update read me #15
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy Migration Pathways to Azure App Service | |
| on: | |
| push: | |
| branches: | |
| - main | |
| workflow_dispatch: | |
| env: | |
| IMAGE_TAG: latest | |
| REGISTRY_LOGIN_SERVER: ${{ secrets.REGISTRY_LOGIN_SERVER }} | |
| REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }} | |
| REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }} | |
| RESOURCE_GROUP: ${{ secrets.RESOURCE_GROUP }} | |
| DOCKER_COMPOSE_PATH: migration-azure-docker-compose.yml | |
| AZURE_WEBAPP_NAME: ${{ secrets.AZURE_WEBAPP_NAME }} | |
| # Backend environment variables | |
| OPENAI_API_TYPE: ${{ secrets.OPENAI_API_TYPE }} | |
| AZURE_OPENAI_ENDPOINT: ${{ secrets.AZURE_OPENAI_ENDPOINT }} | |
| AZURE_OPENAI_API_KEY: ${{ secrets.AZURE_OPENAI_API_KEY }} | |
| AZURE_OPENAI_API_VERSION: ${{ secrets.AZURE_OPENAI_API_VERSION }} | |
| AZURE_DEPLOYMENT_NAME: ${{ secrets.AZURE_DEPLOYMENT_NAME }} | |
| AZURE_EMBEDDING_MODEL: ${{ secrets.AZURE_EMBEDDING_MODEL }} | |
| AZURE_OPENAI_ENDPOINT_EMBED: ${{ secrets.AZURE_OPENAI_ENDPOINT_EMBED }} | |
| AZURE_OPENAI_API_KEY_EMBED: ${{ secrets.AZURE_OPENAI_API_KEY_EMBED }} | |
| AZURE_EMBEDDING_DEPLOYMENT_NAME: ${{ secrets.AZURE_EMBEDDING_DEPLOYMENT_NAME }} | |
| AZURE_OPENAI_API_VERSION_EMBED: ${{ secrets.AZURE_OPENAI_API_VERSION_EMBED }} | |
| DB_USERNAME: ${{ secrets.DB_USERNAME }} | |
| DB_PASSWORD: ${{ secrets.DB_PASSWORD }} | |
| DB_NAME: ${{ secrets.DB_NAME }} | |
| DB_HOST: ${{ secrets.DB_HOST }} | |
| DB_PORT: ${{ secrets.DB_PORT }} | |
| SECRET_KEY: ${{ secrets.SECRET_KEY }} | |
| jobs: | |
| build-and-deploy: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout Code | |
| uses: actions/checkout@v3 | |
| - name: Log in to Azure | |
| uses: azure/login@v1 | |
| with: | |
| creds: ${{ secrets.AZURE_CREDENTIALS }} | |
| - name: Docker Login to ACR | |
| uses: azure/docker-login@v1 | |
| with: | |
| login-server: ${{ env.REGISTRY_LOGIN_SERVER }} | |
| username: ${{ env.REGISTRY_USERNAME }} | |
| password: ${{ env.REGISTRY_PASSWORD }} | |
| - name: Debug ACR Access | |
| run: | | |
| echo "ACR Host: ${{ env.REGISTRY_LOGIN_SERVER }}" | |
| nslookup ${{ env.REGISTRY_LOGIN_SERVER }} | |
| curl -m 5 -vk https://${{ env.REGISTRY_LOGIN_SERVER }}/v2/ || echo "Curl failed" | |
| docker login ${{ env.REGISTRY_LOGIN_SERVER }} \ | |
| -u ${{ env.REGISTRY_USERNAME }} \ | |
| -p ${{ env.REGISTRY_PASSWORD }} | |
| - name: Validate REGISTRY_LOGIN_SERVER is lowercase | |
| run: | | |
| if [[ "${REGISTRY_LOGIN_SERVER}" =~ [A-Z] ]]; then | |
| echo "❌ REGISTRY_LOGIN_SERVER must be lowercase. Current value: ${REGISTRY_LOGIN_SERVER}" | |
| exit 1 | |
| else | |
| echo "✅ REGISTRY_LOGIN_SERVER is lowercase: ${REGISTRY_LOGIN_SERVER}" | |
| fi | |
| - name: Build and Push Docker Images | |
| run: | | |
| echo "→ Substituting placeholders in $DOCKER_COMPOSE_PATH..." | |
| sed -i \ | |
| -e "s|\${REGISTRY_LOGIN_SERVER}|${REGISTRY_LOGIN_SERVER}|g" \ | |
| -e "s|\${OPENAI_API_TYPE}|${OPENAI_API_TYPE}|g" \ | |
| -e "s|\${AZURE_OPENAI_ENDPOINT}|${AZURE_OPENAI_ENDPOINT}|g" \ | |
| -e "s|\${AZURE_OPENAI_API_KEY}|${AZURE_OPENAI_API_KEY}|g" \ | |
| -e "s|\${AZURE_OPENAI_API_VERSION}|${AZURE_OPENAI_API_VERSION}|g" \ | |
| -e "s|\${AZURE_DEPLOYMENT_NAME}|${AZURE_DEPLOYMENT_NAME}|g" \ | |
| -e "s|\${AZURE_EMBEDDING_MODEL}|${AZURE_EMBEDDING_MODEL}|g" \ | |
| -e "s|\${AZURE_OPENAI_ENDPOINT_EMBED}|${AZURE_OPENAI_ENDPOINT_EMBED}|g" \ | |
| -e "s|\${AZURE_OPENAI_API_KEY_EMBED}|${AZURE_OPENAI_API_KEY_EMBED}|g" \ | |
| -e "s|\${AZURE_EMBEDDING_DEPLOYMENT_NAME}|${AZURE_EMBEDDING_DEPLOYMENT_NAME}|g" \ | |
| -e "s|\${AZURE_OPENAI_API_VERSION_EMBED}|${AZURE_OPENAI_API_VERSION_EMBED}|g" \ | |
| -e "s|\${DB_USERNAME}|${DB_USERNAME}|g" \ | |
| -e "s|\${DB_PASSWORD}|${DB_PASSWORD}|g" \ | |
| -e "s|\${DB_NAME}|${DB_NAME}|g" \ | |
| -e "s|\${DB_HOST}|${DB_HOST}|g" \ | |
| -e "s|\${DB_PORT}|${DB_PORT}|g" \ | |
| -e "s|\${SECRET_KEY}|${SECRET_KEY}|g" \ | |
| "$DOCKER_COMPOSE_PATH" | |
| echo "→ Final compose file (for debugging):" | |
| cat "$DOCKER_COMPOSE_PATH" | |
| echo "→ Building Docker images..." | |
| docker compose -f "$DOCKER_COMPOSE_PATH" build --no-cache | |
| echo "→ Pushing Docker images to ACR..." | |
| docker compose -f "$DOCKER_COMPOSE_PATH" push | |
| - name: Verify Image Names | |
| run: | | |
| echo "Checking migration-azure-docker-compose.yml for image references..." | |
| grep "image:" ${{ env.DOCKER_COMPOSE_PATH }} | |
| echo "Built images:" | |
| docker images | |
| - name: Set Docker Registry Credentials for App Service | |
| run: | | |
| echo "→ Setting Docker registry credentials..." | |
| az webapp config appsettings set \ | |
| --resource-group ${{ env.RESOURCE_GROUP }} \ | |
| --name ${{ env.AZURE_WEBAPP_NAME }} \ | |
| --settings \ | |
| DOCKER_REGISTRY_SERVER_URL="https://${{ env.REGISTRY_LOGIN_SERVER }}" \ | |
| DOCKER_REGISTRY_SERVER_USERNAME="${{ env.REGISTRY_USERNAME }}" \ | |
| DOCKER_REGISTRY_SERVER_PASSWORD="${{ env.REGISTRY_PASSWORD }}" \ | |
| WEBSITES_ENABLE_APP_SERVICE_STORAGE="false" | |
| - name: Set App Service Environment Variables | |
| run: | | |
| echo "→ Setting environment variables for App Service..." | |
| az webapp config appsettings set \ | |
| --resource-group ${{ env.RESOURCE_GROUP }} \ | |
| --name ${{ env.AZURE_WEBAPP_NAME }} \ | |
| --settings \ | |
| OPENAI_API_TYPE="${{ env.OPENAI_API_TYPE }}" \ | |
| AZURE_OPENAI_ENDPOINT="${{ env.AZURE_OPENAI_ENDPOINT }}" \ | |
| AZURE_OPENAI_API_KEY="${{ env.AZURE_OPENAI_API_KEY }}" \ | |
| AZURE_OPENAI_API_VERSION="${{ env.AZURE_OPENAI_API_VERSION }}" \ | |
| AZURE_DEPLOYMENT_NAME="${{ env.AZURE_DEPLOYMENT_NAME }}" \ | |
| AZURE_EMBEDDING_MODEL="${{ env.AZURE_EMBEDDING_MODEL }}" \ | |
| AZURE_OPENAI_ENDPOINT_EMBED="${{ env.AZURE_OPENAI_ENDPOINT_EMBED }}" \ | |
| AZURE_OPENAI_API_KEY_EMBED="${{ env.AZURE_OPENAI_API_KEY_EMBED }}" \ | |
| AZURE_EMBEDDING_DEPLOYMENT_NAME="${{ env.AZURE_EMBEDDING_DEPLOYMENT_NAME }}" \ | |
| AZURE_OPENAI_API_VERSION_EMBED="${{ env.AZURE_OPENAI_API_VERSION_EMBED }}" \ | |
| DB_USERNAME="${{ env.DB_USERNAME }}" \ | |
| DB_PASSWORD="${{ env.DB_PASSWORD }}" \ | |
| DB_NAME="${{ env.DB_NAME }}" \ | |
| DB_HOST="${{ env.DB_HOST }}" \ | |
| DB_PORT="${{ env.DB_PORT }}" \ | |
| SECRET_KEY="${{ env.SECRET_KEY }}" | |
| - name: Deploy Multi-Container App to Azure App Service | |
| run: | | |
| echo "→ Deploying multi-container configuration..." | |
| az webapp config container set \ | |
| --resource-group ${{ env.RESOURCE_GROUP }} \ | |
| --name ${{ env.AZURE_WEBAPP_NAME }} \ | |
| --multicontainer-config-type compose \ | |
| --multicontainer-config-file ${{ env.DOCKER_COMPOSE_PATH }} | |
| - name: Restart App Service | |
| run: | | |
| echo "→ Restarting App Service to pick up new containers..." | |
| az webapp restart \ | |
| --resource-group ${{ env.RESOURCE_GROUP }} \ | |
| --name ${{ env.AZURE_WEBAPP_NAME }} | |
| - name: Wait for Deployment | |
| run: | | |
| echo "→ Waiting 30 seconds for deployment to complete..." | |
| sleep 30 | |
| - name: Check App Service Status | |
| run: | | |
| echo "→ Checking App Service status..." | |
| az webapp show \ | |
| --resource-group ${{ env.RESOURCE_GROUP }} \ | |
| --name ${{ env.AZURE_WEBAPP_NAME }} \ | |
| --query "state" -o tsv | |
| echo "→ Getting App Service URL..." | |
| APP_URL=$(az webapp show \ | |
| --resource-group ${{ env.RESOURCE_GROUP }} \ | |
| --name ${{ env.AZURE_WEBAPP_NAME }} \ | |
| --query "defaultHostName" -o tsv) | |
| echo "App deployed at: https://$APP_URL" |