Skip to content

Commit c943b21

Browse files
tjementumtjementum
committed
Use az acr import to transfer container images from staging to production container registry
1 parent 94c95be commit c943b21

File tree

1 file changed

+30
-2
lines changed

1 file changed

+30
-2
lines changed

.github/workflows/_deploy-container.yml

Lines changed: 30 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -67,7 +67,6 @@ jobs:
6767
--platform linux/amd64,linux/arm64 \
6868
--build-arg VERSION=${{ inputs.version }} \
6969
-t ${{ env.UNIQUE_PREFIX }}${{ env.ENVIRONMENT }}.azurecr.io/${{ inputs.image_name }}:${{ inputs.version }} \
70-
-t ${{ env.UNIQUE_PREFIX }}${{ env.ENVIRONMENT }}.azurecr.io/${{ inputs.image_name }}:latest \
7170
-f ${{ inputs.docker_file }} \
7271
--push .
7372
docker buildx rm
@@ -106,19 +105,48 @@ jobs:
106105
env:
107106
UNIQUE_PREFIX: ${{ vars.UNIQUE_PREFIX }}
108107
ENVIRONMENT: "prod"
108+
STAGING_ENVIRONMENT: "stage"
109109
CLUSTER_LOCATION_ACRONYM: ${{ vars.PRODUCTION_CLUSTER1_LOCATION_ACRONYM }}
110110
SERVICE_PRINCIPAL_ID: ${{ vars.PRODUCTION_SERVICE_PRINCIPAL_ID }}
111+
STAGING_SERVICE_PRINCIPAL_ID: ${{ vars.STAGING_SERVICE_PRINCIPAL_ID }}
111112
TENANT_ID: ${{ vars.TENANT_ID }}
112113
SUBSCRIPTION_ID: ${{ vars.PRODUCTION_SUBSCRIPTION_ID }}
114+
STAGING_SUBSCRIPTION_ID: ${{ vars.STAGING_SUBSCRIPTION_ID }}
113115

114116
steps:
115-
- name: Login to Azure
117+
- name: Login to Azure (Staging)
118+
uses: azure/login@v2
119+
with:
120+
client-id: ${{ env.STAGING_SERVICE_PRINCIPAL_ID }}
121+
tenant-id: ${{ env.TENANT_ID }}
122+
subscription-id: ${{ env.STAGING_SUBSCRIPTION_ID }}
123+
124+
- name: Get Access Token for Staging Azure Subscription
125+
id: staging_tokens
126+
run: |
127+
STAGING_TOKEN=$(az account get-access-token --resource https://management.azure.com --query accessToken -o tsv)
128+
echo "::add-mask::$STAGING_TOKEN"
129+
echo "access_token=$STAGING_TOKEN" >> $GITHUB_OUTPUT
130+
131+
- name: Login to Azure (Production)
116132
uses: azure/login@v2
117133
with:
118134
client-id: ${{ env.SERVICE_PRINCIPAL_ID }}
119135
tenant-id: ${{ env.TENANT_ID }}
120136
subscription-id: ${{ env.SUBSCRIPTION_ID }}
121137

138+
- name: Login to ACR
139+
run: az acr login --name ${{ env.UNIQUE_PREFIX }}${{ env.ENVIRONMENT }}
140+
141+
- name: Import Container Image from Staging to Production
142+
run: |
143+
az acr import \
144+
--name ${{ env.UNIQUE_PREFIX }}${{ env.ENVIRONMENT }} \
145+
--source ${{ env.UNIQUE_PREFIX }}${{ env.STAGING_ENVIRONMENT }}.azurecr.io/${{ inputs.image_name }}:${{ inputs.version }} \
146+
--image ${{ inputs.image_name }}:${{ inputs.version }} \
147+
--password ${{ steps.staging_tokens.outputs.access_token }} \
148+
--force
149+
122150
- name: Deploy Container
123151
run: |
124152
SUFFIX=$(echo "${{ inputs.version }}" | sed 's/\./-/g')

0 commit comments

Comments
 (0)