CI/CD Pipeline for Azure App Services using GitHub Actions and Terraform
2 min readJun 18, 2024
- Set up GitHub Repository
- Create a GitHub repository containing your application code.
2. Create Service Principal for Terraform
- Create a service principal with Contributor access to your Azure subscription.
- Note down the
client_id
,client_secret
,subscription_id
, andtenant_id
from the output
az ad sp create-for-rbac --name "terraform-sp" --role contributor \
--scopes /subscriptions/{subscription_id}
3. Configure GitHub Secrets
- In your GitHub repository, go to
Settings
->Secrets
and add the following secrets:
ARM_CLIENT_ID
: Azure Service Principal client_id
ARM_CLIENT_SECRET
: Azure Service Principal client_secret
ARM_SUBSCRIPTION_ID
: Azure Subscription ID
ARM_TENANT_ID
: Azure AD Tenant ID
4. Create GitHub Actions Workflow
- Create a
.github/workflows/deploy.yml
file in your repository with the following content:
name: Deploy to Azure App Service
on:
push:
branches:
- main
jobs:
terraform:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Set up Terraform
uses: hashicorp/setup-terraform@v1
with:
terraform_version: 1.1.0
cli_config_credentials_token: ${{ secrets.ARM_CLIENT_SECRET }}
- name: Terraform Init
run: terraform init
- name: Terraform Plan
run: terraform plan
- name: Terraform Apply
run: terraform apply -auto-approve
env:
ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
5. Push Changes and Trigger Deployment
Push your changes to the main
branch. This triggers the GitHub Actions workflow defined above, which in turn deploys your application to Azure App Services.