Deploy selected artifact in Azure DevOps as docker image to ECR

Question

Environment

Azure Dev Ops (code repo and pipeline trigger)
AWS ECR/ECS (target deployment platform)
Docker
.NET Core Web application (v5.0)

Current Situation

Presently building the application using dotnet build (powershell script) and pushing the zip file to Azure DevOps artifacts using azurepipeline.yml. This works out fine. I have added another task for ECR Push and that also pushes a generated docker image to the ECR using a Dockerfile in the source code.

Business Problem

We want to be able to chose a specific build (eg 0.1.24) in the Azure Artifact (using a variable to provide version number), and generate a Docker build using the corresponding binaries and the Dockerfile. I am unable to find a way to do so. The specific task is as follows:-

Deploy user updates variable "versionNoToDeploy" with the artifact id or name
Deploy user runs a specific pipeline
Pipeline finds the artifact (assuming its valid, else sends error), unzips the package at temp location (-need help on)
Pipeline runs dockerfile to build the image (-known & working)
Pipeline pushes this image to ECR (-known & working)

The purpose is to keep on building the branch till we get stable builds. This build is deployed on a test server manually and tested. Once the build gets certified, it needs to be pushed to Production ECR/ECS instances.

Our pipeline (specific code only)

- pwsh: ./build.ps1 --target Clean Protolint Compile --runtime $(runtime) 
  displayName: ⚙️ Compile

- task: Docker@2
  displayName: Build
  inputs:
     command: build
     repository: appRepo
     tags: |
       $(Build.BuildId)
       deploy
     addPipelineData: true
     Dockerfile: src\DockerfileNew

- task: ECRPushImage@1
  inputs:
     awsCredentials: 'AWS ECR Connection'
     regionName: 'ap-south-1'
     imageSource: 'imagename'
     sourceImageName: 'myApplication'
     sourceImageTag: 'deploy'
     repositoryName: 'devops-demo'
     outputVariable: 'imageTagOutputVar'

- pwsh: ./build.ps1 --target Test Coverage --skip
  displayName: ???? Test

- pwsh: ./build.ps1 --target BuildImage Pack --runtime $(runtime) --skip
  displayName: ???? Pack

- pwsh: ./build.ps1 --target Publish --runtime $(runtime) --skip
  displayName: ???? Publish

Artifact details

Any specific aspects needed can be provided

Krzysztof Madej Krzysztof Madej · Accepted Answer · 2021-07-12T09:09:44

Since it involves manual intervention here, you may consider splitting the workflfow into several jobs like this:

jobs:
- job: BuildAndDeployToTest
  steps:
  - bash: echo "A"

- job: waitForValidation
    displayName: Wait for external validation
    pool: server
    timeoutInMinutes: 4320 # job times out in 3 days
    steps:
    - task: ManualValidation@0
      timeoutInMinutes: 1440 # task times out in 1 day
      inputs:
        notifyUsers: |
          [email protected]
          [email protected]
        instructions: 'Please validate the build configuration and resume'
        onTimeout: 'resume'  


- job: DeployToProd
  steps:
  - bash: echo "B"

This is not exactly what you want in terms of invlving variables, but you will be able to achieve your gaol. Wait for valiadtion and deploy to prod only validated builds.

It rely on ManualValidation task.

Another approach could be using deployment job and approvals:

jobs:
- job: BuildAndDeployToTest
  steps:
  - bash: echo "A"


jobs:
  # Track deployments on the environment.
- deployment: DeployToProd
  displayName: deploy Web App
  pool:
    vmImage: 'Ubuntu-16.04'
  # Creates an environment if it doesn't exist.
  environment: 'PROD'
  strategy:
    # Default deployment strategy, more coming...
    runOnce:
      deploy:
        steps:
        - checkout: self 
        - script: echo my first deployment

For this you need to define evnironment and define approval.

In both ways you will get clear picture what was delivered to prod and information who approved PROD deployment.

Deploy selected artifact in Azure DevOps as docker image to ECR

2 Answers