This message was deleted.
# azures
sparse-intern-71089
08/23/2022, 10:31 AMThis message was deleted.
d
damp-honey-93158
08/29/2022, 11:52 AMHi - we use the current az cli credentials during dev, and split out the AZURE_SUBSCRIPTION parts during pipeline runs. The key is that our pulumi config never specifies any client/secret/tenant credentials.
This in turn means all our devs require an az cli login, which makes sense for us - YMMV.
Is that what you meant? Happy to provide more details should you need it.
s
swift-apple-26877
09/06/2022, 10:40 AMThanks for the response John
Usually when I do GitHib Action deploys to Azure I can use the "Azure/Login" step to verifiy access
swift-apple-26877
09/06/2022, 10:44 AMThis uses a secret stored in GitHub Actions called "AZURE_CREDENTIALS" which contains the values of the "clientId", "clientSecret", "subscriptionId" and "tenantId"
It is saved this like:
{
"clientId": "xxx",
"clientSecret": "xxx",
"subscriptionId": "xxx",
"tenantId": "xxx"
}
I was just wondering if we could use the same approach in our pulumi yml for GitHub Actions
Right now I see it works by individually setting variables/secrets for those, but it might save time and space to have one "AZURE_CREDENTIALS" variable that uses the "Azure/Login" instead
swift-apple-26877
09/06/2022, 10:44 AMSo effectively this:
swift-apple-26877
09/06/2022, 10:45 AMWould become this:
swift-apple-26877
09/30/2022, 1:38 PM@happy-parrot-60128 FYI
h
happy-parrot-60128
09/30/2022, 4:54 PM14 Views