Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove secret from cicd #208

Merged
merged 48 commits into from
May 2, 2024
Merged

Remove secret from cicd #208

Show file tree
Hide file tree
Changes from 11 commits
Commits
Show all changes
48 commits
Select commit Hold shift + click to select a range
4b9ba86
test
elayrocks Apr 30, 2024
f4d50f6
remove client secret
elayrocks Apr 30, 2024
2c74359
change PR for testing
elayrocks Apr 30, 2024
2a10fc7
test
elayrocks Apr 30, 2024
1d6f7e7
add token permission
elayrocks Apr 30, 2024
ae41a4a
test
elayrocks Apr 30, 2024
08ff800
remove redundant statement
elayrocks Apr 30, 2024
9bab3a3
test authentication
elayrocks Apr 30, 2024
862bf8f
test
elayrocks Apr 30, 2024
371bcc2
test
elayrocks Apr 30, 2024
fbdad9d
revert to original pr
elayrocks May 1, 2024
ca933ea
add config back
elayrocks May 1, 2024
7fe6b2d
change trigger
elayrocks May 1, 2024
f040cd9
test
elayrocks May 1, 2024
68475f5
test
elayrocks May 2, 2024
32710c6
test
elayrocks May 2, 2024
cfadb05
test
elayrocks May 2, 2024
be9df8b
test
elayrocks May 2, 2024
0487135
test
elayrocks May 2, 2024
eb34587
test
elayrocks May 2, 2024
16f0c9f
test
elayrocks May 2, 2024
2c38f89
remove azlogin
elayrocks May 2, 2024
2e424d8
test
elayrocks May 2, 2024
5c91f11
test
elayrocks May 2, 2024
a235a6d
test
elayrocks May 2, 2024
2493804
test
elayrocks May 2, 2024
b033600
remove secret
elayrocks May 2, 2024
3cf35c2
test
elayrocks May 2, 2024
ea62afc
test
elayrocks May 2, 2024
3e7fc3e
test
elayrocks May 2, 2024
92ee274
test
elayrocks May 2, 2024
214fdff
test
elayrocks May 2, 2024
ea587c0
test
elayrocks May 2, 2024
cfa7afc
test
elayrocks May 2, 2024
ee0f20d
test
elayrocks May 2, 2024
8ed4dc5
test
elayrocks May 2, 2024
a94c00e
test
elayrocks May 2, 2024
95bfabd
test
elayrocks May 2, 2024
bab9c3d
test
elayrocks May 2, 2024
c995a47
test
elayrocks May 2, 2024
91fe97d
test
elayrocks May 2, 2024
f511643
try Matt's fix
elayrocks May 2, 2024
9f9fb83
test
elayrocks May 2, 2024
b6e42ae
test
elayrocks May 2, 2024
cfd385d
test
elayrocks May 2, 2024
d9f8247
test
elayrocks May 2, 2024
39dc68a
test
elayrocks May 2, 2024
f4e3d90
ready for review, revert the changes for testing purpose
elayrocks May 2, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 7 additions & 8 deletions .github/workflows/cicd.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,10 @@ on:
branches: [main]
tags: ["*"]

permissions:
id-token: write
contents: read

jobs:
build_and_publish:

Expand All @@ -16,12 +20,11 @@ jobs:
- name: Log in with Azure
uses: azure/login@v1
with:
creds: '${{ secrets.AZURE_CREDENTIALS }}'
client-id: ${{ fromJSON(secrets.SECURE_AZURE_CREDENTIALS).clientId }}
tenant-id: ${{ fromJSON(secrets.SECURE_AZURE_CREDENTIALS).tenantId }}
subscription-id: ${{ fromJSON(secrets.SECURE_AZURE_CREDENTIALS).subscriptionId }}

- name: Authenticate
env:
CLIENT_ID: ${{ fromJSON(secrets.AZURE_CREDENTIALS).clientId }}
CLIENT_SECRET: ${{ fromJSON(secrets.AZURE_CREDENTIALS).clientSecret }}
run: ./scripts/ciauthenticate

- name: Run cibuild
Expand Down Expand Up @@ -73,7 +76,3 @@ jobs:
env:
IMAGE_TAG: ${{needs.build_and_publish.outputs.image_tag}}
ENVIRONMENT: staging
ARM_CLIENT_ID: ${{ fromJSON(secrets.AZURE_CREDENTIALS).clientId }}
elayrocks marked this conversation as resolved.
Show resolved Hide resolved
ARM_CLIENT_SECRET: ${{ fromJSON(secrets.AZURE_CREDENTIALS).clientSecret }}
ARM_SUBSCRIPTION_ID: ${{ fromJSON(secrets.AZURE_CREDENTIALS).subscriptionId }}
elayrocks marked this conversation as resolved.
Show resolved Hide resolved
ARM_TENANT_ID: ${{ fromJSON(secrets.AZURE_CREDENTIALS).tenantId }}
3 changes: 1 addition & 2 deletions scripts/ciauthenticate
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,5 +15,4 @@ CI authentication for this project.

# curl -sL https://aka.ms/InstallAzureCLIDeb | bash
# az login --service-principal --username ${CLIENT_ID} --tenant "microsoft.onmicrosoft.com" --password ${CLIENT_SECRET}
az acr login --name pccomponentstest
docker login pccomponentstest.azurecr.io --username ${CLIENT_ID} --password ${CLIENT_SECRET}
az acr login --name pccomponentstest
Loading