This is a guide for Deploy Azure functions for Splunk via Azure DevOps Pipelines, follow these steps:
- Login to your azure account and open your portal home page
- Go to your Subscriptions page
- Select the subscription you will use for deployment from Azure DevOps, take note of the Subscription name and Subscription ID , here we will name it [[SUBSCRIPTION_NAME]] and [[SUBSCRIPTION_ID]]
- Create a Service Principal in Azure CLI, execute this command, provide the service principal name, here we will name it : [[ServicePrincipalName]]
az ad sp create-for-rbac -n [[ServicePrincipalName]]
- The result is a JSON output like this:
{ "appId": "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee", "displayName": "[[ServicePrincipalName]]", "password": "this-is-the-service-principal-password", "tenant": "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee" }
- Take note of the appId, password and tenant, as they will be used later
- Grant Contributor permission to this service principal, in the Azure portal: go to Subscriptions and click on the subscription you will use for deployment from Azure DevOps
- In the left pane, select Access control (IAM), then click on Add role assignment
- Go to the tab Privileged administrator roles and select the role Contributor, click Next
- Click Select members, filter the members list with the name of the new Service Principal, click on the Service Principal, click Select, click Next, then click Review + assign
- Create a resource group for the deployed application, take note of the name of this resource group, here we will name it [[DEPLOYMENT_RESOURCE_GROUP]]
- Create a Key Vault in the new resource group, take note of the name of the Key Vault, here we will name it [[KEY_VAULT_NAME]]
- Open the new Key Vault, go to group Settings - Access configuration, the check the option Azure Resource Manager for template deployment, then click button Apply
- Add three secrets with the values for access to the Teams application:
- TenantID
- ClientID
- ClientSecret
- In order to make this steps more simple, use a GitHub account linked to the same email in your Azure DevOps account
- Login to https://dev.azure.com, use the login option "Login with GitHub" and use GitHub account we mentioned before, accept to link your Github account with Azure DevOps
- Select or create a new project
- You will create a service connection, go to Project settings below the left pane, then go to Service connections, click on New service connection
- Select Azure Resource Manager, click Next
- Select Service principal (manual), click Next
- Fill in the configuration with the collected data in previous steps:
- Environment = Azure Cloud
- Scope Level = Subscription
- Subscription Id = collected [[SUBSCRIPTION_ID]]
- Subscription Name = collected [[SUBSCRIPTION_NAME]]
- Service Principal Id = appId from the creation of the new Service Principal
- Authentication = Service Principal Key
- Service Principal Key = password from the creation of the new Service Principal
- Tenant ID = tenant from the creation of the new Service Principal
- Service connection name = provide the name for the connection, here we will name it [[SERVICE_CONNECTION_NAME]]
- Click the button Verify and after successful check click Verify and save
- Login to Github.com using the account linked to the same email in your Azure DevOps account, as we mentioned before
- Open the url https://github.com/uxmapp/azure-functions-splunk
- Create a fork of this repository in your account
- Clone the forked repository in your local machine
- Select a name for the deployed functions, here we will name it [[DEPLOYED_FUNCTIONS_SPLUNK_GRAPH]]
- Add the following file for configuration of parameters, replace all the configuration values collected before:
graph\deploy\parameters.json
{ "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", "contentVersion": "1.0.0.0", "parameters": { "appName": { "value": "[[DEPLOYED_FUNCTIONS_SPLUNK_GRAPH]]" }, "TenantID": { "reference": { "keyVault": { "id": "/subscriptions/[[SUBSCRIPTION_ID]]/resourceGroups/[[DEPLOYMENT_RESOURCE_GROUP]]/providers/Microsoft.KeyVault/vaults/[[KEY_VAULT_NAME]]" }, "secretName": "TenantID" } }, "ClientID": { "reference": { "keyVault": { "id": "/subscriptions/[[SUBSCRIPTION_ID]]/resourceGroups/[[DEPLOYMENT_RESOURCE_GROUP]]/providers/Microsoft.KeyVault/vaults/[[KEY_VAULT_NAME]]" }, "secretName": "ClientID" } }, "ClientSecret": { "reference": { "keyVault": { "id": "/subscriptions/[[SUBSCRIPTION_ID]]/resourceGroups/[[DEPLOYMENT_RESOURCE_GROUP]]/providers/Microsoft.KeyVault/vaults/[[KEY_VAULT_NAME]]" }, "secretName": "ClientSecret" } } } }
- Go to the forked repository in Github, navigate to the file graph/deploy/azureDeploy.json,
click on the button "Raw"
- copy the URL you just opened
- The URL will be similar to this:
https://raw.githubusercontent.com/[[GITHUB_ACCOUNT_ID]]/[[FORKED_REPOSITORY]]/master/graph/deploy/azureDeploy.json
- In this URL you must replace your [[GITHUB_ACCOUNT_ID]] and your [[FORKED_REPOSITORY]]
- Based on this URL you will add one more similar URL for the file parameters.json:
https://raw.githubusercontent.com/[[GITHUB_ACCOUNT_ID]]/[[FORKED_REPOSITORY]]/master/graph/deploy/parameters.json
- Select a name for the deployment, here we will name it [[DEPLOY_AZURE_FUNCTIONS_SPLUNK_APP]]
- Select a name for the deployed application, here we will name it [[DEPLOYED_FUNCTIONS_SPLUNK_GRAPH]]
- Add file for CI/CD, replace all the configuration values collected before, note that the file "parameters.json" doesn't exist yet but it will be committed soon:
azure-pipelines.yml
# Starter pipeline # Start with a minimal pipeline that you can customize to build and deploy your code. # Add steps that build, run tests, deploy, and more: # https://aka.ms/yaml trigger: - master pool: vmImage: ubuntu-latest steps: - task: AzureResourceManagerTemplateDeployment@3 inputs: deploymentScope: 'Resource Group' azureResourceManagerConnection: '[[SERVICE_CONNECTION_NAME]]' subscriptionId: '[[SUBSCRIPTION_ID]]' action: 'Create Or Update Resource Group' resourceGroupName: '[[DEPLOYMENT_RESOURCE_GROUP]]' location: 'North Europe' templateLocation: 'URL of the file' csmFileLink: 'https://raw.githubusercontent.com/[[GITHUB_ACCOUNT_ID]]/[[FORKED_REPOSITORY]]/master/graph/deploy/azureDeploy.json' csmParametersFileLink: 'https://raw.githubusercontent.com/[[GITHUB_ACCOUNT_ID]]/[[FORKED_REPOSITORY]]/master/graph/deploy/parameters.json' overrideParameters: '-appName [[DEPLOYED_FUNCTIONS_SPLUNK_GRAPH]]' deploymentMode: 'Incremental' deploymentName: '[[DEPLOY_AZURE_FUNCTIONS_SPLUNK_APP]]'
- Commit these files and push to your forked repository
- Go to https://dev.azure.com, open your project, go to Pipelines, click on New pipeline, in tab Connect select GitHub
- In tab Select select your forked repository, you may be prompted Approve & Install Azure Pipelines, approve this and any other prompt
- Next select Existing Azure Pipelines YAML file and then select the branch and the file azure-pipelines.yml (maybe this step is done automatically)
- In the last step click Run
- On the first execution you need to grant permissions on the service connection, click on the button View
- The click on the button Permit
- When the pipeline is done executing, review your azure resources, the new functions should be added to the selected resource group
- After this, any commit to the forked repository will trigger a pipeline, the pipelines can be triggered manually as well