Step 1 - Deploy AKS Cluster #33

Workflow file for this run

	name: Deploy AKS Cluster

	on:
	workflow_dispatch:

	env:
	RESOURCE_GROUP: rg-pvt-aks-h100
	LOCATION: eastus2
	REGISTRY_NAME: gbbpvt
	CLUSTER_NAME: pvt-aks-h100
	TEMPLATE_FILE: main.bicep

	jobs:
	deploy:
	runs-on: ubuntu-latest

	permissions:
	id-token: write
	contents: read

	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	- name: Log in to Azure with federated identity (User Assigned Managed Identity)
	uses: azure/login@v2
	with:
	client-id: ${{ secrets.AZURE_CLIENT_ID }}
	tenant-id: ${{ secrets.AZURE_TENANT_ID }}
	subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}

	- name: Create resource group if it doesn’t exist
	run: \|
	az group create --name "${{ env.RESOURCE_GROUP }}" --location "${{ env.LOCATION }}"

	- name: Deploy Bicep Template
	uses: azure/bicep-deploy@v2
	with:
	type: deployment
	operation: create
	name: aks-deployment
	scope: resourceGroup
	subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
	template-file: ${{ env.TEMPLATE_FILE }}
	resource-group-name: ${{ env.RESOURCE_GROUP }}
	parameters: '{"registryName":"${{ env.REGISTRY_NAME }}","clusterName":"${{ env.CLUSTER_NAME }}","resourceGroupName":"${{ env.RESOURCE_GROUP }}","location":"${{ env.LOCATION }}"}'

	- name: Assign AcrPull role to kubelet identity
	run: \|
	KUBELET_ID=$(az aks show \
	-g "${{ env.RESOURCE_GROUP }}" \
	-n "${{ env.CLUSTER_NAME }}" \
	--query identityProfile.kubeletidentity.objectId -o tsv)

	ACR_ID=$(az acr show \
	-g "${{ env.RESOURCE_GROUP }}" \
	-n "${{ env.REGISTRY_NAME }}" \
	--query id -o tsv)

	echo "Assigning AcrPull role to kubelet identity..."
	az role assignment create \
	--assignee-object-id "$KUBELET_ID" \
	--role "AcrPull" \
	--scope "$ACR_ID"

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Step 1 - Deploy AKS Cluster #33

Workflow file

Step 1 - Deploy AKS Cluster #33

Uh oh!

Workflow file for this run