11name : Deploy-Test-Cleanup (Parameterized)
2-
32on :
4- push :
5- branches :
6- - deploy-azd-waf
73 workflow_dispatch :
84 inputs :
95 waf_enabled :
2117 required : false
2218 default : false
2319 type : boolean
20+
2421env :
2522 GPT_MIN_CAPACITY : 150
2623 TEXT_EMBEDDING_MIN_CAPACITY : 80
@@ -37,46 +34,21 @@ jobs:
3734 WEBAPP_URL : ${{ steps.get_output.outputs.WEBAPP_URL }}
3835 ENV_NAME : ${{ steps.generate_env_name.outputs.ENV_NAME }}
3936 AZURE_LOCATION : ${{ steps.set_region.outputs.AZURE_LOCATION }}
37+ IMAGE_TAG : ${{ steps.generate_docker_tag.outputs.IMAGE_TAG }}
4038 env :
41- WAF_ENABLED : ${{ github.event.inputs.waf_enabled || false }}
39+ WAF_ENABLED : ${{ github.event.inputs.waf_enabled || true }}
4240 EXP : ${{ github.event.inputs.EXP || false }}
4341 CLEANUP_RESOURCES : ${{ github.event.inputs.cleanup_resources || true }}
4442
4543 steps :
4644 - name : Checkout Code
4745 uses : actions/checkout@v4
4846
49- - name : Debug - WAF/EXP/Cleanup Parameters
50- run : |
51- echo "=== DEBUGGING: WAF/EXP/Cleanup Parameters ==="
52- echo "Event type: ${{ github.event_name }}"
53- echo "Branch: ${{ github.ref_name }}"
54- echo ""
55- echo "Raw GitHub Event Inputs:"
56- echo " github.event.inputs.waf_enabled: '${{ github.event.inputs.waf_enabled }}'"
57- echo " github.event.inputs.EXP: '${{ github.event.inputs.EXP }}'"
58- echo " github.event.inputs.cleanup_resources: '${{ github.event.inputs.cleanup_resources }}'"
59- echo ""
60- echo "Global Environment Variables (with defaults):"
61- echo " WAF_ENABLED (global): '${{ env.WAF_ENABLED }}'"
62- echo " EXP (global): '${{ env.EXP }}'"
63- echo " CLEANUP_RESOURCES (global): '${{ env.CLEANUP_RESOURCES }}'"
64- echo ""
65- echo "Job-level Environment Variables (with different defaults):"
66- echo " WAF_ENABLED (job): '${{ env.WAF_ENABLED }}' (should be true for push events)"
67- echo " EXP (job): '${{ env.EXP }}' (should be false)"
68- echo " CLEANUP_RESOURCES (job): '${{ env.CLEANUP_RESOURCES }}' (should be true)"
69- echo ""
70- echo "Logic Evaluation Tests:"
71- echo " WAF test [[ '${{ env.WAF_ENABLED }}' == 'true' ]]: $(if [[ '${{ env.WAF_ENABLED }}' == 'true' ]]; then echo 'TRUE - WAF WILL BE ENABLED'; else echo 'FALSE - WAF WILL BE DISABLED'; fi)"
72- echo " EXP test [[ '${{ env.EXP }}' == 'true' ]]: $(if [[ '${{ env.EXP }}' == 'true' ]]; then echo 'TRUE - EXP WILL BE ENABLED'; else echo 'FALSE - EXP WILL BE DISABLED'; fi)"
73- echo "=== END DEBUG SECTION ==="
74-
7547 - name : Setup Azure CLI
7648 run : |
7749 curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash
7850 az --version # Verify installation
79-
51+
8052 - name : Run Quota Check
8153 id : quota-check
8254 run : |
9668 fi
9769 exit 1 # Fail the pipeline if any other failure occurs
9870 fi
99-
71+
10072
10173 - name : Send Notification on Quota Failure
10274 if : env.QUOTA_FAILED == 'true'
@@ -178,16 +150,43 @@ jobs:
178150 echo "SOLUTION_PREFIX=${UNIQUE_SOLUTION_PREFIX}" >> $GITHUB_ENV
179151 echo "Generated SOLUTION_PREFIX: ${UNIQUE_SOLUTION_PREFIX}"
180152
181- - name : Determine Tag
182- id : determine_tag
153+ - name : Generate Unique Docker Image Tag
154+ id : generate_docker_tag
183155 run : |
184- BRANCH=${{ github.ref_name }}
185- if [[ "$BRANCH" == "main" ]]; then TAG="latest_waf"
186- elif [[ "$BRANCH" == "dev" ]]; then TAG="dev"
187- elif [[ "$BRANCH" == "demo" ]]; then TAG="demo"
188- else TAG="latest_waf"; fi
189- echo "IMAGE_TAG=$TAG" >> $GITHUB_ENV
190- echo "Image Tag: $TAG"
156+ # Generate unique tag for manual deployment runs
157+ TIMESTAMP=$(date +%Y%m%d-%H%M%S)
158+ RUN_ID="${{ github.run_id }}"
159+ UNIQUE_TAG="manual-${TIMESTAMP}-${RUN_ID}"
160+ echo "IMAGE_TAG=$UNIQUE_TAG" >> $GITHUB_ENV
161+ echo "IMAGE_TAG=$UNIQUE_TAG" >> $GITHUB_OUTPUT
162+ echo "Generated unique Docker tag: $UNIQUE_TAG"
163+
164+ - name : Set up Docker Buildx
165+ uses : docker/setup-buildx-action@v3
166+
167+ - name : Log in to Azure Container Registry
168+ uses : azure/docker-login@v2
169+ with :
170+ login-server : ${{ secrets.ACR_DEV_LOGIN_SERVER }}
171+ username : ${{ secrets.ACR_DEV_USERNAME }}
172+ password : ${{ secrets.ACR_DEV_PASSWORD }}
173+
174+ - name : Build and Push Docker Image
175+ id : build_push_image
176+ uses : docker/build-push-action@v6
177+ with :
178+ context : ./src
179+ file : ./src/WebApp.Dockerfile
180+ push : true
181+ tags : |
182+ ${{ secrets.ACR_DEV_LOGIN_SERVER }}/webapp:${{ steps.generate_docker_tag.outputs.IMAGE_TAG }}
183+ ${{ secrets.ACR_DEV_LOGIN_SERVER }}/webapp:${{ steps.generate_docker_tag.outputs.IMAGE_TAG }}_${{ github.run_number }}
184+
185+ - name : Verify Docker Image Build
186+ run : |
187+ echo "✅ Docker image successfully built and pushed"
188+ echo "Image tag: ${{ env.IMAGE_TAG }}"
189+ echo "Run number: ${{ github.run_number }}"
191190
192191 - name : Generate Unique Environment Name
193192 id : generate_env_name
@@ -204,6 +203,7 @@ jobs:
204203 run : |
205204 echo "=== DEBUGGING: WAF Configuration Decision ==="
206205 echo "WAF_ENABLED value: '${{ env.WAF_ENABLED }}'"
206+ echo "WAF comparison: [[ '${{ env.WAF_ENABLED }}' == 'true' ]]"
207207 if [[ "${{ env.WAF_ENABLED }}" == "true" ]]; then
208208 echo "✅ DECISION: WAF ENABLED - Will use main.waf.parameters.json"
209209 else
@@ -226,13 +226,22 @@ jobs:
226226 fi
227227 fi
228228
229+ - name : Display Docker Image Tag
230+ run : |
231+ echo "=== Docker Image Information ==="
232+ echo "Docker Image Tag: ${{ env.IMAGE_TAG }}"
233+ echo "Registry: ${{ secrets.ACR_DEV_LOGIN_SERVER }}"
234+ echo "Full Image: ${{ secrets.ACR_DEV_LOGIN_SERVER }}/webapp:${{ env.IMAGE_TAG }}"
235+ echo "================================"
236+
229237 - name : Deploy using azd up and extract values
230238 id : get_output
231239 run : |
232240 set -e
233241 echo "Starting azd deployment..."
234242 echo "WAF Enabled: ${{ env.WAF_ENABLED }}"
235243 echo "EXP: ${{ env.EXP }}"
244+ echo "Using Docker Image Tag: ${{ env.IMAGE_TAG }}"
236245
237246 # Install azd (Azure Developer CLI)
238247 curl -fsSL https://aka.ms/install-azd.sh | bash
@@ -251,10 +260,18 @@ jobs:
251260 azd env set AZURE_SUBSCRIPTION_ID="${{ secrets.AZURE_SUBSCRIPTION_ID }}"
252261 azd env set AZURE_ENV_OPENAI_LOCATION="$AZURE_LOCATION"
253262 azd env set AZURE_RESOURCE_GROUP="$RESOURCE_GROUP_NAME"
263+ azd env set AZURE_ENV_IMAGETAG="${{ env.IMAGE_TAG }}"
254264
265+ if [[ "${{ env.WAF_ENABLED }}" == "true" ]]; then
266+ echo "✅ WAF ENABLED - Will use main.waf.parameters.json"
267+ else
268+ echo "❌ WAF DISABLED - Will use default main.parameters.json"
269+ fi
270+
255271 # Debug and Set EXP parameters if enabled
256272 echo "=== DEBUGGING: EXP Configuration ==="
257273 echo "EXP value: '${{ env.EXP }}'"
274+ echo "EXP comparison: [[ '${{ env.EXP }}' == 'true' ]]"
258275 if [[ "${{ env.EXP }}" == "true" ]]; then
259276 echo "✅ EXP ENABLED - Setting EXP parameters..."
260277 azd env set AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID="${{ secrets.EXP_LOG_ANALYTICS_WORKSPACE_ID }}"
@@ -359,33 +376,8 @@ jobs:
359376 RESOURCE_GROUP_NAME : ${{ needs.deploy.outputs.RESOURCE_GROUP_NAME }}
360377 AZURE_LOCATION : ${{ needs.deploy.outputs.AZURE_LOCATION }}
361378 ENV_NAME : ${{ needs.deploy.outputs.ENV_NAME }}
379+ IMAGE_TAG : ${{ needs.deploy.outputs.IMAGE_TAG }}
362380 steps :
363- - name : Debug - Cleanup Job Conditions
364- run : |
365- echo "=== DEBUGGING: Cleanup Job Execution Logic ==="
366- echo "Event type: ${{ github.event_name }}"
367- echo ""
368- echo "Cleanup Input Analysis:"
369- echo " github.event.inputs.cleanup_resources: '${{ github.event.inputs.cleanup_resources }}'"
370- echo " Global CLEANUP_RESOURCES env: '${{ env.CLEANUP_RESOURCES }}'"
371- echo ""
372- echo "Job Execution Conditions:"
373- echo " always(): true (this job will attempt to run)"
374- echo " needs.deploy.outputs.RESOURCE_GROUP_NAME != '': ${{ needs.deploy.outputs.RESOURCE_GROUP_NAME != '' }}"
375- echo " Resource group name: '${{ needs.deploy.outputs.RESOURCE_GROUP_NAME }}'"
376- echo ""
377- echo "Cleanup Logic Evaluation:"
378- echo " github.event.inputs.cleanup_resources == true: ${{ github.event.inputs.cleanup_resources == true }}"
379- echo " github.event.inputs.cleanup_resources == null: ${{ github.event.inputs.cleanup_resources == null }}"
380- echo " Combined condition result: ${{ github.event.inputs.cleanup_resources == true || github.event.inputs.cleanup_resources == null }}"
381- echo ""
382- echo "Job Results:"
383- echo " Deploy job result: ${{ needs.deploy.result }}"
384- echo " E2E test job result: ${{ needs.e2e-test.result }}"
385- echo ""
386- echo "DECISION: $(if [[ '${{ github.event.inputs.cleanup_resources == true || github.event.inputs.cleanup_resources == null }}' == 'true' ]]; then echo '✅ CLEANUP WILL PROCEED'; else echo '❌ CLEANUP WILL BE SKIPPED'; fi)"
387- echo "=== END DEBUG SECTION ==="
388-
389381 - name : Checkout Code
390382 uses : actions/checkout@v4
391383
@@ -399,6 +391,38 @@ jobs:
399391 azd auth login --client-id ${{ secrets.AZURE_CLIENT_ID }} --client-secret ${{ secrets.AZURE_CLIENT_SECRET }} --tenant-id ${{ secrets.AZURE_TENANT_ID }}
400392 azd config set defaults.subscription ${{ secrets.AZURE_SUBSCRIPTION_ID }}
401393
394+ - name : Setup Azure CLI for Docker cleanup
395+ run : |
396+ curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash
397+ az --version
398+
399+ - name : Login to Azure CLI for Docker cleanup
400+ run : |
401+ az login --service-principal -u ${{ secrets.AZURE_CLIENT_ID }} -p ${{ secrets.AZURE_CLIENT_SECRET }} --tenant ${{ secrets.AZURE_TENANT_ID }}
402+
403+ - name : Delete Docker Images from ACR
404+ run : |
405+ set -e
406+ echo "🗑️ Cleaning up Docker images from Azure Container Registry..."
407+
408+ if [[ -n "${{ env.IMAGE_TAG }}" ]]; then
409+ echo "Deleting Docker images with tag: ${{ env.IMAGE_TAG }}"
410+
411+ # Delete the main image
412+ echo "Deleting image: ${{ secrets.ACR_DEV_LOGIN_SERVER }}/webapp:${{ env.IMAGE_TAG }}"
413+ az acr repository delete --name $(echo "${{ secrets.ACR_DEV_LOGIN_SERVER }}" | cut -d'.' -f1) \
414+ --image webapp:${{ env.IMAGE_TAG }} --yes || echo "Warning: Failed to delete main image or image not found"
415+
416+ # Delete the image with run number suffix
417+ echo "Deleting image: ${{ secrets.ACR_DEV_LOGIN_SERVER }}/webapp:${{ env.IMAGE_TAG }}_${{ github.run_number }}"
418+ az acr repository delete --name $(echo "${{ secrets.ACR_DEV_LOGIN_SERVER }}" | cut -d'.' -f1) \
419+ --image webapp:${{ env.IMAGE_TAG }}_${{ github.run_number }} --yes || echo "Warning: Failed to delete run-numbered image or image not found"
420+
421+ echo "✅ Docker images cleanup completed"
422+ else
423+ echo "⚠️ No IMAGE_TAG found, skipping Docker image cleanup"
424+ fi
425+
402426 - name : Select Environment
403427 run : |
404428 # Try to select the environment if it exists, otherwise create a minimal environment for cleanup
@@ -449,4 +473,5 @@ jobs:
449473 if : always()
450474 run : |
451475 azd auth logout
476+ az logout || echo "Warning: Failed to logout from Azure CLI"
452477 echo "Logged out from Azure."
0 commit comments