Part 1: CI/CD Infrastructure
DOCUMENT CATEGORY: Part Overview SCOPE: Azure Local management infrastructure (Phase 01) PURPOSE: Establish source control project, CI/CD runners, and automation infrastructure
Status: Active Execution: Once per deployment program Last Updated: 2026-03-19
Part Purpose
This part establishes the management infrastructure required for Azure Local deployments. It covers CI/CD service principal creation, source control project setup, CI/CD runners, and automation user access.
Phase in This Part
| Phase | Title | Description | Steps |
|---|---|---|---|
| Phase 01 | CI/CD Setup | Bootstrap Azure access, create source control project, configure settings, environments, variables, and deploy runners | 6 |
Execution Flow
┌─────────────────────────────────────────────────────────────────────────┐
│ Part 1: CI/CD Infrastructure │
├─────────────────────────────────────────────────────────────────────────┤
│ │
│ ┌───────────────────────────────────────────────────────────────────┐ │
│ │ Phase 01: CI/CD Setup │ │
│ ├───────────────────────────────────────────────────────────────────┤ │
│ │ │ │
│ │ Task 01: Bootstrap (Service Principal) │ │
│ │ Task 02: Create Source Control Project │ │
│ │ Task 03: Configure Project Settings │ │
│ │ Task 04: Create Environments │ │
│ │ Task 05: Configure Variables │ │
│ │ Task 06: Deploy Runners │ │
│ │ │ │
│ └───────────────────────────────────────────────────────────────────┘ │
│ │
└─────────────────────────────────────────────────────────────────────────┘
Key Deliverables
| Deliverable | Task | Description |
|---|---|---|
| CI/CD Service Principal | 01 | Entra ID app registration for pipeline authentication |
| Source Control Project | 02 | Deployment project/repo created from Azure Local template |
| Project Settings | 03 | Branch protection, code review, security settings configured |
| Environments | 04 | Deployment environments created for each target |
| CI/CD Variables | 05 | Environment-specific secrets and variables configured |
| CI/CD Runners | 06 | Self-hosted runners deployed in target Azure subscription |
Prerequisites
Before starting Part 1:
- Planning & Discovery completed
- Deployment information collected (organization name, tenant ID, subscription IDs)
- Azure CLI installed and authenticated to target tenant
- Source control platform access with project/repo creation permissions
- Azure subscription access for runner deployment
Terraform Modules Used
| Module | Task | Purpose |
|---|---|---|
azurelocal-toolkit//terraform/modules/cicd-runner | 06 | Deploy CI/CD runner VMs in target subscription |
Validation Checklist
- CI/CD service principal created with correct RBAC roles
- Source control project created with correct naming
- Branch protection and code review configured
- Environments created
- Environment variables configured
- CI/CD runners deployed and registered
- Runners appear online in source control platform
Next Steps
After completing Part 1, proceed to Part 2: Azure Foundation to establish the Azure cloud infrastructure including landing zones, networking, and security resources.