Git Product home page Git Product logo

aci-deploy's Introduction

GitHub Action for deploying to Azure Container Instances

GitHub Actions gives you the flexibility to build an automated software development lifecycle workflow.

You can automate your workflows to deploy to Azure Container Instances using GitHub Actions.

Get started today with a free Azure account!

This repository contains GitHub Action for Deploying to Azure Container Instances to deploy to Azure Container Instances. It supports deploying your container image to an Azure Container Instance.

The definition of this GitHub Action is in action.yml.

End-to-End Sample Workflows

Dependencies on other GitHub Actions

  • Azure Login Login with your Azure Credentials for Authentication. Once login is done, the next set of Azure Actions in the workflow can re-use the same session within the job.

Azure Service Principal for RBAC

For using any credentials like Azure Service Principal in your workflow, add them as secrets in the GitHub Repository and then refer them in the workflow.

  1. Download Azure CLI from here, run az login to login with your Azure Credentials.
  2. Run Azure CLI command to create an Azure Service Principal for RBAC:
    az ad sp create-for-rbac --name "myApp" --role contributor \
                             --scopes /subscriptions/{subscription-id}/resourceGroups/{resource-group} \
                             --sdk-auth
    
    # Replace {subscription-id}, {resource-group} with the subscription, resource group details of the WebApp
    # The command should output a JSON object similar to this:

  {
    "clientId": "<GUID>",
    "clientSecret": "<GUID>",
    "subscriptionId": "<GUID>",
    "tenantId": "<GUID>",
    (...)
  }
  • You can further scope down the Azure Credentials to the Web App using scope attribute. For example,
 az ad sp create-for-rbac --name "myApp" --role contributor \
                          --scopes /subscriptions/{subscription-id}/resourceGroups/{resource-group}/providers/Microsoft.Web/sites/{app-name} \
                          --sdk-auth

# Replace {subscription-id}, {resource-group}, and {app-name} with the names of your subscription, resource group, and Azure Web App.
  1. Paste the json response from above Azure CLI to your GitHub Repository > Settings > Secrets > Add a new secret > AZURE_CREDENTIALS
  2. Now in the workflow file in your branch: .github/workflows/workflow.yml replace the secret in Azure login action with your secret (Refer to the example below)

Build and Deploy a Node.JS App to Azure Container Instances

on: [push]
name: Linux_Container_Workflow

jobs:
    build-and-deploy:
        runs-on: ubuntu-latest
        steps:
        # checkout the repo
        - name: 'Checkout GitHub Action'
          uses: actions/checkout@master
          
        - name: 'Login via Azure CLI'
          uses: azure/login@v1
          with:
            creds: ${{ secrets.AZURE_CREDENTIALS }}
        
        - uses: azure/docker-login@v1
          with:
            login-server: contoso.azurecr.io
            username: ${{ secrets.REGISTRY_USERNAME }}
            password: ${{ secrets.REGISTRY_PASSWORD }}
        - run: |
            docker build .t contoso.azurecr.io/nodejssampleapp:${{ github.sha }}
            docker push contoso.azurecr.io/nodejssampleapp:${{ github.sha }}

        - name: 'Deploy to Azure Container Instances'
          uses: 'azure/aci-deploy@v1'
          with:
            resource-group: contoso
            dns-name-label: url-for-container
            image: contoso.azurecr.io/nodejssampleapp:${{ github.sha }}
            registry-username: ${{ secrets.REGISTRY_USERNAME }}
            registry-password: ${{ secrets.REGISTRY_PASSWORD }}
            name: contoso-container
            location: 'west us'

Example YAML Snippets

Deploying a Container from a public registry

- uses: Azure/aci-deploy@v1
  with:
    resource-group: contoso
    dns-name-label: url-for-container
    image: nginx
    name: contoso-container
    location: 'east us'

Deploying a Container with Volumes (from Azure File Share or GitHub Repositories)

- uses: Azure/aci-deploy@v1
  with:
    resource-group: contoso
    dns-name-label: url-for-container
    image: nginx
    name: contoso-container
    azure-file-volume-share-name: shareName
    azure-file-volume-account-name: accountName
    azure-file-volume-account-key: ${{ secrets.AZURE_FILE_VOLUME_KEY }}
    azure-file-volume-mount-path: /mnt/volume1
    location: 'east us'

Deploying a Container with Environment Variables and Command Line

NOTE: Secure Environment Variables aren't masked by the Action so use them as Secrets if you want to hide them

- uses: Azure/aci-deploy@v1
  with:
    resource-group: contoso
    dns-name-label: url-for-container
    image: nginx
    name: contoso-container
    command-line: /bin/bash a.sh
    environment-variables: key1=value1 key2=value2
    secure-environment-variables: key1=${{ secrets.ENV_VAL1 }} key2=${{ secrets.ENV_VAL2 }}
    location: 'east us'

Contributing

This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.

When you submit a pull request, a CLA bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact [email protected] with any additional questions or comments.

aci-deploy's People

Contributors

mitsha-microsoft avatar microsoftopensource avatar shubham1172 avatar ashishonce avatar yuhattor avatar geverghe avatar ryancole avatar dependabot[bot] avatar microsoft-github-operations[bot] avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.