Skip to main content

Github Actions CI/CD

What is GitHub Actions? It's an API for orchestration of workflows, events, and now, CI/CD. You may be asking yourself the same question I've asked - If Microsoft has Azure DevOps for CI/CD, why put CI/CD into Github? Well, it's simple. Not everyone that uses Github uses Azure DevOps. Some use Jenkins, Octopus, or Gitlab CI. The interesting part about GitHub Actions CI/CD is the fact that it's all YAML based, just like YAML pipelines in Azure DevOps.

Now that we know what GitHub Actions is, how about we take a look at how it works? To see how it works in action, we're going to create a webapp.


1) Azure account
2) GitHub account (free or paid)

I'm going to head over to my GitHub page and use my Cloudengineer_PowershellAzure repo.

Next I'm going to click on the "Actions" tab and scroll down until I see the "Docker image" workload. Click on "Set up this workflow".

As we can see above, this is a default YAML file.

Now that we know we'll be building and pushing a Docker image, let's create our registry in Azure using ACR (Azure Container Registry).

az acr create --name name_of_your_registry --resource-group Development --sku Basic

Let's start customizing our YAML config for our Dockerfile.

Let's go over what we see above;
1. env: is like environment variables.
2. The name is the name of your action. This can be whatever you prefer
3. on: [Push] means when you push a Dockerfile, kick off the action.
4. runs-on is the agent that is running your YAML file. We are using the Ubuntu agent provided by Microsoft.
5. under steps;
    uses = The API you're using for this task
    name = The name of your task
    run = What commands you are running
You will also see an authentication portion which starts on line 17. This is for your YAML code to authenticate to ACR, which is needed to push your Docker image. To set up your secrets, do the following;

1. On your GitHub page, go to the main page of your repo.
2. Under your repo name, click the gear icon for your settings
3. On the left sidebar you will see a tab for secrets.
4. Click "Add a new secret".

Create your secrets for ACR. This will be your username/password that you sign into Azure with. It must be in a JSON format, so the value of each secret will look like;

"username": "your_email_address"

Ensure the app registration you creation in Azure Active Directory has at least contributor role assignment access to your subscription.

Once you're done, go ahead and commit that with the green "Start commit" button.

Now we're ready to create our Dockerfile. Pull down your repo to VSCode or whichever IDE/editor you prefer. In your parent directory, create a Dockerfile.

Now that we have our Dockerfile, push up the to your repo and head back over to actions. You should see your action now running.

Once your action is complete, you should see your pipeline completed!


Popular posts from this blog

DevOps tooling in the Microsoft realm

When I really started to dive into automation and practicing DevOps with specific tooling, there were a few key players. At the time Microsoft was not one of them. They were just starting to embrace the open source world, including the art and practice of DevOps. Since then Microsoft has went all in and the tech giant has made some incredible tooling. Recently I switched to a Microsoft-heavy environment and I love it. I went from AWS/Python/Ansible/Jenkins to Azure/PowerShell/ARM/Azure DevOps. My first programming language was PowerShell so being back in the saddle allowed me to do a full circle between all of the different types of tooling in both worlds. Today I want to share some of that tooling with you.

The first thing I want to talk about is ARM. What is ARM? ARM is a configuration management tool that allows you to perform software-defined-infrastructure. Much like Ansible and Terraform, ARM allows you to define what you want your environment to look like at scale. With ARM, yo…

Monitoring your containers in an AKS cluster with Prometheus

Monitoring and alerting is arguably one of the most important thing in Cloud Engineering and DevOps. It's the difference between your clients stack being up and a client being down. Most of us have SLA's to abide by (for good reason). Today we're going to learn how to spin up Prometheus in an AKS cluster to monitor our applications.

1. Intermediate knowledge of Kubernetes
2. An AKS cluster spun up in Azure

Recently AKS supports Prometheus via Helm, so we'll use that for an automated solution to spin this up. This installs kube-prometheus, which is a containerized version of the application. With raw Prometheus, there are a few things that are needed for the operator;

1. Prometheus: Defines a desired deployment.
2. ServiceMonitor: Specifies how groups of services should be monitored
3. Alertmanager: Defines the operator to ensure services and deployments are running by matching the resource

With kube-prometheus, it is all packaged for you. This means configuri…

Run PowerShell code with Ansible on a Windows Host

Ansible is one of the Configuration Manager kings in the game. With it's easy-to-understand syntax and even easier to use modules, Ansible is certainly a go-to when you're picking what Configuration Management you want to use for your organization. Your question may be "but Ansible is typically on Linux and what happens when I'm in a Windows environment?". Luckily I'm here to tell you that Ansible will still work! I was pleasantly surprised with how easy it is to use Ansible on Windows with a little WinRM magic. Let's get started.

Pre-requisites for this post:
1) WinRM set up to connect to your Windows host from Ansible
2) Ansible set up for Windows Remote Management
3) SSH access to the Ansible host
4) Proper firewall rules to allow WinRM (port 5985) access from your Ansible host to your Windows host
5) Hosts file set up in Ansible that has your IP or hostname of your Windows Server.
6) At least one Linux host running Ansible and one Windows Server host …