Update init.sh

.github/workflows/build and push the tagged build to prod.yml

@@ -0,0 +1,69 @@
+name: Build and push the tagged build to production
+
+on:
+  push:
+    tags:
+      - 'v*'
+
+jobs:
+  build_push_image:
+    runs-on: ubuntu-20.04
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Fetch latest version
+        id: fetch_version
+        run: echo ::set-output name=TAG::${GITHUB_REF#refs/tags/}
+
+      - name: Set up Buildx
+        uses: docker/setup-buildx-action@v1
+
+      - name: Docker Login
+        uses: docker/login-action@v1
+        with:
+          registry: ${{ secrets.ACR_NAME }}
+          username: ${{ secrets.ACR_LOGIN }}
+          password: ${{ secrets.ACR_PASSWORD }}
+
+      - name: Build and push production images
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          tags: ${{secrets.ACR_NAME}}/contoso-website:latest,${{secrets.ACR_NAME}}/contoso-website:${{ steps.fetch_version.outputs.TAG }}
+          push: true
+
+  deploy:
+    runs-on: ubuntu-20.04
+    needs: build_push_image
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Install Helm
+        uses: Azure/setup-helm@v1
+        with:
+          version: v3.3.1
+
+      - name: Get AKS Credentials
+        uses: Azure/aks-set-context@v1
+        with:
+          creds: ${{ secrets.AZURE_CREDENTIALS }}
+          # Resource group name
+          resource-group: mslearn-gh-pipelines-
+          # AKS cluster name
+          cluster-name: contoso-video
+
+      - name: Run Helm Deploy
+        run: |
+          helm upgrade \
+            --install \
+            --create-namespace \
+            --atomic \
+            --wait \
+            --namespace production \
+            contoso-website \
+            ./kubernetes/contoso-website \
+            --set image.repository=${{ secrets.ACR_NAME }} \
+            --set dns.name=${{ secrets.DNS_NAME }} \
+            --set image.tag=${GITHUB_REF##*/}

.github/workflows/build-staging.yml

@@ -0,0 +1,50 @@
+# This is a basic workflow to help you get started with Actions
+
+name: Build and push the latest build to staging
+
+# Controls when the workflow will run
+on:
+  # Triggers the workflow on push or pull request events but only for the main branch
+  push:
+    branches: [ main ]
+
+
+  # Allows you to run this workflow manually from the Actions tab
+  workflow_dispatch:
+
+# A workflow run is made up of one or more jobs that can run sequentially or in parallel
+jobs:
+  # This workflow contains a single job called "build"
+  build_image_push:
+    # The type of runner that the job will run on
+    runs-on: ubuntu-latest
+
+    # Steps represent a sequence of tasks that will be executed as part of the job
+    steps:
+      # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
+      - uses: actions/checkout@v3
+      - name: Set up Buildx
+      - uses: docker/setup-buildx-action@v1
+
+      - name: Docker Login
+  # You may pin to the exact commit or the version.
+  # uses: docker/login-action@dd4fa0671be5250ee6f50aedf4cb05514abda2c7
+  uses: docker/[email protected]
+  with:
+    # Server address of Docker registry. If not set then will default to Docker Hub
+    registry: ${{ secrets.ACR_NAME }}
+    # Username used to log against the Docker registry
+    username: ${{ secrets.ACR_LOGIN }}
+    # Password or personal access token used to log against the Docker registry
+    password: ${{ secrets.ACR_PASSWORD }}
+
+
+      - name: Build and push staging images
+  # You may pin to the exact commit or the version.
+  # uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a
+  uses: docker/[email protected]
+  with:
+       context: .
+    tags: ${{secrets.ACR_NAME}}/contoso-website:latest
+    push: true
+

.github/workflows/build_staging.yml

@@ -0,0 +1,62 @@
+name: Build and push the latest build to staging
+
+on:
+  push:
+    branches: [ main ]
+
+jobs:
+  build_push_image:
+    runs-on: ubuntu-20.04
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Set up Buildx
+        uses: docker/setup-buildx-action@v1
+
+      - name: Docker Login
+        uses: docker/login-action@v1
+        with:
+          registry: ${{ secrets.ACR_NAME }}
+          username: ${{ secrets.ACR_LOGIN }}
+          password: ${{ secrets.ACR_PASSWORD }}
+
+      - name: Build and push staging images
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          tags: ${{secrets.ACR_NAME}}/contoso-website:latest
+          push: true
+
+  deploy:
+    runs-on: ubuntu-20.04
+    needs: build_push_image
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Install Helm
+        uses: Azure/setup-helm@v1
+        with:
+          version: v3.3.1
+
+      - name: Get AKS Credentials
+        uses: Azure/aks-set-context@v1
+        with:
+          creds: ${{ secrets.AZURE_CREDENTIALS }}
+          resource-group: mslearn-gh-pipelines-
+          cluster-name: contoso-video
+
+
+      - name: Run Helm Deploy
+        run: |
+          helm upgrade \
+            --install \
+            --create-namespace \
+            --atomic \
+            --wait \
+            --namespace staging \
+            contoso-website \
+            ./kubernetes/contoso-website \
+            --set image.repository=${{ secrets.ACR_NAME }} \
+            --set dns.name=${{ secrets.DNS_NAME }}

.github/workflows/main.yml

@@ -0,0 +1,36 @@
+# This is a basic workflow to help you get started with Actions
+
+name: CI
+
+# Controls when the workflow will run
+on:
+  # Triggers the workflow on push or pull request events but only for the main branch
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+
+  # Allows you to run this workflow manually from the Actions tab
+  workflow_dispatch:
+
+# A workflow run is made up of one or more jobs that can run sequentially or in parallel
+jobs:
+  # This workflow contains a single job called "build"
+  build:
+    # The type of runner that the job will run on
+    runs-on: ubuntu-latest
+
+    # Steps represent a sequence of tasks that will be executed as part of the job
+    steps:
+      # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
+      - uses: actions/checkout@v3
+
+      # Runs a single command using the runners shell
+      - name: Run a one-line script
+        run: echo Hello, world!
+
+      # Runs a set of commands using the runners shell
+      - name: Run a multi-line script
+        run: |
+          echo Add other actions to build,
+          echo test, and deploy your project.

chart.yaml

@@ -0,0 +1,4 @@
+apiVersion: v2
+name: contoso-website
+description: Chart for the Contoso company website
+version: 0.1.0

init.sh

@@ -6,7 +6,7 @@ export AKS_NAME=contoso-video
 export ACR_NAME=ContosoContainerRegistry$RANDOM
 
 echo "Searching for resource group..."
-az group create -n $RESOURCE_GROUP_NAME -l eastus
+az group create -n $RESOURCE_GROUP_NAME -l northeurope
 
 echo "Creating cluster..."
 az aks create \

initiate.sh

@@ -0,0 +1,48 @@
+!/bin/bash
+
+echo "Defining variables..."
+export RESOURCE_GROUP_NAME=mslearn-gh-pipelines-$RANDOM
+export AKS_NAME=contoso-video
+export ACR_NAME=ashiqcontosocontainerregistry$RANDOM
+
+echo "Searching for resource group..."
+az group create -n $RESOURCE_GROUP_NAME -l northeurope
+
+echo "Creating cluster..."
+az aks create \
+  --resource-group $RESOURCE_GROUP_NAME \
+  --name $AKS_NAME \
+  --node-count 1 \
+  --enable-addons http_application_routing \
+  --dns-name-prefix $AKS_NAME \
+  --enable-managed-identity \
+  --generate-ssh-keys \
+  --node-vm-size Standard_D2as_v4
+
+echo "Obtaining credentials..."
+az aks get-credentials -n $AKS_NAME -g $RESOURCE_GROUP_NAME
+
+echo "Creating ACR..."
+az acr create -n $ACR_NAME -g $RESOURCE_GROUP_NAME --sku basic
+az acr update -n $ACR_NAME --admin-enabled true
+
+export ACR_USERNAME=$(az acr credential show -n $ACR_NAME --query "username" -o tsv)
+export ACR_PASSWORD=$(az acr credential show -n $ACR_NAME --query "passwords[0].value" -o tsv)
+
+az aks update \
+    --name $AKS_NAME \
+    --resource-group $RESOURCE_GROUP_NAME \
+    --attach-acr $ACR_NAME
+
+export DNS_NAME=$(az network dns zone list -o json --query "[?contains(resourceGroup,'$RESOURCE_GROUP_NAME')].name" -o tsv)
+
+sed -i '' 's+!IMAGE!+'"$ACR_NAME"'/contoso-website+g' kubernetes/deployment.yaml
+sed -i '' 's+!DNS!+'"$DNS_NAME"'+g' kubernetes/ingress.yaml
+
+echo "Installation concluded, copy these values and store them, you'll use them later in this exercise:"
+echo "-> Resource Group Name: $RESOURCE_GROUP_NAME"
+echo "-> ACR Name: $ACR_NAME"
+echo "-> ACR Login Username: $ACR_USERNAME"
+echo "-> ACR Password: $ACR_PASSWORD"
+echo "-> AKS Cluster Name: $ACR_NAME"
+echo "-> AKS DNS Zone Name: $DNS_NAME"

kubernetes/contoso-website/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

kubernetes/contoso-website/Chart.yaml

@@ -0,0 +1,24 @@
+apiVersion: v2
+name: contoso-website
+description: A Helm chart for Kubernetes
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.1.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "1.16.0"

kubernetes/deployment.yaml → kubernetes/contoso-website/templates/deployment.yaml

@@ -2,6 +2,7 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: contoso-website
+  namespace: {{ default "staging" .Release.Namespace }}
 spec:
   selector:
     matchLabels:
@@ -12,7 +13,7 @@ spec:
         app: contoso-website
     spec:
       containers:
-        - image: !IMAGE!
+        - image:  {{ .Values.image.registry }}/{{ .Values.image.name }}:{{ default "latest" .Values.image.tag }}
           name: contoso-website
           resources:
             requests:

kubernetes/contoso-website/templates/ingress.yaml

@@ -0,0 +1,19 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: contoso-website
+  namespace: {{ default "staging" .Release.Namespace }}
+  annotations:
+    kubernetes.io/ingress.class: addon-http-application-routing
+spec:
+  rules:
+    - host: contoso-{{ default "staging" .Release.Namespace }}.{{ .Values.dns.name }}
+      http:
+        paths:
+          - backend:
+              service:
+              Name: contoso-website
+              Port:
+                name: http
+            path: /
+            pathType: Prefix

kubernetes/contoso-website/templates/service.yaml

@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: contoso-website
+  namespace: {{ default "staging" .Release.Namespace }}
+spec:
+  ports:
+    - port: 80
+      protocol: TCP
+      targetPort: http
+      name: http
+  selector:
+    app: contoso-website
+  type: ClusterIP

kubernetes/contoso-website/values.yaml

@@ -0,0 +1,7 @@
+image:
+  registry: ashiqcontosocontainerregistry
+  name: contoso-website
+  tag: latest
+
+dns:
+  name: f94032e137cd46d59f1b.northeurope.aksapp.io