DEV Community

loading...
Cover image for Azure PowerShell and ARM template deployment from GitHub actions

Azure PowerShell and ARM template deployment from GitHub actions

Janne Mattila
From programmer to programmer -- Programming just for the fun of it
・3 min read

Earlier this month GitHub Actions support for CI/CD was announced. After that I have been thinking that this is something I need to learn more. So I decided to check how easy it would be to add Azure PowerShell support (which I can then use for my ARM template deployments). There was already az cli action available:

GitHub logo Azure / actions

Automate your GitHub workflows using Azure Actions

GitHub Actions for deploying to Azure

GitHub Actions gives you the flexibility to build an automated software development lifecycle workflow.

With GitHub Actions for Azure you can create workflows that you can set up in your repository to build, test, package, release and deploy to Azure. Learn more about all other integrations with Azure.

Get started today with a free Azure account!

To easily create GitHub CI/CD workflows targeting Azure, use our Azure starter templates to deploy your apps created with popular languages and frameworks such as .NET, Node.js, Java, PHP, Ruby or Python, in containers or running on any operating system. Also the individual Action repos have a sample workflow included in their Readme file to help you quickly get started.

Please try out the GitHub Actions for Azure and share your feedback via Twitter on @Azure. If you encounter a problem, please open an issue on…

But I wanted to replicate similar setup that I've used in Azure DevOps for many years. Therefore I decided to try to create my own action (and at the same time of course learn how these actions work).

I created GitHub repository for my actions:

GitHub logo JanneMattila / actions

GitHub actions for Azure PowerShell and ARM template deployment

Azure PowerShell action

You can use this GitHub action for executing Azure PowerShell in your own GitHub workflows Similarly as Azure PowerShell task in Azure DevOps.

Primary use case is to call ARM template deployments using deploy.ps1 (deployment entrypoint) to make your template deployments easy but you can of course use this for any Azure automation scenarios you might on your mind.

Read more about it in this blog post.

Example

Here's small example how to execute Azure PowerShell in your own workflow:

name: Azure Deployment example
on: [push]
jobs
  build-and-deploy:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v1

    - uses: jannemattila/actions/azurepowershell@master
      with:
        creds: ${{ secrets.AZURE_CREDENTIALS }}
        
    - name: Azure PowerShell & ARM template deployment
      run: ./deploy/deploy.ps1 -ResourceGroupName "pwsh-dev-rg" -Location "North Europe"
      shell: pwsh

In this example you first checkout your codebase and then execute /deploy/deploy.ps1 PowerShell script…

I looked the az cli repository so that I would better understand the implementation details of their action. I decided to reuse their login instructions so that you can easily jump between az cli and Azure PowerShell. After learning the setup from az cli repository I decided to use a bit simpler setup. It means that I didn't use the components that are provided in the GitHub Action Toolkit but instead I just implemented simple 45 line solution that consist only 3 files. But clearly toolkit repository is the place to go when you're doing some serious development for your actions.

When I had my Azure PowerShell action ready I then created repository for demo application:

GitHub logo JanneMattila / AzurePwshARMActionDemo

Demo how to use Azure PowerShell GitHub action to deploy ARM template using PowerShell.

Azure PowerShell ARM template deployment using action demo

Demo how to use Azure PowerShell GitHub action to deploy ARM template using PowerShell.




It has my favorite setup from Azure infrastructure point of view:
Alt Text

That of course means deploy folder and deploy.ps1 and azuredeploy*.json files. This demo doesn't (yet?) have any application code in it but for example there are already actions to manage web apps so it would be easy thing to add:

GitHub logo Azure / appservice-actions

Enable GitHub developers to deploy to Azure WebApps using GitHub Actions

IMPORTANT NOTICE:

Actions hosted in this repo are now moved to new GitHub repositories. Please update your existing workflows with the new actions as these old actions will be ARCHIVED and will not receive any updates. Refer to https://github.com/Azure/actions for updated action repo details.
For example, the action azure/appservice-actions/webapp@master should be replaced with azure/webapps-deploy@v1 in your workflows.

Old Action New Action
Azure WebApp (Windows / Linux WebApps) azure/appservice-actions/webapp@master azure/webapps-deploy@v1
Azure Web app for containers (Single / multi-container apps) azure/appservice-actions/webapp-container@master azure/webapps-container-deploy@v1

Contributing

This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.

When you submit a pull request, a CLA bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., status check, comment)…

Those files under deploy folder are exactly the same kind of ones I have been talking and presenting last years. Next step is to create new workflow that uses my previously created Azure PowerShell action. Here's example worklow:

name: Azure Deployment
on: [push]

jobs:
  build-and-deploy:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v1

    - uses: jannemattila/actions/azurepowershell@master
      with:
        creds: ${{ secrets.AZURE_CREDENTIALS }}

    - name: Azure PowerShell & ARM template deployment
      run: ./deploy/deploy.ps1 -ResourceGroupName "pwsh-dev-rg" -Location "North Europe"
      shell: pwsh

Important part is jannemattila/actions/azurepowershell@master which means that I now reuse the action in my other repository in this workflow. So now it's suddenly super easy to user Azure PowerShell in your actions. That's the last step in my above workflow.

Remember that you need to have the Azure credentials correctly set before the workflow can even work:
Azure credentials managed in secrets

Above workflow starts automatically based on event: on: [push] (in workflow definition). I can also view my worklow executions under Actions:

Workflow runs visible under Actions menu

You can further drill-down to the details of each run:
Workflow execution log

And since I'm using ARM template deployments inside my PowerShell file I can see my deployments in Azure Portal as well:
Resource group deployments in Azure Portal
That weird looking deployment name is coming from GITHUB_SHA environment variable which maps to the commit SHA in that repository. It means that you can fully backtrack to the actual change and investigate what has happened in detail:

[master] # git checkout 933307a62df143ccfebab4aadd5925af22484d9c -b investigate-dev
Switched to a new branch 'investigate-dev'
[investigate-dev] # git log
commit 933307a62df143ccfebab4aadd5925af22484d9c (HEAD -> investigate-dev)
Author: Janne Mattila
Date:   Wed Aug 28 20:37:24 2019 +0300
...

I hope you find this post interesting!

P.S. If you thought that I managed to do this in one go... well no 😊:Trial & error implementation

Discussion (0)