Skip to content

Commit 58cd684

Browse files
MirceaOvidiuMirceaOvidiu
authored
Merge pull request #1 from MirceaOvidiu/aks-devhub-ujrhl
Add workflow to deploy to AKS
2 parents 8bc643c + 1680fc2 commit 58cd684

File tree

1 file changed

+166
-0
lines changed

1 file changed

+166
-0
lines changed

.github/workflows/kolorworkflow.yml

Lines changed: 166 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,166 @@
1+
# This workflow will build and push an application to a Azure Kubernetes Service (AKS) cluster when you push your code
2+
#
3+
# This workflow assumes you have already created the target AKS cluster and have created an Azure Container Registry (ACR)
4+
# The ACR should be attached to the AKS cluster
5+
# For instructions see:
6+
# - https://docs.microsoft.com/en-us/azure/aks/kubernetes-walkthrough-portal
7+
# - https://docs.microsoft.com/en-us/azure/container-registry/container-registry-get-started-portal
8+
# - https://learn.microsoft.com/en-us/azure/aks/cluster-container-registry-integration?tabs=azure-cli#configure-acr-integration-for-existing-aks-clusters
9+
# - https://github.com/Azure/aks-create-action
10+
#
11+
# To configure this workflow:
12+
#
13+
# 1. Set the following secrets in your repository (instructions for getting these can be found at https://docs.microsoft.com/en-us/azure/developer/github/connect-from-azure?tabs=azure-cli%2Clinux):
14+
# - AZURE_CLIENT_ID
15+
# - AZURE_TENANT_ID
16+
# - AZURE_SUBSCRIPTION_ID
17+
#
18+
# 2. Set the following environment variables (or replace the values below):
19+
# - ACR_RESOURCE_GROUP (resource group of your ACR)
20+
# - AZURE_CONTAINER_REGISTRY (name of your container registry / ACR)
21+
# - CLUSTER_NAME (name of the resource to deploy to - fleet name or managed cluster name)
22+
# - CLUSTER_RESOURCE_GROUP (where your cluster is deployed)
23+
# - CLUSTER_RESOURCE_TYPE (type of resource to deploy to, either 'Microsoft.ContainerService/fleets' or 'Microsoft.ContainerService/managedClusters')
24+
# - CONTAINER_NAME (name of the container image you would like to push up to your ACR)
25+
# - DEPLOYMENT_MANIFEST_PATH (path to the manifest yaml for your deployment)
26+
# - DOCKER_FILE (path to your Dockerfile)
27+
# - BUILD_CONTEXT_PATH (path to the context of your Dockerfile)
28+
# - NAMESPACE (namespace to deploy your application)
29+
# For more information on GitHub Actions for Azure, refer to https://github.com/Azure/Actions
30+
# For more samples to get started with GitHub Action workflows to deploy to Azure, refer to https://github.com/Azure/actions-workflow-samples
31+
# For more options with the actions used below please refer to https://github.com/Azure/login
32+
33+
name: kolorworkflow
34+
35+
on:
36+
push:
37+
branches: [master]
38+
workflow_dispatch:
39+
40+
env:
41+
ACR_RESOURCE_GROUP: KolorResourceGroup
42+
AZURE_CONTAINER_REGISTRY: ca07d0c6a921acr
43+
CONTAINER_NAME: image-workflow-1745667392888
44+
CLUSTER_NAME: KolorClusterv2
45+
CLUSTER_RESOURCE_GROUP: KolorResourceGroup
46+
CLUSTER_RESOURCE_TYPE: Microsoft.ContainerService/managedClusters
47+
DEPLOYMENT_MANIFEST_PATH: |
48+
./kolorK8S.yaml
49+
DOCKER_FILE: ./kolorK8S.yaml
50+
BUILD_CONTEXT_PATH: ./
51+
NAMESPACE: namespace-workflow-1745667392888
52+
ENABLENAMESPACECREATION: false
53+
AUTH_TYPE: SERVICE_PRINCIPAL
54+
55+
jobs:
56+
buildImage:
57+
permissions:
58+
contents: read
59+
id-token: write
60+
runs-on: ubuntu-latest
61+
steps:
62+
# Checks out the repository this file is in
63+
- uses: actions/checkout@v3
64+
65+
# Logs in with your Azure credentials
66+
- name: Azure login
67+
uses: azure/login@v2.2.0
68+
with:
69+
client-id: ${{ secrets.AZURE_CLIENT_ID }}
70+
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
71+
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
72+
auth-type: ${{ env.AUTH_TYPE }}
73+
74+
# Builds and pushes an image up to your Azure Container Registry
75+
- name: Build and push image to ACR
76+
run: |
77+
az acr build --image ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }} --registry ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.ACR_RESOURCE_GROUP }} -f ${{ env.DOCKER_FILE }} ${{ env.BUILD_CONTEXT_PATH }}
78+
deploy:
79+
permissions:
80+
actions: read
81+
contents: read
82+
id-token: write
83+
runs-on: ubuntu-latest
84+
needs: [buildImage]
85+
steps:
86+
# Checks out the repository this file is in
87+
- uses: actions/checkout@v3
88+
89+
# Logs in with your Azure credentials
90+
- name: Azure login
91+
uses: azure/login@v2.2.0
92+
with:
93+
client-id: ${{ secrets.AZURE_CLIENT_ID }}
94+
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
95+
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
96+
auth-type: ${{ env.AUTH_TYPE }}
97+
98+
# Use kubelogin to configure your kubeconfig for Azure auth
99+
- name: Set up kubelogin for non-interactive login
100+
uses: azure/use-kubelogin@v1
101+
with:
102+
kubelogin-version: 'v0.0.25'
103+
104+
# Retrieves your Azure Kubernetes Service cluster's kubeconfig file
105+
- name: Get K8s context
106+
uses: azure/aks-set-context@v4
107+
with:
108+
resource-group: ${{ env.CLUSTER_RESOURCE_GROUP }}
109+
cluster-name: ${{ env.CLUSTER_NAME }}
110+
admin: 'false'
111+
use-kubelogin: 'true'
112+
resource-type: ${{ env.CLUSTER_RESOURCE_TYPE }}
113+
114+
# Checks if the AKS cluster is private
115+
- name: Is private cluster
116+
if: ${{ env.CLUSTER_RESOURCE_TYPE != 'Microsoft.ContainerService/fleets' }}
117+
id: isPrivate
118+
run: |
119+
result=$(az aks show --resource-group ${{ env.CLUSTER_RESOURCE_GROUP }} --name ${{ env.CLUSTER_NAME }} --query "apiServerAccessProfile.enablePrivateCluster")
120+
echo "PRIVATE_CLUSTER=$result" >> "$GITHUB_OUTPUT"
121+
122+
# Create Namespace
123+
- name: Create Namespace
124+
if: ${{ env.ENABLENAMESPACECREATION == 'true' }}
125+
run: |
126+
if [ ${{ steps.isPrivate.outputs.PRIVATE_CLUSTER}} == 'true' ]; then
127+
command_id=$(az aks command invoke --resource-group ${{ env.CLUSTER_RESOURCE_GROUP }} --name ${{ env.CLUSTER_NAME }} --command "kubectl get namespace ${{ env.NAMESPACE }} || kubectl create namespace ${{ env.NAMESPACE }}" --query id -o tsv)
128+
result=$(az aks command result --resource-group ${{ env.CLUSTER_RESOURCE_GROUP }} --name ${{ env.CLUSTER_NAME }} --command-id $command_id)
129+
echo "Command Result: $result"
130+
exitCode=$(az aks command result --resource-group ${{ env.CLUSTER_RESOURCE_GROUP }} --name ${{ env.CLUSTER_NAME }} --command-id $command_id --query exitCode -o tsv)
131+
if [ $exitCode -ne 0 ]; then
132+
exit $exitCode
133+
fi
134+
else
135+
kubectl get namespace ${{ env.NAMESPACE }} || kubectl create namespace ${{ env.NAMESPACE }}
136+
fi
137+
138+
# Validate Namespace exists
139+
- name: Validate Namespace Exists
140+
run: |
141+
if [ ${{ steps.isPrivate.outputs.PRIVATE_CLUSTER}} == 'true' ]; then
142+
command_id=$(az aks command invoke --resource-group ${{ env.CLUSTER_RESOURCE_GROUP }} --name ${{ env.CLUSTER_NAME }} --command "kubectl get namespace ${{ env.NAMESPACE }}" --query id -o tsv)
143+
result=$(az aks command result --resource-group ${{ env.CLUSTER_RESOURCE_GROUP }} --name ${{ env.CLUSTER_NAME }} --command-id $command_id)
144+
echo "Command Result: $result"
145+
exitCode=$(az aks command result --resource-group ${{ env.CLUSTER_RESOURCE_GROUP }} --name ${{ env.CLUSTER_NAME }} --command-id $command_id --query exitCode -o tsv)
146+
if [ $exitCode -ne 0 ]; then
147+
exit $exitCode
148+
fi
149+
else
150+
kubectl get namespace ${{ env.NAMESPACE }}
151+
fi
152+
153+
# Deploys application based on given manifest file
154+
- name: Deploys application
155+
uses: Azure/k8s-deploy@v5
156+
with:
157+
action: deploy
158+
manifests: ${{ env.DEPLOYMENT_MANIFEST_PATH }}
159+
images: |
160+
${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }}
161+
resource-group: ${{ env.CLUSTER_RESOURCE_GROUP }}
162+
name: ${{ env.CLUSTER_NAME }}
163+
private-cluster: ${{ steps.isPrivate.outputs.PRIVATE_CLUSTER == 'true' }}
164+
namespace: ${{ env.NAMESPACE }}
165+
resource-type: ${{ env.CLUSTER_RESOURCE_TYPE }}
166+

0 commit comments

Comments
 (0)