demo-platform/test-alex-gitops-1
3
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

initial commit
All checks were successful
Build and Push to ACR / Build and Push (push) Successful in 1m43s
Details

Browse Source 
Change-Id: I3184ea3bc23ecc769c9de5fad0a0a0229e353629
This commit is contained in:
Scaffolder
2026-03-23 23:19:03 +00:00
commit d10e2ce029
19 changed files with 1089 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
.gitea/actions/git-branch/action.yml Normal file
View File

@@ -0,0 +1,62 @@
name: 'git-branch'
description: 'Create a new branch in a Gitea repository via the Gitea API'
inputs:
branch:
description: 'Name of the new branch to create'
required: true
from:
description: 'Source branch to create from'
required: false
default: 'main'
repo-owner:
description: 'Owner (org or user) of the Gitea repository'
required: true
repo-name:
description: 'Name of the Gitea repository'
required: true
gitea-url:
description: 'Base URL of the Gitea instance'
required: false
default: 'https://gitea.kyndemo.live'
token:
description: 'Gitea API token with write access to the repository'
required: true
outputs:
branch-name:
description: 'Name of the created branch'
value:
runs:
using: composite
steps:
- name: Create branch from
shell: bash
env:
GITEA_TOKEN:
GITEA_URL: NaN
REPO_OWNER: NaN
REPO_NAME: NaN
NEW_BRANCH:
FROM_BRANCH:
run: |
echo "Creating branch '${NEW_BRANCH}' from '${FROM_BRANCH}' in ${REPO_OWNER}/${REPO_NAME}..."
RESPONSE=$(curl -s -w "\n%{http_code}" \
-X POST "${GITEA_URL}/api/v1/repos/${REPO_OWNER}/${REPO_NAME}/branches" \
-H "Authorization: token ${GITEA_TOKEN}" \
-H "Content-Type: application/json" \
-d "{\"new_branch_name\": \"${NEW_BRANCH}\", \"old_branch_name\": \"${FROM_BRANCH}\"}")
HTTP_BODY=$(echo "$RESPONSE" | head -n-1)
HTTP_CODE=$(echo "$RESPONSE" | tail -n1)
if [ "$HTTP_CODE" = "201" ]; then
echo "✓ Branch '${NEW_BRANCH}' created successfully."
elif [ "$HTTP_CODE" = "409" ]; then
echo "⚠ Branch '${NEW_BRANCH}' already exists — skipping."
else
echo "✗ Failed to create branch. HTTP ${HTTP_CODE}: ${HTTP_BODY}" >&2
exit 1
fi

89
.gitea/actions/git-pr/action.yml Normal file
View File

@@ -0,0 +1,89 @@
name: 'git-pr'
description: 'Open a pull request in a Gitea repository via the Gitea API'
inputs:
title:
description: 'Title of the pull request'
required: true
head:
description: 'Source branch for the PR (head)'
required: true
base:
description: 'Target branch for the PR (base)'
required: true
body:
description: 'Body / description of the pull request'
required: false
default: ''
auto-merge:
description: 'Whether to enable auto-merge on the PR (true/false)'
required: false
default: 'false'
repo-owner:
description: 'Owner (org or user) of the Gitea repository'
required: true
repo-name:
description: 'Name of the Gitea repository'
required: true
gitea-url:
description: 'Base URL of the Gitea instance'
required: false
default: 'https://gitea.kyndemo.live'
token:
description: 'Gitea API token with write access to the repository'
required: true
outputs:
pr-url:
description: 'HTML URL of the opened pull request'
value: NaN
pr-number:
description: 'Number of the opened pull request'
value: NaN
runs:
using: composite
steps:
- id: open-pr
name: Open PR →
shell: bash
env:
GITEA_TOKEN:
GITEA_URL: NaN
REPO_OWNER: NaN
REPO_NAME: NaN
PR_TITLE:
PR_HEAD:
PR_BASE:
PR_BODY:
run: |
echo "Opening PR '${PR_TITLE}': ${PR_HEAD} → ${PR_BASE} in ${REPO_OWNER}/${REPO_NAME}..."
PAYLOAD=$(jq -n \
--arg title "$PR_TITLE" \
--arg head "$PR_HEAD" \
--arg base "$PR_BASE" \
--arg body "$PR_BODY" \
'{title: $title, head: $head, base: $base, body: $body}')
RESPONSE=$(curl -s -w "\n%{http_code}" \
-X POST "${GITEA_URL}/api/v1/repos/${REPO_OWNER}/${REPO_NAME}/pulls" \
-H "Authorization: token ${GITEA_TOKEN}" \
-H "Content-Type: application/json" \
-d "$PAYLOAD")
HTTP_BODY=$(echo "$RESPONSE" | head -n-1)
HTTP_CODE=$(echo "$RESPONSE" | tail -n1)
if [ "$HTTP_CODE" = "201" ]; then
PR_URL=$(echo "$HTTP_BODY" | jq -r '.html_url')
PR_NUMBER=$(echo "$HTTP_BODY" | jq -r '.number')
echo "✓ PR #${PR_NUMBER} opened: ${PR_URL}"
echo "pr-url=${PR_URL}" >> "$GITEA_OUTPUT"
echo "pr-number=${PR_NUMBER}" >> "$GITEA_OUTPUT"
elif [ "$HTTP_CODE" = "409" ]; then
echo "⚠ A PR for ${PR_HEAD} → ${PR_BASE} already exists — skipping."
else
echo "✗ Failed to open PR. HTTP ${HTTP_CODE}: ${HTTP_BODY}" >&2
exit 1
fi

78
.gitea/actions/platform-check/action.yml Normal file
View File

@@ -0,0 +1,78 @@
name: 'platform-check'
description: 'Validates catalog-info.yaml conformance and platform branch initialization'
runs:
using: composite
steps:
- name: Ensure PyYAML
shell: bash
run: python3 -c "import yaml" 2>/dev/null || pip3 install pyyaml -q
- name: Platform conformance check
shell: bash
run: |
FAIL=0
echo "══════════════════════════════════════════════════"
echo " Platform Conformance Check"
echo "══════════════════════════════════════════════════"
# ── Required platform files ───────────────────────────
for f in catalog-info.yaml Dockerfile docs; do
if [[ -e "$f" ]]; then
echo " ✓ $f"
else
echo " ✗ $f MISSING"
FAIL=1
fi
done
# ── Platform branch model initialization ─────────────────────────────────
if [[ -f ".platform/initialized.md" ]]; then
echo " ✓ .platform/initialized.md (GitOps branch model active)"
else
echo " ✗ .platform/initialized.md MISSING"
echo " This file is committed to the dev branch by gitea:setup-branches."
echo " Its presence proves this PR originated from the platform-managed dev branch."
FAIL=1
fi
# ── catalog-info.yaml field validation ───────────────
if python3 - <<'PYEOF'
import yaml, sys
try:
doc = yaml.safe_load(open('catalog-info.yaml'))
except Exception as e:
print(f" ✗ catalog-info.yaml: parse error: {e}")
sys.exit(1)
fields = [
('apiVersion', lambda d: d.get('apiVersion')),
('kind', lambda d: d.get('kind')),
('metadata.name', lambda d: (d.get('metadata') or {}).get('name')),
('spec.type', lambda d: (d.get('spec') or {}).get('type')),
('spec.owner', lambda d: (d.get('spec') or {}).get('owner')),
]
fail = False
for field, getter in fields:
val = getter(doc)
if val:
print(f" ✓ catalog-info.yaml/{field}: {val}")
else:
print(f" ✗ catalog-info.yaml/{field}: missing or empty")
fail = True
sys.exit(1 if fail else 0)
PYEOF
then
echo " ✓ catalog-info.yaml is conformant"
else
FAIL=1
fi
echo "──────────────────────────────────────────────────"
if [[ $FAIL -eq 0 ]]; then
echo " ✓ Platform conformance: PASSED"
else
echo " ✗ Platform conformance: FAILED"
exit 1
fi

81
.gitea/workflows/build-push.yml Normal file
View File

@@ -0,0 +1,81 @@
name: Build and Push to ACR
on:
push:
branches: [ "main", "dev" ]
workflow_dispatch: {}
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
env:
AZURE_FEDERATED_TOKEN_FILE: /var/run/secrets/azure/tokens/azure-identity-token
jobs:
build:
name: Build and Push
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Install Azure CLI
run: |
command -v az &>/dev/null || curl -sL https://aka.ms/InstallAzureCLIDeb | bash
- name: Install Docker CLI
run: |
command -v docker &>/dev/null || (apt-get update -qq && apt-get install -y docker.io)
docker --version
- name: Azure login (OIDC)
run: |
az login \
--service-principal \
--username "$AZURE_CLIENT_ID" \
--tenant "$AZURE_TENANT_ID" \
--federated-token "$(cat $AZURE_FEDERATED_TOKEN_FILE)"
echo "✓ Azure login successful"
- name: Get ACR details
id: acr
run: |
ACR_NAME=$(az acr list --query "[0].name" -o tsv)
ACR_NAME="${ACR_NAME:-bstagecjotdevacr}"
echo "ACR_NAME=$ACR_NAME" >> $GITHUB_ENV
echo "ACR_LOGIN_SERVER=${ACR_NAME}.azurecr.io" >> $GITHUB_ENV
echo "✓ Using ACR: ${ACR_NAME}.azurecr.io"
- name: ACR Login
run: |
ACR_TOKEN=$(az acr login --name "$ACR_NAME" --expose-token --output tsv --query accessToken)
docker login "$ACR_LOGIN_SERVER" \
--username 00000000-0000-0000-0000-000000000000 \
--password "$ACR_TOKEN"
echo "✓ ACR login successful"
- name: Build and Push Docker image
run: |
IMAGE_TAG="${{ gitea.sha }}"
IMAGE_FULL="${ACR_LOGIN_SERVER}/test-alex-gitops-1:${IMAGE_TAG}"
IMAGE_LATEST="${ACR_LOGIN_SERVER}/test-alex-gitops-1:latest"
docker build -t "$IMAGE_FULL" -t "$IMAGE_LATEST" .
docker push "$IMAGE_FULL"
docker push "$IMAGE_LATEST"
echo "IMAGE_FULL=$IMAGE_FULL" >> $GITHUB_ENV
echo "✓ Pushed: $IMAGE_FULL"
- name: Build Summary
run: |
echo "### ✅ Build Successful" >> $GITHUB_STEP_SUMMARY
echo "| | |" >> $GITHUB_STEP_SUMMARY
echo "|---|---|" >> $GITHUB_STEP_SUMMARY
echo "| **Service** | test-alex-gitops-1 |" >> $GITHUB_STEP_SUMMARY
echo "| **Runtime** | Python FastAPI |" >> $GITHUB_STEP_SUMMARY
echo "| **Commit** | ${{ gitea.sha }} |" >> $GITHUB_STEP_SUMMARY
echo "| **Image** | $IMAGE_FULL |" >> $GITHUB_STEP_SUMMARY

188
.gitea/workflows/deploy-humanitec.yml Normal file
View File

@@ -0,0 +1,188 @@
name: Deploy to Humanitec
on:
workflow_run:
workflows: ["Build and Push to ACR"]
types:
- completed
branches: [ "main", "dev" ]
workflow_dispatch:
inputs:
environment:
description: 'Target environment'
required: true
default: 'dev'
type: choice
options:
- dev
- staging
- prod
env:
APP_ID: test-alex-gitops-1
PROJECT_ID: test-alex-gitops-1
AZURE_FEDERATED_TOKEN_FILE: /var/run/secrets/azure/tokens/azure-identity-token
DEFAULT_ENV_ID: dev
jobs:
deploy:
name: Deploy to Humanitec
runs-on: ubuntu-latest
if: github.event_name == 'workflow_dispatch' || github.event.workflow_run.conclusion == 'success'
permissions:
contents: read
id-token: write
outputs:
sha: ${{ steps.get-sha.outputs.sha }}
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Get short SHA
id: get-sha
run: echo "sha=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT
- name: Install CLI tools
run: |
# jq (needed for github API call)
command -v jq &>/dev/null || (apt-get update -qq && apt-get install -y -qq jq)
# hctl (Humanitec Platform Orchestrator v2 CLI)
HCTL_VERSION=$(curl -s https://api.github.com/repos/humanitec/hctl/releases/latest | jq -r '.tag_name')
curl -fLO "https://github.com/humanitec/hctl/releases/download/${HCTL_VERSION}/hctl_${HCTL_VERSION#v}_linux_amd64.tar.gz"
tar -xzf "hctl_${HCTL_VERSION#v}_linux_amd64.tar.gz"
install -m 755 hctl /usr/local/bin/hctl
hctl --version
echo "✓ Tools installed"
- name: Install Azure CLI
run: command -v az &>/dev/null || curl -sL https://aka.ms/InstallAzureCLIDeb | bash
- name: Azure login (OIDC)
run: |
az login \
--service-principal \
--username "$AZURE_CLIENT_ID" \
--tenant "$AZURE_TENANT_ID" \
--federated-token "$(cat $AZURE_FEDERATED_TOKEN_FILE)"
echo "✓ Azure login successful"
- name: Get image reference
id: image
run: |
ACR_LOGIN_SERVER=$(az acr list --query "[0].loginServer" -o tsv)
SHA=${{ steps.get-sha.outputs.sha }}
echo "IMAGE_FULL=${ACR_LOGIN_SERVER}/test-alex-gitops-1:${SHA}" >> $GITHUB_ENV
echo "✓ Image: ${ACR_LOGIN_SERVER}/test-alex-gitops-1:${SHA}"
- name: Set environment
id: set-env
run: |
if [ "${{ gitea.event_name }}" = "workflow_dispatch" ]; then
ENV_ID="${{ gitea.event.inputs.environment }}"
else
ENV_ID="$DEFAULT_ENV_ID"
fi
ENV_ID="${ENV_ID:-dev}"
echo "ENV_ID=$ENV_ID" >> $GITHUB_OUTPUT
echo "ENV_ID=$ENV_ID" >> $GITHUB_ENV
echo "✓ Target environment: $ENV_ID"
- name: Get Humanitec credentials from Key Vault
run: |
HUMANITEC_TOKEN=$(az keyvault secret show \
--vault-name "bstage-cjot-dev-core-kv" \
--name "humanitec-api-token-v2" \
--query "value" -o tsv)
[ -z "$HUMANITEC_TOKEN" ] && echo "❌ Failed to retrieve HUMANITEC_TOKEN" && exit 1
echo "HUMANITEC_AUTH_TOKEN=$HUMANITEC_TOKEN" >> $GITHUB_ENV
HUMANITEC_ORG=$(az keyvault secret show \
--vault-name "bstage-cjot-dev-core-kv" \
--name "humanitec-org-id" \
--query "value" -o tsv)
[ -z "$HUMANITEC_ORG" ] && echo "❌ Failed to retrieve HUMANITEC_ORG" && exit 1
echo "HUMANITEC_ORG=$HUMANITEC_ORG" >> $GITHUB_ENV
echo "✓ Credentials retrieved"
- name: Deploy via Humanitec Score
run: |
# Pre-flight: wait for any prior deployment to finish before calling hctl.
# hctl refuses to start a new deployment while one is still executing.
echo "Pre-flight: checking for in-progress deployments..."
PREFLIGHT_WAITED=0
while [ $PREFLIGHT_WAITED -lt 300 ]; do
PREFLIGHT_STATUS=$(curl -sf \
-H "Authorization: Bearer $HUMANITEC_AUTH_TOKEN" \
"https://api.humanitec.dev/orgs/$HUMANITEC_ORG/last-deployments?env_id=$ENV_ID&project_id=$PROJECT_ID&state_change_only=true" \
| jq -r '.items[0].status // "none"' 2>/dev/null || echo "none")
if [ "$PREFLIGHT_STATUS" != "in progress" ] && [ "$PREFLIGHT_STATUS" != "pending" ] && [ "$PREFLIGHT_STATUS" != "executing" ]; then
echo "Pre-flight passed (status=$PREFLIGHT_STATUS). Proceeding."
break
fi
echo " Prior deployment still running ($PREFLIGHT_WAITED s elapsed, status=$PREFLIGHT_STATUS)..."
sleep 15
PREFLIGHT_WAITED=$((PREFLIGHT_WAITED + 15))
done
# First deploy — provisions all resources. On a brand-new Humanitec project the
# dns-k8s-ingress Terraform module runs before the K8s Service exists, so the
# ingress backend port falls back to 3000. A second deploy (below) corrects it
# once the Service is up, which is essential for apps not running on port 3000.
HCTL_EXIT=0
timeout 300 hctl score deploy "$PROJECT_ID" "$ENV_ID" score.yaml \
--no-prompt \
--default-image "$IMAGE_FULL" || HCTL_EXIT=$?
if [ "$HCTL_EXIT" -eq 0 ]; then
echo "✓ First deployment complete to $ENV_ID"
elif [ "$HCTL_EXIT" -eq 124 ]; then
echo "✓ First deployment submitted (polling timed out — waiting for K8s to settle)"
else
echo "✗ hctl failed with exit code $HCTL_EXIT"
exit $HCTL_EXIT
fi
# Poll Humanitec API until the first deployment is no longer in-progress before
# re-deploying. A flat sleep is unreliable — Terraform DNS modules can take 4-6 min.
echo "Waiting for first deployment to finish (polling Humanitec API)..."
MAX_WAIT=360
WAITED=0
while [ $WAITED -lt $MAX_WAIT ]; do
DEPLOY_STATUS=$(curl -sf \
-H "Authorization: Bearer $HUMANITEC_AUTH_TOKEN" \
"https://api.humanitec.dev/orgs/$HUMANITEC_ORG/last-deployments?env_id=$ENV_ID&project_id=$PROJECT_ID&state_change_only=true" \
| jq -r '.items[0].status // "unknown"' 2>/dev/null || echo "unknown")
if [ "$DEPLOY_STATUS" != "in progress" ] && [ "$DEPLOY_STATUS" != "pending" ] && [ "$DEPLOY_STATUS" != "executing" ]; then
echo "First deployment finished with status: $DEPLOY_STATUS"
break
fi
echo " Still running ($WAITED s elapsed, status=$DEPLOY_STATUS)..."
sleep 15
WAITED=$((WAITED + 15))
done
if [ $WAITED -ge $MAX_WAIT ]; then
echo "Warning: first deployment still running after $MAX_WAIT s — proceeding anyway"
fi
# Second deploy — dns module now reads the real K8s Service port, fixing the
# ingress backend. This is a no-op for apps already routed correctly (e.g. port 3000).
HCTL_EXIT2=0
timeout 120 hctl score deploy "$PROJECT_ID" "$ENV_ID" score.yaml \
--no-prompt \
--default-image "$IMAGE_FULL" || HCTL_EXIT2=$?
if [ "$HCTL_EXIT2" -eq 0 ]; then
echo "✓ Deployment finalised to $ENV_ID"
elif [ "$HCTL_EXIT2" -eq 124 ]; then
echo "✓ Second deployment submitted (polling timed out)"
else
echo "✗ Second hctl deploy failed with exit code $HCTL_EXIT2"
exit $HCTL_EXIT2
fi
- name: Deployment Summary
run: |
DEPLOY_URL="https://console.humanitec.dev/orgs/${HUMANITEC_ORG}/projects/$APP_ID"
echo "### 🚀 Deployment Complete" >> $GITHUB_STEP_SUMMARY
echo "| | |" >> $GITHUB_STEP_SUMMARY
echo "|---|---|" >> $GITHUB_STEP_SUMMARY
echo "| **Service** | $APP_ID |" >> $GITHUB_STEP_SUMMARY
echo "| **Environment** | $ENV_ID |" >> $GITHUB_STEP_SUMMARY
echo "| **Image** | $IMAGE_FULL |" >> $GITHUB_STEP_SUMMARY
echo "| **Humanitec** | [$DEPLOY_URL]($DEPLOY_URL) |" >> $GITHUB_STEP_SUMMARY

95
.gitea/workflows/integration-test.yml Normal file
View File

@@ -0,0 +1,95 @@
name: Integration Test
on:
pull_request:
branches: [ "main" ]
workflow_dispatch: {}
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
# ── Job 1: Platform Conformance ───────────────────────────────────────────
platform-check:
name: Platform Conformance
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Platform conformance
uses: ./.gitea/actions/platform-check
# ── Job 2: Unit Tests + Container Smoke ───────────────────────────────────
smoke-test:
name: Unit Tests + Container Smoke
runs-on: ubuntu-latest
needs: platform-check
timeout-minutes: 15
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up Python 3.11
uses: actions/setup-python@v5
with:
python-version: '3.11'
cache: pip
- name: Unit tests
run: |
pip install -r requirements.txt -q
pytest app/ -v --tb=short
- name: Install Docker CLI
run: command -v docker &>/dev/null || (apt-get update -qq && apt-get install -y docker.io)
- name: Build container image
run: docker build -t ci-image:test .
- name: Start service and wait for health
run: |
docker run -d --name ci-service -p 8000:8000 ci-image:test
echo "Waiting for /health (up to 60s)..."
timeout 60 bash -c '
until curl -sf http://localhost:8000/health >/dev/null; do
echo " still waiting..."; sleep 2
done
'
echo "✓ Service started"
- name: Validate health response
run: |
curl -sf http://localhost:8000/health > /tmp/health.json
echo "Health response:"
cat /tmp/health.json
python3 - <<'PYEOF'
import json, sys
body = json.load(open('/tmp/health.json'))
status = str(body.get('status') or '').upper()
if status not in ('UP', 'OK', 'HEALTHY'):
print(f" ✗ unexpected health status: {body.get('status')!r}")
sys.exit(1)
print(f" ✓ health status: {body['status']}")
PYEOF
echo "✓ Container smoke test: PASSED"
- name: Write job summary
if: always()
run: |
COMPONENT=$(python3 -c "import yaml; d=yaml.safe_load(open('catalog-info.yaml')); print(d['metadata']['name'])" 2>/dev/null || echo "test-alex-gitops-1")
echo "## Integration Test: \`${COMPONENT}\`" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "| Stage | Detail |" >> $GITHUB_STEP_SUMMARY
echo "|-------|--------|" >> $GITHUB_STEP_SUMMARY
echo "| Platform conformance | catalog-info.yaml ✓ \`.platform/initialized.md\` ✓ (see platform-check job) |" >> $GITHUB_STEP_SUMMARY
echo "| Unit tests | \`pytest app/ -v\` |" >> $GITHUB_STEP_SUMMARY
echo "| Container smoke | \`GET /health\` → HTTP 200, status=UP |" >> $GITHUB_STEP_SUMMARY
- name: Cleanup
if: always()
run: docker rm -f ci-service 2>/dev/null || true

90
.gitea/workflows/techdocs.yml Normal file
View File

@@ -0,0 +1,90 @@
name: Build and Publish TechDocs
on:
workflow_run:
workflows: ["Build and Push to ACR"]
branches: [main, dev]
types: [completed]
workflow_dispatch: {}
env:
AZURE_FEDERATED_TOKEN_FILE: /var/run/secrets/azure/tokens/azure-identity-token
AZURE_ACCOUNT_NAME: "bstagecjotdevsttechdocs"
ENTITY_NAMESPACE: default
ENTITY_KIND: component
ENTITY_NAME: test-alex-gitops-1
jobs:
build-and-publish:
if: >-
${{ github.event.workflow_run.conclusion == 'success' || github.event_name == 'workflow_dispatch' }}
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Bootstrap pip
run: |
python3 --version
if python3 -m pip --version 2>/dev/null; then
echo "pip already available"
elif python3 -m ensurepip --version 2>/dev/null; then
python3 -m ensurepip --upgrade
else
apt-get update -qq
apt-get install -y python3-pip
fi
python3 -m pip install --upgrade pip
python3 -m pip --version
- name: Install dependencies
run: |
python3 -m pip install --upgrade pip
python3 -m pip install \
mkdocs-techdocs-core==1.* \
mkdocs-git-revision-date-localized-plugin \
mkdocs-awesome-pages-plugin
npm install -g @techdocs/cli
- name: Validate MkDocs config
run: mkdocs build --strict --site-dir /tmp/mkdocs-validate
- name: Build TechDocs site
run: |
techdocs-cli generate \
--source-dir . \
--output-dir ./site \
--no-docker \
--verbose
- name: Install Azure CLI
run: |
if command -v az &>/dev/null; then
echo "Azure CLI already installed: $(az version --query '"azure-cli"' -o tsv)"
else
curl -sL https://aka.ms/InstallAzureCLIDeb | bash
fi
- name: Azure login (OIDC)
run: |
az login \
--service-principal \
--username "$AZURE_CLIENT_ID" \
--tenant "$AZURE_TENANT_ID" \
--federated-token "$(cat $AZURE_FEDERATED_TOKEN_FILE)"
echo "Azure login successful"
- name: Publish TechDocs site
run: |
techdocs-cli publish \
--publisher-type azureBlobStorage \
--storage-name "techdocs" \
--azureAccountName "$AZURE_ACCOUNT_NAME" \
--entity "$ENTITY_NAMESPACE/$ENTITY_KIND/$ENTITY_NAME"