From 40e0f2bc7e384e6abca60e89dcd799c13c6b5510 Mon Sep 17 00:00:00 2001 From: ebronson68 <111298136+ebronson68@users.noreply.github.com> Date: Tue, 3 Oct 2023 16:35:33 -0500 Subject: [PATCH 01/22] Add ephemeral deployments workflow --- .github/workflows/ephemeral-deploy.yaml | 203 ++++++++++++++++++++++++ 1 file changed, 203 insertions(+) create mode 100644 .github/workflows/ephemeral-deploy.yaml diff --git a/.github/workflows/ephemeral-deploy.yaml b/.github/workflows/ephemeral-deploy.yaml new file mode 100644 index 00000000..c6feb45c --- /dev/null +++ b/.github/workflows/ephemeral-deploy.yaml @@ -0,0 +1,203 @@ +name: AKS Deployment + +on: + workflow_call: + inputs: + environment: + required: true + type: string + description: "Deploy Environment. This is used to pull in and set the github environment. Can be development, staging, or production." + environmentKeyVault: + required: false + type: string + description: "AKS Key vault." + repositoryName: + required: false + type: string + description: "GitHub Repository Name." + default: "${{ github.event.repository.name }}" + clusterResourceGroup: + required: false + type: string + description: "AKS Cluster Resource Group." + default: "AMU_AKS_201" + dockerFilePath: + required: false + type: string + description: "Relative path to Dockerfile." + default: "." + dockerImageName: + required: false + type: string + description: "Docker image name." + default: "${{ github.event.repository.name }}" + azureResourceLocation: + required: false + type: string + description: "Location of resources in Azure" + default: "centralus" + secrets: + azureCredentials: + required: true + registryHostName: + required: true + registryUserName: + required: true + registryPassword: + required: true + +env: + githubPrBranch: ${{ github.head_ref }} + githubPrTitle: ${{ github.event.pull_request.title }} + githubPrDescription: ${{ github.event.pull_request.body }} + +jobs: + prepare: + name: Preparation Step + if: ${{ github.event.action == 'labeled' && github.event.label.name == 'ephemeral-deployment' || github.event_name == 'pull_request' && github.event.action != 'labeled' }} + runs-on: ubuntu-latest + steps: + - name: Retrieve Jira ticket ID + id: jira-ticket + run: | + PR_BRANCH=$(echo "${{ env.githubPrBranch }}" | grep -Eo "\b[A-Z][A-Z0-9_]+-[1-9][0-9]*") + PR_TITLE=$(echo "${{ env.githubPrTitle }}" | grep -Eo "\b[A-Z][A-Z0-9_]+-[1-9][0-9]*") + PR_DESC=$(echo "${{ env.githubPrDescription }}" | grep -Eo "\b[A-Z][A-Z0-9_]+-[1-9][0-9]*") + + for var in ${PR_BRANCH} ${PR_TITLE} ${PR_DESC}; do JIRA_TICKET_ID=$(echo $var | grep -E ".") && break ; done + JIRA_TICKET_ID_LC=$(echo "${JIRA_TICKET_ID}" | tr '[:upper:]' '[:lower:]') + + echo "jiraTicketIdLc=${JIRA_TICKET_ID_LC}" >> $GITHUB_OUTPUT + echo "jiraTicketId=${JIRA_TICKET_ID}" >> $GITHUB_OUTPUT + + - name: Fix repository name + id: repository-name + run: | + REPOSITORY_NAME=$(echo "${{ inputs.repositoryName }}" | tr '[:upper:]' '[:lower:]' | tr "_" "-") + + echo "repositoryName=${REPOSITORY_NAME}" >> $GITHUB_OUTPUT + outputs: + jiraTicketId: ${{ steps.jira-ticket.outputs.jiraTicketId }} + jiraTicketIdLc: ${{ steps.jira-ticket.outputs.jiraTicketIdLc }} + repositoryName: ${{ steps.repository-name.outputs.repositoryName }} + + deploy: + name: Deploy Azure Container Instance + if: ${{ github.event.action == 'labeled' && github.event.label.name == 'ephemeral-deployment' || github.event_name == 'pull_request' && github.event.action != 'closed' && github.event.action != 'labeled' }} + needs: [prepare] + runs-on: ubuntu-latest + environment: + name: ${{ needs.prepare.outputs.jiraTicketId }} + url: http://${{ needs.prepare.outputs.repositoryName }}-${{ needs.prepare.outputs.jiraTicketIdLc }}.${{ inputs.azureResourceLocation }}.azurecontainer.io + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Generate .env file from Azure Key Vaults + uses: Andrews-McMeel-Universal/get-envs@v1 + with: + azurecredentials: ${{ secrets.azureCredentials }} + environmentKeyVault: ${{ inputs.environmentKeyVault }} + + - name: Set environment variables + id: env-vars + run: | + ENVIRONMENT_VARIABLES=$(cat .env) + echo "environmentVariables=${ENVIRONMENT_VARIABLES}" >> $GITHUB_OUTPUT + + - name: Generate build args from Azure Key Vaults + shell: bash + run: | + ENVIRONMENT="${{ inputs.environment }}" + REPOSITORY_NAME="${{ inputs.repositoryName }}" + ENV_KEYVAULT_NAME="${{ inputs.environmentKeyVault }}" + BUILDARG_PREDICATE=" --build-arg " + + # Check if searching for key vaults by repository name or otherwise, if key vault name argument is given + if [ -z "${ENV_KEYVAULT_NAME}" ]; then + # Search for key vault using tags + KEYVAULT_NAME=$(az keyvault list --query "[?tags.\"repository-name\" == '${REPOSITORY_NAME}' && tags.environment == '${ENVIRONMENT}'].name" --output tsv) + else + KEYVAULT_NAME="${ENV_KEYVAULT_NAME}" + fi + + # Get key vault object + KEYVAULT=$(az keyvault list --query "[?name == '${KEYVAULT_NAME}']" ) + + # Check if key vault exists + if ! echo "${KEYVAULT}" | grep -Eq "\w"; then + echo -e "${RED}Invalid value provided for 'KeyVaultName'. Please confirm a Key Vault exists under the name specified. Value provided: ${KEYVAULT_NAME}" + exit 1 + fi + KEYVAULT_NAME="${KEYVAULT_NAME// /}" + + # Set secrets list + SECRETS=$(az keyvault secret list --vault-name "${KEYVAULT_NAME}" --query "[?contentType == 'BuildArg Env' || contentType == 'BuildArg'].name" --output tsv) + + # Loop through secrets and add them to .env + if echo "${SECRETS}" | grep -Eq "\w"; then + while IFS= read -r SECRET; do + # Convert to upper case snake case and remove quotes + SECRET_NAME=$(echo "${SECRET}" | tr '[:upper:][:lower:]' '[:lower:][:upper:]' | tr "-" "_" | tr -d '"') + + # Get secret value and set it to the secret name + SECRET_VALUE=$(az keyvault secret show --vault-name "${KEYVAULT_NAME}" -n "${SECRET}" --query "value" --output tsv) + + # Add secret to file + BUILDARGS="${BUILDARGS} ${BUILDARG_PREDICATE} ${SECRET_NAME}=${SECRET_VALUE}" + done < <(echo "${SECRETS[*]}") + fi + echo "buildArguments=${BUILDARGS}" >> $env:GITHUB_ENV + + - name: Login to Azure Container Registry + uses: Azure/docker-login@v1 + with: + login-server: ${{ secrets.registryHostName }} + username: ${{ secrets.registryUserName }} + password: ${{ secrets.registryPassword }} + + - name: Build & Push Docker Image + id: docker + run: | + docker build ${{ inputs.dockerFilePath }} ${{ env.buildArguments }} -t "${{ secrets.registryHostName }}/${{ inputs.dockerImageName }}:${{ needs.prepare.outputs.jiraTicketId }}" + docker push -a "${{ secrets.registryHostName }}/${{ inputs.dockerImageName }}" + + dockerContainerPort=$(docker image inspect "${{ secrets.registryHostName }}/${{ inputs.dockerImageName }}:${{ needs.prepare.outputs.jiraTicketId }}" -f "{{json .Config.ExposedPorts }}" | tr -d '{}":/tcp' | tr "," " ") + echo "dockerContainerPort=${dockerContainerPort}" >> $GITHUB_OUTPUT + + - name: Deploy to Azure Container Instances + uses: azure/aci-deploy@v1 + with: + resource-group: ${{ inputs.clusterResourceGroup }} + dns-name-label: ${{ needs.prepare.outputs.repositoryName }}-${{ needs.prepare.outputs.jiraTicketIdLc }} + image: ${{ secrets.registryHostName }}/${{ inputs.dockerImageName }}:${{ needs.prepare.outputs.jiraTicketId }} + registry-login-server: ${{ secrets.registryHostName }} + registry-username: ${{ secrets.registryUserName }} + registry-password: ${{ secrets.registryPassword }} + name: ${{ needs.prepare.outputs.repositoryName }}-${{ needs.prepare.outputs.jiraTicketIdLc }} + location: ${{ inputs.azureResourceLocation }} + environment-variables: ${{ steps.env-vars.outputs.environmentVariables }} + ports: ${{ steps.docker.outputs.dockerContainerPort }} + + destroy: + name: Destroy Azure Container Instance + if: ${{ github.event_name == 'pull_request' && github.event.action == 'closed' }} + needs: [prepare] + runs-on: ubuntu-latest + steps: + - name: Login to Azure + uses: Andrews-McMeel-Universal/cache-azure-login@v1 + with: + azureCredentials: "${{ secrets.azureCredentials }}" + + - name: Delete Azure Resources + run: | + az lock delete --name deletion-lock --resource-group ${{ inputs.clusterResourceGroup }} + az container delete --resource-group ${{ inputs.clusterResourceGroup }} --name ${{ needs.prepare.outputs.repositoryName }}-${{ needs.prepare.outputs.jiraTicketIdLc }} + + - name: Delete deployment environment + uses: strumwolf/delete-deployment-environment@v2 + with: + token: ${{ secrets.PAT_ACTION_CI }} + environment: ${{ needs.prepare.outputs.jiraTicketId }} + ref: ${{ github.ref_name }} From 8c73a84a385d89057350fc60e4f8fb4016279b67 Mon Sep 17 00:00:00 2001 From: ebronson68 <111298136+ebronson68@users.noreply.github.com> Date: Tue, 3 Oct 2023 16:45:44 -0500 Subject: [PATCH 02/22] disable AzPsSession in destroy step --- .github/workflows/ephemeral-deploy.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ephemeral-deploy.yaml b/.github/workflows/ephemeral-deploy.yaml index c6feb45c..5c4e2de8 100644 --- a/.github/workflows/ephemeral-deploy.yaml +++ b/.github/workflows/ephemeral-deploy.yaml @@ -189,6 +189,7 @@ jobs: uses: Andrews-McMeel-Universal/cache-azure-login@v1 with: azureCredentials: "${{ secrets.azureCredentials }}" + enable-AzPsSession: false - name: Delete Azure Resources run: | From 91315e8cb4e7437d66ab5d29d35a234dbf64c9e6 Mon Sep 17 00:00:00 2001 From: ebronson68 <111298136+ebronson68@users.noreply.github.com> Date: Wed, 4 Oct 2023 11:42:35 -0500 Subject: [PATCH 03/22] Removed spaces around build arg option --- .github/workflows/ephemeral-deploy.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/ephemeral-deploy.yaml b/.github/workflows/ephemeral-deploy.yaml index 5c4e2de8..2aabe929 100644 --- a/.github/workflows/ephemeral-deploy.yaml +++ b/.github/workflows/ephemeral-deploy.yaml @@ -1,4 +1,4 @@ -name: AKS Deployment +name: Ephemeral Deployment on: workflow_call: @@ -96,6 +96,7 @@ jobs: - name: Generate .env file from Azure Key Vaults uses: Andrews-McMeel-Universal/get-envs@v1 with: + environment: ${{ inputs.environment }} azurecredentials: ${{ secrets.azureCredentials }} environmentKeyVault: ${{ inputs.environmentKeyVault }} @@ -111,7 +112,7 @@ jobs: ENVIRONMENT="${{ inputs.environment }}" REPOSITORY_NAME="${{ inputs.repositoryName }}" ENV_KEYVAULT_NAME="${{ inputs.environmentKeyVault }}" - BUILDARG_PREDICATE=" --build-arg " + BUILDARG_PREDICATE="--build-arg" # Check if searching for key vaults by repository name or otherwise, if key vault name argument is given if [ -z "${ENV_KEYVAULT_NAME}" ]; then @@ -185,11 +186,10 @@ jobs: needs: [prepare] runs-on: ubuntu-latest steps: - - name: Login to Azure - uses: Andrews-McMeel-Universal/cache-azure-login@v1 + - name: Login via Az module + uses: azure/login@v1 with: - azureCredentials: "${{ secrets.azureCredentials }}" - enable-AzPsSession: false + creds: "${{ secrets.azureCredentials }}" - name: Delete Azure Resources run: | From c61d2c34cc748716be2c2311d4ae9dfff8b6a7da Mon Sep 17 00:00:00 2001 From: ebronson68 <111298136+ebronson68@users.noreply.github.com> Date: Wed, 4 Oct 2023 11:53:30 -0500 Subject: [PATCH 04/22] Fix build args GitHub action env setting --- .github/workflows/ephemeral-deploy.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ephemeral-deploy.yaml b/.github/workflows/ephemeral-deploy.yaml index 2aabe929..be61c763 100644 --- a/.github/workflows/ephemeral-deploy.yaml +++ b/.github/workflows/ephemeral-deploy.yaml @@ -148,7 +148,7 @@ jobs: BUILDARGS="${BUILDARGS} ${BUILDARG_PREDICATE} ${SECRET_NAME}=${SECRET_VALUE}" done < <(echo "${SECRETS[*]}") fi - echo "buildArguments=${BUILDARGS}" >> $env:GITHUB_ENV + echo "buildArguments=${BUILDARGS}" >> $GITHUB_ENV - name: Login to Azure Container Registry uses: Azure/docker-login@v1 From 2beb769f9320550b48bd2fdb31907987e6631f6c Mon Sep 17 00:00:00 2001 From: ebronson68 <111298136+ebronson68@users.noreply.github.com> Date: Thu, 5 Oct 2023 14:51:23 -0500 Subject: [PATCH 05/22] Switch to Container Apps --- .github/workflows/ephemeral-deploy.yaml | 54 ++++++++++--------------- 1 file changed, 22 insertions(+), 32 deletions(-) diff --git a/.github/workflows/ephemeral-deploy.yaml b/.github/workflows/ephemeral-deploy.yaml index be61c763..5b564049 100644 --- a/.github/workflows/ephemeral-deploy.yaml +++ b/.github/workflows/ephemeral-deploy.yaml @@ -19,8 +19,8 @@ on: clusterResourceGroup: required: false type: string - description: "AKS Cluster Resource Group." - default: "AMU_AKS_201" + description: "Azure Resource Group." + default: "AMU_EphemeralDeployments_201" dockerFilePath: required: false type: string @@ -54,7 +54,7 @@ env: jobs: prepare: name: Preparation Step - if: ${{ github.event.action == 'labeled' && github.event.label.name == 'ephemeral-deployment' || github.event_name == 'pull_request' && github.event.action != 'labeled' }} + if: ${{ github.event.action == 'labeled' && github.event.label.name == 'ephemeral-deployment' || github.event_name == 'pull_request' && github.event.action != 'labeled' && contains(github.event.pull_request.labels.*.name, 'ephemeral-deployment') }} runs-on: ubuntu-latest steps: - name: Retrieve Jira ticket ID @@ -83,7 +83,7 @@ jobs: deploy: name: Deploy Azure Container Instance - if: ${{ github.event.action == 'labeled' && github.event.label.name == 'ephemeral-deployment' || github.event_name == 'pull_request' && github.event.action != 'closed' && github.event.action != 'labeled' }} + if: ${{ github.event.action == 'labeled' && github.event.label.name == 'ephemeral-deployment' || github.event_name == 'pull_request' && github.event.action != 'closed' && github.event.action != 'labeled' && contains(github.event.pull_request.labels.*.name, 'ephemeral-deployment') }} needs: [prepare] runs-on: ubuntu-latest environment: @@ -104,6 +104,9 @@ jobs: id: env-vars run: | ENVIRONMENT_VARIABLES=$(cat .env) + TARGET_PORT=$(grep -Rh "targetPort: " **/values.yaml | awk -F ': ' '{print $2}' | uniq) + + echo "targetPort=${TARGET_PORT}" >> $GITHUB_OUTPUT echo "environmentVariables=${ENVIRONMENT_VARIABLES}" >> $GITHUB_OUTPUT - name: Generate build args from Azure Key Vaults @@ -150,35 +153,22 @@ jobs: fi echo "buildArguments=${BUILDARGS}" >> $GITHUB_ENV - - name: Login to Azure Container Registry - uses: Azure/docker-login@v1 - with: - login-server: ${{ secrets.registryHostName }} - username: ${{ secrets.registryUserName }} - password: ${{ secrets.registryPassword }} - - - name: Build & Push Docker Image - id: docker - run: | - docker build ${{ inputs.dockerFilePath }} ${{ env.buildArguments }} -t "${{ secrets.registryHostName }}/${{ inputs.dockerImageName }}:${{ needs.prepare.outputs.jiraTicketId }}" - docker push -a "${{ secrets.registryHostName }}/${{ inputs.dockerImageName }}" - - dockerContainerPort=$(docker image inspect "${{ secrets.registryHostName }}/${{ inputs.dockerImageName }}:${{ needs.prepare.outputs.jiraTicketId }}" -f "{{json .Config.ExposedPorts }}" | tr -d '{}":/tcp' | tr "," " ") - echo "dockerContainerPort=${dockerContainerPort}" >> $GITHUB_OUTPUT - - - name: Deploy to Azure Container Instances - uses: azure/aci-deploy@v1 + - name: Deploy Azure Container App + uses: azure/container-apps-deploy-action@v1 with: - resource-group: ${{ inputs.clusterResourceGroup }} - dns-name-label: ${{ needs.prepare.outputs.repositoryName }}-${{ needs.prepare.outputs.jiraTicketIdLc }} - image: ${{ secrets.registryHostName }}/${{ inputs.dockerImageName }}:${{ needs.prepare.outputs.jiraTicketId }} - registry-login-server: ${{ secrets.registryHostName }} - registry-username: ${{ secrets.registryUserName }} - registry-password: ${{ secrets.registryPassword }} - name: ${{ needs.prepare.outputs.repositoryName }}-${{ needs.prepare.outputs.jiraTicketIdLc }} + appSourcePath: ${{ github.workspace }} + acrName: ${{ secrets.registryHostName }} + acrUsername: ${{ secrets.registryUserName }} + acrPassword: ${{ secrets.registryPassword }} + imageToBuild: ${{ secrets.registryHostName }}/${{ inputs.dockerImageName }}:${{ needs.prepare.outputs.jiraTicketId }} + dockerfilePath: Dockerfile + containerAppName: ${{ needs.prepare.outputs.repositoryName }}-${{ needs.prepare.outputs.jiraTicketIdLc }} + resourceGroup: ${{ inputs.clusterResourceGroup }} + targetPort: ${{ steps.env-vars.outputs.targetPort }} location: ${{ inputs.azureResourceLocation }} - environment-variables: ${{ steps.env-vars.outputs.environmentVariables }} - ports: ${{ steps.docker.outputs.dockerContainerPort }} + environmentVariables: ${{ steps.env-vars.outputs.environmentVariables }} + ingress: external + disableTelemetry: true destroy: name: Destroy Azure Container Instance @@ -193,8 +183,8 @@ jobs: - name: Delete Azure Resources run: | - az lock delete --name deletion-lock --resource-group ${{ inputs.clusterResourceGroup }} az container delete --resource-group ${{ inputs.clusterResourceGroup }} --name ${{ needs.prepare.outputs.repositoryName }}-${{ needs.prepare.outputs.jiraTicketIdLc }} + az acr repository delete -n ${{ secrets.registryHostName }} --image ${{ inputs.dockerImageName }}:${{ needs.prepare.outputs.jiraTicketId }} - name: Delete deployment environment uses: strumwolf/delete-deployment-environment@v2 From fad70ee630bc9aab1e5cb04d3c169ef0ee61f4b2 Mon Sep 17 00:00:00 2001 From: ebronson68 <111298136+ebronson68@users.noreply.github.com> Date: Thu, 5 Oct 2023 14:55:45 -0500 Subject: [PATCH 06/22] switch to registry* inputs for container registry --- .github/workflows/ephemeral-deploy.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ephemeral-deploy.yaml b/.github/workflows/ephemeral-deploy.yaml index 5b564049..d30b85eb 100644 --- a/.github/workflows/ephemeral-deploy.yaml +++ b/.github/workflows/ephemeral-deploy.yaml @@ -157,9 +157,9 @@ jobs: uses: azure/container-apps-deploy-action@v1 with: appSourcePath: ${{ github.workspace }} - acrName: ${{ secrets.registryHostName }} - acrUsername: ${{ secrets.registryUserName }} - acrPassword: ${{ secrets.registryPassword }} + registryUrl: ${{ secrets.registryHostName }} + registryUsername: ${{ secrets.registryUserName }} + registryPassword: ${{ secrets.registryPassword }} imageToBuild: ${{ secrets.registryHostName }}/${{ inputs.dockerImageName }}:${{ needs.prepare.outputs.jiraTicketId }} dockerfilePath: Dockerfile containerAppName: ${{ needs.prepare.outputs.repositoryName }}-${{ needs.prepare.outputs.jiraTicketIdLc }} From 4dbc1e63de7ab34c9ef84747b0a7179a45101270 Mon Sep 17 00:00:00 2001 From: ebronson68 <111298136+ebronson68@users.noreply.github.com> Date: Thu, 5 Oct 2023 14:57:49 -0500 Subject: [PATCH 07/22] Fix clusterResourceGroup default value --- .github/workflows/ephemeral-deploy.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ephemeral-deploy.yaml b/.github/workflows/ephemeral-deploy.yaml index d30b85eb..34e11277 100644 --- a/.github/workflows/ephemeral-deploy.yaml +++ b/.github/workflows/ephemeral-deploy.yaml @@ -20,7 +20,7 @@ on: required: false type: string description: "Azure Resource Group." - default: "AMU_EphemeralDeployments_201" + default: "AMU_EphemeralDeployments_RG" dockerFilePath: required: false type: string From f8b163259e7baa396d8b041d82bcf538b9d5b093 Mon Sep 17 00:00:00 2001 From: ebronson68 <111298136+ebronson68@users.noreply.github.com> Date: Thu, 5 Oct 2023 15:06:53 -0500 Subject: [PATCH 08/22] add docker build/push step back so that the buildargs get used --- .github/workflows/ephemeral-deploy.yaml | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ephemeral-deploy.yaml b/.github/workflows/ephemeral-deploy.yaml index 34e11277..10f34516 100644 --- a/.github/workflows/ephemeral-deploy.yaml +++ b/.github/workflows/ephemeral-deploy.yaml @@ -153,6 +153,22 @@ jobs: fi echo "buildArguments=${BUILDARGS}" >> $GITHUB_ENV + - name: Login to Azure Container Registry + uses: Azure/docker-login@v1 + with: + login-server: ${{ secrets.registryHostName }} + username: ${{ secrets.registryUserName }} + password: ${{ secrets.registryPassword }} + + - name: Build & Push Docker Image + id: docker + run: | + docker build ${{ inputs.dockerFilePath }} ${{ env.buildArguments }} -t "${{ secrets.registryHostName }}/${{ inputs.dockerImageName }}:${{ needs.prepare.outputs.jiraTicketId }}" + docker push -a "${{ secrets.registryHostName }}/${{ inputs.dockerImageName }}" + + dockerContainerPort=$(docker image inspect "${{ secrets.registryHostName }}/${{ inputs.dockerImageName }}:${{ needs.prepare.outputs.jiraTicketId }}" -f "{{json .Config.ExposedPorts }}" | tr -d '{}":/tcp' | tr "," " ") + echo "dockerContainerPort=${dockerContainerPort}" >> $GITHUB_OUTPUT + - name: Deploy Azure Container App uses: azure/container-apps-deploy-action@v1 with: @@ -160,8 +176,7 @@ jobs: registryUrl: ${{ secrets.registryHostName }} registryUsername: ${{ secrets.registryUserName }} registryPassword: ${{ secrets.registryPassword }} - imageToBuild: ${{ secrets.registryHostName }}/${{ inputs.dockerImageName }}:${{ needs.prepare.outputs.jiraTicketId }} - dockerfilePath: Dockerfile + imageToDeploy: ${{ secrets.registryHostName }}/${{ inputs.dockerImageName }}:${{ needs.prepare.outputs.jiraTicketId }} containerAppName: ${{ needs.prepare.outputs.repositoryName }}-${{ needs.prepare.outputs.jiraTicketIdLc }} resourceGroup: ${{ inputs.clusterResourceGroup }} targetPort: ${{ steps.env-vars.outputs.targetPort }} From 519df128a6edb60aad1a3b792020df953fcb1744 Mon Sep 17 00:00:00 2001 From: ebronson68 <111298136+ebronson68@users.noreply.github.com> Date: Thu, 5 Oct 2023 15:20:58 -0500 Subject: [PATCH 09/22] remove appSourcePath from deploy action to prevent building image when deploying --- .github/workflows/ephemeral-deploy.yaml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/workflows/ephemeral-deploy.yaml b/.github/workflows/ephemeral-deploy.yaml index 10f34516..486e0e6d 100644 --- a/.github/workflows/ephemeral-deploy.yaml +++ b/.github/workflows/ephemeral-deploy.yaml @@ -166,13 +166,9 @@ jobs: docker build ${{ inputs.dockerFilePath }} ${{ env.buildArguments }} -t "${{ secrets.registryHostName }}/${{ inputs.dockerImageName }}:${{ needs.prepare.outputs.jiraTicketId }}" docker push -a "${{ secrets.registryHostName }}/${{ inputs.dockerImageName }}" - dockerContainerPort=$(docker image inspect "${{ secrets.registryHostName }}/${{ inputs.dockerImageName }}:${{ needs.prepare.outputs.jiraTicketId }}" -f "{{json .Config.ExposedPorts }}" | tr -d '{}":/tcp' | tr "," " ") - echo "dockerContainerPort=${dockerContainerPort}" >> $GITHUB_OUTPUT - - name: Deploy Azure Container App uses: azure/container-apps-deploy-action@v1 with: - appSourcePath: ${{ github.workspace }} registryUrl: ${{ secrets.registryHostName }} registryUsername: ${{ secrets.registryUserName }} registryPassword: ${{ secrets.registryPassword }} From 168f2b0039d8fb933dab74f32c42344d122991f3 Mon Sep 17 00:00:00 2001 From: ebronson68 <111298136+ebronson68@users.noreply.github.com> Date: Thu, 5 Oct 2023 15:44:13 -0500 Subject: [PATCH 10/22] Fix empty targetPort input --- .github/workflows/ephemeral-deploy.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ephemeral-deploy.yaml b/.github/workflows/ephemeral-deploy.yaml index 486e0e6d..e004613b 100644 --- a/.github/workflows/ephemeral-deploy.yaml +++ b/.github/workflows/ephemeral-deploy.yaml @@ -102,6 +102,7 @@ jobs: - name: Set environment variables id: env-vars + shell: bash run: | ENVIRONMENT_VARIABLES=$(cat .env) TARGET_PORT=$(grep -Rh "targetPort: " **/values.yaml | awk -F ': ' '{print $2}' | uniq) From 96085dbbc52320758279ddc81ba7d2e34c9e925c Mon Sep 17 00:00:00 2001 From: ebronson68 <111298136+ebronson68@users.noreply.github.com> Date: Thu, 5 Oct 2023 15:51:51 -0500 Subject: [PATCH 11/22] use cat + find in TARGET_PORT var --- .github/workflows/ephemeral-deploy.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ephemeral-deploy.yaml b/.github/workflows/ephemeral-deploy.yaml index e004613b..3179a4c1 100644 --- a/.github/workflows/ephemeral-deploy.yaml +++ b/.github/workflows/ephemeral-deploy.yaml @@ -105,7 +105,7 @@ jobs: shell: bash run: | ENVIRONMENT_VARIABLES=$(cat .env) - TARGET_PORT=$(grep -Rh "targetPort: " **/values.yaml | awk -F ': ' '{print $2}' | uniq) + TARGET_PORT=$(cat $(find . -iname "values.yaml") | grep "targetPort: " | awk -F ': ' '{print $2}' | uniq) echo "targetPort=${TARGET_PORT}" >> $GITHUB_OUTPUT echo "environmentVariables=${ENVIRONMENT_VARIABLES}" >> $GITHUB_OUTPUT From 87af402a5e41e40cacf09f4a255f1b9aad3a4d7b Mon Sep 17 00:00:00 2001 From: ebronson68 <111298136+ebronson68@users.noreply.github.com> Date: Thu, 5 Oct 2023 16:03:44 -0500 Subject: [PATCH 12/22] Fixing only first environment variable being set --- .github/workflows/ephemeral-deploy.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ephemeral-deploy.yaml b/.github/workflows/ephemeral-deploy.yaml index 3179a4c1..97d2a1cd 100644 --- a/.github/workflows/ephemeral-deploy.yaml +++ b/.github/workflows/ephemeral-deploy.yaml @@ -104,7 +104,7 @@ jobs: id: env-vars shell: bash run: | - ENVIRONMENT_VARIABLES=$(cat .env) + ENVIRONMENT_VARIABLES=$(cat .env | tr "\n" " ") TARGET_PORT=$(cat $(find . -iname "values.yaml") | grep "targetPort: " | awk -F ': ' '{print $2}' | uniq) echo "targetPort=${TARGET_PORT}" >> $GITHUB_OUTPUT From 14d509bef8fa986d84901ee4aaf2978d6c209dc9 Mon Sep 17 00:00:00 2001 From: ebronson68 <111298136+ebronson68@users.noreply.github.com> Date: Fri, 6 Oct 2023 11:09:38 -0500 Subject: [PATCH 13/22] Add step to fix NEXT URL variables in container app --- .github/workflows/ephemeral-deploy.yaml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.github/workflows/ephemeral-deploy.yaml b/.github/workflows/ephemeral-deploy.yaml index 97d2a1cd..e1e6f127 100644 --- a/.github/workflows/ephemeral-deploy.yaml +++ b/.github/workflows/ephemeral-deploy.yaml @@ -182,6 +182,14 @@ jobs: ingress: external disableTelemetry: true + - name: Update Next URL variables + if: contains(steps.env-vars.outputs.environmentVariables, 'BASE_URL') + run: | + REPOSITORY_NAME=$(echo ${{ github.event.repository.name }} | awk -F '_' '{print $1}' | tr -d "-") + HOSTNAME=$(az containerapp list --query "[?name == '${{ needs.prepare.outputs.repositoryName }}-${{ needs.prepare.outputs.jiraTicketIdLc }}'].properties.configuration.ingress.fqdn" -o tsv) + az containerapp update -n ${{ needs.prepare.outputs.repositoryName }}-${{ needs.prepare.outputs.jiraTicketIdLc }} -g ${{ inputs.clusterResourceGroup }} --set-env-vars $(cat .env | grep -E "localhost|${REPOSITORY_NAME}.com" | awk -F '=' '{print $1}' | sed "s|$|=https://${HOSTNAME}|g") + + destroy: name: Destroy Azure Container Instance if: ${{ github.event_name == 'pull_request' && github.event.action == 'closed' }} From 4061fd6895e181a7f6044aa574423c125ca5e300 Mon Sep 17 00:00:00 2001 From: ebronson68 <111298136+ebronson68@users.noreply.github.com> Date: Fri, 6 Oct 2023 15:15:16 -0500 Subject: [PATCH 14/22] set environment url from hostname in later step --- .github/workflows/ephemeral-deploy.yaml | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ephemeral-deploy.yaml b/.github/workflows/ephemeral-deploy.yaml index e1e6f127..b994671a 100644 --- a/.github/workflows/ephemeral-deploy.yaml +++ b/.github/workflows/ephemeral-deploy.yaml @@ -88,7 +88,7 @@ jobs: runs-on: ubuntu-latest environment: name: ${{ needs.prepare.outputs.jiraTicketId }} - url: http://${{ needs.prepare.outputs.repositoryName }}-${{ needs.prepare.outputs.jiraTicketIdLc }}.${{ inputs.azureResourceLocation }}.azurecontainer.io + url: ${{ steps.hostname.outputs.hostname }} steps: - name: Checkout code uses: actions/checkout@v3 @@ -182,13 +182,18 @@ jobs: ingress: external disableTelemetry: true + - name: Get Container App Hostname + id: hostname + run: | + HOSTNAME=$(az containerapp list --query "[?name == '${{ needs.prepare.outputs.repositoryName }}-${{ needs.prepare.outputs.jiraTicketIdLc }}'].properties.configuration.ingress.fqdn" -o tsv) + echo "hostname=https://${HOSTNAME}" >> $GITHUB_OUTPUT + - name: Update Next URL variables if: contains(steps.env-vars.outputs.environmentVariables, 'BASE_URL') run: | REPOSITORY_NAME=$(echo ${{ github.event.repository.name }} | awk -F '_' '{print $1}' | tr -d "-") - HOSTNAME=$(az containerapp list --query "[?name == '${{ needs.prepare.outputs.repositoryName }}-${{ needs.prepare.outputs.jiraTicketIdLc }}'].properties.configuration.ingress.fqdn" -o tsv) - az containerapp update -n ${{ needs.prepare.outputs.repositoryName }}-${{ needs.prepare.outputs.jiraTicketIdLc }} -g ${{ inputs.clusterResourceGroup }} --set-env-vars $(cat .env | grep -E "localhost|${REPOSITORY_NAME}.com" | awk -F '=' '{print $1}' | sed "s|$|=https://${HOSTNAME}|g") - + HOSTNAME="${{ steps.hostname.outputs.hostname }}" + az containerapp update -n ${{ needs.prepare.outputs.repositoryName }}-${{ needs.prepare.outputs.jiraTicketIdLc }} -g ${{ inputs.clusterResourceGroup }} --set-env-vars $(cat .env | grep -E "localhost|${REPOSITORY_NAME}.com" | awk -F '=' '{print $1}' | sed "s|$|=${HOSTNAME}|g") destroy: name: Destroy Azure Container Instance From ba638add1ff92bec2c87b4d7955c1f2bbed6175d Mon Sep 17 00:00:00 2001 From: ebronson68 <111298136+ebronson68@users.noreply.github.com> Date: Mon, 9 Oct 2023 09:55:17 -0500 Subject: [PATCH 15/22] Add --yes option onto container delete cmd --- .github/workflows/ephemeral-deploy.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ephemeral-deploy.yaml b/.github/workflows/ephemeral-deploy.yaml index b994671a..8beb1d9f 100644 --- a/.github/workflows/ephemeral-deploy.yaml +++ b/.github/workflows/ephemeral-deploy.yaml @@ -208,7 +208,7 @@ jobs: - name: Delete Azure Resources run: | - az container delete --resource-group ${{ inputs.clusterResourceGroup }} --name ${{ needs.prepare.outputs.repositoryName }}-${{ needs.prepare.outputs.jiraTicketIdLc }} + az container delete --resource-group ${{ inputs.clusterResourceGroup }} --name ${{ needs.prepare.outputs.repositoryName }}-${{ needs.prepare.outputs.jiraTicketIdLc }} --yes az acr repository delete -n ${{ secrets.registryHostName }} --image ${{ inputs.dockerImageName }}:${{ needs.prepare.outputs.jiraTicketId }} - name: Delete deployment environment From 6dd68cc34df257e1305b4ba05a47d744ec59f0ab Mon Sep 17 00:00:00 2001 From: ebronson68 <111298136+ebronson68@users.noreply.github.com> Date: Mon, 9 Oct 2023 09:56:42 -0500 Subject: [PATCH 16/22] Add --yes option to acr repository delete cmd --- .github/workflows/ephemeral-deploy.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ephemeral-deploy.yaml b/.github/workflows/ephemeral-deploy.yaml index 8beb1d9f..d84c3f30 100644 --- a/.github/workflows/ephemeral-deploy.yaml +++ b/.github/workflows/ephemeral-deploy.yaml @@ -209,7 +209,7 @@ jobs: - name: Delete Azure Resources run: | az container delete --resource-group ${{ inputs.clusterResourceGroup }} --name ${{ needs.prepare.outputs.repositoryName }}-${{ needs.prepare.outputs.jiraTicketIdLc }} --yes - az acr repository delete -n ${{ secrets.registryHostName }} --image ${{ inputs.dockerImageName }}:${{ needs.prepare.outputs.jiraTicketId }} + az acr repository delete -n ${{ secrets.registryHostName }} --image ${{ inputs.dockerImageName }}:${{ needs.prepare.outputs.jiraTicketId }} --yes - name: Delete deployment environment uses: strumwolf/delete-deployment-environment@v2 From a96f98649399bf7b0008f741dba946c565360f0e Mon Sep 17 00:00:00 2001 From: ebronson68 <111298136+ebronson68@users.noreply.github.com> Date: Mon, 9 Oct 2023 10:00:54 -0500 Subject: [PATCH 17/22] add githubPAT secret --- .github/workflows/ephemeral-deploy.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ephemeral-deploy.yaml b/.github/workflows/ephemeral-deploy.yaml index d84c3f30..13e65d4c 100644 --- a/.github/workflows/ephemeral-deploy.yaml +++ b/.github/workflows/ephemeral-deploy.yaml @@ -45,6 +45,8 @@ on: required: true registryPassword: required: true + githubPAT: + required: true env: githubPrBranch: ${{ github.head_ref }} @@ -214,6 +216,6 @@ jobs: - name: Delete deployment environment uses: strumwolf/delete-deployment-environment@v2 with: - token: ${{ secrets.PAT_ACTION_CI }} + token: ${{ secrets.githubPAT }} environment: ${{ needs.prepare.outputs.jiraTicketId }} ref: ${{ github.ref_name }} From c1b79993399769b98e5553c0be94dd2d88f8a82d Mon Sep 17 00:00:00 2001 From: ebronson68 <111298136+ebronson68@users.noreply.github.com> Date: Mon, 9 Oct 2023 10:56:18 -0500 Subject: [PATCH 18/22] Fix container app deletion cmd --- .github/workflows/ephemeral-deploy.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ephemeral-deploy.yaml b/.github/workflows/ephemeral-deploy.yaml index 13e65d4c..54641e56 100644 --- a/.github/workflows/ephemeral-deploy.yaml +++ b/.github/workflows/ephemeral-deploy.yaml @@ -210,7 +210,7 @@ jobs: - name: Delete Azure Resources run: | - az container delete --resource-group ${{ inputs.clusterResourceGroup }} --name ${{ needs.prepare.outputs.repositoryName }}-${{ needs.prepare.outputs.jiraTicketIdLc }} --yes + az containerapp delete --resource-group ${{ inputs.clusterResourceGroup }} --name ${{ needs.prepare.outputs.repositoryName }}-${{ needs.prepare.outputs.jiraTicketIdLc }} --yes az acr repository delete -n ${{ secrets.registryHostName }} --image ${{ inputs.dockerImageName }}:${{ needs.prepare.outputs.jiraTicketId }} --yes - name: Delete deployment environment From 99aed93075417b59511d026a5431f9346c7da01e Mon Sep 17 00:00:00 2001 From: ebronson68 <111298136+ebronson68@users.noreply.github.com> Date: Mon, 9 Oct 2023 12:52:01 -0500 Subject: [PATCH 19/22] Resolve shellcheck SC2002 and SC2046 errors --- .github/workflows/ephemeral-deploy.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ephemeral-deploy.yaml b/.github/workflows/ephemeral-deploy.yaml index 54641e56..024b9eec 100644 --- a/.github/workflows/ephemeral-deploy.yaml +++ b/.github/workflows/ephemeral-deploy.yaml @@ -106,8 +106,8 @@ jobs: id: env-vars shell: bash run: | - ENVIRONMENT_VARIABLES=$(cat .env | tr "\n" " ") - TARGET_PORT=$(cat $(find . -iname "values.yaml") | grep "targetPort: " | awk -F ': ' '{print $2}' | uniq) + ENVIRONMENT_VARIABLES=$(tr "\n" " " < .env) + TARGET_PORT=$(find . -iname "values.yaml" -exec grep "targetPort: " {} \; | awk -F ': ' '{print $2}' | uniq) echo "targetPort=${TARGET_PORT}" >> $GITHUB_OUTPUT echo "environmentVariables=${ENVIRONMENT_VARIABLES}" >> $GITHUB_OUTPUT @@ -193,9 +193,9 @@ jobs: - name: Update Next URL variables if: contains(steps.env-vars.outputs.environmentVariables, 'BASE_URL') run: | - REPOSITORY_NAME=$(echo ${{ github.event.repository.name }} | awk -F '_' '{print $1}' | tr -d "-") + REPOSITORY_NAME="$(echo ${{ github.event.repository.name }} | awk -F '_' '{print $1}' | tr -d "-")" HOSTNAME="${{ steps.hostname.outputs.hostname }}" - az containerapp update -n ${{ needs.prepare.outputs.repositoryName }}-${{ needs.prepare.outputs.jiraTicketIdLc }} -g ${{ inputs.clusterResourceGroup }} --set-env-vars $(cat .env | grep -E "localhost|${REPOSITORY_NAME}.com" | awk -F '=' '{print $1}' | sed "s|$|=${HOSTNAME}|g") + az containerapp update -n "${{ needs.prepare.outputs.repositoryName }}-${{ needs.prepare.outputs.jiraTicketIdLc }}" -g "${{ inputs.clusterResourceGroup }}" --set-env-vars $(grep -E "localhost|${REPOSITORY_NAME}.com" .env | awk -F '=' '{print $1}' | sed "s|$|=${HOSTNAME}|g") destroy: name: Destroy Azure Container Instance From ecea9f020967a65a8b98f710c8f31ba88d967855 Mon Sep 17 00:00:00 2001 From: ebronson68 <111298136+ebronson68@users.noreply.github.com> Date: Mon, 9 Oct 2023 12:53:01 -0500 Subject: [PATCH 20/22] Fixing shellcheck SC2046 warning --- .github/workflows/ephemeral-deploy.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ephemeral-deploy.yaml b/.github/workflows/ephemeral-deploy.yaml index 024b9eec..f251a094 100644 --- a/.github/workflows/ephemeral-deploy.yaml +++ b/.github/workflows/ephemeral-deploy.yaml @@ -193,7 +193,7 @@ jobs: - name: Update Next URL variables if: contains(steps.env-vars.outputs.environmentVariables, 'BASE_URL') run: | - REPOSITORY_NAME="$(echo ${{ github.event.repository.name }} | awk -F '_' '{print $1}' | tr -d "-")" + REPOSITORY_NAME=$(echo "${{ github.event.repository.name }}" | awk -F '_' '{print $1}' | tr -d "-") HOSTNAME="${{ steps.hostname.outputs.hostname }}" az containerapp update -n "${{ needs.prepare.outputs.repositoryName }}-${{ needs.prepare.outputs.jiraTicketIdLc }}" -g "${{ inputs.clusterResourceGroup }}" --set-env-vars $(grep -E "localhost|${REPOSITORY_NAME}.com" .env | awk -F '=' '{print $1}' | sed "s|$|=${HOSTNAME}|g") From db4d3df1e9a42854096f1abae68e3081b8ff0728 Mon Sep 17 00:00:00 2001 From: ebronson68 <111298136+ebronson68@users.noreply.github.com> Date: Mon, 9 Oct 2023 13:00:21 -0500 Subject: [PATCH 21/22] Fixing SC2046 shellchecck warning --- .github/workflows/ephemeral-deploy.yaml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ephemeral-deploy.yaml b/.github/workflows/ephemeral-deploy.yaml index f251a094..61e3b055 100644 --- a/.github/workflows/ephemeral-deploy.yaml +++ b/.github/workflows/ephemeral-deploy.yaml @@ -195,7 +195,12 @@ jobs: run: | REPOSITORY_NAME=$(echo "${{ github.event.repository.name }}" | awk -F '_' '{print $1}' | tr -d "-") HOSTNAME="${{ steps.hostname.outputs.hostname }}" - az containerapp update -n "${{ needs.prepare.outputs.repositoryName }}-${{ needs.prepare.outputs.jiraTicketIdLc }}" -g "${{ inputs.clusterResourceGroup }}" --set-env-vars $(grep -E "localhost|${REPOSITORY_NAME}.com" .env | awk -F '=' '{print $1}' | sed "s|$|=${HOSTNAME}|g") + URL_VARS="" + for var in $(grep -E "localhost|${REPOSITORY_NAME}.com" .env | awk -F '=' '{print $1}' | sed "s|$|=${HOSTNAME}|g"); do + URL_VARS+="$var " + done + + az containerapp update -n "${{ needs.prepare.outputs.repositoryName }}-${{ needs.prepare.outputs.jiraTicketIdLc }}" -g "${{ inputs.clusterResourceGroup }}" --set-env-vars "${URL_VARS}" destroy: name: Destroy Azure Container Instance From 1d30efa3b820971734bd1c9c93a5a012ee7cc61b Mon Sep 17 00:00:00 2001 From: ebronson68 <111298136+ebronson68@users.noreply.github.com> Date: Mon, 9 Oct 2023 13:02:26 -0500 Subject: [PATCH 22/22] Resolving shellcheck SC2013 warning --- .github/workflows/ephemeral-deploy.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ephemeral-deploy.yaml b/.github/workflows/ephemeral-deploy.yaml index 61e3b055..7f12b6d6 100644 --- a/.github/workflows/ephemeral-deploy.yaml +++ b/.github/workflows/ephemeral-deploy.yaml @@ -196,9 +196,10 @@ jobs: REPOSITORY_NAME=$(echo "${{ github.event.repository.name }}" | awk -F '_' '{print $1}' | tr -d "-") HOSTNAME="${{ steps.hostname.outputs.hostname }}" URL_VARS="" - for var in $(grep -E "localhost|${REPOSITORY_NAME}.com" .env | awk -F '=' '{print $1}' | sed "s|$|=${HOSTNAME}|g"); do + while IFS= read -r line; do + var=$(echo "$line" | awk -F '=' '{print $1}' | sed "s|$|=${HOSTNAME}|g") URL_VARS+="$var " - done + done < <(grep -E "localhost|${REPOSITORY_NAME}.com" .env) az containerapp update -n "${{ needs.prepare.outputs.repositoryName }}-${{ needs.prepare.outputs.jiraTicketIdLc }}" -g "${{ inputs.clusterResourceGroup }}" --set-env-vars "${URL_VARS}"