This template is a model of efficiency. It downloads both artifacts and uses one to deploy the other.
Key Features:
steps: - download: none: This is a critical bug fix.deploymentjobs automatically download all artifacts. This step disables that behavior, preventing a "double download" and saving time.- Two Download Tasks: It manually downloads the "Locked Box" from the Factory (
buildType: 'specific') and the "Package" from the current pipeline (buildType: 'current'). gunzip -c: It uses the same decompression trick as theBuildstage.- No Networking: The final
docker rundeploy command doesn't need--network=ci-netbecause it's self-contained and doesn't need to talk to MySQL.
# deploy.yml
parameters:
displayName: 'Deploy [PROJECT-NAME]'
jobName: 'Deploy_Drupal'
agentPool: 'aws-ubuntu-latest'
phpImageName: 'php-build-[PROJECT-NAME]'
projectId: '[PROJECT-NAME]'
imageBuilderPipelineDefinitionName: '' # Default placeholder
jobs:
- deployment: ${{ parameters.jobName }}
displayName: ${{ parameters.displayName }}
pool: ${{ parameters.agentPool }}
environment: ${{ parameters.environmentAzureDevOps }}
workspace:
clean: all
strategy:
runOnce:
deploy:
steps:
# === CRITICAL BUG FIX ===
# Disables the default auto-download
- download: none
# === Download "Locked Box" from the Factory pipeline ===
- task: DownloadPipelineArtifact@2
displayName: 'Download Docker Image Artifact'
inputs:
buildType: 'specific'
project: '$(System.TeamProjectId)'
definition: '${{ parameters.imageBuilderPipelineDefinitionName }}'
buildVersionToDownload: 'latest'
artifactName: '${{ parameters.phpImageName }}'
targetPath: '$(Pipeline.Workspace)/docker-artifact'
# === Download "Package" from THIS pipeline ===
- task: DownloadPipelineArtifact@2
displayName: 'Download Complete Code Artifact'
inputs:
buildType: 'current'
artifact: '$(Build.Repository.Name)'
targetPath: '$(Pipeline.Workspace)/artifact-code'
- script: |
# Use gunzip to decompress and pipe to docker load
gunzip -c $(Pipeline.Workspace)/docker-artifact/${{ parameters.phpImageName }}.tar.gz | docker load
displayName: 'Load Docker Image'
- task: ExtractFiles@1
displayName: 'Extract Complete Artifact'
inputs:
archiveFilePatterns: '$(Pipeline.Workspace)/artifact-code/$(Build.Repository.Name).zip'
destinationFolder: '$(System.DefaultWorkingDirectory)'
cleanDestinationFolder: true
# Prepare SSH keys
- task: DownloadSecureFile@1
name: downloadSSHKey
displayName: 'Download Acquia SSH Private Key'
inputs:
secureFile: '${{ parameters.privateSSHKeyName }}'
- script: |
mkdir -p $(Pipeline.Workspace)/.ssh
cp $(downloadSSHKey.secureFilePath) $(Pipeline.Workspace)/.ssh/id_rsa
chmod 600 $(Pipeline.Workspace)/.ssh/id_rsa
ssh-keyscan -t rsa ${HOST} >> $(Pipeline.Workspace)/.ssh/known_hosts
displayName: 'Prepare SSH key'
# Deploy!
- script: |
docker run --rm \
-v $(System.DefaultWorkingDirectory):/app \
-v $(Pipeline.Workspace)/.ssh:/root/.ssh:ro \
-w /app \
-e ACQUIA_CLIENT_ID=$(ACQUIA_CLIENT_ID) \
-e ACQUIA_CLIENT_SECRET=$(ACQUIA_CLIENT_SECRET) \
-e APPLICATION_UUID=$(APPLICATION_UUID) \
-e BUILD_SOURCEBRANCHNAME=$(Build.SourceBranchName) \
${{ parameters.phpImageName }} bash -c "ci/scripts/deploy/deploy_artifact.sh"
displayName: 'Deploy to Acquia via Docker'