-
Notifications
You must be signed in to change notification settings - Fork 2
86 lines (78 loc) · 2.85 KB
/
acr_deploy_reusable.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
name: Build and Deploy to ACR Reusable
on:
workflow_call:
inputs:
environment:
type: string
required: true
secrets:
ACR_NAME:
description: "Name of the Azure container registry to deploy to"
required: true
ACR_USERNAME:
description: "Token name to login to the ACR"
required: true
ACR_PASSWORD:
description: "Token password to login to the ACR"
required: true
IMAGE_NAME:
description: "Name of the docker image to push to the ACR"
required: true
ARM_CLIENT_ID:
required: false
ARM_CLIENT_SECRET:
required: false
ARM_SUBSCRIPTION_ID:
required: false
ARM_TENANT_ID:
required: false
WEBAPP_ID:
required: false
SLOT_NAME:
required: false
jobs:
build-and-deploy:
runs-on: ubuntu-latest
environment: ${{ inputs.environment }}
steps:
- name: Set image tag
id: set
run: |
if [ ${{ secrets.ARM_CLIENT_ID }} != "" ]; then
echo "Have a service principal. Will tag image with commit SHA"
tag="${{ github.sha }}"
else
echo "No service principal. Tagging with latest and assuming webhook"
tag="latest"
fi
echo "tag=$tag" >> $GITHUB_OUTPUT
acr_uri="${{ secrets.ACR_NAME }}.azurecr.io"
echo "remote_image_full_tag=$acr_uri/${{ secrets.IMAGE_NAME }}:$tag" >> $GITHUB_OUTPUT
- name: Checkout repository
uses: actions/checkout@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Build and deploy
env:
ENVIRONMENT: ${{ inputs.environment }}
ACR_NAME: ${{ secrets.ACR_NAME }}
ACR_USERNAME: ${{ secrets.ACR_USERNAME }}
ACR_PASSWORD: ${{ secrets.ACR_PASSWORD }}
REMOTE_IMAGE_FULL_TAG: ${{ steps.set.outputs.remote_image_full_tag }}
DOCKER_BUILDKIT: 1
run: make deploy
- name: Azure login
if: steps.set.outputs.tag != 'latest'
uses: azure/login@v1
with:
creds: '{"clientId":"${{ secrets.ARM_CLIENT_ID }}","clientSecret":"${{ secrets.ARM_CLIENT_SECRET }}","subscriptionId":"${{ secrets.ARM_SUBSCRIPTION_ID }}","tenantId":"${{ secrets.ARM_TENANT_ID }}"}'
- name: Bump webapp image tag
if: steps.set.outputs.tag != 'latest'
run: |
az webapp config container set \
--docker-custom-image-name ${{ steps.set.outputs.remote_image_full_tag }} \
--docker-registry-server-user ${{ secrets.ACR_USERNAME }} \
--docker-registry-server-password ${{ secrets.ACR_PASSWORD }} \
--docker-registry-server-url https://${{ secrets.ACR_NAME }}.azurecr.io \
--ids ${{ secrets.WEBAPP_ID }} \
--slot ${{ secrets.SLOT_NAME }}