-
Notifications
You must be signed in to change notification settings - Fork 83
81 lines (71 loc) · 2.45 KB
/
template-validation.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
name: Validate AZD template
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
schedule:
- cron: '0 0 * * *' # Run at midnight every day
jobs:
infra:
name: "Infra Biceps Validation"
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Build Bicep for linting
uses: azure/CLI@v1
with:
inlineScript: az config set bicep.use_binary_from_path=false && az bicep build -f infra/main.bicep --stdout
- name: Run Microsoft Security DevOps Analysis
uses: microsoft/security-devops-action@v1
id: msdo
continue-on-error: true
with:
tools: templateanalyzer
- name: Upload alerts to Security tab
uses: github/codeql-action/upload-sarif@v2
if: github.repository == 'Azure-Samples/azure-search-openai-demo'
with:
sarif_file: ${{ steps.msdo.outputs.sarifFile }}
frontend:
name: "Front-end validation"
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Build React Frontend
run: |
echo "Building front-end and merge into Spring Boot static folder. Environment [${{ steps.set-deploy-env.outputs.DEPLOY_ENVIRONMENT }}]"
cd ./app/frontend
npm install
npm run build
backend:
name: "Backend validation"
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up Java version
uses: actions/setup-java@v2
with:
distribution: 'microsoft'
java-version: '17'
cache: 'maven'
- name: Set environment for branch
id: set-deploy-env
run: |
if [[ $GITHUB_REF_NAME == 'refs/heads/main' ]]; then
echo "DEPLOY_ENVIRONMENT=Development" >> "$GITHUB_OUTPUT"
elif [[ $GITHUB_REF_NAME == 'refs/heads/develop' ]]; then
echo "DEPLOY_ENVIRONMENT=Development" >> "$GITHUB_OUTPUT"
elif [[ $GITHUB_REF_NAME == 'refs/heads/release' ]]; then
echo "DEPLOY_ENVIRONMENT=Development" >> "$GITHUB_OUTPUT"
else
echo "DEPLOY_ENVIRONMENT=Development" >> "$GITHUB_OUTPUT"
fi
- name: Build Spring Boot App
run: |
echo "Building Spring Boot app. Environment [${{ steps.set-deploy-env.outputs.DEPLOY_ENVIRONMENT }}]"
cd ./app/backend
./mvnw verify