Plan and apply mode
Plan and Apply mode is used to apply any changes made in the code to Azure.
During the Plan stage it reads in all the code from the git repository and the current state from azure and compares them for differences before showing what changes need to be made.
After reviewing and approving the planned changes, the apply stage can be run to apply the changes.
Example workflow
Initial state
Here are the initial role assignments for resource group "OSX-ARG-KEYVAULT-DEV":
A change is made in the code
In this example the "Information Technology" group is added as a Contributor to OSX-ARG-KEYVAULT-DEV.
To achieve this the following code has been added to the file osx-arg-keyvault-dev.json under "assignments":
{
"role": "Contributor",
"objectName": "Information Technology",
"objectType": "Group"
},
A Pull request is then submitted with these changes.
The pull request is peer reviewed and then merged to main.
The plan and apply pipeline is run
The Plan and Apply pipeline is run. This can be configured to be initiated manually or when the main branch is updated.
The plan stage executes. Apply however waits for approval.
Before approving review the "Plan" stage summary to ensure the changes to be made are as expected.
It can be seen that the "Information Technology" group will be added as a Contributor to OSX-ARG-KEYVAULT-DEV as expected.
Approve the Apply stage to allow it to run.
Change applied in Azure
In this example we can confirm that the change has been applied via the Portal.