GitHub Action
Synapse workspace deployment
A GitHub Action to deploy Synapse artifacts using templates. With this action you can automate your workflow to deploy artifacts and manage synapse resources.
- Checkout To check-out your repository so the workflow can access any specified template and parameter files.
TargetWorkspaceName:
description: 'Provide the Synapse workspace name where you want to deploy the artifacts.'
required: true
TemplateFile:
description: 'Specify the path to the workspace artifacts template.'
required: true
ParametersFile:
description: 'Specify the path to the template parameter file.'
required: true
OverrideArmParameters:
description: 'Specify the path to deployment parameter values.'
default: ''
required: false
Environment:
description: 'Provide the type of cloud environment. Valid values are: Azure Public, Azure China, Azure US Government, Azure Germany'
required: true
resourceGroup:
description: 'Provide the resource group of the target Synapse workspace.'
required: true
clientId:
description: 'Provide client id of service principal.'
required: false
clientSecret:
description: 'Provide client secret of the service principal.'
required: false
subscriptionId:
description: 'Provide subscription id.'
required: true
tenantId:
description: 'Provide tenant id.'
required: false
DeleteArtifactsNotInTemplate:
description: 'Delete the artifacts which are in the workspace but not in the template.'
required: false
managedIdentity:
description: 'Use managed identity to generate the bearer token'
required: false
deployManagedPrivateEndpoint:
description: 'Deploy managed private endpoints in the template.'
required: false
FailOnMissingOverrides:
description: 'Mark the pipeline as failed if ARM overrides are missing.'
required: false
ArtifactsFolder:
description: 'Provide path to the root folder.'
required: false
operation:
description: 'Provide name of the operation.'
required: trueSynapse Workspace Deployment action supports 3 operations :
- Deploy
uses: Azure/synapse-workspace-deployment
with:
TargetWorkspaceName: 'targetworkspace'
TemplateFile: './TemplateForWorkspace.json'
ParametersFile: './TemplateParametersForWorkspace.json'
environment: 'Azure Public'
resourceGroup: 'myresourcegroup'
clientId: ${{ secrets.CLIENTID }}
clientSecret: ${{ secrets.CLIENTSECRET }}
subscriptionId: ${{ secrets.SUBID }}
tenantId: ${{ secrets.TENANTID }}
operation: 'deploy'- Validate
- uses: Azure/synapse-workspace-deployment
with:
TargetWorkspaceName: 'targetworkspace'
ArtifactsFolder: './RootFolder'
operation: 'validate'
- uses: actions/upload-artifact@v3
with:
name: my-artifact
path: ./ExportedArtifacts- Validate and deploy
uses: Azure/synapse-workspace-deployment
with:
TargetWorkspaceName: 'targetworkspace'
ArtifactsFolder: './RootFolder'
environment: 'Azure Public'
resourceGroup: 'myresourcegroup'
clientId: ${{ secrets.CLIENTID }}
clientSecret: ${{ secrets.CLIENTSECRET }}
subscriptionId: ${{ secrets.SUBID }}
tenantId: ${{ secrets.TENANTID }}
operation: 'validateDeploy'Check the documentation for more details.
MSI is only supported with self hosted VMs on Azure. Please set the runner as self-hosted. Enabled the system assigned managed identity for your VM and add it to your Synapse studio as Synapse Admin.
uses: Azure/synapse-workspace-deployment
with:
TargetWorkspaceName: 'targetworkspace'
TemplateFile: './TemplateForWorkspace.json'
ParametersFile: './TemplateParametersForWorkspace.json'
environment: 'Azure Public'
resourceGroup: 'myresourcegroup'
subscriptionId: ${{ secrets.SUBID }}
managedIdentity: trueIn order to deploy managed private endpoints, pass deployManagedPrivateEndpoint is true. Along with you may also be required to override the resourceIDs in the templates so that the new private endpoint does not point to the same resource as source workspace.
clientSecret is a sensitive detail and must be stored in GitHub secrets.
The OverrideArmParameters file should contain key value pairs in yaml format.
If the parameters file has the following content:
// ./devazuresynapse/TemplateForWorkspace.json
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"AppSecrets_properties_typeProperties_baseUrl": {
"value": "https://{{organization}}-dev-kv.Environment-kv.vault.azure.net/"
},
"devazuresynapse-WorkspaceDefaultStorage_properties_typeProperties_url": {
"value": "https://dev{{organization}}datalake.dfs.core.windows.net"
},
"AzureDeltaLake_properties_typeProperties_url": {
"value": "https://dev{{organization}}deltalake.dfs.core.windows.net"
}
}
}# ./parameters/production/parameters.yaml
AppSecrets_properties_typeProperties_baseUrl: https://{{organization}}-prod-kv.vault.azure.net/
devazuresynapse-WorkspaceDefaultStorage_properties_typeProperties_url: https://dev{{organization}}datalake.dfs.core.windows.net
AzureDeltaLake_properties_typeProperties_url: https://prod{{organization}}deltalake.dfs.core.windows.net- Azure Public - https://dev.azuresynapse.net
- Azure China - https://dev.azuresynapse.azure.cn
- Azure US Government - https://dev.azuresynapse.usgovcloudapi.net
This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft trademarks or logos is subject to and must follow Microsoft's Trademark & Brand Guidelines. Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship. Any use of third-party trademarks or logos are subject to those third-party's policies.