-
Notifications
You must be signed in to change notification settings - Fork 33
56 lines (48 loc) · 1.85 KB
/
private-vso-build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
name: Private VSO build
on:
workflow_dispatch:
pull_request:
types: [synchronize, opened, reopened, ready_for_review]
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref }}
cancel-in-progress: true
permissions:
id-token: write
contents: read
jobs:
PrivateBuild:
if: github.event.pull_request.draft == false
runs-on: ubuntu-latest
steps:
- uses: Azure/login@v1
with:
# These secrets describe the HvLite-GitHub service principal and associated Azure subscription,
# which, along with the GITHUB_TOKEN, are used to authenticate GitHub Actions to Azure with OpenID Connect.
# The service principal has federated identity credentials configured describing which branches and
# scenarios can be authenticated.
client-id: ${{ secrets.OPENVMM_CLIENT_ID }}
tenant-id: ${{ secrets.OPENVMM_TENANT_ID }}
subscription-id: ${{ secrets.OPENVMM_SUBSCRIPTION_ID }}
- name: Pull Azure Key Vault secrets
uses: Azure/get-keyvault-secrets@v1
with:
keyvault: 'HvLite-PATs'
secrets: 'HvliteMirrorPAT'
id: AzureKeyVault
- name: Checkout actions
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Install dependencies
shell: bash
run: pip install --user -r .github/scripts/requirements.txt
- name: Run VSO build
shell: bash
run: python .github/scripts/trigger-vso-pipeline.py 109784 ${{ steps.AzureKeyVault.outputs.HvliteMirrorPAT }} --commit ${GITHUB_SHA}
- name: Cancel VSO build
shell: bash
run: |
build=$(cat build-id)
echo "Build: $build"
python .github/scripts/trigger-vso-pipeline.py 109784 ${{ steps.AzureKeyVault.outputs.HvliteMirrorPAT }} --cancel "$build"
if: ${{ cancelled() }}