Deploy an app in Azure Government with Azure Pipelines
This article helps you use Azure Pipelines to set up continuous integration (CI) and continuous deployment (CD) of your web app running in Azure Government. CI/CD automates the build of your code from a repo along with the deployment (release) of the built code artifacts to a service or set of services in Azure Government. In this tutorial, you will build a web app and deploy it to an Azure Governments app service. This build and release process is triggered by a change to a code file in the repo.
For special considerations when deploying apps to Azure Government, see Deploy apps to Azure Government Cloud.
Azure Pipelines is used by teams to configure continuous deployment for applications hosted in Azure subscriptions. We can use this service for applications running in Azure Government by defining service connections for Azure Government.
This article uses the Azure Az PowerShell module, which is the recommended PowerShell module for interacting with Azure. To get started with the Az PowerShell module, see Install Azure PowerShell. To learn how to migrate to the Az PowerShell module, see Migrate Azure PowerShell from AzureRM to Az.
Before starting this tutorial, you must have the following:
- Create an organization in Azure DevOps
- Create and add a project to the Azure DevOps organization
- Install and set up Azure PowerShell
If you don't have an active Azure Government subscription, create a free account before you begin.
Create Azure Government app service
Create an App service in your Azure Government subscription. The following steps will set up a CD process to deploy to this Web App.
Set up Build and Source control integration
Follow through one of the quickstarts below to set up a Build for your specific type of app:
Generate a service principal
Download or copy and paste the service principal creation PowerShell script into an IDE or editor.
Open up the file and navigate to the
paramparameter. Replace the
$environmentNamevariable with AzureUSGovernment." This sets the service principal to be created in Azure Government.
Open your PowerShell window and run the following command. This command sets a policy that enables running local files.
Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass
When you are asked whether you want to change the execution policy, enter "A" (for "Yes to All").
Navigate to the directory that has the edited script above.
Edit the following command with the name of your script and run:
./<name of script file you saved>
The "subscriptionName" parameter can be found by logging into your Azure Government subscription via
Connect-AzAccount -EnvironmentName AzureUSGovernmentand then running
When prompted for the "password" parameter, enter your desired password.
After providing your Azure Government subscription credentials, you should see the following:
The Environment variable should be
After the script has run, you should see your service connection values. Copy these values as we will need them when setting up our endpoint.
Configure the Azure Pipelines service connection
Follow the instructions in Service connections for builds and releases to set up the Azure Pipelines service connection.
Make one change specific to Azure Government: In step #3 of Service connections for builds and releases, click on "use the full version of the service connection catalog" and set Environment to AzureUSGovernment.
Define a release process
Follow Deploy a web app to Azure App Services instructions to set up your release pipeline and deploy to your application in Azure Government.
Do I need a build agent?
You need at least one agent to run your deployments. By default, the build and deployment processes are configured to use the hosted agents. Configuring a private agent would limit data sharing outside of Azure Government.
I use Team Foundation Server on-premises. Can I configure CD on my server to target Azure Government?
Currently, Team Foundation Server cannot be used to deploy to an Azure Government Cloud.