underhill_crash: Trace less during crash reporting (#261) #5
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: VSO refresh | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: | |
| - main | |
| permissions: | |
| id-token: write | |
| contents: read | |
| pull-requests: read | |
| jobs: | |
| Refresh: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Azure Login | |
| uses: Azure/login@v2 | |
| with: | |
| # These secrets describe the HvLite-GitHub service principal and associated Azure subscription, | |
| # which, along with the GITHUB_TOKEN, are used to authenticate GitHub Actions to Azure with OpenID Connect. | |
| # The service principal has federated identity credentials configured describing which branches and | |
| # scenarios can be authenticated. | |
| client-id: ${{ secrets.OPENVMM_CLIENT_ID }} | |
| tenant-id: ${{ secrets.OPENVMM_TENANT_ID }} | |
| subscription-id: ${{ secrets.OPENVMM_SUBSCRIPTION_ID }} | |
| - name: Pull Azure Key Vault secrets | |
| uses: Azure/get-keyvault-secrets@v1 | |
| with: | |
| keyvault: "HvLite-PATs" | |
| secrets: 'HvliteMirrorPAT' # comma separated list of secret keys that need to be fetched from the Key Vault | |
| id: AzureKeyVault # Reference the secrets with steps.AzureKeyVault.outputs.mySecret1 | |
| - name: Refresh the VSO mirror | |
| uses: Azure/pipelines@v1 | |
| with: | |
| azure-devops-project-url: '${{ secrets.VSO_MIRROR_URL }}' | |
| azure-pipeline-name: '${{ secrets.VSO_REFRESH_PIPELINE_NAME }}' | |
| azure-devops-token: '${{ steps.AzureKeyVault.outputs.HvliteMirrorPAT }}' # This PAT should have the Build (read & execute) permission. |