{"id":71479,"date":"2025-07-21T08:17:37","date_gmt":"2025-07-21T16:17:37","guid":{"rendered":"https:\/\/devblogs.microsoft.com\/devops\/?p=71479"},"modified":"2025-07-30T14:36:59","modified_gmt":"2025-07-30T22:36:59","slug":"azure-developer-cli-from-dev-to-prod-with-one-click","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/devops\/azure-developer-cli-from-dev-to-prod-with-one-click\/","title":{"rendered":"Azure Developer CLI: From Dev to Prod with One Click"},"content":{"rendered":"

This post walks through how to implement a “build once, deploy everywhere”<\/strong> pattern using Azure Developer CLI (azd)<\/a> that provisions environment-specific infrastructure and promotes applications from dev to prod with the same build artifacts. You’ll learn how to use conditional Bicep deployment, environment variable injection, package preservation across environments, and automated CI\/CD promotion from development to production.<\/p>\n

Environment-Specific Infrastructure<\/h2>\n

When deploying applications across environments, different requirements emerge:<\/p>\n\n\n\n\n\n\n\n\n
Component<\/th>\nDevelopment<\/th>\nProduction<\/th>\n<\/tr>\n<\/thead>\n
Networking<\/strong><\/td>\nPublic access<\/td>\nVNet integration + Private endpoints<\/td>\n<\/tr>\n
Storage<\/strong><\/td>\nPublic with restrictions<\/td>\nPrivate endpoints only<\/td>\n<\/tr>\n
App Service Plan<\/strong><\/td>\nB2 Basic<\/td>\nS1 Standard<\/td>\n<\/tr>\n
Security<\/strong><\/td>\nManaged identity<\/td>\nEnhanced network isolation<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Rather than maintaining separate infrastructure templates or complex configuration files for each environment, we can use a single set of Bicep files that adapt based on an environment variable. This approach eliminates infrastructure drift while keeping deployments simple and consistent.<\/p>\n

Set up resources based on an environment variable<\/h2>\n

To conditionally provision resources based on environment type, azd leverages an environment variable AZURE_ENV_TYPE<\/code> to make decisions at deployment time.<\/p>\n

Behind the scenes, azd passes AZURE_ENV_TYPE<\/code> to Bicep as the envType<\/code> parameter:<\/p>\n

@description('Environment type - determines networking configuration (dev\/test\/prod)')\n@allowed(['dev', 'test', 'prod'])\nparam envType string = 'dev'\n<\/code><\/pre>\n
This parameter then drives conditional resource deployment in Bicep:<\/p>\n
For Network Deployment:<\/strong><\/p>\n
\/\/ Deploy network infrastructure only for production environments\nmodule network '.\/network.bicep' = if (envType == 'prod') {\n  name: 'networkDeployment'\n  params: {\n    location: location\n    tags: tags\n    abbrs: abbrs\n    resourceToken: resourceToken\n  }\n}\n<\/code><\/pre>\n
Similarly for Storage Configuration:<\/strong><\/p>\n
module storageAccount 'br\/public:avm\/res\/storage\/storage-account:0.17.2' = {\n  name: 'storageAccount'\n  params: {\n    name: storageAccountName\n    allowSharedKeyAccess: false\n    publicNetworkAccess: envType == 'prod' ? 'Disabled' : 'Enabled'\n    networkAcls: envType == 'prod' ? {\n      defaultAction: 'Deny'\n      virtualNetworkRules: []\n      bypass: 'AzureServices'\n    } : {\n      defaultAction: 'Allow'\n      virtualNetworkRules: []\n      bypass: 'AzureServices'\n    }\n    \/\/ ... other configuration\n  }\n}\n<\/code><\/pre>\n
Finally for App Service Plan Sizing:<\/strong><\/p>\n
sku: {\n  name: envType == 'prod' ? 'S1' : 'B2'\n  tier: envType == 'prod' ? 'Standard' : 'Basic'\n}\n<\/code><\/pre>\n
Enhance default CI\/CD workflow<\/h2>\n
azd includes a powerful command to bootstrap CI\/CD pipeline:<\/p>\n
azd pipeline config\n<\/code><\/pre>\n
This generates a basic workflow. However, for dev-to-prod promotion, enhance it with these steps:<\/p>\n
\n
\u26a0\ufe0f Important Update<\/strong><\/p>\n
Updated 7\/30\/2025<\/strong>: The original approach used local file backups (copying zip files within the same job). However, the community pointed out that using native CI\/CD artifact systems is more idiomatic. We have since updated both the repository<\/a> and the steps below to use GitHub Action Artifacts.<\/p>\n<\/blockquote>\n
1. Package Once:<\/strong><\/p>\n
- name: Package Application\n  run: |\n    mkdir -p .\/dist\n    azd package app --output-path .\/dist\/app-package.zip\n    echo \"\u2705 Application packaged successfully\"\n<\/code><\/pre>\n
2. Upload Application Package:<\/strong><\/p>\n
- name: Upload Application Package\n   uses: actions\/upload-artifact@v4\n     with:\n       name: app-package\n       path: .\/dist\/app-package.zip\n       retention-days: 30\n<\/code><\/pre>\n
3. Deploy to Dev:<\/strong><\/p>\n
- name: Deploy to Development\n  run: azd deploy app --from-package .\/dist\/app-package.zip --no-prompt\n<\/code><\/pre>\n
4. Validation Gate:<\/strong><\/p>\n
- name: Validate Application\n  run: |\n    echo \"\ud83d\udd0d Validating application in development environment...\"\n    # TODO: Add your validation logic here:\n    # Examples:\n    # - Health checks and integration tests\n    # - Security and compliance scanning\n    # - Performance validation\n    sleep 3  # Simulate validation time\n    echo \"\u2705 Application validation passed\"\n<\/code><\/pre>\n
5. Download Application Package:<\/strong><\/p>\n
- name: Download Application Package\n   uses: actions\/download-artifact@v4\n     with:\n       name: app-package\n       path: .\/prod-deploy\n<\/code><\/pre>\n
6. Set environment variables:<\/strong><\/p>\n
- name: Promote to Production\n  run: |\n    # Create production environment name by replacing -dev with -prod, or adding -prod if no -dev suffix\n    PROD_ENV_NAME=\"${AZURE_ENV_NAME%-dev}-prod\"\n    echo \"Production environment name: $PROD_ENV_NAME\"\n\n    # Set environment variables for this step\n    export AZURE_ENV_NAME=\"$PROD_ENV_NAME\"\n    export AZURE_ENV_TYPE=\"prod\"\n<\/code><\/pre>\n
7. Deploy to Prod:<\/strong><\/p>\n
 # Use the artifact package - true \"build once, deploy everywhere\"\n   PACKAGE_PATH=\".\/prod-deploy\/app-package.zip\"  \n\n   if [ -f \"$PACKAGE_PATH\" ]; then\n     echo \"\ud83d\ude80 Deploying to production using artifact package: $PACKAGE_PATH\"\n     azd deploy app --from-package \"$PACKAGE_PATH\" --no-prompt\n     echo \"\u2705 Production deployment completed successfully\"\n   else\n      echo \"\u274c Package artifact not found - falling back to regular deployment\"\n      azd deploy --no-prompt\n   fi\n<\/code><\/pre>\n
Try It Out<\/h2>\n
You can try this approach using the complete implementation here<\/a>.<\/p>\n
Watch the walkthrough:<\/strong> See this entire process in action in the video below that shows the complete setup and deployment flow.<\/p>\n