Using GitHub Actions To Run My Python Azure Command Line Tool – Part 1

On By Roy Kim (MVP)In Azure, DevOps

In this blog post Step-by-Step Using Azure SDK for Python in Windows VS Code – Part 4 I finished a series in building a command line tool with Python and Azure SDK for Python to create a storage account and upload a text file. This series was to show a complete beginner how to start from scratch in using VS Code, extensions, Azure SDK libraries, Python Click and Setuptools libraries to build a command line. I want to take this one step further in using Github Actions to automate the build and running of this command line tool. I’m quite new to GitHub Actions so I’m sharing my beginner’s journey of it as well.

GitHub Actions is a CI/CD platform used to automate build, test and deploy software. I have more experience with Azure DevOps Pipeline, and this is very similar to that.

First of all, in my github repo, I need to add a new Actions Workflow, so I click on New workflow

Then I choose an empty file by clicking setup a workflow yourself.
I name my workfow yaml file and start to write my workflow code. A workflow is a configurable process that run one or more jobs. The workflow files are defined in the .github/workflows directly in a repo.

The pseudo code for my workflow is:

  1. Manual user trigger with user input.
  2. A workflow job that runs on ubuntu
  3. Checkout the repository
  4. Login in with the desired azure subscription with stored service principal secret credentials
  5. Setup Python with desired version
  6. Install python packages and dependencies that is required by my python code.
  7. Build my Python code into a package as an command line tool
  8. Call the command line tool and pass in the argument values from the workflow input fields.

Before I write the code, the Github Action Workflow needs permissions to create Azure resources into my designated resource group. One way is to create an Azure service principal name (SPN) and store those credentials as Repository Secret.

I create the SPN and copy the console output for later. Note the password is the client secret and can’t be retrieved again by design. The appId is also referred to as the clientId.

The SPN has contributor role to the resource group used for this demo

Go to Github repo > Settings > Secrets and variables > Actions > click New repository secret

I add the SPN properties:

In the next blog post Using GitHub Actions To Run My Python Azure Command Line Tool – Part 2, I will explain the workflow yaml code and run the workflow.

References:

One thought on “Using GitHub Actions To Run My Python Azure Command Line Tool – Part 1

  1. Pingback: Using GitHub Actions To Run My Python Azure Command Line Tool – Part 2 – Roy Kim on Azure and Microsoft 365

Leave a Reply