Skip to content
This repository has been archived by the owner on Oct 19, 2019. It is now read-only.

Example Azure DevOps Pipeline for building and deploying containers

License

Notifications You must be signed in to change notification settings

julie-ng/azure-pipelines-acr-example

Repository files navigation

⚠️ This demo is no longer maintained

⚠️ Directions are kept for "how to" only. Please view https://github.com/julie-ng/azure-nodejs-demo for an example Azure DevOps Pipeline.⚠️


Azure Pipelines Example: Building and Deploying Containers

Build Status

This barebones repository shows how to automate building and pushing a Docker image and push to Azure Container Registry (ACR).

This was not straightfoward from the documentation. I got it working after trial and error and have published my simplified example. I hope you find it useful.

Demo

This demo deploys an application to:

Secure Registry Login with "Service Connection"

Instead of using docker login, we want to do a secure login by creating a Service Connection using Azure Resource Manager. This means we do not need a username or password in our environment.

variables:
  azureSubscriptionEndpoint: <<YOUR_CONNECTION_NAME>>
  azureContainerRegistry: <<YOUR_ACR_NAME>>
  registryName: $(azureContainerRegistry)/$(Build.Repository.Name)
  imageTag: $(registryName):$(Build.BuildId)

You need to replace <<VARIABLE>> with your setup.

Example Values

Variable Example Value Description
azureSubscriptionEndpoint julie-ng-connection Azure Service Connection Name
azureContainerRegistry julie.azurecr.io Your ACR Name, which should have the azurecr.io domain in it.

Docker Image Tags - append git shas

It is worth noting that the default Azure examples using just the build number as a tag, e.g. 42. In my experience, a simple build number is not very helpful when debugging deployments.

I prefer to append the git sha so that I easily know which code was deployed:

# Default Tag
julie-ng/azure-devops-acr-example:42

# Custom Tag with git sha
julie-ng/azure-devops-acr-example:69-07e19d5

If there's a problem in a deployment you can immediately view the image code with git checkout -b <NEW_BRANCH_NAME> <GIT_SHA>.

Azure Pipeline Steps

After setting up the variables, the pipeline steps are mostly straightfoward - if you use the docker commands. I only kept the login task, because it has added security value. For the rest, plain docker commands are easier to understand IMO.

steps:

- script: docker build --tag $(imageTag) .
  displayName: 'Docker: Build and tag image'

# Use the task to avoid embedding credentials in pipeline
- task: Docker@1
  displayName: 'Docker: login ACR'
  inputs:
    command: login
    azureSubscriptionEndpoint: $(azureSubscriptionEndpoint)
    azureContainerRegistry: $(azureContainerRegistry)

- script: docker push $(imageTag)-$(buildSha)
  displayName: 'Docker: Push image'

- script: docker logout $(azureContainerRegistry)
  displayName: 'Docker: logout ACR'

See full azure-pipelines.yml file for details.

Deployment

Before you deploy, you need to create the resource (e.g. first deploy) by hand. Otherwise you may see this error message:

##[error]Error: Resource 'azure-devops-acr-example' doesn't exist. Resource should exist before deployment.

References