Skip to content

Commit

Permalink
enable github action login with user assigned identity
Browse files Browse the repository at this point in the history
  • Loading branch information
@dantelmomsft
dantelmomsft committed Oct 9, 2024
1 parent 440425c commit a4c6ef8
Show file tree
Hide file tree
Showing 2 changed files with 21 additions and 0 deletions.
8 changes: 8 additions & 0 deletions .github/workflows/aca-deploy.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,8 +23,16 @@ jobs:
steps:
- name: Log in to Azure with service principal
uses: azure/login@v2
if: ${{ vars.AZURE_CLIENT_ID == '' }}
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- name: Log in with Azure (Federated Credentials)
if: ${{ vars.AZURE_CLIENT_ID != '' }}
uses: azure/login@v2
with:
client-id: ${{ vars.AZURE_CLIENT_ID }}
tenant-id: ${{ vars.AZURE_TENANT_ID }}
subscription-id: ${{ vars.AZURE_SUBSCRIPTION_ID }}
- name: Build and deploy Container App
uses: azure/container-apps-deploy-action@v1
with:
Expand Down
13 changes: 13 additions & 0 deletions .github/workflows/acr-build-push.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,17 +17,30 @@ jobs:
build:
runs-on: ubuntu-latest
environment: ${{inputs.env-name}}

steps:
- name: Log in to Azure with service principal
if: ${{ vars.AZURE_CLIENT_ID == '' }}
uses: azure/login@v2
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- name: Log in Azure Container Registry
if: ${{ vars.AZURE_CLIENT_ID == '' }}
uses: azure/docker-login@v2
with:
login-server: ${{vars.ACR_NAME}}.azurecr.io
username: ${{ secrets.SPI_CLIENT_ID }}
password: ${{ secrets.SPI_CLIENT_SECRET }}
- name: Log in with Azure (Federated Credentials)
if: ${{ vars.AZURE_CLIENT_ID != '' }}
uses: azure/login@v2
with:
client-id: ${{ vars.AZURE_CLIENT_ID }}
tenant-id: ${{ vars.AZURE_TENANT_ID }}
subscription-id: ${{ vars.AZURE_SUBSCRIPTION_ID }}
- name: Login to Azure Container Registry (Federated Credentials)
if: ${{ vars.AZURE_CLIENT_ID != '' }}
run: az acr login --name ${{vars.ACR_NAME}}
- uses: actions/checkout@v2
- name: Build and Push to ACR
run: |
Expand Down

0 comments on commit a4c6ef8

Please sign in to comment.