Install AZ CLI; https://docs.microsoft.com/en-us/cli/azure/install-azure-cli
- create storage account and container using script below;
cd infrastructure/scripts bash tf_storage.sh "<subscription_id>"
- Add subscription_id and tenant_id to .github/workflows/deploy_app.yml - Line 14,15
- Add subscription_id and tenant_id to deployment/secretproviderclass.yaml - Line 20, 21
- Create a Service Principal and provide it Owner permissions to the subscription using script below;
cd infrastructure/scripts bash service_principal.sh "<subscription_id>" "<service_principal_name>"
Note: Store service principal output, you would need it later. It needs Owner permissions to be able to create and manage Azure resources and to be able to assign permissions to the cluster managed identities.
- Store below as github repository secrets (Go to repo -> Settings -> Secrets -> New repository secret)
- SVC_KUBE_CLIENTID: app id of service principal
- SVC_KUBE_CLIENTSECRET: password/key of service principal
- Go to repository home page -> click Actions -> click deploy_app -> Run Workflow