GitHub Action
Azure Resource Manager (ARM) Template Deployment
A GitHub Action to deploy ARM templates.
- Checkout To checks-out your repository so the workflow can access any specified ARM template.
-
creds
Required
Create Service Principal for Authentication -
templateLocation
Required
Specify the path to the Azure Resource Manager template.
(See assets/json/template.json) -
resourceGroupName
Provide the name of a resource group.
If you dont pass a resource group name the template will be deployed at subscription scope -
deploymentMode
Incremental (only add resources to resource group) or Complete (remove extra resources from resource group). Default:Incremental
. -
deploymentName
Specifies the name of the resource group deployment to create. -
parameters
Specify the path to the Azure Resource Manager parameters file or pass them as space delimited Key-Value Pairs.
(See examples/Advanced.md) -
overrideParameters
Specify the path to the Azure Resource Manager override parameters file or pass them as space delimited Key-Value Pairs.
(See examples/Advanced.md)
Every template output will be exported as output. For example the output is called containerName
then it will be available with ${{ steps.STEP.outputs.containerName }}
For more Information see examples/Advanced.md.
Additionally are the following outputs available:
deploymentName
Specifies the complete deployment name which has been generated
- uses: whiteducksoftware/azure-arm-action@master
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
resourceGroupName: <YourResourceGroup>
templateLocation: <path/to/azuredeploy.json>
deploymentName: <Deployment base name>
The Service Principal can be easily generated using the Azure CLI. Using the following command will create the SP in the supported structure.
At Subscription Scope: az ad sp create-for-rbac --name "azure-arm-action" --role contributor --scopes=/subscriptions/********-****-****-****-************/ --sdk-auth -o json
The JSON, which shall be used for authentication, should be in the following format:
{
"clientId": "********-****-****-****-************",
"clientSecret": "[*]",
"subscriptionId": "********-****-****-****-************",
"tenantId": "********-****-****-****-************",
"activeDirectoryEndpointUrl": "https://login.microsoftonline.com",
"resourceManagerEndpointUrl": "https://management.azure.com/",
"activeDirectoryGraphResourceId": "https://graph.windows.net/",
"sqlManagementEndpointUrl": "https://management.core.windows.net:8443/",
"galleryEndpointUrl": "https://gallery.azure.com/",
"managementEndpointUrl": "https://management.core.windows.net/"
}
on: [push]
name: ARMActionSample
jobs:
build-and-deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@master
- uses: whiteducksoftware/azure-arm-action@master
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
resourceGroupName: <YourResourceGroup>
templateLocation: <path/to/azuredeploy.json>
parameters: <path/to/parameters.json> OR <KEY=VALUE>
deploymentName: <Deployment base name>
For more advanced workflows see examples/Advanced.md.