logo
April 16, 2024

[TIL] Github Action Deploy Azure Container App with multiple containers

How to build a Docker image and deploy to Azure Container App with multiple containers using Github Action

Azure Container Apps (ACA) allows you to use GitHub Actions to publish new revisions to your container app. As commits are pushed to your GitHub repository, a workflow is triggered which updates the container image in the container registry. Azure Container Apps creates a new revision based on the updated container image.

A visual depiction of what is being written about

I used to using the azure/container-apps-deploy-action@v1 for build and deploy the Docker image with Azure Container Registry (ACR) and ACA However, in the latest design, I need to use a ACA have 2 containers. First one is app image and second one is sidecar image to forward logs. The Github action was working before I've added sidecar but it does not support for specifying the container name.

I checked the Github repo and found that it is still working in progress (at 2024 Apr 16)

https://github.com/Azure/container-apps-deploy-action/pull/79

So I decide to change the Github Action to use the azure/cli@v2 instead

The main idea is call CLI to update only the Docker image of the container. Ex,

  • Resource group: sample-app-rg
  • The container app name: sample-app
  • The container name: main
  • yaml
    az containerapp update \
    --name sample-app \
    --resource-group sample-app-rg \
    --image sampleapps.azurecr.io/sample-app:latest \
    --container-name main

    The steps are

  • Login to Azure
  • Login to Azure Container Registry
  • Build and push Docker image to ACR
  • Update the ACA container with the new Docker image
  • The full workflow yaml

    yaml
    name: Trigger auto deployment for sample-app
    on:
    push:
    branches: [develop]
    paths:
    - '**'
    - '.github/workflows/sample-app-release.yml'
    workflow_dispatch:
    jobs:
    build-and-deploy:
    runs-on: ubuntu-latest
    permissions:
    id-token: write #This is required for requesting the OIDC JWT Token
    contents: read #Required when GH token is used to authenticate with private repo
    steps:
    - name: Checkout to the branch
    uses: actions/checkout@v2
    - name: Azure Login
    uses: azure/login@v1
    with:
    client-id: ${{ secrets.SAMPLEAPP_AZURE_CLIENT_ID }}
    tenant-id: ${{ secrets.SAMPLEAPP_AZURE_TENANT_ID }}
    subscription-id: ${{ secrets.SAMPLEAPP_AZURE_SUBSCRIPTION_ID }}
    - name: 'Docker login'
    uses: docker/login-action@v3
    with:
    registry: sampleapps.azurecr.io
    username: ${{ secrets.SAMPLEAPP_REGISTRY_USERNAME }}
    password: ${{ secrets.SAMPLEAPP_REGISTRY_PASSWORD }}
    - name: 'Build and push image'
    run: |
    docker build . -t sampleapps.azurecr.io/sample-app:${{ github.sha }}
    docker push sampleapps.azurecr.io/sample-app:${{ github.sha }}
    docker tag sampleapps.azurecr.io/sample-app:${{ github.sha }} sampleapps.azurecr.io/sample-app:latest
    docker push sampleapps.azurecr.io/sample-app:latest
    - name: Deploy to Azure Container Apps
    uses: azure/cli@v2
    with:
    inlineScript: |
    az containerapp update \
    --name sample-app \
    --resource-group sample-app-rg \
    --image sampleapps.azurecr.io/sample-app:latest \
    --container-name main