Azure App Service Deployment from On-premises Team Foundation Server (TFS)
Azure Pipelines (Build & Release in TFS) is the service for automated build and deployment for all cloud providers, especially Azure.
Azure App Service deployment from on-premises TFS needs Azure Resource Manager Setup as on-premises TFS does not have any details for Azure Resource Manager. We need to setup ARM manually from the TFS server by adding details from the Azure subscription.
Prerequisites
- Azure access with admin user
- TFS access with admin user
When I start to implement the deployment process for Azure App Services from our on-premises TFS, I find I go through multiple documents with power shell commands but it’s always hard to understand and work with all commands. This article will show how to manage the connection between Azure and the on-premises TFS, including some helpful visuals and screenshots.
- To start, Login to TFS on the browser
- Select Settings
- Services tab
- Go to TFS => Setting => Services
- Click on New Service Endpoint
Select Azure Resource Manager
To capture detail for the Azure connection:
- Login to Azure Portal
- Click on ActiveDirectoryMenuBlade
- Click on app registrations
- Register new App
- Application (client): Service Principle Client ID
- Directory (tenant) ID: Tenent ID
- Certificate & secret key: Service Principle Key
To create certificates and secrets for a new registered app
- Click on Certificate & Secrets
- Name key
- Set expiration time
Note: Make sure you copy the key as Azure will not allow you to retrieve the key once you move to another screen.
To add access to the Active Directory created for Deployment:
Assign a Role for the Active Directory APP
- Click on “Add”
- Select Role as “Contributor”
- Keep “Assign access to value” as the default selection
- Search for Active Directory APP
Field mappings
Setup release for Azure
Select Artifacts: Pipeline setup for Build process
The Azure Subscription drop down menu on below screen will show the newly created ARM:
