From 1072ecec605d861fed66e07768edea397acdcec5 Mon Sep 17 00:00:00 2001 From: Tommy Barnes Date: Thu, 24 Feb 2022 14:20:33 -0500 Subject: [PATCH] Reworked AKS deployment workflows (#1403) * rebased to partner_templates * Renaming workflow * Updated corresponding properties.json files for the new aks workflows under deployments. * Updated properties.json titles for aks workflows * Renamed SECRET_NAME to IMAGE_PULL_SECRET_NAME * Moved permissions down to the job level * Updated documentation links * Updated permission for action to read * Removing redundant permissions * write -> read for actions * Updated descriptions * Less reference documentation in header * Added comments to each AKS Starter Workflow step Co-authored-by: Tommy Barnes --- deployments/azure-kubernetes-service-helm.yml | 122 +++++++++++++++++ .../azure-kubernetes-service-kompose.yml | 111 ++++++++++++++++ .../azure-kubernetes-service-kustomize.yml | 117 ++++++++++++++++ deployments/azure-kubernetes-service.yml | 125 +++++++++++------- ...re-kubernetes-service-helm.properties.json | 7 + ...kubernetes-service-kompose.properties.json | 7 + ...bernetes-service-kustomize.properties.json | 7 + .../azure-kubernetes-service.properties.json | 6 +- 8 files changed, 449 insertions(+), 53 deletions(-) create mode 100644 deployments/azure-kubernetes-service-helm.yml create mode 100644 deployments/azure-kubernetes-service-kompose.yml create mode 100644 deployments/azure-kubernetes-service-kustomize.yml create mode 100644 deployments/properties/azure-kubernetes-service-helm.properties.json create mode 100644 deployments/properties/azure-kubernetes-service-kompose.properties.json create mode 100644 deployments/properties/azure-kubernetes-service-kustomize.properties.json diff --git a/deployments/azure-kubernetes-service-helm.yml b/deployments/azure-kubernetes-service-helm.yml new file mode 100644 index 0000000000..506819d2a2 --- /dev/null +++ b/deployments/azure-kubernetes-service-helm.yml @@ -0,0 +1,122 @@ +# This workflow will build and push an application to a Azure Kubernetes Service (AKS) cluster when you push your code +# +# This workflow assumes you have already created the target AKS cluster and have created an Azure Container Registry (ACR) +# For instructions see: +# - https://docs.microsoft.com/en-us/azure/aks/kubernetes-walkthrough-portal +# - https://docs.microsoft.com/en-us/azure/container-registry/container-registry-get-started-portal +# - https://github.com/Azure/aks-create-action +# +# To configure this workflow: +# +# 1. Set the following secrets in your repository (instructions for getting these +# https://github.com/Azure/login#configure-a-service-principal-with-a-federated-credential-to-use-oidc-based-authentication): +# - AZURE_CLIENT_ID +# - AZURE_TENANT_ID +# - AZURE_SUBSCRIPTION_ID +# +# 2. Set the following environment variables (or replace the values below): +# - AZURE_CONTAINER_REGISTRY (name of your container registry / ACR) +# - RESOURCE_GROUP (where your cluster is deployed) +# - CLUSTER_NAME (name of your AKS cluster) +# - CONTAINER_NAME (name of the container image you would like to push up to your ACR) +# - SECRET_NAME (name of the secret associated with pulling your ACR image) +# +# 3. Choose the appropriate render engine for the bake step https://github.com/Azure/k8s-bake. The config below assumes Helm. +# Set your helmChart, overrideFiles, overrides, and helm-version to suit your configuration. +# - CHART_PATH (path to your helm chart) +# - CHART_OVERRIDE_PATH (path to your helm chart with override values) +# +# For more information on GitHub Actions for Azure, refer to https://github.com/Azure/Actions +# For more samples to get started with GitHub Action workflows to deploy to Azure, refer to https://github.com/Azure/actions-workflow-samples +# For more options with the actions used below please refer to https://github.com/Azure/login + +name: Build and deploy an app to AKS with Helm + +on: + push: + branches: + - $default-branch + workflow_dispatch: + +env: + AZURE_CONTAINER_REGISTRY: "your-azure-container-registry" + CONTAINER_NAME: "your-container-name" + RESOURCE_GROUP: "your-resource-group" + CLUSTER_NAME: "your-cluster-name" + IMAGE_PULL_SECRET_NAME: "your-image-pull-secret-name" + CHART_PATH: "your-chart-path" + CHART_OVERRIDE_PATH: "your-chart-override-path" + +jobs: + build: + permissions: + actions: read + contents: read + id-token: write + + runs-on: ubuntu-latest + steps: + # Checks out the repository this file is in + - uses: actions/checkout@master + + # Logs in with your Azure credentials + - name: Azure login + uses: azure/login@v1.4.3 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + + # Builds and pushes an image up to your Azure Container Registry + - name: Build and push image to ACR + run: | + az acr build --image ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }} --registry ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.RESOURCE_GROUP }} . + + # Retrieves your Azure Kubernetes Service cluster's kubeconfig file + - name: Get K8s context + uses: azure/aks-set-context@v2.0 + with: + resource-group: ${{ env.RESOURCE_GROUP }} + cluster-name: ${{ env.CLUSTER_NAME }} + + # Retrieves the credentials for pulling images from your Azure Container Registry + - name: Get ACR credentials + run: | + az acr update -n ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.RESOURCE_GROUP }} --admin-enabled true + ACR_USERNAME=$(az acr credential show -g ${{ env.RESOURCE_GROUP }} -n ${{ env.AZURE_CONTAINER_REGISTRY }} --query username -o tsv) + ACR_PASSWORD=$(az acr credential show -g ${{ env.RESOURCE_GROUP }} -n ${{ env.AZURE_CONTAINER_REGISTRY }} --query passwords[0].value -o tsv) + echo "::set-output name=username::${ACR_USERNAME}" + echo "::set-output name=password::${ACR_PASSWORD}" + id: get-acr-creds + + # Creates a kubernetes secret on your Azure Kubernetes Service cluster that matches up to the credentials from the last step + - name: Create K8s secret for pulling image from ACR + uses: Azure/k8s-create-secret@v1.1 + with: + container-registry-url: ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io + container-registry-username: ${{ steps.get-acr-creds.outputs.username }} + container-registry-password: ${{ steps.get-acr-creds.outputs.password }} + secret-name: ${{ env.IMAGE_PULL_SECRET_NAME }} + + # Runs Helm to create manifest files + - name: Bake deployment + uses: azure/k8s-bake@v2.1 + with: + renderEngine: 'helm' + helmChart: ${{ env.CHART_PATH }} + overrideFiles: ${{ env.CHART_OVERRIDE_PATH }} + overrides: | + replicas:2 + helm-version: 'latest' + id: bake + + # Deploys application based on manifest files from previous step + - name: Deploy application + uses: Azure/k8s-deploy@v3.0 + with: + action: deploy + manifests: ${{ steps.bake.outputs.manifestsBundle }} + images: | + ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }} + imagepullsecrets: | + ${{ env.IMAGE_PULL_SECRET_NAME }} diff --git a/deployments/azure-kubernetes-service-kompose.yml b/deployments/azure-kubernetes-service-kompose.yml new file mode 100644 index 0000000000..1d33fe30e9 --- /dev/null +++ b/deployments/azure-kubernetes-service-kompose.yml @@ -0,0 +1,111 @@ +# This workflow will build and push an application to a Azure Kubernetes Service (AKS) cluster when you push your code +# +# This workflow assumes you have already created the target AKS cluster and have created an Azure Container Registry (ACR) +# For instructions see: +# - https://docs.microsoft.com/en-us/azure/aks/kubernetes-walkthrough-portal +# - https://docs.microsoft.com/en-us/azure/container-registry/container-registry-get-started-portal +# - https://github.com/Azure/aks-create-action +# +# To configure this workflow: +# +# 1. Set the following secrets in your repository (instructions for getting these +# https://github.com/Azure/login#configure-a-service-principal-with-a-federated-credential-to-use-oidc-based-authentication): +# - AZURE_CLIENT_ID +# - AZURE_TENANT_ID +# - AZURE_SUBSCRIPTION_ID +# +# 2. Set the following environment variables (or replace the values below): +# - AZURE_CONTAINER_REGISTRY (name of your container registry / ACR) +# - RESOURCE_GROUP (where your cluster is deployed) +# - CLUSTER_NAME (name of your AKS cluster) +# - CONTAINER_NAME (name of the container image you would like to push up to your ACR) +# - SECRET_NAME (name of the secret associated with pulling your ACR image) +# +# 3. Choose the appropriate render engine for the bake step https://github.com/Azure/k8s-bake. The config below assumes Kompose. +# Set your dockerComposeFile and kompose-version to suit your configuration. +# - DOCKER_COMPOSE_FILE_PATH (the path where your Kompose deployment manifest is located) +# +# For more information on GitHub Actions for Azure, refer to https://github.com/Azure/Actions +# For more samples to get started with GitHub Action workflows to deploy to Azure, refer to https://github.com/Azure/actions-workflow-samples +# For more options with the actions used below please refer to https://github.com/Azure/login + +name: Build and deploy an app to AKS with Kompose + +env: + AZURE_CONTAINER_REGISTRY: "your-azure-container-registry" + CONTAINER_NAME: "your-container-name" + RESOURCE_GROUP: "your-resource-group" + CLUSTER_NAME: "your-cluster-name" + IMAGE_PULL_SECRET_NAME: "your-image-pull-secret-name" + DOCKER_COMPOSE_FILE_PATH: "your-docker-compose-file-path" + +jobs: + build: + permissions: + actions: read + contents: read + id-token: write + + runs-on: ubuntu-latest + steps: + # Checks out the repository this file is in + - uses: actions/checkout@master + + # Logs in with your Azure credentials + - name: Azure login + uses: azure/login@v1.4.3 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + + # Builds and pushes an image up to your Azure Container Registry + - name: Build and push image to ACR + run: | + az acr build --image ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }} --registry ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.RESOURCE_GROUP }} . + + # Retrieves your Azure Kubernetes Service cluster's kubeconfig file + - name: Get K8s context + uses: azure/aks-set-context@v2.0 + with: + resource-group: ${{ env.RESOURCE_GROUP }} + cluster-name: ${{ env.CLUSTER_NAME }} + + # Retrieves the credentials for pulling images from your Azure Container Registry + - name: Get ACR credentials + run: | + az acr update -n ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.RESOURCE_GROUP }} --admin-enabled true + ACR_USERNAME=$(az acr credential show -g ${{ env.RESOURCE_GROUP }} -n ${{ env.AZURE_CONTAINER_REGISTRY }} --query username -o tsv) + ACR_PASSWORD=$(az acr credential show -g ${{ env.RESOURCE_GROUP }} -n ${{ env.AZURE_CONTAINER_REGISTRY }} --query passwords[0].value -o tsv) + echo "::set-output name=username::${ACR_USERNAME}" + echo "::set-output name=password::${ACR_PASSWORD}" + id: get-acr-creds + + # Creates a kubernetes secret on your Azure Kubernetes Service cluster that matches up to the credentials from the last step + - name: Create K8s secret for pulling image from ACR + uses: Azure/k8s-create-secret@v1.1 + with: + container-registry-url: ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io + container-registry-username: ${{ steps.get-acr-creds.outputs.username }} + container-registry-password: ${{ steps.get-acr-creds.outputs.password }} + secret-name: ${{ env.IMAGE_PULL_SECRET_NAME }} + + # Runs Kompose to create manifest files + - name: Bake deployment + uses: azure/k8s-bake@v2.1 + with: + renderEngine: 'kompose' + dockerComposeFile: ${{ env.DOCKER_COMPOSE_FILE_PATH }} + kompose-version: 'latest' + id: bake + + # Deploys application based on manifest files from previous step + - name: Deploy application + uses: Azure/k8s-deploy@v3.0 + with: + action: deploy + manifests: ${{ steps.bake.outputs.manifestsBundle }} + images: | + ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }} + imagepullsecrets: | + ${{ env.IMAGE_PULL_SECRET_NAME }} diff --git a/deployments/azure-kubernetes-service-kustomize.yml b/deployments/azure-kubernetes-service-kustomize.yml new file mode 100644 index 0000000000..51b7d69846 --- /dev/null +++ b/deployments/azure-kubernetes-service-kustomize.yml @@ -0,0 +1,117 @@ +# This workflow will build and push an application to a Azure Kubernetes Service (AKS) cluster when you push your code +# +# This workflow assumes you have already created the target AKS cluster and have created an Azure Container Registry (ACR) +# For instructions see: +# - https://docs.microsoft.com/en-us/azure/aks/kubernetes-walkthrough-portal +# - https://docs.microsoft.com/en-us/azure/container-registry/container-registry-get-started-portal +# - https://github.com/Azure/aks-create-action +# +# To configure this workflow: +# +# 1. Set the following secrets in your repository (instructions for getting these +# https://github.com/Azure/login#configure-a-service-principal-with-a-federated-credential-to-use-oidc-based-authentication): +# - AZURE_CLIENT_ID +# - AZURE_TENANT_ID +# - AZURE_SUBSCRIPTION_ID +# +# 2. Set the following environment variables (or replace the values below): +# - AZURE_CONTAINER_REGISTRY (name of your container registry / ACR) +# - RESOURCE_GROUP (where your cluster is deployed) +# - CLUSTER_NAME (name of your AKS cluster) +# - CONTAINER_NAME (name of the container image you would like to push up to your ACR) +# - SECRET_NAME (name of the secret associated with pulling your ACR image) +# +# 3. Choose the appropriate render engine for the bake step https://github.com/Azure/k8s-bake. The config below assumes Kustomize. +# Set your kustomizationPath and kubectl-version to suit your configuration. +# - KUSTOMIZE_PATH (the path where your Kustomize manifests are located) +# +# For more information on GitHub Actions for Azure, refer to https://github.com/Azure/Actions +# For more samples to get started with GitHub Action workflows to deploy to Azure, refer to https://github.com/Azure/actions-workflow-samples +# For more options with the actions used below please refer to https://github.com/Azure/login + +name: Build and deploy an app to AKS with Kustomize + +on: + push: + branches: + - $default-branch + workflow_dispatch: + +env: + AZURE_CONTAINER_REGISTRY: "your-azure-container-registry" + CONTAINER_NAME: "your-container-name" + RESOURCE_GROUP: "your-resource-group" + CLUSTER_NAME: "your-cluster-name" + IMAGE_PULL_SECRET_NAME: "your-image-pull-secret-name" + KUSTOMIZE_PATH: "your-kustomize-path" + +jobs: + build: + permissions: + actions: read + contents: read + id-token: write + + runs-on: ubuntu-latest + steps: + # Checks out the repository this file is in + - uses: actions/checkout@master + + # Logs in with your Azure credentials + - name: Azure login + uses: azure/login@v1.4.3 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + + # Builds and pushes an image up to your Azure Container Registry + - name: Build and push image to ACR + run: | + az acr build --image ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }} --registry ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.RESOURCE_GROUP }} . + + # Retrieves your Azure Kubernetes Service cluster's kubeconfig file + - name: Get K8s context + uses: azure/aks-set-context@v2.0 + with: + resource-group: ${{ env.RESOURCE_GROUP }} + cluster-name: ${{ env.CLUSTER_NAME }} + + # Retrieves the credentials for pulling images from your Azure Container Registry + - name: Get ACR credentials + run: | + az acr update -n ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.RESOURCE_GROUP }} --admin-enabled true + ACR_USERNAME=$(az acr credential show -g ${{ env.RESOURCE_GROUP }} -n ${{ env.AZURE_CONTAINER_REGISTRY }} --query username -o tsv) + ACR_PASSWORD=$(az acr credential show -g ${{ env.RESOURCE_GROUP }} -n ${{ env.AZURE_CONTAINER_REGISTRY }} --query passwords[0].value -o tsv) + echo "::set-output name=username::${ACR_USERNAME}" + echo "::set-output name=password::${ACR_PASSWORD}" + id: get-acr-creds + + # Creates a kubernetes secret on your Azure Kubernetes Service cluster that matches up to the credentials from the last step + - name: Create K8s secret for pulling image from ACR + uses: Azure/k8s-create-secret@v1.1 + with: + container-registry-url: ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io + container-registry-username: ${{ steps.get-acr-creds.outputs.username }} + container-registry-password: ${{ steps.get-acr-creds.outputs.password }} + secret-name: ${{ env.IMAGE_PULL_SECRET_NAME }} + + # Runs Kustomize to create manifest files + - name: Bake deployment + uses: azure/k8s-bake@v2.1 + with: + renderEngine: 'kustomize' + kustomizationPath: ${{ env.KUSTOMIZE_PATH }} + kubectl-version: latest + id: bake + + # Deploys application based on manifest files from previous step + - name: Deploy application + uses: Azure/k8s-deploy@v3.0 + with: + action: deploy + manifests: ${{ steps.bake.outputs.manifestsBundle }} + images: | + ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }} + imagepullsecrets: | + ${{ env.IMAGE_PULL_SECRET_NAME }} diff --git a/deployments/azure-kubernetes-service.yml b/deployments/azure-kubernetes-service.yml index 08988ffc64..e61e64ec51 100644 --- a/deployments/azure-kubernetes-service.yml +++ b/deployments/azure-kubernetes-service.yml @@ -1,80 +1,105 @@ # This workflow will build and push an application to a Azure Kubernetes Service (AKS) cluster when you push your code # # This workflow assumes you have already created the target AKS cluster and have created an Azure Container Registry (ACR) -# For instructions see https://docs.microsoft.com/en-us/azure/aks/kubernetes-walkthrough-portal -# https://docs.microsoft.com/en-us/azure/container-registry/container-registry-get-started-portal -# https://github.com/Azure/aks-create-action +# For instructions see: +# - https://docs.microsoft.com/en-us/azure/aks/kubernetes-walkthrough-portal +# - https://docs.microsoft.com/en-us/azure/container-registry/container-registry-get-started-portal +# - https://github.com/Azure/aks-create-action # # To configure this workflow: # -# 1. Set the following secrets in your repository: -# - AZURE_CREDENTIALS (instructions for getting this https://github.com/Azure/login#configure-a-service-principal-with-a-secret) +# 1. Set the following secrets in your repository (instructions for getting these +# https://github.com/Azure/login#configure-a-service-principal-with-a-federated-credential-to-use-oidc-based-authentication): +# - AZURE_CLIENT_ID +# - AZURE_TENANT_ID +# - AZURE_SUBSCRIPTION_ID # # 2. Set the following environment variables (or replace the values below): -# - AZURE_CONTAINER_REGISTRY (name of your container registry) -# - PROJECT_NAME +# - AZURE_CONTAINER_REGISTRY (name of your container registry / ACR) # - RESOURCE_GROUP (where your cluster is deployed) # - CLUSTER_NAME (name of your AKS cluster) -# -# 3. Choose the approrpiate render engine for the bake step https://github.com/Azure/k8s-bake. The config below assumes helm, then set -# any needed environment variables such as: -# - CHART_PATH -# - CHART_OVERRIDE_PATH +# - CONTAINER_NAME (name of the container image you would like to push up to your ACR) +# - SECRET_NAME (name of the secret associated with pulling your ACR image) +# - DEPLOYMENT_MANIFEST_PATH (path to the manifest yaml for your deployment) # # For more information on GitHub Actions for Azure, refer to https://github.com/Azure/Actions # For more samples to get started with GitHub Action workflows to deploy to Azure, refer to https://github.com/Azure/actions-workflow-samples -# For more options with the actions used below please see the folllowing -# https://github.com/Azure/login -# https://github.com/Azure/aks-set-context -# https://github.com/marketplace/actions/azure-cli-action -# https://github.com/Azure/k8s-bake -# https://github.com/Azure/k8s-deploy +# For more options with the actions used below please refer to https://github.com/Azure/login + +name: Build and deploy an app to AKS + +on: + push: + branches: + - $default-branch + workflow_dispatch: -on: [push] +env: + AZURE_CONTAINER_REGISTRY: "your-azure-container-registry" + CONTAINER_NAME: "your-container-name" + RESOURCE_GROUP: "your-resource-group" + CLUSTER_NAME: "your-cluster-name" + IMAGE_PULL_SECRET_NAME: "your-image-pull-secret-name" + DEPLOYMENT_MANIFEST_PATH: 'your-deployment-manifest-path' jobs: build: + permissions: + actions: read + contents: read + id-token: write + runs-on: ubuntu-latest steps: + # Checks out the repository this file is in - uses: actions/checkout@master - - name: Azure Login - uses: azure/login@v1 + # Logs in with your Azure credentials + - name: Azure login + uses: azure/login@v1.4.3 with: - creds: ${{ secrets.AZURE_CREDENTIALS }} - - - name: Build image on ACR - uses: azure/CLI@v1 - with: - azcliversion: 2.29.1 - inlineScript: | - az configure --defaults acr=${{ env.AZURE_CONTAINER_REGISTRY }} - az acr build -t -t ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.PROJECT_NAME }}:${{ github.sha }} - - - name: Gets K8s context - uses: azure/aks-set-context@v1 + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + + # Builds and pushes an image up to your Azure Container Registry + - name: Build and push image to ACR + run: | + az acr build --image ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }} --registry ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.RESOURCE_GROUP }} . + + # Retrieves your Azure Kubernetes Service cluster's kubeconfig file + - name: Get K8s context + uses: azure/aks-set-context@v2.0 with: - creds: ${{ secrets.AZURE_CREDENTIALS }} - resource-group: ${{ env.RESOURCE_GROUP }} - cluster-name: ${{ env.CLUSTER_NAME }} - id: login + resource-group: ${{ env.RESOURCE_GROUP }} + cluster-name: ${{ env.CLUSTER_NAME }} + + # Retrieves the credentials for pulling images from your Azure Container Registry + - name: Get ACR credentials + run: | + az acr update -n ${{ env.AZURE_CONTAINER_REGISTRY }} -g ${{ env.RESOURCE_GROUP }} --admin-enabled true + ACR_USERNAME=$(az acr credential show -g ${{ env.RESOURCE_GROUP }} -n ${{ env.AZURE_CONTAINER_REGISTRY }} --query username -o tsv) + ACR_PASSWORD=$(az acr credential show -g ${{ env.RESOURCE_GROUP }} -n ${{ env.AZURE_CONTAINER_REGISTRY }} --query passwords[0].value -o tsv) + echo "::set-output name=username::${ACR_USERNAME}" + echo "::set-output name=password::${ACR_PASSWORD}" + id: get-acr-creds - - name: Configure deployment - uses: azure/k8s-bake@v1 + # Creates a kubernetes secret on your Azure Kubernetes Service cluster that matches up to the credentials from the last step + - name: Create K8s secret for pulling image from ACR + uses: Azure/k8s-create-secret@v1.1 with: - renderEngine: 'helm' - helmChart: ${{ env.CHART_PATH }} - overrideFiles: ${{ env.CHART_OVERRIDE_PATH }} - overrides: | - replicas:2 - helm-version: 'latest' - id: bake + container-registry-url: ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io + container-registry-username: ${{ steps.get-acr-creds.outputs.username }} + container-registry-password: ${{ steps.get-acr-creds.outputs.password }} + secret-name: ${{ env.IMAGE_PULL_SECRET_NAME }} + # Deploys application based on given manifest file - name: Deploys application - - uses: Azure/k8s-deploy@v1 + uses: Azure/k8s-deploy@v3.0 with: - manifests: ${{ steps.bake.outputs.manifestsBundle }} + action: deploy + manifests: ${{ env.DEPLOYMENT_MANIFEST_PATH }} images: | - ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.PROJECT_NAME }}:${{ github.sha }} + ${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }} imagepullsecrets: | - ${{ env.PROJECT_NAME }} + ${{ env.IMAGE_PULL_SECRET_NAME }} diff --git a/deployments/properties/azure-kubernetes-service-helm.properties.json b/deployments/properties/azure-kubernetes-service-helm.properties.json new file mode 100644 index 0000000000..92478b306d --- /dev/null +++ b/deployments/properties/azure-kubernetes-service-helm.properties.json @@ -0,0 +1,7 @@ +{ + "name": "Deploy to AKS with Helm", + "description": "Deploy an application to an Azure Kubernetes Service cluster using Helm", + "creator": "Microsoft Azure", + "iconName": "azure", + "categories": ["Deployment", "Helm", "Kubernetes", "Dockerfile"] +} diff --git a/deployments/properties/azure-kubernetes-service-kompose.properties.json b/deployments/properties/azure-kubernetes-service-kompose.properties.json new file mode 100644 index 0000000000..de246c3003 --- /dev/null +++ b/deployments/properties/azure-kubernetes-service-kompose.properties.json @@ -0,0 +1,7 @@ +{ + "name": "Deploy to AKS with Kompose", + "description": "Deploy an application to an Azure Kubernetes Service cluster using Kompose", + "creator": "Microsoft Azure", + "iconName": "azure", + "categories": ["Deployment", "Kompose", "Kubernetes", "Dockerfile"] +} diff --git a/deployments/properties/azure-kubernetes-service-kustomize.properties.json b/deployments/properties/azure-kubernetes-service-kustomize.properties.json new file mode 100644 index 0000000000..bfc71cc9af --- /dev/null +++ b/deployments/properties/azure-kubernetes-service-kustomize.properties.json @@ -0,0 +1,7 @@ +{ + "name": "Deploy to AKS with Kustomize", + "description": "Deploy an application to an Azure Kubernetes Service cluster using Kustomize", + "creator": "Microsoft Azure", + "iconName": "azure", + "categories": ["Deployment", "Kustomize", "Kubernetes", "Dockerfile"] +} diff --git a/deployments/properties/azure-kubernetes-service.properties.json b/deployments/properties/azure-kubernetes-service.properties.json index 28f3725df2..45d4a696e5 100644 --- a/deployments/properties/azure-kubernetes-service.properties.json +++ b/deployments/properties/azure-kubernetes-service.properties.json @@ -1,7 +1,7 @@ { - "name": "Deploy to a AKS Cluster", - "description": "Deploy an application to a Azure Kubernetes Service Cluster using Azure Credentials", + "name": "Deploy to AKS", + "description": "Deploy an application to an Azure Kubernetes Service cluster", "creator": "Microsoft Azure", "iconName": "azure", - "categories": ["Deployment", "Kompose", "Helm", "Kustomize", "Kubernetes", "Dockerfile"] + "categories": ["Deployment", "Kubernetes", "Dockerfile"] }