This project demonstrates a number of capabilities in GitHub and Microsoft Azure:
- Continuous Planning using GitHub Issues
- Continuous Integration using GitHub Repositories and GitHub Actions
- Continuous Deployment to App Services and Azure SQL using GitHub Actions
- Continuous Security using GitHub Advanced Security
- Continuous Monitoring using Azure Monitor and Application Insights
- Continuous Quality using unit tests and GitHub Actions
- Database migration using Entity Framework and GitHub Actions
- Blue/green deployments to App Services using Deployment Slots
- Local development environments using Dev Containers
-
Export developer certificate:
New-Item -Path $env:USERPROFILE/.aspnet/https -ItemType Directory -Force dotnet dev-certs https --trust dotnet dev-certs https -ep "$env:USERPROFILE/.aspnet/https/aspnetapp.pfx" -p "<YourStrong@Passw0rd>" $distro = (wsl -l -q | Select-Object -First 1) -Replace "`0", "" $username = wsl --distribution $distro whoami Copy-Item ~\.aspnet\https\ \\wsl.localhost\$distro\home\$username\.aspnet\https\ -Recurse
-
Create a Microsoft Entra application (SPN) and connect it to GitHub cf. https://learn.microsoft.com/en-us/azure/developer/github/connect-from-azure-openid-connect.
-
Create SQL admin group:
GROUP="GitHub Demo Movie Database Admins" GROUP_MAIL_NICKNAME=github-demo-movie-database-admins az ad group create --display-name "$GROUP" --mail-nickname $GROUP_MAIL_NICKNAME
-
Add yourself to the group:
ME=$(az ad signed-in-user show --query id --output tsv) az ad group member add --group "$GROUP" --member-id $ME
-
Add the SPN to the group.
-
Update
/infrastructure/main.bicepparam. -
Deploy the infrastructure pipeline
-
Execute scripts:
.\scripts\Grant-GraphPermissionToManagedIdentity.ps1 -TenantId "b461d90e-0c15-44ec-adc2-51d14f9f5731" -IdentityName "ondfisk-githubdemo-sql" -Permissions @("User.Read.All", "GroupMember.Read.All", "Application.Read.All")
Do not set the current user as Entra admin:
az webapp connection create sql --resource-group "GitHubDemo" --name "ondfisk-githubdemo-web" --slot "staging" --target-resource-group "GitHubDemo" --server "ondfisk-githubdemo-sql" --database "MoviesStaging" --system-identity --client-type dotnet --connection "MoviesStaging" --new az webapp connection create sql --resource-group "GitHubDemo" --name "ondfisk-githubdemo-web" --target-resource-group "GitHubDemo" --server "ondfisk-githubdemo-sql" --database "Movies" --system-identity --client-type dotnet --connection "Movies" --new
-
Deploy the application pipeline
-
Run the app locally:
# Set development connection string: dotnet user-secrets set "ConnectionStrings:Default" "Data Source=localhost,1433;Initial Catalog=Movies;User ID=sa;Password=<YourStrong@Passw0rd>;TrustServerCertificate=True" --project src/MovieApi/ # Update database: dotnet ef database update --project src/MovieApi/ # Run dotnet run --project src/MovieApi/
-
Build the container locally:
dotnet publish src/MovieApi/ /t:PublishContainer -p ContainerImageTags=latest
-
Run container locally (from WSL):
docker run -it --rm -p 8000:8000 -p 8001:8001 \ -e ASPNETCORE_HTTP_PORTS=8000 \ -e ASPNETCORE_HTTPS_PORTS=8001 \ -e AZURE_SQL_CONNECTIONSTRING="Data Source=host.docker.internal,1433;Initial Catalog=Movies;User ID=sa;Password=<YourStrong@Passw0rd>;TrustServerCertificate=True" \ -e ASPNETCORE_Kestrel__Certificates__Default__Password="<YourStrong@Passw0rd>" \ -e ASPNETCORE_Kestrel__Certificates__Default__Path=/https/aspnetapp.pfx \ -v ~/.aspnet/https:/https ondfisk-githubdemo
To lint repository locally run (from WSL):
docker run -e DEFAULT_BRANCH=main -e RUN_LOCAL=true -e FIX_JSON_PRETTIER=true -e FIX_JSON=true -e FIX_YAML_PRETTIER=true -e VALIDATE_JSCPD=false -e VALIDATE_DOTNET_SLN_FORMAT_ANALYZERS=false -e VALIDATE_DOTNET_SLN_FORMAT_STYLE=false -v .:/tmp/lint --rm ghcr.io/super-linter/super-linter:latestYou can find the Azure DevOps version here.