[DevOps] PR Builds: Add PR deployment support to Deploy-Hub#2030
Open
[DevOps] PR Builds: Add PR deployment support to Deploy-Hub#2030
Conversation
Extends Deploy-Hub.ps1 with CI/automation support: - -PR switch sets initials to "pr" for PR-based naming (e.g., pr-123) - -Scope configures cost data exports after deployment - -ManagedExports uses template-managed exports with RBAC setup Post-deployment handles both managed exports (grants Cost Management Contributor and RBAC Administrator on the monitored scope) and manual exports (creates FocusCost export via New-FinOpsCostExport). Also documents required RBAC roles for subscription/RG scopes in configure-scopes.md. Co-Authored-By: Claude Opus 4.6 <[email protected]>
flanakin
requested review from
MSBrett and
RolandKrummenacher
as code owners
microsoft-github-policy-service
bot
added
the
Needs: Review 👀
Contributor
There was a problem hiding this comment.
Pull request overview
This PR extends Deploy-Hub.ps1 with three new parameters (-PR, -Scope, -ManagedExports) to support CI/PR-based deployments and export configuration. It also documents required RBAC roles for subscription/resource group scopes in configure-scopes.md.
Changes:
- Added
-PR,-Scope, and-ManagedExportsparameters toDeploy-Hub.ps1, including post-deployment logic to either grant managed identity RBAC roles or create a manual FocusCost export viaNew-FinOpsCostExport - Updated
src/scripts/README.mdwith new parameter documentation and usage examples - Updated
docs-mslearn/toolkit/hubs/configure-scopes.mdto document the required roles (Cost Management Contributor and RBAC Administrator) for subscription/resource group scopes
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 4 comments.
| File | Description |
|---|---|
src/scripts/Deploy-Hub.ps1 |
Core changes: new parameters, initials logic for PR mode, managed/manual export configuration post-deployment |
src/scripts/README.md |
Updated parameter table and new usage examples for -PR, -Scope, and -ManagedExports |
docs-mslearn/toolkit/hubs/configure-scopes.md |
Added documentation for RBAC roles needed for subscription/resource group scopes with managed exports |
flanakin
changed the title
- Add "Optional." prefix to -PR parameter doc - Fix enableManagedExports default: explicitly set to $false for manual exports - Check New-AzRoleAssignment result before reporting success - Fix comment: "Build" → "Import" for module load Co-Authored-By: Claude Opus 4.6 <[email protected]>
Collaborator
Author
|
🤖 [AI][Claude] PR Update Summary Addressed: 4 thread(s)
|
flanakin
added
Skill: DevOps
This comment was marked as duplicate.
This comment was marked as duplicate.
This comment was marked as duplicate.
This comment was marked as duplicate.
This comment was marked as duplicate.
This comment was marked as duplicate.
Sorry, something went wrong.
- Remove RBAC Administrator from monitored scope (template handles it on storage account)
- Change -PR from [switch] to [int] that takes the PR number
- Set $initials to "pr-{number}" so naming flows through shared logic (e.g., pr-123-adx)
- Update docs and examples to reflect new -PR behavior
🤖 Generated with [Claude Code](https://claude.ai/claude-code)
Co-Authored-By: RolandKrummenacher <[email protected]>
Co-Authored-By: Claude <[email protected]>
Collaborator
Author
|
🤖 [AI][Claude] PR Update Summary Addressed: 2 thread(s)
|
- Inline Cost Management Contributor role instead of nested bullet list 🤖 Generated with [Claude Code](https://claude.ai/claude-code) Co-Authored-By: RolandKrummenacher <[email protected]> Co-Authored-By: Claude <[email protected]>
Collaborator
Author
|
🤖 [AI][Claude] PR Update Summary Addressed: 1 thread(s)
Simplified single-role documentation — inlined Cost Management Contributor into parent bullet instead of nested list. |
RolandKrummenacher
approved these changes
Mar 11, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
🛠️ Description
Extends Deploy-Hub.ps1 with three new parameters to support CI automation and simplified export configuration:
-PR— Sets initials toprfor PR-based naming (e.g.,pr-123-adx)-Scope— Configures cost data exports after deployment (managed or manual)-ManagedExports— Uses template-managed exports and grants the hub identity required RBAC roles on the monitored scopePost-deployment logic handles two paths:
scopesToMonitorto the templateNew-FinOpsCostExportAlso documents the required RBAC roles for subscription/RG scopes in configure-scopes.md.
This is PR A of a multi-PR effort to add per-PR deployment CI for FinOps hubs.
📋 Checklist
🔬 How did you test this change?
🙋♀️ Do any of the following that apply?
📑 Did you update
docs/changelog.md?📖 Did you update documentation?