This describes a solution where you keep your yaml files in a GitHub repository separate from the repo where you keep your project code. So, the two repos are:
- Project GitHub repo
- Infrastructure GitHub repo (IaC)
My assumption is that Flux is then pointed at the Infrastructure repo so that when changes are made there, Flux brings the cluster inline with the desired changes now declared in the repo. (We use ArgoCD). When you make changes to your project repo and the GitHub Action builds the new image (with a new tag) and pushes to your Azure Container Registry.
You question then asks how to let the CI/CD tool (i.e. Flux) know about the new image tag so it can pull the fresh image.
The recommendation is to consider using Kustomize to manage the updating of the tag in the Infrastructure repo so that the CI/CD tool automatically detects that change in the repo and updates the cluster accordingly using the new image.
This will require the following:
Add a Kustomization.yaml file into your Infrastructure repo which contains a) the yaml manifests that describe your infrastructure for the project and b) the image tag to be replaced.
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- resource1.yaml
- resource2.yaml
- ...
images:
- name: image-name in your deployment manifest
newTag: to-be-replaced
Then, in the GitHub Action workflow in your Project Repo, use the actions/checkout@v2 action to pull the remote Infrastructure repo. Then add the imranismail/setup-kustomize@v1 action and use it to replace the image tab. Then push changes back to the Infrastructure repo. Example below, modify to fit your situation:
build steps here
deploy:
needs: build
runs-on: ubuntu-latest
steps:
- name: Checkout remote repo
uses: actions/checkout@v2
with:
repository: {your github repo}
token: ${{ secrets.INFRA_REPO_TOKEN }}
path: infra-repo
- name: Setup Kustomize
uses: imranismail/setup-kustomize@v1
with:
kustomize-version: "3.6.1"
- name: Switch out image tag
run: |
cd infra-repo/{repo name}
kustomize edit set image {image name}:{tag}
- name: Commit and push
run: |
cd infra-repo/{repo name}
git config --local user.email [email protected]
git config --local user.name github-actions
git commit -am "updates image tag"
git push
These relevant links should also give you the info you need to correctly build your workflow: