From e4771ef7efca233a41ee253e0a8d4892619c2005 Mon Sep 17 00:00:00 2001 From: smohiddin_fisker Date: Tue, 16 Apr 2024 01:45:14 -0700 Subject: [PATCH] Replacing azure/login and docker/login actions with azure/login OIDC which uses token based authentication. --- .github/workflows/deploy-on-demand-v2.yml | 13 +++--- .github/workflows/deploy-on-demand.yml | 14 +++--- .github/workflows/deploy.yml | 52 +++++++++++------------ 3 files changed, 36 insertions(+), 43 deletions(-) diff --git a/.github/workflows/deploy-on-demand-v2.yml b/.github/workflows/deploy-on-demand-v2.yml index 0e1dfac..9b3cd9a 100644 --- a/.github/workflows/deploy-on-demand-v2.yml +++ b/.github/workflows/deploy-on-demand-v2.yml @@ -41,14 +41,13 @@ jobs: - name: Azure Login uses: azure/login@v2 with: - creds: ${{ secrets.AZURE_CREDENTIALS }} + client-id: ${{ secrets.AZURE_CLIENT_ID_DEV }} + tenant-id: ${{ secrets.AZURE_TENANT_ID_DEV }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID_DEV }} - - name: Login to ACR - uses: docker/login-action@v3 - with: - registry: ${{ env.REGISTRY }} - username: ${{ secrets.AZURE_CLIENT_ID }} - password: ${{ secrets.AZURE_CLIENT_SECRET }} + - name: ACR Login + run: | + az acr login --name ${{ env.REGISTRY }} - name: JFrog Auth run: echo ${JFROG_NPMRC} | base64 -d > .npmrc diff --git a/.github/workflows/deploy-on-demand.yml b/.github/workflows/deploy-on-demand.yml index 1af79b3..f19bf53 100644 --- a/.github/workflows/deploy-on-demand.yml +++ b/.github/workflows/deploy-on-demand.yml @@ -40,15 +40,13 @@ jobs: - name: Azure Login uses: azure/login@v2 with: - creds: ${{ secrets.AZURE_CREDENTIALS }} - - - name: Login to ACR - uses: docker/login-action@v3 - with: - registry: ${{ env.REGISTRY }} - username: ${{ secrets.AZURE_CLIENT_ID }} - password: ${{ secrets.AZURE_CLIENT_SECRET }} + client-id: ${{ secrets.AZURE_CLIENT_ID_DEV }} + tenant-id: ${{ secrets.AZURE_TENANT_ID_DEV }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID_DEV }} + - name: ACR Login + run: | + az acr login --name ${{ env.REGISTRY }} - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 1400ca8..8f69c0e 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -33,14 +33,13 @@ jobs: - name: Azure Login uses: azure/login@v2 with: - creds: ${{ secrets.AZURE_CREDENTIALS }} + client-id: ${{ secrets.AZURE_CLIENT_ID_DEV }} + tenant-id: ${{ secrets.AZURE_TENANT_ID_DEV }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID_DEV }} - - name: Login to ACR - uses: docker/login-action@v3 - with: - registry: ${{ env.REGISTRY }} - username: ${{ secrets.AZURE_CLIENT_ID }} - password: ${{ secrets.AZURE_CLIENT_SECRET }} + - name: ACR Login + run: | + az acr login --name ${{ env.REGISTRY }} - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 @@ -121,14 +120,13 @@ jobs: - name: Azure Login uses: azure/login@v2 with: - creds: ${{ secrets.AZURE_CREDENTIALS }} + client-id: ${{ secrets.AZURE_CLIENT_ID_DEV }} + tenant-id: ${{ secrets.AZURE_TENANT_ID_DEV }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID_DEV }} - - name: Login to ACR - uses: docker/login-action@v3 - with: - registry: ${{ env.REGISTRY }} - username: ${{ secrets.AZURE_CLIENT_ID }} - password: ${{ secrets.AZURE_CLIENT_SECRET }} + - name: ACR Login + run: | + az acr login --name ${{ env.REGISTRY }} - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 @@ -210,14 +208,13 @@ jobs: - name: Azure Login uses: azure/login@v2 with: - creds: ${{ secrets.AZURE_CREDENTIALS }} + client-id: ${{ secrets.AZURE_CLIENT_ID_DEV }} + tenant-id: ${{ secrets.AZURE_TENANT_ID_DEV }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID_DEV }} - - name: Login to ACR - uses: docker/login-action@v3 - with: - registry: ${{ env.REGISTRY }} - username: ${{ secrets.AZURE_CLIENT_ID }} - password: ${{ secrets.AZURE_CLIENT_SECRET }} + - name: ACR Login + run: | + az acr login --name ${{ env.REGISTRY }} - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 @@ -299,14 +296,13 @@ jobs: - name: Azure Login uses: azure/login@v2 with: - creds: ${{ secrets.AZURE_CREDENTIALS }} + client-id: ${{ secrets.AZURE_CLIENT_ID_DEV }} + tenant-id: ${{ secrets.AZURE_TENANT_ID_DEV }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID_DEV }} - - name: Login to ACR - uses: docker/login-action@v3 - with: - registry: ${{ env.REGISTRY }} - username: ${{ secrets.AZURE_CLIENT_ID }} - password: ${{ secrets.AZURE_CLIENT_SECRET }} + - name: ACR Login + run: | + az acr login --name ${{ env.REGISTRY }} - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3