Skip to content

Add azure-dev.yml workflow for automated Azure infrastructure provisioning #8

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
wants to merge 2 commits into
base: main
Choose a base branch
from
Draft

Add azure-dev.yml workflow for automated Azure infrastructure provisioning #8

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
df3d191
Initial plan
Copilot Oct 6, 2025
97e7378
Add azure-dev.yml workflow for Azure infrastructure provisioning
Copilot Oct 6, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
42 changes: 42 additions & 0 deletions .github/workflows/azure-dev.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
name: Deploy to Azure with azd

on:
workflow_dispatch:
push:
branches: [ main ]

# Set up permissions for deploying with secretless Azure federated credentials
# https://learn.microsoft.com/azure/developer/github/connect-from-azure?tabs=azure-portal%2Clinux#set-up-azure-login-with-openid-connect-authentication
permissions:
id-token: write
contents: read

jobs:
build:
runs-on: ubuntu-latest
env:
AZURE_CLIENT_ID: ${{ vars.AZURE_CLIENT_ID }}
AZURE_TENANT_ID: ${{ vars.AZURE_TENANT_ID }}
AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }}
AZURE_ENV_NAME: ${{ vars.AZURE_ENV_NAME }}
AZURE_LOCATION: ${{ vars.AZURE_LOCATION }}
steps:
- name: Checkout
uses: actions/checkout@v5

- name: Install azd
uses: Azure/setup-azd@v2

- name: Log in with Azure (Federated Credentials)
run: |
azd auth login \
--client-id "$AZURE_CLIENT_ID" \
--federated-credential-provider "github" \
--tenant-id "$AZURE_TENANT_ID"
shell: bash

- name: Provision Infrastructure
run: azd provision --no-prompt

- name: Deploy Application
run: azd deploy --no-prompt
7 changes: 7 additions & 0 deletions AGENTS.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -114,6 +114,13 @@ These scripts are automatically run by `azd provision` via the `azure.yaml` post
- Uses: uv for setup, requires models: read permission
- Sets: `API_HOST=github`, `GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}`, `GITHUB_MODEL=openai/gpt-4o-mini`

**`azure-dev.yml` - Azure Infrastructure Provisioning and Deployment:**
- Runs on: push to main, workflow_dispatch
- Provisions and deploys Azure infrastructure using Azure Developer CLI (azd)
- Uses: Azure federated credentials (OIDC) for authentication
- Required variables: `AZURE_CLIENT_ID`, `AZURE_TENANT_ID`, `AZURE_SUBSCRIPTION_ID`, `AZURE_ENV_NAME`, `AZURE_LOCATION`
- Steps: checkout, install azd, login with federated credentials, provision infrastructure, deploy application

### Dev Container Files (.devcontainer/)

- `.devcontainer/devcontainer.json` - Default dev container (Azure OpenAI setup with azd)
Expand Down