Skip to content

👣 Prerequisites

The following list of Day 0 operations are the prerequisites for the live workshop session, and should be completed in order.

  • Set up a cloud services account

    GitHub Universe 2024 session provision

    Participants at the live session will be provided with Azure subscriptions and details will be shared at the beginning of the workshop.

    In the workshop, we will deploy an application to a cloud provider. GitHub generally supports secure integration with most cloud providers; at this point of preparation for the work, we will ensure we have a properly setup cloud provider account.

    Although you may use your existing Azure subscription, we do recommend you create a completely new account (and subscription) for this workshop and leverage the $200 Azure credit on offer for your new subscriptions.

    Take note of your subscription id

    We will use the subscription id to provision the infrastructure resources to be deployed to. Find your Azure subscription.

    Create a free Azure account

    This aspect of the workshop is currently not supported, but you can help contribute the guide. Would you like to help the community learn to secure their deployments to AWS?

    This aspect of the workshop is currently not supported, but you can help contribute the guide. Would you like to help the community learn to secure their deployments to GCP?

  • Set up a GitHub account

    GitHub Universe 2024 session provision

    Participants at the live session will be provided with a GitHub Enterprise Managed User account (including GitHub Copilot and GitHub Advanced Security features). Account details will be shared at the beginning of the workshop the session.

    Learn more about "About Enterprise Managed Users".

    Login to your GitHub account. You may create a new GitHub account, if you do not already have one. (1)

    1. 💡 Clicking the button below will open the page on a new tab, for you to create a new GitHub account. Keep your @handle handy after you have logged in.

    Create a new GitHub account

  • Use the workshop template to create a new repository

    Clicking the button below will lead you to create the workshop project in a new browser tab. The repository creation form should already be correctly pre-filled you. After proofing the form, scroll down to the bottom of the page and click the Create repository button to create the repository.

    Create workshop project

  • Create a cloud development environment instance

    GitHub Codespaces enable you to instantly create a productive development environment and start coding on the workshop project. Personal accounts on GitHub can benefit from a free quota of GitHub Codespaces usage.

    To begin, go to your newly created repository

    1. Navigate to the Code tab.
    2. Open the Code menu and click on Create codespace on main.

  • Provision cloud service infrastructure

    We will take advantage of managed services to provide a framework for resiliently deploying and running our application.

    Azure App Service provides a framework for developing and running apps in the cloud. PaaS providers host and maintain the platform's servers, networks, storage, and other computing resources. Developers use the platform to build apps without having to manage backups, security solutions, upgrades, or other administrative tasks. App Service also includes tools, services, and systems that support the web application lifecycle.

    The infrastructure/day-0/provision.azcli script is designed to provision the required cloud resources on Microsoft Azure.
    infrastructure/day-0/provision.azcli
     1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
    #!/usr/bin/env bash

set -euo pipefail

SCRIPT_DIR=$(cd -- "$(dirname -- "${BASH_SOURCE[0]}")" &>/dev/null && pwd)

az logout || true
az login --use-device-code

main_bicep="${SCRIPT_DIR}/main.bicep"
parameters_json="${SCRIPT_DIR}/parameters.json"

location="$(jq -r .parameters.location.value "${parameters_json}")"

deployment_outputs_json="${SCRIPT_DIR}/deployment-outputs.json"

az deployment sub create \
    --name "universe24-continuous-deployment-with-github-${location}" \
    --location "${location}" \
    --parameters @"${parameters_json}" \
    --template-file "${main_bicep}" \
    --output json >"${deployment_outputs_json}"

    • Line 8

      Securely creates an Azure login session and prompts you to select the subscription on which the script will act on.

    • Lines 10 - 11

      • infrastructure/day-0/main.bicep contains the infrastructure deployment template. infrastructure-deployment-template
      • Whereas infrastructure/day-0/parameters.json contain the values for variables that are referenced in the template.
       1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
      {
    "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
    "contentVersion": "1.0.0.0",
    "parameters": {
        "phase": {
            "value": "day-0"
        },
        "location": {
            "value": "northeurope"
        },
        "containerImageName": {
            "value": "app"
        },
        "containerImageVersion": {
            "value": "1"
        }
    }
}

    • Line 13

      Reads the Azure region in which resources will be provisioned are read from the infrastructure/day-0/parameters.json file.

    • Line 15

      Designates the outcome of the deployment to be written to infrastructure/day-0/deployment-outputs.json.

    Execute the script on a terminal in your Codespace

    ./infrastructure/day-0/provision.azcli

    This aspect of the workshop is currently not supported, but you can help contribute the guide. Would you like to help the community learn to secure their deployments to AWS?

    This aspect of the workshop is currently not supported, but you can help contribute the guide. Would you like to help the community learn to secure their deployments to GCP?

  • Get familiar with GitHub Apps

    GitHub Apps are tools that extend GitHub's functionality. GitHub Apps can do things on GitHub like open issues, comment on pull requests, and manage projects. They can also do things outside of GitHub based on events that happen on GitHub. For example, a GitHub App can post on Slack when an issue is opened on GitHub.

    During the course of the workshop exercises, you will discover how a GitHub App can be used to perform automatic versioning or creation of releases, such that the performed action effectively raises an event that triggers other workflows.

    GitHub Universe 2024 session provision

    A GitHub App will be created for your use, and setup to enable you easily access its private key and id from within the repository you will create for doing the workshop exercises.
    🧐 What is the use of a GitHub App in this workshop?

    Using the GITHUB_TOKEN that is available to workflows by default for authorization, it is possible to interact with the GitHub platform via API calls. However, there is a caveat...

    When you use the repository's GITHUB_TOKEN to perform tasks, events triggered by the GITHUB_TOKEN, with the exception of workflow_dispatch and repository_dispatch, will not create a new workflow run. This prevents you from accidentally creating recursive workflow runs. For example, if a workflow run pushes code using the repository's GITHUB_TOKEN, a new workflow will not run even when the repository contains a workflow configured to run when push events occur.

    If you do want to trigger a workflow from within a workflow run, you can use a GitHub App installation access token or a personal access token instead of GITHUB_TOKEN to trigger events that require a token.

    If you use a GitHub App, you'll need to create a GitHub App and store the app ID and private key as secrets.

    ~ Triggering a workflow from a workflow