Skip to content

Commit ed61231

Browse files
AlvaroRausellAlvaroRausell
committed
Use managed identity to log into ACR
1 parent f4b0fee commit ed61231

File tree

5 files changed

+57
-28
lines changed

5 files changed

+57
-28
lines changed

.github/workflows/push-again.yml

Lines changed: 12 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -40,7 +40,18 @@ jobs:
4040
with:
4141
path: 'release'
4242
ref: ${{ github.event.inputs.release }}
43-
43+
44+
- name: Log in to Azure using Managed Identity
45+
uses: azure/login@v2
46+
with:
47+
client-id: ${{secrets.ACR_CLIENT_ID}}
48+
tenant-id: ${{secrets.ACR_TENANT_ID}}
49+
subscription-id: ${{secrets.ACR_SUBSCRIPTION_ID}}
50+
51+
- name: Log into ACR
52+
run: |
53+
az acr login --name ${{secrets.ACR_REGISTRY_NAME}}
54+
4455
- name: Build and push
4556
id: build_and_push
4657
env:
@@ -53,11 +64,6 @@ jobs:
5364
PASSWORD: ${{ secrets.PASSWORD }}
5465
run: |
5566
set -e
56-
57-
# ACR login
58-
ACR_REGISTRY_NAME=$(echo "$REGISTRY" | grep -oP '(.+)(?=\.azurecr\.io)')
59-
az acr login --name $ACR_REGISTRY_NAME --username $TOKEN_NAME --password $PASSWORD
60-
6167
# Setup build CLI
6268
cd "$GITHUB_WORKSPACE/ref"
6369
yarn install

.github/workflows/push-dev.yml

Lines changed: 11 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -30,6 +30,17 @@ jobs:
3030
id: checkout
3131
uses: actions/checkout@v3
3232

33+
- name: Log in to Azure using Managed Identity
34+
uses: azure/login@v2
35+
with:
36+
client-id: ${{secrets.ACR_CLIENT_ID}}
37+
tenant-id: ${{secrets.ACR_TENANT_ID}}
38+
subscription-id: ${{secrets.ACR_SUBSCRIPTION_ID}}
39+
40+
- name: Log into ACR
41+
run: |
42+
az acr login --name ${{secrets.ACR_REGISTRY_NAME}}
43+
3344
- name: Build and push dev tags
3445
id: build_and_push
3546
env:
@@ -43,11 +54,6 @@ jobs:
4354
PASSWORD: ${{ secrets.PASSWORD }}
4455
run: |
4556
set -e
46-
47-
# ACR login
48-
ACR_REGISTRY_NAME=$(echo "$REGISTRY" | grep -oP '(.+)(?=\.azurecr\.io)')
49-
az acr login --name $ACR_REGISTRY_NAME --username $TOKEN_NAME --password $PASSWORD
50-
5157
# Build and push dev images
5258
yarn install
5359
npm install -g @devcontainers/cli

.github/workflows/push-manual-dev.yml

Lines changed: 12 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,18 @@ jobs:
3636
with:
3737
path: 'release'
3838
ref: ${{ github.event.inputs.release }}
39-
39+
40+
- name: Log in to Azure using Managed Identity
41+
uses: azure/login@v2
42+
with:
43+
client-id: ${{secrets.ACR_CLIENT_ID}}
44+
tenant-id: ${{secrets.ACR_TENANT_ID}}
45+
subscription-id: ${{secrets.ACR_SUBSCRIPTION_ID}}
46+
47+
- name: Log into ACR
48+
run: |
49+
az acr login --name ${{secrets.ACR_REGISTRY_NAME}}
50+
4051
- name: Build and push
4152
id: build_and_push
4253
env:
@@ -49,11 +60,6 @@ jobs:
4960
PASSWORD: ${{ secrets.PASSWORD }}
5061
run: |
5162
set -e
52-
53-
# ACR login
54-
ACR_REGISTRY_NAME=$(echo "$REGISTRY" | grep -oP '(.+)(?=\.azurecr\.io)')
55-
az acr login --name $ACR_REGISTRY_NAME --username $TOKEN_NAME --password $PASSWORD
56-
5763
# Setup build CLI
5864
cd "$GITHUB_WORKSPACE/ref"
5965
yarn install

.github/workflows/push.yml

Lines changed: 11 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,17 @@ jobs:
3333
- name: Get tag name
3434
run: echo "TAG=$(echo "${{ github.ref }}" | grep -oP 'refs/tags/\K(.+)')" >> $GITHUB_ENV
3535

36+
- name: Log in to Azure using Managed Identity
37+
uses: azure/login@v2
38+
with:
39+
client-id: ${{secrets.ACR_CLIENT_ID}}
40+
tenant-id: ${{secrets.ACR_TENANT_ID}}
41+
subscription-id: ${{secrets.ACR_SUBSCRIPTION_ID}}
42+
43+
- name: Log into ACR
44+
run: |
45+
az acr login --name ${{secrets.ACR_REGISTRY_NAME}}
46+
3647
- name: Build and push
3748
id: build_and_push
3849
env:
@@ -46,11 +57,6 @@ jobs:
4657
PASSWORD: ${{ secrets.PASSWORD }}
4758
run: |
4859
set -e
49-
50-
# ACR login
51-
ACR_REGISTRY_NAME=$(echo "$REGISTRY" | grep -oP '(.+)(?=\.azurecr\.io)')
52-
az acr login --name $ACR_REGISTRY_NAME --username $TOKEN_NAME --password $PASSWORD
53-
5460
# Build and push images
5561
yarn install
5662
npm install -g @devcontainers/cli

.github/workflows/version-history.yml

Lines changed: 11 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -47,7 +47,17 @@ jobs:
4747
- name: Checkout
4848
id: checkout
4949
uses: actions/checkout@v3
50-
50+
51+
- name: Log in to Azure using Managed Identity
52+
uses: azure/login@v2
53+
with:
54+
client-id: ${{secrets.ACR_CLIENT_ID}}
55+
tenant-id: ${{secrets.ACR_TENANT_ID}}
56+
subscription-id: ${{secrets.ACR_SUBSCRIPTION_ID}}
57+
58+
- name: Log into ACR
59+
run: |
60+
az acr login --name ${{secrets.ACR_REGISTRY_NAME}}
5161
- name: Get image info
5262
id: Get_image_info
5363
env:
@@ -59,11 +69,6 @@ jobs:
5969
PASSWORD: ${{ secrets.PASSWORD }}
6070
run: |
6171
set -e
62-
63-
# ACR login
64-
ACR_REGISTRY_NAME=$(echo "$REGISTRY" | grep -oP '(.+)(?=\.azurecr\.io)')
65-
az acr login --name $ACR_REGISTRY_NAME --username $TOKEN_NAME --password $PASSWORD
66-
6772
yarn install
6873
RELEASE_STRING=$(echo "${{ inputs.release }}" | grep -oP 'refs/(heads|tags)/\K(.+)')
6974
OVERWRITE_STRING=$(if [ "${{ inputs.overwrite }}" = "false" ]; then echo '--no-overwrite'; else echo '--overwrite'; fi)

0 commit comments

Comments
 (0)