Microsoft Power Platform Build Tools for Azure DevOps
Use Microsoft Power Platform Build Tools to automate common build and deployment tasks related to apps built on the Power Platform. These tasks include:
- Synchronization of solution metadata (also known as solutions) that contains the various platform components such as customer engagement apps (Dynamics 365 Sales, Customer Service, Field Service, Marketing, and Project Service Automation), canvas apps, model-driven apps, UI flows, virtual agents, AI Builder models, and connectors between development environments and source control
- Generating build artifacts
- Deploying to downstream environments
- Provisioning or de-provisioning environments
- Perform static analysis checks against solutions by using the Power Apps checker service
Microsoft Power Platform Build Tools tasks can be used along with any other available Azure DevOps tasks to compose your build and release pipelines. Pipelines that teams commonly put in place include Initiate, Export from Dev, Build, and Release.
Note
Microsoft Power Platform Build Tools are supported only for a Microsoft Dataverse environment with a database. More information: Create an environment with a database
What are Microsoft Power Platform Build Tools?
Microsoft Power Platform Build Tools are a collection of Power Platform–specific Azure DevOps build tasks that eliminate the need to manually download custom tooling and scripts to manage the application lifecycle of apps built on the Power Platform. The tasks can be used individually to perform a simple task, such as importing a solution into a downstream environment, or used together in a pipeline to orchestrate a scenario such as "generate a build artifact", "deploy to test", or "harvest maker changes." The build tasks can largely be categorized into four types:
-
Helper
-
Quality check
-
Solution
-
Environment management
For more information about the available tasks see Microsoft Power Platform Build Tools tasks.
Get Microsoft Power Platform Build Tools
Microsoft Power Platform Build Tools can be installed into your Azure DevOps organization from Azure Marketplace.
After installation, all tasks included in the Microsoft Power Platform Build Tools will be available to add into any new or existing pipeline. You can find them by searching for "Power Platform".
Connection to environments
To interact with the Power Platform environment, a connection must be established that enables the various build tool tasks to perform the required actions. Two types of connections are available:
- Username/password: Configured as a generic service connection with username and password. Note that username/password does not support multi-factor authentication.
- Service principal and client secret: (recommended) This connection type uses service principal based authentication and supports multi-factor authentication.
Configure service connections using a service principal
To configure a connection using service principal, you must first create an application registration in Azure Active Directory (AAD) with the required permissions and then create the associated Application User in the Power Platform environment you want to connect to. We have offered a script to facilitate some of the steps required in the section below, while detailed information with manual step-by-step instructions are available here.
Create service principal and client secret using PowerShell
This PowerShell script assists in creating and configuring the service principal to be used with the Microsoft Power Platform Build Tools tasks. It first registers an Application object and corresponding Service Principal Name (SPN) in AAD.
This application is then added as an administrator user to the Power Platform tenant itself.
Installation
Download the following PowerShell cmdlet: https://pabuildtools.blob.core.windows.net/spn-docs-4133a3fe/New-CrmServicePrincipal.ps1
- Open a regular Windows PowerShell command prompt (standard, not PS core)
- Navigate to the folder where you saved the script, and unblock the script using the following command: `Unblock-File New-CrmServicePrincipal.ps1`
- Run the script: `.New-CrmServicePrincipal.ps1`
The script will prompt two times with AAD login dialogs:
- 1st prompt: to login as administrator to the AAD instance associated with the Microsoft Power Platform tenant
- 2nd prompt: to login as tenant administrator to the Microsoft Power Platform tenant itself
Once successful, 3 columns are displayed:
- Power Platform TenantId
- Application ID
- Client Secret (in clear text)
Use the information displayed to configure the Power Platform service connection.
Important
Keep the client secret safe and secure. Once the PowerShell command prompt is cleared, you cannot retrieve the same client secret again.
Configure environment with the Application ID
The Application ID must be added as an Application User in the Power Platform environment you are connecting to. Information on how to add an application user is available here
Ensure that the added Application User has the system administrator role assigned (available from “Manage Roles” in the security settings for the application user).
for detail, this blog can be reference.
https://www.cnblogs.com/TheMiao/p/13832018.html
https://www.cnblogs.com/TheMiao/p/12316505.html