From 38cf8f94a2d268ce56aa581cf3dcc6ed46a8ce16 Mon Sep 17 00:00:00 2001 From: aamini7 <97303926+aamini7@users.noreply.github.com> Date: Tue, 28 Jun 2022 17:24:22 -0500 Subject: [PATCH] Update workflow to deploy to AKS --- .github/workflows/bugbash.yaml | 96 ++++++++++++++++++++++++++++++++++ 1 file changed, 96 insertions(+) create mode 100644 .github/workflows/bugbash.yaml diff --git a/.github/workflows/bugbash.yaml b/.github/workflows/bugbash.yaml new file mode 100644 index 0000000000..a6fbe002e9 --- /dev/null +++ b/.github/workflows/bugbash.yaml @@ -0,0 +1,96 @@ +name: bugbash +"on": + push: + branches: + - main + workflow_dispatch: {} +env: + ACR_RESOURCE_GROUP: aaminiakstestregistry + AZURE_CONTAINER_REGISTRY: aaminiakstestregistry + CLUSTER_NAME: aamini-aks-test + CLUSTER_RESOURCE_GROUP: aamini-rg + CONTAINER_NAME: test-image + DEPLOYMENT_MANIFEST_PATH: | + ./manifests/deployment.yaml + IMAGE_PULL_SECRET_NAME: your-image-pull-secret-name +jobs: + buildImage: + permissions: + contents: read + id-token: write + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: azure/login@v1.4.3 + name: Azure login + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + - name: Build and push image to ACR + run: az acr build --image ${{ env.CONTAINER_NAME }}:${{ github.sha }} --registry ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.ACR_RESOURCE_GROUP }} -f ./Dockerfile ./ + createSecret: + permissions: + contents: read + id-token: write + runs-on: ubuntu-latest + steps: + - uses: azure/login@v1.4.3 + name: Azure login + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + - uses: azure/aks-set-context@v2.0 + name: Get K8s context + with: + cluster-name: ${{ env.CLUSTER_NAME }} + resource-group: ${{ env.CLUSTER_RESOURCE_GROUP }} + - name: Get ACR credentials + run: | + az acr update -n ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.ACR_RESOURCE_GROUP }} --admin-enabled true + ACR_USERNAME=$(az acr credential show -g ${{ env.ACR_RESOURCE_GROUP }} -n ${{ env.AZURE_CONTAINER_REGISTRY }} --query username -o tsv) + ACR_PASSWORD=$(az acr credential show -g ${{ env.ACR_RESOURCE_GROUP }} -n ${{ env.AZURE_CONTAINER_REGISTRY }} --query passwords[0].value -o tsv) + echo "::add-mask::${ACR_USERNAME}" + echo "::set-output name=username::${ACR_USERNAME}" + echo "::add-mask::${ACR_PASSWORD}" + echo "::set-output name=password::${ACR_PASSWORD}" + id: get-acr-creds + - uses: Azure/k8s-create-secret@v1.1 + name: Create K8s secret for pulling image from ACR + with: + container-registry-password: ${{ steps.get-acr-creds.outputs.password }} + container-registry-url: ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io + container-registry-username: ${{ steps.get-acr-creds.outputs.username }} + secret-name: ${{ env.IMAGE_PULL_SECRET_NAME }} + deploy: + permissions: + actions: read + contents: read + id-token: write + runs-on: ubuntu-latest + needs: + - buildImage + - createSecret + steps: + - uses: actions/checkout@v3 + - uses: azure/login@v1.4.3 + name: Azure login + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + - uses: azure/aks-set-context@v2.0 + name: Get K8s context + with: + cluster-name: ${{ env.CLUSTER_NAME }} + resource-group: ${{ env.CLUSTER_RESOURCE_GROUP }} + - uses: Azure/k8s-deploy@v3.1 + name: Deploys application + with: + action: deploy + imagepullsecrets: ${{ env.IMAGE_PULL_SECRET_NAME }} + images: | + ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }} + manifests: ${{ env.DEPLOYMENT_MANIFEST_PATH }} + namespace: namespace-workflow-1656454578660