diff --git a/.github/workflows/deploy-orchestrator.yml b/.github/workflows/deploy-orchestrator.yml index 689d9fd4..34821e9a 100644 --- a/.github/workflows/deploy-orchestrator.yml +++ b/.github/workflows/deploy-orchestrator.yml @@ -1,4 +1,4 @@ -name: Reusable Deployment Workflow +name: Deployment orchestrator v2 on: workflow_call: @@ -61,69 +61,21 @@ on: description: 'Trigger type (workflow_dispatch, pull_request, schedule)' required: true type: string - secrets: - AZURE_CLIENT_ID: - required: true - AZURE_CLIENT_SECRET: - required: true - AZURE_TENANT_ID: - required: true - AZURE_SUBSCRIPTION_ID: - required: true - ACR_TEST_LOGIN_SERVER: - required: true - ACR_TEST_USERNAME: - required: true - ACR_TEST_PASSWORD: - required: true - AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID: - required: false - AZURE_ENV_FOUNDRY_PROJECT_ID: - required: false - EMAILNOTIFICATION_LOGICAPP_URL_TA: - required: false - outputs: - CONTAINER_WEB_APPURL: - description: "Container Web App URL" - value: ${{ jobs.deploy.outputs.CONTAINER_WEB_APPURL }} - RESOURCE_GROUP_NAME: - description: "Resource Group Name" - value: ${{ jobs.deploy.outputs.RESOURCE_GROUP_NAME }} env: AZURE_DEV_COLLECT_TELEMETRY: ${{ vars.AZURE_DEV_COLLECT_TELEMETRY }} jobs: - display-configuration: - uses: ./.github/workflows/job-display-configuration.yml - with: - trigger_type: ${{ inputs.trigger_type }} - runner_os: ${{ inputs.runner_os }} - waf_enabled: ${{ inputs.waf_enabled }} - EXP: ${{ inputs.EXP }} - build_docker_image: ${{ inputs.build_docker_image }} - cleanup_resources: ${{ inputs.cleanup_resources }} - run_e2e_tests: ${{ inputs.run_e2e_tests }} - azure_location: ${{ inputs.azure_location }} - resource_group_name: ${{ inputs.resource_group_name }} - existing_webapp_url: ${{ inputs.existing_webapp_url }} - AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID: ${{ inputs.AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID }} - AZURE_EXISTING_AI_PROJECT_RESOURCE_ID: ${{ inputs.AZURE_EXISTING_AI_PROJECT_RESOURCE_ID }} - docker-build: - needs: display-configuration uses: ./.github/workflows/job-docker-build.yml with: trigger_type: ${{ inputs.trigger_type }} build_docker_image: ${{ inputs.build_docker_image }} - secrets: - ACR_TEST_LOGIN_SERVER: ${{ secrets.ACR_TEST_LOGIN_SERVER }} - ACR_TEST_USERNAME: ${{ secrets.ACR_TEST_USERNAME }} - ACR_TEST_PASSWORD: ${{ secrets.ACR_TEST_PASSWORD }} + secrets: inherit deploy: if: always() && (inputs.trigger_type != 'workflow_dispatch' || inputs.existing_webapp_url == '' || inputs.existing_webapp_url == null) - needs: [display-configuration, docker-build] + needs: docker-build uses: ./.github/workflows/job-deploy.yml with: trigger_type: ${{ inputs.trigger_type }} @@ -137,14 +89,8 @@ jobs: AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID: ${{ inputs.AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID }} AZURE_EXISTING_AI_PROJECT_RESOURCE_ID: ${{ inputs.AZURE_EXISTING_AI_PROJECT_RESOURCE_ID }} docker_image_tag: ${{ needs.docker-build.outputs.IMAGE_TAG }} - secrets: - AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} - AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} - AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} - AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - ACR_TEST_LOGIN_SERVER: ${{ secrets.ACR_TEST_LOGIN_SERVER }} - AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID: ${{ secrets.AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID }} - AZURE_ENV_FOUNDRY_PROJECT_ID: ${{ secrets.AZURE_ENV_FOUNDRY_PROJECT_ID }} + run_e2e_tests: ${{ inputs.run_e2e_tests }} + secrets: inherit e2e-test: if: always() && ((needs.deploy.result == 'success' && needs.deploy.outputs.CONTAINER_WEB_APPURL != '') || (inputs.existing_webapp_url != '' && inputs.existing_webapp_url != null)) && (inputs.trigger_type != 'workflow_dispatch' || (inputs.run_e2e_tests != 'None' && inputs.run_e2e_tests != '' && inputs.run_e2e_tests != null)) @@ -172,8 +118,7 @@ jobs: QUOTA_FAILED: ${{ needs.deploy.outputs.QUOTA_FAILED }} TEST_SUCCESS: ${{ needs.e2e-test.outputs.TEST_SUCCESS }} TEST_REPORT_URL: ${{ needs.e2e-test.outputs.TEST_REPORT_URL }} - secrets: - EMAILNOTIFICATION_LOGICAPP_URL_TA: ${{ secrets.EMAILNOTIFICATION_LOGICAPP_URL_TA }} + secrets: inherit cleanup-deployment: if: always() && needs.deploy.result == 'success' && needs.deploy.outputs.RESOURCE_GROUP_NAME != '' && inputs.existing_webapp_url == '' && (inputs.trigger_type != 'workflow_dispatch' || inputs.cleanup_resources == true || inputs.cleanup_resources == null) @@ -189,8 +134,4 @@ jobs: AZURE_ENV_OPENAI_LOCATION: ${{ needs.deploy.outputs.AZURE_ENV_OPENAI_LOCATION }} ENV_NAME: ${{ needs.deploy.outputs.ENV_NAME }} IMAGE_TAG: ${{ needs.deploy.outputs.IMAGE_TAG }} - secrets: - AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} - AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} - AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} - AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + secrets: inherit diff --git a/.github/workflows/job-cleanup-deployment.yml b/.github/workflows/job-cleanup-deployment.yml index 832e7ae5..5eeaf95f 100644 --- a/.github/workflows/job-cleanup-deployment.yml +++ b/.github/workflows/job-cleanup-deployment.yml @@ -1,4 +1,4 @@ -name: Cleanup Deployment Job +name: Cleanup Deployment Job v2 on: workflow_call: @@ -41,15 +41,6 @@ on: description: 'Docker Image Tag' required: true type: string - secrets: - AZURE_CLIENT_ID: - required: true - AZURE_CLIENT_SECRET: - required: true - AZURE_TENANT_ID: - required: true - AZURE_SUBSCRIPTION_ID: - required: true jobs: cleanup-deployment: @@ -109,7 +100,7 @@ jobs: echo "" >> $GITHUB_STEP_SUMMARY echo "| Field | Value |" >> $GITHUB_STEP_SUMMARY echo "|-------|--------|" >> $GITHUB_STEP_SUMMARY - echo "| **Resouce Group deletion Status** | ${{ steps.delete_rg.outcome == 'success' && '✅ Initiated' || '❌ Failed' }} |" >> $GITHUB_STEP_SUMMARY + echo "| **Resource Group deletion Status** | ${{ steps.delete_rg.outcome == 'success' && '✅ Initiated' || '❌ Failed' }} |" >> $GITHUB_STEP_SUMMARY echo "| **Resource Group** | \`${{ env.RESOURCE_GROUP_NAME }}\` |" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY if [[ "${{ steps.delete_rg.outcome }}" == "success" ]]; then diff --git a/.github/workflows/job-deploy-linux.yml b/.github/workflows/job-deploy-linux.yml index f960855a..000740d1 100644 --- a/.github/workflows/job-deploy-linux.yml +++ b/.github/workflows/job-deploy-linux.yml @@ -1,4 +1,4 @@ -name: Deploy Steps - Linux +name: Deploy Steps - Linux v2 on: workflow_call: @@ -24,49 +24,42 @@ on: EXP: required: true type: string + WAF_ENABLED: + required: false + type: string + default: 'false' AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID: required: false type: string AZURE_EXISTING_AI_PROJECT_RESOURCE_ID: required: false type: string - secrets: - AZURE_CLIENT_ID: - required: true - AZURE_CLIENT_SECRET: - required: true - AZURE_TENANT_ID: - required: true - AZURE_SUBSCRIPTION_ID: - required: true - ACR_TEST_LOGIN_SERVER: - required: true - AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID: - required: false - AZURE_ENV_FOUNDRY_PROJECT_ID: - required: false outputs: CONTAINER_WEB_APPURL: description: "Container Web App URL" value: ${{ jobs.deploy-linux.outputs.CONTAINER_WEB_APPURL }} - invoice_schema_id: - description: "Invoice Schema ID" - value: ${{ jobs.deploy-linux.outputs.invoice_schema_id }} - propertydamageclaimform_schema_id: - description: "Property Damage Claim Form Schema ID" - value: ${{ jobs.deploy-linux.outputs.propertydamageclaimform_schema_id }} jobs: deploy-linux: runs-on: ubuntu-latest + env: + AZURE_DEV_COLLECT_TELEMETRY: ${{ vars.AZURE_DEV_COLLECT_TELEMETRY }} outputs: CONTAINER_WEB_APPURL: ${{ steps.get_output_linux.outputs.CONTAINER_WEB_APPURL }} - invoice_schema_id: ${{ steps.register_linux.outputs.invoice_schema_id }} - propertydamageclaimform_schema_id: ${{ steps.register_linux.outputs.propertylossdamageclaimform_schema_id }} steps: - name: Checkout Code uses: actions/checkout@v4 + - name: Configure Parameters Based on WAF Setting + shell: bash + run: | + if [[ "${{ inputs.WAF_ENABLED }}" == "true" ]]; then + cp infra/main.waf.parameters.json infra/main.parameters.json + echo "✅ Successfully copied WAF parameters to main parameters file" + else + echo "🔧 Configuring Non-WAF deployment - using default main.parameters.json..." + fi + - name: Setup Azure CLI shell: bash run: | @@ -91,7 +84,7 @@ jobs: id: get_output_linux shell: bash run: | - set -e + set -e echo "Starting azd deployment..." echo "EXP: ${{ inputs.EXP }}" echo "Using Docker Image Tag: ${{ inputs.IMAGE_TAG }}" @@ -219,10 +212,10 @@ jobs: echo "|-------|--------|" >> $GITHUB_STEP_SUMMARY echo "| **Job Status** | ${{ job.status == 'success' && '✅ Success' || '❌ Failed' }} |" >> $GITHUB_STEP_SUMMARY echo "| **Resource Group** | \`${{ inputs.RESOURCE_GROUP_NAME }}\` |" >> $GITHUB_STEP_SUMMARY + echo "| **Configuration Type** | \`${{ inputs.WAF_ENABLED == 'true' && inputs.EXP == 'true' && 'WAF + EXP' || inputs.WAF_ENABLED == 'true' && inputs.EXP != 'true' && 'WAF + Non-EXP' || inputs.WAF_ENABLED != 'true' && inputs.EXP == 'true' && 'Non-WAF + EXP' || 'Non-WAF + Non-EXP' }}\` |" >> $GITHUB_STEP_SUMMARY echo "| **Azure Region (Infrastructure)** | \`${{ inputs.AZURE_LOCATION }}\` |" >> $GITHUB_STEP_SUMMARY echo "| **Azure OpenAI Region** | \`${{ inputs.AZURE_ENV_OPENAI_LOCATION }}\` |" >> $GITHUB_STEP_SUMMARY echo "| **Docker Image Tag** | \`${{ inputs.IMAGE_TAG }}\` |" >> $GITHUB_STEP_SUMMARY - echo "| **Environment Name** | \`${{ inputs.ENV_NAME }}\` |" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY if [[ "${{ job.status }}" == "success" ]]; then echo "### ✅ Deployment Details" >> $GITHUB_STEP_SUMMARY diff --git a/.github/workflows/job-deploy-windows.yml b/.github/workflows/job-deploy-windows.yml index 8153f668..d499a3c5 100644 --- a/.github/workflows/job-deploy-windows.yml +++ b/.github/workflows/job-deploy-windows.yml @@ -1,4 +1,4 @@ -name: Deploy Steps - Windows +name: Deploy Steps - Windows v2 on: workflow_call: @@ -24,49 +24,42 @@ on: EXP: required: true type: string + WAF_ENABLED: + required: false + type: string + default: 'false' AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID: required: false type: string AZURE_EXISTING_AI_PROJECT_RESOURCE_ID: required: false type: string - secrets: - AZURE_CLIENT_ID: - required: true - AZURE_CLIENT_SECRET: - required: true - AZURE_TENANT_ID: - required: true - AZURE_SUBSCRIPTION_ID: - required: true - ACR_TEST_LOGIN_SERVER: - required: true - AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID: - required: false - AZURE_ENV_FOUNDRY_PROJECT_ID: - required: false outputs: CONTAINER_WEB_APPURL: description: "Container Web App URL" value: ${{ jobs.deploy-windows.outputs.CONTAINER_WEB_APPURL }} - invoice_schema_id: - description: "Invoice Schema ID" - value: ${{ jobs.deploy-windows.outputs.invoice_schema_id }} - propertydamageclaimform_schema_id: - description: "Property Damage Claim Form Schema ID" - value: ${{ jobs.deploy-windows.outputs.propertydamageclaimform_schema_id }} jobs: deploy-windows: runs-on: windows-latest + env: + AZURE_DEV_COLLECT_TELEMETRY: ${{ vars.AZURE_DEV_COLLECT_TELEMETRY }} outputs: CONTAINER_WEB_APPURL: ${{ steps.get_output_windows.outputs.CONTAINER_WEB_APPURL }} - invoice_schema_id: ${{ steps.register_windows.outputs.invoice_schema_id }} - propertydamageclaimform_schema_id: ${{ steps.register_windows.outputs.propertylossdamageclaimform_schema_id }} steps: - name: Checkout Code uses: actions/checkout@v4 + - name: Configure Parameters Based on WAF Setting + shell: bash + run: | + if [[ "${{ inputs.WAF_ENABLED }}" == "true" ]]; then + cp infra/main.waf.parameters.json infra/main.parameters.json + echo "✅ Successfully copied WAF parameters to main parameters file" + else + echo "🔧 Configuring Non-WAF deployment - using default main.parameters.json..." + fi + - name: Setup Azure Developer CLI (Windows) uses: Azure/setup-azd@v2 @@ -207,6 +200,7 @@ jobs: echo "| Field | Value |" >> $GITHUB_STEP_SUMMARY echo "|-------|--------|" >> $GITHUB_STEP_SUMMARY echo "| **Job Status** | ${{ job.status == 'success' && '✅ Success' || '❌ Failed' }} |" >> $GITHUB_STEP_SUMMARY + echo "| **Configuration Type** | \`${{ inputs.WAF_ENABLED == 'true' && inputs.EXP == 'true' && 'WAF + EXP' || inputs.WAF_ENABLED == 'true' && inputs.EXP != 'true' && 'WAF + Non-EXP' || inputs.WAF_ENABLED != 'true' && inputs.EXP == 'true' && 'Non-WAF + EXP' || 'Non-WAF + Non-EXP' }}\` |" >> $GITHUB_STEP_SUMMARY echo "| **Resource Group** | \`${{ inputs.RESOURCE_GROUP_NAME }}\` |" >> $GITHUB_STEP_SUMMARY echo "| **Azure Region (Infrastructure)** | \`${{ inputs.AZURE_LOCATION }}\` |" >> $GITHUB_STEP_SUMMARY echo "| **Azure OpenAI Region** | \`${{ inputs.AZURE_ENV_OPENAI_LOCATION }}\` |" >> $GITHUB_STEP_SUMMARY diff --git a/.github/workflows/job-deploy.yml b/.github/workflows/job-deploy.yml index 864f1457..8b4a1376 100644 --- a/.github/workflows/job-deploy.yml +++ b/.github/workflows/job-deploy.yml @@ -1,4 +1,4 @@ -name: Deploy Job +name: Deploy Job v2 on: workflow_call: @@ -36,6 +36,16 @@ on: required: false default: false type: boolean + cleanup_resources: + description: 'Cleanup Deployed Resources' + required: false + default: false + type: boolean + run_e2e_tests: + description: 'Run End-to-End Tests' + required: false + default: 'GoldenPath-Testing' + type: string existing_webapp_url: description: 'Existing Container WebApp URL (Skips Deployment)' required: false @@ -56,28 +66,7 @@ on: required: false default: '' type: string - secrets: - AZURE_CLIENT_ID: - required: true - AZURE_CLIENT_SECRET: - required: true - AZURE_TENANT_ID: - required: true - AZURE_SUBSCRIPTION_ID: - required: true - ACR_TEST_LOGIN_SERVER: - required: true - AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID: - required: false - AZURE_ENV_FOUNDRY_PROJECT_ID: - required: false outputs: - invoice_schema_id: - description: "Invoice Schema ID" - value: ${{ jobs.deploy-linux.outputs.invoice_schema_id || jobs.deploy-windows.outputs.invoice_schema_id }} - propertydamageclaimform_schema_id: - description: "Property Damage Claim Form Schema ID" - value: ${{ jobs.deploy-linux.outputs.propertydamageclaimform_schema_id || jobs.deploy-windows.outputs.propertydamageclaimform_schema_id }} RESOURCE_GROUP_NAME: description: "Resource Group Name" value: ${{ jobs.azure-setup.outputs.RESOURCE_GROUP_NAME }} @@ -105,6 +94,8 @@ env: BRANCH_NAME: ${{ github.event.workflow_run.head_branch || github.head_ref || github.ref_name }} WAF_ENABLED: ${{ inputs.trigger_type == 'workflow_dispatch' && (inputs.waf_enabled || false) || false }} EXP: ${{ inputs.trigger_type == 'workflow_dispatch' && (inputs.EXP || false) || false }} + CLEANUP_RESOURCES: ${{ inputs.trigger_type == 'workflow_dispatch' && (inputs.cleanup_resources || false) || true }} + RUN_E2E_TESTS: ${{ inputs.trigger_type == 'workflow_dispatch' && (inputs.run_e2e_tests || 'GoldenPath-Testing') || 'GoldenPath-Testing' }} BUILD_DOCKER_IMAGE: ${{ inputs.trigger_type == 'workflow_dispatch' && (inputs.build_docker_image || false) || false }} jobs: @@ -143,14 +134,6 @@ jobs: - name: Checkout Code uses: actions/checkout@v4 - - name: Setup Azure CLI - shell: bash - run: | - if [[ "${{ runner.os }}" == "Linux" ]]; then - curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash - fi - az --version - - name: Login to Azure shell: bash run: | @@ -208,9 +191,8 @@ jobs: echo "AZURE_LOCATION=$VALID_REGION" >> $GITHUB_OUTPUT fi - - name: Generate Resource Group Name (Linux) - if: runner.os == 'Linux' - id: generate_rg_name_linux + - name: Generate Resource Group Name + id: generate_rg_name shell: bash run: | # Check if a resource group name was provided as input @@ -220,28 +202,11 @@ jobs: else echo "Generating a unique resource group name..." ACCL_NAME="cp" # Account name as specified - SHORT_UUID=$(uuidgen | cut -d'-' -f1) + SHORT_UUID=$(uuidgen | cut -d'-' -f1) UNIQUE_RG_NAME="arg-${ACCL_NAME}-${SHORT_UUID}" echo "RESOURCE_GROUP_NAME=${UNIQUE_RG_NAME}" >> $GITHUB_ENV echo "Generated RESOURCE_GROUP_NAME: ${UNIQUE_RG_NAME}" fi - - name: Generate Resource Group Name (Windows) - if: runner.os == 'Windows' - id: generate_rg_name_windows - shell: powershell - run: | - # Check if a resource group name was provided as input - if ("${{ inputs.resource_group_name }}" -ne "") { - Write-Host "Using provided Resource Group name: ${{ inputs.resource_group_name }}" - "RESOURCE_GROUP_NAME=${{ inputs.resource_group_name }}" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append - } else { - Write-Host "Generating a unique resource group name..." - $ACCL_NAME = "cp" # Account name as specified - $SHORT_UUID = ([guid]::NewGuid().ToString().Split('-')[0]) - $UNIQUE_RG_NAME = "arg-${ACCL_NAME}-${SHORT_UUID}" - "RESOURCE_GROUP_NAME=${UNIQUE_RG_NAME}" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append - Write-Host "Generated RESOURCE_GROUP_NAME: ${UNIQUE_RG_NAME}" - } - name: Install Bicep CLI shell: bash @@ -303,9 +268,9 @@ jobs: IMAGE_TAG="demo" echo "Using demo branch - image tag: demo" elif [[ "$BRANCH_NAME" == "hotfix" ]]; then - BASE_TAG="hotfix" + IMAGE_TAG="hotfix" elif [[ "$BRANCH_NAME" == "dependabotchanges" ]]; then - BASE_TAG="dependabotchanges" + IMAGE_TAG="dependabotchanges" else IMAGE_TAG="latest" echo "Using default for branch '$BRANCH_NAME' - image tag: latest" @@ -329,19 +294,38 @@ jobs: echo "Generated Environment Name: ${UNIQUE_ENV_NAME}" echo "ENV_NAME=${UNIQUE_ENV_NAME}" >> $GITHUB_OUTPUT - - name: Configure Parameters Based on WAF Setting + - name: Display Workflow Configuration to GitHub Summary shell: bash run: | - if [[ "${{ env.WAF_ENABLED }}" == "true" ]]; then - echo "🔧 Configuring WAF deployment - copying main.waf.parameters.json to main.parameters.json..." - cp infra/main.waf.parameters.json infra/main.parameters.json - echo "✅ Successfully copied WAF parameters to main parameters file" + echo "## 📋 Workflow Configuration Summary" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + echo "| Configuration | Value |" >> $GITHUB_STEP_SUMMARY + echo "|---------------|-------|" >> $GITHUB_STEP_SUMMARY + echo "| **Trigger Type** | \`${{ github.event_name }}\` |" >> $GITHUB_STEP_SUMMARY + echo "| **Branch** | \`${{ env.BRANCH_NAME }}\` |" >> $GITHUB_STEP_SUMMARY + echo "| **Runner OS** | \`${{ inputs.runner_os }}\` |" >> $GITHUB_STEP_SUMMARY + echo "| **WAF Enabled** | ${{ env.WAF_ENABLED == 'true' && '✅ Yes' || '❌ No' }} |" >> $GITHUB_STEP_SUMMARY + echo "| **EXP Enabled** | ${{ env.EXP == 'true' && '✅ Yes' || '❌ No' }} |" >> $GITHUB_STEP_SUMMARY + echo "| **Run E2E Tests** | \`${{ env.RUN_E2E_TESTS }}\` |" >> $GITHUB_STEP_SUMMARY + echo "| **Cleanup Resources** | ${{ env.CLEANUP_RESOURCES == 'true' && '✅ Yes' || '❌ No' }} |" >> $GITHUB_STEP_SUMMARY + echo "| **Build Docker Image** | ${{ env.BUILD_DOCKER_IMAGE == 'true' && '✅ Yes' || '❌ No' }} |" >> $GITHUB_STEP_SUMMARY + + if [[ "${{ inputs.trigger_type }}" == "workflow_dispatch" && -n "${{ inputs.azure_location }}" ]]; then + echo "| **Azure Location** | \`${{ inputs.azure_location }}\` (User Selected) |" >> $GITHUB_STEP_SUMMARY + fi + + if [[ -n "${{ inputs.resource_group_name }}" ]]; then + echo "| **Resource Group** | \`${{ inputs.resource_group_name }}\` (Pre-specified) |" >> $GITHUB_STEP_SUMMARY else - echo "🔧 Configuring Non-WAF deployment - using default main.parameters.json..." - if [[ -f infra/main.waf.parameters.json ]] && [[ ! -f infra/main.parameters.json.backup ]]; then - echo "Backing up original parameters file..." - git checkout HEAD -- infra/main.parameters.json || echo "Using existing main.parameters.json" - fi + echo "| **Resource Group** | \`${{ env.RESOURCE_GROUP_NAME }}\` (Auto-generated) |" >> $GITHUB_STEP_SUMMARY + fi + + echo "" >> $GITHUB_STEP_SUMMARY + + if [[ "${{ inputs.trigger_type }}" != "workflow_dispatch" ]]; then + echo "ℹ️ **Note:** Automatic Trigger - Using Non-WAF + Non-EXP configuration" >> $GITHUB_STEP_SUMMARY + else + echo "ℹ️ **Note:** Manual Trigger - Using user-specified configuration" >> $GITHUB_STEP_SUMMARY fi deploy-linux: @@ -355,18 +339,12 @@ jobs: AZURE_LOCATION: ${{ needs.azure-setup.outputs.AZURE_LOCATION }} RESOURCE_GROUP_NAME: ${{ needs.azure-setup.outputs.RESOURCE_GROUP_NAME }} IMAGE_TAG: ${{ needs.azure-setup.outputs.IMAGE_TAG }} - BUILD_DOCKER_IMAGE: ${{ github.event.inputs.build_docker_image || 'false' }} - EXP: ${{ github.event.inputs.EXP || 'false' }} + BUILD_DOCKER_IMAGE: ${{ inputs.build_docker_image || 'false' }} + EXP: ${{ inputs.EXP || 'false' }} + WAF_ENABLED: ${{ inputs.waf_enabled == true && 'true' || 'false' }} AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID: ${{ inputs.AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID }} AZURE_EXISTING_AI_PROJECT_RESOURCE_ID: ${{ inputs.AZURE_EXISTING_AI_PROJECT_RESOURCE_ID }} - secrets: - AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} - AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} - AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} - AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - ACR_TEST_LOGIN_SERVER: ${{ secrets.ACR_TEST_LOGIN_SERVER }} - AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID: ${{ secrets.AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID }} - AZURE_ENV_FOUNDRY_PROJECT_ID: ${{ secrets.AZURE_ENV_FOUNDRY_PROJECT_ID }} + secrets: inherit deploy-windows: name: Deploy on Windows @@ -379,15 +357,9 @@ jobs: AZURE_LOCATION: ${{ needs.azure-setup.outputs.AZURE_LOCATION }} RESOURCE_GROUP_NAME: ${{ needs.azure-setup.outputs.RESOURCE_GROUP_NAME }} IMAGE_TAG: ${{ needs.azure-setup.outputs.IMAGE_TAG }} - BUILD_DOCKER_IMAGE: ${{ github.event.inputs.build_docker_image || 'false' }} - EXP: ${{ github.event.inputs.EXP || 'false' }} + BUILD_DOCKER_IMAGE: ${{ inputs.build_docker_image || 'false' }} + EXP: ${{ inputs.EXP || 'false' }} + WAF_ENABLED: ${{ inputs.waf_enabled == true && 'true' || 'false' }} AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID: ${{ inputs.AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID }} AZURE_EXISTING_AI_PROJECT_RESOURCE_ID: ${{ inputs.AZURE_EXISTING_AI_PROJECT_RESOURCE_ID }} - secrets: - AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} - AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} - AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} - AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - ACR_TEST_LOGIN_SERVER: ${{ secrets.ACR_TEST_LOGIN_SERVER }} - AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID: ${{ secrets.AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID }} - AZURE_ENV_FOUNDRY_PROJECT_ID: ${{ secrets.AZURE_ENV_FOUNDRY_PROJECT_ID }} + secrets: inherit diff --git a/.github/workflows/job-display-configuration.yml b/.github/workflows/job-display-configuration.yml deleted file mode 100644 index 67cba2ee..00000000 --- a/.github/workflows/job-display-configuration.yml +++ /dev/null @@ -1,136 +0,0 @@ -name: Display Configuration Job - -on: - workflow_call: - inputs: - trigger_type: - description: 'Trigger type (workflow_dispatch, pull_request, schedule)' - required: true - type: string - runner_os: - description: 'Runner OS (ubuntu-latest or windows-latest)' - required: true - type: string - waf_enabled: - description: 'Enable WAF' - required: false - default: false - type: boolean - EXP: - description: 'Enable EXP' - required: false - default: false - type: boolean - build_docker_image: - description: 'Build And Push Docker Image (Optional)' - required: false - default: false - type: boolean - cleanup_resources: - description: 'Cleanup Deployed Resources' - required: false - default: false - type: boolean - run_e2e_tests: - description: 'Run End-to-End Tests' - required: false - default: 'GoldenPath-Testing' - type: string - azure_location: - description: 'Azure Location For Deployment' - required: false - default: 'australiaeast' - type: string - resource_group_name: - description: 'Resource Group Name (Optional)' - required: false - default: '' - type: string - existing_webapp_url: - description: 'Existing Container WebApp URL (Skips Deployment)' - required: false - default: '' - type: string - AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID: - description: 'Log Analytics Workspace ID (Optional)' - required: false - default: '' - type: string - AZURE_EXISTING_AI_PROJECT_RESOURCE_ID: - description: 'AI Project Resource ID (Optional)' - required: false - default: '' - type: string - -env: - BRANCH_NAME: ${{ github.event.workflow_run.head_branch || github.head_ref || github.ref_name }} - WAF_ENABLED: ${{ inputs.trigger_type == 'workflow_dispatch' && (inputs.waf_enabled || false) || false }} - EXP: ${{ inputs.trigger_type == 'workflow_dispatch' && (inputs.EXP || false) || false }} - CLEANUP_RESOURCES: ${{ inputs.trigger_type == 'workflow_dispatch' && (inputs.cleanup_resources || true) || true }} - RUN_E2E_TESTS: ${{ inputs.trigger_type == 'workflow_dispatch' && (inputs.run_e2e_tests || 'GoldenPath-Testing') || 'GoldenPath-Testing' }} - BUILD_DOCKER_IMAGE: ${{ inputs.trigger_type == 'workflow_dispatch' && (inputs.build_docker_image || false) || false }} - -jobs: - display-configuration: - name: Display Configuration - runs-on: ubuntu-latest - continue-on-error: true - steps: - - name: Validate and Auto-Configure EXP - shell: bash - run: | - echo "🔍 Validating EXP configuration..." - - if [[ "${{ inputs.EXP }}" != "true" ]]; then - if [[ -n "${{ inputs.AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID }}" ]] || [[ -n "${{ inputs.AZURE_EXISTING_AI_PROJECT_RESOURCE_ID }}" ]]; then - echo "🔧 AUTO-ENABLING EXP: EXP parameter values were provided but EXP was not explicitly enabled." - echo "" - echo "You provided values for:" - [[ -n "${{ inputs.AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID }}" ]] && echo " - Azure Log Analytics Workspace ID: '${{ inputs.AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID }}'" - [[ -n "${{ inputs.AZURE_EXISTING_AI_PROJECT_RESOURCE_ID }}" ]] && echo " - Azure AI Project Resource ID: '${{ inputs.AZURE_EXISTING_AI_PROJECT_RESOURCE_ID }}'" - echo "" - echo "✅ Automatically enabling EXP to use these values." - echo "EXP=true" >> $GITHUB_ENV - echo "📌 EXP has been automatically enabled for this deployment." - fi - fi - - - name: Display Workflow Configuration to GitHub Summary - shell: bash - run: | - echo "## 📋 Workflow Configuration Summary" >> $GITHUB_STEP_SUMMARY - echo "" >> $GITHUB_STEP_SUMMARY - echo "| Configuration | Value |" >> $GITHUB_STEP_SUMMARY - echo "|---------------|-------|" >> $GITHUB_STEP_SUMMARY - - if [[ "${{ inputs.existing_webapp_url }}" != "" ]]; then - echo "| **Existing WebApp URL (Skips Deployment)** | [${{ inputs.existing_webapp_url }}](${{ inputs.existing_webapp_url }}) |" >> $GITHUB_STEP_SUMMARY - echo "| **Run E2E Tests** | \`${{ env.RUN_E2E_TESTS }}\` |" >> $GITHUB_STEP_SUMMARY - else - echo "| **Trigger Type** | \`${{ github.event_name }}\` |" >> $GITHUB_STEP_SUMMARY - echo "| **Branch** | \`${{ env.BRANCH_NAME }}\` |" >> $GITHUB_STEP_SUMMARY - echo "| **Runner OS** | \`${{ inputs.runner_os }}\` |" >> $GITHUB_STEP_SUMMARY - echo "| **WAF Enabled** | ${{ env.WAF_ENABLED == 'true' && '✅ Yes' || '❌ No' }} |" >> $GITHUB_STEP_SUMMARY - echo "| **EXP Enabled** | ${{ env.EXP == 'true' && '✅ Yes' || '❌ No' }} |" >> $GITHUB_STEP_SUMMARY - echo "| **Run E2E Tests** | \`${{ env.RUN_E2E_TESTS }}\` |" >> $GITHUB_STEP_SUMMARY - echo "| **Cleanup Resources** | ${{ env.CLEANUP_RESOURCES == 'true' && '✅ Yes' || '❌ No' }} |" >> $GITHUB_STEP_SUMMARY - echo "| **Build Docker Image** | ${{ env.BUILD_DOCKER_IMAGE == 'true' && '✅ Yes' || '❌ No' }} |" >> $GITHUB_STEP_SUMMARY - - if [[ "${{ inputs.trigger_type }}" == "workflow_dispatch" && -n "${{ inputs.azure_location }}" ]]; then - echo "| **Azure Location** | \`${{ inputs.azure_location }}\` (User Selected) |" >> $GITHUB_STEP_SUMMARY - fi - - if [[ -n "${{ inputs.resource_group_name }}" ]]; then - echo "| **Resource Group** | \`${{ inputs.resource_group_name }}\` (Pre-specified) |" >> $GITHUB_STEP_SUMMARY - fi - fi - - echo "" >> $GITHUB_STEP_SUMMARY - - if [[ "${{ inputs.existing_webapp_url }}" == "" ]]; then - if [[ "${{ inputs.trigger_type }}" != "workflow_dispatch" ]]; then - echo "ℹ️ **Note:** Automatic Trigger - Using Non-WAF + Non-EXP configuration" >> $GITHUB_STEP_SUMMARY - else - echo "ℹ️ **Note:** Manual Trigger - Using user-specified configuration" >> $GITHUB_STEP_SUMMARY - fi - fi diff --git a/.github/workflows/job-docker-build.yml b/.github/workflows/job-docker-build.yml index 7dbba84e..71341dc5 100644 --- a/.github/workflows/job-docker-build.yml +++ b/.github/workflows/job-docker-build.yml @@ -1,4 +1,4 @@ -name: Docker Build Job +name: Docker Build Job v2 on: workflow_call: @@ -12,13 +12,6 @@ on: required: false default: false type: boolean - secrets: - ACR_TEST_LOGIN_SERVER: - required: true - ACR_TEST_USERNAME: - required: true - ACR_TEST_PASSWORD: - required: true outputs: IMAGE_TAG: description: "Generated Docker Image Tag" diff --git a/.github/workflows/job-send-notification.yml b/.github/workflows/job-send-notification.yml index 38508be6..e8016247 100644 --- a/.github/workflows/job-send-notification.yml +++ b/.github/workflows/job-send-notification.yml @@ -1,4 +1,4 @@ -name: Send Notification Job +name: Send Notification Job v2 on: workflow_call: @@ -60,9 +60,6 @@ on: required: false default: '' type: string - secrets: - EMAILNOTIFICATION_LOGICAPP_URL_TA: - required: false env: GPT_MIN_CAPACITY: 100