I have the following workflow:
build-and-deploy:
needs: [deploy_checks]
environment: ${{ needs.deploy_checks.outputs.env_name }}
runs-on: ubuntu-latest
steps:
# checkout the repo
- name: 'Checkout GitHub Action'
uses: actions/checkout@main
- name: 'Login via Azure CLI'
uses: azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- name: 'Build and push image'
uses: azure/docker-login@v1
with:
login-server: ${{ secrets.REGISTRY_LOGIN_SERVER }}
username: ${{ secrets.REGISTRY_USERNAME }}
password: ${{ secrets.REGISTRY_PASSWORD }}
- run: |
docker build . -t ${{ secrets.REGISTRY_LOGIN_SERVER }}/name_image:${{ github.sha }}
docker push ${{ secrets.REGISTRY_LOGIN_SERVER }}/name_image:${{ github.sha }}
- name: 'Deploy to Azure Container Instances'
uses: 'azure/aci-deploy@v1'
with:
resource-group: ${{ secrets.RESOURCE_GROUP }}
dns-name-label: ${{ secrets.AZURE_CONTAINER_DNS_NAME }}
cpu: 1
memory: 1
ports: port
image: ${{ secrets.REGISTRY_LOGIN_SERVER }}/name_image:${{ github.sha }}
registry-login-server: ${{ secrets.REGISTRY_LOGIN_SERVER }}
registry-username: ${{ secrets.REGISTRY_USERNAME }}
registry-password: ${{ secrets.REGISTRY_PASSWORD }}
#environment-tag: ${{ secrets.ENVIRONMENT_SECRET }}
#project-tag: ${{ secrets.PROJECT_SECRET }}
name: container_name
environment-variables: ENV=${{ env.ENV }} PROFILE=${{ env.PROFILE }}
secure-environment-variables: AZURE_STORAGE_CONNECTION_STRING=${{ env.AZURE_STORAGE_CONNECTION_STRING }}
location: location
After compliance policies update, my workflow "was disallowed by policy. Policy identifiers:" require two tags : tag1 and tag2.
github action output in step 'build-and-deploy' :
Error: Resource '***' was disallowed by policy. Policy identifiers: '[***"policyAssignment":***"name":"Require XXX tag on resources"]
So I need to add tags to my container instance during creation. How can that be achieved? How do you reference the tags inside "build-and-deploy"?
