Power BI CI/CD: From Manual Publishing to Automated Deployments

Byjaspreet2c6a5e7b03

Deployment to the Power BI Service can be done using both Azure DevOps and GitHub, but many teams prefer GitHub because it is open-source, widely adopted, and easy to integrate with automation tools. This often leads to common questions such as: What is CI/CD? What is a CI/CD pipeline? And why use CI/CD when manual publishing already works? In this blog, we answer these questions and explain how a GitHub-based CI/CD pipeline enables automated and reliable Power BI deployments.

CI/CD (Continuous Integration and Continuous Deployment) is a development approach where changes are regularly stored in source control and automatically deployed to the target environment. In simple terms, it helps teams release updates faster, with fewer manual steps and better consistency.

Why CI/CD Pipelines Are Important for Power BI

As Power BI solutions grow, manual deployments become risky and hard to manage. They can lead to accidental overwrites, inconsistent versions across environments, and poor traceability. A CI/CD pipeline solves these problems by automating how reports and datasets move from source control to the Power BI Service. This ensures consistent deployments, reduces human error, and supports enterprise needs such as governance and controlled releases.

Automating Power BI Deployments Using GitHub CI/CD

As Power BI environments grow, deployments need to become automated, repeatable, and secure. A GitHub-based CI/CD pipeline enables this by eliminating manual steps and enforcing a consistent deployment process. By combining GitHub Actions, Azure App Registration, and the Power BI Service, teams can deploy reports confidently while maintaining control, security, and traceability.

In this blog, we walk through a practical, end-to-end setup that demonstrates how to deploy a Power BI report from GitHub to the Power BI Service using Azure App Registration and GitHub Actions.

High-Level Architecture

The deployment flow looks like this:

Power BI Desktop >> GitHub Repository >> GitHub Actions >> Power BI Service

GitHub acts as the source control and automation engine, while Azure Active Directory (Entra ID) handles secure authentication.

Step 1: Create an App Registration in Azure (Service Principal)

To allow GitHub Actions to deploy content into Power BI Service without user login, we first need to create a Service Principal using Azure App Registration.

Steps:
  • Open https://portal.azure.com
  • Search for App registrations
  • Click New registration
  • Provide a name (for example: PBI-Auto-Deploy)
  • Select Single tenant
  • Click Register
    Once registered, Azure creates an identity for automation.
Screenshot of the Microsoft Azure portal homepage with a search bar showing 'App registrations' highlighted.
Screenshot of the Azure portal displaying the 'App registrations' section with a highlighted 'New registration' button.
Step 2: Capture Required IDs (Client ID & Tenant ID)

After registration:

  • Navigate to the Overview section
  • Copy and store:
    • Application (Client) ID
    • Directory (Tenant) ID

These values are required later for authentication inside GitHub Actions.

Screenshot of the Azure portal showing the Overview section of an App Registration with highlighted Application (client) ID and Directory (tenant) ID.
Step 3: Generate a Client Secret

The client secret is used by GitHub Actions to authenticate as the application.

Steps:
  • Go to Certificates & secrets
  • Click New client secret
  • Add a description and expiry
  • Click Add
  • Copy the secret value immediately (it is shown only once)
Azure Portal screen displaying the Certificates & secrets section for App Registration, featuring options to add a new client secret and details about existing client secrets.
Step 4: Grant Power BI Workspace Access

To enable automated deployments, the Service Principal created through Azure App Registration must be granted access to the Power BI workspace.

Steps:
  • Open Power BI Service
  • Create a new workspace (or open an existing one)
  • Go to Workspace >> Manage access
  • Click Add people or groups
  • Add the same email or identity used during Azure App Registration (for example, xyz@oxygenbi.com)
  • Assign it the Admin role

After access is granted, copy the Workspace ID from the browser URL.

Without this step, the CI/CD pipeline will fail even if authentication succeeds, because the Service Principal will not have the required permissions to publish reports or datasets to the workspace.

Screenshot of the Power BI Service dashboard showing the PBI-Auto-Deploy workspace, including options to add new items and manage folders.

Setting Up GitHub Repository and CI/CD Workflow for Power BI Deployment

Once the Azure App Registration and Power BI workspace access are in place, the next step is to prepare the GitHub repository that will host our Power BI files and the CI/CD pipeline definition. GitHub acts as the central source control system and also runs the automation through GitHub Actions.

This section explains how the repository is structured, why a README is useful, and how the deployment workflow works behind the scenes.

Step 1: Create a GitHub Repository

Now we prepare the GitHub side.

Steps:
  • Open GitHub
  • Click New Repository
  • Provide a name (example: power-auto-deploy)
  • Choose visibility
  • Create the repository

Upload your PBIX file (or PBIP structure) into this repository.

GitHub dashboard displaying the 'New' button for creating a new repository.
A GitHub repository creation interface showing fields for repository name, description, and visibility options.
GitHub repository setup page for 'Power-auto-deploy', showing options to create a new file or upload an existing one.
Step 2: Store Secrets in GitHub

Hardcoding credentials in a repository is unsafe and should always be avoided. GitHub provides encrypted secrets that allow sensitive information to be stored securely and used only during pipeline execution.

Steps:
  • Open your GitHub repository and go to Settings
  • Navigate to Secrets and variables >> Actions
  • Add the following secrets:
    1. PBI_CLIENT_ID >> Application (Client) ID from Azure App Registration
    1. PBI_CLIENT_SECRET >> Client Secret created in Azure
    1. PBI_TENANT_ID >> Azure Tenant ID
    1. PBI_WORKSPACE_ID >> Target Power BI Workspace ID

These secrets are automatically and securely injected into the CI/CD pipeline at runtime, ensuring that no credentials are exposed in the repository or pipeline code.

Screenshot of GitHub repository settings page showing the 'Actions secrets and variables' section, with options to manage encrypted secrets and create a new repository secret.

Adding a README and Creating the CI/CD Pipeline

Once the GitHub repository is created, the next step is to add a README file and set up the CI/CD pipeline that will automate Power BI deployments.

Step 1: Add a README File

The first thing we do is add a README.md file to the repository.
The README acts as a simple introduction to the project and helps anyone who opens the repository understand why this repository exists and what it does.

In our case, the README typically explains:

  • This repository is used for automated Power BI deployments
  • GitHub Actions is used to deploy reports to Power BI Service
  • Azure App Registration (Service Principal) is required for authentication

Adding a README makes the repository self-explanatory and professional, especially in team or enterprise environments.

Screenshot of GitHub interface showing the option to add a README file to a repository, with a red outline around the 'Add a README' button.
Step 2: Create the CI/CD Pipeline Folder Structure

GitHub Actions requires a specific folder structure to detect and run pipelines.

Create the following structure inside your repository:

Folder Structure:
.github/
 └── workflows/
     └── deploy.yml
  • The .github/workflows folder tells GitHub that this repository contains automation workflows.
  • The deploy.yml file defines when the pipeline runs and what steps it executes.
  • Inside the deploy.yml file, add the following YAML configuration:
Screenshot of a GitHub repository displaying the CI/CD pipeline configuration for deploying Power BI reports, with emphasis on the 'deploy.yml' file location.

How This CI/CD Pipeline Works (Behind the Scenes)

When a Power BI file is uploaded or updated in the GitHub repository and the change is committed to the main branch, the CI/CD pipeline is triggered automatically. GitHub Actions starts the workflow by spinning up a Windows environment, which is required to run Power BI PowerShell modules. The pipeline first downloads the repository content so it can access the PBIX file and deployment configuration. It then installs the MicrosoftPowerBIMgmt PowerShell module and authenticates to the Power BI Service using the Service Principal created through Azure App Registration. The authentication securely uses the Client ID, Tenant ID, and Client Secret stored in GitHub Secrets. Once authenticated, the pipeline publishes the PBIX file to the specified Power BI workspace, overwriting the existing report if it already exists. This entire process runs automatically in the background, ensuring consistent and reliable deployments without any manual publishing.

Screenshot of the Power BI Service showing the 'PBI-Auto-Deploy' workspace with two items labeled 'SalesReport', one as a report and the other as a semantic model.

What Is a Service Principal and Why Is It Used?

A Service Principal is a non-human identity created in Azure that allows automation tools to securely access Microsoft services without using a personal user account. It is created through Azure App Registration and represents the application inside Azure and the Power BI Service.

In a CI/CD setup, the pipeline uses the Service Principal to authenticate programmatically with a Client ID, Tenant ID, and Client Secret, instead of a username and password. This enables tools like GitHub Actions to deploy Power BI reports automatically. Service Principals are used because they provide secure, user-independent access, support credential rotation, and meet enterprise requirements such as governance and auditability.

Conclusion

Automating Power BI deployments using a GitHub-based CI/CD pipeline brings modern DevOps practices into BI development. While manual publishing may work in small setups, it quickly becomes unreliable as solutions grow and teams scale. By using GitHub Actions, Azure App Registration, and Power BI Service, deployments become automated, secure, and repeatable. This approach not only reduces deployment errors and improves consistency across environments but also supports enterprise requirements such as governance, auditability, and controlled releases.

Similar Posts

Power BI Tooltips: Add Insight Without Adding Pages

Power BI Tooltips: Add Insight Without Adding Pages

Byabhimanyu6a132bbea0

Tooltips are the small pop-ups you see when you hover a data point in Power BI.  They’re not just labels they add extra context right where you’re looking. Use them to show quick comparisons, trends, or a short breakdown. That keeps the page clean and avoids sending people to other visuals or pages. You can…

Related() and RelatedTable()

Related() and RelatedTable()

Byjaspreet2c6a5e7b03

RELATED() is one of the most-used DAX functions. You use RELATED() when you’re iterating a table and, within that row context, you need a value from a related table. Its companion, RELATEDTABLE(), goes the opposite way across the relationship. It’s easy to mix these up using RELATED() when it isn’t needed, or forgetting about RELATEDTABLE()….

Unlocking Data Governance with Microsoft Fabric and Purview

Unlocking Data Governance with Microsoft Fabric and Purview

Byjaspreet2c6a5e7b03

1. Understanding the Core Components : 2. Connecting Fabric to Purview : 3. Registering the Data Source : 4. Creating Your First Scan : 5. Setting Up Fabric Access for Purview : 6. Creating a Security Group in Azure : 7. Testing the Integration : 8. Initiating a Data Scan : 9. Analyzing Scan Results…

Refresh in Power BI: Understanding Incremental Refresh in the Service and the Role of Manual and Scheduled Refresh

Byjaspreet2c6a5e7b03

Power BI offers multiple refresh mechanisms that serve different purposes. Manual and Scheduled Refresh control when data is refreshed, while Incremental Refresh controls how much data is refreshed. To clearly understand the difference, let’s walk through a single, consistent example using a sales dataset stored on OneDrive. Manual Refresh vs Scheduled Refresh vs Incremental Refresh…

Power BI Data Modeling Best Practices

Power BI Data Modeling Best Practices

Byjaspreet2c6a5e7b03

Power BI has become one of the most powerful and widely adopted tools in the world of data analytics and business intelligence. But while Power BI’s visualizations grab the spotlight, what happens under the hood the data modeling often determines whether your reports fly or crawl. Data modeling in Power BI is like laying the…

Performance Analyser in Power BI

Performance Analyser in Power BI

Byabhimanyu6a132bbea0

Use of Performance Analyzer to examine report element performance in Power BI Desktop Performance Analyzer in Power BI Desktop (added in May 2019) is one of the most underused yet powerful tools for keeping reports fast. Many report creators skip it, but it can instantly reveal which visuals or DAX measures are slowing a page,…