Bump the npm_and_yarn group across 2 directories with 2 updates #39
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: AdminWebpage-Deploy-WF | |
| # Builds and deploys the Admin Web App React SPA to Azure App Service. | |
| # Infrastructure provisioning (App Service, etc.) is handled separately by | |
| # .github/workflows/iac.yml — this workflow only builds and deploys the app. | |
| on: | |
| workflow_dispatch: | |
| pull_request: | |
| branches: [main] | |
| paths: | |
| - "admin-webapp/**" | |
| - ".github/workflows/AdminWebpage-Deploy-WF.yml" | |
| push: | |
| branches: [main] | |
| paths: | |
| - "admin-webapp/**" | |
| - ".github/workflows/AdminWebpage-Deploy-WF.yml" | |
| permissions: | |
| id-token: write | |
| contents: read | |
| env: | |
| RESOURCE_GROUP: ewu-deliverybotsystem-rg | |
| APP_SERVICE_NAME: WA-DeliveryBot-Admin-dev | |
| BOTNET_API_URL: https://ewu-deliverybotsystem-api.mangocoast-332176b0.westus2.azurecontainerapps.io | |
| SIMULATOR_API_URL: https://deliverybot-robot-simulator.mangocoast-332176b0.westus2.azurecontainerapps.io | |
| ORDER_SERVICE_URL: https://deliverybot-order-service.mangocoast-332176b0.westus2.azurecontainerapps.io | |
| # Entra ID staff sign-in (issue #54). Blank → auth disabled (app runs open). | |
| # Fill these in from the app registration to switch sign-in on, then push. | |
| # Client/tenant/group IDs are not secrets (a public SPA exposes them anyway). | |
| ENTRA_CLIENT_ID: "b5a029c3-d046-4005-9497-23ba18df70b2" | |
| ENTRA_TENANT_ID: "37321907-14a5-4390-987d-ec0c66c655cd" | |
| ENTRA_ADMIN_GROUP_ID: "14fcd995-e89f-4020-b5ff-4a9b48a5824e" | |
| jobs: | |
| build-and-deploy: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| # ── 1. Authenticate to Azure via OIDC ──────────────────────────────── | |
| - name: Azure Login (OIDC) | |
| uses: azure/login@v2 | |
| with: | |
| client-id: ${{ secrets.AZURE_CLIENT_ID }} | |
| tenant-id: ${{ secrets.AZURE_TENANT_ID }} | |
| subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
| # ── 2. Fetch the App Insights connection string (Azure Monitor) ─────── | |
| # The resource is provisioned by the IaC workflow (iac.yml). This read is | |
| # tolerant: if it doesn't exist yet, telemetry is simply disabled in the | |
| # build and the next deploy picks it up. The connection string is a client | |
| # ingestion key, not a secret — masked here as good practice. | |
| - name: Get App Insights connection string | |
| id: appinsights | |
| run: | | |
| CS=$(az resource show \ | |
| --resource-group "$RESOURCE_GROUP" \ | |
| --name appi-deliverybot-admin \ | |
| --resource-type microsoft.insights/components \ | |
| --query properties.ConnectionString -o tsv 2>/dev/null || true) | |
| if [ -n "$CS" ]; then echo "::add-mask::$CS"; fi | |
| echo "connection_string=$CS" >> "$GITHUB_OUTPUT" | |
| # ── 3. Build the SPA with upstream URLs baked in ────────────────────── | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: "22.x" | |
| cache: "npm" | |
| cache-dependency-path: admin-webapp/package-lock.json | |
| - name: Install dependencies | |
| working-directory: ./admin-webapp | |
| run: npm install | |
| - name: Run unit tests | |
| working-directory: ./admin-webapp | |
| run: npm test | |
| - name: Build React app | |
| working-directory: ./admin-webapp | |
| env: | |
| VITE_BOTNET_API_URL: ${{ env.BOTNET_API_URL }} | |
| VITE_SIMULATOR_API_URL: ${{ env.SIMULATOR_API_URL }} | |
| VITE_ORDER_SERVICE_URL: ${{ env.ORDER_SERVICE_URL }} | |
| VITE_ENTRA_CLIENT_ID: ${{ env.ENTRA_CLIENT_ID }} | |
| VITE_ENTRA_TENANT_ID: ${{ env.ENTRA_TENANT_ID }} | |
| VITE_ENTRA_ADMIN_GROUP_ID: ${{ env.ENTRA_ADMIN_GROUP_ID }} | |
| VITE_APPINSIGHTS_CONNECTION_STRING: ${{ steps.appinsights.outputs.connection_string }} | |
| run: npm run build | |
| # ── 3. Deploy the build to the App Service ───────────────────────────── | |
| - name: Deploy to Azure App Service | |
| uses: azure/webapps-deploy@v3 | |
| with: | |
| app-name: ${{ env.APP_SERVICE_NAME }} | |
| package: ./admin-webapp/dist | |
| - name: Print deployment URL | |
| run: | | |
| FQDN=$(az webapp show \ | |
| --name "$APP_SERVICE_NAME" \ | |
| --resource-group "$RESOURCE_GROUP" \ | |
| --query defaultHostName -o tsv) | |
| echo "========================================" | |
| echo " Admin Web App deployed!" | |
| echo " URL: https://${FQDN}" | |
| echo "========================================" |