From 7c51deb18b4e25dba966ea7628f3d53ce2cb9267 Mon Sep 17 00:00:00 2001 From: Cincaiplay Date: Fri, 3 Oct 2025 18:50:18 +1000 Subject: [PATCH 1/9] update --- .github/workflows/backend-cd.yml | 25 ++++++++++++++----------- 1 file changed, 14 insertions(+), 11 deletions(-) diff --git a/.github/workflows/backend-cd.yml b/.github/workflows/backend-cd.yml index 6f5f1f67..1aa05d78 100644 --- a/.github/workflows/backend-cd.yml +++ b/.github/workflows/backend-cd.yml @@ -3,8 +3,8 @@ name: CD - Deploy Backend (then Frontend) on: workflow_dispatch: inputs: - aks_cluster_name: { description: 'AKS name', required: true } - aks_resource_group: { description: 'RG name', required: true } + aks_cluster_name: { description: 'AKS name', required: true } + aks_resource_group:{ description: 'RG name', required: true } workflow_run: workflows: ["CI - Test, Build & Push (Backend + Frontend)"] types: [completed] @@ -12,7 +12,8 @@ on: env: REGISTRY_LOGIN_SERVER: ${{ secrets.AZURE_ACR_LOGIN_SERVER }} - IMAGE_TAG: ${{ github.event.workflow_run?.outputs.image_tag || github.sha }} + # If triggered by workflow_run, use that run's head SHA; otherwise use this workflow's SHA + IMAGE_TAG: ${{ github.event_name == 'workflow_run' && github.event.workflow_run.head_sha || github.sha }} permissions: id-token: write @@ -24,12 +25,14 @@ concurrency: jobs: deploy_backend: - if: github.event_name == 'workflow_dispatch' || github.event.workflow_run.conclusion == 'success' + # Guard access to workflow_run fields when event isn't workflow_run + if: ${{ github.event_name == 'workflow_dispatch' || (github.event_name == 'workflow_run' && github.event.workflow_run.conclusion == 'success') }} runs-on: ubuntu-latest environment: Production + outputs: PRODUCT_API_IP: ${{ steps.capture.outputs.product_ip }} - ORDER_API_IP: ${{ steps.capture.outputs.order_ip }} + ORDER_API_IP: ${{ steps.capture.outputs.order_ip }} steps: - uses: actions/checkout@v4 @@ -56,7 +59,7 @@ jobs: --name "${{ github.event.inputs.aks_cluster_name || secrets.AKS_NAME }}" \ --attach-acr "${{ secrets.AZURE_ACR_NAME }}" - - name: Deploy Config & Databases + - name: Deploy Backend Infrastructure working-directory: k8s run: | kubectl apply -f configmaps.yaml @@ -64,15 +67,13 @@ jobs: kubectl apply -f product-db.yaml kubectl apply -f order-db.yaml - - name: Deploy Services with pinned images + - name: Deploy Backend Microservices (pin image tags) working-directory: k8s run: | - # Patch images to the exact CI-built tag - kubectl set image deploy/product-service-w08e1 product-service-container="${{ env.REGISTRY_LOGIN_SERVER }}/product_service:${{ env.IMAGE_TAG }}" --record=true || true - kubectl set image deploy/order-service-w08e1 order-service-container="${{ env.REGISTRY_LOGIN_SERVER }}/order_service:${{ env.IMAGE_TAG }}" --record=true || true - # If first time apply: kubectl apply -f product-service.yaml kubectl apply -f order-service.yaml + kubectl set image deploy/product-service-w08e1 product-service-container="${{ env.REGISTRY_LOGIN_SERVER }}/product_service:${{ env.IMAGE_TAG }}" --record=true + kubectl set image deploy/order-service-w08e1 order-service-container="${{ env.REGISTRY_LOGIN_SERVER }}/order_service:${{ env.IMAGE_TAG }}" --record=true - name: Wait for LoadBalancer IPs id: capture @@ -97,3 +98,5 @@ jobs: order_api_ip: "http://${{ needs.deploy_backend.outputs.ORDER_API_IP }}:8001" aks_cluster_name: ${{ github.event.inputs.aks_cluster_name || secrets.AKS_NAME }} aks_resource_group: ${{ github.event.inputs.aks_resource_group || secrets.AKS_RG }} + image_tag: ${{ env.IMAGE_TAG }} + secrets: inherit From 24b1fbe2368bb60bdc57b5abbe987ee13cc1f6bc Mon Sep 17 00:00:00 2001 From: Cincaiplay Date: Fri, 3 Oct 2025 18:53:28 +1000 Subject: [PATCH 2/9] update --- .github/workflows/backend-cd.yml | 77 ++++++++++++++++++++------------ 1 file changed, 49 insertions(+), 28 deletions(-) diff --git a/.github/workflows/backend-cd.yml b/.github/workflows/backend-cd.yml index 1aa05d78..895275e7 100644 --- a/.github/workflows/backend-cd.yml +++ b/.github/workflows/backend-cd.yml @@ -3,18 +3,14 @@ name: CD - Deploy Backend (then Frontend) on: workflow_dispatch: inputs: - aks_cluster_name: { description: 'AKS name', required: true } - aks_resource_group:{ description: 'RG name', required: true } + aks_cluster_name: { description: 'AKS name', required: true } + aks_resource_group: { description: 'RG name', required: true } + image_tag: { description: 'Image tag to deploy (optional)', required: false, default: '' } workflow_run: workflows: ["CI - Test, Build & Push (Backend + Frontend)"] types: [completed] branches: [main] -env: - REGISTRY_LOGIN_SERVER: ${{ secrets.AZURE_ACR_LOGIN_SERVER }} - # If triggered by workflow_run, use that run's head SHA; otherwise use this workflow's SHA - IMAGE_TAG: ${{ github.event_name == 'workflow_run' && github.event.workflow_run.head_sha || github.sha }} - permissions: id-token: write contents: read @@ -25,25 +21,40 @@ concurrency: jobs: deploy_backend: - # Guard access to workflow_run fields when event isn't workflow_run - if: ${{ github.event_name == 'workflow_dispatch' || (github.event_name == 'workflow_run' && github.event.workflow_run.conclusion == 'success') }} + # Run if manual OR CI completed successfully + if: github.event_name == 'workflow_dispatch' || github.event.workflow_run.conclusion == 'success' runs-on: ubuntu-latest environment: Production outputs: PRODUCT_API_IP: ${{ steps.capture.outputs.product_ip }} ORDER_API_IP: ${{ steps.capture.outputs.order_ip }} + IMAGE_TAG: ${{ steps.compute_tag.outputs.val }} steps: - uses: actions/checkout@v4 - - name: Azure Login (OIDC) - uses: azure/login@v2 + # Decide which image tag to deploy: + # - If triggered by workflow_run (CI finished), use the CI run's head SHA. + # - Else if manual and image_tag input provided, use it. + # - Else fall back to the current SHA. + - name: Compute IMAGE_TAG + id: compute_tag + run: | + if [ "${{ github.event_name }}" = "workflow_run" ]; then + echo "val=${{ github.event.workflow_run.head_sha }}" >> $GITHUB_OUTPUT + elif [ -n "${{ github.event.inputs.image_tag }}" ]; then + echo "val=${{ github.event.inputs.image_tag }}" >> $GITHUB_OUTPUT + else + echo "val=${{ github.sha }}" >> $GITHUB_OUTPUT + fi + echo "IMAGE_TAG chosen: $(cat $GITHUB_OUTPUT)" + + # Azure login using a Service Principal secret + - name: Azure Login + uses: azure/login@v1 with: - client-id: ${{ secrets.AZURE_CLIENT_ID }} - tenant-id: ${{ secrets.AZURE_TENANT_ID }} - subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - enable-AzPSSession: true + creds: ${{ secrets.AZURE_CREDENTIALS }} - name: Set AKS context run: | @@ -59,7 +70,7 @@ jobs: --name "${{ github.event.inputs.aks_cluster_name || secrets.AKS_NAME }}" \ --attach-acr "${{ secrets.AZURE_ACR_NAME }}" - - name: Deploy Backend Infrastructure + - name: Deploy Config & Databases working-directory: k8s run: | kubectl apply -f configmaps.yaml @@ -67,23 +78,33 @@ jobs: kubectl apply -f product-db.yaml kubectl apply -f order-db.yaml - - name: Deploy Backend Microservices (pin image tags) - working-directory: k8s + - name: Deploy Services (apply manifests and pin images) + env: + REGISTRY_LOGIN_SERVER: ${{ secrets.AZURE_ACR_LOGIN_SERVER }} + IMAGE_TAG: ${{ steps.compute_tag.outputs.val }} run: | - kubectl apply -f product-service.yaml - kubectl apply -f order-service.yaml - kubectl set image deploy/product-service-w08e1 product-service-container="${{ env.REGISTRY_LOGIN_SERVER }}/product_service:${{ env.IMAGE_TAG }}" --record=true - kubectl set image deploy/order-service-w08e1 order-service-container="${{ env.REGISTRY_LOGIN_SERVER }}/order_service:${{ env.IMAGE_TAG }}" --record=true + # First apply manifests (creates if not exist) + kubectl apply -f k8s/product-service.yaml + kubectl apply -f k8s/order-service.yaml + + # Then pin images to the EXACT tag produced by CI + kubectl set image deploy/product-service-w08e1 product-service-container="${REGISTRY_LOGIN_SERVER}/product_service:${IMAGE_TAG}" --record=true || true + kubectl set image deploy/order-service-w08e1 order-service-container="${REGISTRY_LOGIN_SERVER}/order_service:${IMAGE_TAG}" --record=true || true + + echo "Waiting for product-service rollout..." + kubectl rollout status deploy/product-service-w08e1 --timeout=180s || exit 1 + echo "Waiting for order-service rollout..." + kubectl rollout status deploy/order-service-w08e1 --timeout=180s || exit 1 - - name: Wait for LoadBalancer IPs + - name: Capture LoadBalancer IPs id: capture run: | for i in {1..60}; do PRODUCT_IP=$(kubectl get svc product-service-w08e1 -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - ORDER_IP=$(kubectl get svc order-service-w08e1 -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + ORDER_IP=$(kubectl get svc order-service-w08e1 -o jsonpath='{.status.loadBalancer.ingress[0].ip}') if [[ -n "$PRODUCT_IP" && -n "$ORDER_IP" ]]; then echo "product_ip=$PRODUCT_IP" >> $GITHUB_OUTPUT - echo "order_ip=$ORDER_IP" >> $GITHUB_OUTPUT + echo "order_ip=$ORDER_IP" >> $GITHUB_OUTPUT exit 0 fi sleep 5 @@ -94,9 +115,9 @@ jobs: needs: deploy_backend uses: ./.github/workflows/frontend-cd.yml with: - product_api_ip: "http://${{ needs.deploy_backend.outputs.PRODUCT_API_IP }}:8000" - order_api_ip: "http://${{ needs.deploy_backend.outputs.ORDER_API_IP }}:8001" + product_api_ip: "http://${{ needs.deploy_backend.outputs.PRODUCT_API_IP }}:8000" + order_api_ip: "http://${{ needs.deploy_backend.outputs.ORDER_API_IP }}:8001" aks_cluster_name: ${{ github.event.inputs.aks_cluster_name || secrets.AKS_NAME }} aks_resource_group: ${{ github.event.inputs.aks_resource_group || secrets.AKS_RG }} - image_tag: ${{ env.IMAGE_TAG }} + image_tag: ${{ needs.deploy_backend.outputs.IMAGE_TAG }} secrets: inherit From d2d900f2e0e73fff94dd564769228ef50e0d8cc6 Mon Sep 17 00:00:00 2001 From: Cincaiplay Date: Fri, 3 Oct 2025 18:55:42 +1000 Subject: [PATCH 3/9] update --- .github/workflows/backend-cd.yml | 46 +++++++++++++++++++------------- 1 file changed, 28 insertions(+), 18 deletions(-) diff --git a/.github/workflows/backend-cd.yml b/.github/workflows/backend-cd.yml index 895275e7..5cc05504 100644 --- a/.github/workflows/backend-cd.yml +++ b/.github/workflows/backend-cd.yml @@ -3,8 +3,8 @@ name: CD - Deploy Backend (then Frontend) on: workflow_dispatch: inputs: - aks_cluster_name: { description: 'AKS name', required: true } - aks_resource_group: { description: 'RG name', required: true } + aks_cluster_name: { description: 'AKS name', required: false, default: '' } + aks_resource_group: { description: 'RG name', required: false, default: '' } image_tag: { description: 'Image tag to deploy (optional)', required: false, default: '' } workflow_run: workflows: ["CI - Test, Build & Push (Backend + Frontend)"] @@ -30,14 +30,13 @@ jobs: PRODUCT_API_IP: ${{ steps.capture.outputs.product_ip }} ORDER_API_IP: ${{ steps.capture.outputs.order_ip }} IMAGE_TAG: ${{ steps.compute_tag.outputs.val }} + AKS_NAME: ${{ steps.compute_aks.outputs.name }} + AKS_RG: ${{ steps.compute_aks.outputs.rg }} steps: - uses: actions/checkout@v4 - # Decide which image tag to deploy: - # - If triggered by workflow_run (CI finished), use the CI run's head SHA. - # - Else if manual and image_tag input provided, use it. - # - Else fall back to the current SHA. + # Decide which image tag to deploy - name: Compute IMAGE_TAG id: compute_tag run: | @@ -48,26 +47,39 @@ jobs: else echo "val=${{ github.sha }}" >> $GITHUB_OUTPUT fi - echo "IMAGE_TAG chosen: $(cat $GITHUB_OUTPUT)" - # Azure login using a Service Principal secret + # Compute AKS name/RG (inputs override secrets) + - name: Compute AKS values + id: compute_aks + run: | + NAME="${{ github.event.inputs.aks_cluster_name }}" + RG="${{ github.event.inputs.aks_resource_group }}" + if [ -z "$NAME" ]; then NAME="${{ secrets.AKS_NAME }}"; fi + if [ -z "$RG" ]; then RG="${{ secrets.AKS_RG }}"; fi + echo "name=$NAME" >> $GITHUB_OUTPUT + echo "rg=$RG" >> $GITHUB_OUTPUT + echo "AKS_NAME=$NAME" >> $GITHUB_ENV + echo "AKS_RG=$RG" >> $GITHUB_ENV + + # Azure login (use v1 + AZURE_CREDENTIALS if you haven't set up OIDC yet) - name: Azure Login uses: azure/login@v1 with: creds: ${{ secrets.AZURE_CREDENTIALS }} + enable-AzPSSession: true - name: Set AKS context run: | az aks get-credentials \ - --resource-group "${{ github.event.inputs.aks_resource_group || secrets.AKS_RG }}" \ - --name "${{ github.event.inputs.aks_cluster_name || secrets.AKS_NAME }}" \ + --resource-group "$AKS_RG" \ + --name "$AKS_NAME" \ --overwrite-existing - name: Attach ACR run: | az aks update \ - --resource-group "${{ github.event.inputs.aks_resource_group || secrets.AKS_RG }}" \ - --name "${{ github.event.inputs.aks_cluster_name || secrets.AKS_NAME }}" \ + --resource-group "$AKS_RG" \ + --name "$AKS_NAME" \ --attach-acr "${{ secrets.AZURE_ACR_NAME }}" - name: Deploy Config & Databases @@ -83,11 +95,9 @@ jobs: REGISTRY_LOGIN_SERVER: ${{ secrets.AZURE_ACR_LOGIN_SERVER }} IMAGE_TAG: ${{ steps.compute_tag.outputs.val }} run: | - # First apply manifests (creates if not exist) kubectl apply -f k8s/product-service.yaml kubectl apply -f k8s/order-service.yaml - # Then pin images to the EXACT tag produced by CI kubectl set image deploy/product-service-w08e1 product-service-container="${REGISTRY_LOGIN_SERVER}/product_service:${IMAGE_TAG}" --record=true || true kubectl set image deploy/order-service-w08e1 order-service-container="${REGISTRY_LOGIN_SERVER}/order_service:${IMAGE_TAG}" --record=true || true @@ -115,9 +125,9 @@ jobs: needs: deploy_backend uses: ./.github/workflows/frontend-cd.yml with: - product_api_ip: "http://${{ needs.deploy_backend.outputs.PRODUCT_API_IP }}:8000" - order_api_ip: "http://${{ needs.deploy_backend.outputs.ORDER_API_IP }}:8001" - aks_cluster_name: ${{ github.event.inputs.aks_cluster_name || secrets.AKS_NAME }} - aks_resource_group: ${{ github.event.inputs.aks_resource_group || secrets.AKS_RG }} + product_api_ip: "http://${{ needs.deploy_backend.outputs.PRODUCT_API_IP }}:8000" + order_api_ip: "http://${{ needs.deploy_backend.outputs.ORDER_API_IP }}:8001" + aks_cluster_name: ${{ needs.deploy_backend.outputs.AKS_NAME }} + aks_resource_group: ${{ needs.deploy_backend.outputs.AKS_RG }} image_tag: ${{ needs.deploy_backend.outputs.IMAGE_TAG }} secrets: inherit From 6d47b19a4685338d6bc50c0a765db4bf91e6b031 Mon Sep 17 00:00:00 2001 From: Cincaiplay Date: Fri, 3 Oct 2025 18:56:25 +1000 Subject: [PATCH 4/9] update --- .github/workflows/backend-cd.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/backend-cd.yml b/.github/workflows/backend-cd.yml index 5cc05504..5910a8a1 100644 --- a/.github/workflows/backend-cd.yml +++ b/.github/workflows/backend-cd.yml @@ -61,7 +61,7 @@ jobs: echo "AKS_NAME=$NAME" >> $GITHUB_ENV echo "AKS_RG=$RG" >> $GITHUB_ENV - # Azure login (use v1 + AZURE_CREDENTIALS if you haven't set up OIDC yet) + # Azure login - name: Azure Login uses: azure/login@v1 with: From d0997548d899d542ebb067293cfd34221ccc49a8 Mon Sep 17 00:00:00 2001 From: Cincaiplay Date: Sat, 4 Oct 2025 02:20:29 +1000 Subject: [PATCH 5/9] update --- .github/workflows/frontend-cd.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/frontend-cd.yml b/.github/workflows/frontend-cd.yml index 16a54401..c7c3f394 100644 --- a/.github/workflows/frontend-cd.yml +++ b/.github/workflows/frontend-cd.yml @@ -51,7 +51,6 @@ on: permissions: id-token: write contents: read - packages: write env: REGISTRY_NAME: ${{ secrets.AZURE_ACR_NAME }} From 95681d416930bb598977a2532035ba0eaf8509e3 Mon Sep 17 00:00:00 2001 From: Cincaiplay Date: Sat, 4 Oct 2025 02:33:49 +1000 Subject: [PATCH 6/9] update --- k8s/frontend.yaml | 2 +- k8s/order-service.yaml | 2 +- k8s/product-service.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/k8s/frontend.yaml b/k8s/frontend.yaml index 983d9d3a..45302553 100644 --- a/k8s/frontend.yaml +++ b/k8s/frontend.yaml @@ -18,7 +18,7 @@ spec: spec: containers: - name: frontend-container - image: cyweek09acr.azurecr.io/frontend:351d67963dc6fa999d76cd122dac19bb0220b0b9 + image: cyweek09acr.azurecr.io/frontend:9acc71f1368bbb356611145b07fca17af1250733 imagePullPolicy: Always ports: - containerPort: 80 diff --git a/k8s/order-service.yaml b/k8s/order-service.yaml index 04441e06..92980e47 100644 --- a/k8s/order-service.yaml +++ b/k8s/order-service.yaml @@ -18,7 +18,7 @@ spec: spec: containers: - name: order-service-container - image: cyweek09acr.azurecr.io/order_service:351d67963dc6fa999d76cd122dac19bb0220b0b9 + image: cyweek09acr.azurecr.io/order_service:9acc71f1368bbb356611145b07fca17af1250733 imagePullPolicy: Always ports: - containerPort: 8000 diff --git a/k8s/product-service.yaml b/k8s/product-service.yaml index 0a938a1c..5d43b23a 100644 --- a/k8s/product-service.yaml +++ b/k8s/product-service.yaml @@ -18,7 +18,7 @@ spec: spec: containers: - name: product-service-container - image: cyweek09acr.azurecr.io/product_service:351d67963dc6fa999d76cd122dac19bb0220b0b9 + image: cyweek09acr.azurecr.io/product_service:9acc71f1368bbb356611145b07fca17af1250733 imagePullPolicy: Always ports: - containerPort: 8000 From 6d8ff74d3a60c4ec2743efee3721f54e32528b17 Mon Sep 17 00:00:00 2001 From: Cincaiplay Date: Sat, 4 Oct 2025 02:35:45 +1000 Subject: [PATCH 7/9] update --- .github/workflows/backend-cd.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/backend-cd.yml b/.github/workflows/backend-cd.yml index 5910a8a1..5cfe3ff8 100644 --- a/.github/workflows/backend-cd.yml +++ b/.github/workflows/backend-cd.yml @@ -131,3 +131,5 @@ jobs: aks_resource_group: ${{ needs.deploy_backend.outputs.AKS_RG }} image_tag: ${{ needs.deploy_backend.outputs.IMAGE_TAG }} secrets: inherit + +# update \ No newline at end of file From 95e413ea2e9431d9cac1ebd851450c79bfd70b08 Mon Sep 17 00:00:00 2001 From: Cincaiplay Date: Sat, 4 Oct 2025 02:46:02 +1000 Subject: [PATCH 8/9] update --- .github/workflows/backend-cd.yml | 24 ++++++++++++++++++++++-- k8s/frontend.yaml | 2 +- k8s/order-service.yaml | 2 +- k8s/product-service.yaml | 2 +- 4 files changed, 25 insertions(+), 5 deletions(-) diff --git a/.github/workflows/backend-cd.yml b/.github/workflows/backend-cd.yml index 5cfe3ff8..b03b05ea 100644 --- a/.github/workflows/backend-cd.yml +++ b/.github/workflows/backend-cd.yml @@ -102,9 +102,29 @@ jobs: kubectl set image deploy/order-service-w08e1 order-service-container="${REGISTRY_LOGIN_SERVER}/order_service:${IMAGE_TAG}" --record=true || true echo "Waiting for product-service rollout..." - kubectl rollout status deploy/product-service-w08e1 --timeout=180s || exit 1 + kubectl rollout status deploy/product-service-w08e1 --timeout=600s || exit 1 echo "Waiting for order-service rollout..." - kubectl rollout status deploy/order-service-w08e1 --timeout=180s || exit 1 + kubectl rollout status deploy/order-service-w08e1 --timeout=600s || exit 1 + + - name: Debug (product-service) on failure + if: failure() + run: | + echo "=== Deployments ===" + kubectl get deploy -o wide + echo "=== ReplicaSets (product) ===" + kubectl get rs -l app=product-service -o wide || true + echo "=== Pods (product) ===" + kubectl get pods -l app=product-service -o wide || true + echo "=== Describe deployment ===" + kubectl describe deploy/product-service-w08e1 || true + echo "=== Describe pods ===" + for p in $(kubectl get pods -l app=product-service -o name); do + kubectl describe "$p" || true + echo "--- Logs $p ---" + kubectl logs "$p" --all-containers --tail=200 || true + done + echo "=== Recent events ===" + kubectl get events --sort-by=.lastTimestamp | tail -n 200 || true - name: Capture LoadBalancer IPs id: capture diff --git a/k8s/frontend.yaml b/k8s/frontend.yaml index 45302553..9dbbfa4e 100644 --- a/k8s/frontend.yaml +++ b/k8s/frontend.yaml @@ -18,7 +18,7 @@ spec: spec: containers: - name: frontend-container - image: cyweek09acr.azurecr.io/frontend:9acc71f1368bbb356611145b07fca17af1250733 + image: cyweek09acr.azurecr.io/frontend:latest imagePullPolicy: Always ports: - containerPort: 80 diff --git a/k8s/order-service.yaml b/k8s/order-service.yaml index 92980e47..da06c57b 100644 --- a/k8s/order-service.yaml +++ b/k8s/order-service.yaml @@ -18,7 +18,7 @@ spec: spec: containers: - name: order-service-container - image: cyweek09acr.azurecr.io/order_service:9acc71f1368bbb356611145b07fca17af1250733 + image: cyweek09acr.azurecr.io/order_service:latest imagePullPolicy: Always ports: - containerPort: 8000 diff --git a/k8s/product-service.yaml b/k8s/product-service.yaml index 5d43b23a..d7996976 100644 --- a/k8s/product-service.yaml +++ b/k8s/product-service.yaml @@ -18,7 +18,7 @@ spec: spec: containers: - name: product-service-container - image: cyweek09acr.azurecr.io/product_service:9acc71f1368bbb356611145b07fca17af1250733 + image: cyweek09acr.azurecr.io/product_service:latest imagePullPolicy: Always ports: - containerPort: 8000 From a3f3764ba4a7ea0fc9e3b688bcc60b69d28222ab Mon Sep 17 00:00:00 2001 From: Cincaiplay Date: Sat, 4 Oct 2025 03:31:12 +1000 Subject: [PATCH 9/9] update --- .github/workflows/backend-cd.yml | 29 ++++++++++++++++++++++++----- 1 file changed, 24 insertions(+), 5 deletions(-) diff --git a/.github/workflows/backend-cd.yml b/.github/workflows/backend-cd.yml index b03b05ea..0f09b2ba 100644 --- a/.github/workflows/backend-cd.yml +++ b/.github/workflows/backend-cd.yml @@ -48,6 +48,26 @@ jobs: echo "val=${{ github.sha }}" >> $GITHUB_OUTPUT fi + - name: Ensure image tag exists (fallback to latest) + id: tag_check + env: + REGISTRY_NAME: ${{ secrets.AZURE_ACR_NAME }} # e.g. cyweek09acr + IMAGE_TAG: ${{ steps.compute_tag.outputs.val }} + run: | + set -e + echo "Checking if tag exists in ACR: $IMAGE_TAG" + if az acr repository show-tags --name "$REGISTRY_NAME" --repository product_service --output tsv | grep -q "^${IMAGE_TAG}$"; then + echo "resolved=${IMAGE_TAG}" >> $GITHUB_OUTPUT + else + echo "Tag not found in ACR, falling back to: latest" + echo "resolved=latest" >> $GITHUB_OUTPUT + fi + + # use tag_check.outputs.resolved everywhere instead of compute_tag.outputs.val + + + + # Compute AKS name/RG (inputs override secrets) - name: Compute AKS values id: compute_aks @@ -93,7 +113,7 @@ jobs: - name: Deploy Services (apply manifests and pin images) env: REGISTRY_LOGIN_SERVER: ${{ secrets.AZURE_ACR_LOGIN_SERVER }} - IMAGE_TAG: ${{ steps.compute_tag.outputs.val }} + IMAGE_TAG: ${{ steps.tag_check.outputs.resolved }} run: | kubectl apply -f k8s/product-service.yaml kubectl apply -f k8s/order-service.yaml @@ -101,10 +121,9 @@ jobs: kubectl set image deploy/product-service-w08e1 product-service-container="${REGISTRY_LOGIN_SERVER}/product_service:${IMAGE_TAG}" --record=true || true kubectl set image deploy/order-service-w08e1 order-service-container="${REGISTRY_LOGIN_SERVER}/order_service:${IMAGE_TAG}" --record=true || true - echo "Waiting for product-service rollout..." - kubectl rollout status deploy/product-service-w08e1 --timeout=600s || exit 1 - echo "Waiting for order-service rollout..." - kubectl rollout status deploy/order-service-w08e1 --timeout=600s || exit 1 + kubectl rollout status deploy/product-service-w08e1 --timeout=600s + kubectl rollout status deploy/order-service-w08e1 --timeout=600s + - name: Debug (product-service) on failure if: failure()