Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update actions: Use token based authentication #1111

Merged
merged 1 commit into from
Jul 8, 2024
Merged

Update actions: Use token based authentication #1111

merged 1 commit into from
Jul 8, 2024

Conversation

samruddhikhandale
Copy link
Member

Switch az login authentication from Service Principal mechanism to token based mechanism.

Ref: https://learn.microsoft.com/en-us/azure/container-registry/container-registry-repository-scoped-permissions

@samruddhikhandale samruddhikhandale requested a review from a team as a code owner July 5, 2024 19:33
chrmarti
chrmarti approved these changes Jul 8, 2024
View reviewed changes
Copy link
Contributor

@chrmarti chrmarti left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

Are we using the ACR to let MCR pull from it or something similar? Would GHCR work instead?

.github/workflows/version-history.yml Show resolved Hide resolved
.github/workflows/push-again.yml Show resolved Hide resolved
@samruddhikhandale
Copy link
Member Author

Are we using the ACR to let MCR pull from it or something similar? Would GHCR work instead?

@chrmarti Currently, we haven't changed the tenant but only switched the auth mechanism. So it will continue similarly as before (we push to ACR which auto pushes to MCR)

Would GHCR work instead?

Won't we need to push our images to GHCR for that to work? 🤔 I don't think we'd do that as the images would break.

@chrmarti
Copy link
Contributor

chrmarti commented Jul 8, 2024

Would GHCR work instead?

Won't we need to push our images to GHCR for that to work? 🤔 I don't think we'd do that as the images would break.

I guess we can't use GHCR to push to MCR? That would avoid the need for the ACR credentials and the GitHub workflows can easily be given access to their repository's namespace in GHCR.

But this would be longer term. I agree with the approach taken here. 👍

@samruddhikhandale
Copy link
Member Author

Would GHCR work instead?

Won't we need to push our images to GHCR for that to work? 🤔 I don't think we'd do that as the images would break.

I guess we can't use GHCR to push to MCR? That would avoid the need for the ACR credentials and the GitHub workflows can easily be given access to their repository's namespace in GHCR.

But this would be longer term. I agree with the approach taken here. 👍

Ah, got it. When I get to researching the moving of tenants task, I can see if this is even possible. Thanks for the info here.

@samruddhikhandale samruddhikhandale merged commit a40cd7f into main Jul 8, 2024
1 of 2 checks passed
@samruddhikhandale samruddhikhandale deleted the samruddhikhandale/update-publishing branch July 8, 2024 20:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chrmarti chrmarti chrmarti approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@samruddhikhandale @chrmarti