Skip to content

AzOps - Pull

AzOps - Pull #100

Workflow file for this run

---
name: "AzOps - Pull"
on:
#
# Workflow Dispatch
# This is to invoke the action from the GitHub UI
#
workflow_dispatch:
#
# Repository Dispatch
# Invoke this action based on event / webhook, this
# could be from an activity logs when a specific condition
# is met and triggered
#
repository_dispatch:
types:
- "Enterprise-Scale Deployment"
- "Enterprise-Scale Event"
#
# Schedule
# This is an optional trigger to pull the latest Azure
# hierarchy into the Git repository in a recurring
# manner.
#
# Default: Every 6 hours
#
schedule:
- cron: "0 */6 * * *"
#
# Workflow Run
# Triggers this workflow upon the completion of
# the Push action.
#
workflow_run:
workflows: ["AzOps - Push"]
branches: [main]
types:
- completed
#
# Permissions required for the pipeline to interact with repo and federated credentials
#
permissions:
id-token: write
contents: write
pull-requests: write
env:
#
# Credentials
#
ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
ARM_ENVIRONMENT: ${{ secrets.ARM_ENVIRONMENT }}
ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
AZOPS_MODULE_VERSION: ${{ secrets.AZOPS_MODULE_VERSION }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
#
# modulesFolder
# To enable caching of PowerShell modules between
# runs, the modules are stored in a modules folder
# that can be cached.
#
modulesFolder: "~/.local/share/powershell/Modules"
#
# Folder Name
# By default we generate the hierachy within the
# 'azops' folder within the root of the repository.
# If this property is modified, the config value within
# the settings.json file - Core.State will also need
# to be changed.
#
# Default: root
#
folder: "root"
#
# Branch Name
# As part of the Pull workflow we check a temporary branch
# this branch was previously know as system, this value can
# be changed if this name is already reserved for other systems
# within the repository.
#
# Default: automated
#
branch: "automated"
#
# Commit Message
# During the Pull workflow, the changes are commited to the
# temporary branch, the message which is applied within the
# Git history can be changed as needed.
#
# Default: Automated commit
#
commit_message: "Automated commit"
#
# Pull Request
# The generated Pull Request for the Pull workflow can be
# modified to help indicate when changes we're merged in the
# Git history.
#
# Default: Automated state
#
pull_request: "Automated State"
jobs:
pull:
#
# Pull
#
name: "Pull"
runs-on: ubuntu-20.04
#
# Environment if using Federated Credentials
# https://github.com/azure/azops/wiki/github-oidc
#
# environment: prod
#
# Only run Pull after successful Push or on manually triggered/scheduled events
#
if: ${{ github.event.workflow_run.conclusion == 'success' ||
contains(fromJson('["schedule", "workflow_dispatch", "repository_dispatch"]'), github.event_name) }}
steps:
#
# Checkout
# Checks-out the repository
#
- name: "Checkout"
uses: actions/checkout@v3
with:
fetch-depth: 0
#
# Shared steps
# Include shared steps from the 'action.yml' file
# to not have to repeat them in every pipeline.
#
- name: 'Shared steps'
uses: ./.github/actions/sharedSteps
#
# Configure
# Set global options
#
- name: "Configure"
shell: bash
run: |
git config user.name github-actions
git config user.email '41898282+github-actions[bot]@users.noreply.github.com'
#
# Checkout
# Switch branches
#
- name: "Checkout"
shell: bash
run: |
git checkout -b ${{ env.branch }}
#
# Initialize
# Generate new state data
#
- name: "Initialize"
shell: pwsh
run: |
Import-PSFConfig -Path settings.json -Schema MetaJson -EnableException
if ($env:ACTION -eq "Enterprise-Scale Deployment") {
Set-PSFConfig -FullName AzOps.Core.SkipResource -Value $false
}
Invoke-AzOpsPull -Rebuild
Get-Job | Remove-Job -Force
env:
ACTION: ${{ github.event.action }}
#
# Status
# Check for data changes
#
- name: "Status"
id: status
shell: bash
run: |
STATUS=$(git status --short)
echo $STATUS
if [ -z "$STATUS" ]
then
echo "state=stop" >> $GITHUB_OUTPUT
else
echo "state=continue" >> $GITHUB_OUTPUT
fi
#
# Add
# Add file content to index
#
- name: "Add"
if: steps.status.outputs.state == 'continue'
run: |
git add "./${{ env.folder }}"
shell: bash
#
# Commit
# Record changes to the repository
#
- name: "Commit"
if: steps.status.outputs.state == 'continue'
shell: bash
run: |
git commit -m "${{ env.commit_message }}"
#
# Push
# Update remote refs along with associated objects
#
- name: "Push"
if: steps.status.outputs.state == 'continue'
shell: bash
run: |
git push origin ${{ env.branch }} -f
#
# Merge
# Automatically merge the head branch into base
#
- name: "Merge"
if: steps.status.outputs.state == 'continue'
shell: bash
run: |
gh pr create --title "${{ env.pull_request }}" --body "-" --base 'main' --head ${{ env.branch }}
gh pr merge "${{ env.branch }}" --squash --delete-branch