Skip to content

Commit de8d3e3

Browse files
HadwaAbdelhalemianjensenismeeduardodfmex
authored
Align wf azd pipeline config (#119)
* test remove az cli login * Disables the Azure CLI authentication setting in the workflow to avoid potential issues with environment variable configurations. * add pipeline variable section to automatically add RESOURCE_SHARE_USER variable to the repo when AZD pipeline config run. Update azure-dev.yml to align to azd pipeline config * align workflow variables to azd * update read me to introduce the azd pipeline config cmd for repo setup --------- Co-authored-by: ianjensenisme <[email protected]> Co-authored-by: Eduardo Sanchez <[email protected]>
1 parent ac80910 commit de8d3e3

File tree

3 files changed

+39
-27
lines changed

3 files changed

+39
-27
lines changed

.github/workflows/azure-dev.yaml renamed to .github/workflows/azure-dev.yml

Lines changed: 27 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -84,30 +84,30 @@ jobs:
8484
- name: Login to Azure with Federated Identity
8585
uses: azure/login@v2
8686
with:
87-
client-id: ${{ secrets.AZURE_CLIENT_ID }}
88-
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
89-
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
87+
client-id: ${{ vars.AZURE_CLIENT_ID }}
88+
tenant-id: ${{ vars.AZURE_TENANT_ID }}
89+
subscription-id: ${{ vars.AZURE_SUBSCRIPTION_ID }}
9090

9191
- name: Authenticate with Azure Developer CLI
9292
run: |
93-
azd auth login --client-id ${{ secrets.AZURE_CLIENT_ID }} --tenant-id ${{ secrets.AZURE_TENANT_ID }} --federated-credential-provider "github"
93+
azd auth login --client-id ${{ vars.AZURE_CLIENT_ID }} --tenant-id ${{ vars.AZURE_TENANT_ID }} --federated-credential-provider "github"
9494
9595
- name: Provision Infrastructure
9696
env:
9797
POWER_PLATFORM_USE_CLI: false
98-
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
99-
RS_ACCOUNT_NAME: ${{ secrets.RS_ACCOUNT_NAME }}
100-
RS_CONTAINER_NAME: ${{ secrets.RS_CONTAINER_NAME }}
101-
RS_RESOURCE_GROUP: ${{ secrets.RS_RESOURCE_GROUP }}
102-
RESOURCE_SHARE_USER: ${{ secrets.RESOURCE_SHARE_USER }}
98+
AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }}
99+
RS_STORAGE_ACCOUNT: ${{ vars.RS_STORAGE_ACCOUNT }}
100+
RS_CONTAINER_NAME: ${{ vars.RS_CONTAINER_NAME }}
101+
RS_RESOURCE_GROUP: ${{ vars.RS_RESOURCE_GROUP }}
102+
RESOURCE_SHARE_USER: ${{ vars.RESOURCE_SHARE_USER }}
103103
ARM_USE_AZUREAD: "true"
104104
ARM_STORAGE_USE_AZUREAD: "true"
105105
ARM_USE_OIDC: "true"
106-
ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
107-
ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
108-
ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
109-
POWER_PLATFORM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
110-
POWER_PLATFORM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
106+
ARM_CLIENT_ID: ${{ vars.AZURE_CLIENT_ID }}
107+
ARM_TENANT_ID: ${{ vars.AZURE_TENANT_ID }}
108+
ARM_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }}
109+
POWER_PLATFORM_CLIENT_ID: ${{ vars.AZURE_CLIENT_ID }}
110+
POWER_PLATFORM_TENANT_ID: ${{ vars.AZURE_TENANT_ID }}
111111
POWER_PLATFORM_USE_OIDC: "true"
112112
GITHUB_PAT: ${{ secrets.MCS_RUNNER }}
113113
GITHUB_REPO_OWNER: ${{ github.repository_owner }}
@@ -122,7 +122,7 @@ jobs:
122122
azd env set RESOURCE_SHARE_USER "$env:RESOURCE_SHARE_USER"
123123
azd env set POWER_PLATFORM_USE_CLI "false"
124124
125-
azd env set RS_STORAGE_ACCOUNT $env:RS_ACCOUNT_NAME
125+
azd env set RS_STORAGE_ACCOUNT $env:RS_STORAGE_ACCOUNT
126126
azd env set RS_CONTAINER_NAME $env:RS_CONTAINER_NAME
127127
azd env set RS_RESOURCE_GROUP $env:RS_RESOURCE_GROUP
128128
@@ -157,23 +157,24 @@ jobs:
157157
if: ${{ github.event.inputs.run_azd_down == true }}
158158
env:
159159
POWER_PLATFORM_USE_CLI: false
160-
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
161-
RS_ACCOUNT_NAME: ${{ secrets.RS_ACCOUNT_NAME }}
162-
RS_CONTAINER_NAME: ${{ secrets.RS_CONTAINER_NAME }}
163-
RS_RESOURCE_GROUP: ${{ secrets.RS_RESOURCE_GROUP }}
164-
RESOURCE_SHARE_USER: ${{ secrets.RESOURCE_SHARE_USER }}
160+
AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }}
161+
RS_STORAGE_ACCOUNT: ${{ vars.RS_STORAGE_ACCOUNT }}
162+
RS_CONTAINER_NAME: ${{ vars.RS_CONTAINER_NAME }}
163+
RS_RESOURCE_GROUP: ${{ vars.RS_RESOURCE_GROUP }}
164+
RESOURCE_SHARE_USER: ${{ vars.RESOURCE_SHARE_USER }}
165165
ARM_USE_AZUREAD: "true"
166166
ARM_STORAGE_USE_AZUREAD: "true"
167167
ARM_USE_OIDC: "true"
168-
ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
169-
ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
170-
ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
171-
POWER_PLATFORM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
172-
POWER_PLATFORM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
168+
ARM_CLIENT_ID: ${{ vars.AZURE_CLIENT_ID }}
169+
ARM_TENANT_ID: ${{ vars.AZURE_TENANT_ID }}
170+
ARM_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }}
171+
POWER_PLATFORM_CLIENT_ID: ${{ vars.AZURE_CLIENT_ID }}
172+
POWER_PLATFORM_TENANT_ID: ${{ vars.AZURE_TENANT_ID }}
173173
POWER_PLATFORM_USE_OIDC: "true"
174174
shell: pwsh
175175
run: |
176-
azd env set RS_STORAGE_ACCOUNT $env:RS_ACCOUNT_NAME
176+
177+
azd env set RS_STORAGE_ACCOUNT $env:RS_STORAGE_ACCOUNT
177178
azd env set RS_CONTAINER_NAME $env:RS_CONTAINER_NAME
178179
azd env set RS_RESOURCE_GROUP $env:RS_RESOURCE_GROUP
179180
azd env set RESOURCE_SHARE_USER "$env:RESOURCE_SHARE_USER"

README.md

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -325,6 +325,14 @@ To run the demo, follow these steps:
325325
2.
326326
3.
327327

328+
## Next Steps
329+
330+
At this point, you have a complete application deployed on Azure using your local dev box. But there is much more that the Azure Developer CLI can do. These next steps will introduce you to additional commands that will make creating applications on Azure much easier. Using the Azure Developer CLI, you can setup your pipelines, monitor your application, test and debug locally.
331+
332+
azd pipeline config - to automate the process to create you own copy of this repo, host it on GitHub organization of your choice, create the needed federated credentials, Github workflow and their needed workflow variables to deploy your code whenever changes are pushed to the main branch.
333+
334+
azd down - to delete all the Azure resources created with this template
335+
328336
## Workflows
329337

330338
A mature workflow for a solution not only automates the deployment of the IAC resources, and the
@@ -337,7 +345,7 @@ and [Gitleaks](https://github.com/gitleaks/gitleaks) into both Dev loop and depl
337345
These tools run automatically before executing the azd up command, ensuring security, compliance,
338346
and best practices are validated prior to deploying the solution.
339347

340-
The main workflow, defined in [azure-dev.yaml](.github/workflows/azure-dev.yaml), utilizes Federated
348+
The main workflow, defined in [azure-dev.yml](.github/workflows/azure-dev.yml), utilizes Federated
341349
credentials to ensure secure authentication.
342350

343351
**ONLY FOR SELF-HOSTED GITHUB RUNNERS**: There is a workflow defined in [test-runner.yaml](/.github/workflows/test-runner.yaml)

azure.yaml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -44,3 +44,6 @@ hooks:
4444
continueOnError: false
4545
interactive: false
4646
run: azd-hooks/scripts/hooks/postpackage/postpackage.ps1
47+
pipeline:
48+
variables:
49+
- RESOURCE_SHARE_USER

0 commit comments

Comments
 (0)