I'm curious if it's possible to implement CI/CD from a GitHub repository and container registry to an Azure Web App while having the inbound traffic disabled through a private endpoint. Has anyone done this or can provide insights?
1 Answer
Definitely! If you're going with GitHub Actions, you can set up a self-hosted runner that's connected to your Azure VNET. The runner will need to have network access to the private endpoint of your Azure Web App, and it should be able to resolve the private DNS for that endpoint. You can use a VM or a Container Instance as your runner, just make sure to install the necessary tools in the configuration you use.
Got it! So in my YAML file, I should specify the self-hosted runner that has all the tools I need? Do I need to change anything else in the steps?