Workflow: User Invitation to Azure Subscription

[Azure 구독 초대 요청] #93

Workflow file for this run

.github/workflows/invite-user-to-azure.yml at 85b0f41

	name: "Workflow: User Invitation to Azure Subscription"

	on:
	issues:
	types:
	- opened
	workflow_dispatch:
	inputs:
	issue-number:
	description: "Issue number"
	required: true

	permissions:
	contents: read
	id-token: write
	issues: write
	pull-requests: write

	jobs:
	invite_user:
	name: "Invite User to Azure Subscription"

	runs-on: ubuntu-latest

	steps:
	- name: Generate bot token
	id: bot-token
	uses: actions/create-github-app-token@v3
	with:
	app-id: ${{ vars.BOT_APP_ID }}
	private-key: ${{ secrets.BOT_PRIVATE_KEY }}
	repositories: \|
	invitation
	invitation-validator

	- name: Check event payload - from issue
	if: \|
	github.event_name != 'workflow_dispatch'
	shell: pwsh
	run: \|
	$eventPayload = '${{ toJson(github) }}'
	$eventPayload \| Out-File -FilePath ${{github.workspace}}/payload.json -Force

	- name: Check event payload - from workflow_dispatch
	if: \|
	github.event_name == 'workflow_dispatch'
	shell: pwsh
	env:
	GH_TOKEN: ${{ steps.bot-token.outputs.token }}
	run: \|
	$eventPayload = gh api /repos/${{ github.repository }}/issues/${{ github.event.inputs.issue-number }}
	$eventPayload \| Out-File -FilePath ${{github.workspace}}/payload.json -Force

	- name: Verify event payload
	shell: pwsh
	run: \|
	$payload = Get-Content "${{ github.workspace }}/payload.json"
	$payload

	- name: Install .NET SDK
	uses: actions/setup-dotnet@v5
	with:
	dotnet-version: '10.x'

	- name: Checkout invitation validator repository
	uses: actions/checkout@v6
	with:
	repository: devrel-kr/invitation-validator
	path: invitation-validator
	token: ${{ steps.bot-token.outputs.token }}

	- name: Validate issue
	shell: bash
	run: \|
	pushd ./invitation-validator

	dotnet run --project ./src/InvitationValidator.IssuePayloadCheck.ConsoleApp -- \
	--input "${{ github.workspace }}/payload.json" \
	--output "${{ github.workspace }}/issue.json" \
	--due-date "${{ vars.INVITATION_DUE_DATE }}"

	popd

	- name: Verify result payload
	shell: pwsh
	run: \|
	$result = Get-Content "${{ github.workspace }}/issue.json" \| ConvertFrom-Json
	$result

	- name: Check validation result
	id: issue
	shell: pwsh
	run: \|
	$result = Get-Content "${{ github.workspace }}/issue.json" \| ConvertFrom-Json

	$tzi = [TimeZoneInfo]::FindSystemTimeZoneById("Asia/Seoul")

	# Common
	echo "issueNumber=$($result.number)" \| Out-File -FilePath $env:GITHUB_OUTPUT -Encoding utf-8 -Append
	echo "requestType=$($result.body.requestType)" \| Out-File -FilePath $env:GITHUB_OUTPUT -Encoding utf-8 -Append
	echo "submittedAt=$([TimeZoneInfo]::ConvertTime($result.createdAt, $tzi).ToString("yyyy-MM-dd HH:mm:ss.fff") + " +09:00")" \| Out-File -FilePath $env:GITHUB_OUTPUT -Encoding utf-8 -Append
	echo "dueBy=$([TimeZoneInfo]::ConvertTime($result.dueDate, $tzi).ToString("yyyy-MM-dd HH:mm:ss.fff") + " +09:00")" \| Out-File -FilePath $env:GITHUB_OUTPUT -Encoding utf-8 -Append

	# Verification result
	echo "isValid=$($result.isValid)" \| Out-File -FilePath $env:GITHUB_OUTPUT -Encoding utf-8 -Append
	echo "invalidReasons=$('<ul><li> ' + $($result.invalidReasons -join '</li><li> ') + '</li></ul>')" \| Out-File -FilePath $env:GITHUB_OUTPUT -Encoding utf-8 -Append

	# Invitation details
	echo "org=$($result.body.organisation)" \| Out-File -FilePath $env:GITHUB_OUTPUT -Encoding utf-8 -Append
	echo "githubHandle=$($result.body.githubHandle)" \| Out-File -FilePath $env:GITHUB_OUTPUT -Encoding utf-8 -Append
	echo "name=$($result.body.name)" \| Out-File -FilePath $env:GITHUB_OUTPUT -Encoding utf-8 -Append
	echo "email=$($result.body.email)" \| Out-File -FilePath $env:GITHUB_OUTPUT -Encoding utf-8 -Append

	- name: Comment to issue - Acknowledge
	uses: actions-cool/issues-helper@v3
	with:
	actions: "create-comment"
	token: ${{ steps.bot-token.outputs.token }}
	issue-number: ${{ steps.issue.outputs.issueNumber }}
	emoji: "+1,rocket"
	body: \|
	👋🏼 @${{ steps.issue.outputs.githubId }} 님!

	생성하신 이슈는 현재 확인 중이며, 완료 여부를 확인한 후 다시 알려드리겠습니다.

	- name: Add a label - Invalid
	if: \|
	steps.issue.outputs.isValid == 'false'
	shell: bash
	env:
	GH_TOKEN: ${{ steps.bot-token.outputs.token }}
	run: \|
	gh issue edit ${{ steps.issue.outputs.issueNumber }} \
	--add-label "invalid" \
	-R ${{ github.event.repository.full_name }}

	- name: Comment to issue - Invalid
	if: \|
	steps.issue.outputs.isValid == 'false'
	uses: actions-cool/issues-helper@v3
	with:
	actions: "create-comment"
	token: ${{ steps.bot-token.outputs.token }}
	issue-number: ${{ steps.issue.outputs.issueNumber }}
	body: \|
	👋🏼 @${{ steps.issue.outputs.githubId }} 님!

	- 요청 시각: ${{ steps.issue.outputs.submittedAt }}
	- 요청 마감 시각: ${{ steps.issue.outputs.dueBy }}

	하지만 제출하신 요청은 다음과 같은 이유로 인해 유효하지 않습니다. 😢

	${{ steps.issue.outputs.invalidReasons }}

	- name: Close issue - Invalid
	if: \|
	steps.issue.outputs.isValid == 'false'
	shell: bash
	env:
	GH_TOKEN: ${{ steps.bot-token.outputs.token }}
	run: \|
	gh issue close ${{ steps.issue.outputs.issueNumber }} \
	-c "제출한 요청이 유효하지 않습니다. 이슈를 닫습니다." \
	-R ${{ github.event.repository.full_name }}

	- name: Checkout repository
	if: \|
	steps.issue.outputs.isValid == 'true' &&
	steps.issue.outputs.requestType == 'Azure 구독 초대 요청'
	uses: actions/checkout@v6

	- name: Sign in to Azure
	if: \|
	steps.issue.outputs.isValid == 'true' &&
	steps.issue.outputs.requestType == 'Azure 구독 초대 요청'
	uses: azure/login@v3
	with:
	client-id: ${{ vars.AZURE_CLIENT_ID }}
	tenant-id: ${{ vars.AZURE_TENANT_ID }}
	subscription-id: ${{ vars.AZURE_SUBSCRIPTION_ID }}

	- name: Invite user to Azure tenant
	if: \|
	steps.issue.outputs.isValid == 'true' &&
	steps.issue.outputs.requestType == 'Azure 구독 초대 요청'
	shell: pwsh
	run: \|
	./scripts/Invite-ToAzure.ps1 `
	-Email "${{ steps.issue.outputs.email }}" `
	-Name "${{ steps.issue.outputs.name }}" `
	-SecurityGroup "${{ vars.AZURE_SECURITY_GROUP }}"

	- name: Add label - Complete
	if: \|
	steps.issue.outputs.isValid == 'true' &&
	steps.issue.outputs.requestType == 'Azure 구독 초대 요청'
	shell: bash
	env:
	GH_TOKEN: ${{ steps.bot-token.outputs.token }}
	run: \|
	gh issue edit ${{ steps.issue.outputs.issueNumber }} \
	--add-label "complete" \
	-R ${{ github.event.repository.full_name }}

	- name: Remove label - request
	if: \|
	steps.issue.outputs.isValid == 'true' &&
	steps.issue.outputs.requestType == 'Azure 구독 초대 요청'
	shell: bash
	env:
	GH_TOKEN: ${{ steps.bot-token.outputs.token }}
	run: \|
	gh issue edit ${{ steps.issue.outputs.issueNumber }} \
	--remove-label "request" \
	-R ${{ github.event.repository.full_name }}

	- name: Comment to issue - Complete
	if: \|
	steps.issue.outputs.isValid == 'true' &&
	steps.issue.outputs.requestType == 'Azure 구독 초대 요청'
	uses: actions-cool/issues-helper@v3
	with:
	actions: "create-comment"
	token: ${{ steps.bot-token.outputs.token }}
	issue-number: ${{ steps.issue.outputs.issueNumber }}
	emoji: "+1,rocket"
	body: \|
	👋🏼 @${{ steps.issue.outputs.githubId }}님!

	입력하신 이메일 주소로 초대장을 발송했습니다. 초대장을 수락하면 조직에 참여할 수 있습니다. 감사합니다!

	- name: Close issue - Complete
	if: \|
	steps.issue.outputs.isValid == 'true' &&
	steps.issue.outputs.requestType == 'Azure 구독 초대 요청'
	shell: bash
	env:
	GH_TOKEN: ${{ steps.bot-token.outputs.token }}
	run: \|
	gh issue close ${{ steps.issue.outputs.issueNumber }} \
	-c "초대 요청을 완료했습니다. 이슈를 닫습니다." \
	-R ${{ github.event.repository.full_name }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[Azure 구독 초대 요청] #93

Workflow file

[Azure 구독 초대 요청] #93

Uh oh!

Workflow file for this run