Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Migrate stress cluster to use workload identity #8278

Merged
merged 4 commits into from
May 23, 2024
Merged

Migrate stress cluster to use workload identity #8278

merged 4 commits into from
May 23, 2024

Conversation

benbp
Copy link
Member

@benbp benbp commented May 15, 2024
edited
Loading

Notes TBD, a couple more edits need to be made (docs, test updates, and some more config deletion). Then I will publish out of draft.

@benbp benbp requested a review from weshaggard May 15, 2024 23:57
@benbp benbp self-assigned this May 15, 2024
@benbp benbp added the Central-EngSys This issue is owned by the Engineering System team. label May 15, 2024
@azure-sdk
Copy link
Collaborator

The following pipelines have been queued for testing:
java - template
java - template - tests
js - template
net - template
net - template - tests
python - template
python - template - tests
You can sign off on the approval gate to test the release stage of each pipeline.
See eng/common workflow

@benbp benbp marked this pull request as ready for review May 23, 2024 15:49
@azure-sdk
Copy link
Collaborator

The following pipelines have been queued for testing:
java - template
java - template - tests
js - template
net - template
net - template - tests
python - template
python - template - tests
You can sign off on the approval gate to test the release stage of each pipeline.
See eng/common workflow

@azure-sdk
Copy link
Collaborator

The following pipelines have been queued for testing:
java - template
java - template - tests
js - template
net - template
net - template - tests
python - template
python - template - tests
You can sign off on the approval gate to test the release stage of each pipeline.
See eng/common workflow

@azure-sdk
Copy link
Collaborator

The following pipelines have been queued for testing:
java - template
java - template - tests
js - template
net - template
net - template - tests
python - template
python - template - tests
You can sign off on the approval gate to test the release stage of each pipeline.
See eng/common workflow

This was referenced May 23, 2024
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Merged
Merged
@benbp benbp requested a review from weshaggard May 23, 2024 16:54
weshaggard
weshaggard reviewed May 23, 2024
View reviewed changes
tools/stress-cluster/cluster/kubernetes/stress-infrastructure/templates/stresswatcher.yaml
command: ["sh", "-c"]
args:
- >
az login --federated-token "$(cat $AZURE_FEDERATED_TOKEN_FILE)" --service-principal -u $AZURE_CLIENT_ID -t $AZURE_TENANT_ID;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is using a file the only real way to share this token?

Copy link
Member Author

@benbp benbp May 23, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@weshaggard The file is the implementation method used by AKS for federated auth, so unfortunately yes.

weshaggard
weshaggard approved these changes May 23, 2024
View reviewed changes
Copy link
Member

@weshaggard weshaggard left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Did a quick scan and things look reasonable.

azure-sdk added a commit to Azure/azure-sdk-for-js that referenced this pull request May 23, 2024
@azure-sdk @benbp
Sync eng/common directory with azure-sdk-tools for PR 8278 (#29790)
9d9f047 
Sync eng/common directory with azure-sdk-tools for PR
Azure/azure-sdk-tools#8278 See [eng/common
workflow](https://github.com/Azure/azure-sdk-tools/blob/main/eng/common/README.md#workflow)

---------

Co-authored-by: Ben Broderick Phillips <[email protected]>
@benbp benbp merged commit 69fcb1d into Azure:main May 23, 2024
24 checks passed
@benbp benbp deleted the benbp/stress-workload-identity branch May 23, 2024 17:52
@benbp benbp mentioned this pull request Jul 9, 2024
Merged
@maorleger maorleger mentioned this pull request Feb 4, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@weshaggard weshaggard weshaggard approved these changes

@ckairen ckairen Awaiting requested review from ckairen ckairen is a code owner

@richardpark-msft richardpark-msft Awaiting requested review from richardpark-msft richardpark-msft is a code owner

Assignees

@benbp benbp

Labels
Central-EngSys This issue is owned by the Engineering System team.
Projects
Azure SDK EngSys 🤖🧠
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@benbp @azure-sdk @weshaggard