[Feature Request] skip add firewall rule

[mayong43111]

Hi,
I have a customer who has very strict access, they don't want to open a firewall every time and they used self-hosted. could you add a parameter like as.

  skipFirewallSetting:
    description: 'Parameters which skip Firewall Setting'
    required: false
    default: 'false'

        let skipFirewallSetting = (core.getInput('skipFirewallSetting') != 'true');
        
        if(skipFirewallSetting){
            const runnerIPAddress = await SqlUtils.detectIPAddress(inputs.serverName, inputs.connectionString);
            if(runnerIPAddress) {
                let azureResourceAuthorizer = await AuthorizerFactory.getAuthorizer();
                let azureSqlResourceManager = await AzureSqlResourceManager.getResourceManager(inputs.serverName, azureResourceAuthorizer);
                firewallManager = new FirewallManager(azureSqlResourceManager);
                await firewallManager.addFirewallRule(runnerIPAddress);
            }
        }

[mayong43111]

That’s a not good idea.

[mayong43111]

sorry @dzsquared , I thought it was the firewall, but I was wrong. The customer uses the service principal, so the SQLPackage needs to use /AccessToken. The firewall error is a login failure.

[mayong43111]

temp solution

$token = (az account get-access-token --resource=${{ env.server_name }} --query accessToken --scope=https://database.windows.net/.default)
& "${{ env.sqlpackage_path }}" /Action:Publish "/TargetConnectionString:"${{ env.connection_string}}" /SourceFile:./xxx.dacpac /AccessToken:$token