name: Build and Deploy on: push: branches: [main] env: REGISTRY: ghcr.io jobs: build-and-deploy: runs-on: ubuntu-latest permissions: contents: read packages: write id-token: write steps: - name: Checkout uses: actions/checkout@v4 - name: Set image names (lowercase) run: | OWNER=$(echo "${{ github.repository_owner }}" | tr '[:upper:]' '[:lower:]') echo "BACKEND_IMAGE=ghcr.io/${OWNER}/petshop-backend" >> $GITHUB_ENV echo "FRONTEND_IMAGE=ghcr.io/${OWNER}/petshop-web" >> $GITHUB_ENV - name: Log in to GitHub Container Registry uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push backend image uses: docker/build-push-action@v5 with: context: ./backend push: true tags: ${{ env.BACKEND_IMAGE }}:latest - name: Build and push frontend image uses: docker/build-push-action@v5 with: context: ./web push: true tags: ${{ env.FRONTEND_IMAGE }}:latest build-args: | NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY=${{ secrets.NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY }} - name: Log in to Azure uses: azure/login@v1 with: client-id: ${{ secrets.AZURE_CLIENT_ID }} tenant-id: ${{ secrets.AZURE_TENANT_ID }} subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - name: Deploy backend run: | az containerapp update \ --name ${{ secrets.AZURE_BACKEND_APP_NAME }} \ --resource-group ${{ secrets.AZURE_RESOURCE_GROUP }} \ --image ${{ env.BACKEND_IMAGE }}:latest \ --registry-server ${{ env.REGISTRY }} \ --registry-username ${{ github.actor }} \ --registry-password ${{ secrets.GITHUB_TOKEN }} - name: Deploy frontend run: | az containerapp update \ --name ${{ secrets.AZURE_FRONTEND_APP_NAME }} \ --resource-group ${{ secrets.AZURE_RESOURCE_GROUP }} \ --image ${{ env.FRONTEND_IMAGE }}:latest \ --registry-server ${{ env.REGISTRY }} \ --registry-username ${{ github.actor }} \ --registry-password ${{ secrets.GITHUB_TOKEN }}