Skip to content

Latest commit

 

History

History

zip-deploy-arm-github-workflow

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
README.md
README.md
 
 
azuredeploy.json
azuredeploy.json
 
 
workflow.yml
workflow.yml
 
 

README.md

Github Workflow for deployment using ARM Template

This workflow can be used when the following conditions are met:

  1. Function app is locked behind private endpoint.
  2. Storage account is locked behind private endpoints.
  3. Want to setup continuous deployment pipeline for GitHub repo.

Pre-requisite

  1. Have a copy of the ARM template azuredeploy.json in the root of the repo.
  2. Setup Azure Service Principle for RBAC as Deployment Credential using the steps below.
  3. Update evironment variables in the workflow.yml with those of your app.
  4. This template is for DotNet function app on Windows OS. Please refer sample templates for other languages and OS to modify this template accordingly.

Azure Service Principle for RBAC as Deployment Credential

You have to create an Azure Service Principal for RBAC and add them as a GitHub Secret in your repository.

  1. Download Azure CLI from here, run az login to login with your Azure credentials.
  2. Run Azure CLI command
   az ad sp create-for-rbac --name "myApp" --role contributor \
                            --scopes /subscriptions/{subscription-id}/resourceGroups/{resource-group}/providers/Microsoft.Web/sites/{app-name} \
                            --sdk-auth

  # Replace {subscription-id}, {resource-group}, and {app-name} with the names of your subscription, resource group, and Azure function app.
  # The command should output a JSON object similar to this:

  {
    "clientId": "<GUID>",
    "clientSecret": "<GUID>",
    "subscriptionId": "<GUID>",
    "tenantId": "<GUID>",
    (...)
  }
  1. Paste the json response from above Azure CLI to your Github Repository > Settings > Secrets > Add a new secret > AZURE_CREDENTIALS

Dependencies on other Github Actions

  • Checkout Checkout your Git repository content into GitHub Actions agent.
  • Azure Login Login with your Azure credentials for function app deployment authentication.
  • To build app code in a specific language based environment, use setup actions:
    • Setup DotNet Build your DotNet core function app or function app extensions.
    • Setup Node Resolve Node function app dependencies using npm.
    • Setup Python Resolve Python function app dependencies using pip.
    • Setup Java Resolve Java function app dependencies using maven.

If you are looking for a GitHub Action to deploy your customized container image into an Azure Functions container, use azure/functions-container-action.