In the realm of IT project governance, the integration of Continuous Integration and Continuous Deployment (CICD) pipelines is pivotal for streamlining and automating the development process. The article on extending pipelines in Power Platform underscores this by demonstrating how GitHub Actions and Power Automate cloud flows can enhance pipelines.

  • Automated Workflows: Utilizing GitHub Actions, the article illustrates an automated workflow that triggers when a deployment is submitted, ensuring that the artifact’s source code is seamlessly downloaded, unpacked, and committed to a GitHub branch.
  • Efficiency in Deployment: The integration of Power Automate cloud flows with GitHub workflows dispatches events that facilitate the efficient management of solution deployments within the Power Platform environment.
  • Security and Permissions: The workflow requires specific permissions and secrets to securely connect to Dataverse using an Application User, highlighting the importance of security in CICD pipelines.
  • Power Automate Triggers: The article details how Power Automate flows can be triggered by deployment requests in Dataverse, which in turn activate the GitHub workflow, showcasing the synergy between Power Platform and GitHub for robust IT project governance.

Microsoft provides straightforward guides how to build this extension that you get the solution package but it is lacking some permissions and security roles that needs to be assigned to get the functionality working.

GitHub end

Security Role for Service Principal

Use Service Principal meaning Application Registration that has permission to the Power Platform environment hosting the CI/CD pipelines. Create Application User and give security role Deployment Pipeline User.

Running manually failed

Running the GitHub Action manually failed each time with authentication permission. Even when using the same parameters that Power Automate would give in HTTP Request. But when running from Power Automate, everything works and zip package will be extracted into Code section of GitHub repository.

Power Platform end

Power Automate location

Create the Power Automate that triggers from the installation request to the environment which is acting as the host of the CI/CD pipelines. Remember to use solution and put your organization as publisher.

Create Fine-grained Token and use Azure Key Vault

Crete Fine-grained Personal Access token with least privileges and save it to secure place. Put the GitHub Personal Access Token into a Azure Key Vault and use as secret environment variable, so it is not visible in the flow run. Remember to edit Get Secret action settings to hide the secret value.