Skip to content

Microsoft Dev Box platform built with Bicep including GitHub Actions workflows

License

Notifications You must be signed in to change notification settings

ljtill/bicep-dev-box

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

66 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Dev Box

Microsoft Dev Box is an Azure service that gives developers access to ready-to-code, project-specific dev boxes that are preconfigured and centrally managed. Support hybrid dev teams of any size with high-performance, cloud-based workstations, and let developers focus on writing code by streamlining access to the tools they need.

This repository contains the infra-as-code components to quickly scaffold a new Microsoft Dev Box environment.

Please note these artifacts are under development and subject to change.


Getting Started

Before deploying the Dev Box resources, update the parameters file src/parameters/main.bicepparam.

Using locally with Bash

./eng/deploy.sh -s "{GUID}"
./eng/deploy.sh -s "{GUID}"

To override the default parameters file, use the -p {FilePath} parameter.

Using locally with PowerShell

./eng/deploy.ps1 -SubscriptionId "{GUID}"
./eng/delete.ps1 -SubscriptionId "{GUID}"

To override the default config file, use the -ConfigFile {FilePath} parameter.

Using with GitHub Actions

Azure Active Directory - Application

  • Navigate to the 'App Registration' blade wihin the Azure portal
  • Select 'New registration' and provide a Name for the application
  • Select the newly created application and select 'Certificates & secrets'
  • Select 'Federated Credentials' and 'Add credential'
  • Provide the 'Organization (username)' and Repository for the credential
  • Select 'Entity type' - Branch and provide 'main'
  • Repeat process for 'Entity type' - Pull Request

Azure Resource Manager - Role Assignment

  • Navigate to the Subscription in the Azure portal
  • Select 'Access control (IAM)' and 'Add' - 'Add role assignment'
  • Select Role - Contributor and select 'Members'
  • Provide the 'Name' of the application from the previous steps

GitHub Actions - Secrets

  • Navigate to 'Settings' on the repository
  • Select 'Secrets' and 'Actions' link
  • Select 'New repository secret' and create secrets for the following:
    • AZURE_TENANT_ID
    • AZURE_SUBSCRIPTION_ID
    • AZURE_CLIENT_ID

Authentication

After deploying the Azure resources, permission needs to be provided to allow users to access Dev Box.

Azure Resource Manager

  • Navigate to the DevCenter Project resource in the Azure Portal
  • Select 'Access control (IAM)' and 'Add' - 'Add role assignment'
  • Select Role 'DevCenter Dev Box User' and select Members
  • Provide the 'Name' of the User / Groups to allow access to the Dev Box portal

Deployed Resources

  • Virtual Network
  • Network Security Group
  • Compute Gallery
  • Managed Identity
  • DevCenter
  • DevCenter Network Connection
  • DevCenter Definitions
  • DevCenter Project
  • DevCenter Pools

Links