docs: Add Azure authentication provider documentation#2132
Merged
Conversation
Azure auth is fully implemented (device code, OIDC, CLI) but was missing from the configuration reference pages. This makes Azure auth discoverable alongside AWS and GCP. Added: - Three Azure provider sections (device code, OIDC, CLI) with full parameter reference to providers.mdx - GitHub Actions workflow example for Azure OIDC - Azure providers in the multi-cloud "Multiple Providers" example - Links to Azure Authentication tutorial from all auth pages - Azure auth methods to stacks/auth.mdx Use Cases and Related sections Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Dependency Review✅ No vulnerabilities or license issues found.Scanned FilesNone |
Contributor
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review infoConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Disabled knowledge base sources:
📒 Files selected for processing (3)
🚧 Files skipped from review as they are similar to previous changes (1)
📝 WalkthroughWalkthroughExpands documentation for Azure and GCP auth, adds multi‑cloud design-pattern and intro pages plus a blog post, updates homepage with cloud logos, and implements a draggable, persisted docs sidebar (React component + CSS). Mostly docs and frontend UI additions. Changes
Sequence Diagram(s)Estimated code review effort🎯 4 (Complex) | ⏱️ ~45 minutes Possibly related PRs
Suggested reviewers
🚥 Pre-merge checks | ✅ 2 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (2 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Actionable comments posted: 1
🧹 Nitpick comments (1)
website/docs/stacks/auth.mdx (1)
86-86: Unify auth kind examples within this page.Line 86 and Line 139 use slash-style kinds, while other examples in this same page still use legacy forms like
aws-sso/aws. Consider normalizing to one style (or explicitly noting aliases) to avoid mixed guidance.As per coding guidelines: “Update website documentation ... ensure consistency ... and follow the website's documentation structure and style.”
Also applies to: 139-139
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@website/docs/stacks/auth.mdx` at line 86, Normalize the auth provider "kind" examples in this doc by replacing legacy forms with the unified slash-style or adding explicit alias notes; specifically change occurrences of legacy kinds like `aws-sso` and `aws` to the slash-style `aws/iam-identity-center` (or add a parenthetical alias mapping), and ensure examples using `azure/device-code`, `azure/oidc`, `azure/cli`, `gcp/adc`, and `gcp/workload-identity-federation` are consistent across the page (e.g., in the blocks that currently show `aws-sso`/`aws` and the blocks showing slash-style), updating any adjacent prose to mention accepted aliases if you retain backwards compatibility.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@website/docs/cli/configuration/auth/providers.mdx`:
- Line 349: Replace the incorrect product name "Azure KeyVault" with the
official name "Azure Key Vault" in the sentence that currently reads "Atmos
acquires tokens for Azure Resource Manager, Microsoft Graph, and Azure KeyVault"
(search for the exact string "Azure KeyVault" in the document to locate it).
---
Nitpick comments:
In `@website/docs/stacks/auth.mdx`:
- Line 86: Normalize the auth provider "kind" examples in this doc by replacing
legacy forms with the unified slash-style or adding explicit alias notes;
specifically change occurrences of legacy kinds like `aws-sso` and `aws` to the
slash-style `aws/iam-identity-center` (or add a parenthetical alias mapping),
and ensure examples using `azure/device-code`, `azure/oidc`, `azure/cli`,
`gcp/adc`, and `gcp/workload-identity-federation` are consistent across the page
(e.g., in the blocks that currently show `aws-sso`/`aws` and the blocks showing
slash-style), updating any adjacent prose to mention accepted aliases if you
retain backwards compatibility.
ℹ️ Review info
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
Disabled knowledge base sources:
- Linear integration is disabled
You can enable these sources in your CodeRabbit configuration.
📒 Files selected for processing (3)
website/docs/cli/configuration/auth/index.mdxwebsite/docs/cli/configuration/auth/providers.mdxwebsite/docs/stacks/auth.mdx
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #2132 +/- ##
==========================================
+ Coverage 76.56% 76.58% +0.01%
==========================================
Files 832 832
Lines 79500 79500
==========================================
+ Hits 60873 60885 +12
+ Misses 14832 14820 -12
Partials 3795 3795
Flags with carried forward coverage won't be shown. Click here to find out more. 🚀 New features to boost your workflow:
|
…os to hero - Reorganize providers.mdx and identities.mdx with AWS/Azure/GCP tabs - Update auth usage page to list all cloud providers and identity types - Add cloud provider logos (AWS, Azure, GCP) to landing page hero section - Fix broken anchor in user/configure.mdx after tab restructure - Replace AWS-only language with cloud-agnostic wording throughout Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
… sidebar, and cloud logos Add two new stack organization design patterns: - Multi-Cloud Configuration: organize stacks using cloud-native terminology (AWS accounts, Azure subscriptions, GCP projects) with per-cloud examples - Application SDLC Environments: minimal flat structure for app repos that co-locate infrastructure alongside application code Update multi-cloud overview page with design pattern links, add cloud logos to landing page hero, implement draggable sidebar with localStorage persistence, and add blog post announcing the documentation updates. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
github-actions
bot
added
size/xl
|
Warning This PR exceeds the recommended limit of 1,000 lines.Large PRs are difficult to review and may be rejected due to their size. Please verify that this PR does not address multiple issues. |
osterman
added
the
no-release
Use the official "Azure Key Vault" name (with space) instead of "Azure KeyVault". Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
…ttern Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Contributor
There was a problem hiding this comment.
Actionable comments posted: 4
🧹 Nitpick comments (1)
website/src/css/landing-page.css (1)
150-156: Consider mobile-safe wrapping for the cloud logo row.With
gap: 3.5rem, this row can feel cramped on narrower widths. Adding a small-screen gap override andflex-wrapwould make it more robust.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@website/src/css/landing-page.css` around lines 150 - 156, The .hero__cloud-logos flex row should allow wrapping and reduce spacing on small screens: update the .hero__cloud-logos rules to add flex-wrap: wrap and adjust gap for narrow viewports (e.g., via a small-screen media query targeting .hero__cloud-logos to set a smaller gap like 1rem or 1.5rem) so logos don’t get cramped on mobile while preserving the larger gap on desktop.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@website/docs/design-patterns/stack-organization/application-sdlc.mdx`:
- Around line 66-67: Replace uses of `_default.yaml` with the convention
`_defaults.yaml` and update the example stack-discovery/exclusion pattern so
`_defaults.yaml` is explicitly excluded from being treated as a normal stack;
specifically, change every `_default.yaml` occurrence to `_defaults.yaml` in
application-sdlc.mdx and show the discovery config or glob (the stack discovery
list shown near the tree entries) that ignores files named `_defaults.yaml` so
shared defaults are inherited but not listed as stacks. Ensure you update all
repeated occurrences mentioned in the review (the other similar tree examples)
so the doc consistently uses `_defaults.yaml` and demonstrates excluding it from
stack discovery.
In
`@website/docs/design-patterns/stack-organization/multi-cloud-configuration.mdx`:
- Around line 357-362: The table row for "Isolation boundary" currently maps
Azure to "Resource Group" which is incorrect; update the Azure cell in that row
from "Resource Group" to "Subscription" so it matches the page explanation and
common Azure modeling (i.e., change the value in the "Isolation boundary" row
for the Azure column to "Subscription" in the Markdown table shown).
In `@website/src/components/SidebarResizeHandler/index.tsx`:
- Around line 71-81: The cleanup may run while a drag is active and currently
only onMouseUp removes the global "sidebar-resizing" state, so ensure
cleanupRef.current (and the returned unmount handler) always clears resizing
state: in the cleanup branch removeEventListener for
onMouseDown/onMouseMove/onMouseUp as already done and also explicitly remove the
"sidebar-resizing" class from the sidebar element (and reset any global styles
like document.body.style.userSelect or cursor if you set them during drag) so
that if unmount/route change happens mid-drag the UI is not left in resize mode;
update the cleanup logic located around cleanupRef/current and the return
cleanup to perform these additional resets alongside the listener removals.
In `@website/src/css/landing-page.css`:
- Around line 177-195: The cloud CTA is too faint; update the CSS for
html[data-theme="dark"] .hero__cloud-logos svg and .hero__cloud-logo span and
their html[data-theme="light"] counterparts to increase baseline visibility
(e.g., raise opacity from 0.1–0.15 to around 0.5 and ensure fill/color remains
legible), add explicit :hover and :focus states on .hero__cloud-logos svg and
.hero__cloud-logo span to set opacity to 1 and slightly increase fill/color
contrast on interaction, and include a short transition on opacity/fill so the
hover/focus change is smooth; make these changes referencing the existing
selectors (.hero__cloud-logos, .hero__cloud-logo, html[data-theme="dark"],
html[data-theme="light"]) so the new rules override the current faint values.
---
Nitpick comments:
In `@website/src/css/landing-page.css`:
- Around line 150-156: The .hero__cloud-logos flex row should allow wrapping and
reduce spacing on small screens: update the .hero__cloud-logos rules to add
flex-wrap: wrap and adjust gap for narrow viewports (e.g., via a small-screen
media query targeting .hero__cloud-logos to set a smaller gap like 1rem or
1.5rem) so logos don’t get cramped on mobile while preserving the larger gap on
desktop.
ℹ️ Review info
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
Disabled knowledge base sources:
- Linear integration is disabled
You can enable these sources in your CodeRabbit configuration.
📒 Files selected for processing (14)
website/blog/2026-03-03-multi-cloud-docs.mdxwebsite/docs/cli/commands/auth/usage.mdxwebsite/docs/cli/commands/auth/user/configure.mdxwebsite/docs/cli/configuration/auth/identities.mdxwebsite/docs/cli/configuration/auth/providers.mdxwebsite/docs/design-patterns/stack-organization/application-sdlc.mdxwebsite/docs/design-patterns/stack-organization/index.mdxwebsite/docs/design-patterns/stack-organization/multi-cloud-configuration.mdxwebsite/docs/intro/multi-cloud.mdxwebsite/src/components/SidebarResizeHandler/index.tsxwebsite/src/css/custom.csswebsite/src/css/landing-page.csswebsite/src/pages/index.jswebsite/src/theme/Root.tsx
✅ Files skipped from review due to trivial changes (2)
- website/docs/intro/multi-cloud.mdx
- website/docs/cli/commands/auth/user/configure.mdx
website/docs/design-patterns/stack-organization/application-sdlc.mdx
Outdated
Show resolved
Hide resolved
website/docs/design-patterns/stack-organization/multi-cloud-configuration.mdx
Show resolved
Hide resolved
…fixes Fix collapsed sidebar causing content to wrap below viewport on laptop screens. When the blog sidebar is collapsed, the main column lacked `min-width: 0`, allowing wide content to trigger Infima's `flex-wrap: wrap` and push content off-screen. Also remove overly broad `.thin-scrollbar` from TOC min-width rule. Additional fixes: - Use `_defaults.yaml` instead of deprecated `_default.yaml` in SDLC pattern - Fix Azure isolation boundary terminology (Subscription, not Resource Group) - Increase cloud logo opacity and add hover/focus states - Fix sidebar resize handler cleanup (reset dragging state, remove class) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Contributor
There was a problem hiding this comment.
Actionable comments posted: 3
🧹 Nitpick comments (1)
website/src/css/landing-page.css (1)
197-202: Optional polish: add a short opacity transition.A small transition will make hover/focus state changes feel less abrupt.
🎨 Suggested tweak
+.hero__cloud-logos svg, +.hero__cloud-logo span { + transition: opacity 160ms ease; +}🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@website/src/css/landing-page.css` around lines 197 - 202, Add a short opacity transition to smooth the hover/focus change for the cloud logos by updating the CSS for the hero__cloud-logos (and/or .hero__cloud-logo) selectors so they include a transition like transition: opacity 150ms ease-in-out; (apply on the base state, not only :hover/:focus-visible) so the existing rules for .hero__cloud-logos:hover svg, .hero__cloud-logos:hover .hero__cloud-logo span, .hero__cloud-logos:focus-visible svg, and .hero__cloud-logos:focus-visible .hero__cloud-logo span will animate smoothly.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In
`@website/docs/design-patterns/stack-organization/multi-cloud-configuration.mdx`:
- Around line 357-361: The table's Azure mapping for the "Grouping / business
unit" row is incorrect: change the Azure column value from "Subscription" to
"Management Group" so it aligns with the earlier explanation in the doc and
avoids conflicting guidance with the "Isolation boundary" row (which should
remain "Subscription"); update the table cell in the row labeled "Grouping /
business unit" accordingly.
In `@website/src/components/SidebarResizeHandler/index.tsx`:
- Around line 61-65: The code currently parses the CSS var value and may write
"NaN" into localStorage; change the logic around
getComputedStyle(...).getPropertyValue('--doc-sidebar-width') so you parse the
value into a number (e.g., const width = parseInt(current, 10)) and only call
localStorage.setItem(STORAGE_KEY, width.toString()) when width is a valid finite
number (use Number.isFinite or !Number.isNaN(width)); otherwise skip storing or
use a safe default value. Ensure this guard is applied in the same function
handling the resize (the block that reads --doc-sidebar-width and writes
STORAGE_KEY).
In `@website/src/css/custom.css`:
- Around line 1064-1105: The resizable sidebar visuals lack the actual width
binding; add a CSS rule that applies the CSS variable --doc-sidebar-width to
.theme-doc-sidebar-container (e.g., set width: var(--doc-sidebar-width) and
sensible min/max widths and box-sizing) so when the drag updates
--doc-sidebar-width the sidebar actually resizes; update the selector
.theme-doc-sidebar-container (and optionally html.sidebar-resizing
.theme-doc-sidebar-container) to use that variable and ensure it overrides any
competing width rules.
---
Nitpick comments:
In `@website/src/css/landing-page.css`:
- Around line 197-202: Add a short opacity transition to smooth the hover/focus
change for the cloud logos by updating the CSS for the hero__cloud-logos (and/or
.hero__cloud-logo) selectors so they include a transition like transition:
opacity 150ms ease-in-out; (apply on the base state, not only
:hover/:focus-visible) so the existing rules for .hero__cloud-logos:hover svg,
.hero__cloud-logos:hover .hero__cloud-logo span,
.hero__cloud-logos:focus-visible svg, and .hero__cloud-logos:focus-visible
.hero__cloud-logo span will animate smoothly.
ℹ️ Review info
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
Disabled knowledge base sources:
- Linear integration is disabled
You can enable these sources in your CodeRabbit configuration.
📒 Files selected for processing (6)
website/docs/design-patterns/stack-organization/application-sdlc.mdxwebsite/docs/design-patterns/stack-organization/multi-cloud-configuration.mdxwebsite/src/components/SidebarResizeHandler/index.tsxwebsite/src/css/custom.csswebsite/src/css/landing-page.csswebsite/src/theme/BlogLayout/styles.module.css
website/docs/design-patterns/stack-organization/multi-cloud-configuration.mdx
Show resolved
Hide resolved
…idth binding Address CodeRabbit review feedback: - Fix Azure "Grouping / business unit" to use Management Group instead of Subscription - Guard against persisting NaN to localStorage in SidebarResizeHandler - Add missing CSS rule binding --doc-sidebar-width to sidebar container Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
aknysh
approved these changes
Mar 4, 2026
|
These changes were released in v1.208.1-test.0. |
goruha
added a commit
that referenced
this pull request
Mar 9, 2026
…raform-plan * osterman/native-ci-terraform: (28 commits) feat: Add source cache TTL for JIT-vendored components (#2138) feat: Per-target version overrides in vendor manifests (#2141) docs: Add PRD for browser-based auth in aws/user identity (#1887) docs: Add EKS kubeconfig authentication integration PRD (#1884) fix: correct marketplace.json schema and update docs with install/uninstall commands (#2142) fix: propagate auth to all YAML functions in multi-component execution (#2140) fix: Use atmos_component for source provisioner workdir paths (#2137) Fix identity prompts to respect --interactive flag (#2130) Increase PR size thresholds to accommodate AI-assisted development (#2136) docs: Add Azure authentication provider documentation (#2132) fix: propagate component-type level dependencies through stack processor (#2127) fix: Add retry and missing workflow step properties to all schema copies (#2113) Exclude unsupported windows/arm from goreleaser build matrix (#2133) Add AI Agent Skills for LLM-Powered Infrastructure Development (#2121) Fix: Convert toolchain paths to absolute in PATH to resolve exec.LookPath failures (#2095) Fix workdir collision for component instances sharing base component (#2093) fix(auth): propagate TTY state to subprocesses for SSO device flow in workflows (#2126) fix(security): prevent SSRF in GitHub OIDC token URL handling (CWE-918) (#2106) Fix #2112: add workflow_retry definition and retry property to workflow step schema (#2114) fix(auth): auto-detect GitHub Actions WIF with proper audience, host validation, and lazy GSM init (#2109) ...
|
These changes were released in v1.208.1-test.9. |
|
These changes were released in v1.208.1-test.10. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
what
Added comprehensive Azure authentication documentation to the authentication configuration reference pages:
why
Azure authentication is fully implemented in the codebase with a comprehensive 530-line tutorial, but it was completely missing from the configuration reference pages (
providers.mdx,index.mdx,stacks/auth.mdx). Customers navigating CLI Configuration > Auth > Providers would see AWS and GCP but zero Azure entries, making it appear undocumented. This fix surfaces the existing Azure implementation in the reference docs alongside other cloud providers.references
/tutorials/azure-authentication(530 lines, comprehensive)pkg/auth/providers/azure/andpkg/auth/cloud/azure/🤖 Generated with Claude Code
Summary by CodeRabbit
New Features
Documentation
Style