fix the warnings in CI pipeline#183
Open
hippogr wants to merge 9 commits into
Open
Conversation
Local auth (username/password) has been disabled on the ACR registry. Switch CI to use managed identity with az acr login instead. Co-Authored-By: Claude Opus 4 <noreply@anthropic.com>
Contributor
There was a problem hiding this comment.
Pull request overview
This PR updates the CI image-push flow to authenticate to Azure Container Registry (ACR) using an Azure managed identity (to align with ACR local auth being disabled).
Changes:
- Update
pai_build.pyto clear docker username/password when a managed identity is provided. - Update the CI workflow to
az login --identityand pass--managed-identity-idto the push command.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| build/pai_build.py | Clears docker username/password when managed identity is provided for registry auth. |
| .github/workflows/build-deploy-changes.yaml | Logs in with managed identity and passes the managed identity client ID into the image push step. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
This comment will be reverted after CI verification. Co-Authored-By: Claude Opus 4 <noreply@anthropic.com>
To inspect current config structure before updating managed identity. Will be reverted after verification. Co-Authored-By: Claude Opus 4 <noreply@anthropic.com>
…y in config Removed debug steps, CLI --managed-identity-id override, and test trigger. ACR auth now uses managed-identity-id from config secret. Co-Authored-By: Claude Opus 4 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4 <noreply@anthropic.com>
Will be reverted after verification. Co-Authored-By: Claude Opus 4 <noreply@anthropic.com>
…dentity - Remove explicit az login step before ACR push (docker_login handles it via managed-identity-id from config) - Restore pai_build.py to original state - Add shell: bash for GHCR push step to fix [[ syntax - Keep watchdog trigger for CI verification Co-Authored-By: Claude Opus 4 <noreply@anthropic.com>
- Upgrade actions/checkout@v4 to @v5 for Node.js 24 compatibility - Add shell: bash to steps using [[ ]] syntax - Fix "is" string comparison to == in machine.py - Fix invalid escape sequence in pai_version.py Co-Authored-By: Claude Opus 4 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4 <noreply@anthropic.com>
hippogr
changed the title
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fix the warnings during the build and deploy process in CI pipeline