Skip to content

Commit bdf3c4d

Browse files
Vamshi-MicrosoftVamshi-Microsoft
committed
updated all workflow files to use secrets: inherit instead of explicitly passing individual secrets
1 parent 8c88832 commit bdf3c4d

File tree

8 files changed

+6
-124
lines changed

8 files changed

+6
-124
lines changed

.github/workflows/deploy-orchestrator.yml

Lines changed: 4 additions & 40 deletions
Original file line numberDiff line numberDiff line change
@@ -61,27 +61,6 @@ on:
6161
description: 'Trigger type (workflow_dispatch, pull_request, schedule)'
6262
required: true
6363
type: string
64-
secrets:
65-
AZURE_CLIENT_ID:
66-
required: true
67-
AZURE_CLIENT_SECRET:
68-
required: true
69-
AZURE_TENANT_ID:
70-
required: true
71-
AZURE_SUBSCRIPTION_ID:
72-
required: true
73-
ACR_TEST_LOGIN_SERVER:
74-
required: true
75-
ACR_TEST_USERNAME:
76-
required: true
77-
ACR_TEST_PASSWORD:
78-
required: true
79-
AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID:
80-
required: false
81-
AZURE_ENV_FOUNDRY_PROJECT_ID:
82-
required: false
83-
EMAILNOTIFICATION_LOGICAPP_URL_TA:
84-
required: false
8564

8665
env:
8766
AZURE_DEV_COLLECT_TELEMETRY: ${{ vars.AZURE_DEV_COLLECT_TELEMETRY }}
@@ -92,10 +71,7 @@ jobs:
9271
with:
9372
trigger_type: ${{ inputs.trigger_type }}
9473
build_docker_image: ${{ inputs.build_docker_image }}
95-
secrets:
96-
ACR_TEST_LOGIN_SERVER: ${{ secrets.ACR_TEST_LOGIN_SERVER }}
97-
ACR_TEST_USERNAME: ${{ secrets.ACR_TEST_USERNAME }}
98-
ACR_TEST_PASSWORD: ${{ secrets.ACR_TEST_PASSWORD }}
74+
secrets: inherit
9975

10076
deploy:
10177
if: always() && (inputs.trigger_type != 'workflow_dispatch' || inputs.existing_webapp_url == '' || inputs.existing_webapp_url == null)
@@ -113,14 +89,7 @@ jobs:
11389
AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID: ${{ inputs.AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID }}
11490
AZURE_EXISTING_AI_PROJECT_RESOURCE_ID: ${{ inputs.AZURE_EXISTING_AI_PROJECT_RESOURCE_ID }}
11591
docker_image_tag: ${{ needs.docker-build.outputs.IMAGE_TAG }}
116-
secrets:
117-
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
118-
AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}
119-
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
120-
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
121-
ACR_TEST_LOGIN_SERVER: ${{ secrets.ACR_TEST_LOGIN_SERVER }}
122-
AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID: ${{ secrets.AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID }}
123-
AZURE_ENV_FOUNDRY_PROJECT_ID: ${{ secrets.AZURE_ENV_FOUNDRY_PROJECT_ID }}
92+
secrets: inherit
12493

12594
e2e-test:
12695
if: always() && ((needs.deploy.result == 'success' && needs.deploy.outputs.CONTAINER_WEB_APPURL != '') || (inputs.existing_webapp_url != '' && inputs.existing_webapp_url != null)) && (inputs.trigger_type != 'workflow_dispatch' || (inputs.run_e2e_tests != 'None' && inputs.run_e2e_tests != '' && inputs.run_e2e_tests != null))
@@ -148,8 +117,7 @@ jobs:
148117
QUOTA_FAILED: ${{ needs.deploy.outputs.QUOTA_FAILED }}
149118
TEST_SUCCESS: ${{ needs.e2e-test.outputs.TEST_SUCCESS }}
150119
TEST_REPORT_URL: ${{ needs.e2e-test.outputs.TEST_REPORT_URL }}
151-
secrets:
152-
EMAILNOTIFICATION_LOGICAPP_URL_TA: ${{ secrets.EMAILNOTIFICATION_LOGICAPP_URL_TA }}
120+
secrets: inherit
153121

154122
cleanup-deployment:
155123
if: always() && needs.deploy.result == 'success' && needs.deploy.outputs.RESOURCE_GROUP_NAME != '' && inputs.existing_webapp_url == '' && (inputs.trigger_type != 'workflow_dispatch' || inputs.cleanup_resources == true || inputs.cleanup_resources == null)
@@ -165,8 +133,4 @@ jobs:
165133
AZURE_ENV_OPENAI_LOCATION: ${{ needs.deploy.outputs.AZURE_ENV_OPENAI_LOCATION }}
166134
ENV_NAME: ${{ needs.deploy.outputs.ENV_NAME }}
167135
IMAGE_TAG: ${{ needs.deploy.outputs.IMAGE_TAG }}
168-
secrets:
169-
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
170-
AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}
171-
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
172-
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
136+
secrets: inherit

.github/workflows/job-cleanup-deployment.yml

Lines changed: 0 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -41,15 +41,6 @@ on:
4141
description: 'Docker Image Tag'
4242
required: true
4343
type: string
44-
secrets:
45-
AZURE_CLIENT_ID:
46-
required: true
47-
AZURE_CLIENT_SECRET:
48-
required: true
49-
AZURE_TENANT_ID:
50-
required: true
51-
AZURE_SUBSCRIPTION_ID:
52-
required: true
5344

5445
jobs:
5546
cleanup-deployment:

.github/workflows/job-deploy-linux.yml

Lines changed: 0 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -34,21 +34,6 @@ on:
3434
AZURE_EXISTING_AI_PROJECT_RESOURCE_ID:
3535
required: false
3636
type: string
37-
secrets:
38-
AZURE_CLIENT_ID:
39-
required: true
40-
AZURE_CLIENT_SECRET:
41-
required: true
42-
AZURE_TENANT_ID:
43-
required: true
44-
AZURE_SUBSCRIPTION_ID:
45-
required: true
46-
ACR_TEST_LOGIN_SERVER:
47-
required: true
48-
AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID:
49-
required: false
50-
AZURE_ENV_FOUNDRY_PROJECT_ID:
51-
required: false
5237
outputs:
5338
CONTAINER_WEB_APPURL:
5439
description: "Container Web App URL"

.github/workflows/job-deploy-windows.yml

Lines changed: 0 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -34,21 +34,6 @@ on:
3434
AZURE_EXISTING_AI_PROJECT_RESOURCE_ID:
3535
required: false
3636
type: string
37-
secrets:
38-
AZURE_CLIENT_ID:
39-
required: true
40-
AZURE_CLIENT_SECRET:
41-
required: true
42-
AZURE_TENANT_ID:
43-
required: true
44-
AZURE_SUBSCRIPTION_ID:
45-
required: true
46-
ACR_TEST_LOGIN_SERVER:
47-
required: true
48-
AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID:
49-
required: false
50-
AZURE_ENV_FOUNDRY_PROJECT_ID:
51-
required: false
5237
outputs:
5338
CONTAINER_WEB_APPURL:
5439
description: "Container Web App URL"

.github/workflows/job-deploy.yml

Lines changed: 2 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -66,21 +66,6 @@ on:
6666
required: false
6767
default: ''
6868
type: string
69-
secrets:
70-
AZURE_CLIENT_ID:
71-
required: true
72-
AZURE_CLIENT_SECRET:
73-
required: true
74-
AZURE_TENANT_ID:
75-
required: true
76-
AZURE_SUBSCRIPTION_ID:
77-
required: true
78-
ACR_TEST_LOGIN_SERVER:
79-
required: true
80-
AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID:
81-
required: false
82-
AZURE_ENV_FOUNDRY_PROJECT_ID:
83-
required: false
8469
outputs:
8570
RESOURCE_GROUP_NAME:
8671
description: "Resource Group Name"
@@ -359,14 +344,7 @@ jobs:
359344
WAF_ENABLED: ${{ inputs.waf_enabled == true && 'true' || 'false' }}
360345
AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID: ${{ inputs.AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID }}
361346
AZURE_EXISTING_AI_PROJECT_RESOURCE_ID: ${{ inputs.AZURE_EXISTING_AI_PROJECT_RESOURCE_ID }}
362-
secrets:
363-
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
364-
AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}
365-
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
366-
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
367-
ACR_TEST_LOGIN_SERVER: ${{ secrets.ACR_TEST_LOGIN_SERVER }}
368-
AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID: ${{ secrets.AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID }}
369-
AZURE_ENV_FOUNDRY_PROJECT_ID: ${{ secrets.AZURE_ENV_FOUNDRY_PROJECT_ID }}
347+
secrets: inherit
370348

371349
deploy-windows:
372350
name: Deploy on Windows
@@ -384,11 +362,4 @@ jobs:
384362
WAF_ENABLED: ${{ inputs.waf_enabled == true && 'true' || 'false' }}
385363
AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID: ${{ inputs.AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID }}
386364
AZURE_EXISTING_AI_PROJECT_RESOURCE_ID: ${{ inputs.AZURE_EXISTING_AI_PROJECT_RESOURCE_ID }}
387-
secrets:
388-
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
389-
AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}
390-
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
391-
AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
392-
ACR_TEST_LOGIN_SERVER: ${{ secrets.ACR_TEST_LOGIN_SERVER }}
393-
AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID: ${{ secrets.AZURE_ENV_LOG_ANALYTICS_WORKSPACE_ID }}
394-
AZURE_ENV_FOUNDRY_PROJECT_ID: ${{ secrets.AZURE_ENV_FOUNDRY_PROJECT_ID }}
365+
secrets: inherit

.github/workflows/job-docker-build.yml

Lines changed: 0 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -12,13 +12,6 @@ on:
1212
required: false
1313
default: false
1414
type: boolean
15-
secrets:
16-
ACR_TEST_LOGIN_SERVER:
17-
required: true
18-
ACR_TEST_USERNAME:
19-
required: true
20-
ACR_TEST_PASSWORD:
21-
required: true
2215
outputs:
2316
IMAGE_TAG:
2417
description: "Generated Docker Image Tag"

.github/workflows/job-send-notification.yml

Lines changed: 0 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -60,9 +60,6 @@ on:
6060
required: false
6161
default: ''
6262
type: string
63-
secrets:
64-
EMAILNOTIFICATION_LOGICAPP_URL_TA:
65-
required: false
6663

6764
env:
6865
GPT_MIN_CAPACITY: 100

.github/workflows/test-automation-v2.yml

Lines changed: 0 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -12,10 +12,6 @@ on:
1212
type: string
1313
default: "GoldenPath-Testing"
1414
description: "Test suite to run: 'Smoke-Testing', 'GoldenPath-Testing' "
15-
secrets:
16-
EMAILNOTIFICATION_LOGICAPP_URL_TA:
17-
required: false
18-
description: "Logic App URL for email notifications"
1915
outputs:
2016
TEST_SUCCESS:
2117
description: "Whether tests passed"

0 commit comments

Comments
 (0)