dependencies: update go-azure-sdk to v0.20250131.1134653 #1635

magodo · 2025-02-04T02:42:45Z

Update the go-azure-sdk to v0.20250131.1134653, with a couple of fixes below:

Provider config: The GtihubOIDCRequest(URL|Token) fields in the sdk has been renamed to removing the Github prefix.

Meanwhile, this PR, as its azurerm counterpart, exposes the ADO OIDC changes to the users:

Add a new provider property: ado_pipeline_service_connection_id
Extends the env var for the provider property oidc_request_token, to include SYSTEM_ACCESSTOKEN
Extends the env var for the provider property oidc_request_url, to include SYSTEM_OIDCREQUESTURI

Test

Github Action

name: terraform-provider-azuread OIDC test
on: [workflow_dispatch]

permissions:
  id-token: write
  contents: read
jobs:
  build-and-deploy:
    runs-on: ubuntu-latest
    steps:
      - name: 'Checkout terraform-provider-azuread repo'
        uses: actions/checkout@v4
        with:
          repository: 'magodo/terraform-provider-azuread'
          ref: 'sdk_v0.20250131.1134653'
      - name: 'Setup Go'
        uses: actions/setup-go@v5
        with:
          go-version: '1.23'

      - name: 'Unit Test'
        run: |
          export TF_ACC=1
          export ARM_SUBSCRIPTION_ID=${{ secrets.AZURE_SUBSCRIPTION_ID }}
          export ARM_TENANT_ID=${{ secrets.AZURE_TENANT_ID }}
          export ARM_CLIENT_ID=${{ secrets.AZURE_CLIENT_ID }}
          go test -v -run="TestAccProvider_githubOidcAuth" ./internal/provider

      - name: 'E2E Test'
        run: |
          # Install provider
          go install 
          # Install terraform-client-import
          go install github.com/magodo/terraform-client-go/cmd/terraform-client-import@main

          # Import a RG
          export ARM_SUBSCRIPTION_ID=${{ secrets.AZURE_SUBSCRIPTION_ID }}
          export ARM_TENANT_ID=${{ secrets.AZURE_TENANT_ID }}
          export ARM_CLIENT_ID=${{ secrets.AZURE_CLIENT_ID }}
          export ARM_PROVIDER_ENHANCED_VALIDATION=1
          export ARM_RESOURCE_PROVIDER_REGISTRATIONS=none
          export ARM_USE_OIDC=true
          export APP_ID=${{ secrets.AAD_APP_OBJECT_ID }}
          ~/go/bin/terraform-client-import -type azuread_application -id /applications/${APP_ID} -path ~/go/bin/terraform-provider-azuread

ADO Pipeline

trigger: 
 - none

pool:
   vmImage: 'ubuntu-latest'

resources:
  repositories:
    - repository: terraform-provider-azuread
      type: github
      endpoint: magodo-pat-read-public-repo
      name: magodo/terraform-provider-azuread
      ref: sdk_v0.20250131.1134653

steps: 
- task: GoTool@0
  inputs:
    version: '1.23.3'

- checkout: terraform-provider-azuread

- task: AzureCLI@2
  inputs:
    azureSubscription: $(CONNECTION_ID)
    scriptType: bash
    scriptLocation: "inlineScript"
    inlineScript: |
      set -e

      # Unit Test
      go test -v -run="TestAccProvider_adoOidcAuth" ./internal/provider

      # E2E Test
      go install 
      go install github.com/magodo/terraform-client-go/cmd/terraform-client-import@main

      ~/go/bin/terraform-client-import -type azuread_application -id /applications/${APP_ID} -path ~/go/bin/terraform-provider-azuread

  env:
    TF_ACC: 1
    APP_ID: $(AAD_APP_OBJECT_ID)
    ARM_SUBSCRIPTION_ID: $(AZURE_SUBSCRIPTION_ID)
    ARM_TENANT_ID: $(AZURE_TENANT_ID)
    ARM_CLIENT_ID: $(AZURE_CLIENT_ID) 
    ARM_ADO_PIPELINE_SERVICE_CONNECTION_ID: $(CONNECTION_ID)
    SYSTEM_ACCESSTOKEN: $(System.AccessToken)
    SYSTEM_OIDCREQUESTURI: $(System.OidcRequestUri)
    ARM_PROVIDER_ENHANCED_VALIDATION: 1
    ARM_RESOURCE_PROVIDER_REGISTRATIONS: none
    ARM_USE_OIDC: true
    ARM_USE_CLI: false # Not necessary, just in case

jackofallops

Thanks @magodo - LGTM 👍

* Update CHANGELOG.md for #1664 #1567 * Update CHANGELOG.md for #1666 * Update CHANGELOG.md for #1635 * Update CHANGELOG.md for #1623 * prep for release --------- Co-authored-by: Wyatt Fry <[email protected]>

dependencies: update go-azure-sdk to v0.20250131.1134653

08af009

magodo requested a review from a team as a code owner February 4, 2025 02:42

github-actions bot added dependencies size/XL labels Feb 4, 2025

Expose the properties via provider config

1cefb94

magodo mentioned this pull request Feb 6, 2025

Enhancement Request: azurerm backend OIDC (Workload Identity federation) authentication support for token refresh hashicorp/terraform#35664

Closed

Update documents

39ee1d6

github-actions bot added the documentation label Feb 6, 2025

jackofallops approved these changes Mar 20, 2025

View reviewed changes

jackofallops merged commit 945feb8 into hashicorp:main Mar 20, 2025
28 checks passed

jackofallops added a commit that referenced this pull request Mar 20, 2025

Update CHANGELOG.md for #1635

099c04c

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

dependencies: update go-azure-sdk to v0.20250131.1134653 #1635

dependencies: update go-azure-sdk to v0.20250131.1134653 #1635

Uh oh!

magodo commented Feb 4, 2025 •

edited

Loading

Uh oh!

jackofallops left a comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

dependencies: update go-azure-sdk to v0.20250131.1134653 #1635

dependencies: update go-azure-sdk to v0.20250131.1134653 #1635

Uh oh!

Conversation

magodo commented Feb 4, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Test

Github Action

ADO Pipeline

Uh oh!

jackofallops left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

magodo commented Feb 4, 2025 •

edited

Loading