PlatformPlatform/.github/workflows/_deploy-container.yml at main · platformplatform/PlatformPlatform · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
name: Deploy Container

on:
  workflow_call:
    inputs:
      azure_environment:
        required: true
        type: string
      cluster_location_acronym:
        required: true
        type: string
      service_principal_id:
        required: true
        type: string
      subscription_id:
        required: true
        type: string
      image_name:
        required: true
        type: string
      version:
        required: true
        type: string
      artifacts_name:
        required: true
        type: string
      artifacts_path:
        required: true
        type: string
      docker_context:
        required: true
        type: string
      docker_file:
        required: true
        type: string

jobs:
  deploy:
    name: Deploy
    runs-on: ubuntu-24.04
    environment: ${{ github.event_name != 'pull_request' && (inputs.azure_environment == 'prod' && 'production' || 'staging') || '' }}
    env:
      UNIQUE_PREFIX: ${{ vars.UNIQUE_PREFIX }}
      ENVIRONMENT: ${{ inputs.azure_environment }}
      CLUSTER_LOCATION_ACRONYM: ${{ inputs.cluster_location_acronym }}
      SERVICE_PRINCIPAL_ID: ${{ inputs.service_principal_id }}
      TENANT_ID: ${{ vars.TENANT_ID }}
      SUBSCRIPTION_ID: ${{ inputs.subscription_id }}

    steps:
      - name: Checkout Code
        uses: actions/checkout@v6

      - name: Download Artifacts
        uses: actions/download-artifact@v8
        with:
          name: ${{ inputs.artifacts_name }}
          path: ${{ inputs.artifacts_path }}

      - name: Login to Azure
        uses: azure/login@v3
        with:
          client-id: ${{ env.SERVICE_PRINCIPAL_ID }}
          tenant-id: ${{ env.TENANT_ID }}
          subscription-id: ${{ env.SUBSCRIPTION_ID }}

      - name: Login to ACR
        run: az acr login --name ${{ env.UNIQUE_PREFIX }}${{ env.ENVIRONMENT }}

      # For production, import image from staging instead of building
      - name: Import Container Image from Staging to Production
        if: inputs.azure_environment == 'prod'
        run: |
          STAGING_REGISTRY_ID="/subscriptions/${{ vars.STAGING_SUBSCRIPTION_ID }}/resourceGroups/${{ env.UNIQUE_PREFIX }}-stage-global/providers/Microsoft.ContainerRegistry/registries/${{ env.UNIQUE_PREFIX }}stage"

          az acr import \
            --name ${{ env.UNIQUE_PREFIX }}${{ env.ENVIRONMENT }} \
            --source ${{ inputs.image_name }}:${{ inputs.version }} \
            --image ${{ inputs.image_name }}:${{ inputs.version }} \
            --registry "$STAGING_REGISTRY_ID" \
            --force

      # For staging, build and push the image
      - name: Setup Docker Buildx
        if: inputs.azure_environment == 'stage'
        uses: docker/setup-buildx-action@v4

      - name: Build and Push Container Image
        if: inputs.azure_environment == 'stage'
        working-directory: ${{ inputs.docker_context }}
        run: |
          docker buildx create --use
          docker buildx build \
            --platform linux/amd64,linux/arm64 \
            --build-arg VERSION=${{ inputs.version }} \
            -t ${{ env.UNIQUE_PREFIX }}${{ env.ENVIRONMENT }}.azurecr.io/${{ inputs.image_name }}:${{ inputs.version }} \
            -f ${{ inputs.docker_file }} \
            --push .
          docker buildx rm

      - name: Deploy Container
        run: |
          CLUSTER_RESOURCE_GROUP_NAME="${{ env.UNIQUE_PREFIX }}-${{ env.ENVIRONMENT }}-${{ env.CLUSTER_LOCATION_ACRONYM }}"
          SUFFIX=$(echo "${{ inputs.version }}" | sed 's/\./-/g')
          az containerapp update --name ${{ inputs.image_name }} --resource-group "$CLUSTER_RESOURCE_GROUP_NAME" --image "${{ env.UNIQUE_PREFIX }}${{ env.ENVIRONMENT }}.azurecr.io/${{ inputs.image_name }}:${{ inputs.version }}" --revision-suffix $SUFFIX

          echo "Waiting for the new revision to be active..."
          for i in {1..10}; do
            sleep 15

            RUNNING_STATUS=$(az containerapp revision list --name ${{ inputs.image_name }} --resource-group "$CLUSTER_RESOURCE_GROUP_NAME" --query "[?contains(name, '$SUFFIX')].properties.runningState" --output tsv)
            HEALTH_STATUS=$(az containerapp revision list --name ${{ inputs.image_name }} --resource-group "$CLUSTER_RESOURCE_GROUP_NAME" --query "[?contains(name, '$SUFFIX')].properties.healthState" --output tsv)
            if [[ "$HEALTH_STATUS" == "Healthy" ]]; then
              echo "New revision is healthy. Running state: $RUNNING_STATUS"
              exit 0
            fi
            if [[ "$HEALTH_STATUS" == "Unhealthy" ]]; then
              echo "New revision is Unhealthy. Running state: $RUNNING_STATUS"
              exit 1
            fi

            echo "($i) Waiting for revision to become active. Running state: $RUNNING_STATUS"
          done
          echo "New revision did not become active in time. Running state: $RUNNING_STATUS"
          exit 1