Drafting README for Todo API project enhancements #14
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI-CD to deploy docker image of TodoAPI to AppService using OIDC | |
| on: | |
| push: | |
| branches: [ "master" ] | |
| pull_request: | |
| branches: [ "master" ] | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write # Require write permission to Fetch an OIDC token. | |
| contents: read | |
| steps: | |
| # 1. Checkout code | |
| - name: Check out repository code | |
| uses: actions/checkout@v4 | |
| #2. Log in to Azure using Service Principal which was been been assigned github trust details. | |
| - name: Azure Login | |
| uses: azure/login@v1 | |
| with: | |
| client-id: ${{ secrets.AZURE_GITHUB_SP_CLIENTID_TODO }} | |
| tenant-id: ${{ secrets.AZURE_GITHUB_TENANTID_TODO }} | |
| subscription-id: ${{ secrets.AZURE_GITHUB_SUBSCRIPTIONID_TODO }} | |
| # 3. Build docker image | |
| - name: Build the Docker image | |
| run: docker build -f Todo.API/Docker/Dockerfile -t todoapi:1.0.2 . | |
| # 4. ACR Login | |
| - name: ACR Login | |
| run: az acr login --name todoapi | |
| #5. Push to ACR | |
| #tagging the image must be tagged with the fully qualified ACR login server name | |
| - name: Push image to ACR | |
| run: | | |
| docker tag todoapi:1.0.2 todoapi.azurecr.io/app-images/todoapi:v1.0.2 | |
| docker push todoapi.azurecr.io/app-images/todoapi:v1.0.2 | |
| # 6. deploy to azure app service | |
| - name: Deploy to Azure AppService | |
| uses: azure/webapps-deploy@v2 | |
| with: | |
| app-name: todoRestApi | |
| images: todoapi.azurecr.io/app-images/todoapi:v1.0.2 | |