Follow the steps below to configure the elements required to run the GitHub workflow to provision the Azure resources and deploy the Azure Functions application code.
Note The GitHub workflow proposed in this template is configured to automatically trigger only if the
azure.yamlfile or the files under the following folders are updated:infraorsrc
Note The considered service principal will need to have the following permissions ont the considered Azure subscription:
- Contributor
- User Access Administrator - for the configuration of the access of the Azure Functions application to the Azure Service Bus
Note If you ran the post-init-setup PowerShell script, you can considered the value of the
AZURE_SERVICE_PRINCIPAL_NAMEenvironment variable.
In your workspace linked to a GitHub repository execute the command below:
azd pipeline config --auth-type federated --principal-name <service principal name>Warning At this point, you should not answer
Yesto the following question after running the previous command, because there are still missing secrets in your GitHub repository: Would you like to commit and push your local changes to start the configured CI pipeline?
Note If you are in GitHub Codespaces the execution of the command above could run longer than expected. In that case, you could be facing an error like the following one running a command like
gh secret set test:Error: failed setting AZURE_CREDENTIALS secret: failed running gh secret set exit code: 1, stdout: , stderr: failed to fetch public key: HTTP 403: Resource not accessible by integration (https://api.github.com/repos/savannahostrowski/codespaces-test/actions/secrets/public-key) : exit status 1As a workaround, you can run the following commands in the Terminal:
export GITHUB_TOKEN=to unset GITHUB_TOKENgh auth loginto log in to GitHub CLI (by default repo scope is included)
Set the GitHub actions secrets associated to the custom environment variables using the command below:
# Paste secret value for the current repository in an interactive prompt
gh secret set <secret name>| Secret Name | Description |
|---|---|
| DATAVERSE_ENV_URL | URL of the considered Dataverse / Power Platform environment configured in the Key Vault during Azure infrastructure deployment for the communication from the Azure Functions application to the Power Platform / Dataverse environment |
| DATAVERSE_CLIENT_ID | Client ID of the Azure AD application registration configured as an application user with permissions in the considered Dataverse / Power Platform environment configured in the Key Vault during Azure infrastructure deployment for the communication from the Azure Functions application to the Power Platform / Dataverse environment |
| DATAVERSE_CLIENT_SECRET | Secret of the Azure AD application registration configured as an application user with permissions in the considered Dataverse / Power Platform environment configured in the Key Vault during Azure infrastructure deployment for the communication from the Azure Functions application to the Power Platform / Dataverse environment |
Note To trigger the configured GitHub workflow you can run it manually from GitHub or push a change in the
azure.yamlfile or any of the files under the following folders:infraorsrc.