Tutorial: Use GitHub Actions to deploy to App Service and connect to a database

Learn how to set up a GitHub Actions workflow to deploy a ASP.NET Core application with an Azure SQL Database backend. When you're finished, you have an ASP.NET app running in Azure and connected to SQL Database. You'll first use an ARM template to create resources.

This tutorial does not use containers. If you want to deploy to a containerized ASP.NET Core application, see Use GitHub Actions to deploy to App Service for Containers and connect to a database.

In this tutorial, you learn how to:

If you don't have an Azure subscription, create a trial account before you begin.

To complete this tutorial, you'll need:

• An Azure account with an active subscription. Create a trial subscription.
• A GitHub account. If you don't have one, sign up for free.
  • A GitHub repository to store your Resource Manager templates and your workflow files. To create one, see Creating a new repository.

Fork the sample project in the Azure Samples repo.

https://github.com/Azure-Samples/dotnetcore-sqldb-ghactions

Open the the Azure CLI if you've installed it locally.

az group create --name {resource-group-name} --location {resource-group-location}

You'll need to authenticate with a service principal for the resource deployment script to work. You can create a service principal with the az ad sp create-for-rbac command in the Azure CLI.

    az ad sp create-for-rbac --name "{service-principal-name}" --sdk-auth --role contributor --scopes /subscriptions/{subscription-id}

In the example, replace the placeholders with your subscription ID, resource group name, and service principal name. The output is a JSON object with the role assignment credentials that provide access to your App Service app. Copy this JSON object for later. For help, go to configure deployment credentials.

  {
    "clientId": "<GUID>",
    "clientSecret": "<GUID>",
    "subscriptionId": "<GUID>",
    "tenantId": "<GUID>",
    (...)
  }

1. In GitHub, go to your repository.

2. Select Security > Secrets and variables > Actions.

3. Select New repository secret.

4. Paste the entire JSON output from the Azure CLI command into the secret's value field. Give the secret the name AZURE_CREDENTIALS.

5. Select Add secret.

1. Create two new secrets in your GitHub repository for SQLADMIN_PASS and SQLADMIN_LOGIN. Make sure you choose a complex password, otherwise the create step for the SQL database server will fail. You won't be able to access this password again so save it separately.

2. Create an AZURE_SUBSCRIPTION_ID secret for your Azure subscription ID. If you do not know your subscription ID, use this command in the Azure Shell to find it. Copy the value in the SubscriptionId column.

   az account list -o table
   

The create Azure resources workflow runs an ARM template to deploy resources to Azure. The workflow:

• Checks out source code with the Checkout action.
• Logs into Azure with the Azure Login action and gathers environment and Azure resource information.
• Deploys resources with the Azure Resource Manager Deploy action.

To run the create Azure resources workflow:

1. Open the infraworkflow.yml file in .github/workflows within your repository.

2. Update the value of AZURE_RESOURCE_GROUP to your resource group name.

3. Set the input for region in your ARM Deploy actions to your region.

   1. Open templates/azuredeploy.resourcegroup.parameters.json and update the rgLocation property to your region.

4. Go to Actions and select Run workflow.

   

5. Verify that your action ran successfully by checking for a green checkmark on the Actions page.

   

6. After you've created your resources, go to Actions, select Create Azure Resources, disable the workflow.

   

1. In the Azure portal, open your new staging App Service (Slot) created with the Create Azure Resources workflow.

2. Select Get Publish Profile.

3. Open the publish profile file in a text editor and copy its contents.

4. Create a new GitHub secret for AZURE_WEBAPP_PUBLISH_PROFILE.

To run the build and deploy workflow:

1. Open your workflow.yaml file in .github/workflows within your repository.

2. Verify that the environment variables for AZURE_RESOURCE_GROUP, AZURE_WEBAPP_NAME, SQLSERVER_NAME, and DATABASE_NAME match the ones in infraworkflow.yml.

3. Verify that your app deployed by visiting the URL in the Swap to production slot output. You should see a sample app, My TodoList App.

If you no longer need your sample project, delete your resource group in the Azure portal and delete your repository on GitHub.