From 087bd6fa6e8894cd59977a3e91442921bb70f0ac Mon Sep 17 00:00:00 2001
From: Ella Bronson <111298136+ebronson68@users.noreply.github.com>
Date: Tue, 27 Aug 2024 16:18:48 -0500
Subject: [PATCH] [DEVOPS-513] Fix loop that sets key vault references for each
 environment variable (#146)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

<details open>
<summary><a href="https://amuniversal.atlassian.net/browse/DEVOPS-513"
title="DEVOPS-513" target="_blank">DEVOPS-513</a></summary>
  <br />
  <table>
    <tr>
      <th>Summary</th>
<td>Azure Function deploy workflows not updating environment
variables</td>
    </tr>
    <tr>
      <th>Type</th>
      <td>
<img alt="Bug"
src="https://amuniversal.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10308?size=medium"
/>
        Bug
      </td>
    </tr>
    <tr>
      <th>Status</th>
      <td>In Development Env</td>
    </tr>
    <tr>
      <th>Points</th>
      <td>N/A</td>
    </tr>
    <tr>
      <th>Labels</th>
      <td>-</td>
    </tr>
  </table>
</details>
<!--
do not remove this marker as it will break action-jira-linter's
functionality.
  added_by_jira_lint
-->
---

<!-- Please make sure you read the contribution guidelines and then fill
out the blanks below.

Please format the PR title appropriately based on the type of change:
  [JIRA-XXX]: <description>
-->

## Description

- Fix loop that sets key vault references for each environment variable

![image](https://github.com/user-attachments/assets/700b8db7-3fb8-46d8-b954-6c0185d99dd6)


## Related Links

<!-- List any links related to this pull request here

Replace "JIRA-XXX" with the your Jira issue key -->

- Jira Issue: DEVOPS-513
- Testing environment: [![🚀
Deploy](https://github.com/Andrews-McMeel-Universal/gocomics-my-follows-daily-emailer_function/actions/workflows/deploy.yml/badge.svg?branch=bug%2FDEVOPS-513%2Ffix-environment-var-separator)](https://github.com/Andrews-McMeel-Universal/gocomics-my-follows-daily-emailer_function/actions/workflows/deploy.yml)
---
 .github/workflows/azfunction-deploy.yaml | 38 ++++++++++++++++++++----
 1 file changed, 32 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/azfunction-deploy.yaml b/.github/workflows/azfunction-deploy.yaml
index 229e125e..a4cdd2cd 100644
--- a/.github/workflows/azfunction-deploy.yaml
+++ b/.github/workflows/azfunction-deploy.yaml
@@ -236,30 +236,56 @@ jobs:
           azurecredentials: ${{ secrets.AZURE_CREDENTIALS }}
           environment: ${{ inputs.environment }}
           contentTypes: Env
+          environmentVariableSeparator: "\n"
 
       - name: Add environment variables to function app
         uses: azure/cli@v2
         with:
           inlineScript: |
             set -eu
-            # Iterate over each environment variable
+            # Store the environment variables output into a separate variable
+            ENV_VARS_OUTPUT='${{ steps.get-envs.outputs.environmentVariables }}'
 
-            ENV_VARS=($(echo '${{ steps.get-envs.outputs.environmentVariables }}'))
+            # Get current app settings
+            if [[ "${{ inputs.environment }}" == "production" ]]; then
+              APPSETTINGS=$(az functionapp config appsettings list \
+                -g "${{ inputs.AZURE_FUNCTIONAPP_RESOURCEGROUP }}" \
+                -n "${{ inputs.AZURE_FUNCTIONAPP_NAME }}")
+            else
+              APPSETTINGS=$(az functionapp config appsettings list \
+                -g "${{ inputs.AZURE_FUNCTIONAPP_RESOURCEGROUP }}" \
+                -n "${{ inputs.AZURE_FUNCTIONAPP_NAME }}" \
+                --slot "${{ inputs.environment }}")
+            fi
 
-            for part in ${ENV_VARS[@]}; do
-              IFS='=' read -r key value <<< "$part"
+            # Use a while loop to read and process each environment variable and trim output
+            echo "$ENV_VARS_OUTPUT" | sed '$ d' | while IFS='=' read -r key value; do
+              echo "Processing variable: $key=$value"
               VARIABLE_LC=$(echo "$key" | tr '[:upper:]' '[:lower:]' | tr "_" "-")
+
+              # Search for the key in app settings
+              APPSETTING_VALUE=$(echo "${APPSETTINGS}" | jq -r ".[] | select(.name == \"$key\") | .value")
+
+              # Check if the value is set to a keyvault reference
+              if [[ "${APPSETTING_VALUE}" == "@Microsoft.KeyVault"* ]]; then
+                echo "Skipping $key as it is already a keyvault reference"
+                continue
+              fi
+              
+              echo "Adding $key to app settings"
               if [[ "${{ inputs.environment }}" == "production" ]]; then
                 az functionapp config appsettings set \
                   -g "${{ inputs.AZURE_FUNCTIONAPP_RESOURCEGROUP }}" \
                   -n "${{ inputs.AZURE_FUNCTIONAPP_NAME }}" \
-                  --slot-settings "$key=@Microsoft.KeyVault(VaultName=${{ env.keyVaultName }};SecretName=${VARIABLE_LC})" | tee
+                  --slot-settings "$key=@Microsoft.KeyVault(VaultName=${{ env.keyVaultName }};SecretName=${VARIABLE_LC})" >/dev/null && \
+                echo "Successfully added $key to app settings"
               else
                 az functionapp config appsettings set \
                   -g "${{ inputs.AZURE_FUNCTIONAPP_RESOURCEGROUP }}" \
                   -n "${{ inputs.AZURE_FUNCTIONAPP_NAME }}" \
                   --slot "${{ inputs.environment }}" \
-                  --slot-settings "$key=@Microsoft.KeyVault(VaultName=${{ env.keyVaultName }};SecretName=${VARIABLE_LC})" | tee
+                  --slot-settings "$key=@Microsoft.KeyVault(VaultName=${{ env.keyVaultName }};SecretName=${VARIABLE_LC})" >/dev/null && \
+                echo "Successfully added $key to app settings"
               fi
             done