|
17 | 17 | CONTAINERAPPS_ENV: www-test-ca |
18 | 18 | ACR_NAME: designsystemetacr |
19 | 19 | APP_NAME: www-pr-${{ github.event.number }} |
20 | | - PORT: '8000' |
| 20 | + PORT: 8000 |
21 | 21 |
|
22 | 22 | concurrency: |
23 | 23 | group: azure-www-preview-${{ github.event.pull_request.number || github.run_id }} |
@@ -51,45 +51,20 @@ jobs: |
51 | 51 | platforms: linux/amd64 |
52 | 52 | push: true |
53 | 53 | tags: ${{ env.ACR_NAME }}.azurecr.io/www:${{ env.APP_NAME }}-${{ github.sha }} |
54 | | - - name: Create/Update Container App (Managed Identity) |
55 | | - run: | |
56 | | - set -euo pipefail |
57 | | - if ! az containerapp show -n $APP_NAME -g $RESOURCE_GROUP >/dev/null 2>&1; then |
58 | | - echo "Creating container app $APP_NAME (temporary public image)" |
59 | | - az containerapp create \ |
60 | | - -n $APP_NAME \ |
61 | | - -g $RESOURCE_GROUP \ |
62 | | - --environment $CONTAINERAPPS_ENV \ |
63 | | - --image mcr.microsoft.com/k8se/quickstart:latest \ |
64 | | - --ingress external --target-port $PORT \ |
65 | | - --env-vars PORT=$PORT HOST=0.0.0.0 \ |
66 | | - --system-assigned |
67 | | - else |
68 | | - echo "Container app $APP_NAME exists" |
69 | | - # Assign identity only if missing |
70 | | - PID=$(az containerapp show -n $APP_NAME -g $RESOURCE_GROUP --query identity.principalId -o tsv 2>/dev/null || true) |
71 | | - if [ -z "$PID" ] || [ "$PID" = "null" ]; then |
72 | | - echo "Adding system identity" |
73 | | - az containerapp identity assign -n $APP_NAME -g $RESOURCE_GROUP --system-assigned >/dev/null || true |
74 | | - fi |
75 | | - fi |
76 | | -
|
77 | | - PRINCIPAL_ID=$(az containerapp show -n $APP_NAME -g $RESOURCE_GROUP --query identity.principalId -o tsv) |
78 | | - ACR_ID=$(az acr show -n $ACR_NAME --query id -o tsv) |
79 | | - echo "Ensuring AcrPull role (principal: $PRINCIPAL_ID) on $ACR_ID" |
80 | | - az role assignment create --assignee $PRINCIPAL_ID --scope $ACR_ID --role AcrPull >/dev/null 2>&1 || echo "Role already assigned" |
81 | | -
|
82 | | - # Brief wait for RBAC propagation (kept minimal) |
83 | | - sleep 3 |
84 | 54 |
|
85 | | - echo "Setting registry (managed identity)" |
86 | | - az containerapp registry set -n $APP_NAME -g $RESOURCE_GROUP --server $ACR_NAME.azurecr.io --identity system >/dev/null || true |
87 | | -
|
88 | | - NEW_IMAGE="$ACR_NAME.azurecr.io/www:${APP_NAME}-${GITHUB_SHA}" |
89 | | - echo "Updating image -> $NEW_IMAGE (no wait)" |
90 | | - az containerapp update -n $APP_NAME -g $RESOURCE_GROUP --image "$NEW_IMAGE" --set-env-vars PORT=$PORT HOST=0.0.0.0 --only-show-errors --no-wait || true |
91 | | -
|
92 | | - echo "Skipping wait for Healthy state; proceeding to comment with FQDN." |
| 55 | + - name: deploy preview |
| 56 | + uses: azure/container-apps-deploy-action@v1 |
| 57 | + with: |
| 58 | + resourceGroup: ${{ env.RESOURCE_GROUP }} |
| 59 | + containerAppEnvironment: ${{ env.CONTAINERAPPS_ENV }} |
| 60 | + containerAppName: ${{ env.APP_NAME }} |
| 61 | + acrName: ${{ env.ACR_NAME }} |
| 62 | + imageToDeploy: ${{ env.ACR_NAME }}.azurecr.io/www:${{ env.APP_NAME }}-${{ github.sha }} |
| 63 | + targetPort: ${{ env.PORT }} |
| 64 | + ingress: external |
| 65 | + environmentVariables: | |
| 66 | + PORT=${{ env.PORT }} |
| 67 | + HOST=0.0.0.0 |
93 | 68 |
|
94 | 69 | - name: Fetch FQDN |
95 | 70 | id: fqdn |
|
0 commit comments