This repository contains the components of an ADE-compatible sample image (a Dockerfile and shell scripts for deployment and deletion) to deploy and delete environments based off of Terraform Infrastructure-as-Code (IaC) templates.
Azure Deployment Environments(ADE) empowers development teams to quickly and easily spin-up app infrastructure with project-based templates that establish consistency and best practices while maximizing security, compliance, and cost efficiency. This on-demand access to secure environments accelerates the different stages of the software development lifecycle in a compliant and cost-efficient manner.
An Environment is a collection of Azure resources on which your application is deployed. For example, to deploy a web application, you might create an environment consisting of an App Service, Key Vault, Cosmos DB and a Storage account. An environment could consist of both Azure PaaS and IaaS resources such as AKS Cluster, App Service, VMs, databases, etc.
One of ADE's newest features is its extensibility model, which allows customers to develop their own container images to deploy their infrastructure templates, allowing for customization of their deployment to use any type of Infrastructure-as-Code framework and perform additional operations to aid deployment or deletion of a customer's environment. Documentation for this new feature can be found here.
This repository offers sample code for leveraging the new extensibility model feature with the Terraform CLI inside a customer's own container image, as well as offering a GitHub Action for customers to build and push an image to a provided Azure Container Registry (ACR). Customers can reference a provided ACR image link within an environment definition in ADE to deploy or delete an environment with the provided image.
To use the quickstart script to quickly build and push this sample image to an Azure Container Registry, you will need to:
- Fork this repository into your personal account
- Ensure the Azure CLI and the Docker Desktop application are installed on your computer and within your PATH variables
- Ensure you have permissions to push images to your selected Azure Container Registry
To push the sample image to your registry with the ACR image link "{YOUR_REGISTRY_NAME}/ade:latest", run the following command:
.\quickstart-image.build.ps1 -Registry 'YOUR_REGISTRY'To push the sample image to your registry with a specific repository and tag name, you can run:
.\quickstart-image-build.ps1 -Registry 'YOUR_REGISTRY' -Repository 'YOUR_REPOSITORY' -Tag 'YOUR_TAG'If you're running into issues with logging into your Azure Container Registry and you have the correct permissions, you may need to restart the Docker Engine in order for the script to work.
In order to use the workflow, you will need to:
- Fork this repository into your personal account
- Allow GitHub Actions to connect to Azure via an Microsoft Entra ID application's federated credentials through OIDC. You can find more documentation about this process here
- Set up Repository Secrets for your repository containing your Microsoft Entra ID application's application ID set as AZURE_CLIENT_ID, the subscription ID set as AZURE_SUBSCRIPTION_ID, and the tenant ID set as AZURE_TENANT_ID
- Set up Repository Variables for your repository containing your personal Azure Container Registry (ACR) name as REGISTRY_NAME, your preferred repository name as REPOSITORY_NAME, and your preferred tag as TAG for the created image. You can modify your variables between workflow runs to push the generated image to different registries, repositories and tags.
Once you have set up your repository and ran the 'build-and-push-image' workflow, you'll simply need to update your environment definition's manifest file (environment.yaml or manifest.yaml) and specify the created image as the definition's 'runner' property, shown below:
runner: "{YOUR_REGISTRY}.azurecr.io/{YOUR_REPOSITORY}:{YOUR_TAG}"For additional documentation around Azure Deployment Environments and its' extensibility model, view the Deployment Environments GitHub repo here or MSLearn documentation here.