Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Build deploy azure #32

Open
wants to merge 6 commits into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 4 additions & 2 deletions github/github-actions-cd/includes/1-introduction.md
Original file line number Diff line number Diff line change
Expand Up @@ -22,10 +22,12 @@ This module assumes you've completed the [Automate development tasks by using Gi

- A GitHub account
- The ability to navigate and edit files in GitHub
- For more information about GitHub, see [Introduction to GitHub](https://lab.github.com/githubtraining/introduction-to-github?azure-portal=true).
- For more information about GitHub, see [Introduction to GitHub](https://docs.microsoft.com/en-us/learn/modules/introduction-to-github?azure-portal=true).
- Basic familiarity with GitHub Actions and workflows
- If you aren't familiar with workflows, jobs and steps, check out the [Automate development tasks by using GitHub Actions](/learn/modules/github-actions-automate-tasks/) module.
- Basic familiarity with continuous integration using GitHub Actions and workflows
- If you're unfamiliar with continuous integration using GitHub Actions and workflows, check out [Build continuous integration workflows by using GitHub Actions](/learn/modules/github-actions-ci/)
- An [Azure subscription](https://azure.microsoft.com/free/?azure-portal=true).
- An understanding of [Microsoft Azure Fundamentals](../../../paths/az-900-describe-cloud-concepts/index.yml)
- An understanding of [Microsoft Azure Fundamentals](../../../paths/az-900-describe-cloud-concepts/index.yml)

We'll cover how to use GitHub actions to deploy a container-based web app to Microsoft Azure Web Apps.
8 changes: 8 additions & 0 deletions github/github-actions-cd/includes/2-deploy-azure.md
Original file line number Diff line number Diff line change
Expand Up @@ -167,6 +167,14 @@ steps:

Notice that you use GitHub actions to check out the repository and to sign in to Azure. After that, you create the resources you need and deploy the container by using the Azure CLI.

## Secure deployments

You can take a more secure cloud deployment approach by configuring your workflow to request a short-lived access token directly from the cloud provider. This is because Actions supports OpenID Connect (OIDC). Without OIDC, you would need to store a credential or token as an encrypted secret in GitHub and present that secret to the cloud provider every time it runs. The new OIDC support gives you a very clear separation of the configuration that you need to manage in GitHub and the permissions that you need to manage in the cloud portal, making cloud deployments simpler to set up and more secure.

You can configure the OIDC trust on your cloud provider and then update your workflows to request a short-lived access token from the cloud provider through OIDC. This means that you won’t need to add long-lived cloud credentials as GitHub secrets and worry about token expiry and rotating them. You have more granular control over which workflows can access cloud resources by using your cloud provider’s authentication (authN) and authorization (authZ) tools.

## Disable Actions workflows

You can temporarily disable a GitHub Actions workflow either in the UI or through the API. This functionality allows you to stop a workflow from being triggered without having to delete the file from the repo. Later, you can easily re-enable it again from the UI or through the API.

Next, we'll cover how to remove workflow artifacts from GitHub and change the default retention period.
31 changes: 31 additions & 0 deletions github/github-actions-cd/includes/2b-manage-workflow-runs.md
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,35 @@ The following example uploads an artifact that will persist for 10 days instead
retention-days: 10
```

## Supercharge job summaries

Job Summaries allow for custom markdown content on the run summary generated by each job. Custom markdown content can be used for aggregating and displaying test results, generating reports, and custom output independent of logs.

Any markdown content added to a file utilizing `$GITHUB_STEP_SUMMARY` will be displayed on the Actions run summary page. Here is an example:

```
steps:
- name: Adding markdown
run: echo '### Hello world! :rocket:' >> $GITHUB_STEP_SUMMARY
```

Job Summaries have a helper utility to the `@actions/core` npm package. This utility allows authors to easily add individual lines or blocks of markdown. Also it's easy to generate tables, for this very common scenario. Here is an example:

```
import * as core from '@actions/core'
await core.summary
.addHeading('Test Results')
.addCodeBlock(generateTestResults(), "js")
.addTable([
[{data: 'File', header: true}, {data: 'Result', header: true}],
['foo.js', 'Pass ✅'],
['bar.js', 'Fail ❌'],
['test.js', 'Pass ✅']
])
.addLink('View staging deployment!', 'https://github.com')
.write()
```

## Add a workflow status badge to your repository

It's helpful to know the status of a workflow without having to visit the **Actions** tab to see if it successfully completed. Adding workflow status badges to your repository `README.md` file allows you to quickly see if your workflows are passing or failing. While it's common to add a status badge to a repository `README.md` file, you can also add it any web page. By default, status badges display the workflow statuses on your default branch, but you can also display workflow status badges on other branches using the `branch` and `event` parameters.
Expand Down Expand Up @@ -76,3 +105,5 @@ GitHub Actions lets you control the permissions granted to the `GITHUB_TOKEN` se
You can create and configure new repository environments from the repository's **Settings** tab under **Environments**.

GitHub Actions simplifies using secrets with reusable workflows with the secrets: `inherit keyword`. You can simply pass the `secrets: inherit` to the reusable workflow and the secrets will be inherited from the calling workflow.

Next, we'll do an exercise that checks your knowledge on content covered in this module by using GitHub Actions and Microsoft Azure to create two deployment workflows.