Refactor Azure deployment workflow to streamline AKS context setup and improve resource provisioning

devsocket · devsocket · commit 614cb5252915 · 2025-09-06T08:36:28.000-04:00
diff --git a/.github/workflows/terraform-infra-apply.yaml b/.github/workflows/terraform-infra-apply.yaml
@@ -17,7 +17,6 @@ jobs:
       ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
       ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
 
-
     steps:
       - name: Checkout code
         uses: actions/checkout@v3
@@ -33,17 +32,14 @@ jobs:
         uses: azure/login@v1
         with:
           creds: ${{ secrets.AZURE_CREDENTIALS }}
-          # client-id: ${{ secrets.AZURE_CLIENT_ID }}
-          # tenant-id: ${{ secrets.AZURE_TENANT_ID }}
-          # subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+
       - name: Show current subscription
         run: az account show --output json
 
       - name: Register Microsoft.Storage provider
-        run: |
-          az provider register --namespace Microsoft.Storage
+        run: az provider register --namespace Microsoft.Storage
 
-      - name: Povision backend resources
+      - name: Provision backend resources
         run: |
           az group create --name "ecommerce-qa-rg" --location "centralus" || true
           az storage account create --name "qatfstateaccount" --resource-group "ecommerce-qa-rg" --location "centralus" --sku Standard_LRS || true
@@ -64,6 +60,29 @@ jobs:
         run: terraform apply -auto-approve -var-file="terraform.tfvars"
         working-directory: terraform/environments/${{ steps.env.outputs.env_name }}
 
+      - name: Extract AKS info from Terraform outputs
+        id: aks
+        run: |
+          echo "cluster_name=$(terraform output -raw cluster_name)" >> $GITHUB_OUTPUT
+          echo "resource_group=$(terraform output -raw resource_group_name)" >> $GITHUB_OUTPUT
+        working-directory: terraform/environments/${{ steps.env.outputs.env_name }}
+
+      - name: Set AKS context
+        uses: azure/aks-set-context@v3
+        with:
+          resource-group: ${{ steps.aks.outputs.resource_group }}
+          cluster-name: ${{ steps.aks.outputs.cluster_name }}
+
+      - name: Create GHCR image pull secret
+        run: |
+          kubectl get secret ghcr-secret --namespace=default || \
+          kubectl create secret docker-registry ghcr-secret \
+            --docker-server=ghcr.io \
+            --docker-username=${{ secrets.GHCR_USERNAME }} \
+            --docker-password=${{ secrets.AKS_GHCR_PAT }} \
+            --docker-email=venkatasudheerkumar.kondeti@gmail.com \
+            --namespace=default
+
       - name: Delete apply branch
         if: startsWith(github.ref, 'refs/heads/apply/')
         env:
@@ -73,4 +92,4 @@ jobs:
           echo "Deleting branch: $BRANCH_NAME"
           gh api \
             -X DELETE \
-            /repos/${{ github.repository }}/git/refs/heads/$BRANCH_NAME
+            /repos/${{ github.repository }}/git/refs/heads/$BRANCH_NAME
diff --git a/terraform/modules/aks/outputs.tf b/terraform/modules/aks/outputs.tf
@@ -10,4 +10,9 @@ output "kube_config" {
     client_key             = azurerm_kubernetes_cluster.this.kube_config[0].client_key
     cluster_ca_certificate = azurerm_kubernetes_cluster.this.kube_config[0].cluster_ca_certificate
   }
-}
+}
+
+output "resource_group_name" {
+  description = "The resource group where AKS is deployed"
+  value       = azurerm_kubernetes_cluster.this.resource_group_name
+}
