Gitlab CI/CD + Azure deployment
Requirements
On the project's side:
- Fill in the necessary deployment info in
.aldev.yaml- for instance replace the???placeholders with actual values - Force the regeneration of all the config files with
aldev confgen --regen --verboseoraldev confgen -r -v
On Azure's side:
- You have sufficient permissions / activated roles on Azure
- You're logged to Azure, with
az login - 1 AZ Storage Account & 1 Storage Container for the TF states (+ 1 Resource Group for both)
- 1 AZ Container Registry (+ 1 Resource Group)
- 1 AZ API Manager (APIM, + 1 Resource Group)
- Registering of the env subscritions:
az provider register --namespace Microsoft.App --subscription sub-for-sandbox/staging/production
Creating (or updating) the GLOBAL resources
Run this to create an AZ app, and rights for Gitlab to use AZ for deployment purposes:
# From the project's root dir, go into the folder for the global infra elements
cd deploy/remote/a-infra/0-glo
# Init the Terraform state
az account set --subscription "your-sub-where-tf-states-live" && terraform init
# Apply the main.tf file - don't forget to say "yes" :)
terraform apply
Creating (or updating) the SANDBOX env (e.g. "dev") resources
# Keeping track of our project's name
PROJ_DIR=foo-bar
# From the project's root dir, go into the folder for the sandbox infra elements
cd $GITPRIV/$PROJ_DIR/deploy/remote/a-infra/1-dev
# Init the Terraform state
az account set --subscription "your-sub-where-tf-states-live" && terraform init
# Apply the main.tf file - don't forget to say "yes" :) It's ok if it seems to fail at first
terraform apply
# Do a "release" for the SANDBOX environment
cd $GITPRIV/$PROJ_DIR && git add . && git commit -m "dev: first commit" && git push
# Check the CI/CD pipelines in Gitlab and wait for the jobs to finish
# Sync the Terraform state - say yes - this will fail saying an ID already exists
cd $GITPRIV/$PROJ_DIR/deploy/remote/a-infra/1-dev && terraform apply
# So copy the ID and use it like this:
terraform import module.infra_dev.azurerm_container_app.aca /subscriptions/xxxx/.../containerApps/aca-app-name
# You can verify everything went fine with:
terraform plan
# Test your new environment!
curl https://my-apim-name.azure-api.net/foobar-dev/rest/translation/fr\?Namespace\=Common
Creating (or updating) the STAGING env (e.g. "qua") resources
# From the project's root dir, go into the folder for the sandbox infra elements
cd $GITPRIV/$PROJ_DIR/deploy/remote/a-infra/2-qua
# Init the Terraform state
az account set --subscription "your-sub-where-tf-states-live" && terraform init
# Apply the main.tf file - don't forget to say "yes" :) It's ok if it seems to fail at first
terraform apply
# Do a release for the STAGING environment
cd $GITPRIV/$PROJ_DIR && aldev release patch
# Check the CI/CD pipelines in Gitlab and wait for the jobs to finish
# Sync the Terraform state - say yes - this will fail saying an ID already exists
cd $GITPRIV/$PROJ_DIR/deploy/remote/a-infra/2-qua && terraform apply
# So copy the ID and use it like this:
terraform import module.infra_qua.azurerm_container_app.aca /subscriptions/xxxx/.../containerApps/aca-app-name
# You can verify everything went fine with:
terraform plan
# Test your new environment!
curl https://my-apim-name.azure-api.net/foobar-qua/rest/translation/fr\?Namespace\=Common
Creating (or updating) the PRODUCTION env (e.g. "prd") resources
# From the project's root dir, go into the folder for the sandbox infra elements
cd $GITPRIV/$PROJ_DIR/deploy/remote/a-infra/3-prd
# Init the Terraform state
az account set --subscription "your-sub-where-tf-states-live" && terraform init
# Apply the main.tf file - don't forget to say "yes" :) It's ok if it seems to fail at first
terraform apply
# Do a release for the PRODUCTION environment:
# Go into Gitlab and manually trigger the latest "deploy_prod" job
# and wait for the jobs to finish
# Sync the Terraform state - say yes - this will fail saying an ID already exists
cd $GITPRIV/$PROJ_DIR/deploy/remote/a-infra/3-prdyes && terraform apply
# So copy the ID and use it like this:
terraform import module.infra_prd.azurerm_container_app.aca /subscriptions/xxxx/.../containerApps/aca-app-name
# You can verify everything went fine with:
terraform plan
# Test your new environment!
curl https://my-prod-apim-name.azure-api.net/foobar-prd/rest/translation/fr\?Namespace\=Common