diff --git a/.github/workflows/backend-cd.yml b/.github/workflows/backend-cd.yml deleted file mode 100644 index 6035ed15..00000000 --- a/.github/workflows/backend-cd.yml +++ /dev/null @@ -1,101 +0,0 @@ -name: CD - Deploy Backend Services to AKS - -on: - workflow_dispatch: - inputs: - aks_cluster_name: - description: 'Name of the AKS Cluster to deploy to' - required: true - default: '' - aks_resource_group: - description: 'Resource Group of the AKS Cluster' - required: true - default: '' - aks_acr_name: - description: 'Name of ACR' - required: true - default: '' - -jobs: - deploy_backend: - runs-on: ubuntu-latest - environment: Production - - outputs: - PRODUCT_API_IP: ${{ steps.get_product_ip.outputs.external_ip }} - ORDER_API_IP: ${{ steps.get_order_ip.outputs.external_ip }} - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Log in to Azure - uses: azure/login@v1 - with: - creds: ${{ secrets.AZURE_CREDENTIALS }} - enable-AzPSSession: true - - - name: Set Kubernetes context (get AKS credentials) - run: | - az aks get-credentials --resource-group ${{ github.event.inputs.aks_resource_group }} --name ${{ github.event.inputs.aks_cluster_name }} --overwrite-existing - - - name: Attach ACR - run: | - az aks update --name ${{ github.event.inputs.aks_cluster_name }} --resource-group ${{ github.event.inputs.aks_resource_group }} --attach-acr ${{ github.event.inputs.aks_acr_name }} - - - name: Deploy Backend Infrastructure (Namespace, ConfigMaps, Secrets, Databases) - run: | - echo "Deploying backend infrastructure..." - cd k8s/ - kubectl apply -f configmaps.yaml - kubectl apply -f secrets.yaml - kubectl apply -f product-db.yaml - kubectl apply -f order-db.yaml - - - name: Deploy Backend Microservices (Product, Order) - run: | - echo "Deploying backend microservices..." - cd k8s/ - kubectl apply -f product-service.yaml - kubectl apply -f order-service.yaml - - - name: Wait for Backend LoadBalancer IPs - run: | - echo "Waiting for Product, Order LoadBalancer IPs to be assigned (up to 5 minutes)..." - PRODUCT_IP="" - ORDER_IP="" - - for i in $(seq 1 60); do - echo "Attempt $i/60 to get IPs..." - PRODUCT_IP=$(kubectl get service product-service-w08e1 -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - ORDER_IP=$(kubectl get service order-service-w08e1 -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - - if [[ -n "$PRODUCT_IP" && -n "$ORDER_IP" ]]; then - echo "All backend LoadBalancer IPs assigned!" - echo "Product Service IP: $PRODUCT_IP" - echo "Order Service IP: $ORDER_IP" - break - fi - sleep 5 # Wait 5 seconds before next attempt - done - - if [[ -z "$PRODUCT_IP" || -z "$ORDER_IP" ]]; then - echo "Error: One or more LoadBalancer IPs not assigned after timeout." - exit 1 # Fail the job if IPs are not obtained - fi - - # These are environment variables for subsequent steps in the *same job* - # And used to set the job outputs - echo "PRODUCT_IP=$PRODUCT_IP" >> $GITHUB_ENV - echo "ORDER_IP=$ORDER_IP" >> $GITHUB_ENV - - - name: Capture Product Service IP for Workflow Output - id: get_product_ip - run: echo "external_ip=${{ env.PRODUCT_IP }}" >> $GITHUB_OUTPUT - - - name: Capture Order Service IP for Workflow Output - id: get_order_ip - run: echo "external_ip=${{ env.ORDER_IP }}" >> $GITHUB_OUTPUT - - - name: Logout from Azure - run: az logout diff --git a/.github/workflows/backend_cd.yml b/.github/workflows/backend_cd.yml new file mode 100644 index 00000000..ede04171 --- /dev/null +++ b/.github/workflows/backend_cd.yml @@ -0,0 +1,120 @@ +# week08/.github/workflows/backend_ci.yml + +name: Backend CI - Test, Build and Push Images to ACR + +on: + workflow_dispatch: + push: + branches: [ main ] + paths: + - 'backend/**' + - '.github/workflows/backend_ci.yml' + +# Global env +env: + # Registry name (no domain, e.g. acrweek0820618) + ACR_NAME: ${{ secrets.ACR_NAME }} + # Registry login server (with domain, e.g. acrweek0820618.azurecr.io) + ACR_LOGIN_SERVER: ${{ secrets.ACR_LOGIN_SERVER }} + IMAGE_TAG: ${{ github.sha }}-${{ github.run_id }} + +jobs: + test_and_lint_backends: + runs-on: ubuntu-latest + + services: + product_db: + image: postgres:15 + env: + POSTGRES_USER: postgres + POSTGRES_PASSWORD: postgres + POSTGRES_DB: products + options: >- + --health-cmd "pg_isready -U postgres" + --health-interval 10s + --health-timeout 5s + --health-retries 5 + ports: [ "5432:5432" ] + + order_db: + image: postgres:15 + env: + POSTGRES_USER: postgres + POSTGRES_PASSWORD: postgres + POSTGRES_DB: orders + options: >- + --health-cmd "pg_isready -U postgres" + --health-interval 10s + --health-timeout 5s + --health-retries 5 + ports: [ "5433:5432" ] + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Set up Python 3.10 + uses: actions/setup-python@v5 + with: + python-version: '3.10' + + - name: Install dependencies + run: | + pip install --upgrade pip + for req in backend/*/requirements.txt; do + echo "Installing $req" + pip install -r "$req" + done + pip install pytest httpx + + - name: Run product_service tests + working-directory: backend/product_service + env: + POSTGRES_HOST: localhost + POSTGRES_PORT: 5432 + POSTGRES_DB: products + POSTGRES_USER: postgres + POSTGRES_PASSWORD: postgres + run: pytest tests --maxfail=1 --disable-warnings -q + + - name: Run order_service tests + working-directory: backend/order_service + env: + POSTGRES_HOST: localhost + POSTGRES_PORT: 5433 + POSTGRES_DB: orders + POSTGRES_USER: postgres + POSTGRES_PASSWORD: postgres + run: pytest tests --maxfail=1 --disable-warnings -q + + build_and_push_images: + runs-on: ubuntu-latest + needs: test_and_lint_backends + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Azure Login + uses: azure/login@v1 + with: + creds: ${{ secrets.AZURE_CREDENTIALS }} + + # ✅ Use the registry NAME with --name + - name: Login to Azure Container Registry + run: az acr login --name ${{ env.ACR_NAME }} + + # ✅ Use the LOGIN SERVER for image tags/push + - name: Build and Push Product Service Image + run: | + docker build -t ${{ env.ACR_LOGIN_SERVER }}/product_service:latest ./backend/product_service/ + docker push ${{ env.ACR_LOGIN_SERVER }}/product_service:latest + + - name: Build and Push Order Service Image + run: | + docker build -t ${{ env.ACR_LOGIN_SERVER }}/order_service:latest ./backend/order_service/ + docker push ${{ env.ACR_LOGIN_SERVER }}/order_service:latest + + - name: Logout from Azure + if: always() + run: az logout diff --git a/.github/workflows/backend_ci.yml b/.github/workflows/backend_ci.yml index d69725aa..0bad2992 100644 --- a/.github/workflows/backend_ci.yml +++ b/.github/workflows/backend_ci.yml @@ -1,146 +1,38 @@ -# week08/.github/workflows/backend_ci.yml +name: Backend CI - Build & Push Images to ACR -name: Backend CI - Test, Build and Push Images to ACR - -# Trigger the workflow on pushes to the 'main' branch -# You can also add 'pull_request:' to run on PRs on: - # Manual trigger workflow_dispatch: - - # Automatically on pushes to main branch push: branches: - - main - paths: # Only trigger if changes are in backend directories + - dev + paths: - 'backend/**' - - '.github/workflows/backend_ci.yml' # Trigger if this workflow file changes - -# Define global environment variables that can be used across jobs -env: - # ACR Login Server (e.g., myregistry.azurecr.io) - # This needs to be set as a GitHub Repository Secret - ACR_LOGIN_SERVER: ${{ secrets.AZURE_CONTAINER_REGISTRY }} - # Dynamically generate image tags based on Git SHA and GitHub Run ID - # This provides unique, traceable tags for each image build - IMAGE_TAG: ${{ github.sha }}-${{ github.run_id }} + - '.github/workflows/backend_ci.yml' jobs: - # Job 1: Run tests and linting for all backend services - test_and_lint_backends: - runs-on: ubuntu-latest # Use a GitHub-hosted runner - - services: - # Product DB container - product_db: - image: postgres:15 - env: - POSTGRES_USER: postgres - POSTGRES_PASSWORD: postgres - POSTGRES_DB: products - # Make pg_isready available so the service is healthy before tests run - options: >- - --health-cmd "pg_isready -U postgres" - --health-interval 10s - --health-timeout 5s - --health-retries 5 - ports: - - 5432:5432 - - # Order DB - order_db: - image: postgres:15 - env: - POSTGRES_USER: postgres - POSTGRES_PASSWORD: postgres - POSTGRES_DB: orders - ports: - - 5433:5432 - options: >- - --health-cmd "pg_isready -U postgres" - --health-interval 10s - --health-timeout 5s - --health-retries 5 - - steps: - # 1. Checkout the repository code to the runner - - name: Checkout repository - uses: actions/checkout@v4 # Action to check out your repository code - - # 2. Set up Python environment - - name: Set up Python 3.10 - uses: actions/setup-python@v5 # Action to set up Python environment - with: - python-version: '3.10' - - # 3. Install dependencies and run code quality checks - - name: Install dependencies - run: | # Use a multi-line script to install pip dependencies - pip install --upgrade pip - # Loop through each backend service folder - for req in backend/*/requirements.txt; do - echo "Installing $req" - pip install -r "$req" - done - # Install CI tools - pip install pytest httpx - - # 5. Run tests for product service - - name: Run product_service tests - working-directory: backend/product_service - env: - POSTGRES_HOST: localhost - POSTGRES_PORT: 5432 - POSTGRES_DB: products - POSTGRES_USER: postgres - POSTGRES_PASSWORD: postgres - run: | - pytest tests --maxfail=1 --disable-warnings -q - - # 6. Run tests for order service - - name: Run order_service tests - working-directory: backend/order_service - env: - POSTGRES_HOST: localhost - POSTGRES_PORT: 5433 - POSTGRES_DB: orders - POSTGRES_USER: postgres - POSTGRES_PASSWORD: postgres - run: | - pytest tests --maxfail=1 --disable-warnings -q - - # Job 2: Build and Push Docker Images (runs only if tests pass) - build_and_push_images: + build_services: runs-on: ubuntu-latest - needs: test_and_lint_backends + strategy: + matrix: + svc: + - name: backend/product_service + context: backend/product_service + dockerfile: backend/product_service/Dockerfile + image: product_service + - name: backend/order_service + context: backend/order_service + dockerfile: backend/order_service/Dockerfile + image: order_service steps: - - name: Checkout repository - uses: actions/checkout@v4 - - # Azure login using a Service Principal secret - - name: Azure Login - uses: azure/login@v1 - with: - creds: ${{ secrets.AZURE_CREDENTIALS }} # Needs to be set as a GitHub Secret (Service Principal JSON) + - name: Checkout + uses: actions/checkout@v4 - # Login to Azure Container Registry (ACR) - - name: Login to Azure Container Registry - run: az acr login --name ${{ env.ACR_LOGIN_SERVER }} - - # Build and Push Docker image for Product Service - - name: Build and Push Product Service Image - run: | - docker build -t ${{ env.ACR_LOGIN_SERVER }}/product_service:latest ./backend/product_service/ - docker push ${{ env.ACR_LOGIN_SERVER }}/product_service:latest - - # Build and Push Docker image for Order Service - - name: Build and Push Order Service Image - run: | - docker build -t ${{ env.ACR_LOGIN_SERVER }}/order_service:latest ./backend/order_service/ - docker push ${{ env.ACR_LOGIN_SERVER }}/order_service:latest - - # Logout from Azure for security (runs even if image push fails) - - name: Logout from Azure - run: az logout - if: always() + - name: Build & push ${{ matrix.svc.name }} + uses: ./.github/workflows/reusable-acr-build.yml + with: + context: ${{ matrix.svc.context }} + dockerfile: ${{ matrix.svc.dockerfile }} + image_name: ${{ matrix.svc.image }} + tags: latest + secrets: inherit diff --git a/.github/workflows/frontend-cd.yml b/.github/workflows/frontend-cd.yml deleted file mode 100644 index 0a0879c8..00000000 --- a/.github/workflows/frontend-cd.yml +++ /dev/null @@ -1,93 +0,0 @@ -# week08/.github/workflows/frontend-cd.yml - -name: CD - Deploy Frontend to AKS - -# This workflow can be called by other workflows and takes inputs. -# Or it can be run manually if you provide the IPs. -on: - workflow_dispatch: - inputs: - product_api_ip: - description: 'External IP of Product Service' - required: true - default: 'http://:8000' - order_api_ip: - description: 'External IP of Order Service (e.g., http://Y.Y.Y.Y:8001)' - required: true - default: 'http://:8001' - aks_cluster_name: - description: 'Name of the AKS Cluster to deploy to' - required: true - default: '' - aks_resource_group: - description: 'Resource Group of the AKS Cluster' - required: true - default: '<' - - workflow_call: - inputs: - product_api_ip: - required: true - type: string - order_api_ip: - required: true - type: string - aks_cluster_name: - required: true - type: string - aks_resource_group: - required: true - type: string - -jobs: - deploy_frontend: - runs-on: ubuntu-latest - environment: Production - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - # Azure login using a Service Principal secret - - name: Azure Login - uses: azure/login@v1 - with: - creds: ${{ secrets.AZURE_CREDENTIALS }} - - # Login to Azure Container Registry (ACR) - - name: Login to Azure Container Registry - run: az acr login --name ${{ secrets.AZURE_CONTAINER_REGISTRY }} - - - name: Inject Backend IPs into Frontend main.js - run: | - echo "Injecting IPs into frontend/static/js/main.js" - # Ensure frontend/main.js is directly in the path for sed - sed -i "s|_PRODUCT_API_URL_|${{ inputs.product_api_ip }}|g" frontend/main.js - sed -i "s|_ORDER_API_URL_|${{ inputs.order_api_ip }}|g" frontend/main.js - - # Display the modified file content for debugging - echo "--- Modified main.js content ---" - cat frontend/main.js - echo "---------------------------------" - - # Build and Push Docker image for Frontend - - name: Build and Push Frontend Image - run: | - docker build -t ${{ secrets.AZURE_CONTAINER_REGISTRY }}/frontend:latest ./frontend/ - docker push ${{ secrets.AZURE_CONTAINER_REGISTRY }}/frontend:latest - - - name: Set Kubernetes context (get AKS credentials) - uses: azure/aks-set-context@v3 - with: - resource-group: ${{ inputs.aks_resource_group }} - cluster-name: ${{ inputs.aks_cluster_name }} - - - name: Deploy Frontend to AKS - run: | - echo "Deploying frontend with latest tag to AKS cluster: ${{ inputs.aks_cluster_name }}" - cd k8s/ - # Ensure frontend-service.yaml is configured with your ACR - kubectl apply -f frontend.yaml - - - name: Logout from Azure (AKS deployment) - run: az logout diff --git a/.github/workflows/frontend_ci.yml b/.github/workflows/frontend_ci.yml index 9f9e76d9..122bdab2 100644 --- a/.github/workflows/frontend_ci.yml +++ b/.github/workflows/frontend_ci.yml @@ -1,53 +1,28 @@ -# week08/.github/workflows/frontend_ci.yml - name: Frontend CI - Build & Push Image on: - # Manual trigger workflow_dispatch: - - # Automatically on pushes to main branch push: - branches: - - main - paths: # Only trigger if changes are in the frontend directory + branches: [ dev ] + paths: - 'frontend/**' - - '.github/workflows/frontend_ci.yml' # Trigger if this workflow file changes + - '.github/workflows/frontend_ci.yml' + pull_request: + branches: [ main ] + paths: + - 'frontend/**' + - '.github/workflows/frontend_ci.yml' -# Define global environment variables that can be used across jobs -env: - # ACR Login Server (e.g., myregistry.azurecr.io) - # This needs to be set as a GitHub Repository Secret - ACR_LOGIN_SERVER: ${{ secrets.AZURE_CONTAINER_REGISTRY }} - # Dynamically generate image tags based on Git SHA and GitHub Run ID - # This provides unique, traceable tags for each image build - IMAGE_TAG: ${{ github.sha }}-${{ github.run_id }} +concurrency: + group: frontend-ci-${{ github.ref }} + cancel-in-progress: true jobs: - build_and_push_frontend: - runs-on: ubuntu-latest - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - # Azure login using a Service Principal secret - - name: Azure Login - uses: azure/login@v1 - with: - creds: ${{ secrets.AZURE_CREDENTIALS }} - - # Login to Azure Container Registry (ACR) - - name: Login to Azure Container Registry - run: az acr login --name ${{ env.ACR_LOGIN_SERVER }} - - # Build and Push Docker image for Frontend - - name: Build and Push Frontend Image - run: | - docker build -t ${{ env.ACR_LOGIN_SERVER }}/frontend:latest ./frontend/ - docker push ${{ env.ACR_LOGIN_SERVER }}/frontend:latest - - # Logout from Azure for security (runs even if image push fails) - - name: Logout from Azure - run: az logout - if: always() + build_frontend: + uses: RitikaSharma2815/week08/.github/workflows/reusable-acr-build.yml@dev + with: + context: frontend + dockerfile: frontend/Dockerfile + image_name: frontend + tags: latest + secrets: inherit diff --git a/.github/workflows/reusable-acr-build.yml b/.github/workflows/reusable-acr-build.yml new file mode 100644 index 00000000..660700cd --- /dev/null +++ b/.github/workflows/reusable-acr-build.yml @@ -0,0 +1,49 @@ +name: Reusable ACR Build + +on: + workflow_call: + inputs: + context: { required: true, type: string } # build context (folder) + dockerfile: { required: true, type: string } # path to Dockerfile + image_name: { required: true, type: string } # repo/name in ACR + tags: { required: false, type: string, default: latest } + secrets: + AZURE_CREDENTIALS: { required: true } # JSON creds + ACR_NAME: { required: true } # e.g. acrweek0820618 + ACR_LOGIN_SERVER: { required: true } # e.g. acrweek0820618.azurecr.io + +jobs: + build: + runs-on: ubuntu-latest + permissions: + contents: read + + steps: + - name: Checkout + uses: actions/checkout@v4 + + # Make missing secrets obvious + - name: Pre Azure login (validate secrets) + run: | + test -n "${{ secrets.AZURE_CREDENTIALS }}" || { echo "Missing AZURE_CREDENTIALS secret"; exit 1; } + test -n "${{ secrets.ACR_NAME }}" || { echo "Missing ACR_NAME secret"; exit 1; } + test -n "${{ secrets.ACR_LOGIN_SERVER }}" || { echo "Missing ACR_LOGIN_SERVER secret"; exit 1; } + + - name: Azure login + uses: azure/login@v1 + with: + creds: ${{ secrets.AZURE_CREDENTIALS }} + + - name: ACR login + run: az acr login --name "${{ secrets.ACR_NAME }}" + + - name: Docker build & push + run: | + IMAGE="${{ secrets.ACR_LOGIN_SERVER }}/${{ inputs.image_name }}:${{ inputs.tags }}" + echo "Building $IMAGE from ${{ inputs.context }} using ${{ inputs.dockerfile }}" + docker build -t "$IMAGE" -f "${{ inputs.dockerfile }}" "${{ inputs.context }}" + docker push "$IMAGE" + + - name: Azure logout + if: always() + run: az logout || true diff --git a/k8s/frontend-config.yaml b/k8s/frontend-config.yaml new file mode 100644 index 00000000..068a3c41 --- /dev/null +++ b/k8s/frontend-config.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: frontend-config + namespace: shop +data: + PRODUCT_API_URL: "http://20.227.82.107:8000" + ORDER_API_URL: "http://20.53.162.214:8001" diff --git a/k8s/frontend.yaml b/k8s/frontend.yaml index 1948536d..9cc61f09 100644 --- a/k8s/frontend.yaml +++ b/k8s/frontend.yaml @@ -1,11 +1,8 @@ -# week08/k8s/frontend.yaml - apiVersion: apps/v1 kind: Deployment metadata: - name: frontend - labels: - app: frontend + name: frontend-w08e1 + namespace: shop spec: replicas: 1 selector: @@ -17,23 +14,26 @@ spec: app: frontend spec: containers: - - name: frontend-container - image: durgeshsamariya.azurecr.io/frontend:latest - imagePullPolicy: Always - ports: - - containerPort: 80 + - name: frontend + # use your ACR image + image: acrweek0820618.azurecr.io/frontend:latest + ports: + - containerPort: 80 + # read backend URLs from the ConfigMap you just made + envFrom: + - configMapRef: + name: frontend-config --- apiVersion: v1 kind: Service metadata: - name: frontend-w08e1 # Service name matches - labels: - app: frontend + name: frontend-service-w08e1 + namespace: shop spec: + type: LoadBalancer selector: app: frontend ports: - - protocol: TCP - port: 80 # The port the service listens on inside the cluster - targetPort: 80 # The port on the Pod (containerPort where Nginx runs) - type: LoadBalancer # Exposes the service on a port on each Node's IP + - name: http + port: 80 + targetPort: 80