ALZ-Bicep/.github/workflows/psdocs-mdtogit.yml

# Example: .github/workflows/arm-docs.yaml

name: Generate Markdown
on:
  pull_request_target:
    types:
      - edited
      - opened
      - reopened
      - synchronize
    paths:
      - '**.bicep'

env:
  github_user_name: 'github-actions'
  github_email: '41898282+github-actions[bot]@users.noreply.github.com'
  github_commit_message: 'Generate Parameter Markdowns'
  github_pr_number: ${{ github.event.number }}
  github_pr_repo: ${{ github.event.pull_request.head.repo.full_name }}

permissions:
  contents: read

jobs:
  arm_docs:
    name: Generate Markdown
    permissions:
      contents: write
    runs-on: ubuntu-latest
    steps:
      - name: Harden Runner
        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
        with:
          egress-policy: audit

      - name: Checkout
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

      - name: Show env
        run: env | sort

      - name: Check out PR
        run: |
          echo "==> Check out PR..."
          gh pr checkout "$github_pr_number"          
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      - name: Configure local git
        run: |
          echo "git user name  : $github_user_name"
          git config --global user.name "$github_user_name"
          echo "git user email : $github_email"
          git config --global user.email "$github_email"          

      - name: Bicep Build
        shell: pwsh
        run: |
          Get-ChildItem -Recurse -Path infra-as-code/bicep/ -Filter '*.bicep' -Exclude 'callModuleFromACR.example.bicep','orchHubSpoke.bicep' | ForEach-Object {
              Write-Information "==> Attempting Bicep Build For File: $_" -InformationAction Continue
              $output = bicep build $_.FullName 2>&1
              if ($LastExitCode -ne 0)
              {
                throw $output
              }
              Else
              {
                echo $output
              }
          }          

      - name: Generate ARM markdowns
        run: |
          Install-Module -Name 'PSDocs.Azure' -Repository PSGallery -force;
          # Scan for Azure template file recursively in the infra-as-code/bicep/ directory
          Get-AzDocTemplateFile -Path infra-as-code/bicep/ | ForEach-Object {
            # Generate a standard name of the markdown file. i.e. <name>_<version>.md
            $template = Get-Item -Path $_.TemplateFile;
            $templateraw = Get-Content -Raw -Path $_.Templatefile;
            $templateName = $template.Directory.Parent.Name;
            $version = $template.Directory.Name;
            $docNameWithoutExtension = [System.IO.Path]::GetFileNameWithoutExtension($template.Name);
            $docName = "$($docNameWithoutExtension)_$version";
            $jobj = ConvertFrom-Json -InputObject $templateraw

            $outputpathformds = $template.DirectoryName+'/generateddocs'
            New-Item -Path $outputpathformds -ItemType Directory -Force

            # Conversion

            $templatepath = $template.DirectoryName
            $convertedtemplatename = $template.Name
            $convertedfullpath = $templatepath+"\"+$convertedtemplatename
            $jobj | ConvertTo-Json -Depth 100 | Set-Content -Path $convertedfullpath
            $mdname = ($docNameWithoutExtension)+'.bicep'

            # Generate markdown
            Invoke-PSDocument -Module PSDocs.Azure -OutputPath $outputpathformds -InputObject $template.FullName -InstanceName $mdname -Culture en-US;
          }          
        shell: pwsh

      - name: Remove Generated JSONs
        shell: pwsh
        run: |
          Get-ChildItem -Recurse -Path infra-as-code/bicep/ -Filter '*.json' -Exclude 'bicepconfig.json','*.parameters.json','*.parameters.*.json','policy_*' | ForEach-Object {
              Write-Information "==> Removing generated JSON file $_ from Bicep Build" -InformationAction Continue
              Remove-Item -Path $_.FullName
          }          

      - name: Check git status
        run: |
          echo "==> Check git status..."
          git status --short --branch          

      - name: Stage changes
        run: |
          echo "==> Stage changes..."
          mapfile -t STATUS_LOG < <(git status --short | grep .)
          if [ ${#STATUS_LOG[@]} -gt 0 ]; then
              echo "Found changes to the following files:"
              printf "%s\n" "${STATUS_LOG[@]}"
              git add --all
          else
              echo "No changes to add."
          fi          

      - name: Push changes
        run: |
          echo "==> Check git diff..."
          mapfile -t GIT_DIFF < <(git diff --cached)
          printf "%s\n" "${GIT_DIFF[@]}"
          if [ ${#GIT_DIFF[@]} -gt 0 ]; then
              echo "==> Commit changes..."
              git commit --message "$github_commit_message [$GITHUB_ACTOR/${GITHUB_SHA::8}]"
              echo "==> Push changes..."
              echo "Pushing changes to: $github_pr_repo"
              git push "https://$GITHUB_TOKEN@github.com/$github_pr_repo.git"
          else
              echo "No changes found."
          fi          
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}