This repository contains reusable GitHub Actions workflows for building and deploying Node.js applications to Azure Static Web Apps using Terraform for infrastructure deployment.
┌─────────────────────────────────────────────────────────────────┐
│ node-init.yml │
│ (Main Orchestrator) │
│ │
│ Inputs: │
│ - node-version: Node.js version for the project │
└─────────────────────────────────────────────────────────────────┘
│
┌─────────────────────┼─────────────────────┐
▼ ▼ ▼
┌───────────────┐ ┌─────────────────┐ ┌─────────────────────┐
│ node-build │ │ azure-arquitecture│ │ azure-deploy │
│ │ │ │ │ │
│ - Checkout │ │ - Checkout │ │ Needs: │
│ - Setup Node │ │ - Clone terraform│ │ - azure-terraform │
│ - Install deps│ │ scripts repo │ │ - node │
│ - npm build │ │ - Setup Terraform│ │ │
│ - Upload │ │ - Deploy infra │ │ Steps: │
│ artifact │ │ - Upload secrets │ │ - Download build │
└───────────────┘ └─────────────────┘ │ - Download secrets │
│ - SWA deploy │
└─────────────────────┘
Main workflow that orchestrates the entire CI/CD pipeline. It's designed to be called from external repositories.
Trigger: workflow_call
Inputs:
| Name | Required | Description |
|---|---|---|
node-version |
Yes | Node.js version to use for building |
Calls:
node-build.yml- Builds the Node.js applicationazure-arquitecture.yml- Deploys Azure infrastructure via Terraformazure-web-app.yml- Deploys the application to Azure Static Web Apps
Reusable workflow that builds a Node.js project.
Trigger: workflow_call
Inputs:
| Name | Required | Description |
|---|---|---|
node-version |
Yes | Node.js version |
Outputs:
web-buildartifact containing thedist/directory
Reusable workflow that deploys Azure infrastructure using Terraform.
Trigger: workflow_call
Actions:
- Checks out the repository code
- Clones
codeparce/azure-terraformrepository (azure branch) - Sets up Terraform 1.6.6
- Runs
main.shscript in2-static-web-appdirectory - Uploads Azure Static Web App secrets as artifact
Outputs:
static-web-app-jsonartifact containing deployment secrets
Required Secrets:
ARM_CLIENT_ID- Azure service principal client IDARM_CLIENT_SECRET- Azure service principal secretARM_TENANT_ID- Azure tenant IDARM_SUBSCRIPTION_ID- Azure subscription IDPERSONAL_ACCES_TOKEN- GitHub PAT for cloning terraform repo
Reusable workflow that deploys the built application to Azure Static Web Apps.
Trigger: workflow_call
Actions:
- Checks out the repository code
- Sets up Node.js 20
- Downloads
web-buildartifact - Downloads
static-web-app-jsonartifact - Installs SWA CLI
- Deploys to Azure Static Web Apps
Environment Selection:
- If branch is
main→ deploys toproductionenvironment - Otherwise → deploys to branch name environment
To use these workflows in your repository, create a workflow file like:
name: CI/CD Pipeline
on:
push:
branches: [main, develop]
pull_request:
branches: [main]
jobs:
ci:
uses: your-org/ci-workflows/.github/workflows/node-init.yml@main
with:
node-version: '20'
secrets: inheritCreate an Azure service principal with the necessary permissions:
az ad sp create-for-rbac --name "github-actions-deploy"Configure these secrets in your repository:
ARM_CLIENT_IDARM_CLIENT_SECRETARM_TENANT_IDARM_SUBSCRIPTION_IDPERSONAL_ACCES_TOKEN(with repo scope)
MIT