Skip to content
This repository has been archived by the owner. It is now read-only.


Switch branches/tags


Failed to load latest commit information.
Latest commit message
Commit time


This action is ARCHIVED and will not receive any updates. Please update your existing workflows to use the action azure/[email protected] which can deploy to both Webapps and Webapp for containers. Refer to for more details about the action.
For example, the action azure/[email protected] should be replaced with azure/[email protected] in your workflows.

GitHub Action for deploying to Azure Web App for Containers

GitHub Actions gives you the flexibility to build an automated software development lifecycle workflow.

You can automate your workflows to deploy Azure Web Apps for Containers using GitHub Actions.

Get started today with a free Azure account!

If you are looking for a Github Action to deploy to an Azure WebApp (Windows or Linux) or Azure WebApp for Containers (single container image or multiple containers), consider using Azure WebApp action.

For deploying container images to Kubernetes, consider using Kubernetes deploy action. This action requires that the cluster context be set earlier in the workflow by using either the Azure/aks-set-context action or the Azure/k8s-set-context action.

End-to-End Sample Workflows

Dependencies on other Github Actions

  • Checkout Checkout your Git repository content into Github Actions agent.
  • Azure Login Login with your Azure credentials for Web app deployment authentication. Once login is done, the next set of Azure actions in the workflow can re-use the same session within the job.
  • docker-login : Actions to log in to a private container registry such as Azure Container registry. Once login is done, the next set of Actions in the workflow can perform tasks such as building, tagging and pushing containers.

Azure Service Principle for RBAC

For using any credentials like Azure Service Principal in your workflow, add them as secrets in the GitHub repository and then refer them in the workflow.

  1. Download Azure CLI from here, run az login to login with your Azure credentials.
  2. Run Azure CLI command to create an Azure Service Principal for RBAC:
   az ad sp create-for-rbac --name "myApp" --role contributor \
                            --scopes /subscriptions/{subscription-id}/resourceGroups/{resource-group} \
  # Replace {subscription-id}, {resource-group} with the subscription, resource group details of the WebApp
  # The command should output a JSON object similar to this:

    "clientId": "<GUID>",
    "clientSecret": "<GUID>",
    "subscriptionId": "<GUID>",
    "tenantId": "<GUID>",
  • You can further scope down the Azure Credentials to the Web App using scope attribute. For example,
 az ad sp create-for-rbac --name "myApp" --role contributor \
                          --scopes /subscriptions/{subscription-id}/resourceGroups/{resource-group}/providers/Microsoft.Web/sites/{app-name} \

# Replace {subscription-id}, {resource-group}, and {app-name} with the names of your subscription, resource group, and Azure Web App.
  1. Paste the json response from above Azure CLI to your Github Repository > Settings > Secrets > Add a new secret > AZURE_CREDENTIALS
  2. Now in the workflow file in your branch: .github/workflows/workflow.yml replace the secret in Azure login action with your secret (Refer to the example below)

Build and deploy a Node.js app to Azure WebApp Container

on: [push]

name: Linux_Container_Node_Workflow

    runs-on: ubuntu-latest
    # checkout the repo
    - name: 'Checkout Github Action' 
      uses: actions/[email protected]
    - name: 'Login via Azure CLI'
      uses: azure/[email protected]
        creds: ${{ secrets.AZURE_CREDENTIALS }}
    - uses: azure/[email protected]
        username: ${{ secrets.REGISTRY_USERNAME }}
        password: ${{ secrets.REGISTRY_PASSWORD }}
    - run: |
        docker build . -t${{ github.sha }}
        docker push${{ github.sha }} 
    - uses: azure/[email protected]
        app-name: 'node-rnc'
        images: '${{ github.sha }}'
    - name: Azure logout
      run: |
        az logout


This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit

When you submit a pull request, a CLA bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact [email protected] with any additional questions or comments.