From 4ce6637895b3891af1608659e087787a1ff44992 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Thu, 15 May 2025 10:34:51 +0000
Subject: [PATCH 1/2] Update DFE-Digital/deploy-azure-container-apps-action
 action to v5

---
 .github/workflows/build-and-push-image.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/build-and-push-image.yml b/.github/workflows/build-and-push-image.yml
index f2bc75b9..6f98e693 100644
--- a/.github/workflows/build-and-push-image.yml
+++ b/.github/workflows/build-and-push-image.yml
@@ -55,7 +55,7 @@ jobs:
     needs: [ set-env, validate-packages ]
     permissions:
       packages: write
-    uses: DFE-Digital/deploy-azure-container-apps-action/.github/workflows/build.yml@2669c85cf877ce3161b7d0edf36690106412c70b # v4.1.0
+    uses: DFE-Digital/deploy-azure-container-apps-action/.github/workflows/build.yml@23ab6d515b6d3e5cea917134f56c19ce2e93be47 # v5.2.0
     strategy:
       matrix:
         stage: [
@@ -81,7 +81,7 @@ jobs:
     needs: [ set-env, build ]
     permissions:
       id-token: write
-    uses: DFE-Digital/deploy-azure-container-apps-action/.github/workflows/import.yml@2669c85cf877ce3161b7d0edf36690106412c70b # v4.1.0
+    uses: DFE-Digital/deploy-azure-container-apps-action/.github/workflows/import.yml@23ab6d515b6d3e5cea917134f56c19ce2e93be47 # v5.2.0
     strategy:
       matrix:
         stage: [
@@ -108,7 +108,7 @@ jobs:
     needs: [ set-env, import ]
     permissions:
       id-token: write
-    uses: DFE-Digital/deploy-azure-container-apps-action/.github/workflows/deploy.yml@2669c85cf877ce3161b7d0edf36690106412c70b # v4.1.0
+    uses: DFE-Digital/deploy-azure-container-apps-action/.github/workflows/deploy.yml@23ab6d515b6d3e5cea917134f56c19ce2e93be47 # v5.2.0
     with:
       environment: ${{ needs.set-env.outputs.environment }}
       docker-image-name: ${{ needs.set-env.outputs.image-name }}

From eb685bfca451f450e821fd07329e5e1677782ce1 Mon Sep 17 00:00:00 2001
From: Ash Davies <3853061+DrizzlyOwl@users.noreply.github.com>
Date: Thu, 15 May 2025 11:48:39 +0100
Subject: [PATCH 2/2] Update to v5.2.1

---
 .github/workflows/build-and-push-image.yml | 99 ++++++++++------------
 1 file changed, 47 insertions(+), 52 deletions(-)

diff --git a/.github/workflows/build-and-push-image.yml b/.github/workflows/build-and-push-image.yml
index 6f98e693..6d6f219b 100644
--- a/.github/workflows/build-and-push-image.yml
+++ b/.github/workflows/build-and-push-image.yml
@@ -50,12 +50,11 @@ jobs:
         with:
           environment: ${{ needs.set-env.outputs.environment }}
 
-  build:
-    name: Build
+  build-import:
+    name: Build & Import
+    runs-on: ubuntu-24.04
     needs: [ set-env, validate-packages ]
-    permissions:
-      packages: write
-    uses: DFE-Digital/deploy-azure-container-apps-action/.github/workflows/build.yml@23ab6d515b6d3e5cea917134f56c19ce2e93be47 # v5.2.0
+    environment: ${{ needs.set-env.outputs.environment }}
     strategy:
       matrix:
         stage: [
@@ -67,59 +66,55 @@ jobs:
             tag-prefix: ""
           - stage: "initcontainer"
             tag-prefix: "init-"
-    with:
-      environment: ${{ needs.set-env.outputs.environment }}
-      docker-image-name: ${{ needs.set-env.outputs.image-name }}
-      docker-build-file-name: ${{ inputs.docker-build-file-name }}
-      docker-build-context: ${{ inputs.docker-build-context }}
-      docker-build-args: CI=true
-      docker-build-target: ${{ matrix.stage }}
-      docker-tag-prefix: ${{ matrix.tag-prefix }}
-
-  import:
-    name: Import
-    needs: [ set-env, build ]
     permissions:
+      packages: write
+      attestations: write
       id-token: write
-    uses: DFE-Digital/deploy-azure-container-apps-action/.github/workflows/import.yml@23ab6d515b6d3e5cea917134f56c19ce2e93be47 # v5.2.0
-    strategy:
-      matrix:
-        stage: [
-          "final",
-          "initcontainer"
-        ]
-        include:
-          - stage: "final"
-            tag-prefix: ""
-          - stage: "initcontainer"
-            tag-prefix: "init-"
-    with:
-      environment: ${{ needs.set-env.outputs.environment }}
-      docker-image-name: ${{ needs.set-env.outputs.image-name }}
-      docker-tag-prefix: ${{ matrix.tag-prefix }}
-    secrets:
-      azure-tenant-id: ${{ secrets.AZURE_TENANT_ID }}
-      azure-subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
-      azure-acr-client-id: ${{ secrets.ACR_CLIENT_ID }}
-      azure-acr-name: ${{ secrets.ACR_NAME }}
+    steps:
+      - uses: DFE-Digital/deploy-azure-container-apps-action/.github/actions/build@v5.2.1
+        with:
+          image-name: ${{ needs.set-env.outputs.image-name }}
+          build-args: CI=true
+          build-target: ${{ matrix.stage }}
+          tag-prefix: ${{ matrix.tag-prefix }}
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+
+      - uses: DFE-Digital/deploy-azure-container-apps-action/.github/actions/import@v5.2.1
+        with:
+          image-name: ${{ needs.set-env.outputs.image-name }}
+          tag-prefix: ${{ matrix.tag-prefix }}
+          azure-acr-name: ${{ secrets.ACR_NAME }}
+          azure-tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+          azure-subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+          azure-acr-client-id: ${{ secrets.ACR_CLIENT_ID }}
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+        env:
+          AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID || '' }}
+          AZURE_SUBSCRIPTION: ${{ secrets.AZURE_SUBSCRIPTION_ID || '' }}
+          AZURE_ACR_CLIENT_ID: ${{ secrets.ACR_CLIENT_ID || '' }}
 
   deploy:
-    name: Deploy
-    needs: [ set-env, import ]
+    name: Deploy to ${{ needs.set-env.outputs.environment }}
+    needs: [ set-env, build-import ]
+    runs-on: ubuntu-24.04
+    environment: ${{ needs.set-env.outputs.environment }}
     permissions:
       id-token: write
-    uses: DFE-Digital/deploy-azure-container-apps-action/.github/workflows/deploy.yml@23ab6d515b6d3e5cea917134f56c19ce2e93be47 # v5.2.0
-    with:
-      environment: ${{ needs.set-env.outputs.environment }}
-      docker-image-name: ${{ needs.set-env.outputs.image-name }}
-      annotate-release: true
-    secrets:
-      azure-tenant-id: ${{ secrets.AZURE_TENANT_ID }}
-      azure-subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
-      azure-aca-client-id: ${{ secrets.ACA_CLIENT_ID }}
-      azure-aca-name: ${{ secrets.ACA_CONTAINERAPP_NAME }}
-      azure-aca-resource-group: ${{ secrets.ACA_RESOURCE_GROUP }}
-      azure-acr-name: ${{ secrets.ACR_NAME }}
+    steps:
+      - uses: DFE-Digital/deploy-azure-container-apps-action/.github/actions/deploy@v5.2.1
+        with:
+          image-name: ${{ needs.set-env.outputs.image-name }}
+          annotate-release: 'yes'
+          azure-tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+          azure-subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+          azure-acr-name: ${{ secrets.ACR_NAME }}
+          azure-aca-client-id: ${{ secrets.ACA_CLIENT_ID }}
+          azure-aca-name: ${{ secrets.ACA_CONTAINERAPP_NAME }}
+          azure-aca-resource-group: ${{ secrets.ACA_RESOURCE_GROUP }}
+        env:
+          AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID || '' }}
+          AZURE_SUBSCRIPTION: ${{ secrets.AZURE_SUBSCRIPTION_ID || '' }}
+          AZURE_ACA_CLIENT_ID: ${{ secrets.ACA_CLIENT_ID || '' }}
 
   create-tag:
     name: Tag and release