convert to use oidc as e2e testing authentication method

2024-09-12 14:54:01 +08:00 · 2024-09-12 14:54:01 +08:00 · 07093a38f1
commit 07093a38f1
parent 76d27fa498
1 changed files with 9 additions and 8 deletions
--- a/.github/workflows/e2e.yaml
+++ b/.github/workflows/e2e.yaml
@ -1,6 +1,6 @@
 name: E2E Test Check
 on:
-  pull_request:
+  pull_request_target:
    types: ['opened', 'synchronize']
    paths:
      - '.github/**'
@ -11,9 +11,13 @@ permissions:

 jobs:
  e2e-check:
-    runs-on: [self-hosted, 1ES.Pool=terraform-azurerm-doc]
+    runs-on: ubuntu-latest
    environment:
      name: acctests
+    env:
+      ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+      ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
+      ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
    steps:
      - name: checkout
        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 #v3.6.0
@ -31,12 +35,9 @@ jobs:
          ALL_CHANGED_FILES: ${{ steps.changed-files.outputs.all_changed_files }}
        run: |
          echo "change files" $ALL_CHANGED_FILES
-          az login --identity --username $MSI_ID > /dev/null
-          export ARM_SUBSCRIPTION_ID=$(az login --identity --username $MSI_ID | jq -r '.[0] | .id')
-          export ARM_TENANT_ID=$(az login --identity --username $MSI_ID | jq -r '.[0] | .tenantId')
-          ARM_CLIENT_ID=$(az identity list | jq -r --arg MSI_ID "$MSI_ID" '.[] | select(.principalId == $MSI_ID) | .clientId')
-          export CHANGED_FOLDERS="${{ steps.changed-files.outputs.all_changed_files }}"
-          docker run --rm -v $(pwd):/src -w /src/test --network=host -e MSI_ID -e ARM_SUBSCRIPTION_ID -e ARM_TENANT_ID -e ARM_CLIENT_ID -e ARM_USE_MSI=true -e CHANGED_FOLDERS mcr.microsoft.com/azterraform:latest sh -c "pkenv install 1.10.2 && go mod tidy && go test -timeout=360m -v ./e2e"
+          export ARM_OIDC_REQUEST_TOKEN=$ACTIONS_ID_TOKEN_REQUEST_TOKEN
+          export ARM_OIDC_REQUEST_URL=$ACTIONS_ID_TOKEN_REQUEST_URL
+          docker run --rm -v $(pwd):/src -w /src/test --network=host -e ARM_SUBSCRIPTION_ID -e ARM_TENANT_ID -e ARM_CLIENT_ID -e ARM_OIDC_REQUEST_TOKEN -e ARM_OIDC_REQUEST_URL -e ARM_USE_OIDC=true -e CHANGED_FOLDERS mcr.microsoft.com/azterraform:latest sh -c "pkenv install 1.10.2 && go mod tidy && go test -timeout=360m -v ./e2e"
      - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 #v3.1.3
        with:
          name: TestRecord-${{ github.event.number }}