diff --git a/.github/workflows/joytest.yml b/.github/workflows/joytest.yml new file mode 100644 index 0000000..7494312 --- /dev/null +++ b/.github/workflows/joytest.yml @@ -0,0 +1,175 @@ +# This workflow will build and push an application to a Azure Kubernetes Service (AKS) cluster when you push your code +# +# This workflow assumes you have already created the target AKS cluster and have created an Azure Container Registry (ACR) +# The ACR should be attached to the AKS cluster +# For instructions see: +# - https://docs.microsoft.com/en-us/azure/aks/kubernetes-walkthrough-portal +# - https://docs.microsoft.com/en-us/azure/container-registry/container-registry-get-started-portal +# - https://learn.microsoft.com/en-us/azure/aks/cluster-container-registry-integration?tabs=azure-cli#configure-acr-integration-for-existing-aks-clusters +# - https://github.com/Azure/aks-create-action +# +# To configure this workflow: +# +# 1. Set the following secrets in your repository (instructions for getting these can be found at https://docs.microsoft.com/en-us/azure/developer/github/connect-from-azure?tabs=azure-cli%2Clinux): +# - AZURE_CLIENT_ID +# - AZURE_TENANT_ID +# - AZURE_SUBSCRIPTION_ID +# +# 2. Set the following environment variables (or replace the values below): +# - ACR_RESOURCE_GROUP (resource group of your ACR) +# - AZURE_CONTAINER_REGISTRY (name of your container registry / ACR) +# - CLUSTER_NAME (name of the resource to deploy to - fleet name or managed cluster name) +# - CLUSTER_RESOURCE_GROUP (where your cluster is deployed) +# - CLUSTER_RESOURCE_TYPE (type of resource to deploy to, either 'Microsoft.ContainerService/fleets' or 'Microsoft.ContainerService/managedClusters') +# - CONTAINER_NAME (name of the container image you would like to push up to your ACR) +# - DEPLOYMENT_MANIFEST_PATH (path to the manifest yaml for your deployment) +# - DOCKER_FILE (path to your Dockerfile) +# - BUILD_CONTEXT_PATH (path to the context of your Dockerfile) +# - NAMESPACE (namespace to deploy your application) +# For more information on GitHub Actions for Azure, refer to https://github.com/Azure/Actions +# For more samples to get started with GitHub Action workflows to deploy to Azure, refer to https://github.com/Azure/actions-workflow-samples +# For more options with the actions used below please refer to https://github.com/Azure/login + +name: joytest + +on: + push: + branches: [main] + workflow_dispatch: + +env: + ACR_RESOURCE_GROUP: sumin-rg + AZURE_CONTAINER_REGISTRY: skacr3 + CONTAINER_NAME: image-workflow-1748903609232 + CLUSTER_NAME: brianhautest + CLUSTER_RESOURCE_GROUP: Brian + CLUSTER_RESOURCE_TYPE: Microsoft.ContainerService/managedClusters + DEPLOYMENT_MANIFEST_PATH: | + ./k8s-specifications/db-deployment.yaml + ./k8s-specifications/db-service.yaml + ./k8s-specifications/redis-deployment.yaml + ./k8s-specifications/redis-service.yaml + ./k8s-specifications/result-deployment.yaml + ./k8s-specifications/result-service.yaml + ./k8s-specifications/vote-deployment.yaml + ./k8s-specifications/vote-service.yaml + ./k8s-specifications/worker-deployment.yaml + DOCKER_FILE: ./docker-compose.yml + BUILD_CONTEXT_PATH: ./ + NAMESPACE: namespace-workflow-1748903609232 + ENABLENAMESPACECREATION: false + AUTH_TYPE: SERVICE_PRINCIPAL + +jobs: + buildImage: + permissions: + contents: read + id-token: write + runs-on: ubuntu-latest + steps: + # Checks out the repository this file is in + - uses: actions/checkout@v3 + + # Logs in with your Azure credentials + - name: Azure login + uses: azure/login@v2.2.0 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + auth-type: ${{ env.AUTH_TYPE }} + + # Builds and pushes an image up to your Azure Container Registry + - name: Build and push image to ACR + run: | + az acr build --image ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }} --registry ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.ACR_RESOURCE_GROUP }} -f ${{ env.DOCKER_FILE }} ${{ env.BUILD_CONTEXT_PATH }} + deploy: + permissions: + actions: read + contents: read + id-token: write + runs-on: ubuntu-latest + needs: [buildImage] + steps: + # Checks out the repository this file is in + - uses: actions/checkout@v3 + + # Logs in with your Azure credentials + - name: Azure login + uses: azure/login@v2.2.0 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + auth-type: ${{ env.AUTH_TYPE }} + + # Use kubelogin to configure your kubeconfig for Azure auth + - name: Set up kubelogin for non-interactive login + uses: azure/use-kubelogin@v1 + with: + kubelogin-version: 'v0.0.25' + + # Retrieves your Azure Kubernetes Service cluster's kubeconfig file + - name: Get K8s context + uses: azure/aks-set-context@v4 + with: + resource-group: ${{ env.CLUSTER_RESOURCE_GROUP }} + cluster-name: ${{ env.CLUSTER_NAME }} + admin: 'false' + use-kubelogin: 'true' + resource-type: ${{ env.CLUSTER_RESOURCE_TYPE }} + + # Checks if the AKS cluster is private + - name: Is private cluster + if: ${{ env.CLUSTER_RESOURCE_TYPE != 'Microsoft.ContainerService/fleets' }} + id: isPrivate + run: | + result=$(az aks show --resource-group ${{ env.CLUSTER_RESOURCE_GROUP }} --name ${{ env.CLUSTER_NAME }} --query "apiServerAccessProfile.enablePrivateCluster") + echo "PRIVATE_CLUSTER=$result" >> "$GITHUB_OUTPUT" + + # Create Namespace + - name: Create Namespace + if: ${{ env.ENABLENAMESPACECREATION == 'true' }} + run: | + if [ ${{ steps.isPrivate.outputs.PRIVATE_CLUSTER}} == 'true' ]; then + command_id=$(az aks command invoke --resource-group ${{ env.CLUSTER_RESOURCE_GROUP }} --name ${{ env.CLUSTER_NAME }} --command "kubectl get namespace ${{ env.NAMESPACE }} || kubectl create namespace ${{ env.NAMESPACE }}" --query id -o tsv) + result=$(az aks command result --resource-group ${{ env.CLUSTER_RESOURCE_GROUP }} --name ${{ env.CLUSTER_NAME }} --command-id $command_id) + echo "Command Result: $result" + exitCode=$(az aks command result --resource-group ${{ env.CLUSTER_RESOURCE_GROUP }} --name ${{ env.CLUSTER_NAME }} --command-id $command_id --query exitCode -o tsv) + if [ $exitCode -ne 0 ]; then + exit $exitCode + fi + else + kubectl get namespace ${{ env.NAMESPACE }} || kubectl create namespace ${{ env.NAMESPACE }} + fi + + # Validate Namespace exists + - name: Validate Namespace Exists + run: | + if [ ${{ steps.isPrivate.outputs.PRIVATE_CLUSTER}} == 'true' ]; then + command_id=$(az aks command invoke --resource-group ${{ env.CLUSTER_RESOURCE_GROUP }} --name ${{ env.CLUSTER_NAME }} --command "kubectl get namespace ${{ env.NAMESPACE }}" --query id -o tsv) + result=$(az aks command result --resource-group ${{ env.CLUSTER_RESOURCE_GROUP }} --name ${{ env.CLUSTER_NAME }} --command-id $command_id) + echo "Command Result: $result" + exitCode=$(az aks command result --resource-group ${{ env.CLUSTER_RESOURCE_GROUP }} --name ${{ env.CLUSTER_NAME }} --command-id $command_id --query exitCode -o tsv) + if [ $exitCode -ne 0 ]; then + exit $exitCode + fi + else + kubectl get namespace ${{ env.NAMESPACE }} + fi + + # Deploys application based on given manifest file + - name: Deploys application + uses: Azure/k8s-deploy@v5 + with: + action: deploy + manifests: ${{ env.DEPLOYMENT_MANIFEST_PATH }} + images: | + ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }} + resource-group: ${{ env.CLUSTER_RESOURCE_GROUP }} + name: ${{ env.CLUSTER_NAME }} + private-cluster: ${{ steps.isPrivate.outputs.PRIVATE_CLUSTER == 'true' }} + namespace: ${{ env.NAMESPACE }} + resource-type: ${{ env.CLUSTER_RESOURCE_TYPE }} + annotate-namespace: ${{ env.CLUSTER_RESOURCE_TYPE != 'Microsoft.ContainerService/fleets' }} +