Azure
/
azure-spring-apps-reference-architecture
зеркало из
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
azure-spring-apps-reference.../.github/workflows/deploy_enterprise.yml

588 строки
25 KiB
YAML
Исходник Ответственный История

name: Deploy ASA Enterprise with ACME Fitness
on: [push]
permissions:
id-token: write
contents: read
env:
# === Deploy Firewall ===:
SHOULD_DEPLOY_FIREWALL: false
# === Destroy All ==
SHOULD_DESTROY: true
# === Baseline Parameters ====:
REGION: ${{ vars.REGION_ENTERPRISE }}
NAME_PREFIX: ${{ vars.NAME_PREFIX_ENTERPRISE }}
ENVIRONMENT: ${{ vars.ENVIRONMENT_ENTERPRISE}}
# === Spring Apps Service ===:
SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
JUMP_BOX_USERNAME: lzadmin
JUMP_BOX_PASSWORD: ${{ secrets.JUMP_BOX_PASSWORD }}
# Specify the Object ID for the "Azure Spring Apps Resource Provider" service principal in the customer's Azure AD Tenant
# Use this command to obtain:
# az ad sp show --id e8de9221-a19c-4c81-b814-fd37c6caf9d2 --query id --output tsv
SRINGAPPS_SPN_OBJECT_ID: ${{ vars.SRINGAPPS_SPN_OBJECT_ID }}
# === Pet Clinic Required Settings ===:
MYSQL_ADMIN_USERNAME: sqlAdmin
MYSQL_ADMIN_PASSWORD: ${{ secrets.MYSQL_ADMIN_PASSWORD }}
# ==== Terraform Backend ===:
TFSTATE_RG: ${{ vars.TFSTATE_RG }}
STORAGEACCOUNTNAME: ${{ vars.STORAGEACCOUNTNAME }}
CONTAINERNAME: ${{ vars.CONTAINERNAME_ENTERPRISE }}
# ==== Terraform Azure Login ===:
ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}
ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
jobs:
conditions:
runs-on: ubuntu-latest
outputs:
deploy_firewall: "${{ env.SHOULD_DEPLOY_FIREWALL }}"
destroy: "${{ env.SHOULD_DESTROY }}"
steps:
- name: echo
run: |
echo ${{ env.SHOULD_DEPLOY_FIREWALL }} \
echo ${{ env.SHOULD_DESTROY }}
deploy_hub_network:
name: Deploy 02 Hub Network
needs: conditions
runs-on: ubuntu-latest
defaults:
run:
working-directory: Scenarios/ASA-Secure-Baseline/Terraform/02-Hub-Network
steps:
- name: Checkout this repository
uses: actions/checkout@v3
- name: Setup Terraform
uses: hashicorp/setup-terraform@v2.0.3
with:
terraform_wrapper: false
- name: Terraform Init
run: |
terraform init \
-backend-config="resource_group_name=${{ env.TFSTATE_RG }}" \
-backend-config="storage_account_name=${{ env.STORAGEACCOUNTNAME }}" \
-backend-config="container_name=${{ env.CONTAINERNAME }}"
- name: Terraform Plan
run: |
terraform plan -out my.plan \
-var="state_sa_rg=${{ env.TFSTATE_RG }}" \
-var="state_sa_name=${{ env.STORAGEACCOUNTNAME }}" \
-var="state_sa_container_name=${{ env.CONTAINERNAME }}" \
-var="location=${{ env.REGION }}" \
-var="name_prefix=${{ env.NAME_PREFIX }}" \
-var="environment=${{ env.ENVIRONMENT }}" \
-var="SRINGAPPS_SPN_OBJECT_ID=${{ env.SRINGAPPS_SPN_OBJECT_ID }}"
- name: Terraform Apply
run: terraform apply my.plan
deploy_lz_network:
needs: [deploy_hub_network, conditions]
name: Deploy 03 LZ Network
runs-on: ubuntu-latest
defaults:
run:
working-directory: Scenarios/ASA-Secure-Baseline/Terraform/03-LZ-Network
steps:
- name: Checkout this repository
uses: actions/checkout@v3
- name: Setup Terraform
uses: hashicorp/setup-terraform@v2.0.3
with:
terraform_wrapper: false
- name: Terraform Init
run: |
terraform init \
-backend-config="resource_group_name=${{ env.TFSTATE_RG }}" \
-backend-config="storage_account_name=${{ env.STORAGEACCOUNTNAME }}" \
-backend-config="container_name=${{ env.CONTAINERNAME }}"
- name: Terraform Plan
run: |
terraform plan -out my.plan \
-var="state_sa_rg=${{ env.TFSTATE_RG }}" \
-var="state_sa_name=${{ env.STORAGEACCOUNTNAME }}" \
-var="state_sa_container_name=${{ env.CONTAINERNAME }}" \
-var="location=${{ env.REGION }}" \
-var="name_prefix=${{ env.NAME_PREFIX }}" \
-var="environment=${{ env.ENVIRONMENT }}" \
-var="SRINGAPPS_SPN_OBJECT_ID=${{ env.SRINGAPPS_SPN_OBJECT_ID }}"
- name: Terraform Apply
run: terraform apply my.plan
deploy_lz_shared:
needs: [deploy_lz_network, conditions]
name: Deploy 04 LZ Shared Resources
runs-on: ubuntu-latest
defaults:
run:
working-directory: Scenarios/ASA-Secure-Baseline/Terraform/04-LZ-SharedResources
steps:
- name: Checkout this repository
uses: actions/checkout@v3
- name: Setup Terraform
uses: hashicorp/setup-terraform@v2.0.3
with:
terraform_wrapper: false
- name: Terraform Init
run: |
terraform init \
-backend-config="resource_group_name=${{ env.TFSTATE_RG }}" \
-backend-config="storage_account_name=${{ env.STORAGEACCOUNTNAME }}" \
-backend-config="container_name=${{ env.CONTAINERNAME }}"
- name: Terraform Plan
run: |
terraform plan -out my.plan \
-var="state_sa_rg=${{ env.TFSTATE_RG }}" \
-var="state_sa_name=${{ env.STORAGEACCOUNTNAME }}" \
-var="state_sa_container_name=${{ env.CONTAINERNAME }}" \
-var="location=${{ env.REGION }}" \
-var="name_prefix=${{ env.NAME_PREFIX }}" \
-var="environment=${{ env.ENVIRONMENT }}" \
-var="SRINGAPPS_SPN_OBJECT_ID=${{ env.SRINGAPPS_SPN_OBJECT_ID }}" \
-var="jump_host_admin_username=${{ env.JUMP_BOX_USERNAME }}" \
-var="jump_host_password=${{ env.JUMP_BOX_PASSWORD}}"
- name: Terraform Apply
run: terraform apply my.plan
deploy_hub_firewall:
needs: [deploy_hub_network, deploy_lz_shared, conditions]
name: Deploy 05 Hub Firewall
runs-on: ubuntu-latest
defaults:
run:
working-directory: Scenarios/ASA-Secure-Baseline/Terraform/05-Hub-AzureFirewall
steps:
- name: Checkout this repository
uses: actions/checkout@v3
- name: Setup Terraform
uses: hashicorp/setup-terraform@v2.0.3
with:
terraform_wrapper: false
- name: Terraform Init
run: |
terraform init \
-backend-config="resource_group_name=${{ env.TFSTATE_RG }}" \
-backend-config="storage_account_name=${{ env.STORAGEACCOUNTNAME }}" \
-backend-config="container_name=${{ env.CONTAINERNAME }}"
- name: Terraform Plan
run: |
terraform plan -out my.plan \
-var="state_sa_rg=${{ env.TFSTATE_RG }}" \
-var="state_sa_name=${{ env.STORAGEACCOUNTNAME }}" \
-var="state_sa_container_name=${{ env.CONTAINERNAME }}" \
-var="location=${{ env.REGION }}" \
-var="name_prefix=${{ env.NAME_PREFIX }}" \
-var="environment=${{ env.ENVIRONMENT }}" \
-var="SRINGAPPS_SPN_OBJECT_ID=${{ env.SRINGAPPS_SPN_OBJECT_ID }}"
- name: Terraform Apply
if: needs.conditions.outputs.deploy_firewall == 'true'
run: terraform apply my.plan
deploy_lz_enterprise:
needs:
[deploy_hub_network, deploy_lz_shared, deploy_hub_firewall, conditions]
name: Deploy 06 LZ Spring Apps Enterprise
runs-on: ubuntu-latest
outputs:
spring_apps_service_name: ${{ steps.output.outputs.spring_apps_service_name }}
spring_apps_rg: ${{ steps.output-apps-rg.outputs.spring_apps_rg }}
defaults:
run:
working-directory: Scenarios/ASA-Secure-Baseline/Terraform/06-LZ-SpringApps-Enterprise
steps:
- name: Checkout this repository
uses: actions/checkout@v3
- name: Setup Terraform
uses: hashicorp/setup-terraform@v2.0.3
with:
terraform_wrapper: false
- name: Terraform Init
run: |
terraform init \
-backend-config="resource_group_name=${{ env.TFSTATE_RG }}" \
-backend-config="storage_account_name=${{ env.STORAGEACCOUNTNAME }}" \
-backend-config="container_name=${{ env.CONTAINERNAME }}"
- name: Terraform Plan
run: |
terraform plan -out my.plan \
-var="state_sa_rg=${{ env.TFSTATE_RG }}" \
-var="state_sa_name=${{ env.STORAGEACCOUNTNAME }}" \
-var="state_sa_container_name=${{ env.CONTAINERNAME }}" \
-var="location=${{ env.REGION }}" \
-var="name_prefix=${{ env.NAME_PREFIX }}" \
-var="environment=${{ env.ENVIRONMENT }}" \
-var="SRINGAPPS_SPN_OBJECT_ID=${{ env.SRINGAPPS_SPN_OBJECT_ID }}"
- name: Terraform Apply
run: terraform apply my.plan
- name: Terraform Output
id: output
run: echo spring_apps_service_name=$(terraform output -raw spring_apps_service_name) >> $GITHUB_OUTPUT
- name: Terraform Output
id: output-apps-rg
run: echo spring_apps_rg=$(terraform output -raw spring_apps_rg) >> $GITHUB_OUTPUT
deploy_acme_fitness_infra:
name: Deploy ACME Fitness Store Infrastructure
needs: [deploy_lz_enterprise, deploy_lz_shared, conditions]
runs-on: ubuntu-latest
defaults:
run:
working-directory: Scenarios/sample-apps/fitness-store/terraform
steps:
- name: Checkout this repository
uses: actions/checkout@v3
- name: Setup Terraform
uses: hashicorp/setup-terraform@v2.0.3
with:
terraform_wrapper: false
- name: Terraform Init
run: |
terraform init \
-backend-config="resource_group_name=${{ env.TFSTATE_RG }}" \
-backend-config="storage_account_name=${{ env.STORAGEACCOUNTNAME }}" \
-backend-config="container_name=${{ env.CONTAINERNAME }}"
- name: Terraform Plan
run: |
terraform plan -out my.plan \
-var="spring_cloud_service=${{ needs.deploy_lz_enterprise.outputs.spring_apps_service_name }}" \
-var="subscription_id=${{ env.SUBSCRIPTION_ID}}" \
-var="name_prefix=${{ env.NAME_PREFIX }}"
- name: Terraform Apply
run: terraform apply my.plan
build:
name: Build and Deploy ACME Fitness Microservices
needs: [deploy_acme_fitness_infra, deploy_lz_enterprise, conditions]
runs-on: ubuntu-latest
env:
SPRING_APPS_SERVICE_NAME: ${{ needs.deploy_lz_enterprise.outputs.spring_apps_service_name }}
SPRING_APPS_RESOURCE_GROUP: ${{ needs.deploy_lz_enterprise.outputs.spring_apps_rg }}
steps:
- name: Checkout pet clinic sample
uses: actions/checkout@v3
with:
repository: Azure-Samples/acme-fitness-store.git
path: fitness-store
ref: Azure
- name: Azure CLI Login
uses: azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- name: Set az defaults
run: |
az extension add --name spring
az account set --subscription ${{ secrets.AZURE_SUBSCRIPTION_ID }}
az configure --defaults group=${{env.SPRING_APPS_RESOURCE_GROUP}} spring=${{ env.SPRING_APPS_SERVICE_NAME }} location=${{ env.REGION }}
- name: Update Gateway Routes
if: needs.conditions.outputs.destroy == 'false'
run: |
az spring gateway route-config update --name catalog-service --app-name catalog-service --routes-file "${{ github.workspace }}/fitness-store/azure/routes/catalog-service.json"
az spring gateway route-config update --name frontend --app-name frontend --routes-file "${{ github.workspace }}/fitness-store/azure/routes/frontend.json"
az spring gateway route-config update --name cart-service --app-name cart-service --routes-file "${{ github.workspace }}/fitness-store/azure/routes/cart-service.json"
az spring gateway route-config update --name order-service --app-name order-service --routes-file "${{ github.workspace }}/fitness-store/azure/routes/order-service.json"
az spring gateway route-config update --name identity-service --app-name identity-service --routes-file "${{ github.workspace }}/fitness-store/azure/routes/identity-service.json"
- name: Deploy apps/acme-payment
uses: azure/spring-apps-deploy@v1
if: needs.conditions.outputs.destroy == 'false'
with:
azure-subscription: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
action: deploy
service-name: ${{ env.SPRING_APPS_SERVICE_NAME }}
app-name: payment-service
use-staging-deployment: false
package: ${{ github.workspace }}/fitness-store/apps/acme-payment
jvm-options: -Xms2048m -Xmx2048m
runtime-version: Java_17
environment-variables: -SPRING_PROFILES_ACTIVE passwordless
build-env: "-BP_JVM_VERSION 17"
config-file-patterns: payment
- name: Deploy catalog service
uses: azure/spring-apps-deploy@v1
if: needs.conditions.outputs.destroy == 'false'
with:
azure-subscription: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
action: deploy
service-name: ${{ env.SPRING_APPS_SERVICE_NAME }}
app-name: catalog-service
use-staging-deployment: false
package: ${{ github.workspace }}/fitness-store/apps/acme-catalog
jvm-options: -Xms2048m -Xmx2048m
runtime-version: Java_17
environment-variables: "-SPRING_PROFILES_ACTIVE passwordless"
build-env: "-BP_JVM_VERSION 17"
config-file-patterns: catalog
- name: Deploy apps/acme-order
uses: azure/spring-apps-deploy@v1
if: needs.conditions.outputs.destroy == 'false'
with:
azure-subscription: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
action: deploy
service-name: ${{ env.SPRING_APPS_SERVICE_NAME }}
app-name: order-service
use-staging-deployment: false
package: ${{ github.workspace }}/fitness-store/apps/acme-order
- name: Deploy apps/acme-cart
uses: azure/spring-apps-deploy@v1
if: needs.conditions.outputs.destroy == 'false'
with:
azure-subscription: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
action: deploy
service-name: ${{ env.SPRING_APPS_SERVICE_NAME }}
app-name: cart-service
use-staging-deployment: false
package: ${{ github.workspace }}/fitness-store/apps/acme-cart
environment-variables: -CART_PORT 8080
- name: Deploy apps/acme-shopping
uses: azure/spring-apps-deploy@v1
if: needs.conditions.outputs.destroy == 'false'
with:
azure-subscription: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
action: deploy
service-name: ${{ env.SPRING_APPS_SERVICE_NAME }}
app-name: frontend
use-staging-deployment: false
package: ${{ github.workspace }}/fitness-store/apps/acme-shopping
prepare_destroy:
needs: [conditions, build, deploy_lz_enterprise]
name: Prepare Spring Enterprise for Destroy
runs-on: ubuntu-latest
if: needs.conditions.outputs.destroy == 'true'
env:
SPRING_APPS_SERVICE_NAME: ${{ needs.deploy_lz_enterprise.outputs.spring_apps_service_name }}
SPRING_APPS_RESOURCE_GROUP: ${{ needs.deploy_lz_enterprise.outputs.spring_apps_rg }}
steps:
- name: Azure CLI Login
uses: azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- name: Set Defaults
run: |
az account set --subscription ${{ secrets.AZURE_SUBSCRIPTION_ID }}
az configure --defaults group=${{env.SPRING_APPS_RESOURCE_GROUP}} spring=${{ env.SPRING_APPS_SERVICE_NAME }} location=${{ env.REGION }}
az extension add --name spring
- name: Remove Ip from API
run: az spring api-portal update -g ${{needs.deploy_lz_enterprise.outputs.spring_apps_rg}} -s ${{needs.deploy_lz_enterprise.outputs.spring_apps_service_name}} --assign-endpoint false
- name: Remove Ip from gateway
run: az spring gateway update -g ${{needs.deploy_lz_enterprise.outputs.spring_apps_rg}} -s ${{needs.deploy_lz_enterprise.outputs.spring_apps_service_name}} --assign-endpoint false
- name: Delete Route Configs
run: |
az spring gateway route-config remove --name catalog-service
az spring gateway route-config remove --name frontend
az spring gateway route-config remove --name cart-service
az spring gateway route-config remove --name order-service
az spring gateway route-config remove --name identity-service
destroy_sample_app_infra:
name: Destroy Fitness Store Infrastructure
needs:
[
conditions,
deploy_lz_enterprise,
deploy_lz_shared,
deploy_acme_fitness_infra,
prepare_destroy
]
runs-on: ubuntu-latest
if: needs.conditions.outputs.destroy == 'true'
defaults:
run:
working-directory: Scenarios/sample-apps/fitness-store/terraform
steps:
- name: Checkout this repository
uses: actions/checkout@v3
- name: Setup Terraform
uses: hashicorp/setup-terraform@v2.0.3
with:
terraform_wrapper: false
- name: Terraform Init
run: |
terraform init \
-backend-config="resource_group_name=${{ env.TFSTATE_RG }}" \
-backend-config="storage_account_name=${{ env.STORAGEACCOUNTNAME }}" \
-backend-config="container_name=${{ env.CONTAINERNAME }}"
- name: Terraform Plan
run: |
terraform plan -destroy -out my.plan \
-var="spring_cloud_service=${{ needs.deploy_lz_enterprise.outputs.spring_apps_service_name }}" \
-var="subscription_id=${{ env.SUBSCRIPTION_ID}}" \
-var="name_prefix=${{ env.NAME_PREFIX }}"
- name: Terraform Apply
run: terraform apply my.plan
destroy_lz_enterprise:
needs: [conditions, prepare_destroy,destroy_sample_app_infra]
name: Destroy 06 LZ Spring Apps Enterprise
runs-on: ubuntu-latest
if: needs.conditions.outputs.destroy == 'true'
defaults:
run:
working-directory: Scenarios/ASA-Secure-Baseline/Terraform/06-LZ-SpringApps-Enterprise
steps:
- name: Checkout this repository
uses: actions/checkout@v3
- name: Setup Terraform
uses: hashicorp/setup-terraform@v2.0.3
with:
terraform_wrapper: false
- name: Terraform Init
run: |
terraform init \
-backend-config="resource_group_name=${{ env.TFSTATE_RG }}" \
-backend-config="storage_account_name=${{ env.STORAGEACCOUNTNAME }}" \
-backend-config="container_name=${{ env.CONTAINERNAME }}"
- name: Terraform Plan
run: |
terraform plan -destroy -out my.plan \
-var="state_sa_rg=${{ env.TFSTATE_RG }}" \
-var="state_sa_name=${{ env.STORAGEACCOUNTNAME }}" \
-var="state_sa_container_name=${{ env.CONTAINERNAME }}" \
-var="location=${{ env.REGION }}" \
-var="name_prefix=${{ env.NAME_PREFIX }}" \
-var="environment=${{ env.ENVIRONMENT }}" \
-var="SRINGAPPS_SPN_OBJECT_ID=${{ env.SRINGAPPS_SPN_OBJECT_ID }}"
- name: Terraform Apply
run: terraform apply my.plan
destroy_hub_firewall:
needs: [ destroy_lz_enterprise, conditions]
name: Destroy 05 Hub Firewall
runs-on: ubuntu-latest
if: needs.conditions.outputs.destroy == 'true'
defaults:
run:
working-directory: Scenarios/ASA-Secure-Baseline/Terraform/05-Hub-AzureFirewall
steps:
- name: Checkout this repository
uses: actions/checkout@v3
- name: Setup Terraform
uses: hashicorp/setup-terraform@v2.0.3
with:
terraform_wrapper: false
- name: Terraform Init
run: |
terraform init \
-backend-config="resource_group_name=${{ env.TFSTATE_RG }}" \
-backend-config="storage_account_name=${{ env.STORAGEACCOUNTNAME }}" \
-backend-config="container_name=${{ env.CONTAINERNAME }}"
- name: Terraform Plan
run: |
terraform plan -destroy -out my.plan \
-var="state_sa_rg=${{ env.TFSTATE_RG }}" \
-var="state_sa_name=${{ env.STORAGEACCOUNTNAME }}" \
-var="state_sa_container_name=${{ env.CONTAINERNAME }}" \
-var="location=${{ env.REGION }}" \
-var="name_prefix=${{ env.NAME_PREFIX }}" \
-var="environment=${{ env.ENVIRONMENT }}" \
-var="SRINGAPPS_SPN_OBJECT_ID=${{ env.SRINGAPPS_SPN_OBJECT_ID }}"
- name: Terraform Apply
run: terraform apply my.plan
destroy_lz_shared:
needs: [destroy_hub_firewall, conditions]
name: Destroy 04 LZ Shared Resources
runs-on: ubuntu-latest
if: needs.conditions.outputs.destroy == 'true'
defaults:
run:
working-directory: Scenarios/ASA-Secure-Baseline/Terraform/04-LZ-SharedResources
steps:
- name: Checkout this repository
uses: actions/checkout@v3
- name: Setup Terraform
uses: hashicorp/setup-terraform@v2.0.3
with:
terraform_wrapper: false
- name: Terraform Init
run: |
terraform init \
-backend-config="resource_group_name=${{ env.TFSTATE_RG }}" \
-backend-config="storage_account_name=${{ env.STORAGEACCOUNTNAME }}" \
-backend-config="container_name=${{ env.CONTAINERNAME }}"
- name: Terraform Plan
run: |
terraform plan -destroy -out my.plan \
-var="state_sa_rg=${{ env.TFSTATE_RG }}" \
-var="state_sa_name=${{ env.STORAGEACCOUNTNAME }}" \
-var="state_sa_container_name=${{ env.CONTAINERNAME }}" \
-var="location=${{ env.REGION }}" \
-var="name_prefix=${{ env.NAME_PREFIX }}" \
-var="environment=${{ env.ENVIRONMENT }}" \
-var="SRINGAPPS_SPN_OBJECT_ID=${{ env.SRINGAPPS_SPN_OBJECT_ID }}" \
-var="jump_host_admin_username=${{ env.JUMP_BOX_USERNAME }}" \
-var="jump_host_password=${{ env.JUMP_BOX_PASSWORD}}"
- name: Terraform Apply
run: terraform apply my.plan
destroy_lz_network:
needs: [destroy_lz_shared, conditions]
name: Destroy 03 LZ Network
runs-on: ubuntu-latest
if: needs.conditions.outputs.destroy == 'true'
defaults:
run:
working-directory: Scenarios/ASA-Secure-Baseline/Terraform/03-LZ-Network
steps:
- name: Checkout this repository
uses: actions/checkout@v3
- name: Setup Terraform
uses: hashicorp/setup-terraform@v2.0.3
with:
terraform_wrapper: false
- name: Terraform Init
run: |
terraform init \
-backend-config="resource_group_name=${{ env.TFSTATE_RG }}" \
-backend-config="storage_account_name=${{ env.STORAGEACCOUNTNAME }}" \
-backend-config="container_name=${{ env.CONTAINERNAME }}"
- name: Terraform Plan
run: |
terraform plan -destroy -out my.plan \
-var="state_sa_rg=${{ env.TFSTATE_RG }}" \
-var="state_sa_name=${{ env.STORAGEACCOUNTNAME }}" \
-var="state_sa_container_name=${{ env.CONTAINERNAME }}" \
-var="location=${{ env.REGION }}" \
-var="name_prefix=${{ env.NAME_PREFIX }}" \
-var="environment=${{ env.ENVIRONMENT }}" \
-var="SRINGAPPS_SPN_OBJECT_ID=${{ env.SRINGAPPS_SPN_OBJECT_ID }}"
- name: Terraform Apply
run: terraform apply my.plan
destroy_hub_network:
name: Destroy 02 Hub Network
needs: [destroy_lz_network, conditions]
runs-on: ubuntu-latest
if: needs.conditions.outputs.destroy == 'true'
defaults:
run:
working-directory: Scenarios/ASA-Secure-Baseline/Terraform/02-Hub-Network
steps:
- name: Checkout this repository
uses: actions/checkout@v3
- name: Setup Terraform
uses: hashicorp/setup-terraform@v2.0.3
with:
terraform_wrapper: false
- name: Terraform Init
run: |
terraform init \
-backend-config="resource_group_name=${{ env.TFSTATE_RG }}" \
-backend-config="storage_account_name=${{ env.STORAGEACCOUNTNAME }}" \
-backend-config="container_name=${{ env.CONTAINERNAME }}"
- name: Terraform Plan
run: |
terraform plan -destroy -out my.plan \
-var="state_sa_rg=${{ env.TFSTATE_RG }}" \
-var="state_sa_name=${{ env.STORAGEACCOUNTNAME }}" \
-var="state_sa_container_name=${{ env.CONTAINERNAME }}" \
-var="location=${{ env.REGION }}" \
-var="name_prefix=${{ env.NAME_PREFIX }}" \
-var="environment=${{ env.ENVIRONMENT }}" \
-var="SRINGAPPS_SPN_OBJECT_ID=${{ env.SRINGAPPS_SPN_OBJECT_ID }}"
- name: Terraform Apply
run: terraform apply my.plan
Ссылка в новой задаче Показать git blame Копировать постоянную ссылку