37677d1d7c
Update the usage instructions to provide a sample json fragment for service principal to be used in GitHub secrets |
||
|---|---|---|
| .github | ||
| action-modules | ||
| aks-set-context | ||
| docker-login | ||
| docker-logout | ||
| k8s-create-secret | ||
| k8s-deploy | ||
| k8s-set-context | ||
| node_modules | ||
| setup-kubectl | ||
| .gitignore | ||
| CODE_OF_CONDUCT.md | ||
| LICENSE | ||
| README.md | ||
| package-lock.json | ||
| package.json | ||
README.md
GitHub Actions for Azure Kubernetes service or any generic Kubernetes cluster
GitHub Actions gives you the flexibility to build an automated software development lifecycle workflow.
A set of GitHub Actions for deploying to a Kubernetes cluster, including Azure Kubernetes service (AKS) and any generic Kubernetes cluster.
Get started today with a free Azure account!
The repository contains the following GitHub Actions:
- k8s-set-context: Used for setting the target K8s cluster context by providing kubeconfig or service account details
- aks-set-context: Used for setting the target AKS cluster context by providing Azure subscription details
- k8s-create-secret : Create a generic secret or docker-registry secret in Kubernetes cluster.
- K8s-deploy: Deploy manifest action for Kubernetes to bake and deploy manifests to a Kubernetes cluster.
- setup-kubectl: Install a specific version of kubectl binary on runner
The container-actions contains:
- docker-login : Actions to log in to a private container registry such as Azure Container registry. Once login is done, the next set of Actions in the workflow can perform tasks such as building, tagging and pushing containers.
The docker-login Actions in this repository (k8s-actions) will be deleted in the near future. Please use the Docker Actions from container-actions.
Azure Actions repository has a list of all the GitHub Actions for Azure.
Usage
Usage information for individual actions can be found in their respective directories.
For any credential like Azure Service Principal, Kubeconfig, add them as secrets in the GitHub repository and then use them in the workflow.
In the above example the secret name is REGISTRY_USERNAME and REGISTRY_PASSWORD and it can be used in the workflow by using the following syntax:
container-registry-username: ${{ secrets.REGISTRY_USERNAME }}
To use an Azure Service Principal, create a secret called AZURE_CREDENTIALS that contains:
{
"tenantId": "<yourtenantid>",
"clientId": "<yourclientid>",
"clientSecret": "<yourclientsecret>",
"subscriptionId": "<yoursubscriptionid>"
}
End to end workflow for building container images and deploying to an Azure Kubernetes Service cluster
on: [push]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@master
- uses: azure/container-actions/docker-login@master
with:
login-server: contoso.azurecr.io
username: ${{ secrets.REGISTRY_USERNAME }}
password: ${{ secrets.REGISTRY_PASSWORD }}
- run: |
docker build . -t contoso.azurecr.io/k8sdemo:${{ github.sha }}
docker push contoso.azurecr.io/k8sdemo:${{ github.sha }}
# Set the target AKS cluster.
- uses: azure/k8s-actions/aks-set-context@master
with:
creds: '${{ secrets.AZURE_CREDENTIALS }}'
cluster-name: contoso
resource-group: contoso-rg
- uses: azure/k8s-actions/k8s-create-secret@master
with:
container-registry-url: contoso.azurecr.io
container-registry-username: ${{ secrets.REGISTRY_USERNAME }}
container-registry-password: ${{ secrets.REGISTRY_PASSWORD }}
secret-name: demo-k8s-secret
- uses: azure/k8s-actions/k8s-deploy@master
with:
manifests: |
manifests/deployment.yml
manifests/service.yml
images: |
contoso.azurecr.io/k8sdemo:${{ github.sha }}
imagepullsecrets: |
demo-k8s-secret
End to end workflow for building container images and deploying to a generic Kubernetes cluster
on: [push]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@master
- uses: azure/container-actions/docker-login@master
with:
login-server: contoso.azurecr.io
username: ${{ secrets.REGISTRY_USERNAME }}
password: ${{ secrets.REGISTRY_PASSWORD }}
- run: |
docker build . -t contoso.azurecr.io/k8sdemo:${{ github.sha }}
docker push contoso.azurecr.io/k8sdemo:${{ github.sha }}
- uses: azure/k8s-actions/k8s-set-context@master
with:
kubeconfig: ${{ secrets.KUBE_CONFIG }}
- uses: azure/k8s-actions/k8s-create-secret@master
with:
container-registry-url: contoso.azurecr.io
container-registry-username: ${{ secrets.REGISTRY_USERNAME }}
container-registry-password: ${{ secrets.REGISTRY_PASSWORD }}
secret-name: demo-k8s-secret
- uses: azure/k8s-actions/k8s-deploy@master
with:
manifests: |
manifests/deployment.yml
manifests/service.yml
images: |
contoso.azurecr.io/k8sdemo:${{ github.sha }}
imagepullsecrets: |
demo-k8s-secret
Contributing
This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.
When you submit a pull request, a CLA bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.