Skip to content

Commit

Permalink
Use managed identity with OpenID Connect
Browse files Browse the repository at this point in the history 
Signed-off-by: Simon Zhao <[email protected]>
  • Loading branch information
@SimonYansenZhao
SimonYansenZhao committed Oct 27, 2024
1 parent 4831a06 commit 01fbea5
Show file tree
Hide file tree
Showing 5 changed files with 31 additions and 7 deletions.
14 changes: 11 additions & 3 deletions .github/actions/azureml-test/action.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,9 +15,15 @@ inputs:
TEST_KIND:
required: true
description: Type of test - unit or nightly
AZUREML_TEST_CREDENTIALS:
AZUREML_TEST_UMI_CLIENT_ID:
required: true
description: Credentials for AzureML login
description: AzureML User-managed identity client ID
AZUREML_TEST_UMI_TENANT_ID:
required: true
description: AzureML User-managed identity tenant ID
AZUREML_TEST_UMI_SUB_ID:
required: true
description: AzureML User-managed identity subscription ID
AZUREML_TEST_SUBID:
required: true
description: AzureML subscription ID
Expand Down Expand Up @@ -53,7 +59,9 @@ runs:
- name: Log in to Azure
uses: azure/login@v2
with:
creds: ${{ inputs.AZUREML_TEST_CREDENTIALS }}
client-id: ${{ inputs.AZUREML_TEST_UMI_CLIENT_ID }}
tenant-id: ${{ inputs.AZUREML_TEST_UMI_TENANT_ID }}
subscription-id: ${{ inputs.AZUREML_TEST_UMI_SUB_ID }}
- name: Submit tests to AzureML
shell: bash
run: |
Expand Down
6 changes: 5 additions & 1 deletion .github/workflows/azureml-cpu-nightly.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,8 @@ jobs:
needs: get-test-groups
name: ${{ join(matrix.*, ', ') }}
runs-on: ubuntu-latest
permissions:
id-token: write # This is required for requesting the JWT
strategy:
max-parallel: 50 # Usage limits: https://docs.github.com/en/actions/learn-github-actions/usage-limits-billing-and-administration
matrix:
Expand All @@ -79,7 +81,9 @@ jobs:
EXP_NAME: recommenders-nightly-${{ matrix.test-group }}-python${{ matrix.python-version }}-${{ github.ref }}
ENV_NAME: recommenders-${{ github.sha }}-python${{ matrix.python-version }}${{ contains(matrix.test-group, 'gpu') && '-gpu' || '' }}${{ contains(matrix.test-group, 'spark') && '-spark' || '' }}
TEST_KIND: 'nightly'
AZUREML_TEST_CREDENTIALS: ${{ secrets.AZUREML_TEST_CREDENTIALS }}
AZUREML_TEST_UMI_CLIENT_ID: ${{ secrets.AZUREML_TEST_UMI_CLIENT_ID }}
AZUREML_TEST_UMI_TENANT_ID: ${{ secrets.AZUREML_TEST_UMI_TENANT_ID }}
AZUREML_TEST_UMI_SUB_ID: ${{ secrets.AZUREML_TEST_UMI_SUB_ID }}
AZUREML_TEST_SUBID: ${{ secrets.AZUREML_TEST_SUBID }}
PYTHON_VERSION: ${{ matrix.python-version }}
TEST_GROUP: ${{ matrix.test-group }}
6 changes: 5 additions & 1 deletion .github/workflows/azureml-gpu-nightly.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,8 @@ jobs:
needs: get-test-groups
name: ${{ join(matrix.*, ', ') }}
runs-on: ubuntu-latest
permissions:
id-token: write # This is required for requesting the JWT
strategy:
max-parallel: 50 # Usage limits: https://docs.github.com/en/actions/learn-github-actions/usage-limits-billing-and-administration
matrix:
Expand All @@ -79,7 +81,9 @@ jobs:
EXP_NAME: recommenders-nightly-${{ matrix.test-group }}-python${{ matrix.python-version }}-${{ github.ref }}
ENV_NAME: recommenders-${{ github.sha }}-python${{ matrix.python-version }}${{ contains(matrix.test-group, 'gpu') && '-gpu' || '' }}${{ contains(matrix.test-group, 'spark') && '-spark' || '' }}
TEST_KIND: 'nightly'
AZUREML_TEST_CREDENTIALS: ${{ secrets.AZUREML_TEST_CREDENTIALS }}
AZUREML_TEST_UMI_CLIENT_ID: ${{ secrets.AZUREML_TEST_UMI_CLIENT_ID }}
AZUREML_TEST_UMI_TENANT_ID: ${{ secrets.AZUREML_TEST_UMI_TENANT_ID }}
AZUREML_TEST_UMI_SUB_ID: ${{ secrets.AZUREML_TEST_UMI_SUB_ID }}
AZUREML_TEST_SUBID: ${{ secrets.AZUREML_TEST_SUBID }}
PYTHON_VERSION: ${{ matrix.python-version }}
TEST_GROUP: ${{ matrix.test-group }}
6 changes: 5 additions & 1 deletion .github/workflows/azureml-spark-nightly.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,8 @@ jobs:
needs: get-test-groups
name: ${{ join(matrix.*, ', ') }}
runs-on: ubuntu-latest
permissions:
id-token: write # This is required for requesting the JWT
strategy:
max-parallel: 50 # Usage limits: https://docs.github.com/en/actions/learn-github-actions/usage-limits-billing-and-administration
matrix:
Expand All @@ -78,7 +80,9 @@ jobs:
EXP_NAME: recommenders-nightly-${{ matrix.test-group }}-python${{ matrix.python-version }}-${{ github.ref }}
ENV_NAME: recommenders-${{ github.sha }}-python${{ matrix.python-version }}${{ contains(matrix.test-group, 'gpu') && '-gpu' || '' }}${{ contains(matrix.test-group, 'spark') && '-spark' || '' }}
TEST_KIND: 'nightly'
AZUREML_TEST_CREDENTIALS: ${{ secrets.AZUREML_TEST_CREDENTIALS }}
AZUREML_TEST_UMI_CLIENT_ID: ${{ secrets.AZUREML_TEST_UMI_CLIENT_ID }}
AZUREML_TEST_UMI_TENANT_ID: ${{ secrets.AZUREML_TEST_UMI_TENANT_ID }}
AZUREML_TEST_UMI_SUB_ID: ${{ secrets.AZUREML_TEST_UMI_SUB_ID }}
AZUREML_TEST_SUBID: ${{ secrets.AZUREML_TEST_SUBID }}
PYTHON_VERSION: ${{ matrix.python-version }}
TEST_GROUP: ${{ matrix.test-group }}
6 changes: 5 additions & 1 deletion .github/workflows/azureml-unit-tests.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,8 @@ jobs:
needs: get-test-groups
name: ${{ join(matrix.*, ', ') }}
runs-on: ubuntu-latest
permissions:
id-token: write # This is required for requesting the JWT
strategy:
max-parallel: 50 # Usage limits: https://docs.github.com/en/actions/learn-github-actions/usage-limits-billing-and-administration
matrix:
Expand All @@ -68,7 +70,9 @@ jobs:
EXP_NAME: recommenders-unit-${{ matrix.test-group }}-python${{ matrix.python-version }}-${{ github.sha }}
ENV_NAME: recommenders-${{ github.sha }}-python${{ matrix.python-version }}${{ contains(matrix.test-group, 'gpu') && '-gpu' || '' }}${{ contains(matrix.test-group, 'spark') && '-spark' || '' }}
TEST_KIND: 'unit'
AZUREML_TEST_CREDENTIALS: ${{ secrets.AZUREML_TEST_CREDENTIALS }}
AZUREML_TEST_UMI_CLIENT_ID: ${{ secrets.AZUREML_TEST_UMI_CLIENT_ID }}
AZUREML_TEST_UMI_TENANT_ID: ${{ secrets.AZUREML_TEST_UMI_TENANT_ID }}
AZUREML_TEST_UMI_SUB_ID: ${{ secrets.AZUREML_TEST_UMI_SUB_ID }}
AZUREML_TEST_SUBID: ${{ secrets.AZUREML_TEST_SUBID }}
PYTHON_VERSION: ${{ matrix.python-version }}
TEST_GROUP: ${{ matrix.test-group }}
Expand Down

0 comments on commit 01fbea5

Please sign in to comment.