From e599ad987974da22b3bab4db3a721107c6c809e9 Mon Sep 17 00:00:00 2001 From: Are Almaas Date: Tue, 1 Oct 2024 16:18:25 +0200 Subject: [PATCH 1/5] ci: ensure unique revisions for deployments --- .github/workflows/action-deploy-apps.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/workflows/action-deploy-apps.yml b/.github/workflows/action-deploy-apps.yml index 35325f8d5..a92f57b75 100644 --- a/.github/workflows/action-deploy-apps.yml +++ b/.github/workflows/action-deploy-apps.yml @@ -75,6 +75,7 @@ jobs: env: # parameters IMAGE_TAG: ${{ inputs.version }} + REVISION_SUFFIX: "${{ inputs.version }}-${{ github.run_id }}-${{ github.run_attempt}}" # secrets AZURE_CONTAINER_APP_ENVIRONMENT_NAME: ${{ secrets.AZURE_CONTAINER_APP_ENVIRONMENT_NAME }} AZURE_ENVIRONMENT_KEY_VAULT_NAME: ${{ secrets.AZURE_ENVIRONMENT_KEY_VAULT_NAME }} @@ -96,6 +97,7 @@ jobs: env: # parameters IMAGE_TAG: ${{ inputs.version }} + REVISION_SUFFIX: "${{ inputs.version }}-${{ github.run_id }}-${{ github.run_attempt}}" # secrets AZURE_CONTAINER_APP_ENVIRONMENT_NAME: ${{ secrets.AZURE_CONTAINER_APP_ENVIRONMENT_NAME }} AZURE_ENVIRONMENT_KEY_VAULT_NAME: ${{ secrets.AZURE_ENVIRONMENT_KEY_VAULT_NAME }} @@ -159,7 +161,6 @@ jobs: client-id: ${{ secrets.AZURE_CLIENT_ID }} tenant-id: ${{ secrets.AZURE_TENANT_ID }} subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - - name: Dryrun Deploy app ${{ matrix.name }}(${{ inputs.environment }}) uses: azure/arm-deploy@v2 if: ${{ inputs.dryRun }} @@ -167,6 +168,7 @@ jobs: env: # parameters IMAGE_TAG: ${{ inputs.version }} + REVISION_SUFFIX: "${{ inputs.version }}-${{ github.run_id }}-${{ github.run_attempt}}" # secrets AZURE_CONTAINER_APP_ENVIRONMENT_NAME: ${{ secrets.AZURE_CONTAINER_APP_ENVIRONMENT_NAME }} AZURE_APP_INSIGHTS_CONNECTION_STRING: ${{ secrets.AZURE_APP_INSIGHTS_CONNECTION_STRING }} @@ -190,6 +192,7 @@ jobs: env: # parameters IMAGE_TAG: ${{ inputs.version }} + REVISION_SUFFIX: "${{ inputs.version }}-${{ github.run_id }}-${{ github.run_attempt}}" # secrets AZURE_CONTAINER_APP_ENVIRONMENT_NAME: ${{ secrets.AZURE_CONTAINER_APP_ENVIRONMENT_NAME }} AZURE_APP_INSIGHTS_CONNECTION_STRING: ${{ secrets.AZURE_APP_INSIGHTS_CONNECTION_STRING }} @@ -253,6 +256,7 @@ jobs: env: # parameters IMAGE_TAG: ${{ inputs.version }} + REVISION_SUFFIX: "${{ inputs.version }}-${{ github.run_id }}-${{ github.run_attempt}}" # secrets AZURE_CONTAINER_APP_ENVIRONMENT_NAME: ${{ secrets.AZURE_CONTAINER_APP_ENVIRONMENT_NAME }} AZURE_ENVIRONMENT_KEY_VAULT_NAME: ${{ secrets.AZURE_ENVIRONMENT_KEY_VAULT_NAME }} @@ -275,6 +279,7 @@ jobs: env: # parameters IMAGE_TAG: ${{ inputs.version }} + REVISION_SUFFIX: "${{ inputs.version }}-${{ github.run_id }}-${{ github.run_attempt}}" # secrets AZURE_CONTAINER_APP_ENVIRONMENT_NAME: ${{ secrets.AZURE_CONTAINER_APP_ENVIRONMENT_NAME }} AZURE_ENVIRONMENT_KEY_VAULT_NAME: ${{ secrets.AZURE_ENVIRONMENT_KEY_VAULT_NAME }} From 933d298b31602a02393dcf58735f698162cc85aa Mon Sep 17 00:00:00 2001 From: Are Almaas Date: Tue, 1 Oct 2024 16:20:25 +0200 Subject: [PATCH 2/5] cleanup --- .github/workflows/action-deploy-apps.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/action-deploy-apps.yml b/.github/workflows/action-deploy-apps.yml index a92f57b75..c56e3e15a 100644 --- a/.github/workflows/action-deploy-apps.yml +++ b/.github/workflows/action-deploy-apps.yml @@ -75,7 +75,7 @@ jobs: env: # parameters IMAGE_TAG: ${{ inputs.version }} - REVISION_SUFFIX: "${{ inputs.version }}-${{ github.run_id }}-${{ github.run_attempt}}" + REVISION_SUFFIX: "${{ github.run_id }}-${{ inputs.version }}-${{ github.run_attempt}}" # secrets AZURE_CONTAINER_APP_ENVIRONMENT_NAME: ${{ secrets.AZURE_CONTAINER_APP_ENVIRONMENT_NAME }} AZURE_ENVIRONMENT_KEY_VAULT_NAME: ${{ secrets.AZURE_ENVIRONMENT_KEY_VAULT_NAME }} @@ -97,7 +97,7 @@ jobs: env: # parameters IMAGE_TAG: ${{ inputs.version }} - REVISION_SUFFIX: "${{ inputs.version }}-${{ github.run_id }}-${{ github.run_attempt}}" + REVISION_SUFFIX: "${{ github.run_id }}-${{ inputs.version }}-${{ github.run_attempt}}" # secrets AZURE_CONTAINER_APP_ENVIRONMENT_NAME: ${{ secrets.AZURE_CONTAINER_APP_ENVIRONMENT_NAME }} AZURE_ENVIRONMENT_KEY_VAULT_NAME: ${{ secrets.AZURE_ENVIRONMENT_KEY_VAULT_NAME }} @@ -168,7 +168,7 @@ jobs: env: # parameters IMAGE_TAG: ${{ inputs.version }} - REVISION_SUFFIX: "${{ inputs.version }}-${{ github.run_id }}-${{ github.run_attempt}}" + REVISION_SUFFIX: "${{ github.run_id }}-${{ inputs.version }}-${{ github.run_attempt}}" # secrets AZURE_CONTAINER_APP_ENVIRONMENT_NAME: ${{ secrets.AZURE_CONTAINER_APP_ENVIRONMENT_NAME }} AZURE_APP_INSIGHTS_CONNECTION_STRING: ${{ secrets.AZURE_APP_INSIGHTS_CONNECTION_STRING }} @@ -192,7 +192,7 @@ jobs: env: # parameters IMAGE_TAG: ${{ inputs.version }} - REVISION_SUFFIX: "${{ inputs.version }}-${{ github.run_id }}-${{ github.run_attempt}}" + REVISION_SUFFIX: "${{ github.run_id }}-${{ inputs.version }}-${{ github.run_attempt}}" # secrets AZURE_CONTAINER_APP_ENVIRONMENT_NAME: ${{ secrets.AZURE_CONTAINER_APP_ENVIRONMENT_NAME }} AZURE_APP_INSIGHTS_CONNECTION_STRING: ${{ secrets.AZURE_APP_INSIGHTS_CONNECTION_STRING }} @@ -256,7 +256,7 @@ jobs: env: # parameters IMAGE_TAG: ${{ inputs.version }} - REVISION_SUFFIX: "${{ inputs.version }}-${{ github.run_id }}-${{ github.run_attempt}}" + REVISION_SUFFIX: "${{ github.run_id }}-${{ inputs.version }}-${{ github.run_attempt}}" # secrets AZURE_CONTAINER_APP_ENVIRONMENT_NAME: ${{ secrets.AZURE_CONTAINER_APP_ENVIRONMENT_NAME }} AZURE_ENVIRONMENT_KEY_VAULT_NAME: ${{ secrets.AZURE_ENVIRONMENT_KEY_VAULT_NAME }} @@ -279,7 +279,7 @@ jobs: env: # parameters IMAGE_TAG: ${{ inputs.version }} - REVISION_SUFFIX: "${{ inputs.version }}-${{ github.run_id }}-${{ github.run_attempt}}" + REVISION_SUFFIX: "${{ github.run_id }}-${{ inputs.version }}-${{ github.run_attempt}}" # secrets AZURE_CONTAINER_APP_ENVIRONMENT_NAME: ${{ secrets.AZURE_CONTAINER_APP_ENVIRONMENT_NAME }} AZURE_ENVIRONMENT_KEY_VAULT_NAME: ${{ secrets.AZURE_ENVIRONMENT_KEY_VAULT_NAME }} From 479a16d5e256ab0f582a6aa220b42fb33d8c1ef1 Mon Sep 17 00:00:00 2001 From: Are Almaas Date: Tue, 1 Oct 2024 16:24:42 +0200 Subject: [PATCH 3/5] cleanup --- .azure/applications/graphql/main.bicep | 6 +++++- .azure/applications/graphql/prod.bicepparam | 1 + .azure/applications/graphql/staging.bicepparam | 1 + .azure/applications/graphql/test.bicepparam | 1 + .azure/applications/web-api-eu/main.bicep | 6 +++++- .azure/applications/web-api-eu/prod.bicepparam | 1 + .azure/applications/web-api-eu/staging.bicepparam | 1 + .azure/applications/web-api-eu/test.bicepparam | 1 + .azure/applications/web-api-so/main.bicep | 4 ++++ .azure/applications/web-api-so/prod.bicepparam | 1 + .azure/applications/web-api-so/staging.bicepparam | 1 + .azure/applications/web-api-so/test.bicepparam | 1 + .github/workflows/action-deploy-apps.yml | 4 ---- 13 files changed, 23 insertions(+), 6 deletions(-) diff --git a/.azure/applications/graphql/main.bicep b/.azure/applications/graphql/main.bicep index fb4edc2d8..a931e5361 100644 --- a/.azure/applications/graphql/main.bicep +++ b/.azure/applications/graphql/main.bicep @@ -16,6 +16,10 @@ param location string @minLength(3) param apimIp string +@description('The suffix for the revision of the container app') +@minLength(3) +param revisionSuffix string + @description('CPU and memory resources for the container app') param resources object? @@ -87,7 +91,7 @@ module containerApp '../../modules/containerApp/main.bicep' = { apimIp: apimIp tags: tags resources: resources - revisionSuffix: imageTag + revisionSuffix: revisionSuffix } } diff --git a/.azure/applications/graphql/prod.bicepparam b/.azure/applications/graphql/prod.bicepparam index 84ff5332d..562917c43 100644 --- a/.azure/applications/graphql/prod.bicepparam +++ b/.azure/applications/graphql/prod.bicepparam @@ -4,6 +4,7 @@ param environment = 'prod' param location = 'norwayeast' param apimIp = '51.120.88.54' param imageTag = readEnvironmentVariable('IMAGE_TAG') +param revisionSuffix = readEnvironmentVariable('REVISION_SUFFIX') // secrets param environmentKeyVaultName = readEnvironmentVariable('AZURE_ENVIRONMENT_KEY_VAULT_NAME') diff --git a/.azure/applications/graphql/staging.bicepparam b/.azure/applications/graphql/staging.bicepparam index 5287dd839..d2d415801 100644 --- a/.azure/applications/graphql/staging.bicepparam +++ b/.azure/applications/graphql/staging.bicepparam @@ -4,6 +4,7 @@ param environment = 'staging' param location = 'norwayeast' param apimIp = '51.13.86.131' param imageTag = readEnvironmentVariable('IMAGE_TAG') +param revisionSuffix = readEnvironmentVariable('REVISION_SUFFIX') // secrets param environmentKeyVaultName = readEnvironmentVariable('AZURE_ENVIRONMENT_KEY_VAULT_NAME') diff --git a/.azure/applications/graphql/test.bicepparam b/.azure/applications/graphql/test.bicepparam index 8873fcd13..c5f6c464f 100644 --- a/.azure/applications/graphql/test.bicepparam +++ b/.azure/applications/graphql/test.bicepparam @@ -4,6 +4,7 @@ param environment = 'test' param location = 'norwayeast' param apimIp = '51.120.88.69' param imageTag = readEnvironmentVariable('IMAGE_TAG') +param revisionSuffix = readEnvironmentVariable('REVISION_SUFFIX') // secrets param environmentKeyVaultName = readEnvironmentVariable('AZURE_ENVIRONMENT_KEY_VAULT_NAME') diff --git a/.azure/applications/web-api-eu/main.bicep b/.azure/applications/web-api-eu/main.bicep index 5458a454d..0ed28a2b7 100644 --- a/.azure/applications/web-api-eu/main.bicep +++ b/.azure/applications/web-api-eu/main.bicep @@ -16,6 +16,10 @@ param location string @minLength(3) param apimIp string +@description('The suffix for the revision of the container app') +@minLength(3) +param revisionSuffix string + @description('CPU and memory resources for the container app') param resources object? @@ -90,7 +94,7 @@ module containerApp '../../modules/containerApp/main.bicep' = { apimIp: apimIp tags: tags resources: resources - revisionSuffix: imageTag + revisionSuffix: revisionSuffix } } diff --git a/.azure/applications/web-api-eu/prod.bicepparam b/.azure/applications/web-api-eu/prod.bicepparam index 84ff5332d..562917c43 100644 --- a/.azure/applications/web-api-eu/prod.bicepparam +++ b/.azure/applications/web-api-eu/prod.bicepparam @@ -4,6 +4,7 @@ param environment = 'prod' param location = 'norwayeast' param apimIp = '51.120.88.54' param imageTag = readEnvironmentVariable('IMAGE_TAG') +param revisionSuffix = readEnvironmentVariable('REVISION_SUFFIX') // secrets param environmentKeyVaultName = readEnvironmentVariable('AZURE_ENVIRONMENT_KEY_VAULT_NAME') diff --git a/.azure/applications/web-api-eu/staging.bicepparam b/.azure/applications/web-api-eu/staging.bicepparam index 5287dd839..d2d415801 100644 --- a/.azure/applications/web-api-eu/staging.bicepparam +++ b/.azure/applications/web-api-eu/staging.bicepparam @@ -4,6 +4,7 @@ param environment = 'staging' param location = 'norwayeast' param apimIp = '51.13.86.131' param imageTag = readEnvironmentVariable('IMAGE_TAG') +param revisionSuffix = readEnvironmentVariable('REVISION_SUFFIX') // secrets param environmentKeyVaultName = readEnvironmentVariable('AZURE_ENVIRONMENT_KEY_VAULT_NAME') diff --git a/.azure/applications/web-api-eu/test.bicepparam b/.azure/applications/web-api-eu/test.bicepparam index 8873fcd13..c5f6c464f 100644 --- a/.azure/applications/web-api-eu/test.bicepparam +++ b/.azure/applications/web-api-eu/test.bicepparam @@ -4,6 +4,7 @@ param environment = 'test' param location = 'norwayeast' param apimIp = '51.120.88.69' param imageTag = readEnvironmentVariable('IMAGE_TAG') +param revisionSuffix = readEnvironmentVariable('REVISION_SUFFIX') // secrets param environmentKeyVaultName = readEnvironmentVariable('AZURE_ENVIRONMENT_KEY_VAULT_NAME') diff --git a/.azure/applications/web-api-so/main.bicep b/.azure/applications/web-api-so/main.bicep index e510fb86a..b217eeea0 100644 --- a/.azure/applications/web-api-so/main.bicep +++ b/.azure/applications/web-api-so/main.bicep @@ -16,6 +16,10 @@ param location string @minLength(3) param apimIp string +@description('The suffix for the revision of the container app') +@minLength(3) +param revisionSuffix string + @description('CPU and memory resources for the container app') param resources object? diff --git a/.azure/applications/web-api-so/prod.bicepparam b/.azure/applications/web-api-so/prod.bicepparam index 84ff5332d..562917c43 100644 --- a/.azure/applications/web-api-so/prod.bicepparam +++ b/.azure/applications/web-api-so/prod.bicepparam @@ -4,6 +4,7 @@ param environment = 'prod' param location = 'norwayeast' param apimIp = '51.120.88.54' param imageTag = readEnvironmentVariable('IMAGE_TAG') +param revisionSuffix = readEnvironmentVariable('REVISION_SUFFIX') // secrets param environmentKeyVaultName = readEnvironmentVariable('AZURE_ENVIRONMENT_KEY_VAULT_NAME') diff --git a/.azure/applications/web-api-so/staging.bicepparam b/.azure/applications/web-api-so/staging.bicepparam index 5287dd839..d2d415801 100644 --- a/.azure/applications/web-api-so/staging.bicepparam +++ b/.azure/applications/web-api-so/staging.bicepparam @@ -4,6 +4,7 @@ param environment = 'staging' param location = 'norwayeast' param apimIp = '51.13.86.131' param imageTag = readEnvironmentVariable('IMAGE_TAG') +param revisionSuffix = readEnvironmentVariable('REVISION_SUFFIX') // secrets param environmentKeyVaultName = readEnvironmentVariable('AZURE_ENVIRONMENT_KEY_VAULT_NAME') diff --git a/.azure/applications/web-api-so/test.bicepparam b/.azure/applications/web-api-so/test.bicepparam index 8873fcd13..c5f6c464f 100644 --- a/.azure/applications/web-api-so/test.bicepparam +++ b/.azure/applications/web-api-so/test.bicepparam @@ -4,6 +4,7 @@ param environment = 'test' param location = 'norwayeast' param apimIp = '51.120.88.69' param imageTag = readEnvironmentVariable('IMAGE_TAG') +param revisionSuffix = readEnvironmentVariable('REVISION_SUFFIX') // secrets param environmentKeyVaultName = readEnvironmentVariable('AZURE_ENVIRONMENT_KEY_VAULT_NAME') diff --git a/.github/workflows/action-deploy-apps.yml b/.github/workflows/action-deploy-apps.yml index c56e3e15a..95c9526a8 100644 --- a/.github/workflows/action-deploy-apps.yml +++ b/.github/workflows/action-deploy-apps.yml @@ -75,7 +75,6 @@ jobs: env: # parameters IMAGE_TAG: ${{ inputs.version }} - REVISION_SUFFIX: "${{ github.run_id }}-${{ inputs.version }}-${{ github.run_attempt}}" # secrets AZURE_CONTAINER_APP_ENVIRONMENT_NAME: ${{ secrets.AZURE_CONTAINER_APP_ENVIRONMENT_NAME }} AZURE_ENVIRONMENT_KEY_VAULT_NAME: ${{ secrets.AZURE_ENVIRONMENT_KEY_VAULT_NAME }} @@ -97,7 +96,6 @@ jobs: env: # parameters IMAGE_TAG: ${{ inputs.version }} - REVISION_SUFFIX: "${{ github.run_id }}-${{ inputs.version }}-${{ github.run_attempt}}" # secrets AZURE_CONTAINER_APP_ENVIRONMENT_NAME: ${{ secrets.AZURE_CONTAINER_APP_ENVIRONMENT_NAME }} AZURE_ENVIRONMENT_KEY_VAULT_NAME: ${{ secrets.AZURE_ENVIRONMENT_KEY_VAULT_NAME }} @@ -256,7 +254,6 @@ jobs: env: # parameters IMAGE_TAG: ${{ inputs.version }} - REVISION_SUFFIX: "${{ github.run_id }}-${{ inputs.version }}-${{ github.run_attempt}}" # secrets AZURE_CONTAINER_APP_ENVIRONMENT_NAME: ${{ secrets.AZURE_CONTAINER_APP_ENVIRONMENT_NAME }} AZURE_ENVIRONMENT_KEY_VAULT_NAME: ${{ secrets.AZURE_ENVIRONMENT_KEY_VAULT_NAME }} @@ -279,7 +276,6 @@ jobs: env: # parameters IMAGE_TAG: ${{ inputs.version }} - REVISION_SUFFIX: "${{ github.run_id }}-${{ inputs.version }}-${{ github.run_attempt}}" # secrets AZURE_CONTAINER_APP_ENVIRONMENT_NAME: ${{ secrets.AZURE_CONTAINER_APP_ENVIRONMENT_NAME }} AZURE_ENVIRONMENT_KEY_VAULT_NAME: ${{ secrets.AZURE_ENVIRONMENT_KEY_VAULT_NAME }} From 2c11f36b039bc458b5328eede89efb9da336fd13 Mon Sep 17 00:00:00 2001 From: Are Almaas Date: Tue, 1 Oct 2024 16:42:27 +0200 Subject: [PATCH 4/5] cleanup --- .azure/applications/web-api-so/main.bicep | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.azure/applications/web-api-so/main.bicep b/.azure/applications/web-api-so/main.bicep index b217eeea0..8a4c63237 100644 --- a/.azure/applications/web-api-so/main.bicep +++ b/.azure/applications/web-api-so/main.bicep @@ -98,7 +98,7 @@ module containerApp '../../modules/containerApp/main.bicep' = { apimIp: apimIp tags: tags resources: resources - revisionSuffix: imageTag + revisionSuffix: revisionSuffix } } From 683a9a01455a75d5f94c7b017b62a52ecb347831 Mon Sep 17 00:00:00 2001 From: Are Almaas Date: Tue, 1 Oct 2024 16:57:24 +0200 Subject: [PATCH 5/5] cleanup --- .github/workflows/action-deploy-apps.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/action-deploy-apps.yml b/.github/workflows/action-deploy-apps.yml index 95c9526a8..79a87e76f 100644 --- a/.github/workflows/action-deploy-apps.yml +++ b/.github/workflows/action-deploy-apps.yml @@ -149,6 +149,8 @@ jobs: permissions: id-token: write contents: read + env: + REVISION_SUFFIX: "${{ github.run_id }}-${{ inputs.version }}-${{ github.run_attempt}}" steps: - name: "Checkout GitHub Action" uses: actions/checkout@v4 @@ -166,7 +168,7 @@ jobs: env: # parameters IMAGE_TAG: ${{ inputs.version }} - REVISION_SUFFIX: "${{ github.run_id }}-${{ inputs.version }}-${{ github.run_attempt}}" + REVISION_SUFFIX: ${{ env.REVISION_SUFFIX }} # secrets AZURE_CONTAINER_APP_ENVIRONMENT_NAME: ${{ secrets.AZURE_CONTAINER_APP_ENVIRONMENT_NAME }} AZURE_APP_INSIGHTS_CONNECTION_STRING: ${{ secrets.AZURE_APP_INSIGHTS_CONNECTION_STRING }} @@ -190,7 +192,7 @@ jobs: env: # parameters IMAGE_TAG: ${{ inputs.version }} - REVISION_SUFFIX: "${{ github.run_id }}-${{ inputs.version }}-${{ github.run_attempt}}" + REVISION_SUFFIX: ${{ env.REVISION_SUFFIX }} # secrets AZURE_CONTAINER_APP_ENVIRONMENT_NAME: ${{ secrets.AZURE_CONTAINER_APP_ENVIRONMENT_NAME }} AZURE_APP_INSIGHTS_CONNECTION_STRING: ${{ secrets.AZURE_APP_INSIGHTS_CONNECTION_STRING }}