WEEK 8 – Summary Task: Azure Infrastructure - snir1551/DevOps-Linux GitHub Wiki
Flowchart:
GitHub Actions Flow:
Before and after VM restart:
Secrets and Environment Keys Used:
| Secret Key | Description |
|---|---|
| VM_HOST | SSH target in format user@ip used for connecting to the Azure VM |
| VM_SSH_KEY | Private SSH key (.pem) used to authenticate the GitHub Actions runner |
| VM_PUBLIC_IP | Public IP address of the Azure VM used for health checks and port access |
| ENV_FILE_TASK8 | Contents of the .env file used by the Docker containers (frontend/backend/mongo) |
| AZURE_CREDENTIALS | JSON credentials for authenticating with Azure CLI (used in GitHub Actions) |
AZURE_CREDENTIALS created with:
# to see list of accounts associated
az account list --output table
# then create with this: (replace <SubscriptionId>)
az ad sp create-for-rbac --name "gh-actions" --role contributor --scopes "/subscriptions/<SubscriptionId>" --sdk-auth
- copy the entire json output into the AZURE_CREDENTIALS secret
Update CICD yml:
name: CI/CD Pipeline Task8
on:
push:
branches: [ main ]
paths:
- 'week8/week8_summery/app/**'
workflow_dispatch:
jobs:
frontend-tests:
uses: ./.github/workflows/frontend-test-task8.yml
backend-tests:
uses: ./.github/workflows/backend-test-task8.yml
docker-up:
needs: [frontend-tests, backend-tests]
uses: ./.github/workflows/docker-compose-up-task8.yml
secrets: inherit
notify:
needs: [backend-tests, frontend-tests, docker-up]
if: always()
uses: ./.github/workflows/notify-task8.yml
with:
job_start_time: ${{ needs.frontend-tests.outputs.job_start_time }}
backend_test_status: ${{ needs.backend-tests.result }}
frontend_test_status: ${{ needs.frontend-tests.result }}
backend_health: ${{ needs.docker-up.outputs.backend_health }}
frontend_health: ${{ needs.docker-up.outputs.frontend_health }}
secrets: inherit
deploy:
name: Deploy to Azure VM
needs: [frontend-tests, backend-tests, docker-up]
if: ${{ needs.frontend-tests.result == 'success' && needs.backend-tests.result == 'success' }}
uses: ./.github/workflows/deploy-task8.yml
secrets: inherit
create-and-attach-disk:
needs: deploy
uses: ./.github/workflows/create-disk-attach.yml
secrets: inherit
check-static-ip:
needs: deploy
uses: ./.github/workflows/check-static-ip.yml
secrets: inherit
open-ports:
needs: deploy
uses: ./.github/workflows/open-ports-task8.yml
secrets: inherit
reboot-vm:
needs: open-ports
uses: ./.github/workflows/reboot-vm-task8.yml
secrets: inherit
post-reboot-healthcheck:
needs: reboot-vm
uses: ./.github/workflows/post-reboot-healthcheck.yml
secrets: inherit
update-deployment-log:
needs: post-reboot-healthcheck
uses: ./.github/workflows/commit-deployment-log.yml