Skip to content

Use code snippets from managed identity credential samples in identity readme doc and fix minor generation issues #17142

Use code snippets from managed identity credential samples in identity readme doc and fix minor generation issues

Use code snippets from managed identity credential samples in identity readme doc and fix minor generation issues #17142

Workflow file for this run

name: GitHub Event Processor
on:
issues:
types: [edited, labeled, opened, reopened, unlabeled]
# issue_comment is used for both issues and pull_requests
# github.event.issue.pull_request will be non-null on pull request comments
issue_comment:
types: [created]
# synchronize is the pull_request_target event when changes are pushed
# pull request merged is the closed event with github.event.pull_request.merged = true
pull_request_target:
types: [closed, labeled, opened, reopened, review_requested, synchronize, unlabeled]
# This removes all unnecessary permissions, the ones needed will be set below.
# https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token
permissions: {}
jobs:
# This event requires the Azure CLI to get the LABEL_SERVICE_API_KEY from the vault.
# Because the azure/login step adds time costly pre/post Az CLI commands to any every job
# it's used in, split this into its own job so only the event that needs the Az CLI pays
# the cost.
event-handler-with-azure:
permissions:
issues: write
pull-requests: write
# For OIDC auth
id-token: write
contents: read
name: Handle ${{ github.event_name }} ${{ github.event.action }} event with azure login
runs-on: ubuntu-latest
if: ${{ github.event_name == 'issues' && github.event.action == 'opened' }}
steps:
- name: 'Az CLI login'
uses: azure/login@v2
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- name: 'Run Azure CLI commands'
run: |
LABEL_SERVICE_API_KEY=$(az keyvault secret show \
--vault-name issue-labeler \
-n issue-labeler-func-key \
-o tsv \
--query value)
echo "::add-mask::$LABEL_SERVICE_API_KEY"
echo "LABEL_SERVICE_API_KEY=$LABEL_SERVICE_API_KEY" >> $GITHUB_ENV
# To run github-event-processor built from source, for testing purposes, uncomment everything
# in between the Start/End-Build From Source comments and comment everything in between the
# Start/End-Install comments
# Start-Install
- name: Install GitHub Event Processor
run: >
dotnet tool install
Azure.Sdk.Tools.GitHubEventProcessor
--version 1.0.0-dev.20240917.2
--add-source https://pkgs.dev.azure.com/azure-sdk/public/_packaging/azure-sdk-for-net/nuget/v3/index.json
--global
shell: bash
# End-Install
# Testing checkout of sources from the Azure/azure-sdk-tools repository
# The ref: is the SHA from the pull request in that repository or the
# refs/pull/<PRNumber>/merge for the latest on any given PR. If the repository
# is a fork eg. <User>/azure-sdk-tools then the repository down below will
# need to point to that fork
# Start-Build
# - name: Checkout tools repo for GitHub Event Processor sources
# uses: actions/checkout@v3
# with:
# repository: Azure/azure-sdk-tools
# path: azure-sdk-tools
# ref: <refs/pull/<PRNumber>/merge> or <sha>
# - name: Build and install GitHubEventProcessor from sources
# run: |
# dotnet pack
# dotnet tool install --global --prerelease --add-source ../../../artifacts/packages/Debug Azure.Sdk.Tools.GitHubEventProcessor
# shell: bash
# working-directory: azure-sdk-tools/tools/github-event-processor/Azure.Sdk.Tools.GitHubEventProcessor
# End-Build
- name: Process Action Event
run: |
cat > payload.json << 'EOF'
${{ toJson(github.event) }}
EOF
github-event-processor ${{ github.event_name }} payload.json
shell: bash
env:
# This is a temporary secret generated by github
# https://docs.github.com/en/actions/security-guides/automatic-token-authentication#about-the-github_token-secret
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
LABEL_SERVICE_API_KEY: ${{ env.LABEL_SERVICE_API_KEY }}
event-handler:
permissions:
issues: write
pull-requests: write
name: Handle ${{ github.event_name }} ${{ github.event.action }} event
runs-on: ubuntu-latest
if: ${{ github.event_name != 'issues' || github.event.action != 'opened' }}
steps:
# To run github-event-processor built from source, for testing purposes, uncomment everything
# in between the Start/End-Build From Source comments and comment everything in between the
# Start/End-Install comments
# Start-Install
- name: Install GitHub Event Processor
run: >
dotnet tool install
Azure.Sdk.Tools.GitHubEventProcessor
--version 1.0.0-dev.20240917.2
--add-source https://pkgs.dev.azure.com/azure-sdk/public/_packaging/azure-sdk-for-net/nuget/v3/index.json
--global
shell: bash
# End-Install
# Testing checkout of sources from the Azure/azure-sdk-tools repository
# The ref: is the SHA from the pull request in that repository or the
# refs/pull/<PRNumber>/merge for the latest on any given PR. If the repository
# is a fork eg. <User>/azure-sdk-tools then the repository down below will
# need to point to that fork
# Start-Build
# - name: Checkout tools repo for GitHub Event Processor sources
# uses: actions/checkout@v3
# with:
# repository: Azure/azure-sdk-tools
# path: azure-sdk-tools
# ref: <refs/pull/<PRNumber>/merge> or <sha>
# - name: Build and install GitHubEventProcessor from sources
# run: |
# dotnet pack
# dotnet tool install --global --prerelease --add-source ../../../artifacts/packages/Debug Azure.Sdk.Tools.GitHubEventProcessor
# shell: bash
# working-directory: azure-sdk-tools/tools/github-event-processor/Azure.Sdk.Tools.GitHubEventProcessor
# End-Build
- name: Process Action Event
run: |
cat > payload.json << 'EOF'
${{ toJson(github.event) }}
EOF
github-event-processor ${{ github.event_name }} payload.json
shell: bash
env:
# This is a temporary secret generated by github
# https://docs.github.com/en/actions/security-guides/automatic-token-authentication#about-the-github_token-secret
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}