azure docker bitbucket pipeline azure-container-apps

Deploy Container App from Bitbucket to Azure

I have a Bitbucket repository which builds my code with a pipeline and pushes a docker image to Docker Hub. So far, so good. Now I want to continues deploy the latest image to my Container App on Azure. My options seems to be:

Setup Continuous Deployment in Azure
Create a pipeline step in bitbucket to push the new image created to Azure with Azure CLI

My problem with 1. is that it seems to be only support for GitHub with it required.

And my problem with 2. is that it doesnt look like Atlassian has this supported

Which leaves me with some costum created pipeline where Im suppose to do this with Azure CLI where Im way out of my depth.

Does anyone have a suggestion to how I can automaticly update my Container App?

Solution

Thanks to simon@edgeworks for helping me to a working solution:

First thing to note: login for dockerhub for private repositories uses "registry.hub.docker.com" not "docker.io". A bit hard to find.

Creating a Service Principal

First thing we need to do is create a service principal for the container. You cna do this with the Azure CLI available at the portal.

In the console, update and post the following script:

az ad sp create-for-rbac --name [PRINCIPAL_NAME] --scope /subscriptions/[SUBSCRIPTION_ID]/resourceGroups/[RESOURCE_GROUP]/providers/Microsoft.App/containerapps/[CONTAINER_APP_NAME]--role contributor

You'll find all this information on the overview page of your application. Response will give you 3 Keys you'll need to add to your bitbucket workspace

Setup Bitbucket with Service Principal

Select settings in the top right

Scroll down to the bottom of the menu to your left and find Workspace Variables.

Add AZURE_APP_ID, AZURE_PASSWORD and AZURE_TENANT_ID from the output in Azure CLI. I've also added secrets for DockerHub username and password with used in my pipeline.

image: node:18
pipelines:
  branches:
    'master':
      - step:
          name: Build and Test code
          caches:
            - node
          script:
            - npm install
            - npm run lint
            - npm run build
            - npm run test
      - step:
          name: Create Docker image
          script:
            - echo "$HUB_PASSWORD" | docker login --username $HUB_USERNAME --password-stdin
            - VERSION=$(npm run version --silent)
            - IMAGE=[USERNAME/PROJECT]/[APPLICATION_NAME]:${VERSION}
            - echo ${IMAGE}
            - docker build . -t ${IMAGE}
            - docker push ${IMAGE}
          caches:
            - node
      - step:
          name: Deploy to Prod
          script:
            - VERSION=$(npm run version --silent)
            - IMAGE=registry.hub.docker.com/[USERNAME/PROJECT]/[APPLICATION_NAME]:${VERSION}
            - pipe: atlassian/azure-cli-run:1.2.0
              variables:
                AZURE_APP_ID: $AZURE_APP_ID
                AZURE_PASSWORD: $AZURE_PASSWORD
                AZURE_TENANT_ID: $AZURE_TENANT_ID
                AZURE_RESOURCE_GROUP: ['RESOURCE_GROUP']
                AZURE_APP_NAME: ['CONTAINER_APP_NAME']
                CLI_COMMAND: 'az containerapp update -n [CONTAINER_APP_NAME] -g [RESOURCE_GROUP] --image $IMAGE'
options:
  docker: true

In my pipe, I get the version from pacakage.json and sets it on the dockerimage.

I hope you find this informative and that it'll help you in your project.