Kinga
Posted on September 15, 2024
To take full advantage of versioning implemented in the previous steps, the deploy.yml
file needs to be updated to create versioned Template Specs and release annotations. It will allow you to maintain a clear and organized version history of each template deployment.
We will now:
- create versioned Template Specs
- create release annotations to provide release insights
Release annotations are a feature of the cloud-based Azure Pipelines service of Azure DevOps. It requires provisioned resources to be linked to Application Insights
Automated deployment
This sample project generates Template Specs, and to tag them with the version number, update the Pipelines\deploy.yml
file using the contents of the following file: Pipelines/deploy.yml.
This new version, instead of overriding the template, detects whether the current version exists and either creates new version, or updates existing one (useful in development environments).
Release annotations
The last task in the Pipelines\deploy.yml
file uses the TemplateSpec version to annotate the new release:
- task: AzurePowerShell@5
name: Annotations
inputs:
azureSubscription: ${{ parameters.serviceConnectionName }}
azurePowerShellVersion: latestVersion
ScriptType: 'FilePath'
ScriptPath: '$(scriptsPath)\CreateReleaseAnnotation.ps1'
ScriptArguments:
-aiResourceId "$(TemplateSpecDeploy.applicationInsightsId)"
-releaseName "$(getConfig.templateVer)"
-releaseProperties @{"ReleaseDescription"="Rush for IaC";"TriggerBy"="$(Build.RequestedForEmail)" }
It uses the Application Insights created by the Deploy Template Spec
task. If needed, update the script to use add an aiResourceId
parameter and provide Id of another Application Insights service.
Minimum required permissions
Remember to assign appropriate permissions to the Service Principal used by the pipeline:
- Creating Template Specs requires Template Spec Contributor role
- If the script will create resource groups, it will need Contribute rights on the subscription level. Otherwise, ensure it has Contribute rights on the resource group level.
- You may also refine permissions and assign only roles required to deploy the Bicep templates in your solution. See Required permissions
Posted on September 15, 2024
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.