | |
| "clientId": ${{ secrets.AZURE_CLIENT_ID }}, | |
| "clientSecret": ${{ secrets.AZURE_CLIENT_SECRET }}, | |
| "tenantId": ${{ secrets.AZURE_TENANT_ID }} | |
| "subscriptionId": ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
| } | |
| enable-AzPSSession: true | |
| - name: Create TF State dependencies | |
| uses: azure/cli@v2 | |
| with: | |
| azcliversion: latest | |
| inlineScript: | | |
| az group create --name s186${{ vars.ENVIRONMENT_PREFIX }}-cl-tfstate --location westeurope --output none --tags "Environment=${{ vars.CIP_ENVIRONMENT }}" "Product=Design Operations" "Service=Newly onboarded" "Service offering=Design operations" | |
| az storage account create --name s186${{ vars.ENVIRONMENT_PREFIX }}cltfstate --resource-group s186${{ vars.ENVIRONMENT_PREFIX }}-cl-tfstate --location westeurope --sku Standard_LRS | |
| az storage container create --name tfstate --account-name s186${{ vars.ENVIRONMENT_PREFIX }}cltfstate | |
| - name: 'Terraform Init' | |
| id: terraform_init | |
| working-directory: ./src/infrastructure/terraform | |
| run: terraform init -backend-config="resource_group_name=s186${{ vars.ENVIRONMENT_PREFIX }}cl-tfstate" -backend-config="storage_account_name=s186${{ vars.ENVIRONMENT_PREFIX }}cltfstate" -backend-config="container_name=tfstate" -backend-config="key=terraform.tfstate" | |
| - name: 'Terraform Plan' | |
| id: terraform_plan | |
| working-directory: ./src/infrastructure/terraform | |
| run: terraform plan -out plan.plan | |
| env: | |
| TF_VAR_environment_prefix: ${{ vars.ENVIRONMENT_PREFIX }} | |
| TF_VAR_cip_environment: ${{ vars.CIP_ENVIRONMENT }} | |
| - name: 'Terraform Apply' | |
| id: terraform_apply | |
| working-directory: ./src/infrastructure/terraform | |
| run: terraform apply plan.plan | |