From b630e279c146e8a3f54546ab22e4f56af5084195 Mon Sep 17 00:00:00 2001
From: Sebastian Graef <segraef@microsoft.com>
Date: Sat, 1 Feb 2025 11:14:38 +1000
Subject: [PATCH] Add GitHub Actions workflow for Azure Bicep deployment

---
 .github/workflows/bicep_deployment.yaml | 45 +++++++++++++++++++++++++
 1 file changed, 45 insertions(+)
 create mode 100644 .github/workflows/bicep_deployment.yaml

diff --git a/.github/workflows/bicep_deployment.yaml b/.github/workflows/bicep_deployment.yaml
new file mode 100644
index 0000000..9965738
--- /dev/null
+++ b/.github/workflows/bicep_deployment.yaml
@@ -0,0 +1,45 @@
+name: Azure Bicep Deployment
+
+on:
+  push:
+    branches:
+      - main
+  workflow_dispatch:
+    inputs:
+      resource_group:
+        description: 'Azure Resource Group'
+        required: true
+        default: 'rg-bice-deployment'
+      location:
+        description: 'Azure Region'
+        required: true
+        default: 'australiaeast'
+
+permissions:
+  id-token: write
+  contents: read
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    env:
+      LOCATION: ${{ github.event.inputs.location || 'australiaeast' }}
+      RESOURCE_GROUP: ${{ github.event.inputs.resource_group || 'rg-bice-deployment' }}
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Login to Azure using OIDC
+        uses: azure/login@v2
+        with:
+          client-id: ${{ secrets.AZURE_CLIENT_ID }}
+          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+          allow-no-subscriptions: true
+          enable-AzPSSession: true
+
+      - name: Deploy Infrastructure using Bicep
+        run: |
+          az group create -l $LOCATION -n $RESOURCE_GROUP
+          az deployment group create -f ./main.bicep -g $RESOURCE_GROUP