Update devcontainer configuration: change base image to use devcontai… #4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CD | ||
| concurrency: | ||
| group: production | ||
| cancel-in-progress: true | ||
| on: | ||
| workflow_dispatch: | ||
| inputs: | ||
| image_tag: | ||
| description: "The tag of the Docker image to deploy" | ||
| required: true | ||
| type: string | ||
| workflow_call: | ||
| inputs: | ||
| image_tag: | ||
| required: true | ||
| type: string | ||
| debug: | ||
| required: false | ||
| type: string | ||
| default: 'false' | ||
| env: | ||
| RESOURCE_GROUP: "tsvi-rg" | ||
| CONTAINER_REGISTRY: "ghcr.io/octodemo/dotnet-razor-pages-movie" | ||
| jobs: | ||
| provision-environment-for-qa: | ||
| permissions: | ||
| actions: read | ||
| id-token: write # This is required for requesting the JWT | ||
| contents: read # This is required for actions/checkout | ||
| issues: write | ||
| runs-on: ubuntu-latest | ||
| environment: STAGE | ||
| needs: [automated-ui-tests] | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/[email protected] | ||
| - name: 'Az CLI Login via OIDC' | ||
| uses: azure/[email protected] | ||
| with: | ||
| client-id: ${{ secrets.AZURE_CLIENT_ID }} | ||
| tenant-id: ${{ secrets.AZURE_TENANT_ID }} | ||
| subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | ||
| - name: Deploy the Azure App - Including DB Migrations [STAGING ENVIRONMENT] | ||
| uses: hashicorp/[email protected] | ||
| - name: Terraform Commands | ||
| run: | | ||
| terraform init | ||
| terraform validate | ||
| terraform plan -out=tfplan -var 'sql_admin_password=${{ secrets.SA_PASSWORD }}' -var 'image_tag=${{ inputs.image_tag }}' | ||
| terraform apply -auto-approve tfplan | ||
| working-directory: ./terraform/staging | ||
| env: | ||
| ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} | ||
| ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | ||
| ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} | ||
| ARM_USE_OIDC: true | ||
| - name: Capture Terraform Outputs | ||
| id: capture_outputs | ||
| run: | | ||
| echo "CONTAINER_APP_URL=$(terraform output -raw container_app_url)" >> $GITHUB_ENV | ||
| working-directory: ./terraform/staging | ||
| env: | ||
| ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} | ||
| ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | ||
| ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} | ||
| ARM_USE_OIDC: true | ||
| - name: Upload Teraaform State and files | ||
| uses: actions/[email protected] | ||
| with: | ||
| name: terraform-state | ||
| path: ./terraform/staging/ | ||
| - name: Generate Artifact URL | ||
| id: generate_artifact_url | ||
| run: | | ||
| ARTIFACT_ID=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" https://api.github.com/repos/${{ github.repository }}/actions/runs/${{ github.run_id }}/artifacts | jq -r '.artifacts[] | select(.name=="terraform-state") | .id') | ||
| echo "ARTIFACT_ID=$ARTIFACT_ID" >> $GITHUB_ENV | ||
| echo "ARTIFACT_URL=https://github.com/octodemo/dotnet-razor-pages-movie/actions/runs/${{ github.run_id }}/artifacts/${ARTIFACT_ID}" >> $GITHUB_ENV | ||
| # Open an issue and notify QA that the staging environment is ready for testing | ||
| - name: Create Issue | ||
| uses: actions/[email protected] | ||
| with: | ||
| script: | | ||
| const issueTemplate = ` | ||
| ### 🚀 Staging Environment Ready for Testing 🚀 | ||
| The staging environment is ready for testing. Please verify that the following items are working as expected: | ||
| - [ ] ✅ The staging environment is up and running | ||
| - [ ] 🌐 The staging environment is accessible | ||
| - [ ] 🏷️ The staging environment is using the correct image tag | ||
| - [ ] 📊 The staging environment is using the correct database schema | ||
| **Additional Information:** | ||
| - **Image Tag:** 🐳 [Docker Image](https://github.com/octodemo/dotnet-razor-pages-movie/pkgs/container/dotnet-razor-pages-movie) tag: \`${process.env.IMAGE_TAG}\` | ||
| - **App Server URL:** 🔗 https://${process.env.CONTAINER_APP_URL} | ||
| - **Terraform IaC files:** | ||
| - **Artifact ID:** \`${process.env.ARTIFACT_ID}\` | ||
| - **Artifact URL:** [📁 Download](${process.env.ARTIFACT_URL}) | ||
| `; | ||
| github.rest.issues.create({ | ||
| owner: context.repo.owner, | ||
| repo: context.repo.repo, | ||
| title: "Staging Environment Ready for Testing", | ||
| body: issueTemplate, | ||
| labels: ["staging", "ready-for-testing"], | ||
| assignees: ["tsviz"] | ||
| }); | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| IMAGE_TAG: ${{ inputs.image_tag }} | ||
| CONTAINER_APP_URL: ${{ env.CONTAINER_APP_URL }} | ||
| ARTIFACT_ID: ${{ env.ARTIFACT_ID }} | ||
| automated-ui-tests: | ||
| permissions: | ||
| actions: read | ||
| id-token: write # This is required for requesting the JWT | ||
| contents: read # This is required for actions/checkout | ||
| issues: write | ||
| runs-on: ubuntu-latest | ||
| environment: STAGE | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/[email protected] | ||
| - name: Set environment variables | ||
| run: | | ||
| export SA_PASSWORD='YourStrong!Passw0rd' | ||
| export ConnectionStrings__RazorPagesMovieContext='Server=sqlserver,1433;Database=RazorPagesMovieContext;User ID=sa;Password=YourStrong!Passw0rd;' | ||
| export ASPNETCORE_URLS="http://0.0.0.0:5000" | ||
| export TAG="132" | ||
| - name: Run Docker Compose | ||
| run: docker compose up -d --build webapp | ||
| - name: Run UI acceptance tests | ||
| run: | | ||
| echo -e "\033[0;32mdotnet clean RazorPagesMovie.UITests/RazorPagesMovie.UITests.csproj\033[0m" | ||
| dotnet restore RazorPagesMovie.UITests/RazorPagesMovie.UITests.csproj | ||
| echo -e "\033[0;32mWaiting for the web application to start...\033[0m" | ||
| sleep 20 | ||
| echo -e "\033[0;32mdotnet test RazorPagesMovie.UITests/RazorPagesMovie.UITests.csproj --logger \"console;verbosity=detailed\"\033[0m" | ||
| dotnet test RazorPagesMovie.UITests/RazorPagesMovie.UITests.csproj --logger "console;verbosity=detailed" | ||
| production: | ||
| permissions: | ||
| actions: read | ||
| id-token: write # This is required for requesting the JWT | ||
| contents: write # This is required for actions/checkout and the create-release action | ||
| runs-on: ubuntu-latest | ||
| environment: | ||
| name: PROD | ||
| url: https://tsvi-demo-movie.salmontree-a9d9695c.eastus.azurecontainerapps.io | ||
| needs: [provision-environment-for-qa, automated-ui-tests] | ||
| if: github.ref == 'refs/heads/main' | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/[email protected] | ||
| - name: 'Az CLI Login via OIDC' | ||
| uses: azure/[email protected] | ||
| with: | ||
| client-id: ${{ secrets.AZURE_CLIENT_ID }} | ||
| tenant-id: ${{ secrets.AZURE_TENANT_ID }} | ||
| subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | ||
| - name: Deploy the Azure App - Including DB Migrations [PRODUCTION ENVIRONMENT] | ||
| uses: hashicorp/[email protected] | ||
| - name: Terraform Commands | ||
| run: | | ||
| terraform init | ||
| terraform validate | ||
| terraform plan -out=tfplan -var 'sql_admin_password=${{ secrets.SA_PASSWORD }}' -var 'image_tag=${{ inputs.image_tag }}' | ||
| terraform apply -auto-approve tfplan | ||
| working-directory: ./terraform/production | ||
| env: | ||
| ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} | ||
| ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | ||
| ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} | ||
| ARM_USE_OIDC: true | ||
| - name: Upload Teraaform State and files | ||
| uses: actions/[email protected] | ||
| with: | ||
| name: terraform-state-prod | ||
| path: ./terraform/production/ | ||
| - name: Generate Artifact URL | ||
| id: generate_artifact_url | ||
| run: | | ||
| ARTIFACT_ID=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" https://api.github.com/repos/${{ github.repository }}/actions/runs/${{ github.run_id }}/artifacts | jq -r '.artifacts[] | select(.name=="terraform-state-prod") | .id') | ||
| echo "ARTIFACT_ID=$ARTIFACT_ID" >> $GITHUB_ENV | ||
| echo "ARTIFACT_URL=https://github.com/octodemo/dotnet-razor-pages-movie/actions/runs/${{ github.run_id }}/artifacts/${ARTIFACT_ID}" >> $GITHUB_ENV | ||
| - name: Capture Terraform Output | ||
| id: output | ||
| run: echo "CONTAINER_APP_URL=$(terraform output -raw container_app_url)" >> $GITHUB_ENV | ||
| working-directory: ./terraform/production | ||
| env: | ||
| ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} | ||
| ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | ||
| ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} | ||
| ARM_USE_OIDC: true | ||
| - name: Create GitHub Release | ||
| id: create_release | ||
| uses: ncipollo/[email protected] | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| IMAGE_TAG: ${{ inputs.image_tag }} | ||
| CONTAINER_APP_URL: ${{ env.CONTAINER_APP_URL }} | ||
| ARTIFACT_ID: ${{ env.ARTIFACT_ID }} | ||
| ARTIFACT_URL: ${{ env.ARTIFACT_URL }} | ||
| with: | ||
| tag: ${{ inputs.image_tag }} | ||
| body: | | ||
| 🎉 **Production Environment Deployed!** 🎉 | ||
| 🚀 **Version:** ${{ inputs.image_tag }} | ||
| The production environment has been successfully deployed! Please join us in celebrating this milestone. Here are the details of the deployment: | ||
| **Additional Information:** | ||
| - **App Server URL:** https://${{ env.CONTAINER_APP_URL }} | ||
| 🎊 Thank you to everyone who contributed to this release! Let's keep up the great work! 🎊 | ||
