Go to Storage Accounts, press Create. Set name and press Review. Wait for deployment to complete.
Click “Go to Resource”; go to Access keys (on the lefthand side)
Click “show” on the connection string. Copy and save it securely; it will be needed later in this guide.
Go to Azure Active Directory -> App Registrations
Click New Registration; give name; click Register
Take note of
Directory (Tenant) ID
Application (Client) ID
Go to Certificates and Secrets. Click New Client Secret. Give it a name; click Add. Take note of the Secret Value.
Go to subscription in the portal and select your subscription ID, select Access Control (IAM) and Add the Role assignment, Contributor to your Service Principal. Take note of your Subscription ID value
Go to Settings → Secrets and Variables
Click “New Repository Secret” button
Add a secret named ARM_CLIENT_ID with the value of your Application (Client) ID from above
Add a secret named ARM_TENANT_ID with the value of your Directory (Tenant) ID from above
Add a secret named ARM_CLIENT_SECRET with the value of your Client Secret from above
Add a secret named ARM_SUBSCRIPTION_ID with the value of your Subscription ID from above
Add a secret named DIGGER_AZURE_CONNECTION_STRING with the value of your Connection String from Step 1
In your repository settings > Actions ensure that the Workflow Read and Write permissions are assigned. This will allow the workflow to post comments on your PRs.
In your repository, create digger.yml
file with the following contents:
In your repository, create a file at .github/workflows/infra.yml
Just make any change to Terraform - like add a blank line
An action should start. After some time you should see a comment of lock being acquired in your PR. Something like this:
Go to Storage Accounts, press Create. Set name and press Review. Wait for deployment to complete.
Click “Go to Resource”; go to Access keys (on the lefthand side)
Click “show” on the connection string. Copy and save it securely; it will be needed later in this guide.
Go to Azure Active Directory -> App Registrations
Click New Registration; give name; click Register
Take note of
Directory (Tenant) ID
Application (Client) ID
Go to Certificates and Secrets. Click New Client Secret. Give it a name; click Add. Take note of the Secret Value.
Go to subscription in the portal and select your subscription ID, select Access Control (IAM) and Add the Role assignment, Contributor to your Service Principal. Take note of your Subscription ID value
Go to Settings → Secrets and Variables
Click “New Repository Secret” button
Add a secret named ARM_CLIENT_ID with the value of your Application (Client) ID from above
Add a secret named ARM_TENANT_ID with the value of your Directory (Tenant) ID from above
Add a secret named ARM_CLIENT_SECRET with the value of your Client Secret from above
Add a secret named ARM_SUBSCRIPTION_ID with the value of your Subscription ID from above
Add a secret named DIGGER_AZURE_CONNECTION_STRING with the value of your Connection String from Step 1
In your repository settings > Actions ensure that the Workflow Read and Write permissions are assigned. This will allow the workflow to post comments on your PRs.
In your repository, create digger.yml
file with the following contents:
In your repository, create a file at .github/workflows/infra.yml
Just make any change to Terraform - like add a blank line
An action should start. After some time you should see a comment of lock being acquired in your PR. Something like this: