-
Notifications
You must be signed in to change notification settings - Fork 0
48 lines (41 loc) · 2 KB
/
deploy.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
name: Deploy Kubernetes Cluster
on: workflow_dispatch
permissions:
id-token: write
contents: read
# https://docs.github.com/en/actions/deployment/deploying-to-your-cloud-provider/deploying-to-azure/deploying-to-azure-kubernetes-service
# https://docs.github.com/en/actions/publishing-packages/about-packaging-with-github-actions
jobs:
deploy-bicep:
name: Deploy Bicep
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Login to Azure
uses: azure/login@v1
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
enable-AzPSSession: true
- name: Azure Resource Group Deployment
uses: azure/powershell@v1
env:
SUBSCRIPTION: ${{ secrets.AZURE_SUBSCRIPTION }}
RESOURCEGROUP: ${{ secrets.AZURE_RG }}
ADMINS: ${{ secrets.ADMIN_GROUP_ID }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
azPSVersion: "latest"
inlineScript: |
$Results = New-AzResourceGroupDeployment -Name "aks-$(Get-Date -f yyyyMMddThhmmss)" -ResourceGroupName $Env:RESOURCEGROUP -TemplateFile ./infrastructure/Cluster.bicep -TemplateParameterObject @{ adminId = $Env:ADMINS }
$Results | Out-Host
#! Get the cluster credentials
Get-AzAksCluster -ResourceGroupName $Env:RESOURCEGROUP | Import-AzAksCredential -Force
#! Update the client ID from the deployment output
$kustomize = Get-Content "./clusters/poshcode/flux-system/kustomization.yaml"
$kustomize = $kustomize -replace "azure.workload.identity/client-id: .*$", "azure.workload.identity/client-id: $($Results.Outputs.fluxIdClientId)"
# TODO: commit this file to the repo _before_ running flux
$kustomize | Set-Content "./clusters/poshcode/flux-system/kustomization.yaml"
#! Bootstrap Flux
./Install-Flux.ps1