Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

@cormacpayne,how to pass the env variable from github action pipeline #58

Open
sumanmanjhi28 opened this issue Sep 15, 2023 · 0 comments

Comments

@sumanmanjhi28
Copy link

how to pass the env variable from github action pipeline
config.yaml

location: centralus
name: ${{ env.CONTAINER_APP }}
resourceGroup: $NEW_ACR_RESOURCE_GROUP
type: Microsoft.App/containerApps
properties:
managedEnvironmentId: /subscriptions/${{ env.AZURE_SUBSCRIPTION_ID }}/resourceGroups/$NEW_ACR_RESOURCE_GROUP/providers/Microsoft.App/managedEnvironments/${{ env.CONTAINER_APP_ENV }}
configuration:
activeRevisionsMode: Single
ingress:
external: true
allowInsecure: false
targetPort: 80
traffic:
- latestRevision: true
weight: 100
transport: Auto
registries:
- passwordSecretRef: ${{ secrets.CONTAINERPASSWORD }}
server: ${{ env.registryuri }}
username: ${{ secrets.CONTAINERUSERNAME }}
template:
revisionSuffix: ""
containers:
- image: $imageToBuild
name: ${{ env.IMAGE_NAME }}
env:
- name: HTTP_PORT
value: 80
- name: queue_name
value: abc
resources:
cpu: 0.5
memory: 1Gi
ephemeralStorage: 2Gi
scale:
maxReplicas: 10
minReplicas: null
rules: null

github action.yaml

name: IDR Soar Pipeline
on:
workflow_dispatch:
push:
branches:
- main
tags:
- test-*
- demo-*
pull_request:
types: [opened, synchronize, reopened]
branches:
- main
#concurrency:

group: ${{ github.workflow }}-${{ github.event_name }}

env:
REGISTRY: abh
IMAGE_NAME: idrsoaragent
ACR_RESOURCE_GROUP: -data-recommender
ACR_NAME: new
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_NONPROD_SUBSCRIPTION_ID }}
CONTAINER_APP: api

jobs:
#codeql:

uses: ./.github/workflows/codeql-analysis.yml

#sonar:

uses: ./.github/workflows/sonar_setup.yml

secrets:

SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

build:
runs-on: [ self-hosted ]

needs: [codeql, sonar]

name: docker build-push-deploy
steps:
  - uses: actions/checkout@v3
  - id: env_setup
    run: |
      chmod +x ./env_setup.sh
      ./env_setup.sh ${{ github.event_name }} ${{ github.ref_type }} ${{ github.ref_name }}

  - uses: actions/checkout@v3

  - name: Create pip.conf
    run: |
      mkdir -p ~/.config/pip/
      sudo chmod -R 750 ~/.config/pip/
      cat <<EOF | sudo tee ~/.config/pip/pip.conf
      [global]
      index = https://repo1.uhc.com/artifactory/api/pypi/pypi-virtual
      index-url = https://repo1.uhc.com/artifactory/api/pypi/pypi-virtual/simple
      EOF

  - uses: actions/setup-python@v4
    with:
      python-version: '3.10'

  - name: Install dependencies
    run: |
      pip install --upgrade pip
      pip install pylint

  #- name: Run Pylint
  #  run: pylint ${{ github.workspace }}/src

  - name: Azure Login
    uses: azure/login@v1
    with:
      creds: ${{ secrets.AZURE_CREDENTIALS }}

  - name: Set new env variable
    id: set_vars_pr
    run: |
      registryuri="abx.azurecr.io"
      NEW_ACR_RESOURCE_GROUP="$ACR_RESOURCE_GROUP-centralus-${{ steps.env_setup.outputs.build_env }}"
      NEW_IMAGE_NAME=${{ env.IMAGE_NAME }}
      NEW_ACR_NAME=${{ env.ACR_NAME }}
      keyvault="idr-vault-${{ steps.env_setup.outputs.build_env }}-6bc2d247"
      container_app="api-${{ steps.env_setup.outputs.build_env }}"
      echo "registryuri=$registryuri"  >>$GITHUB_ENV
      echo "NEW_ACR_RESOURCE_GROUP=$NEW_ACR_RESOURCE_GROUP"  >>$GITHUB_ENV
      echo "NEW_IMAGE_NAME=$NEW_IMAGE_NAME"  >>$GITHUB_ENV
      echo "NEW_ACR_NAME=$NEW_ACR_NAME"  >>$GITHUB_ENV
      echo "keyvault=$keyvault"  >>$GITHUB_ENV
      echo "container_app=$container_app"  >>$GITHUB_ENV

  - name: Azure ClI script
    id: step_one_pr
    uses: azure/CLI@v1
    with:
      InlineScript: |
        echo secret= $(az keyvault secret show --vault-name $keyvault --name SERVICEBUS-KEY --query value)>> $GITHUB_ENV
        VAULT_NAME=$keyvault
        echo VAULT_ENDPOINT=$(az keyvault show --name $VAULT_NAME --query "properties.vaultUri" -o tsv)>> $GITHUB_ENV
        echo VAULT_ENDPOINT=$(az keyvault show --name $VAULT_NAME --query "properties.vaultUri" -o tsv)>> $GITHUB_ENV
        echo ${{ github.sha }}

  - name: config setup and docker build/push to dev env
    env:
      BUILD_ARGS: |
        --build-arg VAULT_ENDPOINT=${{ env.VAULT_ENDPOINT }}
        --build-arg AZURE_CLIENT_ID=${{secrets.AZURE_CLIENT_ID}}
        --build-arg AZURE_CLIENT_SECRET=${{secrets.AZURE_CLIENT_SECRET}}
        --build-arg AZURE_TENANT_ID=${{secrets.AZURE_TENANT_ID}}
    run: |
      docker_filepath="./src/agent/Dockerfile"
      context_path="./src/agent"
      date=$(date +%Y%m%d%H%M%S)
      docker build -f $docker_filepath -t $registryuri/$NEW_IMAGE_NAME:${{ steps.env_setup.outputs.build_tag }} $context_path $BUILD_ARGS
      az acr login --name $NEW_ACR_NAME --resource-group $ACR_RESOURCE_GROUP
      docker push $registryuri/$NEW_IMAGE_NAME:${{ steps.env_setup.outputs.build_tag }}
   #   az containerapp update -n $container_app -g $NEW_ACR_RESOURCE_GROUP --image $registryuri/$NEW_IMAGE_NAME:${{ steps.env_setup.outputs.build_tag }}

  - name: Build and deploy Container App
    uses: azure/container-apps-deploy-action@v1
    with:
      appSourcePath: ${{ github.workspace }}/src/soar_agent
      acrName: abc
      registryuri: $registryuri
      acrUsername: ${{ secrets.CONTAINERUSERNAME }}
      acrPassword: ${{ secrets.CONTAINERPASSWORD }}
      containerAppName: apps
      resourceGroup: $NEW_ACR_RESOURCE_GROUP
      containerAppEnvironment: idr-cae-centralus-${{ steps.env_setup.outputs.build_env }}
      imageToBuild: $registryuri/$NEW_IMAGE_NAME:${{ steps.env_setup.outputs.build_tag }}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant