Skip to content
Automate your GitHub workflows using Azure CLI scripts
TypeScript
Use this GitHub Action with your project

Add this Action to an existing workflow or create a new one.

View on Marketplace
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
src
.gitignore
CODE_OF_CONDUCT.md
LICENSE
README.md
SECURITY.md
_config.yml
action.yml
package-lock.json
package.json
tsconfig.json

README.md

GitHub Action for Azure CLI

With Azure CLI GitHub Action, you can automate your workflow by executing Azure CLI commands to manage Azure resources inside of an Action.

The action executes the Azure CLI Bash script on a user defined Azure CLI version. If the user does not specify a version, latest CLI version is used. Read more about various Azure CLI versions here.

  • azcliversionOptional Example: 2.0.72, Default: latest
  • inlineScriptRequired

The definition of this GitHub Action is in action.yml. The action status is determined by the exit code returned by the script rather than StandardError stream.

Sample workflow

Dependencies on other GitHub Actions

  • Azure LoginRequired Login with your Azure credentials
  • CheckoutOptional To execute the scripts present in your repository

Workflow to execute an AZ CLI script of a specific CLI version

# File: .github/workflows/workflow.yml

on: [push]

name: AzureCLISample

jobs:

  build-and-deploy:
    runs-on: ubuntu-latest
    steps:
    
    - name: Azure Login
      uses: azure/login@v1
      with:
        creds: ${{ secrets.AZURE_CREDENTIALS }}
    
    - name: Azure CLI script
      uses: azure/CLI@v1
      with:
        azcliversion: 2.0.72
        inlineScript: |
          az account show
          az storage -h

Workflow to execute an AZ CLI script of a specific CLI version via file present in your repository.

# File: .github/workflows/workflowForFile.yml

on: [push]

name: AzureCLISampleForFile

jobs:

  build-and-deploy:
    runs-on: ubuntu-latest
    steps:
    
    - name: Azure Login
      uses: azure/login@v1
      with:
        creds: ${{ secrets.AZURE_CREDENTIALS }}

    - name: Checkout
      uses: actions/checkout@v1

    - name: Azure CLI script file
      uses: azure/CLI@v1
      with:
        azcliversion: 2.0.72
        inlineScript: |
          chmod +x $GITHUB_WORKSPACE/sampleScript.sh
          $GITHUB_WORKSPACE/sampleScript.sh
  • GITHUB_WORKSPACE is the environment variable provided by GitHub which represents the root of your repository.

Configure Azure credentials as GitHub Secret:

To use any credentials like Azure Service Principal,add them as secrets in the GitHub repository and then use them in the workflow.

Follow the steps to configure the secret:

  • Define a new secret under your repository settings, Add secret menu
  • Store the output of the below az cli command as the value of secret variable 'AZURE_CREDENTIALS'
   az ad sp create-for-rbac --name "myApp" --role contributor \
                            --scopes /subscriptions/{subscription-id}/resourceGroups/{resource-group} \
                            --sdk-auth
                            
  # Replace {subscription-id}, {resource-group} with the subscription, resource group details

  # The command should output a JSON object similar to this:

  {
    "clientId": "<GUID>",
    "clientSecret": "<GUID>",
    "subscriptionId": "<GUID>",
    "tenantId": "<GUID>",
    (...)
  }
  
  • Now in the workflow file in your branch: .github/workflows/workflow.yml replace the secret in Azure login action with your secret (Refer to the example above)

Note

Please note that the action executes Az CLI script in a docker container. This means that the action is subjected to potential restrictions which arise from containerized execution. For example:

  1. If script sets up an environment variable, it will not take effect in host and hence subsequent actions shouldn't rely on such environment variable.
  2. There is some restriction on how cross action file read/write is done. GITHUB_WORKSPACE directory in host is mapped to working directory inside container. So, if the action wants to create a file, which will be read by subsequent actions, it should do so within current working directory tree.

Azure CLI Action metadata file

# File: action.yml

# Automate your GitHub workflows using Azure CLI scripts.
name: 'Azure CLI'
description: 'The action is used to execute Azure CLI commands'
inputs:
  inlineScript:
    description: 'Specify the script here'
    required: true
  azcliversion:
    description: 'Azure CLI version to be used to execute the script'
    required: false
    default: 'latest'
runs:
  using: 'node12'
  main: 'lib/main.js'

Contributing

This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.

When you submit a pull request, a CLA bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.

You can’t perform that action at this time.