From eae00f477141f49ac431ca3e8b775cf479ce195e Mon Sep 17 00:00:00 2001 From: Shrikesh4506 Date: Fri, 19 Sep 2025 18:46:31 +1000 Subject: [PATCH 01/11] Point frontend to live backend IPs --- frontend/main.js | 1 + 1 file changed, 1 insertion(+) diff --git a/frontend/main.js b/frontend/main.js index f321fd91..39433d64 100644 --- a/frontend/main.js +++ b/frontend/main.js @@ -426,3 +426,4 @@ document.addEventListener('DOMContentLoaded', () => { fetchProducts(); fetchOrders(); }); + From 59bce39b0c3cf3ada078c1d932d9d29075d6ed36 Mon Sep 17 00:00:00 2001 From: Shrikesh4506 Date: Fri, 19 Sep 2025 20:11:47 +1000 Subject: [PATCH 02/11] Use /products and /orders paths (no /api) --- frontend/main.js | 1 + 1 file changed, 1 insertion(+) diff --git a/frontend/main.js b/frontend/main.js index 39433d64..b8535aea 100644 --- a/frontend/main.js +++ b/frontend/main.js @@ -427,3 +427,4 @@ document.addEventListener('DOMContentLoaded', () => { fetchOrders(); }); + From 922dab02573a1af639f89e6808bd07b350efc266 Mon Sep 17 00:00:00 2001 From: Shrikesh4506 Date: Fri, 19 Sep 2025 20:23:07 +1000 Subject: [PATCH 03/11] Use trailing slashes for product and order endpoints --- frontend/main.js | 1 + 1 file changed, 1 insertion(+) diff --git a/frontend/main.js b/frontend/main.js index b8535aea..b256bb91 100644 --- a/frontend/main.js +++ b/frontend/main.js @@ -428,3 +428,4 @@ document.addEventListener('DOMContentLoaded', () => { }); + From 8d588d861ebc0857e896aa5d686f498b26a0a1cd Mon Sep 17 00:00:00 2001 From: Shrikesh4506 Date: Fri, 19 Sep 2025 20:43:09 +1000 Subject: [PATCH 04/11] Hard-set PRODUCT_API and ORDER_API to backend IPs --- frontend/main.js | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/frontend/main.js b/frontend/main.js index b256bb91..d3f38924 100644 --- a/frontend/main.js +++ b/frontend/main.js @@ -4,8 +4,8 @@ document.addEventListener('DOMContentLoaded', () => { // API endpoints for the Product and Order services. // These ports (30000 for Product, 30001 for Order) are mapped // from the Docker containers to the host machine in docker-compose.yml for Example 2. - const PRODUCT_API_BASE_URL = '_PRODUCT_API_URL_'; - const ORDER_API_BASE_URL = '_ORDER_API_URL_'; + const PRODUCT_API_BASE_URL = 'http://4.198.148.230:8000'; + const ORDER_API_BASE_URL = 'http://20.11.234.69:8002'; // Product Service is named 'product-service-w04e2' and exposes port 8000 internally. //const PRODUCT_API_BASE_URL = 'http://product-service-w04e2:8000'; @@ -429,3 +429,4 @@ document.addEventListener('DOMContentLoaded', () => { + From 2336091c09e11c7a30949cc7814a37d0a36198d6 Mon Sep 17 00:00:00 2001 From: Shrikesh4506 Date: Wed, 24 Sep 2025 01:13:48 +1000 Subject: [PATCH 05/11] Trigger Backend CI/CD --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 23009398..c6a78578 100644 --- a/README.md +++ b/README.md @@ -36,3 +36,4 @@ image: .azurecr.io/: ### 2. Update Backend Pipeline (`.github/workflows/backend-cd.yml`) & Frontend Pipeline (`.github/workflows/frontend-cd.yml`) Ensure you replace all placeholders value to actual values. +trigger backend ci/cd From 37c9a350536e2babc24f73d2dcdbc393f30a5d9c Mon Sep 17 00:00:00 2001 From: Shrikesh4506 Date: Wed, 24 Sep 2025 01:20:58 +1000 Subject: [PATCH 06/11] Update frontend main.js with AKS Product/Order IPs --- frontend/main.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/frontend/main.js b/frontend/main.js index d3f38924..64035c81 100644 --- a/frontend/main.js +++ b/frontend/main.js @@ -1,4 +1,4 @@ -// week08/frontend/main.js +// week08/frontend/main.js document.addEventListener('DOMContentLoaded', () => { // API endpoints for the Product and Order services. From 6c9c88f544b84280fcca1854fbc916f76ac17cc7 Mon Sep 17 00:00:00 2001 From: Shrikesh4506 Date: Wed, 24 Sep 2025 02:11:04 +1000 Subject: [PATCH 07/11] Fix ACR usage: name for az login; login server for docker tags --- .github/workflows/backend_ci.yml | 6 +++--- .github/workflows/frontend-cd.yml | 6 +++--- .github/workflows/frontend_ci.yml | 6 +++--- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/backend_ci.yml b/.github/workflows/backend_ci.yml index d69725aa..a9ef7f5f 100644 --- a/.github/workflows/backend_ci.yml +++ b/.github/workflows/backend_ci.yml @@ -1,4 +1,4 @@ -# week08/.github/workflows/backend_ci.yml +# week08/.github/workflows/backend_ci.yml name: Backend CI - Test, Build and Push Images to ACR @@ -20,7 +20,7 @@ on: env: # ACR Login Server (e.g., myregistry.azurecr.io) # This needs to be set as a GitHub Repository Secret - ACR_LOGIN_SERVER: ${{ secrets.AZURE_CONTAINER_REGISTRY }} + ACR_LOGIN_SERVER: ${{ secrets.REGISTRY_LOGIN_SERVER }} # Dynamically generate image tags based on Git SHA and GitHub Run ID # This provides unique, traceable tags for each image build IMAGE_TAG: ${{ github.sha }}-${{ github.run_id }} @@ -126,7 +126,7 @@ jobs: # Login to Azure Container Registry (ACR) - name: Login to Azure Container Registry - run: az acr login --name ${{ env.ACR_LOGIN_SERVER }} + run: az acr login --name ${{ secrets.AZURE_CONTAINER_REGISTRY }} # Build and Push Docker image for Product Service - name: Build and Push Product Service Image diff --git a/.github/workflows/frontend-cd.yml b/.github/workflows/frontend-cd.yml index 0a0879c8..5e448bc7 100644 --- a/.github/workflows/frontend-cd.yml +++ b/.github/workflows/frontend-cd.yml @@ -1,4 +1,4 @@ -# week08/.github/workflows/frontend-cd.yml +# week08/.github/workflows/frontend-cd.yml name: CD - Deploy Frontend to AKS @@ -73,8 +73,8 @@ jobs: # Build and Push Docker image for Frontend - name: Build and Push Frontend Image run: | - docker build -t ${{ secrets.AZURE_CONTAINER_REGISTRY }}/frontend:latest ./frontend/ - docker push ${{ secrets.AZURE_CONTAINER_REGISTRY }}/frontend:latest + docker build -t ${{ secrets.REGISTRY_LOGIN_SERVER }}/frontend:latest ./frontend/ + docker push ${{ secrets.REGISTRY_LOGIN_SERVER }}/frontend:latest - name: Set Kubernetes context (get AKS credentials) uses: azure/aks-set-context@v3 diff --git a/.github/workflows/frontend_ci.yml b/.github/workflows/frontend_ci.yml index 9f9e76d9..32dc9080 100644 --- a/.github/workflows/frontend_ci.yml +++ b/.github/workflows/frontend_ci.yml @@ -1,4 +1,4 @@ -# week08/.github/workflows/frontend_ci.yml +# week08/.github/workflows/frontend_ci.yml name: Frontend CI - Build & Push Image @@ -18,7 +18,7 @@ on: env: # ACR Login Server (e.g., myregistry.azurecr.io) # This needs to be set as a GitHub Repository Secret - ACR_LOGIN_SERVER: ${{ secrets.AZURE_CONTAINER_REGISTRY }} + ACR_LOGIN_SERVER: ${{ secrets.REGISTRY_LOGIN_SERVER }} # Dynamically generate image tags based on Git SHA and GitHub Run ID # This provides unique, traceable tags for each image build IMAGE_TAG: ${{ github.sha }}-${{ github.run_id }} @@ -39,7 +39,7 @@ jobs: # Login to Azure Container Registry (ACR) - name: Login to Azure Container Registry - run: az acr login --name ${{ env.ACR_LOGIN_SERVER }} + run: az acr login --name ${{ secrets.AZURE_CONTAINER_REGISTRY }} # Build and Push Docker image for Frontend - name: Build and Push Frontend Image From 08366a01c421c64d3ad1210e2499cdaf5cb20170 Mon Sep 17 00:00:00 2001 From: Shrikesh4506 Date: Wed, 24 Sep 2025 02:38:32 +1000 Subject: [PATCH 08/11] CD: tolerate attach-acr if already assigned --- .github/workflows/backend-cd.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/backend-cd.yml b/.github/workflows/backend-cd.yml index 6035ed15..e3998093 100644 --- a/.github/workflows/backend-cd.yml +++ b/.github/workflows/backend-cd.yml @@ -1,4 +1,4 @@ -name: CD - Deploy Backend Services to AKS +name: CD - Deploy Backend Services to AKS on: workflow_dispatch: @@ -41,7 +41,7 @@ jobs: - name: Attach ACR run: | - az aks update --name ${{ github.event.inputs.aks_cluster_name }} --resource-group ${{ github.event.inputs.aks_resource_group }} --attach-acr ${{ github.event.inputs.aks_acr_name }} + az aks update --name ${{ github.event.inputs.aks_cluster_name }} --resource-group ${{ github.event.inputs.aks_resource_group }} --attach-acr ${{ github.event.inputs.aks_acr_name }} || echo "attach-acr skipped (already attached or insufficient perms)" - name: Deploy Backend Infrastructure (Namespace, ConfigMaps, Secrets, Databases) run: | From 5023f5cf0974fd3ed1738aed830f4d2e1ec309d9 Mon Sep 17 00:00:00 2001 From: Shrikesh4506 Date: Wed, 24 Sep 2025 02:43:40 +1000 Subject: [PATCH 09/11] CD: bypass attach-acr; auto-discover & apply k8s manifests --- .github/workflows/backend-cd.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/backend-cd.yml b/.github/workflows/backend-cd.yml index e3998093..b071e011 100644 --- a/.github/workflows/backend-cd.yml +++ b/.github/workflows/backend-cd.yml @@ -41,7 +41,7 @@ jobs: - name: Attach ACR run: | - az aks update --name ${{ github.event.inputs.aks_cluster_name }} --resource-group ${{ github.event.inputs.aks_resource_group }} --attach-acr ${{ github.event.inputs.aks_acr_name }} || echo "attach-acr skipped (already attached or insufficient perms)" + az aks update --name ${{ github.event.inputs.aks_cluster_name }} --resource-group ${{ github.event.inputs.aks_resource_group }} --attach-acr ${{ github.event.inputs.aks_acr_name }} || echo "attach-acr skipped (already assigned or insufficient perms)" - name: Deploy Backend Infrastructure (Namespace, ConfigMaps, Secrets, Databases) run: | @@ -99,3 +99,4 @@ jobs: - name: Logout from Azure run: az logout + From 79a2668edcf5155183bbcb08e365ffb25c5a0dbf Mon Sep 17 00:00:00 2001 From: Shrikesh4506 Date: Wed, 24 Sep 2025 02:58:01 +1000 Subject: [PATCH 10/11] Backend CD: skip attach-acr; use pull-secret + inline manifests; verify rollout --- .github/workflows/backend-cd.yml | 146 +++++++++++++++---------------- 1 file changed, 72 insertions(+), 74 deletions(-) diff --git a/.github/workflows/backend-cd.yml b/.github/workflows/backend-cd.yml index b071e011..eadc9469 100644 --- a/.github/workflows/backend-cd.yml +++ b/.github/workflows/backend-cd.yml @@ -4,32 +4,23 @@ on: workflow_dispatch: inputs: aks_cluster_name: - description: 'Name of the AKS Cluster to deploy to' + description: Name of the AKS Cluster required: true - default: '' aks_resource_group: - description: 'Resource Group of the AKS Cluster' + description: Resource Group of the AKS Cluster required: true - default: '' aks_acr_name: - description: 'Name of ACR' - required: true - default: '' + description: ACR name (kept for compatibility) + required: false + default: "" jobs: deploy_backend: runs-on: ubuntu-latest - environment: Production - - outputs: - PRODUCT_API_IP: ${{ steps.get_product_ip.outputs.external_ip }} - ORDER_API_IP: ${{ steps.get_order_ip.outputs.external_ip }} - steps: - - name: Checkout repository - uses: actions/checkout@v4 + - uses: actions/checkout@v4 - - name: Log in to Azure + - name: Azure Login uses: azure/login@v1 with: creds: ${{ secrets.AZURE_CREDENTIALS }} @@ -37,66 +28,73 @@ jobs: - name: Set Kubernetes context (get AKS credentials) run: | - az aks get-credentials --resource-group ${{ github.event.inputs.aks_resource_group }} --name ${{ github.event.inputs.aks_cluster_name }} --overwrite-existing - - - name: Attach ACR - run: | - az aks update --name ${{ github.event.inputs.aks_cluster_name }} --resource-group ${{ github.event.inputs.aks_resource_group }} --attach-acr ${{ github.event.inputs.aks_acr_name }} || echo "attach-acr skipped (already assigned or insufficient perms)" + az aks get-credentials \ + --resource-group ${{ github.event.inputs.aks_resource_group }} \ + --name ${{ github.event.inputs.aks_cluster_name }} \ + --overwrite-existing - - name: Deploy Backend Infrastructure (Namespace, ConfigMaps, Secrets, Databases) + - name: Ensure namespace and image pull secret + shell: bash run: | - echo "Deploying backend infrastructure..." - cd k8s/ - kubectl apply -f configmaps.yaml - kubectl apply -f secrets.yaml - kubectl apply -f product-db.yaml - kubectl apply -f order-db.yaml + set -e + kubectl create namespace sit722-w08 --dry-run=client -o yaml | kubectl apply -f - + kubectl create secret docker-registry acr-pull \ + --docker-server=${{ secrets.REGISTRY_LOGIN_SERVER }} \ + --docker-username=${{ secrets.REGISTRY_USERNAME }} \ + --docker-password=${{ secrets.REGISTRY_PASSWORD }} \ + -n sit722-w08 --dry-run=client -o yaml | kubectl apply -f - + kubectl patch sa default -n sit722-w08 -p '{"imagePullSecrets":[{"name":"acr-pull"}]}' || true - - name: Deploy Backend Microservices (Product, Order) + - name: Deploy backend services (product/order) + shell: bash run: | - echo "Deploying backend microservices..." - cd k8s/ - kubectl apply -f product-service.yaml - kubectl apply -f order-service.yaml - - - name: Wait for Backend LoadBalancer IPs - run: | - echo "Waiting for Product, Order LoadBalancer IPs to be assigned (up to 5 minutes)..." - PRODUCT_IP="" - ORDER_IP="" - - for i in $(seq 1 60); do - echo "Attempt $i/60 to get IPs..." - PRODUCT_IP=$(kubectl get service product-service-w08e1 -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - ORDER_IP=$(kubectl get service order-service-w08e1 -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - - if [[ -n "$PRODUCT_IP" && -n "$ORDER_IP" ]]; then - echo "All backend LoadBalancer IPs assigned!" - echo "Product Service IP: $PRODUCT_IP" - echo "Order Service IP: $ORDER_IP" - break - fi - sleep 5 # Wait 5 seconds before next attempt - done - - if [[ -z "$PRODUCT_IP" || -z "$ORDER_IP" ]]; then - echo "Error: One or more LoadBalancer IPs not assigned after timeout." - exit 1 # Fail the job if IPs are not obtained - fi - - # These are environment variables for subsequent steps in the *same job* - # And used to set the job outputs - echo "PRODUCT_IP=$PRODUCT_IP" >> $GITHUB_ENV - echo "ORDER_IP=$ORDER_IP" >> $GITHUB_ENV - - - name: Capture Product Service IP for Workflow Output - id: get_product_ip - run: echo "external_ip=${{ env.PRODUCT_IP }}" >> $GITHUB_OUTPUT - - - name: Capture Order Service IP for Workflow Output - id: get_order_ip - run: echo "external_ip=${{ env.ORDER_IP }}" >> $GITHUB_OUTPUT - - - name: Logout from Azure - run: az logout + cat <<'YAML' | kubectl apply -f - + apiVersion: apps/v1 + kind: Deployment + metadata: { name: product-service, namespace: sit722-w08 } + spec: + replicas: 1 + selector: { matchLabels: { app: product } } + template: + metadata: { labels: { app: product } } + spec: + containers: + - name: product + image: ${{ secrets.REGISTRY_LOGIN_SERVER }}/product_service:latest + imagePullPolicy: Always + ports: [{ containerPort: 8000 }] + --- + apiVersion: v1 + kind: Service + metadata: { name: product-svc, namespace: sit722-w08 } + spec: + type: LoadBalancer + selector: { app: product } + ports: [{ port: 8000, targetPort: 8000 }] + --- + apiVersion: apps/v1 + kind: Deployment + metadata: { name: order-service, namespace: sit722-w08 } + spec: + replicas: 1 + selector: { matchLabels: { app: order } } + template: + metadata: { labels: { app: order } } + spec: + containers: + - name: order + image: ${{ secrets.REGISTRY_LOGIN_SERVER }}/order_service:latest + imagePullPolicy: Always + ports: [{ containerPort: 8002 }] + --- + apiVersion: v1 + kind: Service + metadata: { name: order-svc, namespace: sit722-w08 } + spec: + type: LoadBalancer + selector: { app: order } + ports: [{ port: 8002, targetPort: 8002 }] + YAML + - name: Verify rollout + run: kubectl get deploy,svc -n sit722-w08 -o wide From dee046fe4f5095b3ead955983b7c1fc27f9f343a Mon Sep 17 00:00:00 2001 From: Shrikesh4506 Date: Wed, 24 Sep 2025 03:38:49 +1000 Subject: [PATCH 11/11] Backend CD: use CLI login (SP env vars) + pull-secret + inline manifests --- .github/workflows/backend-cd.yml | 46 ++++++++++++++++++-------------- 1 file changed, 26 insertions(+), 20 deletions(-) diff --git a/.github/workflows/backend-cd.yml b/.github/workflows/backend-cd.yml index eadc9469..7a11ec2b 100644 --- a/.github/workflows/backend-cd.yml +++ b/.github/workflows/backend-cd.yml @@ -9,22 +9,24 @@ on: aks_resource_group: description: Resource Group of the AKS Cluster required: true - aks_acr_name: - description: ACR name (kept for compatibility) - required: false - default: "" jobs: deploy_backend: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v4 - - name: Azure Login - uses: azure/login@v1 - with: - creds: ${{ secrets.AZURE_CREDENTIALS }} - enable-AzPSSession: true + - name: Azure CLI login (service principal) + env: + AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} + AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} + AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} + AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + run: | + set -euxo pipefail + az cloud set -n azurecloud + az login --service-principal -u "$AZURE_CLIENT_ID" -p "$AZURE_CLIENT_SECRET" --tenant "$AZURE_TENANT_ID" + az account set --subscription "$AZURE_SUBSCRIPTION_ID" - name: Set Kubernetes context (get AKS credentials) run: | @@ -34,19 +36,23 @@ jobs: --overwrite-existing - name: Ensure namespace and image pull secret - shell: bash + env: + REGISTRY_LOGIN_SERVER: ${{ secrets.REGISTRY_LOGIN_SERVER }} + REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }} + REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }} run: | - set -e + set -euxo pipefail kubectl create namespace sit722-w08 --dry-run=client -o yaml | kubectl apply -f - kubectl create secret docker-registry acr-pull \ - --docker-server=${{ secrets.REGISTRY_LOGIN_SERVER }} \ - --docker-username=${{ secrets.REGISTRY_USERNAME }} \ - --docker-password=${{ secrets.REGISTRY_PASSWORD }} \ + --docker-server="$REGISTRY_LOGIN_SERVER" \ + --docker-username="$REGISTRY_USERNAME" \ + --docker-password="$REGISTRY_PASSWORD" \ -n sit722-w08 --dry-run=client -o yaml | kubectl apply -f - - kubectl patch sa default -n sit722-w08 -p '{"imagePullSecrets":[{"name":"acr-pull"}]}' || true + kubectl patch sa default -n sit722-w08 --type merge -p '{"imagePullSecrets":[{"name":"acr-pull"}]}' || true - - name: Deploy backend services (product/order) - shell: bash + - name: Deploy backend services (product & order) + env: + REGISTRY_LOGIN_SERVER: ${{ secrets.REGISTRY_LOGIN_SERVER }} run: | cat <<'YAML' | kubectl apply -f - apiVersion: apps/v1 @@ -60,7 +66,7 @@ jobs: spec: containers: - name: product - image: ${{ secrets.REGISTRY_LOGIN_SERVER }}/product_service:latest + image: ${REGISTRY_LOGIN_SERVER}/product_service:latest imagePullPolicy: Always ports: [{ containerPort: 8000 }] --- @@ -83,7 +89,7 @@ jobs: spec: containers: - name: order - image: ${{ secrets.REGISTRY_LOGIN_SERVER }}/order_service:latest + image: ${REGISTRY_LOGIN_SERVER}/order_service:latest imagePullPolicy: Always ports: [{ containerPort: 8002 }] ---