We’re pleased to announce that the January 2023 release (0.5.0-beta.1
) of the Azure Developer CLI (azd
) is now available. You can learn about how to get started with the Azure Developer CLI by visiting our Dev Hub.
This release includes the following features and improvements:
- Support for using the Azure Developer CLI in Codespaces azure-dev#370
- Support for OpenID Connect (OIDC) in CI/CD azure-dev#408
- Install the Azure Developer CLI via Microsoft Software Installer (MSI) azure-dev#447
- Updated Templates – ToDo Application now with APIM support
Use the Azure Developer CLI in GitHub Codespaces
We’re excited to announce that as of this release, you can use the Azure Developer CLI in GitHub Codespaces. azd
is now included in the Codespaces image, which means that you can use the CLI from within the embedded terminal without installation. Additionally, by including the Azure Developer CLI extension (ms-azuretools.azure-dev
) in a devcontainer.json
in your project or template, you can also get all the azd
functionality without needing to manually install the extension in Codespaces.
With support for GitHub Codespaces, you can now find a template on GitHub, open it in a Codespace, iterate on your codebase, create/provision infrastructure, deploy code, set up application monitoring, and set up your CI/CD pipeline to run against real cloud resources…all from the browser!
Check out this short video to see a demo of the experience.
Support for OIDC
Previously, the Azure Developer CLI used a service principal with secrets to authenticate with Azure from a GitHub Actions workflow. These secrets were long-lived and were presented to Azure on every run of your CI/CD pipelines.
While using a service principal is an established way of connecting CI/CD to Azure, OIDC does allow for some extra security hardening and best practices to be adopted.
With OIDC, external identity providers (like GitHub Actions) can be permitted to access resources on Azure without needing to store Azure credentials as long-lived secrets.
At a high level, the Azure Developer CLI configures OIDC support for you without the need for scripts using Azure’s workload identity federation. This identity federation allows for a trust relationship to be configured between your application in Azure Active Directory and GitHub repository using Microsoft Graph. From there, an access token is retrieved from the Microsoft identity provider to access Azure resources.
What does OIDC support mean for me?
With new support for OIDC for authentication, some changes have been made to the default authentication behavior of azd pipeline config
and azd provision
.
A new flag has been introduced on those commands --auth-type
to set the authentication method. You can read more about the defaults and supported values in our DevHub documentation.
Install the Azure Developer CLI via MSI
We’re also excited to announce that Windows developers can now install the Azure Developer CLI via Windows Installer package (MSI). You can grab the MSI from our GitHub Releases. Advanced MSI installation instructions can be found on our DevHub
The PowerShell install script for Azure Developer CLI (install-azd.ps1
) will now use our published MSI file instead of installing from the .zip
file. The install script will upgrade versions of azd
that predate the MSI release.
The install script won’t support installing versions of azd
on Windows that predate the MSI. To manually install older versions of the Azure Developer CLI, download the appropriate zip file from the Azure Developer CLI GitHub releases, extract, and place the binary in the appropriate location manually.
This new way of installing the Azure Developer CLI marks the first of a chain of improvements to support installation via your favorite package managers (see azure-dev#847). In an upcoming release, you can also expect to see support for installation via Homebrew, Windows Package Manager, Chocolatey, and more!
New and Updated Templates
Updated Templates – ToDo Application now with APIM support
As of this release, we’ve also updated the templates that our team has authored to include Infrastructure as Code files to allow you to use Azure API Management (APIM) as part of your project’s architecture. If you’re interested in some of the benefits of using APIM in your applications, check out this blog post.
By default, APIM won’t be enabled for your application when using these templates. If you’re interested in enabling APIM, you can run set USE_APIM=true
in PowerShell or USE_APIM=true
in bash to set the environment variable.
Other changes and enhancements
We have also added small enhancements and fixed issues requested by users that should improve your experience working with the Azure Developer CLI. Some notable changes include:
- Start API failed when running VS Code tests with Java templates (azure-dev#1303)
- Container Apps Naming locked when not created in Infra step (azure-dev#517)
- Support azd logout (azure-dev#295)
- azd env refresh should populate dotnet user-secrets (azure-dev#842)
Community contributions
We’d also like to extend a special thanks to the community contributors of this release:
- aaronpowell– Hyphenated service names will create invalid container image env variables (azure-dev#1290)
- KSchlobohm – Only one Key Vault is purged after running AZD down (azure-dev#1018)
- stuartleeks – Add Command Completion to azd (azure-dev#846)
- lechnerc77 – Enhance core templates with Key Vault secret (azure-dev#1197)
Try out these new improvements by installing the Azure Developer CLI!
You can use the Azure Developer CLI from:
- Your terminal of choice on Windows, Linux, or macOS.
- Visual Studio Code by downloading the extension from the Marketplace, or installing it directly from the extension view (
Ctrl
+Shift
+X
, orCmd
+Shift
+X
for macOS) in Visual Studio Code. - Visual Studio by enabling the preview feature flag.
You can learn more about the Azure Developer CLI from our Dev Hub documentation. If you run into any problems or have suggestions, file an issue or start a discussion on Azure Developer CLI repo.
0 comments