Kustomization/config-supermarket-pos-contosopos.contoso-supermarket #2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Promote-to-production | |
on: | |
repository_dispatch: | |
types: | |
- Kustomization/config-supermarket-pos-contosopos.contoso-supermarket | |
permissions: | |
contents: write | |
pull-requests: write | |
jobs: | |
promote-to-production: | |
runs-on: ubuntu-latest | |
if: | | |
github.event.client_payload.metadata.summary == 'env=canary' && github.event.client_payload.severity == 'info' && contains(github.event.client_payload.message,'Health check passed') | |
steps: | |
- name: 'Checkout repository' | |
uses: actions/checkout@v4 | |
- name: 'Login to ACR' | |
uses: azure/docker-login@v1 | |
with: | |
login-server: "${{ secrets.ACR_NAME }}.azurecr.io" | |
username: ${{ secrets.SPN_CLIENT_ID }} | |
password: ${{ secrets.SPN_CLIENT_SECRET }} | |
- name: Get latest Canary Image Tag | |
id: latestImageTag | |
env: | |
ACR_NAME: ${{ secrets.ACR_NAME }} | |
namespace: "canary" | |
run: | | |
az login --service-principal --username ${{ secrets.SPN_CLIENT_ID }} --password=${{ secrets.SPN_CLIENT_SECRET }} --tenant ${{ secrets.SPN_TENANT_ID }} | |
LATEST_TAG=$(az acr repository show-tags --name $ACR_NAME --repository $namespace/contoso-supermarket/pos --orderby time_desc --top 1 --output tsv) | |
echo $LATEST_TAG | |
echo "latest_tag=$LATEST_TAG" >> $GITHUB_OUTPUT | |
- name: Get latest Production Image Tag | |
id: prodLatestImageTag | |
env: | |
ACR_NAME: ${{ secrets.ACR_NAME }} | |
namespace: "production" | |
run: | | |
az login --service-principal --username ${{ secrets.SPN_CLIENT_ID }} --password=${{ secrets.SPN_CLIENT_SECRET }} --tenant ${{ secrets.SPN_TENANT_ID }} | |
PROD_LATEST_TAG=$(az acr repository show-tags --name $ACR_NAME --repository $namespace/contoso-supermarket/pos --orderby time_desc --top 1 --output tsv) | |
echo $PROD_LATEST_TAG | |
echo "latest_tag=$PROD_LATEST_TAG" >> $GITHUB_OUTPUT | |
- name: Run integration tests | |
uses: mscoutermarsh/ascii-art-action@master | |
env: | |
latest_tag: ${{ steps.latestImageTag.outputs.latest_tag }} | |
prod_latest_tag: ${{ steps.prodLatestImageTag.outputs.latest_tag }} | |
if: ${{ env.latest_tag != 'v1.0' && env.prod_latest_tag != env.latest_tag}} | |
with: | |
text: 'Integration tests complete!' | |
- name: 'Build and push new images' | |
env: | |
latest_tag: ${{ steps.latestImageTag.outputs.latest_tag }} | |
namespace: "production" | |
prod_latest_tag: ${{ steps.prodLatestImageTag.outputs.latest_tag }} | |
if: ${{ env.latest_tag != 'v1.0' && env.prod_latest_tag != env.latest_tag}} | |
run: | | |
docker build ./contoso_supermarket/developer/pos/src -t "${{ secrets.ACR_NAME }}.azurecr.io/$namespace/contoso-supermarket/pos:$latest_tag" | |
docker push ${{ secrets.ACR_NAME }}.azurecr.io/$namespace/contoso-supermarket/pos:$latest_tag | |
- name: 'Checkout production branch' | |
uses: actions/checkout@v4 | |
env: | |
latest_tag: ${{ steps.latestImageTag.outputs.latest_tag }} | |
prod_latest_tag: ${{ steps.prodLatestImageTag.outputs.latest_tag }} | |
if: ${{ env.latest_tag != 'v1.0' && env.prod_latest_tag != env.latest_tag}} | |
with: | |
ref: 'production' | |
- name: 'Update Image tag on production branch and submit PR' | |
env: | |
latest_tag: ${{ steps.latestImageTag.outputs.latest_tag }} | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
prod_latest_tag: ${{ steps.prodLatestImageTag.outputs.latest_tag }} | |
if: ${{ env.latest_tag != 'v1.0' && env.prod_latest_tag != env.latest_tag}} | |
run: | | |
FILE_PATH=$(find . -name "seattle.yaml") | |
newLine=" image_tag: $latest_tag" | |
if [ ! -z "$FILE_PATH" ]; then | |
sed -i "s/.*image_tag.*/$newLine/" $FILE_PATH | |
else | |
echo "seattle.yaml not found" | |
fi | |
git config --global user.name "GitHub Action" | |
git config --global user.email "[email protected]" | |
newBranch="update-production-image-tag-${latest_tag}" | |
git checkout -b $newBranch production | |
git config pull.rebase false | |
git add --all | |
git commit -m "Update Image Tag on production to $latest_tag" | |
git push --set-upstream origin $newBranch | |
gh pr create --title "Update production Image Tag to $latest_tag" --body "Update production Image Tag to $latest_tag" --base production |