76 lines (69 loc) · 2.87 KB
/
deploytoAksCluster-strapi-test.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
name: Manual Step - Promote Strapi Dev - Test
on:
workflow_dispatch:
jobs:
build-and-deploy:
runs-on: ubuntu-latest
# Check that the init is done by 'bashbang', the onwer.
# TODO: Would prefer to check for 'owner' but can't find property name for that.
if: github.actor == 'bashbang'
steps:
- name: Log into ACR
uses: azure/docker-login@v1
with:
login-server: dev4gqggmqqacr.azurecr.io
username: ${{ secrets.acr_login }}
password: ${{ secrets.acr_password }}
- name: Promote image to Test and push image to ACR
id: build-image
run: |
# TODO: This routine pulls the image, re-tags it, then re-pushes it. There's deplay/load/bandwidth in the pull portion.
# there doesn't seem to be an easy AZ way of added a tag to an already submitted image.
# There actually is...but I'm not in love with the hack:
# I was desined for AWS, but there may be a way to do this with Azure: https://davin.ninja/amazon-ecr-adding-tag-image-already-pushed/
docker pull dev4gqggmqqacr.azurecr.io/devaks:dev
docker tag dev4gqggmqqacr.azurecr.io/devaks:dev dev4gqggmqqacr.azurecr.io/devaks:test
docker push dev4gqggmqqacr.azurecr.io/devaks:test
- name: Log into AKS
uses: azure/k8s-set-context@v1
with:
kubeconfig: ${{ secrets.aks_devaks_kubeConfig }}
id: login
- name: Create namespace
run: |
namespacePresent=`kubectl get namespace | grep development | wc -l`
if [ $namespacePresent -eq 0 ]
then
echo `kubectl create namespace development`
fi
- name: Pull Registry Secrets
uses: azure/k8s-create-secret@v1
with:
namespace: testing
container-registry-url: dev4gqggmqqacr.azurecr.io
container-registry-username: ${{ secrets.acr_login }}
container-registry-password: ${{ secrets.acr_password }}
secret-name: devaksdockerauth
- name: Pull Repo # Needed for manifests
uses: actions/checkout@main
- name: Deploy k8s Manafests
uses: azure/k8s-deploy@v1.3
with:
namespace: testing
manifests: |
manifests/deployment-strapi.yml
manifests/service-strapi.yml
images: |
dev4gqggmqqacr.azurecr.io/devaks:test
imagepullsecrets: |
devaksdockerauth
permissions-failure:
# TODO: I'm sure there's a better way of doing this. This UX is not good and spinning up a VM to echo out an error seems unnecessary.
runs-on: ubuntu-latest
# Display an error message if users is not 'bashbang'
# TODO: Would prefer to check for 'owner' but can't find property name for that.
if: github.actor != 'bashbang'
steps:
- name: Permissions Error
run: echo "You don't have permissions to run promote from dev to testing. Contact your administrator."
id: permission-error