-
Notifications
You must be signed in to change notification settings - Fork 506
Expand file tree
/
Copy pathazure-deploy-containerapp.json
More file actions
198 lines (198 loc) · 20 KB
/
azure-deploy-containerapp.json
File metadata and controls
198 lines (198 loc) · 20 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
{
"Id": "db701b9a-5dbe-477e-b820-07f9e354f634",
"Name": "Azure - Deploy Container App",
"Description": "Deploys a container to an Azure Container App Environment",
"ActionType": "Octopus.Script",
"Version": 9,
"CommunityActionTemplateId": null,
"Packages": [
{
"Id": "636b2191-09f6-4f86-a59c-97e1891475db",
"Name": "Template.Azure.Container.Image",
"PackageId": null,
"FeedId": null,
"AcquisitionLocation": "NotAcquired",
"Properties": {
"Extract": "False",
"SelectionMode": "deferred",
"PackageParameterName": "Template.Azure.Container.Image",
"Purpose": ""
}
}
],
"Properties": {
"Octopus.Action.Script.ScriptSource": "Inline",
"Octopus.Action.Script.Syntax": "PowerShell",
"Octopus.Action.Script.ScriptBody": "# Define functions\nfunction Get-ModuleInstalled\n{\n # Define parameters\n param(\n $PowerShellModuleName\n )\n\n # Check to see if the module is installed\n if ($null -ne (Get-Module -ListAvailable -Name $PowerShellModuleName))\n {\n # It is installed\n return $true\n }\n else\n {\n # Module not installed\n return $false\n }\n}\n\nfunction Get-NugetPackageProviderNotInstalled\n{\n\t# See if the nuget package provider has been installed\n return ($null -eq (Get-PackageProvider -ListAvailable -Name Nuget -ErrorAction SilentlyContinue))\n}\n\nfunction Install-PowerShellModule\n{\n # Define parameters\n param(\n $PowerShellModuleName,\n $LocalModulesPath\n )\n\n\t# Check to see if the package provider has been installed\n if ((Get-NugetPackageProviderNotInstalled) -ne $false)\n {\n \t# Display that we need the nuget package provider\n Write-Host \"Nuget package provider not found, installing ...\"\n \n # Install Nuget package provider\n Install-PackageProvider -Name Nuget -Force\n }\n\n\t# Save the module in the temporary location\n Write-Host \"Saving module $PowerShellModuleName to temporary folder ...\"\n Save-Module -Name $PowerShellModuleName -Path $LocalModulesPath -Force\n Write-Host \"Save successful!\"\n}\n\n# Check to see if $IsWindows is available\nif ($null -eq $IsWindows)\n{\n Write-Host \"Determining Operating System...\"\n $IsWindows = ([System.Environment]::OSVersion.Platform -eq \"Win32NT\")\n $IsLinux = ([System.Environment]::OSVersion.Platform -eq \"Unix\")\n}\n\n# Check to see if it's running on Windows\nif ($IsWindows)\n{\n\t# Disable the progress bar so downloading files via Invoke-WebRequest are faster\n $ProgressPreference = 'SilentlyContinue'\n}\n\nif ($PSEdition -eq \"Core\") {\n $PSStyle.OutputRendering = \"PlainText\"\n}\n\n# Define PowerShell Modules path\n$LocalModules = (New-Item \"$PWD/modules\" -ItemType Directory -Force).FullName\n$env:PSModulePath = \"$LocalModules$([IO.Path]::PathSeparator)$env:PSModulePath\"\n$azureModule = \"Az.App\"\n\n# Get variables\n$templateAzureAccountClient = $OctopusParameters['Template.Azure.Account.ClientId']\n$templateAzureAccountPassword = $OctopusParameters['Template.Azure.Account.Password']\n$templateAzureAccountTenantId = $OctopusParameters['Template.Azure.Account.TenantId']\n$templateAzureResourceGroup = $OctopusParameters['Template.Azure.ResourceGroup.Name']\n$templateAzureSubscriptionId = $OctopusParameters['Template.Azure.Account.SubscriptionId']\n$templateEnvironmentName = $OctopusParameters['Template.ContainerApp.Environment.Name']\n$templateAzureLocation = $OctopusParameters['Template.Azure.Location.Name']\n$templateAzureContainer = $OctopusParameters['Template.Azure.Container.Image']\n$templateAzureContainerIngressPort = $OctopusParameters['Template.Azure.Container.Ingress.Port']\n$templateAzureContainerIngressExternal = $OctopusParameters['Template.Azure.Container.ExternalIngress']\n$vmMetaData = $null\n$secretRef = @()\n$templateAzureContainerSecrets = $null\n$templateAzureJWTToken = $OctopusParameters['Template.Azure.Account.JWTToken']\n\nif (![string]::IsNullOrWhitespace($OctopusParameters['Template.Azure.Container.Variables']))\n{\n $templateAzureContainerEnvVars = ($OctopusParameters['Template.Azure.Container.Variables'] | ConvertFrom-JSON)\n}\nelse\n{\n\t$templateAzureContainerEnvVars = $null\n}\n\nif (![string]::IsNullOrWhitespace($OctopusParameters['Template.Azure.Container.Secrets']))\n{\n $templateAzureContainerSecrets = ($OctopusParameters['Template.Azure.Container.Secrets'] | ConvertFrom-JSON)\n}\nelse\n{\n\t$templateAzureContainerSecrets = $null\n}\n\n$templateAzureContainerCPU = $OctopusParameters['Template.Azure.Container.Cpu']\n$templateAzureContainerMemory = $OctopusParameters['Template.Azure.Container.Memory']\n\n# Check for required PowerShell module\nWrite-Host \"Checking for module $azureModule ...\"\n\nif ((Get-ModuleInstalled -PowerShellModuleName $azureModule) -eq $false)\n{\n\t# Install the module\n Install-PowerShellModule -PowerShellModuleName $azureModule -LocalModulesPath $LocalModules\n}\n\n# Import the necessary module\nWrite-Host \"Importing module $azureModule ...\"\nImport-Module $azureModule\n\n# Check to see if the account was specified\nif (![string]::IsNullOrWhitespace($templateAzureAccountClient))\n{\n\t# Login using the provided account\n Write-Host \"Logging in as specified account ...\"\n\n # Check to see if the jtw token was given\n if (![string]::IsNullOrWhitespace($templateAzureJWTToken))\n {\n # Log in with OIDC\n Write-Host \"Logging in using OIDC ...\"\n\n \n # Log in\n Connect-AzAccount -FederatedToken $templateAzureJWTToken -ApplicationId $templateAzureAccountClient -Tenant $templateAzureAccountTenantId -Subscription $templateAzureSubscriptionId | Out-Null \n }\n\n if (![string]::IsNullOrWhitespace($templateAzureAccountPassword))\n {\n # Log in with Azure Service Principal\n Write-Host \"Logging in with Azure Service Principal ...\"\n \n # Create credential object for az module\n\t $securePassword = ConvertTo-SecureString $templateAzureAccountPassword -AsPlainText -Force\n\t $azureCredentials = New-Object System.Management.Automation.PSCredential ($templateAzureAccountClient, $securePassword) \n\n Connect-AzAccount -Credential $azureCredentials -ServicePrincipal -Tenant $templateAzureAccountTenantId -Subscription $templateAzureSubscriptionId | Out-Null\n } \n \n Write-Host \"Login successful!\"\n}\nelse\n{\n\tWrite-Host \"Using machine Managed Identity ...\"\n $vmMetaData = Invoke-RestMethod -Headers @{\"Metadata\"=\"true\"} -Method GET -Uri \"http://169.254.169.254/metadata/instance?api-version=2021-02-01\"\n \n Connect-AzAccount -Identity\n \n # Get Identity context\n $identityContext = Get-AzContext\n \n # Set variables\n $templateAzureSubscriptionId = $vmMetaData.compute.subscriptionId\n \n if ([string]::IsNullOrWhitespace($templateAzureAccountTenantId))\n {\n \t$templateAzureAccountTenantId = $identityContext.Tenant\n }\n \n Set-AzContext -Tenant $templateAzureAccountTenantId | Out-Null\n\tWrite-Host \"Successfully set context for Managed Identity!\"\n}\n\n# Check to see if the environment name is a / in it\nif ($templateEnvironmentName.Contains(\"/\") -ne $true)\n{\n\t# Lookup environment id by name\n Write-Host \"Looking up Managed Environment by Name ...\"\n $templateEnvironmentName = (Get-AzContainerAppManagedEnv -ResourceGroupName $templateAzureResourceGroup -EnvName $templateEnvironmentName -SubscriptionId $templateAzureSubscriptionId).Id\n}\n\n# Build parameter list to pass to New-AzContainerAppTemplateObject\n$PSBoundParameters.Add(\"Image\", $OctopusParameters[\"Octopus.Action.Package[Template.Azure.Container.Image].Image\"])\n$PSBoundParameters.Add(\"Name\", $OctopusParameters[\"Template.Azure.Container.Name\"])\n\nif (![string]::IsNullOrWhitespace($templateAzureContainerCPU))\n{\n $PSBoundParameters.Add(\"ResourceCpu\", \"$templateAzureContainerCPU\")\n}\n\nif (![string]::IsNullOrWhitespace($templateAzureContainerMemory))\n{\n $PSBoundParameters.Add(\"ResourceMemory\", \"$templateAzureContainerMemory\")\n}\n\nif ($null -ne $templateAzureContainerEnvVars)\n{\n # Loop through list\n $envVars = @()\n foreach ($envVar in $templateAzureContainerEnvVars)\n {\n \t$envEntry = @{}\n $envEntry.Add(\"Name\", $envVar.Name)\n \n # Check for specific property\n if ($envVar.SecretRef)\n {\n \t$envEntry.Add(\"SecretRef\", $envVar.SecretRef)\n }\n else\n {\n \t$envEntry.Add(\"Value\", $envVar.Value)\n }\n \n # Add to collection\n $envVars += $envEntry\n }\n \n $PSBoundParameters.Add(\"Env\", $envVars)\n}\n\nif ($null -ne $templateAzureContainerSecrets)\n{\n\t# Loop through list\n foreach ($secret in $templateAzureContainerSecrets)\n {\n # Create new secret object and add to array\n $secretRef += New-AzContainerAppSecretObject -Name $secret.Name -Value $secret.Value\n }\n}\n\n# Create new container app\n$containerDefinition = New-AzContainerAppTemplateObject @PSBoundParameters\n$PSBoundParameters.Clear()\n\n# Define ingress components\nif (![string]::IsNullOrWhitespace($templateAzureContainerIngressPort))\n{\n\t$PSBoundParameters.Add(\"IngressExternal\", [System.Convert]::ToBoolean($templateAzureContainerIngressExternal))\n $PSBoundParameters.Add(\"IngressTargetPort\", $templateAzureContainerIngressPort)\n}\n\n# Check the image\nif ($OctopusParameters[\"Octopus.Action.Package[Template.Azure.Container.Image].Image\"].Contains(\"azurecr.io\"))\n{\n\t# Define local parameters\n $registryCredentials = @{}\n $registrySecret = @{}\n \n # Accessing an ACR repository, configure credentials\n if (![string]::IsNullOrWhitespace($templateAzureAccountClient))\n {\n\n\t\t# Use configured client, name must be lower case\n $registryCredentials.Add(\"Username\", $templateAzureAccountClient)\n $registryCredentials.Add(\"PasswordSecretRef\", \"clientpassword\")\n\n\t\t$secretRef += New-AzContainerAppSecretObject -Name \"clientpassword\" -Value $templateAzureAccountPassword\n }\n else\n {\n \t# Using Managed Identity\n $registryCredentials.Add(\"Identity\", \"system\")\n \n }\n \n $registryServer = $OctopusParameters[\"Octopus.Action.Package[Template.Azure.Container.Image].Image\"]\n $registryServer = $registryServer.Substring(0, $registryServer.IndexOf(\"/\"))\n $registryCredentials.Add(\"Server\", $registryServer)\n \n # Add credentials\n $PSBoundParameters.Add(\"Registry\", $registryCredentials)\n}\n\n# Define secrets component\nif ($secretRef.Count -gt 0)\n{\n\t# Add to parameters\n $PSBoundParameters.Add(\"Secret\", $secretRef)\n}\n\n# Create new configuration object\nWrite-Host \"Creating new Configuration Object ...\"\n$configurationObject = New-AzContainerAppConfigurationObject @PSBoundParameters\n$PSBoundParameters.Clear()\n\n# Define parameters\n$PSBoundParameters.Add(\"Name\", $OctopusParameters[\"Template.Azure.Container.Name\"])\n$PSBoundParameters.Add(\"TemplateContainer\", $containerDefinition)\n$PSBoundParameters.Add(\"ResourceGroupName\", $templateAzureResourceGroup)\n$PSBoundParameters.Add(\"Configuration\", $configurationObject)\n\n\n# Check to see if the container app already exists\n$containerApps = Get-AzContainerApp -ResourceGroupName $templateAzureResourceGroup\n\nif ($null -eq $containerApps)\n{\n $containerApp = $null\n}\nelse\n{\n $containerApp = ($containerApps | Where-Object {$_.Name -eq $OctopusParameters[\"Template.Azure.Container.Name\"]})\n}\n\nif ($null -eq $containerApp)\n{\n\t# Add parameters required for creating container app\n\t$PSBoundParameters.Add(\"EnvironmentId\", $templateEnvironmentName)\n\t$PSBoundParameters.Add(\"Location\", $templateAzureLocation)\n\t\n\t# Deploy container\n Write-Host \"Creating new container app ...\"\n\tNew-AzContainerApp @PSBoundParameters\n}\nelse\n{\n\tWrite-Host \"Updating existing container app ...\"\n Update-AzContainerApp @PSBoundParameters\n}\n"
},
"Parameters": [
{
"Id": "a1ae1b6c-99d0-4ee5-9c3c-08c345966842",
"Name": "Template.Azure.ResourceGroup.Name",
"Label": "Azure Resource Group Name",
"HelpText": "Provide the resource group name to create the environment in.",
"DefaultValue": "",
"DisplaySettings": {
"Octopus.ControlType": "SingleLineText"
}
},
{
"Id": "fb92b5d7-5e48-485d-9222-dc2c97b58535",
"Name": "Template.Azure.Account.SubscriptionId",
"Label": "Azure Account Subscription Id",
"HelpText": "The subscription ID of the Azure account to use. This value can be retrieved from an Azure Account variable type. Add an Azure Account to your project , then assign the `SubscriptionNumber` property to for this entry. Leave blank to use the Managed Identity.\n\nFor example, if your Azure Account variable is called MyAccount, the value for this input would be `#{MyAccount.SubscriptionNumber}`",
"DefaultValue": "",
"DisplaySettings": {
"Octopus.ControlType": "SingleLineText"
}
},
{
"Id": "e1ce647f-956e-48d1-8002-44d958f1c8a4",
"Name": "Template.Azure.Account.ClientId",
"Label": "Azure Account Client Id",
"HelpText": "The subscription ID of the Azure account to use. This value can be retrieved from an Azure Account variable type. Add an Azure Account to your project , then assign the `Client` property to for this entry. Leave blank to use the Managed Identity.\n\nFor example, if your Azure Account variable is called MyAccount, the value for this input would be `#{MyAccount.Client}`",
"DefaultValue": "",
"DisplaySettings": {
"Octopus.ControlType": "SingleLineText"
}
},
{
"Id": "a02e3fd0-9d91-4106-84a4-ff0d68e5de7c",
"Name": "Template.Azure.Account.TenantId",
"Label": "Azure Account Tenant Id",
"HelpText": "The subscription ID of the Azure account to use. This value can be retrieved from an Azure Account variable type. Add an Azure Account to your project , then assign the `TenantId` property to for this entry. If blank, it will use the Managed Identity tenant.\n\nFor example, if your Azure Account variable is called MyAccount, the value for this input would be `#{MyAccount.TenantId}`",
"DefaultValue": "",
"DisplaySettings": {
"Octopus.ControlType": "SingleLineText"
}
},
{
"Id": "7bd73320-1889-41eb-a1c0-c8788e5eed9d",
"Name": "Template.Azure.Account.Password",
"Label": "Azure Account Password",
"HelpText": "The subscription ID of the Azure account to use. This value can be retrieved from an Azure Account variable type. Add an Azure Account to your project , then assign the `Password` property to for this entry. Leave blank to use the Managed Identity.\n\nFor example, if your Azure Account variable is called MyAccount, the value for this input would be `#{MyAccount.Password}`",
"DefaultValue": "",
"DisplaySettings": {
"Octopus.ControlType": "Sensitive"
}
},
{
"Id": "79b217e1-f2c4-476b-a37a-02a549731e1a",
"Name": "Template.Azure.Account.JWTToken",
"Label": "Azure Account JWT Token",
"HelpText": "The JWT token of the Azure account to use. This value can be retrieved from an Azure Account variable type. Add an Azure Account to your project , then assign the `OpenIdConnect.Jwt` property to for this entry. Leave blank if you're using an Azure Service Principal account type.\n\nFor example, if your Azure Account variable is called MyAccount, the value for this input would be `#{MyAccount.OpenIdConnect.Jwt}`",
"DefaultValue": "",
"DisplaySettings": {
"Octopus.ControlType": "SingleLineText"
}
},
{
"Id": "f7fafc7e-2658-4a6f-ac30-7d9f738b9f52",
"Name": "Template.ContainerApp.Environment.Name",
"Label": "Container App Environment Name",
"HelpText": "The name or ID of the container app environment to deploy to.",
"DefaultValue": "",
"DisplaySettings": {
"Octopus.ControlType": "SingleLineText"
}
},
{
"Id": "31f02b7e-4822-49de-97dc-ee981b12268c",
"Name": "Template.Azure.Location.Name",
"Label": "Azure Location",
"HelpText": "The location in which to create the container app environment.",
"DefaultValue": "",
"DisplaySettings": {
"Octopus.ControlType": "SingleLineText"
}
},
{
"Id": "d74123b0-4104-45b9-ae12-b1f808b8b948",
"Name": "Template.Azure.Container.Name",
"Label": "Container Name",
"HelpText": "The name of the container to create/update. If you want to use the image name, specify `#{Octopus.Action.Package[Template.Azure.Container.Image].PackageId | Replace \"/\" \"-\"}`",
"DefaultValue": "",
"DisplaySettings": {
"Octopus.ControlType": "SingleLineText"
}
},
{
"Id": "1bdb6d31-4b97-4eab-aca3-5a60891b3455",
"Name": "Template.Azure.Container.Image",
"Label": "Container Image",
"HelpText": "Select the container image to deploy.",
"DefaultValue": "",
"DisplaySettings": {
"Octopus.ControlType": "Package"
}
},
{
"Id": "9e7aa5cf-9bab-4303-a851-1b8757f2f486",
"Name": "Template.Azure.Container.Variables",
"Label": "Environment variables",
"HelpText": "JSON formatted key/value pair of environment variables to pass to the container. This supports use of OctoStache.\n\n```\n[\n {\n \"name\": \"ConnectionStrings__CatalogConnection\",\n \"value\": \"Server=#{Project.SQL.DNS},1433;Integrated Security=true;Initial Catalog=#{Project.Catalog.Database.Name};User Id=#{Project.SQL.Admin.Username};Password=#{Project.SQL.Admin.Password};Trusted_Connection=false;Trust Server Certificate=True;\"\n },\n {\n \"name\": \"MyPasswordFromSecret\",\n \"secretref\": \"Name of my secret\"\n },\n ...\n]\n```",
"DefaultValue": "",
"DisplaySettings": {
"Octopus.ControlType": "MultiLineText"
}
},
{
"Id": "498f308d-a94c-4364-b0be-8d739ac63f4e",
"Name": "Template.Azure.Container.Secrets",
"Label": "Secrets",
"HelpText": "JSON formatted key/value pair of secrets to create/update. This supports use of OctoStache.\n\n**Note:** The name of the secret must be lowercase.\n\n```\n[\n {\n \"name\": \"mysecret\",\n \"value\": \"#{Project.SQL.Admin.Password}\"\n },\n ...\n]\n```",
"DefaultValue": "",
"DisplaySettings": {
"Octopus.ControlType": "MultiLineText"
}
},
{
"Id": "20e3e428-62b9-4eef-9cdc-780a0eedee79",
"Name": "Template.Azure.Container.Cpu",
"Label": "Resource CPU",
"HelpText": "The amount of CPU to allocate to the container app.\n\nExample: 0.5",
"DefaultValue": "",
"DisplaySettings": {
"Octopus.ControlType": "SingleLineText"
}
},
{
"Id": "d804f749-625e-4ca5-9bef-13fc2c2a463c",
"Name": "Template.Azure.Container.Memory",
"Label": "Resource Memory",
"HelpText": "The amount of memory to allocate to the container app.\n\nExamples: 250Mb or 4.0Gi",
"DefaultValue": "",
"DisplaySettings": {
"Octopus.ControlType": "SingleLineText"
}
},
{
"Id": "a506b328-4e10-49fe-947b-6623d4d392c1",
"Name": "Template.Azure.Container.Ingress.Port",
"Label": "Container Ingress Port",
"HelpText": "The port to allow traffic to the container.",
"DefaultValue": "",
"DisplaySettings": {
"Octopus.ControlType": "SingleLineText"
}
},
{
"Id": "682d68a4-f1eb-469c-9557-9577ed9f1505",
"Name": "Template.Azure.Container.ExternalIngress",
"Label": "External Ingress",
"HelpText": "Whether the ingress is externally accessible or not.",
"DefaultValue": "False",
"DisplaySettings": {
"Octopus.ControlType": "Checkbox"
}
}
],
"StepPackageId": "Octopus.Script",
"$Meta": {
"ExportedAt": "2026-01-28T18:05:42.201Z",
"OctopusVersion": "2026.1.5902",
"Type": "ActionTemplate"
},
"LastModifiedBy": "twerthi",
"Category": "azure"
}