如何使用Azure DevOps将编译完的应用发布到非Azure Global环境,例如Azure CN。

Publishing an app from Azure DevOps to Azure global is super easy. Simply a few clicks and you can find your azure subscription and publish it in a minute. Like this:

But in some cases, our customers might be using other Azure environments, like Azure Arc, Azure for government and Azure CN. And we can't find our subscriptions easily via the pipeline configuration. How can we publish to the app to our non-global Azure environment?

First, we need to create a new app registration. And allow Azure DevOps publishing apps as the app's identity.

Click your Azure Active Directory menu here:

Add click here to add a new registration:

And then name your new app Azure DevOps. Select it access accounts in this organization.

After creation your new app registration, remember to copy your application ID here:

Add a new secret, copy the secret value here:

Those steps created a new app in your directory. Anyone with the app id and app secret can access your directory. But for now, the app is not authorized to access your Azure resources. We need to give the app a subscription level role which allows it to manage your resources under the subscription.

Click subscriptions and select the subscription which you want to deploy.

Add a new role assignment.

And add it as a contributor.

Now, steps in the Azure portal are completed. We can add a new service connection in Azure DevOps now.

After signing to your Azure DevOps, click the project settings. Then select service connections:

Click here to add a new service connection:

Select the Azure resources manager:

Select the manual config. If you select the automatic config, it only shows the subscriptions from Azure global.

Select your customized Azure environment name. For example, I am configuring a connection for Azure CN. Click Azure China Cloud here.

Now fill the subscription ID and subscription name. Those values you can find in your subscription details tab.

Find those values here:

To fill the service principal id and key, just paste your new registered app's application id and secret value.

And for the tenant id, this comes from your Azure AD details page.

Find tenant ID here:

After filling all values above, click verify and the save button.

Now you can work on your pipeline and publish your app to this service connection: