aks-baseline-automation/.github/workflows/App-AzureVote-BuildOnACR.yml

# This workflow demonstrates ACR building and storing a container image, and deploying to Kubernetes
# It is split into separate jobs for readability but could be squashed into a single job if that best suits your scenario
name: App Deploy Azure Vote - BuildOnACR

on:
  workflow_call:
    inputs:
      RG:
        description: 'The Resource Group where your resources are deployed'
        required: true
        type: string
      AKSNAME:
        description: 'The Name of the AKS resource'
        required: true
        type: string
      ACRNAME:
        description: 'The Name of the ACR resource'
        required: true
        type: string
      APPNAME:
        description: 'The Name of the Application to deploy'
        required: true
        type: string
      NAMESPACE:
        description: 'The Kubernetes Namespace to deploy the Application to'
        default: "default"
        required: false
        type: string
      APPREPO:
        description: 'The GitHub App code repo'
        default: "azure-samples/azure-voting-app-redis"
        required: false
        type: string
      APPREPOREF:
        description: 'The GitHub REF to use when referencing the App code repo'
        default: "129888"
        required: false
        type: string
      APPREPOPATH:
        description: 'The directory in the repo containing the Dockerfile'
        default: "./azure-vote"
        required: false
        type: string
      ENVIRONMENT:
        description: 'A GitHub Environment to pull action secrets from'
        required: true
        type: environment

    secrets:
      AZURE_CLIENT_ID:
        required: true
      AZURE_TENANT_ID:
        required: true
      AZURE_SUBSCRIPTION_ID:
        required: true

permissions:
      id-token: write
      contents: read

jobs:
  BuildPush:
    runs-on: ubuntu-latest
    environment: ${{ inputs.ENVIRONMENT }}
    env:
      APPNAME: "${{ inputs.APPNAME }}"
      ACRNAME: "${{ inputs.ACRNAME}}"
      RG: "${{ inputs.RG }}"

    steps:
      - name: Get application code from repo
        uses: actions/checkout@v2
        with:
          repository: ${{ inputs.APPREPO}}
          ref: ${{ inputs.APPREPOREF}}

      - name: Job parameter inspection
        run: |
          echo "RG is ${{ inputs.RG }}"
          echo "AKS name is ${{ inputs.AKSNAME }}"          

      - name: Azure Login
        uses: Azure/login@v1.4.3
        with:
          client-id: ${{ secrets.AZURE_CLIENT_ID }}
          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}

      - name: Debugging
        run: |
          echo "Debugging"
          az acr list          

      - name: ACR build
        id: acrbuild
        env:
          ACRSERVER: "${{ env.ACRNAME }}.azurecr.io"
          APPREPOPATH: "${{ inputs.APPREPOPATH}}"
          IMAGEREPO: "${{ inputs.APPNAME }}"
        run: |
          echo "Verifying directory contents in repo path $APPREPOPATH"
          ls $APPREPOPATH

          echo "Downcasing $ACRSERVER for valid repository name"
          REPOSITORY=$(echo $ACRSERVER | tr '[:upper:]' '[:lower:]')

          echo "Requesting ACR build on $ACRSERVER for image $IMAGEREPO:${{ github.sha }}"
          az acr build -t $REPOSITORY/$IMAGEREPO:${{ github.sha }} -r $ACRNAME $APPREPOPATH/.          

  Deploy:
    runs-on: ubuntu-latest
    environment: ${{ inputs.ENVIRONMENT }}
    needs: [BuildPush]
    env:
      APPNAME: "${{ inputs.APPNAME }}"
      NAMESP: "${{ inputs.NAMESPACE }}"
      AKSNAME: "${{ inputs.AKSNAME}}"
      ACRNAME: "${{ inputs.ACRNAME}}"
      RG: "${{ inputs.RG }}"

    steps:
      - name: Get application k8s manifests from repo
        uses: actions/checkout@v2

      - name: Azure Login
        uses: Azure/login@v1.4.3
        with:
          client-id: ${{ secrets.AZURE_CLIENT_ID }}
          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}

      - name: Install Kubectl
        uses: azure/setup-kubectl@v3.0
        with:
            version: 'latest'

      - name: Set the target Azure Kubernetes Service (AKS) cluster.
        uses: azure/aks-set-context@v2.0
        with:
          cluster-name: ${{ inputs.AKSNAME }}
          resource-group: ${{ inputs.RG }}

      #It's not clear why aks-set-context isn't doing a kubelogin.... but hey ho...
      - name: Kubelogin
        env:
          kubeloginversion: 'v0.0.11'
        run: |
          wget https://github.com/Azure/kubelogin/releases/download/${{ env.kubeloginversion }}/kubelogin-linux-amd64.zip
          unzip kubelogin-linux-amd64.zip
          sudo mv bin/linux_amd64/kubelogin /usr/bin
          kubelogin convert-kubeconfig -l azurecli          

      - name: Deploy app to AKS
        uses: azure/k8s-deploy@v1.5
        env:
          ACRNAME: "${{ inputs.ACRNAME}}"
        with:
          manifests: |
            workloads/azure-vote/back-deployment.yml
            workloads/azure-vote/back-service.yml
            workloads/azure-vote/front-deployment.yml
            workloads/azure-vote/front-service.yml
            workloads/azure-vote/ingress.yml
            workloads/azure-vote/networkpolicy.yml            
          images: |
            ${{ env.ACRNAME }}.azurecr.io/azure-vote-front:${{ github.sha }}            
          namespace: ${{ inputs.NAMESPACE }}
          action: deploy