Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reworked AKS deployment workflows #1403

Merged
merged 13 commits into from
Feb 24, 2022
Merged

Reworked AKS deployment workflows #1403

merged 13 commits into from
Feb 24, 2022

Conversation

tbarnes94
Copy link
Contributor

@tbarnes94 tbarnes94 commented Feb 11, 2022
edited
Loading

Pre-requisites

  • Prior to submitting a new workflow, please apply to join the GitHub Technology Partner Program: partner.github.com/apply.

Please note that at this time we are only accepting new starter workflows for Code Scanning. Updates to existing starter workflows are fine.

Tasks

For all workflows, the workflow:

  • Should be contained in a .yml file with the language or platform as its filename, in lower, kebab-cased format (for example, docker-image.yml). Special characters should be removed or replaced with words as appropriate (for example, "dotnet" instead of ".NET").
  • Should use sentence case for the names of workflows and steps (for example, "Run tests").
  • Should be named only by the name of the language or platform (for example, "Go", not "Go CI" or "Go Build").
  • Should include comments in the workflow for any parts that are not obvious or could use clarification.
  • Should specify least priviledge permissions for GITHUB_TOKEN so that the workflow runs successfully.

For CI workflows, the workflow:

  • Should be preserved under the ci directory.
  • Should include a matching ci/properties/*.properties.json file (for example, ci/properties/docker-publish.properties.json).
  • Should run on push to branches: [ $default-branch ] and pull_request to branches: [ $default-branch ].
  • Packaging workflows should run on release with types: [ created ].
  • Publishing workflows should have a filename that is the name of the language or platform, in lower case, followed by "-publish" (for example, docker-publish.yml).

For Code Scanning workflows, the workflow:

  • Should be preserved under the code-scanning directory.
  • Should include a matching code-scanning/properties/*.properties.json file (for example, code-scanning/properties/codeql.properties.json), with properties set as follows:
    • name: Name of the Code Scanning integration.
    • organization: Name of the organization producing the Code Scanning integration.
    • description: Short description of the Code Scanning integration.
    • categories: Array of languages supported by the Code Scanning integration.
    • iconName: Name of the SVG logo representing the Code Scanning integration. This SVG logo must be present in the icons directory.
  • Should run on push to branches: [ $default-branch, $protected-branches ] and pull_request to branches: [ $default-branch ]. We also recommend a schedule trigger of cron: $cron-weekly (for example, codeql.yml).

Some general notes:

  • This workflow must only use actions that are produced by GitHub, in the actions organization, or
  • This workflow must only use actions that are produced by the language or ecosystem that the workflow supports. These actions must be published to the GitHub Marketplace. We require that these actions be referenced using the full 40 character hash of the action's commit instead of a tag. Additionally, workflows must include the following comment at the top of the workflow file: 
    # This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
  • Automation and CI workflows should not send data to any 3rd party service except for the purposes of installing dependencies.
  • Automation and CI workflows cannot be dependent on a paid service or product.

@tbarnes94 tbarnes94 requested a review from a team as a code owner February 11, 2022 21:29
@tbarnes94 tbarnes94 changed the title rebased to partner_templates Reworked AKS deployment workflows Feb 11, 2022
@gambtho
Copy link
Contributor

gambtho commented Feb 11, 2022

@azooinmyluggage

@bishal-pdMSFT
Copy link
Contributor

@puicchan please review these templates.

@Tatsinnit Tatsinnit mentioned this pull request Feb 24, 2022
Merged
@bishal-pdMSFT
Copy link
Contributor

Looks good to me.
@tbarnes94 there are couple of unresolved comments. Let me know once have you taken a look and then I will merge the PR.

cc @anuragc617

@tbarnes94
Copy link
Contributor Author

@bishal-pdMSFT Have addressed the remaining comments, OK to merge.

cc @anuragc617

@bishal-pdMSFT bishal-pdMSFT merged commit 1072ece into actions:partner_templates Feb 24, 2022
@bishal-pdMSFT bishal-pdMSFT mentioned this pull request Feb 24, 2022
Merged
23 tasks
@OliverMKing OliverMKing mentioned this pull request Apr 21, 2022
Merged
23 tasks
bishal-pdMSFT added a commit that referenced this pull request Apr 22, 2022
@jaiveerk @tbarnes94
@imiller31 @bishal-pdMSFT
Parallelize Jobs for AKS Starter Workflows (#1534)
c066049 
* Reworked AKS deployment workflows (#1403)

* rebased to partner_templates

* Renaming workflow

* Updated corresponding properties.json files for the new aks workflows under deployments.

* Updated properties.json titles for aks workflows

* Renamed SECRET_NAME to IMAGE_PULL_SECRET_NAME

* Moved permissions down to the job level

* Updated documentation links

* Updated permission for action to read

* Removing redundant permissions

* write -> read for actions

* Updated descriptions

* Less reference documentation in header

* Added comments to each AKS Starter Workflow step

Co-authored-by: Tommy Barnes <[email protected]>

* Update AKS workflows to not use imagePullSecrets (#1494)

* removing old method of adding imagePullSecrets

* fixing step casing

* For testing: Dependency review starter workflow

* changed back to image pull secret, added mask, clarified website and pull secret instructions

* made changes to other aks files

* Added back imagepullsecrets param to deploy action, reordered env vars

* changing release version of deploy action

* restructured starter workflows to parallelize secret creation and image building

* renamed to buildImage and removed extra space

* cleaned up some random newlines

* removed extra space

* removing changes from partner branch

* removing changes from partner branch

* through mistake in changing PR, two files lost step for createSecret

Co-authored-by: Tommy Barnes <[email protected]>
Co-authored-by: Tommy Barnes <[email protected]>
Co-authored-by: Israel Miller <[email protected]>
Co-authored-by: Bishal Prasad <[email protected]>
Co-authored-by: Jaiveer Katariya <[email protected]>
Co-authored-by: Jaiveer Katariya <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@anuragc617 anuragc617 anuragc617 left review comments

@bishal-pdMSFT bishal-pdMSFT bishal-pdMSFT approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@tbarnes94 @gambtho @bishal-pdMSFT @anuragc617