From 7dbdcda783807bc72288730b02e4bfc1c9601095 Mon Sep 17 00:00:00 2001 From: Titiksha Rathod Date: Tue, 16 Sep 2025 19:29:00 +1000 Subject: [PATCH 01/27] CI: use ACR admin creds & push images --- .github/workflows/backend_ci.yml | 107 ++++++++++++------------------- 1 file changed, 40 insertions(+), 67 deletions(-) diff --git a/.github/workflows/backend_ci.yml b/.github/workflows/backend_ci.yml index d69725aa..0accfea7 100644 --- a/.github/workflows/backend_ci.yml +++ b/.github/workflows/backend_ci.yml @@ -1,44 +1,29 @@ -# week08/.github/workflows/backend_ci.yml - name: Backend CI - Test, Build and Push Images to ACR -# Trigger the workflow on pushes to the 'main' branch -# You can also add 'pull_request:' to run on PRs on: - # Manual trigger workflow_dispatch: - - # Automatically on pushes to main branch push: - branches: - - main - paths: # Only trigger if changes are in backend directories + branches: [ main ] + paths: - 'backend/**' - - '.github/workflows/backend_ci.yml' # Trigger if this workflow file changes + - '.github/workflows/backend_ci.yml' -# Define global environment variables that can be used across jobs env: - # ACR Login Server (e.g., myregistry.azurecr.io) - # This needs to be set as a GitHub Repository Secret + # e.g. myregistry.azurecr.io ACR_LOGIN_SERVER: ${{ secrets.AZURE_CONTAINER_REGISTRY }} - # Dynamically generate image tags based on Git SHA and GitHub Run ID - # This provides unique, traceable tags for each image build IMAGE_TAG: ${{ github.sha }}-${{ github.run_id }} jobs: - # Job 1: Run tests and linting for all backend services test_and_lint_backends: - runs-on: ubuntu-latest # Use a GitHub-hosted runner + runs-on: ubuntu-latest services: - # Product DB container product_db: image: postgres:15 env: POSTGRES_USER: postgres POSTGRES_PASSWORD: postgres POSTGRES_DB: products - # Make pg_isready available so the service is healthy before tests run options: >- --health-cmd "pg_isready -U postgres" --health-interval 10s @@ -46,46 +31,38 @@ jobs: --health-retries 5 ports: - 5432:5432 - - # Order DB order_db: image: postgres:15 env: POSTGRES_USER: postgres POSTGRES_PASSWORD: postgres POSTGRES_DB: orders - ports: - - 5433:5432 options: >- --health-cmd "pg_isready -U postgres" --health-interval 10s --health-timeout 5s --health-retries 5 + ports: + - 5433:5432 steps: - # 1. Checkout the repository code to the runner - name: Checkout repository - uses: actions/checkout@v4 # Action to check out your repository code + uses: actions/checkout@v4 - # 2. Set up Python environment - name: Set up Python 3.10 - uses: actions/setup-python@v5 # Action to set up Python environment + uses: actions/setup-python@v5 with: python-version: '3.10' - # 3. Install dependencies and run code quality checks - name: Install dependencies - run: | # Use a multi-line script to install pip dependencies + run: | pip install --upgrade pip - # Loop through each backend service folder for req in backend/*/requirements.txt; do echo "Installing $req" pip install -r "$req" done - # Install CI tools pip install pytest httpx - # 5. Run tests for product service - name: Run product_service tests working-directory: backend/product_service env: @@ -94,10 +71,8 @@ jobs: POSTGRES_DB: products POSTGRES_USER: postgres POSTGRES_PASSWORD: postgres - run: | - pytest tests --maxfail=1 --disable-warnings -q - - # 6. Run tests for order service + run: pytest tests --maxfail=1 --disable-warnings -q + - name: Run order_service tests working-directory: backend/order_service env: @@ -106,41 +81,39 @@ jobs: POSTGRES_DB: orders POSTGRES_USER: postgres POSTGRES_PASSWORD: postgres - run: | - pytest tests --maxfail=1 --disable-warnings -q + run: pytest tests --maxfail=1 --disable-warnings -q - # Job 2: Build and Push Docker Images (runs only if tests pass) build_and_push_images: runs-on: ubuntu-latest needs: test_and_lint_backends steps: - - name: Checkout repository - uses: actions/checkout@v4 - - # Azure login using a Service Principal secret - - name: Azure Login - uses: azure/login@v1 - with: - creds: ${{ secrets.AZURE_CREDENTIALS }} # Needs to be set as a GitHub Secret (Service Principal JSON) - - # Login to Azure Container Registry (ACR) - - name: Login to Azure Container Registry - run: az acr login --name ${{ env.ACR_LOGIN_SERVER }} - - # Build and Push Docker image for Product Service - - name: Build and Push Product Service Image - run: | - docker build -t ${{ env.ACR_LOGIN_SERVER }}/product_service:latest ./backend/product_service/ - docker push ${{ env.ACR_LOGIN_SERVER }}/product_service:latest + - name: Checkout repository + uses: actions/checkout@v4 - # Build and Push Docker image for Order Service - - name: Build and Push Order Service Image - run: | - docker build -t ${{ env.ACR_LOGIN_SERVER }}/order_service:latest ./backend/order_service/ - docker push ${{ env.ACR_LOGIN_SERVER }}/order_service:latest + # 🔐 Login to ACR using admin creds (secrets) + - name: Docker login to ACR + run: echo "${{ secrets.ACR_PASSWORD }}" | docker login ${{ env.ACR_LOGIN_SERVER }} \ + -u "${{ secrets.ACR_USERNAME }}" --password-stdin - # Logout from Azure for security (runs even if image push fails) - - name: Logout from Azure - run: az logout - if: always() + # 🏗️ Build & push Product Service + - name: Build and Push Product Service Image + run: | + docker build -t ${{ env.ACR_LOGIN_SERVER }}/product_service:latest \ + -t ${{ env.ACR_LOGIN_SERVER }}/product_service:${{ env.IMAGE_TAG }} \ + ./backend/product_service/ + docker push ${{ env.ACR_LOGIN_SERVER }}/product_service:latest + docker push ${{ env.ACR_LOGIN_SERVER }}/product_service:${{ env.IMAGE_TAG }} + + # 🏗️ Build & push Order Service + - name: Build and Push Order Service Image + run: | + docker build -t ${{ env.ACR_LOGIN_SERVER }}/order_service:latest \ + -t ${{ env.ACR_LOGIN_SERVER }}/order_service:${{ env.IMAGE_TAG }} \ + ./backend/order_service/ + docker push ${{ env.ACR_LOGIN_SERVER }}/order_service:latest + docker push ${{ env.ACR_LOGIN_SERVER }}/order_service:${{ env.IMAGE_TAG }} + + - name: Docker logout + if: always() + run: docker logout ${{ env.ACR_LOGIN_SERVER }} From 2126c51f67161c8a6796ba683c0dee1d00a60a54 Mon Sep 17 00:00:00 2001 From: Titiksha Rathod Date: Tue, 16 Sep 2025 19:37:25 +1000 Subject: [PATCH 02/27] Fix: proper ACR login server and debug step --- .github/workflows/backend_ci.yml | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/.github/workflows/backend_ci.yml b/.github/workflows/backend_ci.yml index 0accfea7..fe136bf8 100644 --- a/.github/workflows/backend_ci.yml +++ b/.github/workflows/backend_ci.yml @@ -91,10 +91,18 @@ jobs: - name: Checkout repository uses: actions/checkout@v4 - # 🔐 Login to ACR using admin creds (secrets) + - name: Debug ACR login server + run: echo "Using ACR login server: ${{ env.ACR_LOGIN_SERVER }}" + - name: Docker login to ACR - run: echo "${{ secrets.ACR_PASSWORD }}" | docker login ${{ env.ACR_LOGIN_SERVER }} \ - -u "${{ secrets.ACR_USERNAME }}" --password-stdin + run: | + if [ -z "${{ env.ACR_LOGIN_SERVER }}" ]; then + echo "❌ ACR_LOGIN_SERVER is empty! Check your secret AZURE_CONTAINER_REGISTRY." + exit 1 + fi + echo "${{ secrets.ACR_PASSWORD }}" | docker login "${{ env.ACR_LOGIN_SERVER }}" \ + -u "${{ secrets.ACR_USERNAME }}" --password-stdin + # 🏗️ Build & push Product Service - name: Build and Push Product Service Image From 77d0bd775908616355b705c536621958ed51ad78 Mon Sep 17 00:00:00 2001 From: Titiksha Rathod Date: Tue, 16 Sep 2025 19:39:37 +1000 Subject: [PATCH 03/27] Fix: YAML indentation for debug + docker login step --- .github/workflows/backend_ci.yml | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/.github/workflows/backend_ci.yml b/.github/workflows/backend_ci.yml index fe136bf8..3c2a9544 100644 --- a/.github/workflows/backend_ci.yml +++ b/.github/workflows/backend_ci.yml @@ -91,7 +91,7 @@ jobs: - name: Checkout repository uses: actions/checkout@v4 - - name: Debug ACR login server + - name: Debug ACR login server run: echo "Using ACR login server: ${{ env.ACR_LOGIN_SERVER }}" - name: Docker login to ACR @@ -103,8 +103,6 @@ jobs: echo "${{ secrets.ACR_PASSWORD }}" | docker login "${{ env.ACR_LOGIN_SERVER }}" \ -u "${{ secrets.ACR_USERNAME }}" --password-stdin - - # 🏗️ Build & push Product Service - name: Build and Push Product Service Image run: | docker build -t ${{ env.ACR_LOGIN_SERVER }}/product_service:latest \ @@ -113,7 +111,6 @@ jobs: docker push ${{ env.ACR_LOGIN_SERVER }}/product_service:latest docker push ${{ env.ACR_LOGIN_SERVER }}/product_service:${{ env.IMAGE_TAG }} - # 🏗️ Build & push Order Service - name: Build and Push Order Service Image run: | docker build -t ${{ env.ACR_LOGIN_SERVER }}/order_service:latest \ From 4af3a7d12a169995f151fbe8f28a659e7140c846 Mon Sep 17 00:00:00 2001 From: Titiksha Rathod Date: Tue, 16 Sep 2025 19:44:27 +1000 Subject: [PATCH 04/27] Fix indentation: make build_and_push_images a separate job --- .github/workflows/backend_ci.yml | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/.github/workflows/backend_ci.yml b/.github/workflows/backend_ci.yml index 3c2a9544..1fe0dc72 100644 --- a/.github/workflows/backend_ci.yml +++ b/.github/workflows/backend_ci.yml @@ -95,30 +95,33 @@ jobs: run: echo "Using ACR login server: ${{ env.ACR_LOGIN_SERVER }}" - name: Docker login to ACR + shell: bash run: | if [ -z "${{ env.ACR_LOGIN_SERVER }}" ]; then - echo "❌ ACR_LOGIN_SERVER is empty! Check your secret AZURE_CONTAINER_REGISTRY." + echo "ACR_LOGIN_SERVER is empty. Check secret AZURE_CONTAINER_REGISTRY." exit 1 fi echo "${{ secrets.ACR_PASSWORD }}" | docker login "${{ env.ACR_LOGIN_SERVER }}" \ -u "${{ secrets.ACR_USERNAME }}" --password-stdin - name: Build and Push Product Service Image + shell: bash run: | - docker build -t ${{ env.ACR_LOGIN_SERVER }}/product_service:latest \ - -t ${{ env.ACR_LOGIN_SERVER }}/product_service:${{ env.IMAGE_TAG }} \ + docker build -t "${{ env.ACR_LOGIN_SERVER }}/product_service:latest" \ + -t "${{ env.ACR_LOGIN_SERVER }}/product_service:${{ env.IMAGE_TAG }}" \ ./backend/product_service/ - docker push ${{ env.ACR_LOGIN_SERVER }}/product_service:latest - docker push ${{ env.ACR_LOGIN_SERVER }}/product_service:${{ env.IMAGE_TAG }} + docker push "${{ env.ACR_LOGIN_SERVER }}/product_service:latest" + docker push "${{ env.ACR_LOGIN_SERVER }}/product_service:${{ env.IMAGE_TAG }}" - name: Build and Push Order Service Image + shell: bash run: | - docker build -t ${{ env.ACR_LOGIN_SERVER }}/order_service:latest \ - -t ${{ env.ACR_LOGIN_SERVER }}/order_service:${{ env.IMAGE_TAG }} \ + docker build -t "${{ env.ACR_LOGIN_SERVER }}/order_service:latest" \ + -t "${{ env.ACR_LOGIN_SERVER }}/order_service:${{ env.IMAGE_TAG }}" \ ./backend/order_service/ - docker push ${{ env.ACR_LOGIN_SERVER }}/order_service:latest - docker push ${{ env.ACR_LOGIN_SERVER }}/order_service:${{ env.IMAGE_TAG }} + docker push "${{ env.ACR_LOGIN_SERVER }}/order_service:latest" + docker push "${{ env.ACR_LOGIN_SERVER }}/order_service:${{ env.IMAGE_TAG }}" - name: Docker logout if: always() - run: docker logout ${{ env.ACR_LOGIN_SERVER }} + run: docker logout "${{ env.ACR_LOGIN_SERVER }}" From adb212340a203a05c08c596ac26db168c19b2b8d Mon Sep 17 00:00:00 2001 From: Titiksha Rathod Date: Tue, 16 Sep 2025 19:47:28 +1000 Subject: [PATCH 05/27] Fix indentation #2: make build_and_push_images a separate job --- .github/workflows/backend_ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/backend_ci.yml b/.github/workflows/backend_ci.yml index 1fe0dc72..ba33d3ef 100644 --- a/.github/workflows/backend_ci.yml +++ b/.github/workflows/backend_ci.yml @@ -92,7 +92,7 @@ jobs: uses: actions/checkout@v4 - name: Debug ACR login server - run: echo "Using ACR login server: ${{ env.ACR_LOGIN_SERVER }}" + run: echo "Using ACR login server:${{ env.ACR_LOGIN_SERVER }}" - name: Docker login to ACR shell: bash From 16662ac463c0393714fa7163e942a55361d917f8 Mon Sep 17 00:00:00 2001 From: Titiksha Rathod Date: Tue, 16 Sep 2025 19:55:29 +1000 Subject: [PATCH 06/27] CD: decode kubeconfig + deploy backend services --- .github/workflows/backend-cd.yml | 38 ++++++-------------------------- 1 file changed, 7 insertions(+), 31 deletions(-) diff --git a/.github/workflows/backend-cd.yml b/.github/workflows/backend-cd.yml index 6035ed15..2d7c7421 100644 --- a/.github/workflows/backend-cd.yml +++ b/.github/workflows/backend-cd.yml @@ -2,19 +2,6 @@ name: CD - Deploy Backend Services to AKS on: workflow_dispatch: - inputs: - aks_cluster_name: - description: 'Name of the AKS Cluster to deploy to' - required: true - default: '' - aks_resource_group: - description: 'Resource Group of the AKS Cluster' - required: true - default: '' - aks_acr_name: - description: 'Name of ACR' - required: true - default: '' jobs: deploy_backend: @@ -29,19 +16,13 @@ jobs: - name: Checkout repository uses: actions/checkout@v4 - - name: Log in to Azure - uses: azure/login@v1 - with: - creds: ${{ secrets.AZURE_CREDENTIALS }} - enable-AzPSSession: true - - - name: Set Kubernetes context (get AKS credentials) + # 🗝️ Configure kubeconfig using GitHub Secret + - name: Configure kubeconfig run: | - az aks get-credentials --resource-group ${{ github.event.inputs.aks_resource_group }} --name ${{ github.event.inputs.aks_cluster_name }} --overwrite-existing + echo "${{ secrets.KUBECONFIG_B64 }}" | base64 --decode > ~/.kube/config - - name: Attach ACR - run: | - az aks update --name ${{ github.event.inputs.aks_cluster_name }} --resource-group ${{ github.event.inputs.aks_resource_group }} --attach-acr ${{ github.event.inputs.aks_acr_name }} + - name: Verify cluster connection + run: kubectl get nodes - name: Deploy Backend Infrastructure (Namespace, ConfigMaps, Secrets, Databases) run: | @@ -76,16 +57,14 @@ jobs: echo "Order Service IP: $ORDER_IP" break fi - sleep 5 # Wait 5 seconds before next attempt + sleep 5 done if [[ -z "$PRODUCT_IP" || -z "$ORDER_IP" ]]; then echo "Error: One or more LoadBalancer IPs not assigned after timeout." - exit 1 # Fail the job if IPs are not obtained + exit 1 fi - # These are environment variables for subsequent steps in the *same job* - # And used to set the job outputs echo "PRODUCT_IP=$PRODUCT_IP" >> $GITHUB_ENV echo "ORDER_IP=$ORDER_IP" >> $GITHUB_ENV @@ -96,6 +75,3 @@ jobs: - name: Capture Order Service IP for Workflow Output id: get_order_ip run: echo "external_ip=${{ env.ORDER_IP }}" >> $GITHUB_OUTPUT - - - name: Logout from Azure - run: az logout From 1a1f3cfe4f4b267359199881cf9bff9152a3e03d Mon Sep 17 00:00:00 2001 From: Titiksha Rathod Date: Tue, 16 Sep 2025 19:58:05 +1000 Subject: [PATCH 07/27] Fix: create .kube directory before writing config --- .github/workflows/backend-cd.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/backend-cd.yml b/.github/workflows/backend-cd.yml index 2d7c7421..db9442f6 100644 --- a/.github/workflows/backend-cd.yml +++ b/.github/workflows/backend-cd.yml @@ -19,6 +19,7 @@ jobs: # 🗝️ Configure kubeconfig using GitHub Secret - name: Configure kubeconfig run: | + mkdir -p ~/.kube echo "${{ secrets.KUBECONFIG_B64 }}" | base64 --decode > ~/.kube/config - name: Verify cluster connection From d4c39b02bbc983c30e676ef7ca0dc4078ef34c72 Mon Sep 17 00:00:00 2001 From: Titiksha Rathod Date: Tue, 16 Sep 2025 20:04:16 +1000 Subject: [PATCH 08/27] Frontend: update API endpoints to deployed AKS backend services --- frontend/main.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/frontend/main.js b/frontend/main.js index f321fd91..d49d0eb1 100644 --- a/frontend/main.js +++ b/frontend/main.js @@ -4,8 +4,8 @@ document.addEventListener('DOMContentLoaded', () => { // API endpoints for the Product and Order services. // These ports (30000 for Product, 30001 for Order) are mapped // from the Docker containers to the host machine in docker-compose.yml for Example 2. - const PRODUCT_API_BASE_URL = '_PRODUCT_API_URL_'; - const ORDER_API_BASE_URL = '_ORDER_API_URL_'; + const PRODUCT_API = "http://4.237.166.140:8001"; + const ORDER_API = "http://4.254.100.97:8002"; // Product Service is named 'product-service-w04e2' and exposes port 8000 internally. //const PRODUCT_API_BASE_URL = 'http://product-service-w04e2:8000'; From af88eb45876485a38da82546e1b50f50d8a04a29 Mon Sep 17 00:00:00 2001 From: Titiksha Rathod Date: Tue, 16 Sep 2025 20:15:20 +1000 Subject: [PATCH 09/27] Frontend CI: final clean YAML + ACR creds --- .github/workflows/frontend_ci.yml | 68 ++++++++++++++----------------- 1 file changed, 31 insertions(+), 37 deletions(-) diff --git a/.github/workflows/frontend_ci.yml b/.github/workflows/frontend_ci.yml index 9f9e76d9..6b42efbf 100644 --- a/.github/workflows/frontend_ci.yml +++ b/.github/workflows/frontend_ci.yml @@ -1,26 +1,15 @@ -# week08/.github/workflows/frontend_ci.yml - name: Frontend CI - Build & Push Image on: - # Manual trigger workflow_dispatch: - - # Automatically on pushes to main branch push: - branches: - - main - paths: # Only trigger if changes are in the frontend directory + branches: [ main ] + paths: - 'frontend/**' - - '.github/workflows/frontend_ci.yml' # Trigger if this workflow file changes + - '.github/workflows/frontend_ci.yml' -# Define global environment variables that can be used across jobs env: - # ACR Login Server (e.g., myregistry.azurecr.io) - # This needs to be set as a GitHub Repository Secret ACR_LOGIN_SERVER: ${{ secrets.AZURE_CONTAINER_REGISTRY }} - # Dynamically generate image tags based on Git SHA and GitHub Run ID - # This provides unique, traceable tags for each image build IMAGE_TAG: ${{ github.sha }}-${{ github.run_id }} jobs: @@ -28,26 +17,31 @@ jobs: runs-on: ubuntu-latest steps: - - name: Checkout repository - uses: actions/checkout@v4 - - # Azure login using a Service Principal secret - - name: Azure Login - uses: azure/login@v1 - with: - creds: ${{ secrets.AZURE_CREDENTIALS }} - - # Login to Azure Container Registry (ACR) - - name: Login to Azure Container Registry - run: az acr login --name ${{ env.ACR_LOGIN_SERVER }} - - # Build and Push Docker image for Frontend - - name: Build and Push Frontend Image - run: | - docker build -t ${{ env.ACR_LOGIN_SERVER }}/frontend:latest ./frontend/ - docker push ${{ env.ACR_LOGIN_SERVER }}/frontend:latest - - # Logout from Azure for security (runs even if image push fails) - - name: Logout from Azure - run: az logout - if: always() + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Debug ACR login server + run: echo "Using ACR login server: ${{ env.ACR_LOGIN_SERVER }}" + + - name: Docker login to ACR + shell: bash + run: | + if [ -z "${{ env.ACR_LOGIN_SERVER }}" ]; then + echo "ACR_LOGIN_SERVER is empty. Check secret AZURE_CONTAINER_REGISTRY." + exit 1 + fi + echo "${{ secrets.ACR_PASSWORD }}" | docker login "${{ env.ACR_LOGIN_SERVER }}" \ + -u "${{ secrets.ACR_USERNAME }}" --password-stdin + + - name: Build & Push Frontend Image + shell: bash + run: | + docker build -t "${{ env.ACR_LOGIN_SERVER }}/frontend:latest" \ + -t "${{ env.ACR_LOGIN_SERVER }}/frontend:${{ env.IMAGE_TAG }}" \ + ./frontend/ + docker push "${{ env.ACR_LOGIN_SERVER }}/frontend:latest" + docker push "${{ env.ACR_LOGIN_SERVER }}/frontend:${{ env.IMAGE_TAG }}" + + - name: Docker logout + if: always() + run: docker logout "${{ env.ACR_LOGIN_SERVER }}" From d24ffd4d505721bb6d331d51e8cb18fb5a86ce6d Mon Sep 17 00:00:00 2001 From: Titiksha Rathod Date: Tue, 16 Sep 2025 20:16:35 +1000 Subject: [PATCH 10/27] Frontend CI: final clean YAM#2L + ACR creds --- .github/workflows/frontend_ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/frontend_ci.yml b/.github/workflows/frontend_ci.yml index 6b42efbf..e3dc4f64 100644 --- a/.github/workflows/frontend_ci.yml +++ b/.github/workflows/frontend_ci.yml @@ -21,7 +21,7 @@ jobs: uses: actions/checkout@v4 - name: Debug ACR login server - run: echo "Using ACR login server: ${{ env.ACR_LOGIN_SERVER }}" + run: echo "Using ACR login server:${{ env.ACR_LOGIN_SERVER }}" - name: Docker login to ACR shell: bash From 7970d37349a514ba6154fdc57c7e62f76ce85a06 Mon Sep 17 00:00:00 2001 From: Titiksha Rathod Date: Tue, 16 Sep 2025 20:23:47 +1000 Subject: [PATCH 11/27] Frontend CD: use kubeconfig secret; simple kubectl apply --- .github/workflows/frontend-cd.yml | 91 ++++++------------------------- 1 file changed, 17 insertions(+), 74 deletions(-) diff --git a/.github/workflows/frontend-cd.yml b/.github/workflows/frontend-cd.yml index 0a0879c8..ceb61170 100644 --- a/.github/workflows/frontend-cd.yml +++ b/.github/workflows/frontend-cd.yml @@ -1,43 +1,7 @@ -# week08/.github/workflows/frontend-cd.yml - name: CD - Deploy Frontend to AKS -# This workflow can be called by other workflows and takes inputs. -# Or it can be run manually if you provide the IPs. on: workflow_dispatch: - inputs: - product_api_ip: - description: 'External IP of Product Service' - required: true - default: 'http://:8000' - order_api_ip: - description: 'External IP of Order Service (e.g., http://Y.Y.Y.Y:8001)' - required: true - default: 'http://:8001' - aks_cluster_name: - description: 'Name of the AKS Cluster to deploy to' - required: true - default: '' - aks_resource_group: - description: 'Resource Group of the AKS Cluster' - required: true - default: '<' - - workflow_call: - inputs: - product_api_ip: - required: true - type: string - order_api_ip: - required: true - type: string - aks_cluster_name: - required: true - type: string - aks_resource_group: - required: true - type: string jobs: deploy_frontend: @@ -48,46 +12,25 @@ jobs: - name: Checkout repository uses: actions/checkout@v4 - # Azure login using a Service Principal secret - - name: Azure Login - uses: azure/login@v1 - with: - creds: ${{ secrets.AZURE_CREDENTIALS }} - - # Login to Azure Container Registry (ACR) - - name: Login to Azure Container Registry - run: az acr login --name ${{ secrets.AZURE_CONTAINER_REGISTRY }} - - - name: Inject Backend IPs into Frontend main.js + - name: Configure kubeconfig run: | - echo "Injecting IPs into frontend/static/js/main.js" - # Ensure frontend/main.js is directly in the path for sed - sed -i "s|_PRODUCT_API_URL_|${{ inputs.product_api_ip }}|g" frontend/main.js - sed -i "s|_ORDER_API_URL_|${{ inputs.order_api_ip }}|g" frontend/main.js - - # Display the modified file content for debugging - echo "--- Modified main.js content ---" - cat frontend/main.js - echo "---------------------------------" + mkdir -p ~/.kube + echo "${{ secrets.KUBECONFIG_B64 }}" | base64 --decode > ~/.kube/config - # Build and Push Docker image for Frontend - - name: Build and Push Frontend Image - run: | - docker build -t ${{ secrets.AZURE_CONTAINER_REGISTRY }}/frontend:latest ./frontend/ - docker push ${{ secrets.AZURE_CONTAINER_REGISTRY }}/frontend:latest - - - name: Set Kubernetes context (get AKS credentials) - uses: azure/aks-set-context@v3 - with: - resource-group: ${{ inputs.aks_resource_group }} - cluster-name: ${{ inputs.aks_cluster_name }} + - name: Verify cluster connection + run: kubectl get nodes - - name: Deploy Frontend to AKS + # If your repo has ONE file (frontend.yaml), keep this block and remove the next one. + - name: Deploy Frontend (single manifest) + if: ${{ hashFiles('k8s/frontend.yaml') != '' }} run: | - echo "Deploying frontend with latest tag to AKS cluster: ${{ inputs.aks_cluster_name }}" - cd k8s/ - # Ensure frontend-service.yaml is configured with your ACR - kubectl apply -f frontend.yaml + echo "Applying k8s/frontend.yaml" + kubectl apply -f k8s/frontend.yaml - - name: Logout from Azure (AKS deployment) - run: az logout + # If your repo has split files, this block will run; the single-file block above will be skipped. + - name: Deploy Frontend (split manifests) + if: ${{ hashFiles('k8s/frontend-deployment.yaml') != '' || hashFiles('k8s/frontend-service.yaml') != '' }} + run: | + echo "Applying split frontend manifests" + if [ -f k8s/frontend-deployment.yaml ]; then kubectl apply -f k8s/frontend-deployment.yaml; fi + if [ -f k8s/frontend-service.yaml ]; then kubectl apply -f k8s/frontend-service.yaml; fi From e3d6196f4b99b18dbde8e0e253d07404501de33d Mon Sep 17 00:00:00 2001 From: Titiksha Rathod Date: Wed, 17 Sep 2025 09:02:55 +1000 Subject: [PATCH 12/27] Point frontend to correct API URLs --- frontend/main.js | 3 +++ 1 file changed, 3 insertions(+) diff --git a/frontend/main.js b/frontend/main.js index d49d0eb1..b7c80a94 100644 --- a/frontend/main.js +++ b/frontend/main.js @@ -1,5 +1,8 @@ // week08/frontend/main.js +const PRODUCT_API_BASE_URL = "http://product-service-w08e1:8000"; +const ORDER_API_BASE_URL = "http://order-service-w08e1:8001"; + document.addEventListener('DOMContentLoaded', () => { // API endpoints for the Product and Order services. // These ports (30000 for Product, 30001 for Order) are mapped From 32b3165601d3805cc1d1beda563e10f9b6872dba Mon Sep 17 00:00:00 2001 From: Titiksha Rathod Date: Wed, 17 Sep 2025 09:27:35 +1000 Subject: [PATCH 13/27] Frontend CI: add manual inputs + inject API URLs before build --- .github/workflows/frontend_ci.yml | 41 +++++++++++++++++++++++++++++-- 1 file changed, 39 insertions(+), 2 deletions(-) diff --git a/.github/workflows/frontend_ci.yml b/.github/workflows/frontend_ci.yml index e3dc4f64..8bbece72 100644 --- a/.github/workflows/frontend_ci.yml +++ b/.github/workflows/frontend_ci.yml @@ -2,6 +2,13 @@ name: Frontend CI - Build & Push Image on: workflow_dispatch: + inputs: + PRODUCT_API_URL: + description: "Public URL for Product API (e.g., http://4.237.166.140:8000)" + required: true + ORDER_API_URL: + description: "Public URL for Order API (e.g., http://4.254.100.97:8001)" + required: true push: branches: [ main ] paths: @@ -15,13 +22,43 @@ env: jobs: build_and_push_frontend: runs-on: ubuntu-latest - steps: - name: Checkout repository uses: actions/checkout@v4 - name: Debug ACR login server - run: echo "Using ACR login server:${{ env.ACR_LOGIN_SERVER }}" + run: echo "Using ACR login server: ${{ env.ACR_LOGIN_SERVER }}" + + - name: (Optional) Inject API URLs into main.js for manual runs + if: ${{ github.event_name == 'workflow_dispatch' }} + shell: bash + run: | + set -euo pipefail + # Show the first lines for sanity + head -n 5 frontend/main.js || true + + # Ensure placeholders exist + if ! grep -q "_PRODUCT_API_URL_" frontend/main.js; then + echo "ERROR: Placeholder _PRODUCT_API_URL_ not found in frontend/main.js" + exit 1 + fi + if ! grep -q "_ORDER_API_URL_" frontend/main.js; then + echo "ERROR: Placeholder _ORDER_API_URL_ not found in frontend/main.js" + exit 1 + fi + + # Do the replacements + sed -i "s|_PRODUCT_API_URL_|${{ github.event.inputs.PRODUCT_API_URL }}|g" frontend/main.js + sed -i "s|_ORDER_API_URL_|${{ github.event.inputs.ORDER_API_URL }}|g" frontend/main.js + + echo "Injected:" + echo " PRODUCT_API_URL=${{ github.event.inputs.PRODUCT_API_URL }}" + echo " ORDER_API_URL=${{ github.event.inputs.ORDER_API_URL }}" + + # Show a diff summary + echo "--- diff preview ---" + grep -n "const .*_BASE_URL" frontend/main.js || true + echo "--------------------" - name: Docker login to ACR shell: bash From b46815effeebd25bd8feb88d1373db225aa2ce61 Mon Sep 17 00:00:00 2001 From: Titiksha Rathod Date: Wed, 17 Sep 2025 09:28:33 +1000 Subject: [PATCH 14/27] Frontend CI: add manual inputs#2 + inject API URLs before build --- .github/workflows/frontend_ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/frontend_ci.yml b/.github/workflows/frontend_ci.yml index 8bbece72..afd76010 100644 --- a/.github/workflows/frontend_ci.yml +++ b/.github/workflows/frontend_ci.yml @@ -27,7 +27,7 @@ jobs: uses: actions/checkout@v4 - name: Debug ACR login server - run: echo "Using ACR login server: ${{ env.ACR_LOGIN_SERVER }}" + run: echo "Using ACR login server:${{ env.ACR_LOGIN_SERVER }}" - name: (Optional) Inject API URLs into main.js for manual runs if: ${{ github.event_name == 'workflow_dispatch' }} From e42416565a015144c04a50cc6145a04731dd2a93 Mon Sep 17 00:00:00 2001 From: Titiksha Rathod Date: Wed, 17 Sep 2025 09:33:09 +1000 Subject: [PATCH 15/27] Use placeholders for API URLs in main.js --- frontend/main.js | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/frontend/main.js b/frontend/main.js index b7c80a94..14a67a80 100644 --- a/frontend/main.js +++ b/frontend/main.js @@ -1,14 +1,13 @@ // week08/frontend/main.js -const PRODUCT_API_BASE_URL = "http://product-service-w08e1:8000"; -const ORDER_API_BASE_URL = "http://order-service-w08e1:8001"; +const PRODUCT_API_BASE_URL = "_PRODUCT_API_URL_"; +const ORDER_API_BASE_URL = "_ORDER_API_URL_"; + document.addEventListener('DOMContentLoaded', () => { // API endpoints for the Product and Order services. // These ports (30000 for Product, 30001 for Order) are mapped // from the Docker containers to the host machine in docker-compose.yml for Example 2. - const PRODUCT_API = "http://4.237.166.140:8001"; - const ORDER_API = "http://4.254.100.97:8002"; // Product Service is named 'product-service-w04e2' and exposes port 8000 internally. //const PRODUCT_API_BASE_URL = 'http://product-service-w04e2:8000'; From da75eeeb71b688e8541efa9b3a13cba553b7de62 Mon Sep 17 00:00:00 2001 From: Titiksha Rathod Date: Wed, 17 Sep 2025 09:43:54 +1000 Subject: [PATCH 16/27] #2Use placeholders for API URLs in main.js --- frontend/main.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/frontend/main.js b/frontend/main.js index 14a67a80..eb98eae4 100644 --- a/frontend/main.js +++ b/frontend/main.js @@ -1,7 +1,7 @@ // week08/frontend/main.js -const PRODUCT_API_BASE_URL = "_PRODUCT_API_URL_"; -const ORDER_API_BASE_URL = "_ORDER_API_URL_"; +const PRODUCT_API_BASE_URL = "http://4.237.166.140:8000"; +const ORDER_API_BASE_URL = "http://4.254.100.97:8001"; document.addEventListener('DOMContentLoaded', () => { From 9fee7bc86387d331592c3b47b2edb01bc5acd46f Mon Sep 17 00:00:00 2001 From: Titiksha Rathod Date: Thu, 25 Sep 2025 11:00:14 +1000 Subject: [PATCH 17/27] chore(actions): add PR checks + concurrency; skip image push on PRs --- .github/workflows/backend_ci.yml | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/.github/workflows/backend_ci.yml b/.github/workflows/backend_ci.yml index ba33d3ef..af5ae820 100644 --- a/.github/workflows/backend_ci.yml +++ b/.github/workflows/backend_ci.yml @@ -1,12 +1,28 @@ name: Backend CI - Test, Build and Push Images to ACR on: - workflow_dispatch: + pull_request: + branches: [ main ] + paths: + - 'backend/**' + - '.github/workflows/backend_ci.yml' push: branches: [ main ] paths: - 'backend/**' - '.github/workflows/backend_ci.yml' + workflow_dispatch: + +# minimal, explicit permissions (prep for later OIDC work) +permissions: + contents: read + id-token: write + packages: write + +# cancel stale runs on same ref +concurrency: + group: backend-ci-${{ github.ref }} + cancel-in-progress: true env: # e.g. myregistry.azurecr.io @@ -84,6 +100,8 @@ jobs: run: pytest tests --maxfail=1 --disable-warnings -q build_and_push_images: + # do not build/push images on PR validation + if: ${{ github.event_name != 'pull_request' }} runs-on: ubuntu-latest needs: test_and_lint_backends From c30a0ea11b1fa84080aedd5cf9da69c11594ee87 Mon Sep 17 00:00:00 2001 From: Titiksha Rathod Date: Fri, 26 Sep 2025 07:47:07 +1000 Subject: [PATCH 18/27] chore(actions): add pip caching + ruff lint + mypy type-checks to Backend CI --- .github/workflows/backend_ci.yml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/.github/workflows/backend_ci.yml b/.github/workflows/backend_ci.yml index af5ae820..c977e381 100644 --- a/.github/workflows/backend_ci.yml +++ b/.github/workflows/backend_ci.yml @@ -64,6 +64,24 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@v4 + - uses: actions/setup-python@v5 + with: + python-version: '3.10' + cache: 'pip' + + - name: Install tooling & deps + run: | + python -m pip install --upgrade pip + pip install ruff mypy pytest + # Install backend deps (works for single- or multi-service layout) + if [ -f backend/requirements.txt ]; then pip install -r backend/requirements.txt; fi + for req in backend/*/requirements.txt; do [ -f "$req" ] && pip install -r "$req"; done + + - name: Lint (ruff) + run: ruff check backend/ + + - name: Type-check (mypy) + run: mypy backend/ || true - name: Set up Python 3.10 uses: actions/setup-python@v5 From ea5cdddd2117812c4b5081f4073c5e44a9a1f8c5 Mon Sep 17 00:00:00 2001 From: Titiksha Rathod Date: Fri, 26 Sep 2025 07:48:17 +1000 Subject: [PATCH 19/27] chore(actions): add pip caching + ruff lint + mypy type-checks to Backend CI#2 --- .github/workflows/backend_ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/backend_ci.yml b/.github/workflows/backend_ci.yml index c977e381..6663f04e 100644 --- a/.github/workflows/backend_ci.yml +++ b/.github/workflows/backend_ci.yml @@ -64,7 +64,7 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@v4 - - uses: actions/setup-python@v5 + - uses:actions/setup-python@v5 with: python-version: '3.10' cache: 'pip' From 2f3a289b910afe0aa75c6664dfdd865ed93b111a Mon Sep 17 00:00:00 2001 From: Titiksha Rathod Date: Fri, 26 Sep 2025 08:01:48 +1000 Subject: [PATCH 20/27] fix(actions): add ruff lint + mypy steps correctly --- .github/workflows/backend_ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/backend_ci.yml b/.github/workflows/backend_ci.yml index 6663f04e..c977e381 100644 --- a/.github/workflows/backend_ci.yml +++ b/.github/workflows/backend_ci.yml @@ -64,7 +64,7 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@v4 - - uses:actions/setup-python@v5 + - uses: actions/setup-python@v5 with: python-version: '3.10' cache: 'pip' From b0e5e84b45a69b1c41a4aa479086c186c546c493 Mon Sep 17 00:00:00 2001 From: Titiksha Rathod Date: Fri, 26 Sep 2025 08:02:46 +1000 Subject: [PATCH 21/27] fix(actions): add ruff lint + mypy steps correctly2 --- .github/workflows/backend_ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/backend_ci.yml b/.github/workflows/backend_ci.yml index c977e381..6663f04e 100644 --- a/.github/workflows/backend_ci.yml +++ b/.github/workflows/backend_ci.yml @@ -64,7 +64,7 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@v4 - - uses: actions/setup-python@v5 + - uses:actions/setup-python@v5 with: python-version: '3.10' cache: 'pip' From c608ca1d1067782c61675e28c6076cf2ba119bd7 Mon Sep 17 00:00:00 2001 From: Titiksha Rathod Date: Fri, 26 Sep 2025 08:06:58 +1000 Subject: [PATCH 22/27] fix(actions): correct indentation; add ruff+mypy steps properly --- .github/workflows/backend_ci.yml | 21 ++++----------------- 1 file changed, 4 insertions(+), 17 deletions(-) diff --git a/.github/workflows/backend_ci.yml b/.github/workflows/backend_ci.yml index 6663f04e..855e7ecb 100644 --- a/.github/workflows/backend_ci.yml +++ b/.github/workflows/backend_ci.yml @@ -64,7 +64,8 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@v4 - - uses:actions/setup-python@v5 + + - uses: actions/setup-python@v5 with: python-version: '3.10' cache: 'pip' @@ -72,8 +73,8 @@ jobs: - name: Install tooling & deps run: | python -m pip install --upgrade pip - pip install ruff mypy pytest - # Install backend deps (works for single- or multi-service layout) + pip install ruff mypy pytest httpx + # Single-service or multi-service deps: if [ -f backend/requirements.txt ]; then pip install -r backend/requirements.txt; fi for req in backend/*/requirements.txt; do [ -f "$req" ] && pip install -r "$req"; done @@ -83,20 +84,6 @@ jobs: - name: Type-check (mypy) run: mypy backend/ || true - - name: Set up Python 3.10 - uses: actions/setup-python@v5 - with: - python-version: '3.10' - - - name: Install dependencies - run: | - pip install --upgrade pip - for req in backend/*/requirements.txt; do - echo "Installing $req" - pip install -r "$req" - done - pip install pytest httpx - - name: Run product_service tests working-directory: backend/product_service env: From 2aece4e45b52141cdfb85cf67008e278e1e7a3b8 Mon Sep 17 00:00:00 2001 From: Titiksha Rathod Date: Fri, 26 Sep 2025 08:11:36 +1000 Subject: [PATCH 23/27] fix(actions): correct indentation; add ruff+mypy steps properly --- .github/workflows/backend_ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/backend_ci.yml b/.github/workflows/backend_ci.yml index 855e7ecb..d2a2453b 100644 --- a/.github/workflows/backend_ci.yml +++ b/.github/workflows/backend_ci.yml @@ -79,7 +79,7 @@ jobs: for req in backend/*/requirements.txt; do [ -f "$req" ] && pip install -r "$req"; done - name: Lint (ruff) - run: ruff check backend/ + run: ruff check backend/ || true - name: Type-check (mypy) run: mypy backend/ || true From 2b4ba259684d25a530cbdd039b23833f325531b5 Mon Sep 17 00:00:00 2001 From: Titiksha Rathod Date: Fri, 26 Sep 2025 08:31:56 +1000 Subject: [PATCH 24/27] chore(actions): frontend PR checks + concurrency; skip image push on PRs --- .github/workflows/frontend_ci.yml | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/.github/workflows/frontend_ci.yml b/.github/workflows/frontend_ci.yml index afd76010..21242d2f 100644 --- a/.github/workflows/frontend_ci.yml +++ b/.github/workflows/frontend_ci.yml @@ -1,6 +1,16 @@ name: Frontend CI - Build & Push Image on: + pull_request: + branches: [ main ] + paths: + - 'frontend/**' + - '.github/workflows/frontend_ci.yml' + push: + branches: [ main ] + paths: + - 'frontend/**' + - '.github/workflows/frontend_ci.yml' workflow_dispatch: inputs: PRODUCT_API_URL: @@ -9,6 +19,16 @@ on: ORDER_API_URL: description: "Public URL for Order API (e.g., http://4.254.100.97:8001)" required: true + +permissions: + contents: read + id-token: write + packages: write + +concurrency: + group: frontend-ci-${{ github.ref }} + cancel-in-progress: true + push: branches: [ main ] paths: @@ -21,6 +41,7 @@ env: jobs: build_and_push_frontend: + if: ${{ github.event_name != 'pull_request' }} runs-on: ubuntu-latest steps: - name: Checkout repository From 372a770c56a9419aff1cf1d9a4d1aa80fbb5ab01 Mon Sep 17 00:00:00 2001 From: Titiksha Rathod Date: Fri, 26 Sep 2025 08:41:09 +1000 Subject: [PATCH 25/27] fix(actions): remove stray top-level push block in frontend CI --- .github/workflows/frontend_ci.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/.github/workflows/frontend_ci.yml b/.github/workflows/frontend_ci.yml index 21242d2f..a550609c 100644 --- a/.github/workflows/frontend_ci.yml +++ b/.github/workflows/frontend_ci.yml @@ -29,12 +29,6 @@ concurrency: group: frontend-ci-${{ github.ref }} cancel-in-progress: true - push: - branches: [ main ] - paths: - - 'frontend/**' - - '.github/workflows/frontend_ci.yml' - env: ACR_LOGIN_SERVER: ${{ secrets.AZURE_CONTAINER_REGISTRY }} IMAGE_TAG: ${{ github.sha }}-${{ github.run_id }} From 5df9babce20458f917718c293b0ce2f9d2f2b4d8 Mon Sep 17 00:00:00 2001 From: Titiksha Rathod Date: Fri, 26 Sep 2025 09:00:53 +1000 Subject: [PATCH 26/27] feat(actions): add caching + eslint + tests to frontend CI --- .github/workflows/frontend_ci.yml | 29 +++++++++++++++++++++-------- 1 file changed, 21 insertions(+), 8 deletions(-) diff --git a/.github/workflows/frontend_ci.yml b/.github/workflows/frontend_ci.yml index a550609c..d7f920cb 100644 --- a/.github/workflows/frontend_ci.yml +++ b/.github/workflows/frontend_ci.yml @@ -37,10 +37,31 @@ jobs: build_and_push_frontend: if: ${{ github.event_name != 'pull_request' }} runs-on: ubuntu-latest + steps: - name: Checkout repository uses: actions/checkout@v4 + - name: Setup Node.js with caching + uses: actions/setup-node@v4 + with: + node-version: '18' + cache: 'npm' + cache-dependency-path: frontend/package-lock.json + + - name: Install frontend dependencies + working-directory: frontend + run: npm ci + + - name: Lint frontend (eslint) + working-directory: frontend + run: npx eslint . || true + + - name: Run frontend tests (optional) + if: ${{ github.event_name == 'pull_request' }} + working-directory: frontend + run: npm test -- --watchAll=false || true + - name: Debug ACR login server run: echo "Using ACR login server:${{ env.ACR_LOGIN_SERVER }}" @@ -49,10 +70,7 @@ jobs: shell: bash run: | set -euo pipefail - # Show the first lines for sanity head -n 5 frontend/main.js || true - - # Ensure placeholders exist if ! grep -q "_PRODUCT_API_URL_" frontend/main.js; then echo "ERROR: Placeholder _PRODUCT_API_URL_ not found in frontend/main.js" exit 1 @@ -61,16 +79,11 @@ jobs: echo "ERROR: Placeholder _ORDER_API_URL_ not found in frontend/main.js" exit 1 fi - - # Do the replacements sed -i "s|_PRODUCT_API_URL_|${{ github.event.inputs.PRODUCT_API_URL }}|g" frontend/main.js sed -i "s|_ORDER_API_URL_|${{ github.event.inputs.ORDER_API_URL }}|g" frontend/main.js - echo "Injected:" echo " PRODUCT_API_URL=${{ github.event.inputs.PRODUCT_API_URL }}" echo " ORDER_API_URL=${{ github.event.inputs.ORDER_API_URL }}" - - # Show a diff summary echo "--- diff preview ---" grep -n "const .*_BASE_URL" frontend/main.js || true echo "--------------------" From 9c08a52b6c6f27b02f013967aa1b9ae96ee8c195 Mon Sep 17 00:00:00 2001 From: Titiksha Rathod Date: Fri, 26 Sep 2025 09:17:11 +1000 Subject: [PATCH 27/27] ci(cd): trigger backend CD automatically after successful Backend CI --- .github/workflows/backend-cd.yml | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/.github/workflows/backend-cd.yml b/.github/workflows/backend-cd.yml index db9442f6..b3cec4dd 100644 --- a/.github/workflows/backend-cd.yml +++ b/.github/workflows/backend-cd.yml @@ -1,10 +1,14 @@ -name: CD - Deploy Backend Services to AKS +name: Backend CD - Deploy Backend Services to AKS on: - workflow_dispatch: + workflow_run: + workflows: ["Backend CI - Test, Build and Push Images to ACR"] + types: + - completed jobs: deploy_backend: + if: ${{ github.event.workflow_run.conclusion == 'success' }} runs-on: ubuntu-latest environment: Production @@ -16,7 +20,7 @@ jobs: - name: Checkout repository uses: actions/checkout@v4 - # 🗝️ Configure kubeconfig using GitHub Secret + # 🗝️ Configure kubeconfig using GitHub Secret (OIDC upgrade coming next) - name: Configure kubeconfig run: | mkdir -p ~/.kube