Azure Deployment #45

Workflow file for this run

.github/workflows/test_azure_integration.yaml at 843453d

	name: Azure Deployment

	on:
	schedule:
	- cron: "0 0 * * MON"
	workflow_dispatch:
	inputs:
	branch:
	description: 'Nebari branch to deploy, test, destroy'
	required: true
	default: develop
	type: string
	image-tag:
	description: 'Nebari image tag created by the nebari-docker-images repo'
	required: true
	default: main
	type: string
	tf-log-level:
	description: 'Change Terraform log levels'
	required: false
	default: info
	type: choice
	options:
	- info
	- warn
	- debug
	- trace
	- error

	env:
	NEBARI_GH_BRANCH: ${{ github.event.inputs.branch \|\| 'develop' }}
	NEBARI_IMAGE_TAG: ${{ github.event.inputs.image-tag \|\| 'main' }}
	TF_LOG: ${{ github.event.inputs.tf-log-level \|\| 'info' }}
	NO_PROVIDER_CREDENTIALS_azure: false

	jobs:
	# Used to skip cloud provider checks due to "jobs" not supporting {{ env }} variables contexts
	check-for-credentials:
	runs-on: ubuntu-latest
	permissions:
	id-token: write
	contents: read

	outputs:
	provider_credentials_azure: ${{ steps.flag-check.outputs.provider_credentials_azure }}

	steps:

	- name: Check if user wants to run Azure integration based on credentials
	id: flag-check
	run: \|
	if [ "${{ env.NO_PROVIDER_CREDENTIALS_azure }}" == "true" ]; then
	echo "::set-output name=provider_credentials_azure::0"
	else
	echo "::set-output name=provider_credentials_azure::1"
	fi

	test-azure-integration:
	runs-on: ubuntu-latest
	needs: check-for-credentials
	if: ${{ needs.check-for-credentials.outputs.provider_credentials_azure == '1' }}
	permissions:
	id-token: write
	contents: read
	steps:
	- name: Checkout
	uses: actions/checkout@v3
	with:
	ref: ${{ env.NEBARI_GH_BRANCH }}
	fetch-depth: 0

	- name: Set up Python
	uses: actions/setup-python@v4
	with:
	python-version: 3.11

	- name: Install Nebari
	run: \|
	pip install .[dev]
	conda install --quiet --yes conda-build
	playwright install

	- name: Retrieve secret from Vault
	uses: hashicorp/vault-action@v2.5.0
	with:
	method: jwt
	url: "https://quansight-vault-public-vault-b2379fa7.d415e30e.z1.hashicorp.cloud:8200"
	namespace: "admin/quansight"
	role: "repository-nebari-dev-nebari-role"
	secrets: \|
	kv/data/repository/nebari-dev/nebari/azure/nebari-dev-ci/github-nebari-dev-repo-ci client_id \| ARM_CLIENT_ID;
	kv/data/repository/nebari-dev/nebari/azure/nebari-dev-ci/github-nebari-dev-repo-ci tenant_id \| ARM_TENANT_ID;
	kv/data/repository/nebari-dev/nebari/azure/nebari-dev-ci/github-nebari-dev-repo-ci subscription_id \| ARM_SUBSCRIPTION_ID;
	kv/data/repository/nebari-dev/nebari/cloudflare/internal-devops@quansight.com/nebari-dev-ci token \| CLOUDFLARE_TOKEN;

	- name: 'Azure login'
	uses: azure/login@v2
	with:
	client-id: ${{ env.ARM_CLIENT_ID }}
	tenant-id: ${{ env.ARM_TENANT_ID }}
	subscription-id: ${{ env.ARM_SUBSCRIPTION_ID }}

	- name: Integration Tests
	run: \|
	pytest --version
	pytest tests/tests_integration/ -vvv -s --cloud azure
	env:
	NEBARI_SECRET__default_images__jupyterhub: "quay.io/nebari/nebari-jupyterhub:${{ env.NEBARI_IMAGE_TAG }}"
	NEBARI_SECRET__default_images__jupyterlab: "quay.io/nebari/nebari-jupyterlab:${{ env.NEBARI_IMAGE_TAG }}"
	NEBARI_SECRET__default_images__dask_worker: "quay.io/nebari/nebari-dask-worker:${{ env.NEBARI_IMAGE_TAG }}"
	ARM_CLIENT_ID: ${{ env.ARM_CLIENT_ID }}
	ARM_TENANT_ID: ${{ env.ARM_TENANT_ID }}
	ARM_SUBSCRIPTION_ID: ${{ env.ARM_SUBSCRIPTION_ID }}
	ARM_USE_OIDC: "true"
	CLOUDFLARE_TOKEN: ${{ env.CLOUDFLARE_TOKEN }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Azure Deployment #45

Workflow file

Azure Deployment #45

Jobs

Run details

Workflow file for this run