To deploy the bicep file:
az deployment group create \
--resource-group photorag \
--template-file deploy/main.bicep \
--parameters acrName=photoragacr webAppName=photoragwebPush the image to the ACR:
az acr build --resource-group photorag --registry photoragacr --image photoragweb .To register the repo, application, etc:
githubOrganizationName='dubscode'
githubRepositoryName='photorag'
applicationRegistrationDetails=$(az ad app create --display-name 'photorag')
applicationRegistrationObjectId=$(echo $applicationRegistrationDetails | jq -r '.id')
applicationRegistrationAppId=$(echo $applicationRegistrationDetails | jq -r '.appId')
az ad app federated-credential create \
--id $applicationRegistrationObjectId \
--parameters "{\"name\":\"photorag\",\"issuer\":\"https://token.actions.githubusercontent.com\",\"subject\":\"repo:${githubOrganizationName}/${githubRepositoryName}:ref:refs/heads/main\",\"audiences\":[\"api://AzureADTokenExchange\"]}"
resourceGroupResourceId=$(az group create --name photorag --location westus --query id --output tsv)
az ad sp create --id $applicationRegistrationObjectId
az role assignment create \
--assignee $applicationRegistrationAppId \
--role Contributor \
--scope $resourceGroupResourceIdPrepare GitHub secrets Run the following code to show you the values you need to create as GitHub secrets:
echo "AZURE_CLIENT_ID: $applicationRegistrationAppId"
echo "AZURE_TENANT_ID: $(az account show --query tenantId --output tsv)"
echo "AZURE_SUBSCRIPTION_ID: $(az account show --query id --output tsv)"