PlatformPlatform/.github/workflows/_deploy-container.yml at main · platformplatform/PlatformPlatform · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
name: Deploy Container

on:
  workflow_call:
    inputs:
      azure_environment:
        required: true
        type: string
      cluster_location_acronym:
        required: true
        type: string
      service_principal_id:
        required: true
        type: string
      subscription_id:
        required: true
        type: string
      image_name:
        required: true
        type: string
      container_app_name:
        required: false
        type: string
        default: ""
      version:
        required: true
        type: string
      artifacts_name:
        required: true
        type: string
      artifacts_path:
        required: true
        type: string
      docker_context:
        required: true
        type: string
      docker_file:
        required: true
        type: string

jobs:
  deploy:
    name: Deploy
    runs-on: ubuntu-24.04
    environment: ${{ github.event_name != 'pull_request' && (inputs.azure_environment == 'prod' && 'production' || 'staging') || '' }}
    env:
      UNIQUE_PREFIX: ${{ vars.UNIQUE_PREFIX }}
      ENVIRONMENT: ${{ inputs.azure_environment }}
      CLUSTER_LOCATION_ACRONYM: ${{ inputs.cluster_location_acronym }}
      SERVICE_PRINCIPAL_ID: ${{ inputs.service_principal_id }}
      TENANT_ID: ${{ vars.TENANT_ID }}
      SUBSCRIPTION_ID: ${{ inputs.subscription_id }}

    steps:
      - name: Checkout Code
        uses: actions/checkout@v6

      - name: Download Artifacts
        uses: actions/download-artifact@v8
        with:
          name: ${{ inputs.artifacts_name }}
          path: ${{ inputs.artifacts_path }}

      - name: Login to Azure
        uses: azure/login@v3
        with:
          client-id: ${{ env.SERVICE_PRINCIPAL_ID }}
          tenant-id: ${{ env.TENANT_ID }}
          subscription-id: ${{ env.SUBSCRIPTION_ID }}

      - name: Login to ACR
        run: az acr login --name ${{ env.UNIQUE_PREFIX }}${{ env.ENVIRONMENT }}

      # For production, import image from staging instead of building
      - name: Import Container Image from Staging to Production
        if: inputs.azure_environment == 'prod' && inputs.container_app_name == ''
        run: |
          STAGING_REGISTRY_ID="/subscriptions/${{ vars.STAGING_SUBSCRIPTION_ID }}/resourceGroups/${{ env.UNIQUE_PREFIX }}-stage-global/providers/Microsoft.ContainerRegistry/registries/${{ env.UNIQUE_PREFIX }}stage"

          az acr import \
            --name ${{ env.UNIQUE_PREFIX }}${{ env.ENVIRONMENT }} \
            --source ${{ inputs.image_name }}:${{ inputs.version }} \
            --image ${{ inputs.image_name }}:${{ inputs.version }} \
            --registry "$STAGING_REGISTRY_ID" \
            --force

      # For staging, build and push the image
      - name: Setup Docker Buildx
        if: inputs.azure_environment == 'stage' && inputs.container_app_name == ''
        uses: docker/setup-buildx-action@v4

      - name: Build and Push Container Image
        if: inputs.azure_environment == 'stage' && inputs.container_app_name == ''
        working-directory: ${{ inputs.docker_context }}
        run: |
          docker buildx create --use
          docker buildx build \
            --platform linux/amd64,linux/arm64 \
            --build-arg VERSION=${{ inputs.version }} \
            -t ${{ env.UNIQUE_PREFIX }}${{ env.ENVIRONMENT }}.azurecr.io/${{ inputs.image_name }}:${{ inputs.version }} \
            -f ${{ inputs.docker_file }} \
            --push .
          docker buildx rm

      - name: Deploy Container
        run: |
          CLUSTER_RESOURCE_GROUP_NAME="${{ env.UNIQUE_PREFIX }}-${{ env.ENVIRONMENT }}-${{ env.CLUSTER_LOCATION_ACRONYM }}"
          SUFFIX=$(echo "${{ inputs.version }}" | sed 's/\./-/g')
          TARGET_APP="${{ inputs.container_app_name != '' && inputs.container_app_name || inputs.image_name }}"
          az containerapp update --name "$TARGET_APP" --resource-group "$CLUSTER_RESOURCE_GROUP_NAME" --image "${{ env.UNIQUE_PREFIX }}${{ env.ENVIRONMENT }}.azurecr.io/${{ inputs.image_name }}:${{ inputs.version }}" --revision-suffix $SUFFIX

          echo "Waiting for the new revision to be active..."
          for i in {1..10}; do
            sleep 15

            RUNNING_STATUS=$(az containerapp revision list --name "$TARGET_APP" --resource-group "$CLUSTER_RESOURCE_GROUP_NAME" --query "[?contains(name, '$SUFFIX')].properties.runningState" --output tsv)
            HEALTH_STATUS=$(az containerapp revision list --name "$TARGET_APP" --resource-group "$CLUSTER_RESOURCE_GROUP_NAME" --query "[?contains(name, '$SUFFIX')].properties.healthState" --output tsv)
            if [[ "$HEALTH_STATUS" == "Healthy" ]]; then
              echo "New revision is healthy. Running state: $RUNNING_STATUS"
              exit 0
            fi
            if [[ "$HEALTH_STATUS" == "Unhealthy" ]]; then
              echo "New revision is Unhealthy. Running state: $RUNNING_STATUS"
              exit 1
            fi

            echo "($i) Waiting for revision to become active. Running state: $RUNNING_STATUS"
          done
          echo "New revision did not become active in time. Running state: $RUNNING_STATUS"
          exit 1