diff --git a/.azure/modules/redis/main.bicep b/.azure/modules/redis/main.bicep index d6e873b18..80aa92885 100644 --- a/.azure/modules/redis/main.bicep +++ b/.azure/modules/redis/main.bicep @@ -97,9 +97,6 @@ module privateDnsZone '../privateDnsZone/main.bicep' = { module privateDnsZoneGroup '../privateDnsZoneGroup/main.bicep' = { name: '${namePrefix}-redis-privateDnsZoneGroup' - dependsOn: [ - privateDnsZone - ] params: { name: 'default' dnsZoneGroupName: 'privatelink-redis-cache-windows-net' diff --git a/.azure/modules/serviceBus/main.bicep b/.azure/modules/serviceBus/main.bicep index 4c34d3a56..50ad8883b 100644 --- a/.azure/modules/serviceBus/main.bicep +++ b/.azure/modules/serviceBus/main.bicep @@ -83,9 +83,6 @@ module privateDnsZone '../privateDnsZone/main.bicep' = { module privateDnsZoneGroup '../privateDnsZoneGroup/main.bicep' = { name: '${namePrefix}-service-bus-privateDnsZoneGroup' - dependsOn: [ - privateDnsZone - ] params: { name: 'default' dnsZoneGroupName: 'privatelink-servicebus-windows-net' diff --git a/.github/actions/azure-login/action.yml b/.github/actions/azure-login/action.yml new file mode 100644 index 000000000..5b8772979 --- /dev/null +++ b/.github/actions/azure-login/action.yml @@ -0,0 +1,28 @@ +name: 'Azure Login with Bicep Upgrade' +description: 'Login to Azure and upgrade Bicep CLI' + +inputs: + client-id: + description: 'Azure Client ID' + required: true + tenant-id: + description: 'Azure Tenant ID' + required: true + subscription-id: + description: 'Azure Subscription ID' + required: true +env: + AZ_CLI_VERSION: 2.67.0 +runs: + using: "composite" + steps: + - name: OIDC Login to Azure Public Cloud + uses: azure/login@v2 + with: + client-id: ${{ inputs.client-id }} + tenant-id: ${{ inputs.tenant-id }} + subscription-id: ${{ inputs.subscription-id }} + + - name: Upgrade Azure Bicep + shell: bash + run: az bicep upgrade \ No newline at end of file diff --git a/.github/workflows/workflow-deploy-apps.yml b/.github/workflows/workflow-deploy-apps.yml index a45653ef2..26d66c2e8 100644 --- a/.github/workflows/workflow-deploy-apps.yml +++ b/.github/workflows/workflow-deploy-apps.yml @@ -1,6 +1,4 @@ name: Deploy apps -env: - AZ_CLI_VERSION: 2.67.0 on: workflow_call: outputs: @@ -67,8 +65,8 @@ jobs: - name: "Checkout GitHub Action" uses: actions/checkout@v4 - - name: OIDC Login to Azure Public Cloud - uses: azure/login@v2 + - name: Azure Login + uses: ./.github/actions/azure-login with: client-id: ${{ secrets.AZURE_CLIENT_ID }} tenant-id: ${{ secrets.AZURE_TENANT_ID }} @@ -119,7 +117,6 @@ jobs: uses: azure/CLI@v2 if: ${{!inputs.dryRun}} with: - azcliversion: ${{ env.AZ_CLI_VERSION }} inlineScript: | az containerapp job start -n ${{ steps.deploy.outputs.name }} -g ${{ secrets.AZURE_RESOURCE_GROUP_NAME }} @@ -129,7 +126,6 @@ jobs: id: verify-migration timeout-minutes: 3 with: - azcliversion: ${{ env.AZ_CLI_VERSION }} inlineScript: | ./.github/tools/containerAppJobVerifier.sh ${{ steps.deploy.outputs.name }} ${{ secrets.AZURE_RESOURCE_GROUP_NAME }} ${{ inputs.version }} @@ -162,12 +158,13 @@ jobs: - name: "Checkout GitHub Action" uses: actions/checkout@v4 - - name: OIDC Login to Azure Public Cloud - uses: azure/login@v2 + - name: Azure Login + uses: ./.github/actions/azure-login with: client-id: ${{ secrets.AZURE_CLIENT_ID }} tenant-id: ${{ secrets.AZURE_TENANT_ID }} subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + - name: Dryrun Deploy app ${{ matrix.name }}(${{ inputs.environment }}) uses: azure/arm-deploy@v2 if: ${{ inputs.dryRun }} @@ -223,7 +220,6 @@ jobs: id: verify-deployment timeout-minutes: 3 with: - azcliversion: ${{ env.AZ_CLI_VERSION }} inlineScript: | ./.github/tools/revisionVerifier.sh ${{ steps.deploy.outputs.revisionName }} ${{ secrets.AZURE_RESOURCE_GROUP_NAME }} @@ -252,8 +248,8 @@ jobs: - name: "Checkout GitHub Action" uses: actions/checkout@v4 - - name: OIDC Login to Azure Public Cloud - uses: azure/login@v2 + - name: Azure Login + uses: ./.github/actions/azure-login with: client-id: ${{ secrets.AZURE_CLIENT_ID }} tenant-id: ${{ secrets.AZURE_TENANT_ID }} diff --git a/.github/workflows/workflow-deploy-infra.yml b/.github/workflows/workflow-deploy-infra.yml index cbc7ebca3..014a0db79 100644 --- a/.github/workflows/workflow-deploy-infra.yml +++ b/.github/workflows/workflow-deploy-infra.yml @@ -1,8 +1,4 @@ name: Deploy infrastructure - -env: - AZ_CLI_VERSION: 2.67.0 - on: workflow_call: secrets: @@ -63,8 +59,8 @@ jobs: with: ref: ${{ inputs.ref }} - - name: OIDC Login to Azure Public Cloud - uses: azure/login@v2 + - name: Azure Login + uses: ./.github/actions/azure-login with: client-id: ${{ secrets.AZURE_CLIENT_ID }} tenant-id: ${{ secrets.AZURE_TENANT_ID }} @@ -74,7 +70,6 @@ jobs: uses: azure/CLI@v2 id: keyvault-keys with: - azcliversion: ${{ env.AZ_CLI_VERSION }} inlineScript: | KEY_VAULT_KEYS=$(az keyvault secret list --vault-name ${{ secrets.AZURE_SOURCE_KEY_VAULT_NAME }} --subscription ${{ secrets.AZURE_SOURCE_KEY_VAULT_SUBSCRIPTION_ID }} --query "[].name" -o json | tr -d '\n') echo "::set-output name=key-vault-keys::$KEY_VAULT_KEYS"