docs: improve sample galleries layout and strengthen gallery validator #68
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy Management Portal to Container Apps | |
| on: | |
| push: | |
| branches: [ main, master ] | |
| paths: | |
| - 'management-portal/**' | |
| pull_request: | |
| branches: [ main, master ] | |
| paths: | |
| - 'management-portal/**' | |
| workflow_dispatch: | |
| inputs: | |
| environment: | |
| description: 'Environment to deploy to' | |
| required: true | |
| default: 'production' | |
| type: choice | |
| options: | |
| - development | |
| - staging | |
| - production | |
| permissions: | |
| id-token: write | |
| contents: read | |
| env: | |
| AZURE_SUBSCRIPTION_ID: 480cb033-9a92-4912-9d30-c6b7bf795a87 | |
| RESOURCE_GROUP_NAME: ${{ vars.RESOURCE_GROUP_NAME || 'rg-stamps-mgmt-prod' }} | |
| LOCATION: ${{ vars.LOCATION || 'westus2' }} | |
| ENVIRONMENT_NAME: ${{ vars.ENVIRONMENT_NAME || 'stamps-mgmt' }} | |
| jobs: | |
| build-and-test: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup .NET | |
| uses: actions/setup-dotnet@v4 | |
| with: | |
| dotnet-version: '9.0.x' | |
| - name: Restore dependencies | |
| run: dotnet restore management-portal/src/Portal/Portal.csproj | |
| - name: Build application | |
| run: dotnet build management-portal/src/Portal/Portal.csproj --configuration Release --no-restore | |
| # - name: Run tests | |
| # run: dotnet test management-portal/Tests/ --configuration Release --no-build --verbosity normal | |
| # Note: Tests directory does not exist yet, skipping tests for now | |
| deploy-infrastructure: | |
| if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/master' || github.event_name == 'workflow_dispatch' | |
| needs: build-and-test | |
| runs-on: ubuntu-latest | |
| environment: ${{ github.event.inputs.environment || 'production' }} | |
| outputs: | |
| containerRegistryName: ${{ steps.deploy.outputs.containerRegistryName }} | |
| containerRegistryLoginServer: ${{ steps.deploy.outputs.containerRegistryLoginServer }} | |
| portalUrl: ${{ steps.deploy.outputs.portalUrl }} | |
| dabUrl: ${{ steps.deploy.outputs.dabUrl }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Azure Login (OIDC) | |
| uses: azure/login@v2 | |
| with: | |
| client-id: ${{ secrets.AZURE_CLIENT_ID }} | |
| tenant-id: ${{ secrets.AZURE_TENANT_ID }} | |
| subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
| - name: Set up dynamic variables | |
| id: vars | |
| run: | | |
| SUFFIX=$(date +%Y%m%d%H%M | cut -c7-12) | |
| echo "CONTAINER_REGISTRY_NAME=cr${{ env.ENVIRONMENT_NAME }}${SUFFIX}" | sed 's/-//g' >> $GITHUB_OUTPUT | |
| echo "COSMOS_ACCOUNT_NAME=cosmos-${{ env.ENVIRONMENT_NAME }}-${SUFFIX}" >> $GITHUB_OUTPUT | |
| echo "CONTAINER_APPS_ENV_NAME=cae-${{ env.ENVIRONMENT_NAME }}" >> $GITHUB_OUTPUT | |
| echo "LOG_ANALYTICS_NAME=law-${{ env.ENVIRONMENT_NAME }}" >> $GITHUB_OUTPUT | |
| echo "APP_INSIGHTS_NAME=ai-${{ env.ENVIRONMENT_NAME }}" >> $GITHUB_OUTPUT | |
| - name: Deploy Azure Infrastructure | |
| id: deploy | |
| uses: azure/arm-deploy@v2 | |
| with: | |
| subscriptionId: ${{ env.AZURE_SUBSCRIPTION_ID }} | |
| resourceGroupName: ${{ env.RESOURCE_GROUP_NAME }} | |
| template: management-portal/infra/management-portal.bicep | |
| parameters: > | |
| location=${{ env.LOCATION }} | |
| cosmosAccountName=${{ steps.vars.outputs.COSMOS_ACCOUNT_NAME }} | |
| containerAppsEnvironmentName=${{ steps.vars.outputs.CONTAINER_APPS_ENV_NAME }} | |
| containerRegistryName=${{ steps.vars.outputs.CONTAINER_REGISTRY_NAME }} | |
| logAnalyticsWorkspaceName=${{ steps.vars.outputs.LOG_ANALYTICS_NAME }} | |
| appInsightsName=${{ steps.vars.outputs.APP_INSIGHTS_NAME }} | |
| portalImage=temp-image:latest | |
| dabImage=temp-image:latest | |
| - name: Create resource group if needed | |
| run: | | |
| az group create \ | |
| --name ${{ env.RESOURCE_GROUP_NAME }} \ | |
| --location ${{ env.LOCATION }} \ | |
| --output none | |
| build-and-push-images: | |
| needs: deploy-infrastructure | |
| runs-on: ubuntu-latest | |
| environment: ${{ github.event.inputs.environment || 'production' }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Azure Login (OIDC) | |
| uses: azure/login@v2 | |
| with: | |
| client-id: ${{ secrets.AZURE_CLIENT_ID }} | |
| tenant-id: ${{ secrets.AZURE_TENANT_ID }} | |
| subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
| - name: Login to Container Registry | |
| run: az acr login --name ${{ needs.deploy-infrastructure.outputs.containerRegistryName }} | |
| - name: Build and push Portal image | |
| run: | | |
| cd management-portal/src/Portal | |
| docker build -t ${{ needs.deploy-infrastructure.outputs.containerRegistryLoginServer }}/stamps-portal:${{ github.sha }} . | |
| docker build -t ${{ needs.deploy-infrastructure.outputs.containerRegistryLoginServer }}/stamps-portal:latest . | |
| docker push ${{ needs.deploy-infrastructure.outputs.containerRegistryLoginServer }}/stamps-portal:${{ github.sha }} | |
| docker push ${{ needs.deploy-infrastructure.outputs.containerRegistryLoginServer }}/stamps-portal:latest | |
| - name: Build and push DAB image | |
| run: | | |
| cd management-portal/dab | |
| docker build -t ${{ needs.deploy-infrastructure.outputs.containerRegistryLoginServer }}/stamps-dab:${{ github.sha }} . | |
| docker build -t ${{ needs.deploy-infrastructure.outputs.containerRegistryLoginServer }}/stamps-dab:latest . | |
| docker push ${{ needs.deploy-infrastructure.outputs.containerRegistryLoginServer }}/stamps-dab:${{ github.sha }} | |
| docker push ${{ needs.deploy-infrastructure.outputs.containerRegistryLoginServer }}/stamps-dab:latest | |
| update-container-apps: | |
| needs: [deploy-infrastructure, build-and-push-images] | |
| runs-on: ubuntu-latest | |
| environment: ${{ github.event.inputs.environment || 'production' }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Azure Login (OIDC) | |
| uses: azure/login@v2 | |
| with: | |
| client-id: ${{ secrets.AZURE_CLIENT_ID }} | |
| tenant-id: ${{ secrets.AZURE_TENANT_ID }} | |
| subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
| - name: Set up dynamic variables | |
| id: vars | |
| run: | | |
| SUFFIX=$(date +%Y%m%d%H%M | cut -c7-12) | |
| echo "COSMOS_ACCOUNT_NAME=cosmos-${{ env.ENVIRONMENT_NAME }}-${SUFFIX}" >> $GITHUB_OUTPUT | |
| echo "CONTAINER_APPS_ENV_NAME=cae-${{ env.ENVIRONMENT_NAME }}" >> $GITHUB_OUTPUT | |
| echo "LOG_ANALYTICS_NAME=law-${{ env.ENVIRONMENT_NAME }}" >> $GITHUB_OUTPUT | |
| echo "APP_INSIGHTS_NAME=ai-${{ env.ENVIRONMENT_NAME }}" >> $GITHUB_OUTPUT | |
| - name: Update Container Apps with new images | |
| uses: azure/arm-deploy@v2 | |
| with: | |
| subscriptionId: ${{ env.AZURE_SUBSCRIPTION_ID }} | |
| resourceGroupName: ${{ env.RESOURCE_GROUP_NAME }} | |
| template: management-portal/infra/management-portal.bicep | |
| parameters: > | |
| location=${{ env.LOCATION }} | |
| cosmosAccountName=${{ steps.vars.outputs.COSMOS_ACCOUNT_NAME }} | |
| containerAppsEnvironmentName=${{ steps.vars.outputs.CONTAINER_APPS_ENV_NAME }} | |
| containerRegistryName=${{ needs.deploy-infrastructure.outputs.containerRegistryName }} | |
| logAnalyticsWorkspaceName=${{ steps.vars.outputs.LOG_ANALYTICS_NAME }} | |
| appInsightsName=${{ steps.vars.outputs.APP_INSIGHTS_NAME }} | |
| portalImage=${{ needs.deploy-infrastructure.outputs.containerRegistryLoginServer }}/stamps-portal:${{ github.sha }} | |
| dabImage=${{ needs.deploy-infrastructure.outputs.containerRegistryLoginServer }}/stamps-dab:${{ github.sha }} | |
| - name: Verify deployment | |
| run: | | |
| echo "🎉 Deployment completed successfully!" | |
| echo "Portal URL: ${{ needs.deploy-infrastructure.outputs.portalUrl }}" | |
| echo "DAB URL: ${{ needs.deploy-infrastructure.outputs.dabUrl }}" | |
| # Health check | |
| sleep 30 | |
| curl -f "${{ needs.deploy-infrastructure.outputs.portalUrl }}/health" || echo "Health check failed" | |
| post-deployment: | |
| needs: [deploy-infrastructure, update-container-apps] | |
| runs-on: ubuntu-latest | |
| if: always() | |
| steps: | |
| - name: Post deployment summary | |
| run: | | |
| echo "## Deployment Summary 🚀" >> $GITHUB_STEP_SUMMARY | |
| echo "| Component | URL |" >> $GITHUB_STEP_SUMMARY | |
| echo "|-----------|-----|" >> $GITHUB_STEP_SUMMARY | |
| echo "| Management Portal | ${{ needs.deploy-infrastructure.outputs.portalUrl }} |" >> $GITHUB_STEP_SUMMARY | |
| echo "| Data API Builder | ${{ needs.deploy-infrastructure.outputs.dabUrl }} |" >> $GITHUB_STEP_SUMMARY | |
| echo "| Container Registry | ${{ needs.deploy-infrastructure.outputs.containerRegistryName }} |" >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| echo "### Next Steps:" >> $GITHUB_STEP_SUMMARY | |
| echo "1. Configure Azure Entra ID authentication" >> $GITHUB_STEP_SUMMARY | |
| echo "2. Set up custom domain and SSL certificates" >> $GITHUB_STEP_SUMMARY | |
| echo "3. Configure monitoring alerts" >> $GITHUB_STEP_SUMMARY |