Tag :latest is not working Azure pipeline Docker kubernetes

9/17/2021

All I am trying to do here is build and push my docker image to Azure Container registry and deploy in Azure kubernetes. All works well, deploying fine and the application runs okay. Please note that all with static tag 1.0

I want my pipeline to take latest image all the time when it try to deploy, however I don't know how to set this latest tag on the image.

Azure Pipeline

trigger:
- main

resources:
- repo: self

variables:
  # Container registry service connection established during pipeline creation
  dockerRegistryServiceConnection: '4e6ea1xxxxxxxxxxxx9ae2-5f72194d4960'
  imageRepository: 'watchdogapp'
  containerRegistry: 'xxxx.azurecr.io'
  dockerfilePath: '$(Build.SourcesDirectory)/Follis.WatchDog/Dockerfile'
  tag: '$(Build.BuildId)'

  # Agent VM image name
  vmImageName: 'ubuntu-latest'

stages:
- stage: Build
  displayName: Build and push stage
  jobs:
  - job: Build
    displayName: Build
    pool:
      vmImage: $(vmImageName)
    steps:

    - task: Docker@2
      displayName: Build and push image
      inputs:
        command: buildAndPush
        repository: $(imageRepository)
        dockerfile: $(dockerfilePath)
        containerRegistry: $(dockerRegistryServiceConnection)
        buildContext: $(Build.Repository.LocalPath)
        tags: |
          $(tag)
      
    - task: Kubernetes@1
      displayName: Deploy to Aks
      inputs:
        connectionType: 'Kubernetes Service Connection'
        kubernetesServiceEndpoint: 'aksWatchDog'
        namespace: 'default'
        command: 'apply'
        useConfigurationFile: true
        configuration: '$(Build.SourcesDirectory)/Follis.WatchDog/deploy_watchdog_kube.yaml'
        secretType: 'dockerRegistry'
        containerRegistryType: 'Azure Container Registry'
        azureSubscriptionEndpointForSecrets: 'Follis-Az'
        azureContainerRegistry: 'acrfollis.azurecr.io'
        forceUpdate: false

kube_deploy.yml is

apiVersion: apps/v1
kind: Deployment
metadata:
  name: watchdog-app
spec:
  replicas: 1
  selector:
    matchLabels:
      app: watchdog-app
  template:
    metadata:
      namespace: default
      labels:
        app: watchdog-app
    spec:
      nodeSelector:
        "kubernetes.io/os": linux
      containers:
        - name: watchdog-app
          image: acrfollis.azurecr.io/watchdogapp:latest
          imagePullPolicy: Always
          resources:
            requests:
              cpu: 100m
              memory: 128Mi
            limits:
              cpu: 250m
              memory: 256Mi
          ports:
            - containerPort: 5555
          env:
            - name: WEB_PORT
              value: "5555"
            - name: ASPNETCORE_URLS
              value: "http://+:5555"
            - name: ASPNETCORE_ENVIRONMENT
              value: "Local"
---
apiVersion: v1
kind: Service
metadata:
  name: watchdog-app-service
spec:
  type: LoadBalancer
  ports:
    - protocol: TCP
      port: 80
      targetPort: 5555
  selector:
    app: watchdog-app

The pipeline doesn't complain about the latest tag on the image, but post deployment

NAME                            READY   STATUS             RESTARTS   AGE   IP            NODE                                NOMINATED NODE   READINESS GATES
client-api-78ff55456-wk5sf      1/1     Running            0          21h   10.244.0.6    aks-agentpool-34700069-vmss000000   <none>           <none>
watchdog-app-66797b7776-fz94b   1/1     Running            0          82m   10.244.1.11   aks-agentpool-34700069-vmss000001   <none>           <none>
watchdog-app-bb7ddb988-9zsjl    0/1     **ImagePullBackOff**   0          39s   10.244.0.8    aks-agentpool-34700069-vmss000000   <none>           <none>

when i do kubectl describe pods describe imagename

 Failed to pull image "acrfollis.azurecr.io/watchdogapp:latest": [rpc error: code = NotFound desc = failed to pull and unpack image 
"acrfollis.azurecr.io/watchdogapp:latest": failed to resolve reference "acrfollis.azurecr.io/watchdogapp:latest": acrfollis.azurecr.io/watchdogapp:latest: not found, rpc error: code = Unknown desc = failed to pull and unpack image 
"acrfollis.azurecr.io/watchdogapp:latest": failed to resolve reference "acrfollis.azurecr.io/watchdogapp:latest": failed to authorize: failed to fetch anonymous token: unexpected status: 401 Unauthorized]

Any idea how to tag my image as latest when building from pipeline? or is there any way to parametrise kube_deploy.yml to take the $(tag) from pipelineyaml ?

anyone experienced this situation ? I am not an expert in this area,

-- Vibin Kesavan
azure-container-registry
azure-devops
azure-pipelines
docker
kubernetes

1 Answer

9/18/2021

Finally I figured out, this post helped

https://medium.com/nerd-for-tech/how-to-inject-variables-in-kubernetes-manifest-with-azure-pipelines-e598755be9b

# Docker
# Build and push an image to Azure Container Registry
# https://docs.microsoft.com/azure/devops/pipelines/languages/docker

trigger:
- main

resources:
- repo: self

variables:
  # Container registry service connection established during pipeline creation
  dockerRegistryServiceConnection: 'XXXXXXXXXXXXX72194d4960'
  imageRepository: 'watchdogapp'
  containerRegistry: 'acrXXXX.azurecr.io'
  dockerfilePath: '$(Build.SourcesDirectory)/XXXX.WatchDog/Dockerfile'
  image-tag: '$(Build.BuildId)'

   # Agent VM image name
  vmImageName: 'ubuntu-latest'

stages:
- stage: Build
  displayName: Build and push stage
  jobs:
  - job: Build
    displayName: Build
    pool:
      vmImage: $(vmImageName)
    steps:

    - task: Docker@2
      displayName: Build and push image
      inputs:
        command: buildAndPush
        repository: $(imageRepository)
        dockerfile: $(dockerfilePath)
        containerRegistry: $(dockerRegistryServiceConnection)
        buildContext: $(Build.Repository.LocalPath)
        tags: |
          $(image-tag)
    - task: CopyFiles@2
      displayName: Copy files
      inputs:
        contents: $(build.sourcesDirectory)/XXXX.WatchDog/*.yaml
        targetFolder: $(build.artifactStagingDirectory)/k8
    - task: PublishBuildArtifacts@1
      inputs:
        pathtoPublish: $(build.artifactStagingDirectory)
        artifactName: drop

- stage: Staging
  displayName: Deployment
  jobs:
  - deployment: Staging
    pool:
      vmImage: $(vmImageName)
    environment: STG
    strategy:
      runOnce:
        deploy:
          steps:
          - task: replacetokens@4
            inputs:
              rootDirectory: '$(Pipeline.Workspace)/drop'
              targetFiles: '**/*.yaml'
              encoding: 'auto'
              tokenPattern: 'rm'
              writeBOM: true
              actionOnMissing: 'warn'
              keepToken: false
              actionOnNoFiles: 'fail'
              enableTransforms: false
              useLegacyPattern: false
              enableTelemetry: true          
          - task: Kubernetes@1
            displayName: Deploy to Aks
            inputs:
              connectionType: 'Kubernetes Service Connection'
              kubernetesServiceEndpoint: 'aksWatchDog'
              namespace: 'default'
              command: 'apply'
              useConfigurationFile: true
              configuration: '$(Pipeline.Workspace)/drop/k8/XXXX.WatchDog/deploy_watchdog_kube.yaml'
              secretType: 'dockerRegistry'
              containerRegistryType: 'Azure Container Registry'
              azureSubscriptionEndpointForSecrets: 'XXXX-Az'
              azureContainerRegistry: 'acrXXXX.azurecr.io'
              forceUpdate: false
          
-- Vibin Kesavan
Source: StackOverflow