--- name: Continuous Delivery on: workflow_call: inputs: skip_what_if: default: false type: boolean %{ for script_file in script_files ~} ${script_file.name}: type: boolean default: true %{ endfor ~} destroy: default: false type: boolean jobs: whatif: name: What If runs-on: ${runner_name} concurrency: ${backend_azure_storage_account_container_name} environment: ${environment_name_plan} permissions: id-token: write contents: read if: $${{ !inputs.skip_what_if }} env: PARAMETERS_FILE_NAME: parameters.json steps: - name: Checkout Bicep Module uses: actions/checkout@v4 - name: Get Bicep Variables uses: ${organization_name}/${repository_name_templates}/.github/actions/bicep-variables@main with: parameters_file_name: $${{ env.PARAMETERS_FILE_NAME }} %{ for on_demand_folder in on_demand_folders ~} - name: Get On Demand Folder ${on_demand_folder.target} uses: ${organization_name}/${repository_name_templates}/.github/actions/bicep-on-demand-folder@main with: repository: "${on_demand_folder_repository}" releaseArtifactName: "${on_demand_folder_artifact_name}" releaseVersion: "$${{ env.RELEASE_VERSION }}" sourcePath: "${on_demand_folder.source}" targetPath: "${on_demand_folder.target}" %{ endfor ~} - name: Install Bicep and Update Az Module uses: ${organization_name}/${repository_name_templates}/.github/actions/bicep-installer@main - name: OIDC Login to Tenant uses: azure/login@v2 with: client-id: $${{ vars.AZURE_CLIENT_ID }} tenant-id: $${{ vars.AZURE_TENANT_ID }} subscription-id: $${{ vars.AZURE_SUBSCRIPTION_ID }} enable-AzPSSession: true - name: First Deployment Check id: firstDeploymentCheck uses: ${organization_name}/${repository_name_templates}/.github/actions/bicep-first-deployment-check@main if: $${{ !inputs.destroy }} with: managementGroupId: $${{ env.MANAGEMENT_GROUP_ID }} %{ for script_file in script_files ~} - name: 'What If: ${script_file.displayName}' uses: ${organization_name}/${repository_name_templates}/.github/actions/bicep-deploy@main if: $${{ inputs.${script_file.name} && !inputs.destroy }} with: displayName: '${script_file.displayName}' templateFilePath: '${script_file.templateFilePath}' templateParametersFilePath: '${script_file.templateParametersFilePath}' managementGroupId: '${script_file.managementGroupIdVariable}' subscriptionId: '${script_file.subscriptionIdVariable}' resourceGroupName: '${script_file.resourceGroupNameVariable}' location: '$${{ env.LOCATION }}' deploymentType: '${script_file.deploymentType}' firstRunWhatIf: '${script_file.firstRunWhatIf}' firstDeployment: '$${{ env.firstDeployment }}' whatIfEnabled: 'true' %{ endfor ~} - name: Run Bicep Destroy What If uses: ${organization_name}/${repository_name_templates}/.github/actions/bicep-destroy@main if: $${{ inputs.destroy }} with: whatIfEnabled: 'true' deploy: name: Deploy needs: whatif if: $${{ always() && !contains(needs.*.result, 'failure') && !contains(needs.*.result, 'cancelled') }} runs-on: ${runner_name} concurrency: ${backend_azure_storage_account_container_name} environment: ${environment_name_apply} permissions: id-token: write contents: read env: PARAMETERS_FILE_NAME: parameters.json steps: - name: Checkout Bicep Module uses: actions/checkout@v4 - name: Get Bicep Variables uses: ${organization_name}/${repository_name_templates}/.github/actions/bicep-variables@main with: parameters_file_name: $${{ env.PARAMETERS_FILE_NAME }} %{ for on_demand_folder in on_demand_folders ~} - name: Get On Demand Folder ${on_demand_folder.target} uses: ${organization_name}/${repository_name_templates}/.github/actions/bicep-on-demand-folder@main with: repository: "${on_demand_folder_repository}" releaseArtifactName: "${on_demand_folder_artifact_name}" releaseVersion: "$${{ env.RELEASE_VERSION }}" sourcePath: "${on_demand_folder.source}" targetPath: "${on_demand_folder.target}" %{ endfor ~} - name: Install Bicep and Update Az Module uses: ${organization_name}/${repository_name_templates}/.github/actions/bicep-installer@main - name: OIDC Login to Tenant uses: azure/login@v2 with: client-id: $${{ vars.AZURE_CLIENT_ID }} tenant-id: $${{ vars.AZURE_TENANT_ID }} subscription-id: $${{ vars.AZURE_SUBSCRIPTION_ID }} enable-AzPSSession: true %{ for script_file in script_files ~} - name: 'Deploy: ${script_file.displayName}' uses: ${organization_name}/${repository_name_templates}/.github/actions/bicep-deploy@main if: $${{ inputs.${script_file.name} && !inputs.destroy }} with: displayName: '${script_file.displayName}' templateFilePath: '${script_file.templateFilePath}' templateParametersFilePath: '${script_file.templateParametersFilePath}' managementGroupId: '${script_file.managementGroupIdVariable}' subscriptionId: '${script_file.subscriptionIdVariable}' resourceGroupName: '${script_file.resourceGroupNameVariable}' location: '$${{ env.LOCATION }}' deploymentType: '${script_file.deploymentType}' firstRunWhatIf: '${script_file.firstRunWhatIf}' whatIfEnabled: 'false' %{ endfor ~} - name: Run Bicep Destroy uses: ${organization_name}/${repository_name_templates}/.github/actions/bicep-destroy@main if: $${{ inputs.destroy }} with: whatIfEnabled: 'false'