-
Notifications
You must be signed in to change notification settings - Fork 0
145 lines (125 loc) · 5.86 KB
/
workspace-deployment.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
name: FinOps environment deployment
on:
workflow_dispatch:
push:
branches: [ workspace_publish ]
permissions:
contents: read
id-token: write
env:
WORKSPACE_TEMPLATE_PARAMETER_PATH: ./s037-cost-management/TemplateParametersForWorkspace.json
WORKSPACE_TEMPLATE_DEPLOYMENT_PATH: ./s037-cost-management/TemplateForWorkspace.json
UPDATED_PARAMETER_PATH: updated-deployment-parameters.json
UPDATED_DEPLOYMENT_PATH: updated-deployment-template.json
STORED_TRIGGER_PATH: stopped-synapse-triggers.csv
jobs:
deploy-pre-dev:
name: Deploy s037-cost-mgmt
runs-on: ubuntu-latest
environment: pre-dev
env:
RESOURCE_GROUP: Synapse
SYNAPSE_WORKSPACE_NAME: s037-cost-management
steps:
- uses: actions/checkout@v2
- name: 'Service Principal Authentication'
uses: azure/login@v2
with:
creds: ${{ secrets.S037_AZURE_CREDENTIALS }}
enable-AzPSSession: true
- name: 'Stop Synapse Triggers'
uses: azure/powershell@v1
with:
inlineScript: |
./powershell/StopSynapseTriggers.ps1 -WorkspaceName ${{ env.SYNAPSE_WORKSPACE_NAME }} -ResourceGroup ${{ env.RESOURCE_GROUP }} -StoredTriggerPath ${{ env.STORED_TRIGGER_PATH }}
azPSVersion: "latest"
- name: Synapse workspace deployment
uses: Azure/synapse-workspace-deployment@V1.8.0
with:
TargetWorkspaceName: ${{ env.SYNAPSE_WORKSPACE_NAME }}
TemplateFile: ${{ env.WORKSPACE_TEMPLATE_DEPLOYMENT_PATH }}
ParametersFile: ${{ env.WORKSPACE_TEMPLATE_PARAMETER_PATH }}
DeleteArtifactsNotInTemplate: true
environment: 'Azure Public'
resourceGroup: ${{ env.RESOURCE_GROUP }}
clientId: ${{ secrets.AZURE_SP_CLIENTID }}
clientSecret: ${{ secrets.AZURE_SP_CLIENTSECRET }}
subscriptionId: ${{ secrets.S037_AZURE_SUBSCRIPTION_ID }}
tenantId: ${{ secrets.AZURE_TENANT_ID }}
operation: 'deploy'
- name: 'Start Synapse Triggers'
uses: azure/powershell@v1
with:
inlineScript: |
./powershell/StartSynapseTriggers.ps1 -WorkspaceName ${{ env.SYNAPSE_WORKSPACE_NAME }} -ResourceGroup ${{ env.RESOURCE_GROUP }} -StoredTriggerPath ${{ env.STORED_TRIGGER_PATH }}
azPSVersion: "latest"
deploy-dev:
# needs: deploy-pre-dev
name: Deploy Dev Environment
runs-on: ubuntu-latest
environment: dev
env:
RESOURCE_GROUP: finops-rg-dev
SYNAPSE_WORKSPACE_NAME: finops-synapse-dev
PARAMETER_FILE_PATH: azuredeploy.parameters.dev.json
steps:
- uses: actions/checkout@v2
- name: 'Service Principal Authentication'
uses: azure/login@v2
with:
creds: ${{ secrets.S926_AZURE_CREDENTIALS }}
enable-AzPSSession: true
- name: Update Bicep parameters
uses: Azure/CLI@v1
with:
inlineScript: |
result=$(az synapse workspace show --name ${{ env.SYNAPSE_WORKSPACE_NAME }} --resource-group ${{ env.RESOURCE_GROUP }} 2>/dev/null || echo "")
exists=$(if [ -z "$result" ]; then echo false; else echo true; fi)
echo "`jq --argjson new "$exists" '.parameters.workspaceExists.value = $new' ${{ env.PARAMETER_FILE_PATH }}`" > ${{ env.PARAMETER_FILE_PATH }}
- name: Ensure Azure Infrastructure
uses: Azure/CLI@v1
with:
inlineScript: |
az deployment group create \
--template-file azuredeploy.bicep \
--resource-group ${{ env.RESOURCE_GROUP }} \
--parameters ${{ env.PARAMETER_FILE_PATH }}
- name: 'Override Synapse ARM Template parameters'
shell: pwsh
run: |
./powershell/OverrideWorkspaceParameters.ps1 -SubscriptionId ${{ secrets.S926_AZURE_SUBSCRIPTION_ID }} -ResourceGroupName ${{ env.RESOURCE_GROUP }} -WorkspaceName ${{ env.SYNAPSE_WORKSPACE_NAME }} -BicepParameterPath ${{ env.PARAMETER_FILE_PATH }} -WorkspaceTemplateParamaterPath ${{ env.WORKSPACE_TEMPLATE_PARAMETER_PATH }} -UpdatedParameterPath ${{ env.UPDATED_PARAMETER_PATH }}
- name: 'Clean ARM Template'
shell: pwsh
run: |
./powershell/CleanArmTemplate.ps1 -ARMTemplatePath ${{ env.WORKSPACE_TEMPLATE_DEPLOYMENT_PATH }} -UpdatedTemplatePath ${{ env.UPDATED_DEPLOYMENT_PATH }} -WorkspaceName ${{ env.SYNAPSE_WORKSPACE_NAME }} -BicepParameterPath ${{ env.PARAMETER_FILE_PATH }}
- name: 'Stop Synapse Triggers'
uses: azure/powershell@v1
with:
inlineScript: |
./powershell/StopSynapseTriggers.ps1 -WorkspaceName ${{ env.SYNAPSE_WORKSPACE_NAME }} -ResourceGroup ${{ env.RESOURCE_GROUP }} -StoredTriggerPath ${{ env.STORED_TRIGGER_PATH }}
azPSVersion: "latest"
- name: Synapse workspace deployment
uses: Azure/synapse-workspace-deployment@V1.8.0
with:
TargetWorkspaceName: ${{ env.SYNAPSE_WORKSPACE_NAME }}
TemplateFile: ${{ env.UPDATED_DEPLOYMENT_PATH }}
ParametersFile: ${{ env.UPDATED_PARAMETER_PATH }}
DeleteArtifactsNotInTemplate: true
environment: 'Azure Public'
resourceGroup: ${{ env.RESOURCE_GROUP }}
clientId: ${{ secrets.AZURE_SP_CLIENTID }}
clientSecret: ${{ secrets.AZURE_SP_CLIENTSECRET }}
subscriptionId: ${{ secrets.S926_AZURE_SUBSCRIPTION_ID }}
tenantId: ${{ secrets.AZURE_TENANT_ID }}
operation: 'deploy'
- name: 'Start Synapse Triggers'
uses: azure/powershell@v1
with:
inlineScript: |
./powershell/StartSynapseTriggers.ps1 -WorkspaceName ${{ env.SYNAPSE_WORKSPACE_NAME }} -ResourceGroup ${{ env.RESOURCE_GROUP }} -StoredTriggerPath ${{ env.STORED_TRIGGER_PATH }}
azPSVersion: "latest"
# deploy-prod:
# needs: deploy-test
# name: Deploy Prod Environment
# runs-on: ubuntu-latest
# environment: prod