From d1863284328fcb4ba73c0d94d473f91c9d94f5aa Mon Sep 17 00:00:00 2001
From: adreed-msft <49764384+adreed-msft@users.noreply.github.com>
Date: Wed, 12 Jun 2024 16:40:02 -0700
Subject: [PATCH] Update M1 build to use OAuth (#2698)

* Update M1 build to use OAuth

* Update build_m1.yml

* Update build_m1.yml

* Update build_m1.yml

* Update build_m1.yml

---------

Co-authored-by: Gauri Lamunion <51212198+gapra-msft@users.noreply.github.com>
---
 .github/workflows/build_m1.yml | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/build_m1.yml b/.github/workflows/build_m1.yml
index db63c3168..0d65bfe1c 100644
--- a/.github/workflows/build_m1.yml
+++ b/.github/workflows/build_m1.yml
@@ -7,14 +7,18 @@ on:
   workflow_dispatch:
     inputs:
       m1_url:
-        description: 'URL with SAS to upload M1 build'
+        description: 'Target object in storage without SAS'
         required: true
         type: string
 
-jobs:
+permissions:
+  id-token: write
+  contents: read
 
+jobs:
   build:
     runs-on: macos-14
+    environment: Release
     steps:
       - uses: actions/checkout@v3
 
@@ -26,5 +30,12 @@ jobs:
       - name: Build
         run: CGO_ENABLED=1 go build -o azcopy_darwin_arm64
 
+      - name: Azure Login
+        uses: Azure/login@v2.1.0
+        with:
+          client-id: ${{ secrets.AZURE_CLIENT_ID }}
+          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+                
       - name: Upload to AzCopy to M1 container
-        run: ./azcopy_darwin_arm64 copy "azcopy_darwin_arm64" "${{ inputs.m1_url }}"
+        run: AZCOPY_AUTO_LOGIN_TYPE=AzCLI ./azcopy_darwin_arm64 copy "azcopy_darwin_arm64" "${{ inputs.m1_url }}"