v0.4.5 #22
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Release Microservices | |
on: | |
release: | |
types: | |
- "released" | |
branches: [main] | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.head_ref || github.sha }}-release | |
cancel-in-progress: true | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
environment: production | |
strategy: | |
matrix: | |
app: [advertisements, accounts, messages, gateway] | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Azure Login | |
uses: azure/login@v1 | |
with: | |
creds: ${{ secrets.AZURE_CREDENTIALS }} | |
enable-AzPSSession: true | |
- name: Build image on ACR | |
uses: azure/CLI@v1 | |
with: | |
inlineScript: | | |
az configure --defaults acr=${{ vars.AZURE_CONTAINER_REGISTRY }} | |
az acr build -t ${{ vars.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ vars.AZURE_PROJECT_NAME }}-${{ matrix.app }}:${{ github.event.release.tag_name }} -r ${{ vars.AZURE_CONTAINER_REGISTRY }} ./apps/${{ matrix.app }}/ | |
deploy: | |
needs: build | |
runs-on: ubuntu-latest | |
environment: production | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Azure Login | |
uses: azure/login@v1 | |
with: | |
creds: ${{ secrets.AZURE_CREDENTIALS }} | |
- name: Gets K8s context | |
id: context | |
uses: azure/aks-set-context@v3 | |
with: | |
resource-group: ${{ vars.AZURE_RESOURCE_GROUP }} | |
cluster-name: ${{ vars.AZURE_CLUSTER_NAME }} | |
- name: "Ensure app routing" | |
continue-on-error: true | |
run: az aks approuting enable -g ${{ vars.AZURE_RESOURCE_GROUP }} -n ${{ vars.AZURE_CLUSTER_NAME }} | |
- name: Delete auth secrets | |
continue-on-error: true | |
run: kubectl delete secret auth-secrets | |
- name: Delete gateway secrets | |
continue-on-error: true | |
run: kubectl delete secret gateway-secrets | |
- name: Delete accounts secrets | |
continue-on-error: true | |
run: kubectl delete secret account-service-secrets | |
- name: Delete advertisements secrets | |
continue-on-error: true | |
run: kubectl delete secret advertisement-service-secrets | |
- name: Delete messages secrets | |
continue-on-error: true | |
run: kubectl delete secret messaging-service-secrets | |
- name: Set secrets | |
run: | | |
kubectl create secret generic auth-secrets \ | |
--from-literal=AUTH_AUDIENCE="${{ vars.BACKEND_URL }}" \ | |
--from-literal=AUTH_ISSUER_URL="${{ vars.AUTH_ISSUER_URL }}" | |
kubectl create secret generic gateway-secrets \ | |
--from-literal=ALLOWED_ORIGIN="${{ vars.FRONTEND_URL }}" | |
kubectl create secret generic account-service-secrets \ | |
--from-literal=DATABASE_USER="${{ secrets.DB_ADMIN_USER }}@${{ vars.ACCOUNTS_AZURE_DB_NAME }}" \ | |
--from-literal=DATABASE_PASSWORD="${{ secrets.DB_ADMIN_PASSWORD }}" \ | |
--from-literal=DATABASE_HOST="${{ vars.ACCOUNTS_AZURE_DB_NAME }}.mysql.database.azure.com" \ | |
--from-literal=DATABASE_PORT="3306" \ | |
--from-literal=DATABASE_NAME="accounts" | |
kubectl create secret generic advertisement-service-secrets \ | |
--from-literal=DATABASE_USER="${{ secrets.DB_ADMIN_USER }}@${{ vars.ADVERTISEMENTS_AZURE_DB_NAME }}" \ | |
--from-literal=DATABASE_PASSWORD="${{ secrets.DB_ADMIN_PASSWORD }}" \ | |
--from-literal=DATABASE_HOST="${{ vars.ADVERTISEMENTS_AZURE_DB_NAME }}.mysql.database.azure.com" \ | |
--from-literal=DATABASE_PORT="3306" \ | |
--from-literal=DATABASE_NAME="advertisements" \ | |
--from-literal=STORAGE_DRIVER="azure" \ | |
--from-literal=STORAGE_AZURE_CONNECTION_STRING="$(az storage account show-connection-string --name ${{ vars.ADVERTISEMENTS_AZURE_STORAGE_ACCOUNT }} -o tsv)" | |
kubectl create secret generic messaging-service-secrets \ | |
--from-literal=DATABASE_USER="${{ secrets.DB_ADMIN_USER }}@${{ vars.MESSAGES_AZURE_DB_NAME }}" \ | |
--from-literal=DATABASE_PASSWORD="${{ secrets.DB_ADMIN_PASSWORD }}" \ | |
--from-literal=DATABASE_HOST="${{ vars.MESSAGES_AZURE_DB_NAME }}.mysql.database.azure.com" \ | |
--from-literal=DATABASE_PORT="3306" \ | |
--from-literal=DATABASE_NAME="messages" \ | |
--from-literal=STORAGE_DRIVER="azure" \ | |
--from-literal=STORAGE_AZURE_CONNECTION_STRING="$(az storage account show-connection-string --name ${{ vars.MESSAGES_AZURE_STORAGE_ACCOUNT }} -o tsv)" | |
- name: Deploys application | |
uses: Azure/k8s-deploy@v4 | |
with: | |
manifests: | | |
k8s/azure-gateway-ingress.yml | |
k8s/gateway-deployment.yml | |
k8s/account-deployment.yml | |
k8s/advertisement-deployment.yml | |
k8s/message-queue-deployment.yml | |
images: | | |
${{ vars.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ vars.AZURE_PROJECT_NAME }}-gateway:${{ github.event.release.tag_name }} | |
${{ vars.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ vars.AZURE_PROJECT_NAME }}-accounts:${{ github.event.release.tag_name }} | |
${{ vars.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ vars.AZURE_PROJECT_NAME }}-advertisements:${{ github.event.release.tag_name }} | |
imagepullsecrets: | | |
${{ vars.PROJECT_NAME }} | |
- name: "Install azure-frontdoor extension" | |
run: az extension add --name front-door | |
- name: "Set api ip-address" | |
run: | | |
echo "AKS_IP=$(kubectl get ingress gateway-ingress -o json | jq -r .status.loadBalancer.ingress[0].ip)" >> "$GITHUB_ENV" | |
az network front-door backend-pool backend update \ | |
-g squaremarket-group \ | |
-f squaremarket-frontdoor \ | |
--pool-name api \ | |
--index 1 \ | |
--backend-host-header $AKS_IP \ | |
--address $AKS_IP |