Saturday 17 July 2021

Running Bicep IaC with GitHub Actions

 We have discussed deploying Bicep script using an Azure DevOps pipeline in a pervious post. We have explored having a approvals working with GitHub actions in the post "Manual Approval in GitHub Actions".  Let's utilize manual approvals and deploy Bicep script with GitHub actions.

As the first part of the pipeline let's set couple of variables required to pass as parameters to Bicep script.

nameBicep Deploy

on:
  workflow_dispatch:

env:
  rgLocation'centralus'
  rgName'rg-githubbicep-001'
  planName'plan-githubbicep-001'
  planSKUName'B3' 
  planSKUCapacity1
  planKind'linux'
  webappName'app-githubbicep-001'
  linuxFxVersion'"node|16-lts"'
  templateFile'./BicepDemo/Infra/main.bicep'

As the first job lets execute a --what-if to see what would happen is the Bicpe script is executed. We are using az login to logon to the Azure using CLI in GitHub actions.

jobs:
  Pre-Dev:
    runs-onubuntu-latest
    
    steps:
      - nameCheckout
        usesactions/checkout@v2.3.4
        
      - name'Az CLI login'
        usesazure/login@v1
        with:
          creds${{ secrets.AZURE_CREDENTIALS }}

      - name'What happens if'
        shellpwsh
        run|
          az deployment sub create --location ${{ env.rgLocation }} `
                --template-file ${{ env.templateFile }} `
                --parameters rgName=${{ env.rgName }} `
                rgLocation=${{ env.rgLocation }} `
                planName=${{ env.planName }} `
                planSKUName=${{ env.planSKUName }} `
                planSKUCapacity=${{ env.planSKUCapacity }} `
                planKind=${{ env.planKind }} `
                webappName=${{ env.webappName }} `
                linuxFxVersion=${{ env.linuxFxVersion }} --what-if

Once executed the --what-if the log will display what would happen if the Bicep script is executed.


The next job is setup to to deploy the resources using Bicep script. The job is having a prerequisite job setup as the previous job to make it sequential and manual approval is setup as described in "Manual Approval in GitHub Actions".

  Dev:
    runs-onubuntu-latest
    needsPre-Dev
    environment:
      nameDevEnv

    steps:
      - nameCheckout
        usesactions/checkout@v2.3.4
        
      - name'Az CLI login'
        usesazure/login@v1
        with:
          creds${{ secrets.AZURE_CREDENTIALS }}

      - name'Deploy Dev Resources with Bicep'
        shellpwsh
        run|
          az deployment sub create --location ${{ env.rgLocation }} `
                --template-file ${{ env.templateFile }} `
                --parameters rgName=${{ env.rgName }} `
                rgLocation=${{ env.rgLocation }} `
                planName=${{ env.planName }} `
                planSKUName=${{ env.planSKUName }} `
                planSKUCapacity=${{ env.planSKUCapacity }} `
                planKind=${{ env.planKind }} `
                webappName=${{ env.webappName }} `
                linuxFxVersion=${{ env.linuxFxVersion }}

The approval/reject can be given in the job as shown below.



Once approval given the resources would be deployed using Bicep script n the GitHub action pipeline.



The entire pipeline code is as below.

nameBicep Deploy

on:
  workflow_dispatch:

env:
  rgLocation'centralus'
  rgName'rg-githubbicep-001'
  planName'plan-githubbicep-001'
  planSKUName'B3' 
  planSKUCapacity1
  planKind'linux'
  webappName'app-githubbicep-001'
  linuxFxVersion'"node|16-lts"'
  templateFile'./BicepDemo/Infra/main.bicep'
    
jobs:
  Pre-Dev:
    runs-onubuntu-latest
    
    steps:
      - nameCheckout
        usesactions/checkout@v2.3.4
        
      - name'Az CLI login'
        usesazure/login@v1
        with:
          creds${{ secrets.AZURE_CREDENTIALS }}

      - name'What happens if'
        shellpwsh
        run|
          az deployment sub create --location ${{ env.rgLocation }} `
                --template-file ${{ env.templateFile }} `
                --parameters rgName=${{ env.rgName }} `
                rgLocation=${{ env.rgLocation }} `
                planName=${{ env.planName }} `
                planSKUName=${{ env.planSKUName }} `
                planSKUCapacity=${{ env.planSKUCapacity }} `
                planKind=${{ env.planKind }} `
                webappName=${{ env.webappName }} `
                linuxFxVersion=${{ env.linuxFxVersion }} --what-if

  Dev:
    runs-onubuntu-latest
    needsPre-Dev
    environment:
      nameDevEnv

    steps:
      - nameCheckout
        usesactions/checkout@v2.3.4
        
      - name'Az CLI login'
        usesazure/login@v1
        with:
          creds${{ secrets.AZURE_CREDENTIALS }}

      - name'Deploy Dev Resources with Bicep'
        shellpwsh
        run|
          az deployment sub create --location ${{ env.rgLocation }} `
                --template-file ${{ env.templateFile }} `
                --parameters rgName=${{ env.rgName }} `
                rgLocation=${{ env.rgLocation }} `
                planName=${{ env.planName }} `
                planSKUName=${{ env.planSKUName }} `
                planSKUCapacity=${{ env.planSKUCapacity }} `
                planKind=${{ env.planKind }} `
                webappName=${{ env.webappName }} `
                linuxFxVersion=${{ env.linuxFxVersion }}

 

No comments:

Popular Posts