This is my learning note when learning Continuous Delivery to Azure by GitHub Actions through Microsoft Learn Module: Build and deploy applications to Azure by using GitHub Actions and GitHub Learning Lab, GitHub Actions: Continuous Delivery with Azure

Continuous Delivery is a software development discipline where you build software in such a way that the software can be released to production at any time.

Options for triggering a CD workflow

ChatOps

ChatOps uses chat clients, chatbots and real-time communication tools to execute tasks. For example, you might leave a specific comment in a pull request that can kick off a bot. That bot might comment back with some statistics or run a workflow.

Labels in your pull request

Different labels can start different workflows. To use labels, your workflow will look like this:

1
2
3
on:
  pull_request:
    types: [labeled]

Store credentials with GitHub Secrets

GitHub Secrets is a secure place to store sensitive information that your workflow will need.
In order to deploy to an Azure resource, the GitHub Action must have permission to access the resource.

To access the secret:

1
2
3
4
5
steps:
      - name: "Login via Azure CLI"
        uses: azure/login@v1
        with:
          creds: ${{ secrets.AZURE_CREDENTIALS }}

Triggering CD with labelling

In the case for the GitHub Learning lab, we’ll use labels as triggers for multiple tasks:

  • When someone applies a “spin up environment” label to a pull request, that’ll tell GitHub Actions that we’d like to set up our resources on an Azure environment.
  • When someone applies a “stage” label to a pull request, that’ll be our indicator that we’d like to deploy our application to a staging environment.
  • When someone applies a “destroy environment” label to a pull request, we’ll tear down any resources that are running on our Azure account.

Job conditionals

GitHub Actions features powerful controls for when to execute jobs and the steps within them. One of these controls is if, which allows you run a job only when a specific condition is met:

1
if: contains(github.event.pull_request.labels.*.name, 'peacock')

GitHub deploy-staging workflow

The .github/workflows/deploy-staging.yml defines the logic of the GitHub workflow for staging the deployment. GitHub Actions is cloud agnostic, so any cloud will work with it.

Azure Configuration

The .github/workflows/spinup-destroy.yml defines the logic for configuring Azure resources.
This workflow has two jobs:

  • Set up Azure resources will run if the pull request contains a label with the name “spin up environment”.
  • Destroy Azure resources will run if the pull request contains a label with the name “destroy environment”.

In addition to each job, there’s a few global environment variables:

  • AZURE_RESOURCE_GROUP, AZURE_APP_PLAN, and AZURE_WEBAPP_NAME are names for our resource group, app service plan, and web app, respectively, which we’ll reference over multiple steps and workflows.
  • AZURE_LOCATION lets us specify the region for the data centers, where our app will ultimately be deployed.