-
Notifications
You must be signed in to change notification settings - Fork 286
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adding CLI and PS error logs & optional audience parameter #159
Conversation
@@ -121,7 +121,7 @@ jobs: | |||
az group list | |||
pwd | |||
``` | |||
This action supports login az powershell as well for both windows and linux runners by setting an input parameter `enable-AzPSSession: true`. Below is the sample workflow for the same using the windows runner. Please note that powershell login is not supported in Macos runners. | |||
Users can also specify `audience` field for access-token in the input parameters of the action. If not specified, it is defaulted to `api://AzureADTokenExchange`. This action supports login az powershell as well for both windows and linux runners by setting an input parameter `enable-AzPSSession: true`. Below is the sample workflow for the same using the windows runner. Please note that powershell login is not supported in Macos runners. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: we should have "This action supports login... " in a new line
We need to update the documentation/readme to include the audience field |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@BALAGA-GAYATRI, @N-Usha , should we have a security review to ensure whether we are good with all these claims in logs that anyone can see?
* cherry pick changes * added audience field option in input params * added js * removed extra spaces * Adding logs to surface AZ-CLI and powershell errors (#171) * removing token logs
Printing token logs changes are removed from this PR and will be done post security approval. |
Added federated token logs - sample output:
Also, added audience parameter (which will be optional) and defaults to ‘api://AzureADTokenExchange’