diff --git a/.github/workflows/continuous-delivery.yaml b/.github/workflows/continuous-delivery.yaml index 12b643c..859635e 100644 --- a/.github/workflows/continuous-delivery.yaml +++ b/.github/workflows/continuous-delivery.yaml @@ -16,10 +16,8 @@ jobs: name: Apply infrastructure uses: ./.github/workflows/reusable-apply-infrastructure.yaml with: - suffix: production environment: production - cloudSubDomain: cloud - dotnetSubDomain: dotnet + deployDns: true secrets: inherit build-cloud-application: @@ -35,7 +33,6 @@ jobs: with: application: cloud storageAccount: ${{ needs.apply-infrastructure.outputs.cloudStorageAccount }} - resourceGroup: ${{ needs.apply-infrastructure.outputs.resourceGroup }} environment: production needs: [apply-infrastructure, build-cloud-application] secrets: inherit @@ -53,7 +50,6 @@ jobs: with: application: dotnet storageAccount: ${{ needs.apply-infrastructure.outputs.dotnetStorageAccount }} - resourceGroup: ${{ needs.apply-infrastructure.outputs.resourceGroup }} environment: production needs: [apply-infrastructure, build-dotnet-application] secrets: inherit diff --git a/.github/workflows/pull-request.yaml b/.github/workflows/pull-request.yaml index 1686bc5..42eeba1 100644 --- a/.github/workflows/pull-request.yaml +++ b/.github/workflows/pull-request.yaml @@ -13,25 +13,13 @@ permissions: pull-requests: write jobs: - create-subdomain-hash: - name: Create a deterministic subdomain hash based on the branch name - runs-on: ubuntu-latest - outputs: - subdomainHash: ${{ steps.generateHash.outputs.hash }} - steps: - - id: generateHash - run: | - branch_hash=($(sha1sum <<< ${{ github.head_ref }} | rev | cut -c 32- | rev)) - echo -n "hash=$branch_hash" >> "$GITHUB_OUTPUT" - apply-infrastructure: name: Apply infrastructure + if: github.event.action != 'closed' uses: ./.github/workflows/reusable-apply-infrastructure.yaml with: environment: preview - cloudSubDomain: ${{ needs.create-subdomain-hash.outputs.subdomainHash }}.cloud - dotnetSubDomain: ${{ needs.create-subdomain-hash.outputs.subdomainHash }}.dotnet - needs: [create-subdomain-hash] + deployDns: false secrets: inherit build-cloud-application: @@ -49,7 +37,6 @@ jobs: with: application: cloud storageAccount: ${{ needs.apply-infrastructure.outputs.cloudStorageAccount }} - resourceGroup: ${{ needs.apply-infrastructure.outputs.resourceGroup }} environment: preview needs: [apply-infrastructure, build-cloud-application] secrets: inherit @@ -69,7 +56,6 @@ jobs: with: application: dotnet storageAccount: ${{ needs.apply-infrastructure.outputs.dotnetStorageAccount }} - resourceGroup: ${{ needs.apply-infrastructure.outputs.resourceGroup }} environment: preview needs: [apply-infrastructure, build-dotnet-application] secrets: inherit @@ -80,6 +66,4 @@ jobs: uses: ./.github/workflows/reusable-destroy-infrastructure.yaml with: environment: preview - resourcegroup: ${{ needs.apply-infrastructure.outputs.resourceGroup }} - needs: [apply-infrastructure] secrets: inherit diff --git a/.github/workflows/reusable-apply-infrastructure.yaml b/.github/workflows/reusable-apply-infrastructure.yaml index 13c9a97..a99b9d0 100644 --- a/.github/workflows/reusable-apply-infrastructure.yaml +++ b/.github/workflows/reusable-apply-infrastructure.yaml @@ -7,12 +7,9 @@ on: environment: required: true type: string - cloudSubDomain: + deployDns: required: true - type: string - dotnetSubDomain: - required: true - type: string + type: boolean outputs: cloudStorageAccount: value: ${{ jobs.apply-infrastructure.outputs.cloudStorageAccount }} @@ -52,7 +49,7 @@ jobs: scope: subscription subscriptionId: ${{ secrets.AZURE_SUBSCRIPTION_ID }} template: ./infrastructure/websiteDeploy.bicep - parameters: "resourceGroupSuffix=${{ env.GITHUB_REF_NAME_SLUG }} cloudSubDomain=${{ inputs.cloudSubDomain }} dotnetSubDomain=${{ inputs.dotnetSubDomain }}" + parameters: "resourceGroupSuffix=${{ env.GITHUB_REF_NAME_SLUG }} deployDns=${{ inputs.deployDns }}" region: westeurope - name: Comment Website FQDNs on Pull Requests diff --git a/.github/workflows/reusable-deploy-application.yaml b/.github/workflows/reusable-deploy-application.yaml index 159b3a7..08df6da 100644 --- a/.github/workflows/reusable-deploy-application.yaml +++ b/.github/workflows/reusable-deploy-application.yaml @@ -14,9 +14,6 @@ on: storageAccount: required: true type: string - resourceGroup: - required: true - type: string jobs: deploy-application: diff --git a/.github/workflows/reusable-destroy-infrastructure.yaml b/.github/workflows/reusable-destroy-infrastructure.yaml index 77902f2..75917a5 100644 --- a/.github/workflows/reusable-destroy-infrastructure.yaml +++ b/.github/workflows/reusable-destroy-infrastructure.yaml @@ -7,9 +7,6 @@ on: environment: required: true type: string - resourcegroup: - required: true - type: string jobs: destroy-infrastructure: @@ -26,8 +23,13 @@ jobs: tenant-id: ${{ secrets.AZURE_TENANT_ID }} subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + - name: Slugify Github variables + uses: rlespinasse/github-slug-action@v4 + with: + slug-maxlength: 50 + - name: Remove resource group uses: azure/cli@v2 with: azcliversion: latest - inlineScript: az group delete --name ${{ inputs.resourcegroup }} --yes + inlineScript: az group delete --name rg-xprtzbv-website-${{ env.GITHUB_REF_NAME_SLUG }} --yes diff --git a/infrastructure/modules/storageAccount.bicep b/infrastructure/modules/storageAccount.bicep index 67e9a63..ae9d22f 100644 --- a/infrastructure/modules/storageAccount.bicep +++ b/infrastructure/modules/storageAccount.bicep @@ -26,6 +26,7 @@ resource websiteStorageAccount 'Microsoft.Storage/storageAccounts@2023-04-01' = } } output storageAccountName string = websiteStorageAccount.name +output storageAccountFqdn string = websiteStorageAccount.properties.primaryEndpoints.web output storageAccountHost string = split(websiteStorageAccount.properties.primaryEndpoints.web, '/')[2] resource websiteStorageBlobServices 'Microsoft.Storage/storageAccounts/blobServices@2023-04-01' existing = { diff --git a/infrastructure/websiteDeploy.bicep b/infrastructure/websiteDeploy.bicep index 46183c2..d1e1aff 100644 --- a/infrastructure/websiteDeploy.bicep +++ b/infrastructure/websiteDeploy.bicep @@ -1,10 +1,9 @@ targetScope = 'subscription' param resourceGroupSuffix string +param deployDns bool param frontDoorProfileName string = 'afd-xprtzbv-websites' param rootDomain string = 'xprtz.dev' -param dotnetSubDomain string -param cloudSubDomain string var resourceGroupPrefix = 'rg-xprtzbv-website' var resourceGroupName = endsWith(resourceGroupSuffix, 'main') @@ -29,11 +28,11 @@ module cloudStorageAccountModule 'modules/storageAccount.bicep' = { scope: websiteResourceGroup name: 'cloudStorageAccountDeploy' params: { - app: 'cloud' + app: cloudApplicationName } } -module cloudFrontDoorSettings 'modules/frontdoor.bicep' = { +module cloudFrontDoorSettings 'modules/frontdoor.bicep' = if (deployDns) { scope: infrastructureResourceGroup name: 'cloudFrontDoorSettingsDeploy' params: { @@ -41,17 +40,17 @@ module cloudFrontDoorSettings 'modules/frontdoor.bicep' = { frontDoorProfileName: frontDoorProfileName application: cloudApplicationName rootDomain: rootDomain - subDomain: cloudSubDomain + subDomain: cloudApplicationName } } -module cloudDnsSettings 'modules/dns.bicep' = { +module cloudDnsSettings 'modules/dns.bicep' = if (deployDns) { scope: managementResourceGroup name: 'cloudDnsSettingsDeploy' params: { origin: cloudFrontDoorSettings.outputs.frontDoorCustomDomainHost rootDomain: rootDomain - subDomain: cloudSubDomain + subDomain: cloudApplicationName validationToken: cloudFrontDoorSettings.outputs.frontDoorCustomDomainValidationToken } } @@ -60,11 +59,11 @@ module dotnetStorageAccountModule 'modules/storageAccount.bicep' = { scope: websiteResourceGroup name: 'dotnetStorageAccountDeploy' params: { - app: 'dotnet' + app: dotnetApplicationName } } -module dotnetFrontDoorSettings 'modules/frontdoor.bicep' = { +module dotnetFrontDoorSettings 'modules/frontdoor.bicep' = if (deployDns) { scope: infrastructureResourceGroup name: 'dotnetFrontDoorSettingsDeploy' params: { @@ -72,17 +71,17 @@ module dotnetFrontDoorSettings 'modules/frontdoor.bicep' = { frontDoorProfileName: frontDoorProfileName application: dotnetApplicationName rootDomain: rootDomain - subDomain: dotnetSubDomain + subDomain: dotnetApplicationName } } -module dotnetDnsSettings 'modules/dns.bicep' = { +module dotnetDnsSettings 'modules/dns.bicep' = if (deployDns) { scope: managementResourceGroup name: 'dotnetDnsSettingsDeploy' params: { origin: dotnetFrontDoorSettings.outputs.frontDoorCustomDomainHost rootDomain: rootDomain - subDomain: dotnetSubDomain + subDomain: dotnetApplicationName validationToken: dotnetFrontDoorSettings.outputs.frontDoorCustomDomainValidationToken } } @@ -90,5 +89,9 @@ module dotnetDnsSettings 'modules/dns.bicep' = { output cloudStorageAccountName string = cloudStorageAccountModule.outputs.storageAccountName output dotnetStorageAccountName string = dotnetStorageAccountModule.outputs.storageAccountName output resourceGroupName string = websiteResourceGroup.name -output cloudFqdn string = 'https://${cloudSubDomain}.${rootDomain}/' -output dotnetFqdn string = 'https://${dotnetSubDomain}.${rootDomain}/' +output cloudFqdn string = deployDns + ? 'https://${cloudApplicationName}.${rootDomain}/' + : cloudStorageAccountModule.outputs.storageAccountFqdn +output dotnetFqdn string = deployDns + ? 'https://${dotnetApplicationName}.${rootDomain}/' + : dotnetStorageAccountModule.outputs.storageAccountFqdn