-
Notifications
You must be signed in to change notification settings - Fork 174
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adds FederatedIdentityCredentials (FICS) request builders to Graph Client #1086
Conversation
Do you have a link to the issue that describes the requirements? Are we creating the |
Mentioned issue #408 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Tested on Windows and todo-java-mongo. Works great!
Repoman Generation ResultsRepoman pushed changes to remotes for the following projects: Project: todo-csharp-cosmos-sqlRemote: azure-samples-stagingBranch: pr/1086You can initialize this project with: azd init -t Azure-Samples/todo-csharp-cosmos-sql -b pr/1086 View Changes | Compare Changes Project: todo-csharp-sql-swa-funcRemote: azure-samples-stagingBranch: pr/1086You can initialize this project with: azd init -t Azure-Samples/todo-csharp-sql-swa-func -b pr/1086 View Changes | Compare Changes Project: todo-csharp-sqlRemote: azure-samples-stagingBranch: pr/1086You can initialize this project with: azd init -t Azure-Samples/todo-csharp-sql -b pr/1086 View Changes | Compare Changes Project: todo-java-mongo-acaRemote: azure-samples-stagingBranch: pr/1086You can initialize this project with: azd init -t Azure-Samples/todo-java-mongo-aca -b pr/1086 View Changes | Compare Changes Project: todo-java-mongoRemote: azure-samples-stagingBranch: pr/1086You can initialize this project with: azd init -t Azure-Samples/todo-java-mongo -b pr/1086 View Changes | Compare Changes Project: todo-nodejs-mongo-acaRemote: azure-samples-stagingBranch: pr/1086You can initialize this project with: azd init -t Azure-Samples/todo-nodejs-mongo-aca -b pr/1086 View Changes | Compare Changes Project: todo-nodejs-mongo-swa-funcRemote: azure-samples-stagingBranch: pr/1086You can initialize this project with: azd init -t Azure-Samples/todo-nodejs-mongo-swa-func -b pr/1086 View Changes | Compare Changes Project: todo-nodejs-mongoRemote: azure-samples-stagingBranch: pr/1086You can initialize this project with: azd init -t Azure-Samples/todo-nodejs-mongo -b pr/1086 View Changes | Compare Changes Project: todo-python-mongo-acaRemote: azure-samples-stagingBranch: pr/1086You can initialize this project with: azd init -t Azure-Samples/todo-python-mongo-aca -b pr/1086 View Changes | Compare Changes Project: todo-python-mongo-swa-funcRemote: azure-samples-stagingBranch: pr/1086You can initialize this project with: azd init -t Azure-Samples/todo-python-mongo-swa-func -b pr/1086 View Changes | Compare Changes Project: todo-python-mongoRemote: azure-samples-stagingBranch: pr/1086You can initialize this project with: azd init -t Azure-Samples/todo-python-mongo -b pr/1086 View Changes | Compare Changes |
Azure Dev CLI Install InstructionsInstall scriptsMacOS/Linux
bash:
pwsh:
Windows
Standalone Binary
Container
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Awesome to see this coming online! Code changes look great. A small question about the pipeline configuration. Excited for our secret-less future!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Awesome! thank you!
Addresses #408
--auth-type
flag forazd pipeline config
. Valid values: federated, client-credentialsFederated
When auth type is Federated in a valid configuration,
azd
will create a federated identity credential on the new/updated service principal for the following subjects:References
Pipeline providers
Github
Auth Default: Federated
Supported Auth: Federated, ClientCredentials
Github secret configuration is different between Federated and ClientCredentials. The github workflow has been setup to test which secrets have been defined and then use the correct version of the
az login
command.Azure DevOps
Auth Default: ClientCredentials
Supported Auth: ClientCredentials
Display error if
--auth-type
is explicitly set to Federated**(not supported)**Provision Providers
Bicep
Auth Default: Federated
Supported Auth: Federated, ClientCredentials
Terraform
Auth Default: ClientSecret
Supported Auth: ClientCredentials
Display warning if
--auth-type
isn't defined (falling back toClientCredentials
)Display error if
--auth-type
is explicitly set to Federated**(not supported)**