|
| 1 | +name: Validate Bicep Parameters |
| 2 | + |
| 3 | +permissions: |
| 4 | + contents: read |
| 5 | + |
| 6 | +on: |
| 7 | + schedule: |
| 8 | + - cron: '30 6 * * 3' # Wednesday 12:00 PM IST (6:30 AM UTC) |
| 9 | + pull_request: |
| 10 | + branches: |
| 11 | + - main |
| 12 | + - dev |
| 13 | + paths: |
| 14 | + - 'infra/**/*.bicep' |
| 15 | + - 'infra/**/*.parameters.json' |
| 16 | + workflow_dispatch: |
| 17 | + push: |
| 18 | + branches: |
| 19 | + - hb-psl-38859 |
| 20 | + |
| 21 | +env: |
| 22 | + accelerator_name: "Content Processing" |
| 23 | + |
| 24 | +jobs: |
| 25 | + validate: |
| 26 | + runs-on: ubuntu-latest |
| 27 | + steps: |
| 28 | + - name: Checkout Code |
| 29 | + uses: actions/checkout@v4 |
| 30 | + |
| 31 | + - name: Set up Python |
| 32 | + uses: actions/setup-python@v5 |
| 33 | + with: |
| 34 | + python-version: '3.11' |
| 35 | + |
| 36 | + - name: Validate infra/ parameters |
| 37 | + id: validate_infra |
| 38 | + run: | |
| 39 | + python infra/scripts/validate_bicep_params.py --dir infra --no-color --json-output infra_results.json 2>&1 | tee infra_output.txt |
| 40 | + INFRA_EXIT=${PIPESTATUS[0]} |
| 41 | + echo "## Infra Param Validation" >> "$GITHUB_STEP_SUMMARY" |
| 42 | + echo '```' >> "$GITHUB_STEP_SUMMARY" |
| 43 | + cat infra_output.txt >> "$GITHUB_STEP_SUMMARY" |
| 44 | + echo '```' >> "$GITHUB_STEP_SUMMARY" |
| 45 | + echo "exit_code=$INFRA_EXIT" >> "$GITHUB_OUTPUT" |
| 46 | +
|
| 47 | + - name: Validate infra/ parameters (strict) |
| 48 | + id: validate_infra_strict |
| 49 | + run: | |
| 50 | + python infra/scripts/validate_bicep_params.py --dir infra --strict --no-color 2>&1 |
| 51 | + echo "exit_code=$?" >> "$GITHUB_OUTPUT" |
| 52 | + continue-on-error: true |
| 53 | + |
| 54 | + - name: Set overall result |
| 55 | + id: result |
| 56 | + run: | |
| 57 | + INFRA_STRICT=${{ steps.validate_infra_strict.outcome }} |
| 58 | + if [[ "$INFRA_STRICT" == "failure" ]]; then |
| 59 | + echo "status=failure" >> "$GITHUB_OUTPUT" |
| 60 | + else |
| 61 | + echo "status=success" >> "$GITHUB_OUTPUT" |
| 62 | + fi |
| 63 | +
|
| 64 | + - name: Upload validation results |
| 65 | + if: always() |
| 66 | + uses: actions/upload-artifact@v4 |
| 67 | + with: |
| 68 | + name: bicep-validation-results |
| 69 | + path: | |
| 70 | + infra_results.json |
| 71 | + retention-days: 30 |
| 72 | + |
| 73 | + - name: Send schedule notification on failure |
| 74 | + if: steps.result.outputs.status == 'failure' |
| 75 | + env: |
| 76 | + LOGICAPP_URL: ${{ secrets.EMAILNOTIFICATION_LOGICAPP_URL_TA }} |
| 77 | + GITHUB_REPOSITORY: ${{ github.repository }} |
| 78 | + GITHUB_RUN_ID: ${{ github.run_id }} |
| 79 | + ACCELERATOR_NAME: ${{ env.accelerator_name }} |
| 80 | + run: | |
| 81 | + RUN_URL="https://github.com/${GITHUB_REPOSITORY}/actions/runs/${GITHUB_RUN_ID}" |
| 82 | + INFRA_OUTPUT=$(sed 's/&/\&/g; s/</\</g; s/>/\>/g' infra_output.txt) |
| 83 | +
|
| 84 | + jq -n \ |
| 85 | + --arg name "${ACCELERATOR_NAME}" \ |
| 86 | + --arg infra "$INFRA_OUTPUT" \ |
| 87 | + --arg url "$RUN_URL" \ |
| 88 | + '{subject: ("Bicep Parameter Validation Report - " + $name + " - Issues Detected"), body: ("<p>Dear Team,</p><p>The scheduled <strong>Bicep Parameter Validation</strong> for <strong>" + $name + "</strong> has detected parameter mapping errors.</p><p><strong>infra/ Results:</strong></p><pre>" + $infra + "</pre><p><strong>Run URL:</strong> <a href=\"" + $url + "\">" + $url + "</a></p><p>Please fix the parameter mapping issues at your earliest convenience.</p><p>Best regards,<br>Your Automation Team</p>")}' \ |
| 89 | + | curl -X POST "${LOGICAPP_URL}" \ |
| 90 | + -H "Content-Type: application/json" \ |
| 91 | + -d @- || echo "Failed to send notification" |
| 92 | +
|
| 93 | + - name: Send schedule notification on success |
| 94 | + if: steps.result.outputs.status == 'success' |
| 95 | + env: |
| 96 | + LOGICAPP_URL: ${{ secrets.EMAILNOTIFICATION_LOGICAPP_URL_TA }} |
| 97 | + GITHUB_REPOSITORY: ${{ github.repository }} |
| 98 | + GITHUB_RUN_ID: ${{ github.run_id }} |
| 99 | + ACCELERATOR_NAME: ${{ env.accelerator_name }} |
| 100 | + run: | |
| 101 | + RUN_URL="https://github.com/${GITHUB_REPOSITORY}/actions/runs/${GITHUB_RUN_ID}" |
| 102 | + INFRA_OUTPUT=$(sed 's/&/\&/g; s/</\</g; s/>/\>/g' infra_output.txt) |
| 103 | +
|
| 104 | + jq -n \ |
| 105 | + --arg name "${ACCELERATOR_NAME}" \ |
| 106 | + --arg infra "$INFRA_OUTPUT" \ |
| 107 | + --arg url "$RUN_URL" \ |
| 108 | + '{subject: ("Bicep Parameter Validation Report - " + $name + " - Passed"), body: ("<p>Dear Team,</p><p>The scheduled <strong>Bicep Parameter Validation</strong> for <strong>" + $name + "</strong> has completed successfully. All parameter mappings are valid.</p><p><strong>infra/ Results:</strong></p><pre>" + $infra + "</pre><p><strong>Run URL:</strong> <a href=\"" + $url + "\">" + $url + "</a></p><p>Best regards,<br>Your Automation Team</p>")}' \ |
| 109 | + | curl -X POST "${LOGICAPP_URL}" \ |
| 110 | + -H "Content-Type: application/json" \ |
| 111 | + -d @- || echo "Failed to send notification" |
| 112 | +
|
| 113 | + - name: Fail if errors found |
| 114 | + if: steps.result.outputs.status == 'failure' |
| 115 | + run: exit 1 |
0 commit comments