Use Azure/functions-action to automate your workflows to deploy to Azure Functions.
If you are looking for a GitHub Action to deploy your customized container image into an Azure Functions container, use azure/functions-container-action.
Important
Please review the official Azure Functions Action repository for the latest and most thorough instructions.
Note
OpenID Connect is the recommended authentication method because it is the most secure way for your GitHub workflow to authenticate with Azure. These workflows will work for all function app hosting plans. Apps running on the Flex Consumption plan should use the Linux samples below.
- Follow the tutorial Azure Functions Quickstart.
- Configure a user assigned managed identity to use OIDC by following the tutorial Use OIDC.
- Pick a template from the following table depending on your Azure Functions runtime and OS, and place the template to
.github/workflows/in your project repository. - Change
APP_NAMEto your function app name. - Commit and push your project to GitHub repository, you should see a new GitHub workflow initiated in Actions tab.
| Runtime | App OS |
|---|---|
| .NET | Windows: windows-dotnet-functionapp-on-azure-oidc.yml Linux: linux-dotnet-functionapp-on-azure-oidc.yml |
| Node | Windows: windows-node-functionapp-on-azure-oidc.yml Linux: linux-node-functionapp-on-azure-oidc.yml |
| Java | Windows: windows-java-functionapp-on-azure-oidc.yml Linux: linux-java-functionapp-on-azure-oidc.yml |
| PowerShell | Windows or Linux: powershell-functionapp-on-azure-oidc.yml |
| Python | Linux: python-functionapp-on-azure-oidc.yml |
- Pick a template from the following table depends on your Azure Functions runtime and OS type and place the template to
.github/workflows/in your project repository. - Change
app-nameto your function app name. - Commit and push your project to GitHub repository, you should see a new GitHub workflow initiated in Actions tab.
| Runtime | App OS |
|---|---|
| .NET | Windows: windows-dotnet-functionapp-on-azure.yml Linux: linux-dotnet-functionapp-on-azure.yml |
| Node | Windows: windows-node.js-functionapp-on-azure.yml Linux: linux-node.js-functionapp-on-azure.yml |
| Java | Windows: windows-java-functionapp-on-azure.yml Linux: linux-java-functionapp-on-azure.yml |
| PowerShell | Windows: windows-powershell-functionapp-on-azure.yml Linux: linux-powershell-functionapp-on-azure.yml |
| Python | Linux: linux-python-functionapp-on-azure.yml |
| DOCKER | Linux: linux-container-functionapp-on-azure.yml |
- Checkout Checkout your Git repository content into GitHub Actions agent.
- Azure Login Login with your Azure credentials for function app deployment authentication.
- To build app code in a specific language based environment, use setup actions:
- Setup .NET Build your DotNet core function app or function app extensions.
- Setup Node Resolve Node function app dependencies using npm.
- Setup Python Resolve Python function app dependencies using pip.
- Setup Java Resolve Java function app dependencies using maven.
- To build and deploy a containerized app, use docker-login to log in to a private container registry such as Azure Container registry.
- To upload and download build artifacts for deployment, use upload and download artifact:
- Upload Artifact Upload your build artifact to the repository
- Download Artifact Download your build artifact for deployment Once login is done, the next set of Actions in the workflow can perform tasks such as building, tagging and pushing containers.
Beyond OIDC auth, you can choose to use a publish profile or a service principal. These methods work for all SKUs but OIDC authentication is recommended.
You may want to get the publish profile from your function app.
- In Azure portal, go to your function app.
- Click Get publish profile and download .PublishSettings file.
- Open the .PublishSettings file and copy the content.
- Paste the XML content to your Github Repository > Settings > Secrets > Add a new secret > SCM_CREDENTIALS
- Follow the tutorial Azure Functions Quickstart
- Use the following template to create the
.github/workflows/file in your project repository. - Change
app-nameto your function app name. - Commit and push your project to GitHub repository, you should see a new GitHub workflow initiated in Actions tab.
name: Linux_Node_Workflow_ScmCred
on:
push:
branches:
- master
jobs:
build-and-deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@master
- uses: actions/setup-node@v1
with:
node-version: '10.x'
- name: 'run npm'
run: |
npm install
npm run build --if-present
npm run test --if-present
- uses: Azure/functions-action@v1
id: fa
with:
app-name: PLEASE_REPLACE_THIS_WITH_YOUR_FUNCTION_APP_NAME
publish-profile: ${{ secrets.SCM_CREDENTIALS }}
You may want to create an Azure Service Principal for RBAC and add them as a GitHub Secret in your repository.
- Download Azure CLI from here, run
az loginto login with your Azure credentials. - Run Azure CLI command
az ad sp create-for-rbac --name "myApp" --role contributor \
--scopes /subscriptions/{subscription-id}/resourceGroups/{resource-group}/providers/Microsoft.Web/sites/{app-name} \
--sdk-auth
# Replace {subscription-id}, {resource-group}, and {app-name} with the names of your subscription, resource group, and Azure function app.
# The command should output a JSON object similar to this:
{
"clientId": "<GUID>",
"clientSecret": "<GUID>",
"subscriptionId": "<GUID>",
"tenantId": "<GUID>",
(...)
}
- Paste the json response from above Azure CLI to your Github Repository > Settings > Secrets > Add a new secret > AZURE_CREDENTIALS
