Updated workflow, readme and script

Author: avans-marc

README.md

@@ -9,15 +9,32 @@ You can deploy [this script](./azure/azure_arm_free_app_and_database.json) direc
 4. Provide the required parameters:  
    - Student Number 👈 Will be used to prefix the resource names
    - SQL Administrator Credentials 
-   - The IP address you would like to allow to access the resources (you can add more in the portal)
+   - The Home IP address you would like to allow to access the resources (you can add more in the portal)
 5. Press Create
 
 After the deployment has succeeded, navigate to output parameters and save these values. You need them later when you setup the GitHub Workflow.
 
-#### Notes  
+** Notes **
 - The free **SQL Server database** is **not available** in `westeurope`, so the script defaults to `northeurope`.  
-- The SQL Server **uses SQL Authentication only**, as setting up Entra ID authentication via ARM scripts is not straightforward.  
+- The SQL Server **uses SQL Authentication only**, as setting up Entra ID authentication through ARM templates is not straightforward.  
 
-## Create additional SQL user
-Execute [this script](./sql/create_database_user.sql) on the Azure SQL Database to create a contained SQL database user with only read/write access
+## GitHub Workflow Simplified
+This scripts takes the outputs from the Azure ARM template and the project name and uses it to create a simple CI/CD workflow through GitHub actions.
+
+1. Add [this script](./github/github_workflow_simplified.yaml) in the Git repository under `/.github/workflows`
+2. Enter the ARM outputs as repository secrets in Github
+
+The following secrets are required to run this worflow
+* AZURE_WEBAPP_NAME 👉 The name of the web application in Azure (output from the ARM template)
+* AZURE_WEBAPP_PUBLISH_PASSWORD 👉 The publishing user password (output from the ARM template)
+* AZURE_WEBAPP_PUBLISH_USERNAME 👉 The publishing user name (output from the ARM template)
+* WEBAPI_PROJECT_NAME 👉 The name of the project needed to publish
 
+The secrets are used to construct a publishing profile. Unfortunately it is not possible to extract the full publish profile through the ARM template.
+
+** Notes **
+* It checks if the secrets are available, if not, cancels the flow
+* It defaults to DOTNET_CORE_VERSION: 9.0.x but this is tested with .NET 8 projects as well
+
+## Create additional SQL user
+Execute [this script](./sql/create_database_user.sql) on the Azure SQL Database to create a contained SQL database user with only read/write access.

github/github_workflow_simplified.yml

@@ -3,7 +3,6 @@ name: Build, Test and Deploy a .NET Core WebApi to Azure App Service
 env: # Change these settings if you like
   ARTIFACT_NAME: WebApi
   DOTNET_CORE_VERSION: 9.0.x
-  WORKING_DIRECTORY: "./ProjectMap.WebApi"
   PUBLISH_DIRECTORY: "./out/publish"
 on:
   push:
@@ -15,10 +14,39 @@ on:
   workflow_dispatch:
 
 jobs:
+  check: # checking if the secrets exist (src: https://stackoverflow.com/questions/72925899/github-actions-detect-if-secret-exists)
+      runs-on: ubuntu-latest
+      steps:
+        - name: "Check if AZURE_WEBAPP_NAME secret exists"
+          env: 
+            super_secret: ${{ secrets.AZURE_WEBAPP_NAME }}
+          if: ${{ env.super_secret == '' }}
+          run: 'echo "echo the secret \"AZURE_WEBAPP_NAME\" has not been made; echo please go to \"settings \> Actions secrets and variables \> actions\" to create it"; exit 1;'
+    
+        - name: "Check if AZURE_WEBAPP_PUBLISH_PASSWORD secret exists"
+          env: 
+            super_secret: ${{ secrets.AZURE_WEBAPP_PUBLISH_PASSWORD }}
+          if: ${{ env.super_secret == '' }}
+          run: 'echo "echo the secret \"AZURE_WEBAPP_PUBLISH_PASSWORD\" has not been made; echo please go to \"settings \> Actions secrets and variables \> actions \" to create it"; exit 1;'
+    
+        - name: "Check if AZURE_WEBAPP_PUBLISH_USERNAME secret exists"
+          env: 
+            super_secret: ${{ secrets.AZURE_WEBAPP_PUBLISH_USERNAME }}
+          if: ${{ env.super_secret == '' }}
+          run: 'echo "echo the secret \"AZURE_WEBAPP_PUBLISH_USERNAME\" has not been made; echo please go to \"settings \> Actions secrets and variables \> actions\" to create it"; exit 1;'
+    
+        - name: "Check if WEBAPI_PROJECT_NAME secret exists"
+          env: 
+            super_secret: ${{ secrets.WEBAPI_PROJECT_NAME }}
+          if: ${{ env.super_secret == '' }}
+          run: 'echo "echo the secret \"WEBAPI_PROJECT_NAME\" has not been made; echo please go to \"settings \> Actions secrets and variables \> actions\" to create it"; exit 1;'
+        
   build:
 
     runs-on: ubuntu-latest
+    needs: check
     steps:
+    
     - uses: actions/checkout@v4
     - name: Setup .NET
       uses: actions/setup-dotnet@v4
@@ -35,7 +63,7 @@ jobs:
       run: dotnet test --no-build --verbosity normal
 
     - name: Publish
-      run: dotnet publish ${{ env.WORKING_DIRECTORY }} --output ${{env.PUBLISH_DIRECTORY}} --configuration Release 
+      run: dotnet publish ./${{ secrets.WEBAPI_PROJECT_NAME }} --output ${{env.PUBLISH_DIRECTORY}} --configuration Release 
 
     - name: Publish Artifacts
       uses: actions/upload-artifact@v4
@@ -45,7 +73,7 @@ jobs:
 
   deploy:
     runs-on: ubuntu-latest
-    needs: build
+    needs: [check, build]
     steps:
 
     - name: Download artifact from build job

sql/create_database_user.sql

@@ -2,3 +2,7 @@ CREATE USER MY_APPLICATION_USER WITH PASSWORD = '(a safe password here)'
 
 EXEC sp_addrolemember 'db_datawriter', 'MY_APPLICATION_USER';
 EXEC sp_addrolemember 'db_datareader', 'MY_APPLICATION_USER';
+
+
+-- After this the Azure Connection String will look something like this
+-- Server=tcp:avansict(studentnummer).database.windows.net,1433;Initial Catalog=db(studentnummer);Persist Security Info=False;User ID=MY_APPLICATION_USER;Password=(a safe password here);MultipleActiveResultSets=False;Encrypt=True;TrustServerCertificate=False;Connection Timeout=30;