azure-deploy
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseAzure Deploy
Azure 部署
AUTHORITATIVE GUIDANCE — MANDATORY COMPLIANCEPREREQUISITE: The azure-validate skill MUST be invoked and completed with statusBEFORE executing this skill.Validated
⛔ STOP — PREREQUISITE CHECK REQUIRED Before proceeding, verify BOTH prerequisites are met:
- azure-prepare was invoked and completed →
exists.azure/deployment-plan.md- azure-validate was invoked and passed → plan status =
ValidatedIf EITHER is missing, STOP IMMEDIATELY:
- No plan? → Invoke azure-prepare skill first
- Status not
? → Invoke azure-validate skill firstValidated⛔ DO NOT MANUALLY UPDATE THE PLAN STATUSYou are FORBIDDEN from changing the plan status toyourself. Only the azure-validate skill is authorized to set this status after running actual validation checks. If you update the status without running validation, deployments will fail.ValidatedDO NOT ASSUME the app is ready. DO NOT SKIP validation to save time. Skipping steps causes deployment failures. The complete workflow ensures success:→azure-prepare→azure-validateazure-deploy
权威指南 — 必须遵守前置条件:执行该技能前,必须先调用azure-validate技能且执行完成后状态为。Validated
⛔ 停止 — 必须检查前置条件 继续操作前,请确认两项前置条件均已满足:
- 已调用并完成azure-prepare → 存在
文件.azure/deployment-plan.md- 已调用并通过azure-validate校验 → 方案状态 =
Validated如有任意一项缺失,请立即停止:
- 没有部署方案?→ 先调用azure-prepare技能
- 状态不是
?→ 先调用azure-validate技能Validated⛔ 禁止手动修改方案状态严禁自行将方案状态修改为。仅azure-validate技能有权在完成实际校验检查后设置该状态。如果未运行校验就修改状态,会导致部署失败。Validated不要假设应用已准备就绪,不要为了节省时间跳过校验。跳过步骤会引发部署失败。完整工作流可保障部署成功:→azure-prepare→azure-validateazure-deploy
Triggers
触发场景
Activate this skill when user wants to:
- Execute deployment of an already-prepared application (azure.yaml and infra/ exist)
- Push updates to an existing Azure deployment
- Run ,
azd up, orazd deployon a prepared projectaz deployment - Ship already-built code to production
- Deploy an application that already includes API Management (APIM) gateway infrastructure
Scope: This skill executes deployments. It does not create applications, generate infrastructure code, or scaffold projects. For those tasks, use azure-prepare.
APIM / AI Gateway: Use this skill to deploy applications whose APIM/AI gateway infrastructure was already created during azure-prepare. For creating or changing APIM resources, see APIM deployment guide. For AI governance policies, invoke azure-aigateway skill.
当用户需要执行以下操作时激活该技能:
- 为已经准备好的应用执行部署(已存在azure.yaml和infra/目录)
- 向已有的Azure部署推送更新
- 在已准备好的项目上运行、
azd up或azd deploy命令az deployment - 将已构建完成的代码发布到生产环境
- 部署已包含API Management(APIM)网关基础设施的应用
适用范围:该技能仅用于执行部署。它不会创建应用、生成基础设施代码或搭建项目框架。这类任务请使用azure-prepare。
APIM / AI 网关:如果应用的APIM/AI网关基础设施已在azure-prepare阶段创建完成,可使用该技能部署应用。如需创建或修改APIM资源,请参考APIM部署指南。如需配置AI治理策略,请调用azure-aigateway技能。
Rules
规则
- Run after azure-prepare and azure-validate
- must exist with status
.azure/deployment-plan.mdValidated - Pre-deploy checklist required — Pre-Deploy Checklist
- ⛔ Destructive actions require — global-rules
ask_user - Scope: deployment execution only — This skill owns execution of ,
azd up,azd deploy, andterraform applycommands. These commands are run through this skill's error recovery and verification pipeline.az deployment
- 必须在azure-prepare和azure-validate之后运行
- 必须存在状态为的
Validated文件.azure/deployment-plan.md - 必须完成部署前检查清单 —— 部署前检查清单
- ⛔ 执行破坏性操作前需要确认 —— 全局规则
ask_user - 适用范围:仅执行部署 —— 该技能负责执行、
azd up、azd deploy和terraform apply命令,这些命令会通过该技能内置的错误恢复和校验流水线运行。az deployment
Steps
执行步骤
| # | Action | Reference |
|---|---|---|
| 1 | Check Plan — Read | |
| 2 | Pre-Deploy Checklist — MUST complete ALL steps | Pre-Deploy Checklist |
| 3 | Load Recipe — Based on | recipes/README.md |
| 4 | Execute Deploy — Follow recipe steps | Recipe README |
| 5 | Post-Deploy — Configure SQL managed identity and apply EF migrations if applicable | Post-Deployment |
| 6 | Handle Errors — See recipe's | — |
| 7 | Verify Success — Confirm deployment completed and endpoints are accessible | Verification |
| 8 | Live Role Verification — Query Azure to confirm provisioned RBAC roles are correct and sufficient | live-role-verification.md |
| 9 | Report Results — Present deployed endpoint URLs to the user as fully-qualified | Verification |
⛔ URL FORMAT RULEWhen presenting endpoint URLs to the user, you MUST always use fully-qualified URLs with thescheme (e.g.https://, nothttps://myapp.azurewebsites.net). Many Azure CLI commands return bare hostnames without a scheme — always prependmyapp.azurewebsites.netbefore presenting them.https://
⛔ VALIDATION PROOF CHECKWhen checking the plan, verify the Validation Proof section (Section 7) contains actual validation results with commands run and timestamps. If this section is empty, validation was bypassed — invoke azure-validate skill first.
| # | 操作 | 参考文档 |
|---|---|---|
| 1 | 检查部署方案 —— 读取 | |
| 2 | 部署前检查清单 —— 必须完成所有步骤 | 部署前检查清单 |
| 3 | 加载部署方案 —— 基于 | recipes/README.md |
| 4 | 执行部署 —— 遵循部署方案步骤执行 | 部署方案README |
| 5 | 部署后配置 —— 如适用,配置SQL托管身份并执行EF迁移 | 部署后配置 |
| 6 | 错误处理 —— 参考部署方案的 | — |
| 7 | 验证部署成功 —— 确认部署完成,端点可正常访问 | 验证说明 |
| 8 | 线上角色校验 —— 查询Azure确认已配置的RBAC角色正确且权限充足 | 线上角色校验说明 |
| 9 | 反馈结果 —— 将部署完成的端点URL以完整的 | 验证说明 |
⛔ URL格式规则向用户展示端点URL时,必须始终使用带协议的完整URL(例如https://,而非https://myapp.azurewebsites.net)。很多Azure CLI命令返回的裸主机名不带协议,展示前请务必在前面拼接myapp.azurewebsites.net。https://
⛔ 校验证明检查规则检查部署方案时,请确认校验证明部分(第7节)包含实际的校验结果、执行的命令和时间戳。如果该部分为空,说明校验被跳过,请先调用azure-validate技能。
SDK Quick References
SDK快速参考
- Azure Developer CLI: azd
- Azure Identity: Python | .NET | TypeScript | Java
- Azure Developer CLI: azd
- Azure Identity: Python | .NET | TypeScript | Java
MCP Tools
MCP工具
| Tool | Purpose |
|---|---|
| List available subscriptions |
| List resource groups in subscription |
| Execute AZD commands |
| List role assignments for live RBAC verification (step 8) |
| 工具 | 用途 |
|---|---|
| 列出可用的订阅 |
| 列出订阅下的资源组 |
| 执行AZD命令 |
| 列出角色分配用于RBAC线上校验(步骤8) |
References
参考文档
- Troubleshooting - Common issues and solutions
- Post-Deployment Steps - SQL + EF Core setup
- 故障排查 - 常见问题和解决方案
- 部署后步骤 - SQL + EF Core配置