Implemented preliminary Action which builds and pushes our containeri…

…zed application to Azure Container Registry based on the argument "ANIMALS", which is derived from Azure Key Vault.
hvalfangst · Jan 14, 2024 · 86e3580 · 86e3580
1 parent 615023c
commit 86e3580
Show file tree

Hide file tree

Showing 2 changed files with 56 additions and 3 deletions.
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -0,0 +1,53 @@
+name: Azure CI/CD
+
+on:
+  workflow_dispatch:
+
+permissions:
+  id-token: write
+  contents: read
+
+jobs:
+  build-and-deploy:
+    runs-on: ubuntu-latest
+    environment: production
+    env:
+
+      # Foundation
+      RESOURCE_GROUP: hvalfangstresourcegroup
+      LOCATION: West Europe
+
+      # Azure Container Registry
+      ACR_USERNAME: hvalfangstcontainerregistry
+      CONTAINER_REGISTRY: hvalfangstcontainerregistry.azurecr.io
+      IMAGE_NAME: hvalfangst-zoo
+
+      # Azure Key Vault
+      AZURE_KEYVAULT_NAME: hvalfangstkeyvault
+      ANIMALS: animals-list
+
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Run Azure Login with Service Principal
+        run: |
+          az login --service-principal --username ${{ secrets.AZURE_CLIENT_ID }} --password ${{ secrets.AZURE_CLIENT_SECRET }} --tenant ${{ secrets.AZURE_TENANT_ID }}
+
+      - name: Get Secret from Key Vault
+        id: get_secret
+        run: |
+          echo "value=$(az keyvault secret show --name ${{ env.ANIMALS }} --vault-name ${{ env.AZURE_KEYVAULT_NAME }} --query value -o tsv)" >> $GITHUB_OUTPUT
+
+      - name: Login to Azure Container Registry
+        uses: azure/docker-login@v1
+        with:
+          login-server: ${{ env.CONTAINER_REGISTRY }}
+          username: ${{ env.ACR_USERNAME }}
+          password: ${{ secrets.ACR_PASSWORD }}
+
+      - name: Build and push Docker image
+        run: |
+          docker build -t ${{ env.CONTAINER_REGISTRY }}/${{ env.IMAGE_NAME }}:latest --build-arg ANIMALS="${{steps.get_secret.outputs.value}}" .
+          docker push ${{ env.CONTAINER_REGISTRY }}/${{ env.IMAGE_NAME }}:latest
diff --git a/Dockerfile b/Dockerfile
@@ -10,11 +10,11 @@ COPY .. .
 # Change directory to the location of our newly copied python codebase
 WORKDIR /app/python
 
-## Define a build argument for the environment variable
-#ARG ACCESS_KEY
+# Define a build argument for the environment variable
+ARG ANIMALS
 
 # Set the environment variable with the build argument
-ENV ANIMALS="panda=Fluffy,lion=Leo,bear=Ursa,peguin=Gyss"
+ENV ANIMALS=$ANIMALS
 
 # Install all the dependencies required to run the Flask application
 RUN pip install -r requirements.txt