Created Woodpecker pipeline

.woodpecker/build.yaml

@@ -0,0 +1,41 @@
+when:
+  - event: push
+    branch: woodpecker-deploy
+
+steps:
+  - name: 'Deploy user microservice'
+    image: marcin00.azurecr.io/azure-cli-kubectl:latest
+    environment:
+      CLIENT_ID: 'c302726f-fafb-4143-94c1-67a70975574a'
+      CLUSTER_NAME: 'build'
+      DEPLOY_FILES: 'namespace.yaml secret-store.yaml deploy.yaml ingress.yaml'
+      DEPLOYMENT: 'api'
+      HEALTHCHECK_URL: 'https://user-microservice.marcin00.pl/health'
+      NAMESPACE: 'user-microservice'
+      RESOURCE_GROUP: 'tst-aks-rg'
+    commands:
+      # Login to Azure & Get Kubeconfig
+      - az login --identity --client-id $CLIENT_ID
+      - az aks get-credentials --resource-group $RESOURCE_GROUP --name $CLUSTER_NAME --overwrite-existing
+      - kubelogin convert-kubeconfig -l azurecli
+
+      # Apply Kubernetes Resources
+      - for file in $DEPLOY_FILES; do kubectl apply -f "$file"; done
+
+      # Verify Deployment (waiting until all pods reach "ready" status)
+      - echo "Waiting for deployment rollout..."
+      - kubectl rollout status deployment/$DEPLOYMENT -n $NAMESPACE --timeout=60s
+
+      # Health Check
+      - echo "Checking app health $HEALTHCHECK_URL..."
+          for i in {1..30}; do
+              if curl -sf $HEALTHCHECK_URL; then
+                  echo "Health check OK"
+                  exit 0
+              else
+                  echo "Health check failed. Retry \$i..."
+                  sleep 5
+              fi
+          done
+          echo "Health check failed."
+          exit 1

Jenkinsfile

@@ -1,34 +0,0 @@
-pipeline {
-    agent any
-    stages {
-        stage('Checkout') {
-            steps {
-                checkout scm
-            }
-        }
-        stage('Get credentials to Cluster') {
-            steps {
-                sh '''
-                az login --identity
-                az aks get-credentials --resource-group tst-aks-rg --name edu
-                kubelogin convert-kubeconfig -l azurecli
-                '''
-            }
-        }
-        stage('Apply to Cluster') {
-            steps {
-                sh '''
-                kubectl apply -f namespace.yaml
-                kubectl apply -f secret-store.yaml
-                kubectl apply -f deploy.yaml
-                kubectl apply -f ingress.yaml
-                '''
-            }
-        }
-    }
-    post {
-        cleanup {
-            sh 'rm -f ~/.kube/config || true'
-        }
-    }
-}

deploy.yaml

@@ -81,7 +81,7 @@ spec:
     spec:
       containers:
         - name: api
-          image: marcin00.azurecr.io/user-microservice:76a351710fffe2be1ae10471bc1a2f511f481126
+          image: marcin00.azurecr.io/user-microservice:a79ae2d50f2fc3dfcf976eb2a8ebe32511ae4a33
           ports:
             - containerPort: 80
           env:

rbac-role.yaml

@@ -4,7 +4,7 @@ metadata:
   name: deployer-binding
 subjects:
 - kind: User
-  name: daabce80-f745-413f-8377-00472517521c
+  name: f91aef65-7d2a-4df8-a884-e33b05d54a31
   apiGroup: rbac.authorization.k8s.io
 roleRef:
   kind: ClusterRole

secret-store.yaml

@@ -24,8 +24,8 @@ spec:
   parameters:
     usePodIdentity: "false"
     useVMManagedIdentity: "true"
-    userAssignedIdentityID: "0c2780e4-8594-4aab-8f1a-8a19f71924bd" # client_id of the user-assigned managed identity
+    userAssignedIdentityID: "f91aef65-7d2a-4df8-a884-e33b05d54a31" # client_id of the user-assigned managed identity
-    clientID: "0c2780e4-8594-4aab-8f1a-8a19f71924bd"               # client_id of the user-assigned managed identity
+    clientID: "f91aef65-7d2a-4df8-a884-e33b05d54a31"               # client_id of the user-assigned managed identity
     keyvaultName: "dev-aks"
     objects:  |
       array: