Darwin Standards MCP Server

name: Deploy to AKS on: workflow_run: workflows: ["Build and Push"] types: [completed] branches: [main] workflow_dispatch: inputs: environment: description: 'Environment to deploy to' required: true default: 'dev' type: choice options: - dev - prod image_tag: description: 'Image tag to deploy (leave empty for latest)' required: false type: string env: ACR_REGISTRY: fgsansharedacrdeveus.azurecr.io IMAGE_NAME: standards-mcp-server AKS_CLUSTER: fgsan-shared-aks-dev-eus RESOURCE_GROUP: rg-fgsan-shared-dev-eus K8S_NAMESPACE: darwin-mcp AZURE_SUBSCRIPTION_ID: 52d7d652-0894-4e3f-a821-7a17c841d319 permissions: id-token: write contents: read jobs: deploy: name: Deploy to AKS runs-on: ubuntu-latest if: ${{ github.event.workflow_run.conclusion == 'success' || github.event_name == 'workflow_dispatch' }} environment: name: ${{ github.event.inputs.environment || 'dev' }} url: https://mcp.darwin.example.com/standards steps: - name: Checkout code uses: actions/checkout@v4 - name: Azure Login uses: azure/login@v2 with: client-id: ${{ secrets.AZURE_CLIENT_ID }} tenant-id: ${{ secrets.AZURE_TENANT_ID }} subscription-id: ${{ env.AZURE_SUBSCRIPTION_ID }} - name: Get AKS credentials run: | az aks get-credentials \ --resource-group ${{ env.RESOURCE_GROUP }} \ --name ${{ env.AKS_CLUSTER }} \ --overwrite-existing - name: Determine image tag id: image run: | if [ -n "${{ github.event.inputs.image_tag }}" ]; then echo "tag=${{ github.event.inputs.image_tag }}" >> $GITHUB_OUTPUT else echo "tag=${{ github.sha }}" >> $GITHUB_OUTPUT fi - name: Setup Kustomize uses: imranismail/setup-kustomize@v2 - name: Update image in Kustomize run: | cd .k8s/overlays/${{ github.event.inputs.environment || 'dev' }} kustomize edit set image ${{ env.ACR_REGISTRY }}/${{ env.IMAGE_NAME }}=${{ env.ACR_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.image.outputs.tag }} - name: Deploy to AKS run: | kubectl apply -k .k8s/overlays/${{ github.event.inputs.environment || 'dev' }} - name: Wait for rollout run: | kubectl rollout status deployment/standards-mcp-server \ -n ${{ env.K8S_NAMESPACE }} \ --timeout=300s - name: Verify deployment run: | kubectl get pods -n ${{ env.K8S_NAMESPACE }} -l app=standards-mcp-server kubectl get svc -n ${{ env.K8S_NAMESPACE }} -l app=standards-mcp-server - name: Run health check run: | # Get service endpoint SERVICE_IP=$(kubectl get svc standards-mcp-server -n ${{ env.K8S_NAMESPACE }} -o jsonpath='{.spec.clusterIP}') # Port forward for health check kubectl port-forward svc/standards-mcp-server 8080:8080 -n ${{ env.K8S_NAMESPACE }} & sleep 5 # Run health check curl -f http://localhost:8080/health || echo "Health check endpoint not available (expected for MCP server)" # Kill port forward pkill -f "port-forward" || true - name: Generate deployment summary run: | echo "## Deployment Summary" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY echo "**Environment:** ${{ github.event.inputs.environment || 'dev' }}" >> $GITHUB_STEP_SUMMARY echo "**Image:** \`${{ env.ACR_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.image.outputs.tag }}\`" >> $GITHUB_STEP_SUMMARY echo "**Cluster:** ${{ env.AKS_CLUSTER }}" >> $GITHUB_STEP_SUMMARY echo "**Namespace:** ${{ env.K8S_NAMESPACE }}" >> $GITHUB_STEP_SUMMARY notify-failure: name: Notify on Failure runs-on: ubuntu-latest needs: deploy if: failure() steps: - name: Create issue on failure uses: actions/github-script@v7 with: script: | github.rest.issues.create({ owner: context.repo.owner, repo: context.repo.repo, title: 'Deployment Failed - ${{ github.event.inputs.environment || "dev" }}', body: `Deployment to ${{ github.event.inputs.environment || 'dev' }} failed. **Run ID:** ${context.runId} **Commit:** ${context.sha} Please investigate the [workflow run](${context.serverUrl}/${context.repo.owner}/${context.repo.repo}/actions/runs/${context.runId}).`, labels: ['deployment', 'bug'] })