Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RFE: ACR Managed Identity support in the GitHub Action #11

Open
ezYakaEagle442 opened this issue Oct 8, 2022 · 0 comments
Open

RFE: ACR Managed Identity support in the GitHub Action #11

ezYakaEagle442 opened this issue Oct 8, 2022 · 0 comments

Comments

@ezYakaEagle442
Copy link

ezYakaEagle442 commented Oct 8, 2022
edited
Loading

Only service_principal & service_principal_password can be provided in the GitHub Action.
When ACR is set with Managed Identity, how to provide the identity to use to connect to ACR ?

see also #10

env:
  AZURE_CONTAINER_REGISTRY: acrpetcliaca 
  REGISTRY_URL: acrpetcliaca.azurecr.io  # set this to the URL of your registry
  REPOSITORY: petclinic                  # set this to your ACR repository
  PROJECT_NAME: petclinic                # set this to your project's name
  KV_NAME: kv-petcliaca442               
  
  RG_KV: rg-iac-kv777 
  RG_APP: rg-iac-aca-petclinic-mic-srv 

  # ==== APPS ====
  PRJ_PREFIX: aca-spring-petclinic

  API_GATEWAY: api-gateway
  ADMIN_SERVER: admin-server
  CUSTOMERS_SERVICE: customers-service
  VETS_SERVICE: vets-service
  VISITS_SERVICE: visits-service

  CONFIG_SERVER: config-server
  DISCOVERY_SERVER: discovery-server

  # https://github.com/Azure/actions-workflow-samples/blob/master/assets/create-secrets-for-GitHub-workflows.md#consume-secrets-in-your-workflow
  # https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#example-using-secrets
  # ==== Secrets ====
  credentials: ${{ secrets.AZURE_CREDENTIALS }}
  AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
  SPN_ID: ${{ secrets.SPN_ID }}
  SPN_PWD: ${{ secrets.SPN_PWD }}
  
    - name: admin-server ACR build
      id: admin-server-acr-build
      uses: azure/acr-build@v1
      with:
        service_principal: ${{ env.SPN_ID }} # The Service Principal credentials : must be stored in KV
        service_principal_password: ${{ env.SPN_PWD }} # The Service Principal credentials: must be stored in KV
        tenant: ${{ env.AZURE_TENANT_ID }} # The ACR tenant
        registry: ${{ env.AZURE_CONTAINER_REGISTRY }} # The ACR name
        repository: ${{ env.REPOSITORY }} # The repository on the ACR
        image: ${{ env.ADMIN_SERVER }} # Docker image name. Default tag: The action will default to use the first 8 characters of the commit SHA if no tag is specified. Tagged with GitHub commit ID (SHA), ex: 'mcr.microsoft.com/azuredocs/containerapps-helloworld:latest'
        # git_access_token: ${{ secrets.git_access_token }} # The Github access token for private repositories
        folder: ${{ github.workspace }} # Build context for Docker agent
        dockerfile: ./docker/petclinic-admin-server/Dockerfile # Path to the Dockerfile relative to `folder`
        branch: main # Branch to root the context off of
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ezYakaEagle442