Question 38492 in Ubuntu Question posted in
The official Ubuntu documentation can be found here.

Cannot deploy docker image in private github registry to Azure App Service – Ubuntu

I’m trying to set up an Azure App Service using custom docker images. The images are built in one of my private repo on github and pushed to the github registry. In another repository, I’m setting up the deploy workflow through Github Actions and I followed the steps in this guide.

The current workflow is defined as follows:

jobs:
  deploy:
    runs-on: ubuntu-latest

    steps:
    - uses: actions/checkout@v3

    - uses: azure/docker-login@v1
      with:
        login-server: ghcr.io/
        username: ${{ secrets.REGISTRY_USERNAME }}
        password: ${{ secrets.REGISTRY_PASSWORD }}

    - uses: azure/webapps-deploy@v2
      with:
        app-name: 'my-app-name'
        publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }}
        images: 'ghcr.io/${{ secrets.REGISTRY_USERNAME}}/my-repo-name:my-tag'

Once pushed, the action runs successfully. But when I go to the app URL, it is not displayed due to errors.

The following are the Azure App Service logs related to Docker Engine:
enter image description here
where red is my github username, green is my private repo (which is also the image name), blue is the image tag and yellow the Azure App Service name.

What is going wrong?

The only hint I have is that the azure/docker-login action only logs to the private github registry within the action workflow, but when the App Service is started it requires to log in again to the private registry to pull the image. But I could not find any instruction on how to provide again the credentials to log in.

EDIT 1:

I set secrets.REGISTRY_USERNAME to my github username and secrets.REGISTRY_PASSWORD to my github account password, since I think these are the right credentials to log in into my private github registry.

Tags:

2

Answers


  1. 0

    You can use the below code to publish the docker image using git repository (code-base). Code build and push build artifacts part in another action and this action read those build artifacts and builds a docker image.

    The best practice is to push the image to the Azure container registry and use that image in Azure web app

    jobs:
      docker:
        name: "Docker"
        runs-on: ubuntu-latest
        steps:
          - name: Download artifact
            uses: actions/download-artifact@v3
            with:
              name: ${{ inputs.download_artifact_name }}
          - name: Log into registry
            uses: docker/login-action@v1
            with:
              registry: ${{ secrets.ACR_ENDPOINT }}
              username: ${{ secrets.ACR_USERNAME }}
              password: ${{ secrets.ACR_PASSWORD }}
          - name: Build & Push
            uses: docker/build-push-action@v2
            with:
              push: true
              file: ${{ inputs.docker_filepath }}
              tags: ${{ secrets.ACR_ENDPOINT }}/${{ inputs.docker_imagename }}:${{github.run_number}}
    Login or Signup to reply.
  2. 0

    You are missing the push part.

    Here you have an example how to use it with ghcr and some style.

    jobs:
  deploy:
    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@v3

      - name: Login to docker registry
        uses: docker/login-action@v2
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ github.token }}

      - name: Docker meta
        uses: docker/metadata-action@v4
        id: meta
        with:
          images: "ghcr.io/${{ github.repository }}"
          tags: |
            type=ref,event=branch
            type=ref,event=pr

      - name: Build and push docker
        uses: docker/build-push-action@v3
        with:
          context: .
          push: true
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}

      - uses: azure/webapps-deploy@v2
        with:
          app-name: "my-app-name"
          publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }}
          images: "${{ steps.meta.outputs.tags }}"
    • docker/login-action – you can use built in variables for auth
    • docker/metadata-action – generates tags for you. See docs for more config options.
    • docker/build-push-action – exactly what the name says. This is what you were missing the most.
    • images: "${{ steps.meta.outputs.tags }}" – use autogenerated tag 🙂

    To further improve this job could be split into two build and deploy

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search