-
Notifications
You must be signed in to change notification settings - Fork 0
87 lines (73 loc) · 3.24 KB
/
key-vault-create.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
name: CI key-vault-create
on:
push:
branches: [ main ]
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
jobs:
build:
# The type of runner that the job will run on
runs-on: ubuntu-latest
env:
RESOURCE_GROUP_NAME: "rg-key-vault-create"
LOCATION: "westeurope"
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- name: Checkout the repo
uses: actions/checkout@v2
- name: Install dependencies
uses: azure/powershell@v1
with:
azPSVersion: '5.8.0'
inlineScript: |
Set-PSRepository -Name "PSGallery" -InstallationPolicy Trusted
Find-Module -Name Az | Install-Module -Scope CurrentUser
Find-Module -Name Pester | Install-Module -Scope CurrentUser
- name: Generate key vault unique name
run: echo KEYVAULT_NAME=kv$(date +%s) >> $GITHUB_ENV
- name: Substitute default parameters (arm template)
uses: microsoft/variable-substitution@v1
with:
files: '${{github.workspace}}/Samples/microsoft.keyvault/key-vault-create/arm/azuredeploy.parameters.json'
env:
parameters.keyVaultName.value: ${{env.KEYVAULT_NAME}}
parameters.objectId.value: ${{secrets.SP_OBJECT_ID}}
parameters.secretName.value: "Secret1"
parameters.secretValue.value: "Secret1-Value"
- name: Substitute default parameters (azpester)
uses: microsoft/variable-substitution@v1
with:
files: '${{github.workspace}}/Samples/microsoft.keyvault/key-vault-create/azpester/definition.parameters.json'
env:
parameters.keyVaultName.value: ${{env.KEYVAULT_NAME}}
parameters.objectId.value: ${{secrets.SP_OBJECT_ID}}
parameters.subscriptionId.value: ${{secrets.SUBSCRIPTION_ID}}
parameters.resourceGroupName.value: ${{env.RESOURCE_GROUP_NAME}}
parameters.location.value: ${{env.LOCATION}}
- name: Login
uses: azure/login@v1
with:
creds: ${{secrets.AZURE_CREDENTIALS}}
enable-AzPSSession: true
- name: Deploy template
uses: azure/powershell@v1
with:
azPSVersion: '5.8.0'
inlineScript: |
New-AzResourceGroup -Name ${{env.RESOURCE_GROUP_NAME}} -Location ${{env.LOCATION}}
cd "${{github.workspace}}\Samples\microsoft.keyvault\key-vault-create\arm"
New-AzResourceGroupDeployment -ResourceGroupName ${{env.RESOURCE_GROUP_NAME}} -TemplateFile azuredeploy.json -TemplateParameterFile azuredeploy.parameters.json
- name: Test
uses: azure/powershell@v1
with:
azPSVersion: '5.8.0'
inlineScript: |
Import-Module "${{github.workspace}}\Source\AzPester.psm1"
cd "${{github.workspace}}\Samples\microsoft.keyvault\key-vault-create\azpester"
Invoke-AzPester -Definition definition.json -Parameters definition.parameters.json
- name: Clean
uses: azure/powershell@v1
with:
azPSVersion: '5.8.0'
inlineScript: |
Remove-AzResourceGroup -Name ${{env.RESOURCE_GROUP_NAME}} -Force