Introduction
- Who is this for: Developers, DevOps Engineers, new GitHub users, students, and teams.
- What you'll learn: We'll learn how to create a workflow that enables Continuous Delivery using GitHub Actions and Microsoft Azure.
- What you'll build: We will create two deployment workflows - the first workflow to deploy to staging based on a label and the second workflow to deploy to production based on merging to main.
Agenda
- 課程說明 / 課前準備
- GitHub Action 基本介紹
- 實作
- Step 1: Trigger a job based on labels
- Step 2: Set up an Azure environment
- Step 3: Spin up an environment based on labels
- Step 4: Deploy to a staging environment based on labels
- Step 5: Deploy to a production environment based on labels
- Step 6: Production deployment
課前準備
Sign up or sign in your GitHub account
進入官方網站,點選 Sign in 或 Sign up
- 如尚未有帳號,點選右上角 Sign up 進行註冊
Image Not Showing
Possible Reasons
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
Learn More →
Image Not Showing
Possible Reasons
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
Learn More →
Redeem Azure Pass
IMPORTANT: Please note the use of the pass is subject to the following Terms and Conditions:
- DO NOT redeem promo code with an email account that is attached to an EA, the pass will not work.
Promo code needs to be redeemed within 90-days of being received.
- Customer Live ID/Org ID will be limited to one concurrent Azure Pass Sponsorship at a time.
- Monetary credit can't be used toward third party services, premier support or Azure MarketPlace and cannot be added to existing subscriptions.
- If you add a payment instrument to the subscription and the subscription is active at the conclusion of the offer it will be converted to Pay-As-You-Go.
Subscriptions are activated within minutes of the promo code being redeemed.
To redeem a promo code, visit www.microsoftazurepass.com and follow the Azure Pass Redemption instructions
- Tax information 留白即可
Image Not Showing
Possible Reasons
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
Learn More →
GitHub Action
-
提供 Continuous Integration 持續整合與 Continuous Deployment 持續部署之服務
- GitHub Flow
Image Not Showing
Possible Reasons
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
Learn More →
- GitHub Flow with GitHub Action
Image Not Showing
Possible Reasons
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
Learn More →
-
Workflow Components:workflow 透過 YAML 格式定義,並保存於 .github/workflow 的路徑下, GitHub 預設提供許多 workflow 可讓使用者使用
Image Not Showing
Possible Reasons
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
Learn More →
- Event:觸發自動化工作流程,如
on: release
、on: pull_request
、on: push
、on: scheduled
等,完整列表可查看 Events that trigger workflows
- Job:在相同 Runner 中所執行的一組 Step,預設以平行方式執行,也可設定為循序執行
- Step:在 Job 中可執行命令或 action 的獨立工作
- Action:經包裝後的執行內容, GitHub community 中已有許多由創作者所提供之 action 可直接使用。透過 JavaScript 或 Docker container 方式撰寫並發布至 market place 上供其他使用;action 來源也可為 workflow 相同的 repository、其他 public repository 或發布於 Docker Registry。
- Runners:執行自動化工作的代理程式運作於伺服器上,支援 Ubuntu、Linux、Windows 和 macOS,也可設定 self-host runner
-
Workflow 語意解析
Image Not Showing
Possible Reasons
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
Learn More →
- name: workflow 的名稱,若無設定則預設以 workflow 資料夾路徑 + 檔案名稱命名
- on:觸發 workflow event,如設定
workflow_dispatch
則為手動執行
- job:每個 Job 需有 JobID 且名稱需唯一,只能以英文或_開頭命名,透過添加
runs-on
- step:Job 包含一系列 steps,step 內執行 action 時使用
uses
,或使用 run
直接在 runner 上執行命令
實作
Image Not Showing
Possible Reasons
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
Learn More →
main
staging-workflow
=> new workflow for staging deployment
azure-configuration
=> new workflow for azure resource provision
staging-test
=> commit new version and deploy to staging
production-deployment-workflow
=> new workflow for production deployment
We'll use labels as triggers for multiple tasks:
- When someone applies a "spin up environment" label to a pull request, that'll tell GitHub Actions that we'd like to set up our resources on an Azure environment.
- When someone applies a "stage" label to a pull request, that'll be our indicator that we'd like to deploy our application to a staging environment.
- When someone applies a "destroy environment" label to a pull request, we'll tear down any resources that are running on our Azure account.
Setup repository
Image Not Showing
Possible Reasons
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
Learn More →
Step 1: Trigger a job based on labels
Activity 1: Configure GITHUB_TOKEN permissions
GitHub Actions provide a default GITHUB_TOKEN that can be used by steps in your workflow that require access to your GitHub repository.
- Navigate to Settings > Actions | General
Image Not Showing
Possible Reasons
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
Learn More →
- Under Workflow permissions, ensure that the
GITHUB_TOKEN
for this repository has Allow GitHub Actions to create and approve pull requests enabled and also has Read and write permissions enabled. This is required for your workflow to be able to upload your image to the container registry.
Image Not Showing
Possible Reasons
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
Learn More →
Activity 2: Configure a trigger based on labels
- Go to the Actions tab. Click New workflow
Image Not Showing
Possible Reasons
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
Learn More →
- Search for
simple workflow
and click Configure
Image Not Showing
Possible Reasons
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
Learn More →
- Name your workflow
deploy-staging.yml
Image Not Showing
Possible Reasons
- The image file may be corrupted
- The server hosting the image is unavailable
- The image path is incorrect
- The image format is not supported
Learn More →
- Edit the contents of the file to add a conditional that filters the build job when there is a label present called stage. Your resulting file should look like this:
- Click Start commit, choose to make a new branch named
staging-workflow
, and click Propose a new file.

- Click Create pull request.

Step 2: Set up an Azure environment
-
Go to Azure Portal, Open Azure Cloud Shell
-
Need to setup cloud shell environment when first use

-
Click Create storage

-
Use the command below
-
Copy the value of the id: field to a safe place. We'll call this AZURESUBSCRIPTIONID. Here's an example of what it looks like:

-
In your terminal, run the command below
-
Copy the entire contents of the command's response, we'll call this AZURECREDENTIALS. Here's an example of what it looks like:

-
Back on GitHub, click on this repository's Secrets in the Settings tab. Click New secret

-
Name your new secret AZURE_SUBSCRIPTION_ID
and paste the value from the id: field in the first command. Click Add secret

-
Click New secret again. Name the second secret AZURE_CREDENTIALS
and paste the entire contents from the second terminal command you entered. Click Add secret

Activity 2: Set up Azure resource provision workflow
-
New another workflow named spinup-destroy.yml

-
Use the workflow as below
-
Start commit and new a branch named azure-configuration

-
No need to create pull request
Activity 3: Edit deploy-staging file
- Edit the
.github/workflows/deploy-staging.yml
file at staging-workflow branch to use some new actions.
- Click Start commit and commit to the
staging-workflow
branch.

Activity 3: Preparing staging-test
branch
- New a
staging-test
branch based on main

- Under
staging-test
branch, modify index.html
- After edit the title of page, click commit

Step 3: Spin up an environment based on labels
Activity 1: Set up a personal access token (PAT)
Personal access tokens (PATs) are an alternative to using passwords for authentication to GitHub.
- Use a PAT to allow your web app to pull the container image after your workflow pushes a newly built image to the registry. Navigate to Personal profile > Settings

- Under Developer settings, click Personal access tokens > Generate new token

-
Create a personal access token with the repo and read:packages
scopes.

-
Once you have generated the token we will need to store it in a secret so that it can be used within a workflow. Create a new repository secret named CR_PAT
and paste the PAT token in as the value.

Activity 2: Apply labels to create resources
- Apply the
spin up environment
label to your open pull request. Wait for the GitHub Actions workflow to run and spin up your Azure environment.


- After apply the label to pull request, the workflow would be triggered

Step 4: Deploy to a staging environment based on labels
Activity 1: Set up production-deployment-workflow
branch
- Navigate to Actions > New workflow > set up a workflow yourself

- Use the workflow as below
- Save the file named
deploy-prod.yml
- Click Start commit with create a new branch named
production-deployment-workflow

- No need to create pull request
Activity 2: Apply labels to deploy to staging
- Apply the
stage
label to your open pull request of staging-test
to main

- Wait for the GitHub Actions workflow to run and deploy the application to your Azure environment

Step 5: Deploy to a production environment based on labels
-
Click Merge pull request and leave this tab open as we will be applying a label to the closed pull request in the next step.


-
Apply the destroy environment
label to your merged production-deployment-workflow pull request. If you have already closed the tab with your pull request, you can open it again by clicking Pull requests and then clicking the Closed filter to view merged pull requests.

Issue

Reference