-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathazure-pipelines.yml
More file actions
161 lines (151 loc) · 6.56 KB
/
Copy pathazure-pipelines.yml
File metadata and controls
161 lines (151 loc) · 6.56 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
# ============================================================
# OKMS - Azure DevOps CI/CD Pipeline
# Builds Docker images → pushes to ACR → deploys to Azure App Service
# ============================================================
# Required pipeline variables (set in Azure DevOps Library):
# ACR_NAME : Azure Container Registry name (e.g. okmsacr)
# ACR_LOGIN_SERVER : e.g. okmsacr.azurecr.io
# AZURE_SUBSCRIPTION : Azure service connection name
# BACKEND_APP_NAME : Azure App Service name for backend (e.g. okms-backend)
# FRONTEND_APP_NAME : Azure App Service name for frontend (e.g. okms-frontend)
# RESOURCE_GROUP : Azure resource group name (e.g. okms-rg)
# ============================================================
trigger:
branches:
include:
- main
- develop
paths:
exclude:
- "*.md"
- "docs/**"
pr:
branches:
include:
- main
variables:
imageTag: "$(Build.BuildId)"
backendImage: "$(ACR_LOGIN_SERVER)/okms-backend"
frontendImage: "$(ACR_LOGIN_SERVER)/okms-frontend"
stages:
# ──────────────────────────────────────────────────────────
# Stage 1: Build & Push Docker images to ACR
# ──────────────────────────────────────────────────────────
- stage: Build
displayName: "Build & Push Images"
jobs:
- job: BuildAndPush
displayName: "Build & Push Backend + Frontend"
pool:
vmImage: "ubuntu-latest"
steps:
- task: AzureCLI@2
displayName: "Login to ACR via Azure CLI"
inputs:
azureSubscription: "azure-okms"
scriptType: bash
scriptLocation: inlineScript
inlineScript: az acr login --name $(ACR_NAME)
- script: |
docker build \
--platform linux/amd64 \
-t $(backendImage):$(imageTag) \
-t $(backendImage):latest \
-f backend/Dockerfile backend
docker push $(backendImage):$(imageTag)
docker push $(backendImage):latest
displayName: "Build & Push backend image"
- script: |
docker build \
--platform linux/amd64 \
--build-arg NEXT_PUBLIC_API_URL=https://$(BACKEND_APP_NAME).azurewebsites.net \
-t $(frontendImage):$(imageTag) \
-t $(frontendImage):latest \
-f frontend/Dockerfile frontend
docker push $(frontendImage):$(imageTag)
docker push $(frontendImage):latest
displayName: "Build & Push frontend image"
# ──────────────────────────────────────────────────────────
# Stage 2: Deploy to Azure App Service (Staging slot)
# ──────────────────────────────────────────────────────────
- stage: DeployStaging
displayName: "Deploy to Staging"
dependsOn: Build
condition: succeeded()
jobs:
- deployment: DeployBackendStaging
displayName: "Deploy Backend to Staging"
environment: "okms-staging"
pool:
vmImage: "ubuntu-latest"
strategy:
runOnce:
deploy:
steps:
- task: AzureWebAppContainer@1
displayName: "Deploy backend container"
inputs:
azureSubscription: "azure-okms"
appName: "$(BACKEND_APP_NAME)"
containers: "$(backendImage):$(imageTag)"
appSettings: |
-DATABASE_URL "$(DATABASE_URL)"
-SECRET_KEY "$(SECRET_KEY)"
-ENVIRONMENT "production"
-ALLOWED_ORIGINS "https://$(FRONTEND_APP_NAME).azurewebsites.net"
- deployment: DeployFrontendStaging
displayName: "Deploy Frontend to Staging"
environment: "okms-staging"
pool:
vmImage: "ubuntu-latest"
strategy:
runOnce:
deploy:
steps:
- task: AzureWebAppContainer@1
displayName: "Deploy frontend container"
inputs:
azureSubscription: "azure-okms"
appName: "$(FRONTEND_APP_NAME)"
containers: "$(frontendImage):$(imageTag)"
appSettings: |
-NEXT_PUBLIC_API_URL "https://$(BACKEND_APP_NAME).azurewebsites.net"
-WEBSITES_PORT "3000"
# ──────────────────────────────────────────────────────────
# Stage 3: Production deploy (manual approval required)
# ──────────────────────────────────────────────────────────
- stage: DeployProduction
displayName: "Deploy to Production"
dependsOn: DeployStaging
condition: and(succeeded(), eq(variables['Build.SourceBranch'], 'refs/heads/main'))
jobs:
- deployment: DeployBackendProd
displayName: "Deploy Backend to Production"
environment: "okms-production" # configure approval gate in Azure DevOps
pool:
vmImage: "ubuntu-latest"
strategy:
runOnce:
deploy:
steps:
- task: AzureWebAppContainer@1
displayName: "Deploy backend to production"
inputs:
azureSubscription: "azure-okms"
appName: "$(BACKEND_APP_NAME)"
containers: "$(backendImage):$(imageTag)"
- deployment: DeployFrontendProd
displayName: "Deploy Frontend to Production"
environment: "okms-production"
pool:
vmImage: "ubuntu-latest"
strategy:
runOnce:
deploy:
steps:
- task: AzureWebAppContainer@1
displayName: "Deploy frontend to production"
inputs:
azureSubscription: "azure-okms"
appName: "$(FRONTEND_APP_NAME)"
containers: "$(frontendImage):$(imageTag)"