Refactor approval gate workflow #5
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Python adder app w/ approval gate for Production | |
| on: | |
| push: | |
| branches: [ main ] # Trigger the build job on pushes to main | |
| workflow_dispatch: # Allow manual triggering for the deployment job | |
| jobs: | |
| build: | |
| if: github.event_name == 'push' # Only run build on push, not on workflow_dispatch | |
| runs-on: ubuntu-latest ] | |
| environment: dev # Specify the development environment | |
| steps: | |
| - uses: actions/checkout@v2 # Checks out your repository | |
| - name: Set up Python 3.8 | |
| uses: actions/setup-python@v2 | |
| with: | |
| python-version: 3.8 # Sets up Python version 3.8 | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip # Upgrades pip | |
| pip install -r requirements.txt # Installs dependencies | |
| # Optional: Uncomment to run tests | |
| # - name: Test with pytest | |
| # run: pytest | |
| deploy: | |
| if: github.event_name == 'workflow_dispatch' # Only run deploy on manual trigger | |
| needs: build # This job runs after the build job completes | |
| runs-on: ubuntu-latest | |
| environment: prod # Specify the production environment | |
| steps: | |
| - uses: actions/checkout@v2 # Checks out the repo code | |
| - name: Azure Login | |
| uses: Azure/[email protected] | |
| with: | |
| creds: ${{ secrets.AZURE_CREDENTIALS }} | |
| enable-AzPSSession: true | |
| environment: azurecloud | |
| allow-no-subscriptions: false | |
| audience: api://AzureADTokenExchange | |
| auth-type: SERVICE_PRINCIPAL | |
| - name: 'Deploy to Azure WebApp' | |
| uses: azure/webapps-deploy@v2 | |
| with: | |
| app-name: 'twactionsapp1' # Your Azure WebApp name | |
| slot-name: 'production' | |
| publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }} | |
| package: '.' | |
| notify-teams: | |
| runs-on: ubuntu-latest | |
| needs: [build, deploy] # This job runs after both build and deploy jobs complete | |
| if: always() # This job always runs regardless of previous job success/failure | |
| steps: | |
| - name: Notify Teams | |
| uses: FreEZer00/[email protected] | |
| with: | |
| webhook_url: ${{ secrets.TEAMS_WEBHOOK_URL }} # Your Microsoft Teams webhook URL | |
| title: 'Workflow Completion' | |
| job: ${{ toJson(needs) }} # Converts the needs context to JSON | |
| # Add additional fields as needed | |
| # hide_facts: false # optional, default is false | |
| # dry_run: false # optional, default is false |