feat: improve CI support

README.md

@@ -59,6 +59,7 @@ Hexa is driven by community contributions. Please send us your Pull Requests and
 In order to use Hexa, you will need to install both the Azure CLI and Functions Core Tools:
 - Follow the official guide to install the [Azure CLI](http://bit.ly/2mgwpYr).
 - Follow the official guide to install the [Azure Functions Core Tools](http://bit.ly/2ow8C7y).
+- NPM and Node.js.
 
 Once these tools are installed and available on your system, you are ready to install and use the Hexa CLI.
 
@@ -123,6 +124,35 @@ Whenever your project Foo is ready to be deployed to Azure, you can use the `hex
 
 - `$ hexa init --yolo`: Hexa will enter Auto Mode and will setup all supported services (except if you use the `--just` flag) without asking you any question.
 
+### Running on CI
+
+### Notes
+
+If you want to run Hexa on a Continuous Integration enviroment, you will need to make sure that the required dependencies ([see above](#Required-tools)) are installed.
+
+#### Set up Hexa for CI
+
+1. On your local machine, make sure you are logged in to your Azure account from the CLI by running `hexa login`.
+1. Then run `hexa ci` to create a Service Principal account. You should have a similar output:
+
+```
+{
+  appId: 'xx4362xx-aaxx-40xx-8bxx-xx6ea0c351xx',
+  displayName: 'appname',
+  name: 'http://appname',
+  password: 'xxce72xx-1axx-44xx-81xx-35xxb15xxa1e',
+  tenant: 'xxf988xx-86xx-41xx-91xx-2d7cd011dbxx'
+}
+```
+
+1. Configure your CI with the following environment variables (secrets):
+  - `AZURE_SERVICE_PRINCIPAL_ID`: the `appId` from the service principal config.
+  - `AZURE_SERVICE_PRINCIPAL_PASSWORD`: the `password` from the service principal config.
+  - `AZURE_SERVICE_PRINCIPAL_TENANT`: The `tenant` from the service principal config.
+
+1. On your CI environment, before deploying with Hexa, run `hexa login`. Hexa will attempt to login to your Azure account using these service principal credentials. Hexa will automatically detect and use the environment variables if they are set.
+
+1. Then, simply run the usual `hexa deploy` command.
 
 Enjoy!
 

src/commands/ci.ts

@@ -0,0 +1,14 @@
+import { az, readWorkspace, sanitize } from "../core/utils";
+import chalk from "chalk";
+const debug = require("debug")("ci");
+
+module.exports = async function() {
+  const { project } = readWorkspace();
+  let name = sanitize(project.name);
+  debug(`using project ${chalk.green(name)}`);
+
+  // https://docs.microsoft.com/en-us/cli/azure/ad/sp?view=azure-cli-latest#az-ad-sp-create-for-rbac
+  const servicePrincipal = await az<AzureServicePrincipal>(`ad sp create-for-rbac --name="${name}" --role Contributor`, `Creating a Service Principal for CI...`);
+
+  console.log(servicePrincipal);
+};

src/commands/login.ts

@@ -2,20 +2,25 @@ import { chooseSubscription } from "../core/prompt";
 import { az, Config, saveWorkspace } from "../core/utils";
 
 module.exports = async function() {
-  let subscriptionsList = await az<AzureSubscription[]>(
-    `login --query "[].{name:name, state:state, id:id}"`,
-    `Loading subscriptions...`
-  );
+  const { AZURE_SERVICE_PRINCIPAL_ID, AZURE_SERVICE_PRINCIPAL_PASSWORD, AZURE_SERVICE_PRINCIPAL_TENANT } = process.env;
+
+  let subscriptionsList = [];
+  if (AZURE_SERVICE_PRINCIPAL_ID && AZURE_SERVICE_PRINCIPAL_PASSWORD && AZURE_SERVICE_PRINCIPAL_TENANT) {
+    await az<void>(
+      `login --service-principal -u ${AZURE_SERVICE_PRINCIPAL_ID} -p ${AZURE_SERVICE_PRINCIPAL_PASSWORD} --tenant ${AZURE_SERVICE_PRINCIPAL_TENANT} --query "[].{name:name, state:state, id:id}"`,
+      `Sign in with a service principal...`
+    );
+
+    return true;
+  } else {
+    subscriptionsList = await az<AzureSubscription[]>(`login --query "[].{name:name, state:state, id:id}"`, `Loading subscriptions...`);
+  }
 
   Config.set("subscriptions", subscriptionsList);
 
   if (subscriptionsList.length) {
-    let selectedSubscriptionId = (await chooseSubscription(subscriptionsList))
-      .subscription as string;
-    const { id, name } = subscriptionsList.find(
-      (subscription: AzureSubscription) =>
-        subscription.id === selectedSubscriptionId
-    ) as AzureSubscription;
+    let selectedSubscriptionId = (await chooseSubscription(subscriptionsList)).subscription as string;
+    const { id, name } = subscriptionsList.find((subscription: AzureSubscription) => subscription.id === selectedSubscriptionId) as AzureSubscription;
 
     Config.set("subscription", { id, name });
 

src/features/service-principal/create.ts

@@ -1,5 +1,5 @@
-import { az, Config, saveWorkspace, sanitize, readWorkspace } from "../../core/utils";
 import chalk from "chalk";
+import { az, Config, readWorkspace, sanitize } from "../../core/utils";
 const debug = require("debug")("rbac");
 
 module.exports = async function() {
@@ -9,7 +9,7 @@ module.exports = async function() {
 
   // https://docs.microsoft.com/en-us/cli/azure/ad/sp?view=azure-cli-latest#az-ad-sp-create-for-rbac
   const servicePrincipal = await az<AzureServicePrincipal>(
-    `ad sp create-for-rbac --name="${name}" --scopes "${project.id}" --skip-assignment`,
+    `ad sp create-for-rbac --name="http://${name}" --role Contributor`,
     `Checking authorizations for project ${chalk.cyan(project.name)}...`
   );
 

src/index.ts

@@ -38,9 +38,10 @@ let debug: Function;
     .name("hexa")
     .usage("<command>")
     .version(require("../package.json").version)
-    .option("login", "connect to your Azure")
     .option("init", "initialize a new workspace")
+    .option("login", "connect to your Azure")
     .option("deploy", "deploy to Azure")
+    .option("ci", "configure a CI environment")
     .option("-c, --create", "enable manual resource creation", false)
     .option("-d, --debug", "enable debug mode", false)
     .option("-j, --just <services>", "setup or deploy only the selected services (e.g. --just functions,hosting)", false)