From e0f3bc0570f1dbe8dbb4d84daeff7ea0a40ab817 Mon Sep 17 00:00:00 2001 From: mUusitalo <73437699+mUusitalo@users.noreply.github.com> Date: Tue, 3 Sep 2024 16:30:32 +0300 Subject: [PATCH 1/7] Update CI --- .github/workflows/deploy.yml | 73 ++++++++++++++++++++++++++++-------- 1 file changed, 58 insertions(+), 15 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index d8b439d..3a75afe 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -4,34 +4,77 @@ on: push: branches: - placeholder + - android-fix-wip + - main workflow_dispatch: +permissions: + id-token: write + +env: + AZURE_CORE_OUTPUT: none + jobs: - build-and-deploy: + build: runs-on: ubuntu-latest - environment: - name: 'Production' - + environment: Production steps: - uses: actions/checkout@v2 - - name: Login via Azure CLI - uses: azure/login@v1 + - name: Log in to Azure + uses: azure/login@v2 with: - creds: ${{ secrets.AZURE_CREDENTIALS }} + client-id: ${{ secrets.CLIENT_ID }} + tenant-id: ${{ secrets.TENANT_ID }} + allow-no-subscriptions: true - name: Docker login to ACR - uses: azure/docker-login@v1 - with: - login-server: ${{ secrets.REGISTRY_LOGIN_SERVER }} - username: ${{ secrets.REGISTRY_USERNAME }} - password: ${{ secrets.REGISTRY_PASSWORD }} + run: az acr login --name ${{ secrets.REGISTRY_NAME }} - name: Build and push run: | docker build . -t ${{ secrets.REGISTRY_LOGIN_SERVER }}/kiltiskamera/kamera - docker push ${{ secrets.REGISTRY_LOGIN_SERVER }}/kiltiskamera/kamera - + + - name: Build and push image + uses: docker/build-push-action@v5 + with: + context: . + push: true + tags: ${{ secrets.REGISTRY_NAME }}.azurecr.io/kiltiskamera/kamera:${{ github.sha }} + cache-from: type=gha,ref=${{ github.ref_name }} + cache-to: type=gha,mode=max + network: host + + - name: Azure logout + run: | + az logout + + deploy: + runs-on: ubuntu-latest + environment: production + needs: build + steps: + - uses: actions/checkout@v2 + - name: Log in to Azure + uses: Azure/login@v2 + with: + client-id: ${{ secrets.CLIENT_ID }} + tenant-id: ${{ secrets.TENANT_ID }} + allow-no-subscriptions: true + + - name: Docker login to ACR + run: az acr login --name ${{ secrets.REGISTRY_NAME }} + + # Would like to use azure/webapps-deploy but it doesn't seem to work with OIDC. + - name: Deploy from ACR + run: | + az webapp config container set \ + --container-image-name ${{ secrets.REGISTRY_NAME }}.azurecr.io/kiltiskamera/kamera:${{ github.sha }} \ + --container-registry-url https://${{ secrets.REGISTRY_NAME }}.azurecr.io \ + --subscription ${{ secrets.SUBSCRIPTION }} \ + --resource-group prodeko-rg \ + --name kiltiskamera + - name: Azure logout run: | - az logout \ No newline at end of file + az logout From d0d2f457b73c4b57b927b631406e83738bd8a34e Mon Sep 17 00:00:00 2001 From: mUusitalo <73437699+mUusitalo@users.noreply.github.com> Date: Tue, 3 Sep 2024 16:32:47 +0300 Subject: [PATCH 2/7] Allow network=host --- .github/workflows/deploy.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 3a75afe..e5bdc8f 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -43,6 +43,8 @@ jobs: tags: ${{ secrets.REGISTRY_NAME }}.azurecr.io/kiltiskamera/kamera:${{ github.sha }} cache-from: type=gha,ref=${{ github.ref_name }} cache-to: type=gha,mode=max + allow: | + network.host network: host - name: Azure logout From 75fb1e0e32b3f357cf31a7ef50edad96382c10ed Mon Sep 17 00:00:00 2001 From: mUusitalo <73437699+mUusitalo@users.noreply.github.com> Date: Tue, 3 Sep 2024 16:35:58 +0300 Subject: [PATCH 3/7] Add buildx setup --- .github/workflows/deploy.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index e5bdc8f..39038cf 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -31,9 +31,8 @@ jobs: - name: Docker login to ACR run: az acr login --name ${{ secrets.REGISTRY_NAME }} - - name: Build and push - run: | - docker build . -t ${{ secrets.REGISTRY_LOGIN_SERVER }}/kiltiskamera/kamera + - name: Set up Docker buildx + uses: docker/setup-buildx-action@v3 - name: Build and push image uses: docker/build-push-action@v5 From e19a69d12db71442fc6966009fda274511c50810 Mon Sep 17 00:00:00 2001 From: mUusitalo <73437699+mUusitalo@users.noreply.github.com> Date: Tue, 3 Sep 2024 16:45:05 +0300 Subject: [PATCH 4/7] Change build context --- .github/workflows/deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 39038cf..a0898f6 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -37,7 +37,7 @@ jobs: - name: Build and push image uses: docker/build-push-action@v5 with: - context: . + context: app push: true tags: ${{ secrets.REGISTRY_NAME }}.azurecr.io/kiltiskamera/kamera:${{ github.sha }} cache-from: type=gha,ref=${{ github.ref_name }} From d9581d5c84d097c74346b6cc1042ebbeb5c84bc7 Mon Sep 17 00:00:00 2001 From: mUusitalo <73437699+mUusitalo@users.noreply.github.com> Date: Wed, 4 Sep 2024 16:55:50 +0300 Subject: [PATCH 5/7] Change resource group --- .github/workflows/deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index a0898f6..6895ada 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -73,7 +73,7 @@ jobs: --container-image-name ${{ secrets.REGISTRY_NAME }}.azurecr.io/kiltiskamera/kamera:${{ github.sha }} \ --container-registry-url https://${{ secrets.REGISTRY_NAME }}.azurecr.io \ --subscription ${{ secrets.SUBSCRIPTION }} \ - --resource-group prodeko-rg \ + --resource-group kiltiskamera_group \ --name kiltiskamera - name: Azure logout From c813a63f683a5ee12efdf69a8dac754f36d1f4ef Mon Sep 17 00:00:00 2001 From: mUusitalo <73437699+mUusitalo@users.noreply.github.com> Date: Wed, 4 Sep 2024 18:33:00 +0300 Subject: [PATCH 6/7] Fix image tag --- .github/workflows/deploy.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 6895ada..795bf7d 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -39,7 +39,7 @@ jobs: with: context: app push: true - tags: ${{ secrets.REGISTRY_NAME }}.azurecr.io/kiltiskamera/kamera:${{ github.sha }} + tags: ${{ secrets.REGISTRY_NAME }}.azurecr.io/kiltiskamera/backend:${{ github.sha }} cache-from: type=gha,ref=${{ github.ref_name }} cache-to: type=gha,mode=max allow: | @@ -70,7 +70,7 @@ jobs: - name: Deploy from ACR run: | az webapp config container set \ - --container-image-name ${{ secrets.REGISTRY_NAME }}.azurecr.io/kiltiskamera/kamera:${{ github.sha }} \ + --container-image-name ${{ secrets.REGISTRY_NAME }}.azurecr.io/kiltiskamera/backend:${{ github.sha }} \ --container-registry-url https://${{ secrets.REGISTRY_NAME }}.azurecr.io \ --subscription ${{ secrets.SUBSCRIPTION }} \ --resource-group kiltiskamera_group \ From 282a6a919b030f25fd73ac3f000cef9fe989e717 Mon Sep 17 00:00:00 2001 From: mUusitalo <73437699+mUusitalo@users.noreply.github.com> Date: Sat, 26 Oct 2024 12:00:46 +0300 Subject: [PATCH 7/7] Update ci pipeline --- .github/workflows/deploy.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 795bf7d..460db89 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -6,6 +6,7 @@ on: - placeholder - android-fix-wip - main + - ci-fix workflow_dispatch: permissions: