From b8cb7dd68c65466bc0e0f60d1da10f36cb9591cc Mon Sep 17 00:00:00 2001 From: Mathieu Larose Date: Tue, 10 Dec 2024 21:07:48 -0500 Subject: [PATCH] [azure-docs] refine deployment with ACR docs Additions and modifications noted from dogfooding the guide --- .../deployment/azure/acr-user-code.mdx | 42 +++++++++++++++++-- 1 file changed, 39 insertions(+), 3 deletions(-) diff --git a/docs/content/dagster-plus/deployment/azure/acr-user-code.mdx b/docs/content/dagster-plus/deployment/azure/acr-user-code.mdx index b9922423bce14..f6c3b9e6b26f1 100644 --- a/docs/content/dagster-plus/deployment/azure/acr-user-code.mdx +++ b/docs/content/dagster-plus/deployment/azure/acr-user-code.mdx @@ -89,18 +89,26 @@ First, we'll need to generate a service principal for GitHub Actions to use to a az ad sp create-for-rbac --name "github-actions-acr" --role contributor --scopes /subscriptions//resourceGroups//providers/Microsoft.ContainerRegistry/registries/ ``` -This command will output a JSON object with the service principal details. Make sure to save the `appId`, `password`, and `tenant` values - we'll use them in the next step. +This command will output a JSON object with the service principal details. Make sure to save the `appId` and `password` values - we'll use them in the next step. ### Add secrets to your repository We'll add the service principal details as secrets in our repository. Go to your repository in GitHub, and navigate to `Settings` -> `Secrets`. Add the following secrets: +- `DAGSTER_CLOUD_API_TOKEN`: An agent token. For more details see [Managing agent tokens](/dagster-plus/account/managing-user-agent-tokens#managing-agent-tokens). - `AZURE_CLIENT_ID`: The `appId` from the service principal JSON object. - `AZURE_CLIENT_SECRET`: The `password` from the service principal JSON object. -### Update the workflow +### Update the GitHub Actions workflow -Finally, we'll update the workflow to use the service principal details. Open `.github/workflows/dagster-cloud-deploy.yml` in your repository, and uncomment the section on Azure Container Registry. It should look like this: +For this step, open `.github/workflows/dagster-cloud-deploy.yml` in your repository with your preferred text editor to perform the changes below. + +In the `env` section of the workflow, update the following variables: + +- `DAGSTER_CLOUD_ORGANIZATION`: The name of your Dagster Cloud organization. +- `IMAGE_REGISTRY`: The URL of your Azure Container Registry: `.azurecr.io`. + +We'll update the workflow to use the Azure Container Registry by uncommenting its section and providing the principal details. It should look like this: ```yaml # Azure Container Registry (ACR) @@ -114,6 +122,34 @@ Finally, we'll update the workflow to use the service principal details. Open `. password: ${{ secrets.AZURE_CLIENT_SECRET }} ``` +Finally, update the tags in the "Build and upload Docker image" step to match the full URL of your image in ACR: + +```yaml +- name: Build and upload Docker image for "quickstart_etl" + if: steps.prerun.outputs.result != 'skip' + uses: docker/build-push-action@v4 + with: + context: . + push: true + tags: ${{ env.IMAGE_REGISTRY }}/:${{ env.IMAGE_TAG }} + cache-from: type=gha + cache-to: type=gha,mode=max +``` + +### Update the `dagster_cloud.yaml` build configuration to use the Azure Container Registry + +Edit the `dagster_cloud.yaml` file in the root of your repository. Update the `build` section to use the Azure Container Registry, and provide an image name specific to the code location. This must match the registry and image name used in the previous step. + +```yaml +locations: + - location_name: quickstart_etl + code_source: + package_name: quickstart_etl.definitions + build: + directory: ./ + registry: .azurecr.io/ +``` + ### Push and run the workflow Now, commit and push the changes to your repository. The GitHub Actions workflow should run automatically. You can check the status of the workflow in the `Actions` tab of your repository.