Skip to content

Commit

Permalink
Update build pipeline to auth with OpenId and use actions with Node.j…
Browse files Browse the repository at this point in the history 
…s 20 (#198)

Updated build pipeline to auth with azure using OpenID.
Updated github actions in the build pipeline to use Node.js 20.
  • Loading branch information
@FranciscoJavierOrtegaPalacios
FranciscoJavierOrtegaPalacios authored Jun 11, 2024
1 parent 3a1f20d commit a9af7b4
Show file tree
Hide file tree
Showing 2 changed files with 36 additions and 26 deletions.
6 changes: 3 additions & 3 deletions .github/actions/actionAzVmRunCommand/action.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ description: "This action uses az vm run-command in order to execute a command i
# WARNING: This action ONLY checks the exit code of the last command. If your script input is made of multiple commands,
# make sure that a failure early results in the last command failing or not executing, otherwise it could mask errors.
# Some options to do this include using [set -euo pipeline] or equivalents, or using the && operator to connect console commands
# WARNING: This action hasn't been tested with script files.
# WARNING: This action hasn't been tested with script files.
inputs:
commandName:
description: "Name of the command to execute"
Expand All @@ -15,10 +15,10 @@ inputs:
required: true
runs:
using: "composite"
steps:
steps:
- name: Execute the command in Linux
if: ${{ env.os == 'linux' }}
uses: azure/CLI@v1
uses: azure/CLI@v2
with:
inlineScript: |
az vm run-command create \
Expand Down
56 changes: 33 additions & 23 deletions .github/workflows/buildPipeline.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,9 @@ on:
pull_request:
branches: [ "master" ]

permissions:
id-token: write
contents: read

# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
Expand Down Expand Up @@ -41,16 +44,17 @@ jobs:
rgName: dcap-github-actions-agents-rg
location: ${{ matrix.location }}
branchName: ${{ github.head_ref }}


# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v3
- uses: actions/checkout@v4

- uses: azure/login@v1
- uses: azure/login@v2
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}

- name: Create VM
uses: azure/CLI@v1
Expand Down Expand Up @@ -215,7 +219,7 @@ jobs:

- name: Cleanup
if: always()
uses: azure/CLI@v1
uses: azure/CLI@v2
with:
inlineScript: |
az vm delete \
Expand Down Expand Up @@ -258,14 +262,16 @@ jobs:
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v3
- uses: actions/checkout@v4

- uses: azure/login@v1
- uses: azure/login@v2
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}

- name: Start VM
uses: azure/CLI@v1
uses: azure/CLI@v2
with:
inlineScript: |
az vm start \
Expand All @@ -276,7 +282,7 @@ jobs:
run: sleep 60

- name: Clone the DCAP repo after cleaning up the previous execution
uses: azure/CLI@v1
uses: azure/CLI@v2
with:
inlineScript: |
az vm run-command create \
Expand All @@ -294,7 +300,7 @@ jobs:
if [[ "$result" == *"DCAP_Build_Step_Successfully_Completed"* ]]; then echo "Step successfully executed"; else exit 1; fi
- name: Build Azure DCAP
uses: azure/CLI@v1
uses: azure/CLI@v2
with:
inlineScript: |
az vm run-command create \
Expand All @@ -312,7 +318,7 @@ jobs:
if [[ "$result" == *"DCAP_Build_Step_Successfully_Completed"* ]]; then echo "Step successfully executed"; else exit 1; fi
- name: Run Azure DCAP unit tests
uses: azure/CLI@v1
uses: azure/CLI@v2
with:
inlineScript: |
az vm run-command create \
Expand All @@ -331,7 +337,7 @@ jobs:
- name: Stop VM
if: always()
uses: azure/CLI@v1
uses: azure/CLI@v2
with:
inlineScript: |
az vm deallocate \
Expand Down Expand Up @@ -368,14 +374,16 @@ jobs:
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v3
- uses: actions/checkout@v4

- uses: azure/login@v1
- uses: azure/login@v2
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}

- name: Create VM
uses: azure/CLI@v1
uses: azure/CLI@v2
with:
inlineScript: |
az vm create \
Expand Down Expand Up @@ -513,7 +521,7 @@ jobs:

- name: Cleanup
if: always()
uses: azure/CLI@v1
uses: azure/CLI@v2
with:
inlineScript: |
az vm delete \
Expand Down Expand Up @@ -561,14 +569,16 @@ jobs:
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v3
- uses: actions/checkout@v4

- uses: azure/login@v1
- uses: azure/login@v2
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}

- name: Create VM
uses: azure/CLI@v1
uses: azure/CLI@v2
with:
inlineScript: |
az vm create \
Expand Down Expand Up @@ -731,7 +741,7 @@ jobs:

- name: Cleanup
if: always()
uses: azure/CLI@v1
uses: azure/CLI@v2
with:
inlineScript: |
az vm delete \
Expand Down

0 comments on commit a9af7b4

Please sign in to comment.