CI CD: GitHub Actions
Use the azure/login action to connect with Azure and the authentication will be automatically consumed by Azure maven plugins.
You need Azure credential to authorize Azure login action. To get Azure credential, you need execute command below on you local machine:
az ad sp create-for-rbac --role contributor --scopes /subscriptions/<SUBSCRIPTION_ID> --sdk-auth
If you haven't installed Azure CLI locally, see https://docs.microsoft.com/en-us/cli/azure/install-azure-cli?view=azure-cli-latest.
If you haven't logged with Azure CLI, run
az loginbefore execute command above.
If you would like to access to specific resource group, you can reduce the scope:
az ad sp create-for-rbac --role contributor --scopes /subscriptions/<SUBSCRIPTION_ID>/resourceGroups/{RESOURCE_GROUP} --sdk-auth
For more details about how to manage Azure Active Directory service principals, see https://docs.microsoft.com/en-us/cli/azure/ad/sp?view=azure-cli-latest#az-ad-sp-create-for-rbac
The command should output a JSON object similar to this:
{
"clientId": "<GUID>",
"clientSecret": "<GUID>",
"subscriptionId": "<GUID>",
"tenantId": "<GUID>",
...
}In your GitHub repository page, click Settings tab. Open Secrets menu, and click Add a new secret. Set the secret name to AZURE_CREDENTIALS, and its value to the JSON string which you get in the section before.
name: AzureSpringCloud
env:
GROUP: <resource group name>
SERVICE_NAME: <service instance name>
jobs:
build-and-deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@master
- name: Set up JDK 1.8
uses: actions/setup-java@v1
with:
java-version: 1.8
- name: maven build, clean
run: |
mvn clean package -D skipTests
- name: Azure Login
uses: azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- name: deploy to ASC using Maven
run: |
mvn azure-spring-cloud:deploy