1
votes

I am an Azure newbie and attempting to install webapps in a automated CI/CD approach.

If I am logged in the CLI shell, I can do the deployment via

az webapp deployment source config --name ${WEBAPP_NAME} --resource-group ${RESOURCEGROUP_NAME} --slot staging --repo-url ${GIT_URL} --branch ${BRANCH} --manual-integration

I want to do this using a shell in Jenkins(without using the Azure plugin).

How does one login to az CLI using the deployment credentials?

I understand that we cannot login using the Azure credentials (from the CLI).

Is there an alternative to login via some API Keys (we can do this in say AWS/IBM Cloud)?

1
If my understanding is right, az cli support non-interactive login. You could create a service principal. az login --service-principal --username APP_ID --tenant TENANT_ID --password PATH_TO_CERT See this link az login --service-principal --username APP_ID --tenant TENANT_ID --password PATH_TO_CERTShui shengbao
@ShengbaoShui-MSFT - Using the Service Principal does work. I am unable to figure out how to restrict permissions to the service principal. After I created the service principal, I could do a webapp deploy without adding any permissions. My reading states that the default permissions should be limited. I am searching to see how to control this behavious.Manglu
I add it as an answer. Hope it will help more people.Shui shengbao

1 Answers

1
votes

Azure Cli 2.0 supports non-interactive login. You could create a service principal and give it Owner role. Then you could login with the following command.

az login --service-principal --username APP_ID --tenant TENANT_ID --password PATH_TO_CERT 

Create Service Principal you could check this link.

Give the SP Owner role, you could check this link.