CI and CD using Jenkins

Continuous Integration and Deployment (CI/CD) of Asp.Net Core Application on Azure Web App using Jenkins – Day 3

Posted by

Theme

In this article, we’ll focus on Azure Active Directory and Service Principal and integrate Jenkins with Azure Service Principal before we move on to CI/CD of ASP.NET Core application on Azure using Jenkins Azure Pipeline.

This article series will explain using Jenkins for CI and CD of an ASP.NET Core web application on the local development environment, publishing the web application to Azure Web App Service and configuring Jenkins on Azure for continuous integration and continuous deployment of the hosted application. GitHub will DevOps as a source control repository. We’ll create a pipeline using Jenkins that fetches the code from GitHub, builds the code, runs the tests and deploy the package. This will be a repetitive task on each commit to the code located on GitHub.

In the first article of the series we learned about the concepts, terminology, technologies involved, installing Jenkins, creating ASP.NET Core application and continuous integration of Asp.Net Core application using Jenkins via two approaches i.e. pipeline approach and freestyle project approach. In the second article, we published the ASP.Net core application to Azure App Service and Configured Jenkins on Azure.

Roadmap

Following is the roadmap we would be following to completely learn end to end development and configurations of Continuous Integration and Deployment (CI/CD) of Asp.Net Core Application on Azure Web App using Jenkins.

Prerequisites

Go through the first two articles of the series before starting this article.

The following are the prerequisites for the developers to have on their machines before getting started.

  1. Visual Studio 2017/2019.
  2. Dotnet 2.1 SDK installed.
  3. Azure Subscription Free/Paid.
  4. Java 1.5 or higher.
  5. Git account
  6. Git for Windows

Azure Active Directory and Service Principal

The next step is to create an identity for our application as it needs access to our Azure web app. This identity will serve as a service principal that could be assigned certain permissions to operate on the app.

Create an Azure Active Directory and Service Principal

  1. In the Azure portal, click on “Azure Active Directory” and then on “App Registration” as shown below.

  1. Click on “New Registration” to create a new app registration.

  1. Provide a meaningful name. For e.g. I provided “jenkins_sp” and select the first option for the supported account types i.e. “Account in this organizational directory only”.

  1. Click on “Register” to create this new Azure AD and service principal.
  2. Navigate to the newly created application i.e. “Jenkins_sp”.

Integrate the Application to a Role

To get access to the Azure resources, the application needs to be assigned to a role. For e.g., if in the Azure subscription we assign the role to a resource group, then all the resources in that resource group will inherit that role and its permissions.

  1. Navigate to the Subscriptions in the Azure portal. Select the subscription. For e.g. I have only one subscription, and if I select that all the resources in that subscription will inherit the role and permissions assigned.

  1. Once selected, the subscription page will open to the right.

  1. Select Access control (IAM).

  1. Select “Add role assignment”.

  1. In the “Add role assignment” form, select Role as “Contributor”, Assign access to as “Azure AD user, group, or service principal”. In the Select options, search by typing Jenkins and we see our jeninks_sp i.e. our service principal. Choose that and save.

  1. Click on the newly created app registration and on the overview page, copy the following values to a notepad as they would be used while assigning a service principal to Jenkins.
  • Application (client) ID
  • Directory (tenant) ID
  1. Click on “Certificates & secrets” and add “New client secret”. Provide it a name and copy the value of the client secret created.

Now, we need to provide this service principal to the Jenkins running on the URL to have access over Azure resources on the selected subscription.

Integrate Jenkins with Azure Service Principal

Time to integrate Jenkins to the service principal created on the Azure portal.

  1. On the running Jenkins URL. Navigate to Credentials -> System -> Global credentials and click on “Add Credentials”.

  1. Select Kind as “Microsoft Azure Service Principal” and fill in the following fields.
  • Scope: Global
  • Subscription ID: Your Azure subscription ID
  • Client ID: The copied Application (client) ID from the service principal app.
  • Client Secret: The copied value of the secret certificate.
  • Tenant ID: The copied Directory (tenant) ID from the service principal app.
  • Azure Environment: Azure

Click on the “verify service principal” button to verify the details and connection. Once it says, “Successfully verified…”, click OK.

Conclusion

In this article, we focused on Azure Active Directory and Service Principal and integrating Jenkins with Azure Service Principal. In the next and last article of the series, we’ll see how to enable CI/CD of ASP.NET Core application on Azure using Jenkins Azure Pipeline

2 comments

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.