pagopa · mamu0 · Sep 3, 2024 · Jun 20, 2024 · Jun 20, 2024 · Jun 21, 2024
@@ -4,10 +4,13 @@ on:
   workflow_dispatch: {}
 
 jobs:
-  deploy_workspace_to_azure:
+  deploy:
     name: Deploy
-    uses: pagopa/io-std/.github/workflows/deploy-workspace.yaml@main
-    with:
-      environment: io-p-sign-backoffice-app
-      workspace-name: io-sign-backoffice-app
+    uses: pagopa/dx/.github/workflows/web_app_deploy.yaml@main
     secrets: inherit
+    with:
+      workspace_name: io-sign-backoffice-app
+      environment: app-prod
+      resource_group_name: io-p-sign-backend-rg
+      web_app_name: io-p-sign-backoffice-app
+      use_staging_slot: true
@@ -4,10 +4,13 @@ on:
   workflow_dispatch: {}
 
 jobs:
-  deploy_workspace_to_azure:
+  deploy:
     name: Deploy
-    uses: pagopa/io-std/.github/workflows/deploy-workspace.yaml@main
-    with:
-      environment: io-p-sign-backoffice-func
-      workspace-name: io-sign-backoffice-func
+    uses: pagopa/dx/.github/workflows/web_app_deploy.yaml@main
     secrets: inherit
+    with:
+      workspace_name: io-sign-backoffice-func
+      environment: app-prod
+      resource_group_name: io-p-sign-backend-rg
+      web_app_name: io-p-sign-backoffice-func
+      use_staging_slot: true
@@ -6,11 +6,14 @@ on:
 jobs:
   deploy_workspace_to_azure:
     name: Deploy
-    uses: pagopa/io-std/.github/workflows/deploy-workspace.yaml@main
-    with:
-      environment: io-p-sign-issuer-func
-      workspace-name: io-func-sign-issuer
+    uses: pagopa/dx/.github/workflows/web_app_deploy.yaml@main
     secrets: inherit
+    with:
+      workspace_name: io-func-sign-issuer
+      environment: app-prod
+      resource_group_name: io-p-sign-backend-rg
+      web_app_name: io-p-sign-issuer-func
+      use_staging_slot: true
 
   # tag the current commit as "latest" in order to make the latest
   # released version easily referenceable in the documentation

@@ -4,10 +4,13 @@ on:
   workflow_dispatch: {}
 
 jobs:
-  deploy_workspace_to_azure:
+  deploy:
     name: Deploy
-    uses: pagopa/io-std/.github/workflows/deploy-workspace.yaml@main
-    with:
-      environment: io-p-sign-support-func
-      workspace-name: io-func-sign-support
+    uses: pagopa/dx/.github/workflows/web_app_deploy.yaml@main
     secrets: inherit
+    with:
+      workspace_name: io-func-sign-support
+      environment: app-prod
+      resource_group_name: io-p-sign-backend-rg
+      web_app_name: io-p-sign-support-func
+      use_staging_slot: true
@@ -4,10 +4,13 @@ on:
   workflow_dispatch: {}
 
 jobs:
-  deploy_workspace_to_azure:
+  deploy:
     name: Deploy
-    uses: pagopa/io-std/.github/workflows/deploy-workspace.yaml@main
-    with:
-      environment: io-p-sign-user-func
-      workspace-name: io-func-sign-user
+    uses: pagopa/dx/.github/workflows/web_app_deploy.yaml@main
     secrets: inherit
+    with:
+      workspace_name: io-func-sign-user
+      environment: app-prod
+      resource_group_name: io-p-sign-backend-rg
+      web_app_name: io-p-sign-user-func
+      use_staging_slot: true
@@ -40,8 +40,12 @@ jobs:
           environment: prod
           api-name: ${{ env.API_NAME }}
           config: .opex/${{ env.API_NAME }}/env/prod/config.yaml
-          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
-          client-id: ${{ secrets.AZURE_CLIENT_ID_CD }}
-          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+          tenant-id: ${{ env.ARM_TENANT_ID }}
+          client-id: ${{ env.ARM_CLIENT_ID }}
+          subscription-id: ${{ env.ARM_SUBSCRIPTION_ID }}
           # from https://github.com/pagopa/opex-dashboard-azure-action/pkgs/container/opex-dashboard-azure-action
           docker-version: sha256:7e454c1892b2aaf3717782c07a2fa01504db5cc7d07979fae863dfc00a9f0173
+        env:
+          ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
+          ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
+          ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
@@ -38,8 +38,13 @@ jobs:
           environment: prod
           api-name: ${{ env.API_NAME }}
           config: .opex/${{ env.API_NAME }}/env/prod/config.yaml
-          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
-          client-id: ${{ secrets.AZURE_CLIENT_ID_CD }}
-          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+          tenant-id: ${{ env.ARM_TENANT_ID }}
+          client-id: ${{ env.ARM_CLIENT_ID }}
+          subscription-id: ${{ env.ARM_SUBSCRIPTION_ID }}
           # from https://github.com/pagopa/opex-dashboard-azure-action/pkgs/container/opex-dashboard-azure-action
           docker-version: sha256:7e454c1892b2aaf3717782c07a2fa01504db5cc7d07979fae863dfc00a9f0173
+        env:
+          ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
+          ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
+          ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
+
@@ -38,8 +38,12 @@ jobs:
           environment: prod
           api-name: ${{ env.API_NAME }}
           config: .opex/${{ env.API_NAME }}/env/prod/config.yaml
-          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
-          client-id: ${{ secrets.AZURE_CLIENT_ID_CD }}
-          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+          tenant-id: ${{ env.ARM_TENANT_ID }}
+          client-id: ${{ env.ARM_CLIENT_ID }}
+          subscription-id: ${{ env.ARM_SUBSCRIPTION_ID }}
           # from https://github.com/pagopa/opex-dashboard-azure-action/pkgs/container/opex-dashboard-azure-action
           docker-version: sha256:04d8ead53c772d23b094c2a395292dc159e6f2905e1b13b5f828f31eac6eb27f
+        env:
+          ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
+          ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
+          ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
@@ -0,0 +1,23 @@
+name: PR - IO Sign TF Validation
+
+on:
+  workflow_dispatch:
+  pull_request:
+    types:
+      - opened
+      - edited
+      - synchronize
+      - reopened
+      - ready_for_review
+    paths:
+      - "infra/resources/prod/**"
+      - ".github/workflows/tf-code-review.yaml"
+
+jobs:
+  prod_itn_core_code_review:
+    uses: pagopa/dx/.github/workflows/infra_plan.yaml@main
+    name: Prod - Code Review
+    secrets: inherit
+    with:
+      environment: prod
+      base_path: infra/resources
@@ -0,0 +1,19 @@
+name: PR - IO Sign TF Apply
+
+on: 
+  workflow_dispatch:
+  push:
+    branches:
+      - main
+    paths:
+      - "infra/resources/prod/**"
+      - ".github/workflows/tf-deploy.yaml"
+
+jobs:
+  prod_itn_core_deploy:
+    uses: pagopa/dx/.github/workflows/infra_apply.yaml@main
+    name: Prod - Code Deploy
+    secrets: inherit
+    with:
+      environment: prod
+      base_path: infra/resources