[{"data":1,"prerenderedAt":7841},["Reactive",2],{"navigation":3,"/posts/azure-ready-github-repository":204,"/posts/azure-ready-github-repository-surround":7815},[4,192,200],{"title":5,"_path":6,"children":7,"icon":191},"Blog","/posts",[8,11,14,17,20,23,26,29,32,35,38,41,44,47,50,53,56,59,62,65,68,71,74,77,80,83,86,89,92,95,98,101,104,107,110,113,116,119,122,125,128,131,134,137,140,143,146,149,152,155,158,161,164,167,170,173,176,179,182,185,188],{"title":9,"_path":10},"Testing your API with REST Client","/posts/testing-your-api-with-rest-client",{"title":12,"_path":13},"HTML templating in Xamarin","/posts/html-templating-in-xamarin",{"title":15,"_path":16},"Goodbye Azure Portal, Welcome Azure CLI","/posts/welcome-azure-cli",{"title":18,"_path":19},"Coming across Gitpod","/posts/gitpod",{"title":21,"_path":22},"Handle token retrieval while querying an API","/posts/delegating-handler",{"title":24,"_path":25},"Clean up your local git branches.","/posts/cleaning-git-branches",{"title":27,"_path":28},"Automate configuration of Teams Tab SSO with PowerShell.","/posts/teams-sso-powershell",{"title":30,"_path":31},"How to do a technology watch? - Part 1","/posts/technology-watch-part1",{"title":33,"_path":34},"How to do a technology watch? - Part 2","/posts/technology-watch-part2",{"title":36,"_path":37},"You almost no longer need Key Vault references for Azure Functions.","/posts/azure-functions-custom-configuration",{"title":39,"_path":40},"How to do a technology watch? - Part 3","/posts/technology-watch-part3",{"title":42,"_path":43},"Forget DevOps, the future is already here!","/posts/devops-future",{"title":45,"_path":46},"Week 9, 2021 - Tips I learned this week","/posts/w09-2021-tips-learned-this-week",{"title":48,"_path":49},"Week 12, 2021 - Tips I learned this week","/posts/w12-2021-tips-learned-this-week",{"title":51,"_path":52},"Week 14, 2021 - Tips I learned this week","/posts/w14-2021-tips-learned-this-week",{"title":54,"_path":55},"Once upon a time in .NET","/posts/once-upon-a-time-in-dotnet",{"title":57,"_path":58},"Install your applications with winget","/posts/winget-import",{"title":60,"_path":61},"Customize your applications when installing them with winget","/posts/winget-override",{"title":63,"_path":64},"Week 22, 2021 - Tips I learned this week","/posts/w22-2021-tips-learned-this-week",{"title":66,"_path":67},"How to connect to an Azure SQL Database from C# using Azure AD","/posts/sqlclient-active-directory-authent",{"title":69,"_path":70},"Producing packages for Windows Package Manager","/posts/wingetcreate",{"title":72,"_path":73},"4 tips about GitHub Actions environment variables and contexts","/posts/github-actions-var-and-context",{"title":75,"_path":76},"AzureWebJobsStorage, the secret you don't need in your Function App.","/posts/azure-functions-without-azurewebjobsstorage",{"title":78,"_path":79},"ASP.NET Core - Lost in configuration","/posts/lost-in-configuration",{"title":81,"_path":82},"Week 39, 2021 - Tips I learned this week","/posts/w39-2021-tips-learned-this-week",{"title":84,"_path":85},"Week 41, 2021 - Tips I learned this week","/posts/w41-2021-tips-learned-this-week",{"title":87,"_path":88},"Migrating and open-sourcing my blog","/posts/migrating-blog",{"title":90,"_path":91},"Week 45, 2021 - Tips I learned this week","/posts/w45-2021-tips-learned-this-week",{"title":93,"_path":94},"Organize your GitHub stars with Astral","/posts/astral",{"title":96,"_path":97},"Pulumi with an Azure Blob Storage backend","/posts/pulumi-azure-backend",{"title":99,"_path":100},"IaC Hot Reload with Pulumi Watch","/posts/pulumi-watch",{"title":102,"_path":103},"Week 2, 2022 - Tips I learned this week","/posts/w02-2022-tips-learned-this-week",{"title":105,"_path":106},"Week 3, 2022 - Tips I learned this week","/posts/w03-2022-tips-learned-this-week",{"title":108,"_path":109},"Week 5, 2022 - Tips I learned this week","/posts/w05-2022-tips-learned-this-week",{"title":111,"_path":112},"How to provision an Azure SQL Database with Active Directory authentication","/posts/sqldatabase-active-directory-authent",{"title":114,"_path":115},"Why will I choose Pulumi over Terraform for my next project?","/posts/pulumi-vs-terraform",{"title":117,"_path":118},"Week 19, 2022 - Tips I learned this week","/posts/w19-2022-tips-learned-this-week",{"title":120,"_path":121},"Week 20, 2022 - Tips I learned this week","/posts/w20-2022-tips-learned-this-week",{"title":123,"_path":124},"Keeping secrets secure when using API Clients","/posts/http-clients-secrets",{"title":126,"_path":127},"What made me want to be a developer?","/posts/be-a-developer",{"title":129,"_path":130},"What can we do when stuck with a programming problem?","/posts/get-unstuck",{"title":132,"_path":133},"How did I automate the setup of my developer Windows laptop?","/posts/automate-developer-machine",{"title":135,"_path":136},"Discussion about API clients","/posts/http-clients",{"title":138,"_path":139},"Week 46, 2022 - Tips I learned this week","/posts/w46-2022-tips-learned-this-week",{"title":141,"_path":142},"When Pulumi met Nuke: a .NET love story","/posts/when-pulumi-met-nuke",{"title":144,"_path":145},"A year of learning and sharing - Dev Retro 2022","/posts/2022-retro",{"title":147,"_path":148},"Perform Dynamic Execution of an npm Package","/posts/pnpm-dlx",{"title":150,"_path":151},"Manage multiple Node.js versions","/posts/pnpm-env",{"title":153,"_path":154},"Introducing the Vue.js CI/CD series","/posts/vuecicd-introduction",{"title":156,"_path":157},"Execute commands using your project dependencies","/posts/pnpm-exec",{"title":159,"_path":160},"Vue.js CI/CD: Continuous Integration","/posts/vuecicd-ci",{"title":162,"_path":163},"Who is using pnpm?","/posts/pnpm-who-is-using",{"title":165,"_path":166},"Create an Azure-Ready GitHub Repository using Pulumi","/posts/azure-ready-github-repository",{"title":168,"_path":169},"Deploying to Azure from Azure DevOps without secrets","/posts/ado-workload-identity-federation",{"title":171,"_path":172},"Effortlessly Configure GitHub Repositories for Azure Deployment via OIDC","/posts/scripting-azure-ready-github-repository",{"title":174,"_path":175},"Playing with the .NET 8 Web API template","/posts/playing-with-dotnet8",{"title":177,"_path":178},"Another year of sharing and learning - Dev Retro 2023","/posts/2023-retro",{"title":180,"_path":181},"Week 4, 2024 - Tips I learned this week","/posts/w04-2024-tips-learned-this-week",{"title":183,"_path":184},"Using dependency injection with Azure .NET SDK","/posts/azure-sdk-di",{"title":186,"_path":187},"Having Fun With IT Event Calendars","/posts/it-event-calendars",{"title":189,"_path":190},"Call your Azure AD B2C protected API with authenticated HTTP requests from your JetBrains IDE","/posts/http-clients-oauth2","i-heroicons-newspaper",{"title":193,"_path":194,"children":195,"icon":199},"Goodies","/goodies",[196],{"title":197,"_path":198},"My Git Cheat Sheet","/goodies/gitcheatsheet","i-heroicons-gift-solid",{"title":201,"_path":202,"icon":203},"About","/about","i-heroicons-user-circle-solid",{"_path":166,"_dir":205,"_draft":206,"_partial":206,"_locale":207,"title":165,"description":208,"lead":209,"date":210,"image":211,"badge":213,"tags":215,"body":223,"_type":7810,"_id":7811,"_source":7812,"_file":7813,"_extension":7814},"posts",false,"","Creating an application and deploying it to Azure is not complicated. You write some code on your machine, do some clicks in the Azure portal, or run some Azure CLI commands from your terminal and that's it: your application is up and running in Azure.","Using Azure OpenID Connect with Pulumi in GitHub Actions","2023-07-20T00:00:00.000Z",{"src":212},"/images/azureOIDC.webp",{"label":214},"DevOps",[216,217,218,219,220,221,222],"Azure","GitHub","GitHub Actions","OpenID Connect","Pulumi","IaC","security",{"type":224,"children":225,"toc":7785},"root",[226,233,238,251,258,269,281,288,299,336,345,351,363,401,410,432,438,443,448,457,462,471,476,501,519,540,546,555,561,566,593,598,621,626,632,638,643,709,714,773,813,818,855,868,886,892,915,940,956,961,1244,1266,1288,1320,1332,1337,1589,1605,1610,1905,1932,1937,1951,1960,1966,1971,1976,2280,2292,2395,2400,2490,2512,2576,2584,2590,2595,2600,2619,2624,2776,2781,3289,3306,3312,3317,3322,3669,3682,4302,4315,4340,4348,4377,4411,4504,4526,4726,4731,5121,5126,5158,5181,5187,5199,5209,5214,5223,5228,5271,5276,5281,5333,5345,5358,5375,5396,5405,5410,5416,5422,5427,5432,5438,5443,5461,5466,5472,5477,5564,5570,5575,5580,7761,7774,7779],{"type":227,"tag":228,"props":229,"children":230},"element","p",{},[231],{"type":232,"value":208},"text",{"type":227,"tag":228,"props":234,"children":235},{},[236],{"type":232,"value":237},"Yet, that's not real life, at least not what you will do when working on a professional project. Your code needs to be versioned and pushed to a location where your colleagues can work on it. The provisioning of Azure resources and deployment to Azure should be carried out using a properly configured CI/CD pipeline with the necessary authorization.",{"type":227,"tag":228,"props":239,"children":240},{},[241,243,249],{"type":232,"value":242},"That's a lot of work that would need to be done each time you start a new project. So let's automate that using Pulumi to simplify the process and create an \"",{"type":227,"tag":244,"props":245,"children":246},"em",{},[247],{"type":232,"value":248},"Azure-Ready GitHub repository",{"type":232,"value":250},"\".",{"type":227,"tag":252,"props":253,"children":255},"h2",{"id":254},"whats-an-azure-ready-github-repository",[256],{"type":232,"value":257},"What's an Azure-Ready GitHub repository?",{"type":227,"tag":228,"props":259,"children":260},{},[261,263,267],{"type":232,"value":262},"\"",{"type":227,"tag":244,"props":264,"children":265},{},[266],{"type":232,"value":248},{"type":232,"value":268},"\" is not an official term or concept, it's just something I've come up with to describe a Github repository that has everything correctly configured to provision Azure resources or deploy applications to Azure from a GitHub Actions CI/CD pipeline.",{"type":227,"tag":228,"props":270,"children":271},{},[272],{"type":227,"tag":273,"props":274,"children":280},"img",{"alt":275,"className":276,"src":279},"Diagram of a GitHub repository interacting with Azure.",[277,278],"rounded-lg","mx-auto","/posts/images/azurereadygithub_overview_1.webp",[],{"type":227,"tag":282,"props":283,"children":285},"h3",{"id":284},"the-github-part",[286],{"type":232,"value":287},"The GitHub part",{"type":227,"tag":228,"props":289,"children":290},{},[291,293,297],{"type":232,"value":292},"On the GitHub side, to have an ",{"type":227,"tag":244,"props":294,"children":295},{},[296],{"type":232,"value":248},{"type":232,"value":298},", we need:",{"type":227,"tag":300,"props":301,"children":302},"ul",{},[303,318,323],{"type":227,"tag":304,"props":305,"children":306},"li",{},[307,309,316],{"type":232,"value":308},"the GitHub repository itself (already initialized with a ",{"type":227,"tag":310,"props":311,"children":313},"code",{"className":312},[],[314],{"type":232,"value":315},"main",{"type":232,"value":317}," branch)",{"type":227,"tag":304,"props":319,"children":320},{},[321],{"type":232,"value":322},"the necessary GitHub Actions variables/secrets to authenticate to the correct Azure subscription",{"type":227,"tag":304,"props":324,"children":325},{},[326,328,334],{"type":232,"value":327},"a YAML file located in the ",{"type":227,"tag":310,"props":329,"children":331},{"className":330},[],[332],{"type":232,"value":333},".github/workflows/",{"type":232,"value":335}," folder that contains the CI/CD pipeline that provisions resources in Azure",{"type":227,"tag":228,"props":337,"children":338},{},[339],{"type":227,"tag":273,"props":340,"children":344},{"alt":341,"className":342,"src":343},"A diagram of the GitHub repository to create.",[277,278],"/posts/images/azurereadygithub_github_1.webp",[],{"type":227,"tag":282,"props":346,"children":348},{"id":347},"the-azure-part",[349],{"type":232,"value":350},"The Azure part",{"type":227,"tag":228,"props":352,"children":353},{},[354,356,361],{"type":232,"value":355},"On the Azure side, to have an ",{"type":227,"tag":244,"props":357,"children":358},{},[359],{"type":232,"value":360},"Azure-Ready GitHub repository,",{"type":232,"value":362}," we need:",{"type":227,"tag":300,"props":364,"children":365},{},[366,371],{"type":227,"tag":304,"props":367,"children":368},{},[369],{"type":232,"value":370},"the existing Azure subscription to which resources are deployed",{"type":227,"tag":304,"props":372,"children":373},{},[374,376,381,383],{"type":232,"value":375},"an ",{"type":227,"tag":244,"props":377,"children":378},{},[379],{"type":232,"value":380},"identity",{"type":232,"value":382}," in the Azure Active Directory of the desired tenant so that the GitHub CI/CD pipeline can authenticate to Azure and interact with the subscription",{"type":227,"tag":300,"props":384,"children":385},{},[386,391,396],{"type":227,"tag":304,"props":387,"children":388},{},[389],{"type":232,"value":390},"an Azure AD application that represents the GitHub Actions pipeline identity",{"type":227,"tag":304,"props":392,"children":393},{},[394],{"type":232,"value":395},"a Service Principal (related to the Azure AD application) that has the contributor role on the Azure subscription",{"type":227,"tag":304,"props":397,"children":398},{},[399],{"type":232,"value":400},"credentials for the CI/CD pipeline to authenticate to Azure on behalf of this Azure AD application",{"type":227,"tag":228,"props":402,"children":403},{},[404],{"type":227,"tag":273,"props":405,"children":409},{"alt":406,"className":407,"src":408},"A diagram of the resources to configure in Azure.",[277,278],"/posts/images/azurereadygithub_azure_1.webp",[],{"type":227,"tag":411,"props":412,"children":414},"callout",{"icon":413},"i-heroicons-information-circle",[415],{"type":227,"tag":228,"props":416,"children":417},{},[418,423,425,430],{"type":227,"tag":244,"props":419,"children":420},{},[421],{"type":232,"value":422},"Azure Active Directory",{"type":232,"value":424}," has recently been renamed ",{"type":227,"tag":244,"props":426,"children":427},{},[428],{"type":232,"value":429},"Microsoft Entra ID",{"type":232,"value":431}," (as of the time of writing). However, I will continue to use the term Azure Active Directory throughout the rest of the article. Please note that both terms refer to the same service.",{"type":227,"tag":282,"props":433,"children":435},{"id":434},"the-problem-with-secret-credentials",[436],{"type":232,"value":437},"The problem with secret credentials",{"type":227,"tag":228,"props":439,"children":440},{},[441],{"type":232,"value":442},"People tend to use secret credentials to authenticate their pipeline to Azure and that's not the best thing to do.",{"type":227,"tag":228,"props":444,"children":445},{},[446],{"type":232,"value":447},"From a security standpoint, depending on secrets always poses a security risk. Even if in that case the secret would be safely stored in a GitHub secret and never exposed publicly, it's still better to avoid secrets when we can.",{"type":227,"tag":411,"props":449,"children":451},{"icon":450},"i-fluent-emoji-flat-locked-with-key",[452],{"type":227,"tag":228,"props":453,"children":454},{},[455],{"type":232,"value":456},"That's precisely why when hosting applications in Azure, we use Managed Identities and IAM roles instead of relying on secrets. Yet, here we can't use Managed Identities for GitHub Actions pipelines.",{"type":227,"tag":228,"props":458,"children":459},{},[460],{"type":232,"value":461},"From a practical standpoint, depending on secrets can quickly become problematic as they expire and thus require rotation. Of course, you can set up alerting or automate secret rotation but that's something you would prefer to avoid managing.",{"type":227,"tag":411,"props":463,"children":465},{"icon":464},"i-heroicons-chat-bubble-left-20-solid",[466],{"type":227,"tag":228,"props":467,"children":468},{},[469],{"type":232,"value":470},"I recently encountered a situation in Azure DevOps where a deployment failed due to the expiration of an Azure AD Application secret associated with the Service Connection used in the pipeline, and we were not alerted about it. That's the kind of scenario that can easily happen with secrets and that you want to avoid.",{"type":227,"tag":228,"props":472,"children":473},{},[474],{"type":232,"value":475},"So what can we do about that?",{"type":227,"tag":228,"props":477,"children":478},{},[479,481,490,492,499],{"type":232,"value":480},"👉 We can stop using secret credentials and use ",{"type":227,"tag":482,"props":483,"children":487},"a",{"href":484,"rel":485},"https://learn.microsoft.com/en-us/azure/active-directory/workload-identities/workload-identity-federation",[486],"nofollow",[488],{"type":232,"value":489},"Workload identity federation",{"type":232,"value":491}," instead. I suggest you have a look at this ",{"type":227,"tag":482,"props":493,"children":496},{"href":494,"rel":495},"https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect",[486],[497],{"type":232,"value":498},"GitHub documentation page",{"type":232,"value":500}," as well to better understand how it works but basically, you can remember the following:",{"type":227,"tag":300,"props":502,"children":503},{},[504,509,514],{"type":227,"tag":304,"props":505,"children":506},{},[507],{"type":232,"value":508},"this mechanism relies on Open ID Connect and trust between Azure and GitHub",{"type":227,"tag":304,"props":510,"children":511},{},[512],{"type":232,"value":513},"the GitHub pipeline does not need an Azure AD application secret anymore to authenticate to Azure",{"type":227,"tag":304,"props":515,"children":516},{},[517],{"type":232,"value":518},"it's not an Azure thing only, it's an open standard that also works with other cloud providers and other platforms than Github",{"type":227,"tag":228,"props":520,"children":521},{},[522,524,529,531,538],{"type":232,"value":523},"To establish the trust relationship between the Azure AD application and the GitHub repository, a ",{"type":227,"tag":244,"props":525,"children":526},{},[527],{"type":232,"value":528},"Federated Identity Credential",{"type":232,"value":530}," must be created in the Azure Active Directory. You can find how to do that manually from the portal in the ",{"type":227,"tag":482,"props":532,"children":535},{"href":533,"rel":534},"https://learn.microsoft.com/en-us/azure/active-directory/workload-identities/workload-identity-federation-create-trust?pivots=identity-wif-apps-methods-azp",[486],[536],{"type":232,"value":537},"documentation",{"type":232,"value":539}," but we are going to directly automate that 😉.",{"type":227,"tag":282,"props":541,"children":543},{"id":542},"the-complete-solution-to-implement",[544],{"type":232,"value":545},"The complete solution to implement",{"type":227,"tag":228,"props":547,"children":548},{},[549],{"type":227,"tag":273,"props":550,"children":554},{"alt":551,"className":552,"src":553},"A diagram showing the interactions between Azure and GitHub.",[277,278],"/posts/images/azurereadygithub_overview_2.webp",[],{"type":227,"tag":252,"props":556,"children":558},{"id":557},"why-use-pulumi-in-that-context",[559],{"type":232,"value":560},"Why use Pulumi in that context?",{"type":227,"tag":228,"props":562,"children":563},{},[564],{"type":232,"value":565},"You might wonder why I chose to automate this process using Pulumi instead of writing a Bash or PowerShell script that would execute commands from the GitHub CLI and the Azure CLI.",{"type":227,"tag":411,"props":567,"children":569},{"icon":568},"i-heroicons-light-bulb",[570],{"type":227,"tag":228,"props":571,"children":572},{},[573,575,582,584,591],{"type":232,"value":574},"By the way, you should check ",{"type":227,"tag":482,"props":576,"children":579},{"href":577,"rel":578},"https://cli.github.com/",[486],[580],{"type":232,"value":581},"GitHub CLI",{"type":232,"value":583}," if you have not done it yet, it's very handy. And if you have read my article about ",{"type":227,"tag":482,"props":585,"children":588},{"href":586,"rel":587},"https://www.techwatching.dev/posts/welcome-azure-cli",[486],[589],{"type":232,"value":590},"Azure CLI",{"type":232,"value":592},", you know it's a very convenient tool as well.",{"type":227,"tag":228,"props":594,"children":595},{},[596],{"type":232,"value":597},"I think Pulumi is a better choice here because:",{"type":227,"tag":300,"props":599,"children":600},{},[601,606,611,616],{"type":227,"tag":304,"props":602,"children":603},{},[604],{"type":232,"value":605},"a script is imperative by nature, but declarative infrastructure seems more suitable to avoid dealing with idempotency",{"type":227,"tag":304,"props":607,"children":608},{},[609],{"type":232,"value":610},"Pulumi can interact with both GitHub and Azure using its providers",{"type":227,"tag":304,"props":612,"children":613},{},[614],{"type":232,"value":615},"the code will be easier to write and maintain",{"type":227,"tag":304,"props":617,"children":618},{},[619],{"type":232,"value":620},"the code could be integrated into any application (including a future self-service infrastructure portal) using Pulumi Automation API",{"type":227,"tag":228,"props":622,"children":623},{},[624],{"type":232,"value":625},"In this article, the Pulumi code will be in TypeScript but it would work in any language supported by Pulumi.",{"type":227,"tag":252,"props":627,"children":629},{"id":628},"automate-the-creation-of-the-azure-ready-github-repository",[630],{"type":232,"value":631},"Automate the creation of the Azure-Ready GitHub Repository",{"type":227,"tag":282,"props":633,"children":635},{"id":634},"create-the-pulumi-project",[636],{"type":232,"value":637},"Create the Pulumi project",{"type":227,"tag":228,"props":639,"children":640},{},[641],{"type":232,"value":642},"Let's start by scaffolding a new Pulumi project using TypeScript:",{"type":227,"tag":644,"props":645,"children":649},"pre",{"className":646,"code":647,"language":648,"meta":207,"style":207},"language-powershell shiki shiki-themes material-theme-lighter material-theme material-theme-palenight","pulumi new typescript -n AzureOIDC -s dev -d \"A program to set up an Azure-Ready GitHub repository\"\n","powershell",[650],{"type":227,"tag":310,"props":651,"children":652},{"__ignoreMap":207},[653],{"type":227,"tag":654,"props":655,"children":658},"span",{"class":656,"line":657},"line",1,[659,665,671,676,680,685,689,694,698,704],{"type":227,"tag":654,"props":660,"children":662},{"style":661},"--shiki-light:#90A4AE;--shiki-default:#EEFFFF;--shiki-dark:#BABED8",[663],{"type":232,"value":664},"pulumi new typescript ",{"type":227,"tag":654,"props":666,"children":668},{"style":667},"--shiki-light:#39ADB5;--shiki-default:#89DDFF;--shiki-dark:#89DDFF",[669],{"type":232,"value":670},"-",{"type":227,"tag":654,"props":672,"children":673},{"style":661},[674],{"type":232,"value":675},"n AzureOIDC ",{"type":227,"tag":654,"props":677,"children":678},{"style":667},[679],{"type":232,"value":670},{"type":227,"tag":654,"props":681,"children":682},{"style":661},[683],{"type":232,"value":684},"s dev ",{"type":227,"tag":654,"props":686,"children":687},{"style":667},[688],{"type":232,"value":670},{"type":227,"tag":654,"props":690,"children":691},{"style":661},[692],{"type":232,"value":693},"d ",{"type":227,"tag":654,"props":695,"children":696},{"style":667},[697],{"type":232,"value":262},{"type":227,"tag":654,"props":699,"children":701},{"style":700},"--shiki-light:#91B859;--shiki-default:#C3E88D;--shiki-dark:#C3E88D",[702],{"type":232,"value":703},"A program to set up an Azure-Ready GitHub repository",{"type":227,"tag":654,"props":705,"children":706},{"style":667},[707],{"type":232,"value":708},"\"\n",{"type":227,"tag":228,"props":710,"children":711},{},[712],{"type":232,"value":713},"This command creates a new pulumi project and stack from the TypeScript template:",{"type":227,"tag":300,"props":715,"children":716},{},[717,737,755],{"type":227,"tag":304,"props":718,"children":719},{},[720,722,727,729,735],{"type":232,"value":721},"The name of the project \"",{"type":227,"tag":244,"props":723,"children":724},{},[725],{"type":232,"value":726},"AzureOIDC\"",{"type":232,"value":728}," is specified using the ",{"type":227,"tag":310,"props":730,"children":732},{"className":731},[],[733],{"type":232,"value":734},"-n",{"type":232,"value":736}," option",{"type":227,"tag":304,"props":738,"children":739},{},[740,742,746,748,754],{"type":232,"value":741},"The description of the project \"",{"type":227,"tag":244,"props":743,"children":744},{},[745],{"type":232,"value":703},{"type":232,"value":747},"\" is specified using the ",{"type":227,"tag":310,"props":749,"children":751},{"className":750},[],[752],{"type":232,"value":753},"-d",{"type":232,"value":736},{"type":227,"tag":304,"props":756,"children":757},{},[758,760,765,766,772],{"type":232,"value":759},"The stack of the project \"",{"type":227,"tag":244,"props":761,"children":762},{},[763],{"type":232,"value":764},"dev",{"type":232,"value":747},{"type":227,"tag":310,"props":767,"children":769},{"className":768},[],[770],{"type":232,"value":771},"-s",{"type":232,"value":736},{"type":227,"tag":411,"props":774,"children":775},{"icon":413},[776],{"type":227,"tag":228,"props":777,"children":778},{},[779,781,787,789,795,797,803,805,811],{"type":232,"value":780},"By default, the ",{"type":227,"tag":310,"props":782,"children":784},{"className":783},[],[785],{"type":232,"value":786},"pulumi new",{"type":232,"value":788}," command installs the dependencies when creating the project. You can prevent this by specifying the ",{"type":227,"tag":310,"props":790,"children":792},{"className":791},[],[793],{"type":232,"value":794},"-g",{"type":232,"value":796}," option, which is useful when you want to use another package manager than the default one (",{"type":227,"tag":310,"props":798,"children":800},{"className":799},[],[801],{"type":232,"value":802},"pnpm",{"type":232,"value":804}," instead of ",{"type":227,"tag":310,"props":806,"children":808},{"className":807},[],[809],{"type":232,"value":810},"npm",{"type":232,"value":812}," for instance).",{"type":227,"tag":228,"props":814,"children":815},{},[816],{"type":232,"value":817},"This project will need 3 different providers:",{"type":227,"tag":300,"props":819,"children":820},{},[821,833,844],{"type":227,"tag":304,"props":822,"children":823},{},[824,826],{"type":232,"value":825},"the ",{"type":227,"tag":482,"props":827,"children":830},{"href":828,"rel":829},"https://www.pulumi.com/registry/packages/azure-native/",[486],[831],{"type":232,"value":832},"Azure Native provider",{"type":227,"tag":304,"props":834,"children":835},{},[836,837],{"type":232,"value":825},{"type":227,"tag":482,"props":838,"children":841},{"href":839,"rel":840},"https://www.pulumi.com/registry/packages/azuread/",[486],[842],{"type":232,"value":843},"Azure Active Directory provider",{"type":227,"tag":304,"props":845,"children":846},{},[847,848],{"type":232,"value":825},{"type":227,"tag":482,"props":849,"children":852},{"href":850,"rel":851},"https://www.pulumi.com/registry/packages/github/",[486],[853],{"type":232,"value":854},"GitHub provider",{"type":227,"tag":228,"props":856,"children":857},{},[858,860,866],{"type":232,"value":859},"So we can add the following packages to our ",{"type":227,"tag":310,"props":861,"children":863},{"className":862},[],[864],{"type":232,"value":865},"package.json",{"type":232,"value":867}," file:",{"type":227,"tag":300,"props":869,"children":870},{},[871,876,881],{"type":227,"tag":304,"props":872,"children":873},{},[874],{"type":232,"value":875},"@pulumi/azure-native",{"type":227,"tag":304,"props":877,"children":878},{},[879],{"type":232,"value":880},"@pulumi/azuread",{"type":227,"tag":304,"props":882,"children":883},{},[884],{"type":232,"value":885},"@pulumi/github",{"type":227,"tag":282,"props":887,"children":889},{"id":888},"create-the-repository-on-github",[890],{"type":232,"value":891},"Create the repository on GitHub",{"type":227,"tag":228,"props":893,"children":894},{},[895,897,904,906,913],{"type":232,"value":896},"To use the GitHub provider, we have to provide GitHub credentials. For that, we can create a personal access token (I prefer to create a ",{"type":227,"tag":482,"props":898,"children":901},{"href":899,"rel":900},"https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#fine-grained-personal-access-tokens",[486],[902],{"type":232,"value":903},"fine-grained personal access token",{"type":232,"value":905}," although a ",{"type":227,"tag":482,"props":907,"children":910},{"href":908,"rel":909},"https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens#creating-a-personal-access-token-classic",[486],[911],{"type":232,"value":912},"classic personal access token",{"type":232,"value":914}," would also work). Next, we simply set the GitHub token in our Pulumi configuration, and the GitHub provider will automatically use it:",{"type":227,"tag":644,"props":916,"children":918},{"className":646,"code":917,"language":648,"meta":207,"style":207},"pulumi config set github:token XXXXXXXXXXXXXX --secret\n",[919],{"type":227,"tag":310,"props":920,"children":921},{"__ignoreMap":207},[922],{"type":227,"tag":654,"props":923,"children":924},{"class":656,"line":657},[925,930,935],{"type":227,"tag":654,"props":926,"children":927},{"style":661},[928],{"type":232,"value":929},"pulumi config set github:token XXXXXXXXXXXXXX ",{"type":227,"tag":654,"props":931,"children":932},{"style":667},[933],{"type":232,"value":934},"--",{"type":227,"tag":654,"props":936,"children":937},{"style":661},[938],{"type":232,"value":939},"secret\n",{"type":227,"tag":411,"props":941,"children":942},{"icon":450},[943],{"type":227,"tag":228,"props":944,"children":945},{},[946,948,954],{"type":232,"value":947},"Don't forget to include the ",{"type":227,"tag":310,"props":949,"children":951},{"className":950},[],[952],{"type":232,"value":953},"--secret",{"type":232,"value":955}," option when setting sensitive configurations, as this ensures that Pulumi encrypts the information. By doing so, we can safely commit the configuration files without creating security risks.",{"type":227,"tag":228,"props":957,"children":958},{},[959],{"type":232,"value":960},"Now, it's time to create our GitHub repository!",{"type":227,"tag":644,"props":962,"children":966},{"className":963,"code":964,"language":965,"meta":207,"style":207},"language-typescript shiki shiki-themes material-theme-lighter material-theme material-theme-palenight","import * as github from \"@pulumi/github\";\n\nconst repository = new github.Repository(\"azure-ready-repository\", {\n  name: \"azure-ready-repository\",\n  visibility: \"public\",\n  autoInit: true\n});\n\nexport const repositoryCloneUrl = repository.httpCloneUrl;\n","typescript",[967],{"type":227,"tag":310,"props":968,"children":969},{"__ignoreMap":207},[970,1017,1027,1096,1128,1158,1177,1195,1203],{"type":227,"tag":654,"props":971,"children":972},{"class":656,"line":657},[973,979,984,989,994,999,1004,1008,1012],{"type":227,"tag":654,"props":974,"children":976},{"style":975},"--shiki-light:#39ADB5;--shiki-default:#89DDFF;--shiki-dark:#89DDFF;--shiki-light-font-style:italic;--shiki-default-font-style:italic;--shiki-dark-font-style:italic",[977],{"type":232,"value":978},"import",{"type":227,"tag":654,"props":980,"children":981},{"style":667},[982],{"type":232,"value":983}," *",{"type":227,"tag":654,"props":985,"children":986},{"style":975},[987],{"type":232,"value":988}," as",{"type":227,"tag":654,"props":990,"children":991},{"style":661},[992],{"type":232,"value":993}," github ",{"type":227,"tag":654,"props":995,"children":996},{"style":975},[997],{"type":232,"value":998},"from",{"type":227,"tag":654,"props":1000,"children":1001},{"style":667},[1002],{"type":232,"value":1003}," \"",{"type":227,"tag":654,"props":1005,"children":1006},{"style":700},[1007],{"type":232,"value":885},{"type":227,"tag":654,"props":1009,"children":1010},{"style":667},[1011],{"type":232,"value":262},{"type":227,"tag":654,"props":1013,"children":1014},{"style":667},[1015],{"type":232,"value":1016},";\n",{"type":227,"tag":654,"props":1018,"children":1020},{"class":656,"line":1019},2,[1021],{"type":227,"tag":654,"props":1022,"children":1024},{"emptyLinePlaceholder":1023},true,[1025],{"type":232,"value":1026},"\n",{"type":227,"tag":654,"props":1028,"children":1030},{"class":656,"line":1029},3,[1031,1037,1042,1047,1052,1057,1062,1068,1073,1077,1082,1086,1091],{"type":227,"tag":654,"props":1032,"children":1034},{"style":1033},"--shiki-light:#9C3EDA;--shiki-default:#C792EA;--shiki-dark:#C792EA",[1035],{"type":232,"value":1036},"const",{"type":227,"tag":654,"props":1038,"children":1039},{"style":661},[1040],{"type":232,"value":1041}," repository ",{"type":227,"tag":654,"props":1043,"children":1044},{"style":667},[1045],{"type":232,"value":1046},"=",{"type":227,"tag":654,"props":1048,"children":1049},{"style":667},[1050],{"type":232,"value":1051}," new",{"type":227,"tag":654,"props":1053,"children":1054},{"style":661},[1055],{"type":232,"value":1056}," github",{"type":227,"tag":654,"props":1058,"children":1059},{"style":667},[1060],{"type":232,"value":1061},".",{"type":227,"tag":654,"props":1063,"children":1065},{"style":1064},"--shiki-light:#6182B8;--shiki-default:#82AAFF;--shiki-dark:#82AAFF",[1066],{"type":232,"value":1067},"Repository",{"type":227,"tag":654,"props":1069,"children":1070},{"style":661},[1071],{"type":232,"value":1072},"(",{"type":227,"tag":654,"props":1074,"children":1075},{"style":667},[1076],{"type":232,"value":262},{"type":227,"tag":654,"props":1078,"children":1079},{"style":700},[1080],{"type":232,"value":1081},"azure-ready-repository",{"type":227,"tag":654,"props":1083,"children":1084},{"style":667},[1085],{"type":232,"value":262},{"type":227,"tag":654,"props":1087,"children":1088},{"style":667},[1089],{"type":232,"value":1090},",",{"type":227,"tag":654,"props":1092,"children":1093},{"style":667},[1094],{"type":232,"value":1095}," {\n",{"type":227,"tag":654,"props":1097,"children":1099},{"class":656,"line":1098},4,[1100,1106,1111,1115,1119,1123],{"type":227,"tag":654,"props":1101,"children":1103},{"style":1102},"--shiki-light:#E53935;--shiki-default:#F07178;--shiki-dark:#F07178",[1104],{"type":232,"value":1105},"  name",{"type":227,"tag":654,"props":1107,"children":1108},{"style":667},[1109],{"type":232,"value":1110},":",{"type":227,"tag":654,"props":1112,"children":1113},{"style":667},[1114],{"type":232,"value":1003},{"type":227,"tag":654,"props":1116,"children":1117},{"style":700},[1118],{"type":232,"value":1081},{"type":227,"tag":654,"props":1120,"children":1121},{"style":667},[1122],{"type":232,"value":262},{"type":227,"tag":654,"props":1124,"children":1125},{"style":667},[1126],{"type":232,"value":1127},",\n",{"type":227,"tag":654,"props":1129,"children":1131},{"class":656,"line":1130},5,[1132,1137,1141,1145,1150,1154],{"type":227,"tag":654,"props":1133,"children":1134},{"style":1102},[1135],{"type":232,"value":1136},"  visibility",{"type":227,"tag":654,"props":1138,"children":1139},{"style":667},[1140],{"type":232,"value":1110},{"type":227,"tag":654,"props":1142,"children":1143},{"style":667},[1144],{"type":232,"value":1003},{"type":227,"tag":654,"props":1146,"children":1147},{"style":700},[1148],{"type":232,"value":1149},"public",{"type":227,"tag":654,"props":1151,"children":1152},{"style":667},[1153],{"type":232,"value":262},{"type":227,"tag":654,"props":1155,"children":1156},{"style":667},[1157],{"type":232,"value":1127},{"type":227,"tag":654,"props":1159,"children":1161},{"class":656,"line":1160},6,[1162,1167,1171],{"type":227,"tag":654,"props":1163,"children":1164},{"style":1102},[1165],{"type":232,"value":1166},"  autoInit",{"type":227,"tag":654,"props":1168,"children":1169},{"style":667},[1170],{"type":232,"value":1110},{"type":227,"tag":654,"props":1172,"children":1174},{"style":1173},"--shiki-light:#FF5370;--shiki-default:#FF9CAC;--shiki-dark:#FF9CAC",[1175],{"type":232,"value":1176}," true\n",{"type":227,"tag":654,"props":1178,"children":1180},{"class":656,"line":1179},7,[1181,1186,1191],{"type":227,"tag":654,"props":1182,"children":1183},{"style":667},[1184],{"type":232,"value":1185},"}",{"type":227,"tag":654,"props":1187,"children":1188},{"style":661},[1189],{"type":232,"value":1190},")",{"type":227,"tag":654,"props":1192,"children":1193},{"style":667},[1194],{"type":232,"value":1016},{"type":227,"tag":654,"props":1196,"children":1198},{"class":656,"line":1197},8,[1199],{"type":227,"tag":654,"props":1200,"children":1201},{"emptyLinePlaceholder":1023},[1202],{"type":232,"value":1026},{"type":227,"tag":654,"props":1204,"children":1206},{"class":656,"line":1205},9,[1207,1212,1217,1222,1226,1231,1235,1240],{"type":227,"tag":654,"props":1208,"children":1209},{"style":975},[1210],{"type":232,"value":1211},"export",{"type":227,"tag":654,"props":1213,"children":1214},{"style":1033},[1215],{"type":232,"value":1216}," const",{"type":227,"tag":654,"props":1218,"children":1219},{"style":661},[1220],{"type":232,"value":1221}," repositoryCloneUrl ",{"type":227,"tag":654,"props":1223,"children":1224},{"style":667},[1225],{"type":232,"value":1046},{"type":227,"tag":654,"props":1227,"children":1228},{"style":661},[1229],{"type":232,"value":1230}," repository",{"type":227,"tag":654,"props":1232,"children":1233},{"style":667},[1234],{"type":232,"value":1061},{"type":227,"tag":654,"props":1236,"children":1237},{"style":661},[1238],{"type":232,"value":1239},"httpCloneUrl",{"type":227,"tag":654,"props":1241,"children":1242},{"style":667},[1243],{"type":232,"value":1016},{"type":227,"tag":228,"props":1245,"children":1246},{},[1247,1249,1256,1258,1264],{"type":232,"value":1248},"Pulumi has an ",{"type":227,"tag":482,"props":1250,"children":1253},{"href":1251,"rel":1252},"https://www.pulumi.com/docs/concepts/resources/names/#autonaming",[486],[1254],{"type":232,"value":1255},"auto-naming capability",{"type":232,"value":1257}," that is very convenient to prevent name collisions or to ensure zero-downtime resource updates. Yet, in this context, I prefer to avoid a random suffix in my GitHub repository name, that's why I am specifying the ",{"type":227,"tag":310,"props":1259,"children":1261},{"className":1260},[],[1262],{"type":232,"value":1263},"name",{"type":232,"value":1265}," property to override the auto-naming behavior.",{"type":227,"tag":228,"props":1267,"children":1268},{},[1269,1271,1278,1280,1286],{"type":232,"value":1270},"The last line creates a stack ",{"type":227,"tag":482,"props":1272,"children":1275},{"href":1273,"rel":1274},"https://www.pulumi.com/docs/concepts/stack/#outputs",[486],[1276],{"type":232,"value":1277},"output",{"type":232,"value":1279}," named ",{"type":227,"tag":310,"props":1281,"children":1283},{"className":1282},[],[1284],{"type":232,"value":1285},"repositoryCloneUrl",{"type":232,"value":1287}," so that we can easily get the URL to clone our newly created repository.",{"type":227,"tag":411,"props":1289,"children":1290},{"icon":413},[1291],{"type":227,"tag":228,"props":1292,"children":1293},{},[1294,1296,1302,1304,1310,1312,1318],{"type":232,"value":1295},"I wanted the repository to be initialized, that's why I set the ",{"type":227,"tag":310,"props":1297,"children":1299},{"className":1298},[],[1300],{"type":232,"value":1301},"autoInit",{"type":232,"value":1303}," property to ",{"type":227,"tag":310,"props":1305,"children":1307},{"className":1306},[],[1308],{"type":232,"value":1309},"true",{"type":232,"value":1311}," but you should set it to ",{"type":227,"tag":310,"props":1313,"children":1315},{"className":1314},[],[1316],{"type":232,"value":1317},"false",{"type":232,"value":1319}," if you have an existing local git repository that you want to push on this GitHub repository.",{"type":227,"tag":282,"props":1321,"children":1323},{"id":1322},"create-the-identity-in-azure-active-directory-for-the-github-actions-workflow",[1324,1326,1330],{"type":232,"value":1325},"Create the ",{"type":227,"tag":244,"props":1327,"children":1328},{},[1329],{"type":232,"value":380},{"type":232,"value":1331}," in Azure Active Directory for the GitHub Actions workflow",{"type":227,"tag":228,"props":1333,"children":1334},{},[1335],{"type":232,"value":1336},"Creating an Azure AD application and its service principal is not very complicated:",{"type":227,"tag":644,"props":1338,"children":1340},{"className":963,"code":1339,"language":965,"meta":207,"style":207},"import * as azuread from \"@pulumi/azuread\";\n\nconst aadApplication = new azuread.Application(\"AzureReadyApp\", { displayName: \"Azure Ready App\" });\nconst servicePrincipal = new azuread.ServicePrincipal(\"AzureReadServicePrincipal\", {\n  applicationId: aadApplication.applicationId,\n});\n",[1341],{"type":227,"tag":310,"props":1342,"children":1343},{"__ignoreMap":207},[1344,1384,1391,1486,1544,1574],{"type":227,"tag":654,"props":1345,"children":1346},{"class":656,"line":657},[1347,1351,1355,1359,1364,1368,1372,1376,1380],{"type":227,"tag":654,"props":1348,"children":1349},{"style":975},[1350],{"type":232,"value":978},{"type":227,"tag":654,"props":1352,"children":1353},{"style":667},[1354],{"type":232,"value":983},{"type":227,"tag":654,"props":1356,"children":1357},{"style":975},[1358],{"type":232,"value":988},{"type":227,"tag":654,"props":1360,"children":1361},{"style":661},[1362],{"type":232,"value":1363}," azuread ",{"type":227,"tag":654,"props":1365,"children":1366},{"style":975},[1367],{"type":232,"value":998},{"type":227,"tag":654,"props":1369,"children":1370},{"style":667},[1371],{"type":232,"value":1003},{"type":227,"tag":654,"props":1373,"children":1374},{"style":700},[1375],{"type":232,"value":880},{"type":227,"tag":654,"props":1377,"children":1378},{"style":667},[1379],{"type":232,"value":262},{"type":227,"tag":654,"props":1381,"children":1382},{"style":667},[1383],{"type":232,"value":1016},{"type":227,"tag":654,"props":1385,"children":1386},{"class":656,"line":1019},[1387],{"type":227,"tag":654,"props":1388,"children":1389},{"emptyLinePlaceholder":1023},[1390],{"type":232,"value":1026},{"type":227,"tag":654,"props":1392,"children":1393},{"class":656,"line":1029},[1394,1398,1403,1407,1411,1416,1420,1425,1429,1433,1438,1442,1446,1451,1456,1460,1464,1469,1473,1478,1482],{"type":227,"tag":654,"props":1395,"children":1396},{"style":1033},[1397],{"type":232,"value":1036},{"type":227,"tag":654,"props":1399,"children":1400},{"style":661},[1401],{"type":232,"value":1402}," aadApplication ",{"type":227,"tag":654,"props":1404,"children":1405},{"style":667},[1406],{"type":232,"value":1046},{"type":227,"tag":654,"props":1408,"children":1409},{"style":667},[1410],{"type":232,"value":1051},{"type":227,"tag":654,"props":1412,"children":1413},{"style":661},[1414],{"type":232,"value":1415}," azuread",{"type":227,"tag":654,"props":1417,"children":1418},{"style":667},[1419],{"type":232,"value":1061},{"type":227,"tag":654,"props":1421,"children":1422},{"style":1064},[1423],{"type":232,"value":1424},"Application",{"type":227,"tag":654,"props":1426,"children":1427},{"style":661},[1428],{"type":232,"value":1072},{"type":227,"tag":654,"props":1430,"children":1431},{"style":667},[1432],{"type":232,"value":262},{"type":227,"tag":654,"props":1434,"children":1435},{"style":700},[1436],{"type":232,"value":1437},"AzureReadyApp",{"type":227,"tag":654,"props":1439,"children":1440},{"style":667},[1441],{"type":232,"value":262},{"type":227,"tag":654,"props":1443,"children":1444},{"style":667},[1445],{"type":232,"value":1090},{"type":227,"tag":654,"props":1447,"children":1448},{"style":667},[1449],{"type":232,"value":1450}," {",{"type":227,"tag":654,"props":1452,"children":1453},{"style":1102},[1454],{"type":232,"value":1455}," displayName",{"type":227,"tag":654,"props":1457,"children":1458},{"style":667},[1459],{"type":232,"value":1110},{"type":227,"tag":654,"props":1461,"children":1462},{"style":667},[1463],{"type":232,"value":1003},{"type":227,"tag":654,"props":1465,"children":1466},{"style":700},[1467],{"type":232,"value":1468},"Azure Ready App",{"type":227,"tag":654,"props":1470,"children":1471},{"style":667},[1472],{"type":232,"value":262},{"type":227,"tag":654,"props":1474,"children":1475},{"style":667},[1476],{"type":232,"value":1477}," }",{"type":227,"tag":654,"props":1479,"children":1480},{"style":661},[1481],{"type":232,"value":1190},{"type":227,"tag":654,"props":1483,"children":1484},{"style":667},[1485],{"type":232,"value":1016},{"type":227,"tag":654,"props":1487,"children":1488},{"class":656,"line":1098},[1489,1493,1498,1502,1506,1510,1514,1519,1523,1527,1532,1536,1540],{"type":227,"tag":654,"props":1490,"children":1491},{"style":1033},[1492],{"type":232,"value":1036},{"type":227,"tag":654,"props":1494,"children":1495},{"style":661},[1496],{"type":232,"value":1497}," servicePrincipal ",{"type":227,"tag":654,"props":1499,"children":1500},{"style":667},[1501],{"type":232,"value":1046},{"type":227,"tag":654,"props":1503,"children":1504},{"style":667},[1505],{"type":232,"value":1051},{"type":227,"tag":654,"props":1507,"children":1508},{"style":661},[1509],{"type":232,"value":1415},{"type":227,"tag":654,"props":1511,"children":1512},{"style":667},[1513],{"type":232,"value":1061},{"type":227,"tag":654,"props":1515,"children":1516},{"style":1064},[1517],{"type":232,"value":1518},"ServicePrincipal",{"type":227,"tag":654,"props":1520,"children":1521},{"style":661},[1522],{"type":232,"value":1072},{"type":227,"tag":654,"props":1524,"children":1525},{"style":667},[1526],{"type":232,"value":262},{"type":227,"tag":654,"props":1528,"children":1529},{"style":700},[1530],{"type":232,"value":1531},"AzureReadServicePrincipal",{"type":227,"tag":654,"props":1533,"children":1534},{"style":667},[1535],{"type":232,"value":262},{"type":227,"tag":654,"props":1537,"children":1538},{"style":667},[1539],{"type":232,"value":1090},{"type":227,"tag":654,"props":1541,"children":1542},{"style":667},[1543],{"type":232,"value":1095},{"type":227,"tag":654,"props":1545,"children":1546},{"class":656,"line":1130},[1547,1552,1556,1561,1565,1570],{"type":227,"tag":654,"props":1548,"children":1549},{"style":1102},[1550],{"type":232,"value":1551},"  applicationId",{"type":227,"tag":654,"props":1553,"children":1554},{"style":667},[1555],{"type":232,"value":1110},{"type":227,"tag":654,"props":1557,"children":1558},{"style":661},[1559],{"type":232,"value":1560}," aadApplication",{"type":227,"tag":654,"props":1562,"children":1563},{"style":667},[1564],{"type":232,"value":1061},{"type":227,"tag":654,"props":1566,"children":1567},{"style":661},[1568],{"type":232,"value":1569},"applicationId",{"type":227,"tag":654,"props":1571,"children":1572},{"style":667},[1573],{"type":232,"value":1127},{"type":227,"tag":654,"props":1575,"children":1576},{"class":656,"line":1160},[1577,1581,1585],{"type":227,"tag":654,"props":1578,"children":1579},{"style":667},[1580],{"type":232,"value":1185},{"type":227,"tag":654,"props":1582,"children":1583},{"style":661},[1584],{"type":232,"value":1190},{"type":227,"tag":654,"props":1586,"children":1587},{"style":667},[1588],{"type":232,"value":1016},{"type":227,"tag":228,"props":1590,"children":1591},{},[1592,1594,1603],{"type":232,"value":1593},"The OIDC trust thing is a bit more complex. Fortunately, Microsoft's documentation has a detailed page ",{"type":227,"tag":482,"props":1595,"children":1597},{"href":533,"rel":1596},[486],[1598],{"type":227,"tag":244,"props":1599,"children":1600},{},[1601],{"type":232,"value":1602},"Configuring an app to trust an external identity provider",{"type":232,"value":1604}," that explains everything and shows how to add a federated identity for GitHub Actions using the Azure Portal, Azure CLI, or Azure PowerShell.",{"type":227,"tag":228,"props":1606,"children":1607},{},[1608],{"type":232,"value":1609},"Let's do the same thing using TypeScript and Pulumi Azure AD provider:",{"type":227,"tag":644,"props":1611,"children":1613},{"className":963,"code":1612,"language":965,"meta":207,"style":207},"new azuread.ApplicationFederatedIdentityCredential(\"AzureReadyAppFederatedIdentityCredential\", {\n  applicationObjectId: aadApplication.objectId,\n  displayName: \"AzureReadyDeploys\",\n  description: \"Deployments for azure-ready-repository\",\n  audiences: [\"api://AzureADTokenExchange\"],\n  issuer: \"https://token.actions.githubusercontent.com\",\n  subject: pulumi.interpolate`repo:${repository.fullName}:ref:refs/heads/main`,\n});\n",[1614],{"type":227,"tag":310,"props":1615,"children":1616},{"__ignoreMap":207},[1617,1663,1692,1721,1750,1789,1818,1890],{"type":227,"tag":654,"props":1618,"children":1619},{"class":656,"line":657},[1620,1625,1629,1633,1638,1642,1646,1651,1655,1659],{"type":227,"tag":654,"props":1621,"children":1622},{"style":667},[1623],{"type":232,"value":1624},"new",{"type":227,"tag":654,"props":1626,"children":1627},{"style":661},[1628],{"type":232,"value":1415},{"type":227,"tag":654,"props":1630,"children":1631},{"style":667},[1632],{"type":232,"value":1061},{"type":227,"tag":654,"props":1634,"children":1635},{"style":1064},[1636],{"type":232,"value":1637},"ApplicationFederatedIdentityCredential",{"type":227,"tag":654,"props":1639,"children":1640},{"style":661},[1641],{"type":232,"value":1072},{"type":227,"tag":654,"props":1643,"children":1644},{"style":667},[1645],{"type":232,"value":262},{"type":227,"tag":654,"props":1647,"children":1648},{"style":700},[1649],{"type":232,"value":1650},"AzureReadyAppFederatedIdentityCredential",{"type":227,"tag":654,"props":1652,"children":1653},{"style":667},[1654],{"type":232,"value":262},{"type":227,"tag":654,"props":1656,"children":1657},{"style":667},[1658],{"type":232,"value":1090},{"type":227,"tag":654,"props":1660,"children":1661},{"style":667},[1662],{"type":232,"value":1095},{"type":227,"tag":654,"props":1664,"children":1665},{"class":656,"line":1019},[1666,1671,1675,1679,1683,1688],{"type":227,"tag":654,"props":1667,"children":1668},{"style":1102},[1669],{"type":232,"value":1670},"  applicationObjectId",{"type":227,"tag":654,"props":1672,"children":1673},{"style":667},[1674],{"type":232,"value":1110},{"type":227,"tag":654,"props":1676,"children":1677},{"style":661},[1678],{"type":232,"value":1560},{"type":227,"tag":654,"props":1680,"children":1681},{"style":667},[1682],{"type":232,"value":1061},{"type":227,"tag":654,"props":1684,"children":1685},{"style":661},[1686],{"type":232,"value":1687},"objectId",{"type":227,"tag":654,"props":1689,"children":1690},{"style":667},[1691],{"type":232,"value":1127},{"type":227,"tag":654,"props":1693,"children":1694},{"class":656,"line":1029},[1695,1700,1704,1708,1713,1717],{"type":227,"tag":654,"props":1696,"children":1697},{"style":1102},[1698],{"type":232,"value":1699},"  displayName",{"type":227,"tag":654,"props":1701,"children":1702},{"style":667},[1703],{"type":232,"value":1110},{"type":227,"tag":654,"props":1705,"children":1706},{"style":667},[1707],{"type":232,"value":1003},{"type":227,"tag":654,"props":1709,"children":1710},{"style":700},[1711],{"type":232,"value":1712},"AzureReadyDeploys",{"type":227,"tag":654,"props":1714,"children":1715},{"style":667},[1716],{"type":232,"value":262},{"type":227,"tag":654,"props":1718,"children":1719},{"style":667},[1720],{"type":232,"value":1127},{"type":227,"tag":654,"props":1722,"children":1723},{"class":656,"line":1098},[1724,1729,1733,1737,1742,1746],{"type":227,"tag":654,"props":1725,"children":1726},{"style":1102},[1727],{"type":232,"value":1728},"  description",{"type":227,"tag":654,"props":1730,"children":1731},{"style":667},[1732],{"type":232,"value":1110},{"type":227,"tag":654,"props":1734,"children":1735},{"style":667},[1736],{"type":232,"value":1003},{"type":227,"tag":654,"props":1738,"children":1739},{"style":700},[1740],{"type":232,"value":1741},"Deployments for azure-ready-repository",{"type":227,"tag":654,"props":1743,"children":1744},{"style":667},[1745],{"type":232,"value":262},{"type":227,"tag":654,"props":1747,"children":1748},{"style":667},[1749],{"type":232,"value":1127},{"type":227,"tag":654,"props":1751,"children":1752},{"class":656,"line":1130},[1753,1758,1762,1767,1771,1776,1780,1785],{"type":227,"tag":654,"props":1754,"children":1755},{"style":1102},[1756],{"type":232,"value":1757},"  audiences",{"type":227,"tag":654,"props":1759,"children":1760},{"style":667},[1761],{"type":232,"value":1110},{"type":227,"tag":654,"props":1763,"children":1764},{"style":661},[1765],{"type":232,"value":1766}," [",{"type":227,"tag":654,"props":1768,"children":1769},{"style":667},[1770],{"type":232,"value":262},{"type":227,"tag":654,"props":1772,"children":1773},{"style":700},[1774],{"type":232,"value":1775},"api://AzureADTokenExchange",{"type":227,"tag":654,"props":1777,"children":1778},{"style":667},[1779],{"type":232,"value":262},{"type":227,"tag":654,"props":1781,"children":1782},{"style":661},[1783],{"type":232,"value":1784},"]",{"type":227,"tag":654,"props":1786,"children":1787},{"style":667},[1788],{"type":232,"value":1127},{"type":227,"tag":654,"props":1790,"children":1791},{"class":656,"line":1160},[1792,1797,1801,1805,1810,1814],{"type":227,"tag":654,"props":1793,"children":1794},{"style":1102},[1795],{"type":232,"value":1796},"  issuer",{"type":227,"tag":654,"props":1798,"children":1799},{"style":667},[1800],{"type":232,"value":1110},{"type":227,"tag":654,"props":1802,"children":1803},{"style":667},[1804],{"type":232,"value":1003},{"type":227,"tag":654,"props":1806,"children":1807},{"style":700},[1808],{"type":232,"value":1809},"https://token.actions.githubusercontent.com",{"type":227,"tag":654,"props":1811,"children":1812},{"style":667},[1813],{"type":232,"value":262},{"type":227,"tag":654,"props":1815,"children":1816},{"style":667},[1817],{"type":232,"value":1127},{"type":227,"tag":654,"props":1819,"children":1820},{"class":656,"line":1179},[1821,1826,1830,1835,1839,1844,1849,1854,1859,1864,1868,1873,1877,1882,1886],{"type":227,"tag":654,"props":1822,"children":1823},{"style":1102},[1824],{"type":232,"value":1825},"  subject",{"type":227,"tag":654,"props":1827,"children":1828},{"style":667},[1829],{"type":232,"value":1110},{"type":227,"tag":654,"props":1831,"children":1832},{"style":661},[1833],{"type":232,"value":1834}," pulumi",{"type":227,"tag":654,"props":1836,"children":1837},{"style":667},[1838],{"type":232,"value":1061},{"type":227,"tag":654,"props":1840,"children":1841},{"style":1064},[1842],{"type":232,"value":1843},"interpolate",{"type":227,"tag":654,"props":1845,"children":1846},{"style":667},[1847],{"type":232,"value":1848},"`",{"type":227,"tag":654,"props":1850,"children":1851},{"style":700},[1852],{"type":232,"value":1853},"repo:",{"type":227,"tag":654,"props":1855,"children":1856},{"style":667},[1857],{"type":232,"value":1858},"${",{"type":227,"tag":654,"props":1860,"children":1861},{"style":661},[1862],{"type":232,"value":1863},"repository",{"type":227,"tag":654,"props":1865,"children":1866},{"style":667},[1867],{"type":232,"value":1061},{"type":227,"tag":654,"props":1869,"children":1870},{"style":661},[1871],{"type":232,"value":1872},"fullName",{"type":227,"tag":654,"props":1874,"children":1875},{"style":667},[1876],{"type":232,"value":1185},{"type":227,"tag":654,"props":1878,"children":1879},{"style":700},[1880],{"type":232,"value":1881},":ref:refs/heads/main",{"type":227,"tag":654,"props":1883,"children":1884},{"style":667},[1885],{"type":232,"value":1848},{"type":227,"tag":654,"props":1887,"children":1888},{"style":667},[1889],{"type":232,"value":1127},{"type":227,"tag":654,"props":1891,"children":1892},{"class":656,"line":1197},[1893,1897,1901],{"type":227,"tag":654,"props":1894,"children":1895},{"style":667},[1896],{"type":232,"value":1185},{"type":227,"tag":654,"props":1898,"children":1899},{"style":661},[1900],{"type":232,"value":1190},{"type":227,"tag":654,"props":1902,"children":1903},{"style":667},[1904],{"type":232,"value":1016},{"type":227,"tag":228,"props":1906,"children":1907},{},[1908,1910,1916,1918,1923,1925,1930],{"type":232,"value":1909},"The ",{"type":227,"tag":310,"props":1911,"children":1913},{"className":1912},[],[1914],{"type":232,"value":1915},"subject",{"type":232,"value":1917}," property is what identifies the repository where the GitHub Actions workflow will be authorized to exchange its GitHub token for an Azure access token. It's worth noting that it will only work if the GitHub Actions workflow is run on the git reference (branch or tag) or the environment you specify in ",{"type":227,"tag":310,"props":1919,"children":1921},{"className":1920},[],[1922],{"type":232,"value":1915},{"type":232,"value":1924},". You can also specify that only workflows triggered by a pull request should be authorized. Here, I have used the ",{"type":227,"tag":310,"props":1926,"children":1928},{"className":1927},[],[1929],{"type":232,"value":315},{"type":232,"value":1931}," branch but I could create multiple Federated Identity Credentials with different subjects if needed.",{"type":227,"tag":228,"props":1933,"children":1934},{},[1935],{"type":232,"value":1936},"With this configuration, the GitHub Actions workflow we create next will be able to obtain a valid Azure access token.",{"type":227,"tag":228,"props":1938,"children":1939},{},[1940,1942,1949],{"type":232,"value":1941},"If you are interested in gaining a better understanding of how all this works, you can refer to ",{"type":227,"tag":482,"props":1943,"children":1946},{"href":1944,"rel":1945},"https://learn.microsoft.com/en-us/azure/active-directory/workload-identities/workload-identity-federation#how-it-works",[486],[1947],{"type":232,"value":1948},"this diagram",{"type":232,"value":1950}," from Microsoft's documentation (with GitHub serving as the external identity provider in our case).",{"type":227,"tag":228,"props":1952,"children":1953},{},[1954],{"type":227,"tag":273,"props":1955,"children":1959},{"alt":1956,"className":1957,"src":1958},"Sequence diagram explaining Azure OIDC.",[277,278],"/posts/images/azurereadygithub_identityfederation.webp",[],{"type":227,"tag":282,"props":1961,"children":1963},{"id":1962},"authorize-the-service-principal-to-provision-resources-on-the-subscription",[1964],{"type":232,"value":1965},"Authorize the Service Principal to provision resources on the subscription",{"type":227,"tag":228,"props":1967,"children":1968},{},[1969],{"type":232,"value":1970},"We have created everything we need to get a valid Azure access token, but we still have not authorized the application to provision resources on our subscription.",{"type":227,"tag":228,"props":1972,"children":1973},{},[1974],{"type":232,"value":1975},"We can do that by giving the Contributor role to our service principal.",{"type":227,"tag":644,"props":1977,"children":1979},{"className":963,"code":1978,"language":965,"meta":207,"style":207},"import * as authorization from \"@pulumi/azure-native/authorization\";\nimport { azureBuiltInRoles } from \"./builtInRoles\";\n\nnew authorization.RoleAssignment(\"contributor\", {\n  principalId: servicePrincipal.id,\n  principalType: authorization.PrincipalType.ServicePrincipal,\n  roleDefinitionId: azureBuiltInRoles.contributor,\n  scope: pulumi.interpolate`/subscriptions/${subscriptionId}`,\n});\n",[1980],{"type":227,"tag":310,"props":1981,"children":1982},{"__ignoreMap":207},[1983,2024,2066,2073,2119,2149,2186,2214,2265],{"type":227,"tag":654,"props":1984,"children":1985},{"class":656,"line":657},[1986,1990,1994,1998,2003,2007,2011,2016,2020],{"type":227,"tag":654,"props":1987,"children":1988},{"style":975},[1989],{"type":232,"value":978},{"type":227,"tag":654,"props":1991,"children":1992},{"style":667},[1993],{"type":232,"value":983},{"type":227,"tag":654,"props":1995,"children":1996},{"style":975},[1997],{"type":232,"value":988},{"type":227,"tag":654,"props":1999,"children":2000},{"style":661},[2001],{"type":232,"value":2002}," authorization ",{"type":227,"tag":654,"props":2004,"children":2005},{"style":975},[2006],{"type":232,"value":998},{"type":227,"tag":654,"props":2008,"children":2009},{"style":667},[2010],{"type":232,"value":1003},{"type":227,"tag":654,"props":2012,"children":2013},{"style":700},[2014],{"type":232,"value":2015},"@pulumi/azure-native/authorization",{"type":227,"tag":654,"props":2017,"children":2018},{"style":667},[2019],{"type":232,"value":262},{"type":227,"tag":654,"props":2021,"children":2022},{"style":667},[2023],{"type":232,"value":1016},{"type":227,"tag":654,"props":2025,"children":2026},{"class":656,"line":1019},[2027,2031,2035,2040,2044,2049,2053,2058,2062],{"type":227,"tag":654,"props":2028,"children":2029},{"style":975},[2030],{"type":232,"value":978},{"type":227,"tag":654,"props":2032,"children":2033},{"style":667},[2034],{"type":232,"value":1450},{"type":227,"tag":654,"props":2036,"children":2037},{"style":661},[2038],{"type":232,"value":2039}," azureBuiltInRoles",{"type":227,"tag":654,"props":2041,"children":2042},{"style":667},[2043],{"type":232,"value":1477},{"type":227,"tag":654,"props":2045,"children":2046},{"style":975},[2047],{"type":232,"value":2048}," from",{"type":227,"tag":654,"props":2050,"children":2051},{"style":667},[2052],{"type":232,"value":1003},{"type":227,"tag":654,"props":2054,"children":2055},{"style":700},[2056],{"type":232,"value":2057},"./builtInRoles",{"type":227,"tag":654,"props":2059,"children":2060},{"style":667},[2061],{"type":232,"value":262},{"type":227,"tag":654,"props":2063,"children":2064},{"style":667},[2065],{"type":232,"value":1016},{"type":227,"tag":654,"props":2067,"children":2068},{"class":656,"line":1029},[2069],{"type":227,"tag":654,"props":2070,"children":2071},{"emptyLinePlaceholder":1023},[2072],{"type":232,"value":1026},{"type":227,"tag":654,"props":2074,"children":2075},{"class":656,"line":1098},[2076,2080,2085,2089,2094,2098,2102,2107,2111,2115],{"type":227,"tag":654,"props":2077,"children":2078},{"style":667},[2079],{"type":232,"value":1624},{"type":227,"tag":654,"props":2081,"children":2082},{"style":661},[2083],{"type":232,"value":2084}," authorization",{"type":227,"tag":654,"props":2086,"children":2087},{"style":667},[2088],{"type":232,"value":1061},{"type":227,"tag":654,"props":2090,"children":2091},{"style":1064},[2092],{"type":232,"value":2093},"RoleAssignment",{"type":227,"tag":654,"props":2095,"children":2096},{"style":661},[2097],{"type":232,"value":1072},{"type":227,"tag":654,"props":2099,"children":2100},{"style":667},[2101],{"type":232,"value":262},{"type":227,"tag":654,"props":2103,"children":2104},{"style":700},[2105],{"type":232,"value":2106},"contributor",{"type":227,"tag":654,"props":2108,"children":2109},{"style":667},[2110],{"type":232,"value":262},{"type":227,"tag":654,"props":2112,"children":2113},{"style":667},[2114],{"type":232,"value":1090},{"type":227,"tag":654,"props":2116,"children":2117},{"style":667},[2118],{"type":232,"value":1095},{"type":227,"tag":654,"props":2120,"children":2121},{"class":656,"line":1130},[2122,2127,2131,2136,2140,2145],{"type":227,"tag":654,"props":2123,"children":2124},{"style":1102},[2125],{"type":232,"value":2126},"  principalId",{"type":227,"tag":654,"props":2128,"children":2129},{"style":667},[2130],{"type":232,"value":1110},{"type":227,"tag":654,"props":2132,"children":2133},{"style":661},[2134],{"type":232,"value":2135}," servicePrincipal",{"type":227,"tag":654,"props":2137,"children":2138},{"style":667},[2139],{"type":232,"value":1061},{"type":227,"tag":654,"props":2141,"children":2142},{"style":661},[2143],{"type":232,"value":2144},"id",{"type":227,"tag":654,"props":2146,"children":2147},{"style":667},[2148],{"type":232,"value":1127},{"type":227,"tag":654,"props":2150,"children":2151},{"class":656,"line":1160},[2152,2157,2161,2165,2169,2174,2178,2182],{"type":227,"tag":654,"props":2153,"children":2154},{"style":1102},[2155],{"type":232,"value":2156},"  principalType",{"type":227,"tag":654,"props":2158,"children":2159},{"style":667},[2160],{"type":232,"value":1110},{"type":227,"tag":654,"props":2162,"children":2163},{"style":661},[2164],{"type":232,"value":2084},{"type":227,"tag":654,"props":2166,"children":2167},{"style":667},[2168],{"type":232,"value":1061},{"type":227,"tag":654,"props":2170,"children":2171},{"style":661},[2172],{"type":232,"value":2173},"PrincipalType",{"type":227,"tag":654,"props":2175,"children":2176},{"style":667},[2177],{"type":232,"value":1061},{"type":227,"tag":654,"props":2179,"children":2180},{"style":661},[2181],{"type":232,"value":1518},{"type":227,"tag":654,"props":2183,"children":2184},{"style":667},[2185],{"type":232,"value":1127},{"type":227,"tag":654,"props":2187,"children":2188},{"class":656,"line":1179},[2189,2194,2198,2202,2206,2210],{"type":227,"tag":654,"props":2190,"children":2191},{"style":1102},[2192],{"type":232,"value":2193},"  roleDefinitionId",{"type":227,"tag":654,"props":2195,"children":2196},{"style":667},[2197],{"type":232,"value":1110},{"type":227,"tag":654,"props":2199,"children":2200},{"style":661},[2201],{"type":232,"value":2039},{"type":227,"tag":654,"props":2203,"children":2204},{"style":667},[2205],{"type":232,"value":1061},{"type":227,"tag":654,"props":2207,"children":2208},{"style":661},[2209],{"type":232,"value":2106},{"type":227,"tag":654,"props":2211,"children":2212},{"style":667},[2213],{"type":232,"value":1127},{"type":227,"tag":654,"props":2215,"children":2216},{"class":656,"line":1197},[2217,2222,2226,2230,2234,2238,2242,2247,2251,2256,2261],{"type":227,"tag":654,"props":2218,"children":2219},{"style":1102},[2220],{"type":232,"value":2221},"  scope",{"type":227,"tag":654,"props":2223,"children":2224},{"style":667},[2225],{"type":232,"value":1110},{"type":227,"tag":654,"props":2227,"children":2228},{"style":661},[2229],{"type":232,"value":1834},{"type":227,"tag":654,"props":2231,"children":2232},{"style":667},[2233],{"type":232,"value":1061},{"type":227,"tag":654,"props":2235,"children":2236},{"style":1064},[2237],{"type":232,"value":1843},{"type":227,"tag":654,"props":2239,"children":2240},{"style":667},[2241],{"type":232,"value":1848},{"type":227,"tag":654,"props":2243,"children":2244},{"style":700},[2245],{"type":232,"value":2246},"/subscriptions/",{"type":227,"tag":654,"props":2248,"children":2249},{"style":667},[2250],{"type":232,"value":1858},{"type":227,"tag":654,"props":2252,"children":2253},{"style":661},[2254],{"type":232,"value":2255},"subscriptionId",{"type":227,"tag":654,"props":2257,"children":2258},{"style":667},[2259],{"type":232,"value":2260},"}`",{"type":227,"tag":654,"props":2262,"children":2263},{"style":667},[2264],{"type":232,"value":1127},{"type":227,"tag":654,"props":2266,"children":2267},{"class":656,"line":1205},[2268,2272,2276],{"type":227,"tag":654,"props":2269,"children":2270},{"style":667},[2271],{"type":232,"value":1185},{"type":227,"tag":654,"props":2273,"children":2274},{"style":661},[2275],{"type":232,"value":1190},{"type":227,"tag":654,"props":2277,"children":2278},{"style":667},[2279],{"type":232,"value":1016},{"type":227,"tag":228,"props":2281,"children":2282},{},[2283,2285,2290],{"type":232,"value":2284},"I intentionally did not declare the variable ",{"type":227,"tag":310,"props":2286,"children":2288},{"className":2287},[],[2289],{"type":232,"value":2255},{"type":232,"value":2291}," in the code above. It's because it's up to you to choose how you will provide it. You may want to set it in the configuration and retrieve it from it :",{"type":227,"tag":644,"props":2293,"children":2295},{"className":963,"code":2294,"language":965,"meta":207,"style":207},"const config = new pulumi.Config();\nconst subscriptionId = config.get(\"subscriptionId\");\n",[2296],{"type":227,"tag":310,"props":2297,"children":2298},{"__ignoreMap":207},[2299,2341],{"type":227,"tag":654,"props":2300,"children":2301},{"class":656,"line":657},[2302,2306,2311,2315,2319,2323,2327,2332,2337],{"type":227,"tag":654,"props":2303,"children":2304},{"style":1033},[2305],{"type":232,"value":1036},{"type":227,"tag":654,"props":2307,"children":2308},{"style":661},[2309],{"type":232,"value":2310}," config ",{"type":227,"tag":654,"props":2312,"children":2313},{"style":667},[2314],{"type":232,"value":1046},{"type":227,"tag":654,"props":2316,"children":2317},{"style":667},[2318],{"type":232,"value":1051},{"type":227,"tag":654,"props":2320,"children":2321},{"style":661},[2322],{"type":232,"value":1834},{"type":227,"tag":654,"props":2324,"children":2325},{"style":667},[2326],{"type":232,"value":1061},{"type":227,"tag":654,"props":2328,"children":2329},{"style":1064},[2330],{"type":232,"value":2331},"Config",{"type":227,"tag":654,"props":2333,"children":2334},{"style":661},[2335],{"type":232,"value":2336},"()",{"type":227,"tag":654,"props":2338,"children":2339},{"style":667},[2340],{"type":232,"value":1016},{"type":227,"tag":654,"props":2342,"children":2343},{"class":656,"line":1019},[2344,2348,2353,2357,2362,2366,2371,2375,2379,2383,2387,2391],{"type":227,"tag":654,"props":2345,"children":2346},{"style":1033},[2347],{"type":232,"value":1036},{"type":227,"tag":654,"props":2349,"children":2350},{"style":661},[2351],{"type":232,"value":2352}," subscriptionId ",{"type":227,"tag":654,"props":2354,"children":2355},{"style":667},[2356],{"type":232,"value":1046},{"type":227,"tag":654,"props":2358,"children":2359},{"style":661},[2360],{"type":232,"value":2361}," config",{"type":227,"tag":654,"props":2363,"children":2364},{"style":667},[2365],{"type":232,"value":1061},{"type":227,"tag":654,"props":2367,"children":2368},{"style":1064},[2369],{"type":232,"value":2370},"get",{"type":227,"tag":654,"props":2372,"children":2373},{"style":661},[2374],{"type":232,"value":1072},{"type":227,"tag":654,"props":2376,"children":2377},{"style":667},[2378],{"type":232,"value":262},{"type":227,"tag":654,"props":2380,"children":2381},{"style":700},[2382],{"type":232,"value":2255},{"type":227,"tag":654,"props":2384,"children":2385},{"style":667},[2386],{"type":232,"value":262},{"type":227,"tag":654,"props":2388,"children":2389},{"style":661},[2390],{"type":232,"value":1190},{"type":227,"tag":654,"props":2392,"children":2393},{"style":667},[2394],{"type":232,"value":1016},{"type":227,"tag":228,"props":2396,"children":2397},{},[2398],{"type":232,"value":2399},"Or your might want to retrieve it from the current configuration of the Azure native provider :",{"type":227,"tag":644,"props":2401,"children":2403},{"className":963,"code":2402,"language":965,"meta":207,"style":207},"const azureConfig = pulumi.output(authorization.getClientConfig());\nconst subscriptionId = azureConfig.subscriptionId;\n",[2404],{"type":227,"tag":310,"props":2405,"children":2406},{"__ignoreMap":207},[2407,2458],{"type":227,"tag":654,"props":2408,"children":2409},{"class":656,"line":657},[2410,2414,2419,2423,2427,2431,2435,2440,2444,2449,2454],{"type":227,"tag":654,"props":2411,"children":2412},{"style":1033},[2413],{"type":232,"value":1036},{"type":227,"tag":654,"props":2415,"children":2416},{"style":661},[2417],{"type":232,"value":2418}," azureConfig ",{"type":227,"tag":654,"props":2420,"children":2421},{"style":667},[2422],{"type":232,"value":1046},{"type":227,"tag":654,"props":2424,"children":2425},{"style":661},[2426],{"type":232,"value":1834},{"type":227,"tag":654,"props":2428,"children":2429},{"style":667},[2430],{"type":232,"value":1061},{"type":227,"tag":654,"props":2432,"children":2433},{"style":1064},[2434],{"type":232,"value":1277},{"type":227,"tag":654,"props":2436,"children":2437},{"style":661},[2438],{"type":232,"value":2439},"(authorization",{"type":227,"tag":654,"props":2441,"children":2442},{"style":667},[2443],{"type":232,"value":1061},{"type":227,"tag":654,"props":2445,"children":2446},{"style":1064},[2447],{"type":232,"value":2448},"getClientConfig",{"type":227,"tag":654,"props":2450,"children":2451},{"style":661},[2452],{"type":232,"value":2453},"())",{"type":227,"tag":654,"props":2455,"children":2456},{"style":667},[2457],{"type":232,"value":1016},{"type":227,"tag":654,"props":2459,"children":2460},{"class":656,"line":1019},[2461,2465,2469,2473,2478,2482,2486],{"type":227,"tag":654,"props":2462,"children":2463},{"style":1033},[2464],{"type":232,"value":1036},{"type":227,"tag":654,"props":2466,"children":2467},{"style":661},[2468],{"type":232,"value":2352},{"type":227,"tag":654,"props":2470,"children":2471},{"style":667},[2472],{"type":232,"value":1046},{"type":227,"tag":654,"props":2474,"children":2475},{"style":661},[2476],{"type":232,"value":2477}," azureConfig",{"type":227,"tag":654,"props":2479,"children":2480},{"style":667},[2481],{"type":232,"value":1061},{"type":227,"tag":654,"props":2483,"children":2484},{"style":661},[2485],{"type":232,"value":2255},{"type":227,"tag":654,"props":2487,"children":2488},{"style":667},[2489],{"type":232,"value":1016},{"type":227,"tag":228,"props":2491,"children":2492},{},[2493,2495,2502,2504,2510],{"type":232,"value":2494},"Concerning, the contributor role definition identifier, I could have dynamically retrieved it using Azure APIs (like ",{"type":227,"tag":482,"props":2496,"children":2499},{"href":2497,"rel":2498},"https://github.com/pulumi/examples/blob/master/azure-ts-call-azure-sdk/index.ts",[486],[2500],{"type":232,"value":2501},"here",{"type":232,"value":2503},"). But honestly, as these identifiers don't change it's much easier to hardcode it in a dedicated ",{"type":227,"tag":310,"props":2505,"children":2507},{"className":2506},[],[2508],{"type":232,"value":2509},"builtInRoles.ts",{"type":232,"value":2511}," file.",{"type":227,"tag":644,"props":2513,"children":2515},{"className":963,"code":2514,"language":965,"meta":207,"style":207},"export const azureBuiltInRoles = {\n  contributor : \"/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c\"\n};\n",[2516],{"type":227,"tag":310,"props":2517,"children":2518},{"__ignoreMap":207},[2519,2543,2568],{"type":227,"tag":654,"props":2520,"children":2521},{"class":656,"line":657},[2522,2526,2530,2535,2539],{"type":227,"tag":654,"props":2523,"children":2524},{"style":975},[2525],{"type":232,"value":1211},{"type":227,"tag":654,"props":2527,"children":2528},{"style":1033},[2529],{"type":232,"value":1216},{"type":227,"tag":654,"props":2531,"children":2532},{"style":661},[2533],{"type":232,"value":2534}," azureBuiltInRoles ",{"type":227,"tag":654,"props":2536,"children":2537},{"style":667},[2538],{"type":232,"value":1046},{"type":227,"tag":654,"props":2540,"children":2541},{"style":667},[2542],{"type":232,"value":1095},{"type":227,"tag":654,"props":2544,"children":2545},{"class":656,"line":1019},[2546,2551,2555,2559,2564],{"type":227,"tag":654,"props":2547,"children":2548},{"style":1102},[2549],{"type":232,"value":2550},"  contributor ",{"type":227,"tag":654,"props":2552,"children":2553},{"style":667},[2554],{"type":232,"value":1110},{"type":227,"tag":654,"props":2556,"children":2557},{"style":667},[2558],{"type":232,"value":1003},{"type":227,"tag":654,"props":2560,"children":2561},{"style":700},[2562],{"type":232,"value":2563},"/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c",{"type":227,"tag":654,"props":2565,"children":2566},{"style":667},[2567],{"type":232,"value":708},{"type":227,"tag":654,"props":2569,"children":2570},{"class":656,"line":1029},[2571],{"type":227,"tag":654,"props":2572,"children":2573},{"style":667},[2574],{"type":232,"value":2575},"};\n",{"type":227,"tag":411,"props":2577,"children":2578},{"icon":568},[2579],{"type":227,"tag":228,"props":2580,"children":2581},{},[2582],{"type":232,"value":2583},"Please note that you don't have to work on the subscription scope. If you prefer to assign the contributor role (or any other role) to an existing resource group rather than the entire subscription, you can certainly do that as well.",{"type":227,"tag":282,"props":2585,"children":2587},{"id":2586},"add-the-configuration-for-the-github-actions-workflow",[2588],{"type":232,"value":2589},"Add the configuration for the GitHub Actions workflow",{"type":227,"tag":228,"props":2591,"children":2592},{},[2593],{"type":232,"value":2594},"The next step is to correctly set the configuration for the GitHub Actions of our Azure-Ready GitHub repository.",{"type":227,"tag":228,"props":2596,"children":2597},{},[2598],{"type":232,"value":2599},"The workflow requires three pieces of information for the OIDC authentication to function properly:",{"type":227,"tag":2601,"props":2602,"children":2603},"ol",{},[2604,2609,2614],{"type":227,"tag":304,"props":2605,"children":2606},{},[2607],{"type":232,"value":2608},"The identifier of the Azure tenant",{"type":227,"tag":304,"props":2610,"children":2611},{},[2612],{"type":232,"value":2613},"The identifier of the Azure subscription",{"type":227,"tag":304,"props":2615,"children":2616},{},[2617],{"type":232,"value":2618},"The application identifier (also known as client ID) of the previously created Azure AD application",{"type":227,"tag":228,"props":2620,"children":2621},{},[2622],{"type":232,"value":2623},"These identifiers are not secrets, they are just identifiers so we could directly set them as GitHub Actions variables like this:",{"type":227,"tag":644,"props":2625,"children":2627},{"className":963,"code":2626,"language":965,"meta":207,"style":207},"new github.ActionsVariable(\"tenantId\", {\n  repository: repository.name,\n  variableName: \"ARM_TENANT_ID\",\n  value: azureConfig.tenantId,\n});\n",[2628],{"type":227,"tag":310,"props":2629,"children":2630},{"__ignoreMap":207},[2631,2676,2704,2733,2761],{"type":227,"tag":654,"props":2632,"children":2633},{"class":656,"line":657},[2634,2638,2642,2646,2651,2655,2659,2664,2668,2672],{"type":227,"tag":654,"props":2635,"children":2636},{"style":667},[2637],{"type":232,"value":1624},{"type":227,"tag":654,"props":2639,"children":2640},{"style":661},[2641],{"type":232,"value":1056},{"type":227,"tag":654,"props":2643,"children":2644},{"style":667},[2645],{"type":232,"value":1061},{"type":227,"tag":654,"props":2647,"children":2648},{"style":1064},[2649],{"type":232,"value":2650},"ActionsVariable",{"type":227,"tag":654,"props":2652,"children":2653},{"style":661},[2654],{"type":232,"value":1072},{"type":227,"tag":654,"props":2656,"children":2657},{"style":667},[2658],{"type":232,"value":262},{"type":227,"tag":654,"props":2660,"children":2661},{"style":700},[2662],{"type":232,"value":2663},"tenantId",{"type":227,"tag":654,"props":2665,"children":2666},{"style":667},[2667],{"type":232,"value":262},{"type":227,"tag":654,"props":2669,"children":2670},{"style":667},[2671],{"type":232,"value":1090},{"type":227,"tag":654,"props":2673,"children":2674},{"style":667},[2675],{"type":232,"value":1095},{"type":227,"tag":654,"props":2677,"children":2678},{"class":656,"line":1019},[2679,2684,2688,2692,2696,2700],{"type":227,"tag":654,"props":2680,"children":2681},{"style":1102},[2682],{"type":232,"value":2683},"  repository",{"type":227,"tag":654,"props":2685,"children":2686},{"style":667},[2687],{"type":232,"value":1110},{"type":227,"tag":654,"props":2689,"children":2690},{"style":661},[2691],{"type":232,"value":1230},{"type":227,"tag":654,"props":2693,"children":2694},{"style":667},[2695],{"type":232,"value":1061},{"type":227,"tag":654,"props":2697,"children":2698},{"style":661},[2699],{"type":232,"value":1263},{"type":227,"tag":654,"props":2701,"children":2702},{"style":667},[2703],{"type":232,"value":1127},{"type":227,"tag":654,"props":2705,"children":2706},{"class":656,"line":1029},[2707,2712,2716,2720,2725,2729],{"type":227,"tag":654,"props":2708,"children":2709},{"style":1102},[2710],{"type":232,"value":2711},"  variableName",{"type":227,"tag":654,"props":2713,"children":2714},{"style":667},[2715],{"type":232,"value":1110},{"type":227,"tag":654,"props":2717,"children":2718},{"style":667},[2719],{"type":232,"value":1003},{"type":227,"tag":654,"props":2721,"children":2722},{"style":700},[2723],{"type":232,"value":2724},"ARM_TENANT_ID",{"type":227,"tag":654,"props":2726,"children":2727},{"style":667},[2728],{"type":232,"value":262},{"type":227,"tag":654,"props":2730,"children":2731},{"style":667},[2732],{"type":232,"value":1127},{"type":227,"tag":654,"props":2734,"children":2735},{"class":656,"line":1098},[2736,2741,2745,2749,2753,2757],{"type":227,"tag":654,"props":2737,"children":2738},{"style":1102},[2739],{"type":232,"value":2740},"  value",{"type":227,"tag":654,"props":2742,"children":2743},{"style":667},[2744],{"type":232,"value":1110},{"type":227,"tag":654,"props":2746,"children":2747},{"style":661},[2748],{"type":232,"value":2477},{"type":227,"tag":654,"props":2750,"children":2751},{"style":667},[2752],{"type":232,"value":1061},{"type":227,"tag":654,"props":2754,"children":2755},{"style":661},[2756],{"type":232,"value":2663},{"type":227,"tag":654,"props":2758,"children":2759},{"style":667},[2760],{"type":232,"value":1127},{"type":227,"tag":654,"props":2762,"children":2763},{"class":656,"line":1130},[2764,2768,2772],{"type":227,"tag":654,"props":2765,"children":2766},{"style":667},[2767],{"type":232,"value":1185},{"type":227,"tag":654,"props":2769,"children":2770},{"style":661},[2771],{"type":232,"value":1190},{"type":227,"tag":654,"props":2773,"children":2774},{"style":667},[2775],{"type":232,"value":1016},{"type":227,"tag":228,"props":2777,"children":2778},{},[2779],{"type":232,"value":2780},"However, I like to keep my tenant id and my subscription id private so we will store them in GitHub secrets but that's not mandatory at all.",{"type":227,"tag":644,"props":2782,"children":2784},{"className":963,"code":2783,"language":965,"meta":207,"style":207},"const azureConfig = pulumi.output(authorization.getClientConfig());\n\nnew github.ActionsSecret(\"tenantId\", {\n  repository: repository.name,\n  secretName: \"ARM_TENANT_ID\",\n  plaintextValue: azureConfig.tenantId,\n});\n\nnew github.ActionsSecret(\"subscriptionId\", {\n  repository: repository.name,\n  secretName: \"ARM_SUBSCRIPTION_ID\",\n  plaintextValue: azureConfig.subscriptionId,\n});\n\nnew github.ActionsSecret(\"clientId\", {\n  repository: repository.name,\n  secretName: \"ARM_CLIENT_ID\",\n  plaintextValue: aadApplication.applicationId,\n});\n",[2785],{"type":227,"tag":310,"props":2786,"children":2787},{"__ignoreMap":207},[2788,2835,2842,2886,2913,2941,2969,2984,2991,3034,3062,3091,3119,3135,3143,3188,3216,3245,3273],{"type":227,"tag":654,"props":2789,"children":2790},{"class":656,"line":657},[2791,2795,2799,2803,2807,2811,2815,2819,2823,2827,2831],{"type":227,"tag":654,"props":2792,"children":2793},{"style":1033},[2794],{"type":232,"value":1036},{"type":227,"tag":654,"props":2796,"children":2797},{"style":661},[2798],{"type":232,"value":2418},{"type":227,"tag":654,"props":2800,"children":2801},{"style":667},[2802],{"type":232,"value":1046},{"type":227,"tag":654,"props":2804,"children":2805},{"style":661},[2806],{"type":232,"value":1834},{"type":227,"tag":654,"props":2808,"children":2809},{"style":667},[2810],{"type":232,"value":1061},{"type":227,"tag":654,"props":2812,"children":2813},{"style":1064},[2814],{"type":232,"value":1277},{"type":227,"tag":654,"props":2816,"children":2817},{"style":661},[2818],{"type":232,"value":2439},{"type":227,"tag":654,"props":2820,"children":2821},{"style":667},[2822],{"type":232,"value":1061},{"type":227,"tag":654,"props":2824,"children":2825},{"style":1064},[2826],{"type":232,"value":2448},{"type":227,"tag":654,"props":2828,"children":2829},{"style":661},[2830],{"type":232,"value":2453},{"type":227,"tag":654,"props":2832,"children":2833},{"style":667},[2834],{"type":232,"value":1016},{"type":227,"tag":654,"props":2836,"children":2837},{"class":656,"line":1019},[2838],{"type":227,"tag":654,"props":2839,"children":2840},{"emptyLinePlaceholder":1023},[2841],{"type":232,"value":1026},{"type":227,"tag":654,"props":2843,"children":2844},{"class":656,"line":1029},[2845,2849,2853,2857,2862,2866,2870,2874,2878,2882],{"type":227,"tag":654,"props":2846,"children":2847},{"style":667},[2848],{"type":232,"value":1624},{"type":227,"tag":654,"props":2850,"children":2851},{"style":661},[2852],{"type":232,"value":1056},{"type":227,"tag":654,"props":2854,"children":2855},{"style":667},[2856],{"type":232,"value":1061},{"type":227,"tag":654,"props":2858,"children":2859},{"style":1064},[2860],{"type":232,"value":2861},"ActionsSecret",{"type":227,"tag":654,"props":2863,"children":2864},{"style":661},[2865],{"type":232,"value":1072},{"type":227,"tag":654,"props":2867,"children":2868},{"style":667},[2869],{"type":232,"value":262},{"type":227,"tag":654,"props":2871,"children":2872},{"style":700},[2873],{"type":232,"value":2663},{"type":227,"tag":654,"props":2875,"children":2876},{"style":667},[2877],{"type":232,"value":262},{"type":227,"tag":654,"props":2879,"children":2880},{"style":667},[2881],{"type":232,"value":1090},{"type":227,"tag":654,"props":2883,"children":2884},{"style":667},[2885],{"type":232,"value":1095},{"type":227,"tag":654,"props":2887,"children":2888},{"class":656,"line":1098},[2889,2893,2897,2901,2905,2909],{"type":227,"tag":654,"props":2890,"children":2891},{"style":1102},[2892],{"type":232,"value":2683},{"type":227,"tag":654,"props":2894,"children":2895},{"style":667},[2896],{"type":232,"value":1110},{"type":227,"tag":654,"props":2898,"children":2899},{"style":661},[2900],{"type":232,"value":1230},{"type":227,"tag":654,"props":2902,"children":2903},{"style":667},[2904],{"type":232,"value":1061},{"type":227,"tag":654,"props":2906,"children":2907},{"style":661},[2908],{"type":232,"value":1263},{"type":227,"tag":654,"props":2910,"children":2911},{"style":667},[2912],{"type":232,"value":1127},{"type":227,"tag":654,"props":2914,"children":2915},{"class":656,"line":1130},[2916,2921,2925,2929,2933,2937],{"type":227,"tag":654,"props":2917,"children":2918},{"style":1102},[2919],{"type":232,"value":2920},"  secretName",{"type":227,"tag":654,"props":2922,"children":2923},{"style":667},[2924],{"type":232,"value":1110},{"type":227,"tag":654,"props":2926,"children":2927},{"style":667},[2928],{"type":232,"value":1003},{"type":227,"tag":654,"props":2930,"children":2931},{"style":700},[2932],{"type":232,"value":2724},{"type":227,"tag":654,"props":2934,"children":2935},{"style":667},[2936],{"type":232,"value":262},{"type":227,"tag":654,"props":2938,"children":2939},{"style":667},[2940],{"type":232,"value":1127},{"type":227,"tag":654,"props":2942,"children":2943},{"class":656,"line":1160},[2944,2949,2953,2957,2961,2965],{"type":227,"tag":654,"props":2945,"children":2946},{"style":1102},[2947],{"type":232,"value":2948},"  plaintextValue",{"type":227,"tag":654,"props":2950,"children":2951},{"style":667},[2952],{"type":232,"value":1110},{"type":227,"tag":654,"props":2954,"children":2955},{"style":661},[2956],{"type":232,"value":2477},{"type":227,"tag":654,"props":2958,"children":2959},{"style":667},[2960],{"type":232,"value":1061},{"type":227,"tag":654,"props":2962,"children":2963},{"style":661},[2964],{"type":232,"value":2663},{"type":227,"tag":654,"props":2966,"children":2967},{"style":667},[2968],{"type":232,"value":1127},{"type":227,"tag":654,"props":2970,"children":2971},{"class":656,"line":1179},[2972,2976,2980],{"type":227,"tag":654,"props":2973,"children":2974},{"style":667},[2975],{"type":232,"value":1185},{"type":227,"tag":654,"props":2977,"children":2978},{"style":661},[2979],{"type":232,"value":1190},{"type":227,"tag":654,"props":2981,"children":2982},{"style":667},[2983],{"type":232,"value":1016},{"type":227,"tag":654,"props":2985,"children":2986},{"class":656,"line":1197},[2987],{"type":227,"tag":654,"props":2988,"children":2989},{"emptyLinePlaceholder":1023},[2990],{"type":232,"value":1026},{"type":227,"tag":654,"props":2992,"children":2993},{"class":656,"line":1205},[2994,2998,3002,3006,3010,3014,3018,3022,3026,3030],{"type":227,"tag":654,"props":2995,"children":2996},{"style":667},[2997],{"type":232,"value":1624},{"type":227,"tag":654,"props":2999,"children":3000},{"style":661},[3001],{"type":232,"value":1056},{"type":227,"tag":654,"props":3003,"children":3004},{"style":667},[3005],{"type":232,"value":1061},{"type":227,"tag":654,"props":3007,"children":3008},{"style":1064},[3009],{"type":232,"value":2861},{"type":227,"tag":654,"props":3011,"children":3012},{"style":661},[3013],{"type":232,"value":1072},{"type":227,"tag":654,"props":3015,"children":3016},{"style":667},[3017],{"type":232,"value":262},{"type":227,"tag":654,"props":3019,"children":3020},{"style":700},[3021],{"type":232,"value":2255},{"type":227,"tag":654,"props":3023,"children":3024},{"style":667},[3025],{"type":232,"value":262},{"type":227,"tag":654,"props":3027,"children":3028},{"style":667},[3029],{"type":232,"value":1090},{"type":227,"tag":654,"props":3031,"children":3032},{"style":667},[3033],{"type":232,"value":1095},{"type":227,"tag":654,"props":3035,"children":3037},{"class":656,"line":3036},10,[3038,3042,3046,3050,3054,3058],{"type":227,"tag":654,"props":3039,"children":3040},{"style":1102},[3041],{"type":232,"value":2683},{"type":227,"tag":654,"props":3043,"children":3044},{"style":667},[3045],{"type":232,"value":1110},{"type":227,"tag":654,"props":3047,"children":3048},{"style":661},[3049],{"type":232,"value":1230},{"type":227,"tag":654,"props":3051,"children":3052},{"style":667},[3053],{"type":232,"value":1061},{"type":227,"tag":654,"props":3055,"children":3056},{"style":661},[3057],{"type":232,"value":1263},{"type":227,"tag":654,"props":3059,"children":3060},{"style":667},[3061],{"type":232,"value":1127},{"type":227,"tag":654,"props":3063,"children":3065},{"class":656,"line":3064},11,[3066,3070,3074,3078,3083,3087],{"type":227,"tag":654,"props":3067,"children":3068},{"style":1102},[3069],{"type":232,"value":2920},{"type":227,"tag":654,"props":3071,"children":3072},{"style":667},[3073],{"type":232,"value":1110},{"type":227,"tag":654,"props":3075,"children":3076},{"style":667},[3077],{"type":232,"value":1003},{"type":227,"tag":654,"props":3079,"children":3080},{"style":700},[3081],{"type":232,"value":3082},"ARM_SUBSCRIPTION_ID",{"type":227,"tag":654,"props":3084,"children":3085},{"style":667},[3086],{"type":232,"value":262},{"type":227,"tag":654,"props":3088,"children":3089},{"style":667},[3090],{"type":232,"value":1127},{"type":227,"tag":654,"props":3092,"children":3094},{"class":656,"line":3093},12,[3095,3099,3103,3107,3111,3115],{"type":227,"tag":654,"props":3096,"children":3097},{"style":1102},[3098],{"type":232,"value":2948},{"type":227,"tag":654,"props":3100,"children":3101},{"style":667},[3102],{"type":232,"value":1110},{"type":227,"tag":654,"props":3104,"children":3105},{"style":661},[3106],{"type":232,"value":2477},{"type":227,"tag":654,"props":3108,"children":3109},{"style":667},[3110],{"type":232,"value":1061},{"type":227,"tag":654,"props":3112,"children":3113},{"style":661},[3114],{"type":232,"value":2255},{"type":227,"tag":654,"props":3116,"children":3117},{"style":667},[3118],{"type":232,"value":1127},{"type":227,"tag":654,"props":3120,"children":3122},{"class":656,"line":3121},13,[3123,3127,3131],{"type":227,"tag":654,"props":3124,"children":3125},{"style":667},[3126],{"type":232,"value":1185},{"type":227,"tag":654,"props":3128,"children":3129},{"style":661},[3130],{"type":232,"value":1190},{"type":227,"tag":654,"props":3132,"children":3133},{"style":667},[3134],{"type":232,"value":1016},{"type":227,"tag":654,"props":3136,"children":3138},{"class":656,"line":3137},14,[3139],{"type":227,"tag":654,"props":3140,"children":3141},{"emptyLinePlaceholder":1023},[3142],{"type":232,"value":1026},{"type":227,"tag":654,"props":3144,"children":3146},{"class":656,"line":3145},15,[3147,3151,3155,3159,3163,3167,3171,3176,3180,3184],{"type":227,"tag":654,"props":3148,"children":3149},{"style":667},[3150],{"type":232,"value":1624},{"type":227,"tag":654,"props":3152,"children":3153},{"style":661},[3154],{"type":232,"value":1056},{"type":227,"tag":654,"props":3156,"children":3157},{"style":667},[3158],{"type":232,"value":1061},{"type":227,"tag":654,"props":3160,"children":3161},{"style":1064},[3162],{"type":232,"value":2861},{"type":227,"tag":654,"props":3164,"children":3165},{"style":661},[3166],{"type":232,"value":1072},{"type":227,"tag":654,"props":3168,"children":3169},{"style":667},[3170],{"type":232,"value":262},{"type":227,"tag":654,"props":3172,"children":3173},{"style":700},[3174],{"type":232,"value":3175},"clientId",{"type":227,"tag":654,"props":3177,"children":3178},{"style":667},[3179],{"type":232,"value":262},{"type":227,"tag":654,"props":3181,"children":3182},{"style":667},[3183],{"type":232,"value":1090},{"type":227,"tag":654,"props":3185,"children":3186},{"style":667},[3187],{"type":232,"value":1095},{"type":227,"tag":654,"props":3189,"children":3191},{"class":656,"line":3190},16,[3192,3196,3200,3204,3208,3212],{"type":227,"tag":654,"props":3193,"children":3194},{"style":1102},[3195],{"type":232,"value":2683},{"type":227,"tag":654,"props":3197,"children":3198},{"style":667},[3199],{"type":232,"value":1110},{"type":227,"tag":654,"props":3201,"children":3202},{"style":661},[3203],{"type":232,"value":1230},{"type":227,"tag":654,"props":3205,"children":3206},{"style":667},[3207],{"type":232,"value":1061},{"type":227,"tag":654,"props":3209,"children":3210},{"style":661},[3211],{"type":232,"value":1263},{"type":227,"tag":654,"props":3213,"children":3214},{"style":667},[3215],{"type":232,"value":1127},{"type":227,"tag":654,"props":3217,"children":3219},{"class":656,"line":3218},17,[3220,3224,3228,3232,3237,3241],{"type":227,"tag":654,"props":3221,"children":3222},{"style":1102},[3223],{"type":232,"value":2920},{"type":227,"tag":654,"props":3225,"children":3226},{"style":667},[3227],{"type":232,"value":1110},{"type":227,"tag":654,"props":3229,"children":3230},{"style":667},[3231],{"type":232,"value":1003},{"type":227,"tag":654,"props":3233,"children":3234},{"style":700},[3235],{"type":232,"value":3236},"ARM_CLIENT_ID",{"type":227,"tag":654,"props":3238,"children":3239},{"style":667},[3240],{"type":232,"value":262},{"type":227,"tag":654,"props":3242,"children":3243},{"style":667},[3244],{"type":232,"value":1127},{"type":227,"tag":654,"props":3246,"children":3248},{"class":656,"line":3247},18,[3249,3253,3257,3261,3265,3269],{"type":227,"tag":654,"props":3250,"children":3251},{"style":1102},[3252],{"type":232,"value":2948},{"type":227,"tag":654,"props":3254,"children":3255},{"style":667},[3256],{"type":232,"value":1110},{"type":227,"tag":654,"props":3258,"children":3259},{"style":661},[3260],{"type":232,"value":1560},{"type":227,"tag":654,"props":3262,"children":3263},{"style":667},[3264],{"type":232,"value":1061},{"type":227,"tag":654,"props":3266,"children":3267},{"style":661},[3268],{"type":232,"value":1569},{"type":227,"tag":654,"props":3270,"children":3271},{"style":667},[3272],{"type":232,"value":1127},{"type":227,"tag":654,"props":3274,"children":3276},{"class":656,"line":3275},19,[3277,3281,3285],{"type":227,"tag":654,"props":3278,"children":3279},{"style":667},[3280],{"type":232,"value":1185},{"type":227,"tag":654,"props":3282,"children":3283},{"style":661},[3284],{"type":232,"value":1190},{"type":227,"tag":654,"props":3286,"children":3287},{"style":667},[3288],{"type":232,"value":1016},{"type":227,"tag":411,"props":3290,"children":3291},{"icon":413},[3292],{"type":227,"tag":228,"props":3293,"children":3294},{},[3295,3297,3304],{"type":232,"value":3296},"Please note that could also use ",{"type":227,"tag":482,"props":3298,"children":3301},{"href":3299,"rel":3300},"https://docs.github.com/en/actions/deployment/targeting-different-environments/using-environments-for-deployment",[486],[3302],{"type":232,"value":3303},"environments for deployment",{"type":232,"value":3305}," and their associated secrets and variables.",{"type":227,"tag":282,"props":3307,"children":3309},{"id":3308},"create-the-github-actions-workflow",[3310],{"type":232,"value":3311},"Create the GitHub Actions workflow",{"type":227,"tag":228,"props":3313,"children":3314},{},[3315],{"type":232,"value":3316},"Everything seems to be properly configured to provision Azure resources from a GitHub Actions workflow in this new repository, except for the workflow itself. The goal here is to have a properly configured pipeline in the repository to get started provisioning Azure infrastructure.",{"type":227,"tag":228,"props":3318,"children":3319},{},[3320],{"type":232,"value":3321},"Here is such a pipeline:",{"type":227,"tag":644,"props":3323,"children":3327},{"className":3324,"code":3325,"language":3326,"meta":207,"style":207},"language-yaml shiki shiki-themes material-theme-lighter material-theme material-theme-palenight","name: infra\n\non:\n  workflow_dispatch:\n\npermissions:\n      id-token: write\n      contents: read\njobs:\n  provision-infra:\n    runs-on: ubuntu-latest\n    steps:\n      - name: 'Az CLI login'\n        uses: azure/login@v1\n        with:\n          client-id: ${{ secrets.AZURE_CLIENT_ID }}\n          tenant-id: ${{ secrets.AZURE_TENANT_ID }}\n          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}\n\n      - name: 'Run az commands'\n        run: |\n          az account show\n          az group list\n","yaml",[3328],{"type":227,"tag":310,"props":3329,"children":3330},{"__ignoreMap":207},[3331,3347,3354,3367,3379,3386,3398,3415,3432,3444,3456,3473,3485,3517,3534,3546,3563,3580,3597,3604,3633,3651,3660],{"type":227,"tag":654,"props":3332,"children":3333},{"class":656,"line":657},[3334,3338,3342],{"type":227,"tag":654,"props":3335,"children":3336},{"style":1102},[3337],{"type":232,"value":1263},{"type":227,"tag":654,"props":3339,"children":3340},{"style":667},[3341],{"type":232,"value":1110},{"type":227,"tag":654,"props":3343,"children":3344},{"style":700},[3345],{"type":232,"value":3346}," infra\n",{"type":227,"tag":654,"props":3348,"children":3349},{"class":656,"line":1019},[3350],{"type":227,"tag":654,"props":3351,"children":3352},{"emptyLinePlaceholder":1023},[3353],{"type":232,"value":1026},{"type":227,"tag":654,"props":3355,"children":3356},{"class":656,"line":1029},[3357,3362],{"type":227,"tag":654,"props":3358,"children":3359},{"style":1173},[3360],{"type":232,"value":3361},"on",{"type":227,"tag":654,"props":3363,"children":3364},{"style":667},[3365],{"type":232,"value":3366},":\n",{"type":227,"tag":654,"props":3368,"children":3369},{"class":656,"line":1098},[3370,3375],{"type":227,"tag":654,"props":3371,"children":3372},{"style":1102},[3373],{"type":232,"value":3374},"  workflow_dispatch",{"type":227,"tag":654,"props":3376,"children":3377},{"style":667},[3378],{"type":232,"value":3366},{"type":227,"tag":654,"props":3380,"children":3381},{"class":656,"line":1130},[3382],{"type":227,"tag":654,"props":3383,"children":3384},{"emptyLinePlaceholder":1023},[3385],{"type":232,"value":1026},{"type":227,"tag":654,"props":3387,"children":3388},{"class":656,"line":1160},[3389,3394],{"type":227,"tag":654,"props":3390,"children":3391},{"style":1102},[3392],{"type":232,"value":3393},"permissions",{"type":227,"tag":654,"props":3395,"children":3396},{"style":667},[3397],{"type":232,"value":3366},{"type":227,"tag":654,"props":3399,"children":3400},{"class":656,"line":1179},[3401,3406,3410],{"type":227,"tag":654,"props":3402,"children":3403},{"style":1102},[3404],{"type":232,"value":3405},"      id-token",{"type":227,"tag":654,"props":3407,"children":3408},{"style":667},[3409],{"type":232,"value":1110},{"type":227,"tag":654,"props":3411,"children":3412},{"style":700},[3413],{"type":232,"value":3414}," write\n",{"type":227,"tag":654,"props":3416,"children":3417},{"class":656,"line":1197},[3418,3423,3427],{"type":227,"tag":654,"props":3419,"children":3420},{"style":1102},[3421],{"type":232,"value":3422},"      contents",{"type":227,"tag":654,"props":3424,"children":3425},{"style":667},[3426],{"type":232,"value":1110},{"type":227,"tag":654,"props":3428,"children":3429},{"style":700},[3430],{"type":232,"value":3431}," read\n",{"type":227,"tag":654,"props":3433,"children":3434},{"class":656,"line":1205},[3435,3440],{"type":227,"tag":654,"props":3436,"children":3437},{"style":1102},[3438],{"type":232,"value":3439},"jobs",{"type":227,"tag":654,"props":3441,"children":3442},{"style":667},[3443],{"type":232,"value":3366},{"type":227,"tag":654,"props":3445,"children":3446},{"class":656,"line":3036},[3447,3452],{"type":227,"tag":654,"props":3448,"children":3449},{"style":1102},[3450],{"type":232,"value":3451},"  provision-infra",{"type":227,"tag":654,"props":3453,"children":3454},{"style":667},[3455],{"type":232,"value":3366},{"type":227,"tag":654,"props":3457,"children":3458},{"class":656,"line":3064},[3459,3464,3468],{"type":227,"tag":654,"props":3460,"children":3461},{"style":1102},[3462],{"type":232,"value":3463},"    runs-on",{"type":227,"tag":654,"props":3465,"children":3466},{"style":667},[3467],{"type":232,"value":1110},{"type":227,"tag":654,"props":3469,"children":3470},{"style":700},[3471],{"type":232,"value":3472}," ubuntu-latest\n",{"type":227,"tag":654,"props":3474,"children":3475},{"class":656,"line":3093},[3476,3481],{"type":227,"tag":654,"props":3477,"children":3478},{"style":1102},[3479],{"type":232,"value":3480},"    steps",{"type":227,"tag":654,"props":3482,"children":3483},{"style":667},[3484],{"type":232,"value":3366},{"type":227,"tag":654,"props":3486,"children":3487},{"class":656,"line":3121},[3488,3493,3498,3502,3507,3512],{"type":227,"tag":654,"props":3489,"children":3490},{"style":667},[3491],{"type":232,"value":3492},"      -",{"type":227,"tag":654,"props":3494,"children":3495},{"style":1102},[3496],{"type":232,"value":3497}," name",{"type":227,"tag":654,"props":3499,"children":3500},{"style":667},[3501],{"type":232,"value":1110},{"type":227,"tag":654,"props":3503,"children":3504},{"style":667},[3505],{"type":232,"value":3506}," '",{"type":227,"tag":654,"props":3508,"children":3509},{"style":700},[3510],{"type":232,"value":3511},"Az CLI login",{"type":227,"tag":654,"props":3513,"children":3514},{"style":667},[3515],{"type":232,"value":3516},"'\n",{"type":227,"tag":654,"props":3518,"children":3519},{"class":656,"line":3137},[3520,3525,3529],{"type":227,"tag":654,"props":3521,"children":3522},{"style":1102},[3523],{"type":232,"value":3524},"        uses",{"type":227,"tag":654,"props":3526,"children":3527},{"style":667},[3528],{"type":232,"value":1110},{"type":227,"tag":654,"props":3530,"children":3531},{"style":700},[3532],{"type":232,"value":3533}," azure/login@v1\n",{"type":227,"tag":654,"props":3535,"children":3536},{"class":656,"line":3145},[3537,3542],{"type":227,"tag":654,"props":3538,"children":3539},{"style":1102},[3540],{"type":232,"value":3541},"        with",{"type":227,"tag":654,"props":3543,"children":3544},{"style":667},[3545],{"type":232,"value":3366},{"type":227,"tag":654,"props":3547,"children":3548},{"class":656,"line":3190},[3549,3554,3558],{"type":227,"tag":654,"props":3550,"children":3551},{"style":1102},[3552],{"type":232,"value":3553},"          client-id",{"type":227,"tag":654,"props":3555,"children":3556},{"style":667},[3557],{"type":232,"value":1110},{"type":227,"tag":654,"props":3559,"children":3560},{"style":700},[3561],{"type":232,"value":3562}," ${{ secrets.AZURE_CLIENT_ID }}\n",{"type":227,"tag":654,"props":3564,"children":3565},{"class":656,"line":3218},[3566,3571,3575],{"type":227,"tag":654,"props":3567,"children":3568},{"style":1102},[3569],{"type":232,"value":3570},"          tenant-id",{"type":227,"tag":654,"props":3572,"children":3573},{"style":667},[3574],{"type":232,"value":1110},{"type":227,"tag":654,"props":3576,"children":3577},{"style":700},[3578],{"type":232,"value":3579}," ${{ secrets.AZURE_TENANT_ID }}\n",{"type":227,"tag":654,"props":3581,"children":3582},{"class":656,"line":3247},[3583,3588,3592],{"type":227,"tag":654,"props":3584,"children":3585},{"style":1102},[3586],{"type":232,"value":3587},"          subscription-id",{"type":227,"tag":654,"props":3589,"children":3590},{"style":667},[3591],{"type":232,"value":1110},{"type":227,"tag":654,"props":3593,"children":3594},{"style":700},[3595],{"type":232,"value":3596}," ${{ secrets.AZURE_SUBSCRIPTION_ID }}\n",{"type":227,"tag":654,"props":3598,"children":3599},{"class":656,"line":3275},[3600],{"type":227,"tag":654,"props":3601,"children":3602},{"emptyLinePlaceholder":1023},[3603],{"type":232,"value":1026},{"type":227,"tag":654,"props":3605,"children":3607},{"class":656,"line":3606},20,[3608,3612,3616,3620,3624,3629],{"type":227,"tag":654,"props":3609,"children":3610},{"style":667},[3611],{"type":232,"value":3492},{"type":227,"tag":654,"props":3613,"children":3614},{"style":1102},[3615],{"type":232,"value":3497},{"type":227,"tag":654,"props":3617,"children":3618},{"style":667},[3619],{"type":232,"value":1110},{"type":227,"tag":654,"props":3621,"children":3622},{"style":667},[3623],{"type":232,"value":3506},{"type":227,"tag":654,"props":3625,"children":3626},{"style":700},[3627],{"type":232,"value":3628},"Run az commands",{"type":227,"tag":654,"props":3630,"children":3631},{"style":667},[3632],{"type":232,"value":3516},{"type":227,"tag":654,"props":3634,"children":3636},{"class":656,"line":3635},21,[3637,3642,3646],{"type":227,"tag":654,"props":3638,"children":3639},{"style":1102},[3640],{"type":232,"value":3641},"        run",{"type":227,"tag":654,"props":3643,"children":3644},{"style":667},[3645],{"type":232,"value":1110},{"type":227,"tag":654,"props":3647,"children":3648},{"style":975},[3649],{"type":232,"value":3650}," |\n",{"type":227,"tag":654,"props":3652,"children":3654},{"class":656,"line":3653},22,[3655],{"type":227,"tag":654,"props":3656,"children":3657},{"style":700},[3658],{"type":232,"value":3659},"          az account show\n",{"type":227,"tag":654,"props":3661,"children":3663},{"class":656,"line":3662},23,[3664],{"type":227,"tag":654,"props":3665,"children":3666},{"style":700},[3667],{"type":232,"value":3668},"          az group list\n",{"type":227,"tag":228,"props":3670,"children":3671},{},[3672,3674,3680],{"type":232,"value":3673},"This workflow first authenticates to Azure using OIDC with the ",{"type":227,"tag":310,"props":3675,"children":3677},{"className":3676},[],[3678],{"type":232,"value":3679},"azure/login",{"type":232,"value":3681}," action and then performs some Azure CLI commands to interact with Azure resources. That's fine and probably enough to get you started but you surely want to provision your infrastructure using a more declarative solution than an Azure CLI script. So let's see a more interesting pipeline still authenticating via Azure OIDC but using Pulumi to provision the Azure resources.",{"type":227,"tag":644,"props":3683,"children":3685},{"className":3324,"code":3684,"language":3326,"meta":207,"style":207},"name: infra\n\non:\n  workflow_dispatch:\n\npermissions:\n  id-token: write   # required for OIDC auth\n  contents: read    # required to perform a checkout\n\njobs:\n  provision-infra:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions/checkout@v3\n\n      - name: Install pnpm\n        uses: pnpm/action-setup@v2\n        with:\n          version: latest\n\n      - name: Set node version to 18\n        uses: actions/setup-node@v3\n        with:\n          node-version: 18\n          cache: 'pnpm'\n      \n      - name: Install dependencies\n        run: pnpm install\n      \n      - name: Provision infrastructure\n        uses: pulumi/actions@v4.4.0\n        id: pulumi\n        with:\n          command: up\n          stack-name: dev\n        env:\n          ARM_USE_OIDC: true\n          PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}\n          ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}\n          ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}\n          ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }} \n",[3686],{"type":227,"tag":310,"props":3687,"children":3688},{"__ignoreMap":207},[3689,3704,3711,3722,3733,3740,3751,3774,3796,3803,3814,3825,3840,3851,3872,3879,3899,3915,3926,3943,3950,3970,3986,3997,4016,4041,4050,4071,4088,4096,4117,4134,4152,4164,4182,4200,4213,4230,4248,4266,4284],{"type":227,"tag":654,"props":3690,"children":3691},{"class":656,"line":657},[3692,3696,3700],{"type":227,"tag":654,"props":3693,"children":3694},{"style":1102},[3695],{"type":232,"value":1263},{"type":227,"tag":654,"props":3697,"children":3698},{"style":667},[3699],{"type":232,"value":1110},{"type":227,"tag":654,"props":3701,"children":3702},{"style":700},[3703],{"type":232,"value":3346},{"type":227,"tag":654,"props":3705,"children":3706},{"class":656,"line":1019},[3707],{"type":227,"tag":654,"props":3708,"children":3709},{"emptyLinePlaceholder":1023},[3710],{"type":232,"value":1026},{"type":227,"tag":654,"props":3712,"children":3713},{"class":656,"line":1029},[3714,3718],{"type":227,"tag":654,"props":3715,"children":3716},{"style":1173},[3717],{"type":232,"value":3361},{"type":227,"tag":654,"props":3719,"children":3720},{"style":667},[3721],{"type":232,"value":3366},{"type":227,"tag":654,"props":3723,"children":3724},{"class":656,"line":1098},[3725,3729],{"type":227,"tag":654,"props":3726,"children":3727},{"style":1102},[3728],{"type":232,"value":3374},{"type":227,"tag":654,"props":3730,"children":3731},{"style":667},[3732],{"type":232,"value":3366},{"type":227,"tag":654,"props":3734,"children":3735},{"class":656,"line":1130},[3736],{"type":227,"tag":654,"props":3737,"children":3738},{"emptyLinePlaceholder":1023},[3739],{"type":232,"value":1026},{"type":227,"tag":654,"props":3741,"children":3742},{"class":656,"line":1160},[3743,3747],{"type":227,"tag":654,"props":3744,"children":3745},{"style":1102},[3746],{"type":232,"value":3393},{"type":227,"tag":654,"props":3748,"children":3749},{"style":667},[3750],{"type":232,"value":3366},{"type":227,"tag":654,"props":3752,"children":3753},{"class":656,"line":1179},[3754,3759,3763,3768],{"type":227,"tag":654,"props":3755,"children":3756},{"style":1102},[3757],{"type":232,"value":3758},"  id-token",{"type":227,"tag":654,"props":3760,"children":3761},{"style":667},[3762],{"type":232,"value":1110},{"type":227,"tag":654,"props":3764,"children":3765},{"style":700},[3766],{"type":232,"value":3767}," write",{"type":227,"tag":654,"props":3769,"children":3771},{"style":3770},"--shiki-light:#90A4AE;--shiki-default:#546E7A;--shiki-dark:#676E95;--shiki-light-font-style:italic;--shiki-default-font-style:italic;--shiki-dark-font-style:italic",[3772],{"type":232,"value":3773},"   # required for OIDC auth\n",{"type":227,"tag":654,"props":3775,"children":3776},{"class":656,"line":1197},[3777,3782,3786,3791],{"type":227,"tag":654,"props":3778,"children":3779},{"style":1102},[3780],{"type":232,"value":3781},"  contents",{"type":227,"tag":654,"props":3783,"children":3784},{"style":667},[3785],{"type":232,"value":1110},{"type":227,"tag":654,"props":3787,"children":3788},{"style":700},[3789],{"type":232,"value":3790}," read",{"type":227,"tag":654,"props":3792,"children":3793},{"style":3770},[3794],{"type":232,"value":3795},"    # required to perform a checkout\n",{"type":227,"tag":654,"props":3797,"children":3798},{"class":656,"line":1205},[3799],{"type":227,"tag":654,"props":3800,"children":3801},{"emptyLinePlaceholder":1023},[3802],{"type":232,"value":1026},{"type":227,"tag":654,"props":3804,"children":3805},{"class":656,"line":3036},[3806,3810],{"type":227,"tag":654,"props":3807,"children":3808},{"style":1102},[3809],{"type":232,"value":3439},{"type":227,"tag":654,"props":3811,"children":3812},{"style":667},[3813],{"type":232,"value":3366},{"type":227,"tag":654,"props":3815,"children":3816},{"class":656,"line":3064},[3817,3821],{"type":227,"tag":654,"props":3818,"children":3819},{"style":1102},[3820],{"type":232,"value":3451},{"type":227,"tag":654,"props":3822,"children":3823},{"style":667},[3824],{"type":232,"value":3366},{"type":227,"tag":654,"props":3826,"children":3827},{"class":656,"line":3093},[3828,3832,3836],{"type":227,"tag":654,"props":3829,"children":3830},{"style":1102},[3831],{"type":232,"value":3463},{"type":227,"tag":654,"props":3833,"children":3834},{"style":667},[3835],{"type":232,"value":1110},{"type":227,"tag":654,"props":3837,"children":3838},{"style":700},[3839],{"type":232,"value":3472},{"type":227,"tag":654,"props":3841,"children":3842},{"class":656,"line":3121},[3843,3847],{"type":227,"tag":654,"props":3844,"children":3845},{"style":1102},[3846],{"type":232,"value":3480},{"type":227,"tag":654,"props":3848,"children":3849},{"style":667},[3850],{"type":232,"value":3366},{"type":227,"tag":654,"props":3852,"children":3853},{"class":656,"line":3137},[3854,3858,3863,3867],{"type":227,"tag":654,"props":3855,"children":3856},{"style":667},[3857],{"type":232,"value":3492},{"type":227,"tag":654,"props":3859,"children":3860},{"style":1102},[3861],{"type":232,"value":3862}," uses",{"type":227,"tag":654,"props":3864,"children":3865},{"style":667},[3866],{"type":232,"value":1110},{"type":227,"tag":654,"props":3868,"children":3869},{"style":700},[3870],{"type":232,"value":3871}," actions/checkout@v3\n",{"type":227,"tag":654,"props":3873,"children":3874},{"class":656,"line":3145},[3875],{"type":227,"tag":654,"props":3876,"children":3877},{"emptyLinePlaceholder":1023},[3878],{"type":232,"value":1026},{"type":227,"tag":654,"props":3880,"children":3881},{"class":656,"line":3190},[3882,3886,3890,3894],{"type":227,"tag":654,"props":3883,"children":3884},{"style":667},[3885],{"type":232,"value":3492},{"type":227,"tag":654,"props":3887,"children":3888},{"style":1102},[3889],{"type":232,"value":3497},{"type":227,"tag":654,"props":3891,"children":3892},{"style":667},[3893],{"type":232,"value":1110},{"type":227,"tag":654,"props":3895,"children":3896},{"style":700},[3897],{"type":232,"value":3898}," Install pnpm\n",{"type":227,"tag":654,"props":3900,"children":3901},{"class":656,"line":3218},[3902,3906,3910],{"type":227,"tag":654,"props":3903,"children":3904},{"style":1102},[3905],{"type":232,"value":3524},{"type":227,"tag":654,"props":3907,"children":3908},{"style":667},[3909],{"type":232,"value":1110},{"type":227,"tag":654,"props":3911,"children":3912},{"style":700},[3913],{"type":232,"value":3914}," pnpm/action-setup@v2\n",{"type":227,"tag":654,"props":3916,"children":3917},{"class":656,"line":3247},[3918,3922],{"type":227,"tag":654,"props":3919,"children":3920},{"style":1102},[3921],{"type":232,"value":3541},{"type":227,"tag":654,"props":3923,"children":3924},{"style":667},[3925],{"type":232,"value":3366},{"type":227,"tag":654,"props":3927,"children":3928},{"class":656,"line":3275},[3929,3934,3938],{"type":227,"tag":654,"props":3930,"children":3931},{"style":1102},[3932],{"type":232,"value":3933},"          version",{"type":227,"tag":654,"props":3935,"children":3936},{"style":667},[3937],{"type":232,"value":1110},{"type":227,"tag":654,"props":3939,"children":3940},{"style":700},[3941],{"type":232,"value":3942}," latest\n",{"type":227,"tag":654,"props":3944,"children":3945},{"class":656,"line":3606},[3946],{"type":227,"tag":654,"props":3947,"children":3948},{"emptyLinePlaceholder":1023},[3949],{"type":232,"value":1026},{"type":227,"tag":654,"props":3951,"children":3952},{"class":656,"line":3635},[3953,3957,3961,3965],{"type":227,"tag":654,"props":3954,"children":3955},{"style":667},[3956],{"type":232,"value":3492},{"type":227,"tag":654,"props":3958,"children":3959},{"style":1102},[3960],{"type":232,"value":3497},{"type":227,"tag":654,"props":3962,"children":3963},{"style":667},[3964],{"type":232,"value":1110},{"type":227,"tag":654,"props":3966,"children":3967},{"style":700},[3968],{"type":232,"value":3969}," Set node version to 18\n",{"type":227,"tag":654,"props":3971,"children":3972},{"class":656,"line":3653},[3973,3977,3981],{"type":227,"tag":654,"props":3974,"children":3975},{"style":1102},[3976],{"type":232,"value":3524},{"type":227,"tag":654,"props":3978,"children":3979},{"style":667},[3980],{"type":232,"value":1110},{"type":227,"tag":654,"props":3982,"children":3983},{"style":700},[3984],{"type":232,"value":3985}," actions/setup-node@v3\n",{"type":227,"tag":654,"props":3987,"children":3988},{"class":656,"line":3662},[3989,3993],{"type":227,"tag":654,"props":3990,"children":3991},{"style":1102},[3992],{"type":232,"value":3541},{"type":227,"tag":654,"props":3994,"children":3995},{"style":667},[3996],{"type":232,"value":3366},{"type":227,"tag":654,"props":3998,"children":4000},{"class":656,"line":3999},24,[4001,4006,4010],{"type":227,"tag":654,"props":4002,"children":4003},{"style":1102},[4004],{"type":232,"value":4005},"          node-version",{"type":227,"tag":654,"props":4007,"children":4008},{"style":667},[4009],{"type":232,"value":1110},{"type":227,"tag":654,"props":4011,"children":4013},{"style":4012},"--shiki-light:#F76D47;--shiki-default:#F78C6C;--shiki-dark:#F78C6C",[4014],{"type":232,"value":4015}," 18\n",{"type":227,"tag":654,"props":4017,"children":4019},{"class":656,"line":4018},25,[4020,4025,4029,4033,4037],{"type":227,"tag":654,"props":4021,"children":4022},{"style":1102},[4023],{"type":232,"value":4024},"          cache",{"type":227,"tag":654,"props":4026,"children":4027},{"style":667},[4028],{"type":232,"value":1110},{"type":227,"tag":654,"props":4030,"children":4031},{"style":667},[4032],{"type":232,"value":3506},{"type":227,"tag":654,"props":4034,"children":4035},{"style":700},[4036],{"type":232,"value":802},{"type":227,"tag":654,"props":4038,"children":4039},{"style":667},[4040],{"type":232,"value":3516},{"type":227,"tag":654,"props":4042,"children":4044},{"class":656,"line":4043},26,[4045],{"type":227,"tag":654,"props":4046,"children":4047},{"style":661},[4048],{"type":232,"value":4049},"      \n",{"type":227,"tag":654,"props":4051,"children":4053},{"class":656,"line":4052},27,[4054,4058,4062,4066],{"type":227,"tag":654,"props":4055,"children":4056},{"style":667},[4057],{"type":232,"value":3492},{"type":227,"tag":654,"props":4059,"children":4060},{"style":1102},[4061],{"type":232,"value":3497},{"type":227,"tag":654,"props":4063,"children":4064},{"style":667},[4065],{"type":232,"value":1110},{"type":227,"tag":654,"props":4067,"children":4068},{"style":700},[4069],{"type":232,"value":4070}," Install dependencies\n",{"type":227,"tag":654,"props":4072,"children":4074},{"class":656,"line":4073},28,[4075,4079,4083],{"type":227,"tag":654,"props":4076,"children":4077},{"style":1102},[4078],{"type":232,"value":3641},{"type":227,"tag":654,"props":4080,"children":4081},{"style":667},[4082],{"type":232,"value":1110},{"type":227,"tag":654,"props":4084,"children":4085},{"style":700},[4086],{"type":232,"value":4087}," pnpm install\n",{"type":227,"tag":654,"props":4089,"children":4091},{"class":656,"line":4090},29,[4092],{"type":227,"tag":654,"props":4093,"children":4094},{"style":661},[4095],{"type":232,"value":4049},{"type":227,"tag":654,"props":4097,"children":4099},{"class":656,"line":4098},30,[4100,4104,4108,4112],{"type":227,"tag":654,"props":4101,"children":4102},{"style":667},[4103],{"type":232,"value":3492},{"type":227,"tag":654,"props":4105,"children":4106},{"style":1102},[4107],{"type":232,"value":3497},{"type":227,"tag":654,"props":4109,"children":4110},{"style":667},[4111],{"type":232,"value":1110},{"type":227,"tag":654,"props":4113,"children":4114},{"style":700},[4115],{"type":232,"value":4116}," Provision infrastructure\n",{"type":227,"tag":654,"props":4118,"children":4120},{"class":656,"line":4119},31,[4121,4125,4129],{"type":227,"tag":654,"props":4122,"children":4123},{"style":1102},[4124],{"type":232,"value":3524},{"type":227,"tag":654,"props":4126,"children":4127},{"style":667},[4128],{"type":232,"value":1110},{"type":227,"tag":654,"props":4130,"children":4131},{"style":700},[4132],{"type":232,"value":4133}," pulumi/actions@v4.4.0\n",{"type":227,"tag":654,"props":4135,"children":4137},{"class":656,"line":4136},32,[4138,4143,4147],{"type":227,"tag":654,"props":4139,"children":4140},{"style":1102},[4141],{"type":232,"value":4142},"        id",{"type":227,"tag":654,"props":4144,"children":4145},{"style":667},[4146],{"type":232,"value":1110},{"type":227,"tag":654,"props":4148,"children":4149},{"style":700},[4150],{"type":232,"value":4151}," pulumi\n",{"type":227,"tag":654,"props":4153,"children":4155},{"class":656,"line":4154},33,[4156,4160],{"type":227,"tag":654,"props":4157,"children":4158},{"style":1102},[4159],{"type":232,"value":3541},{"type":227,"tag":654,"props":4161,"children":4162},{"style":667},[4163],{"type":232,"value":3366},{"type":227,"tag":654,"props":4165,"children":4167},{"class":656,"line":4166},34,[4168,4173,4177],{"type":227,"tag":654,"props":4169,"children":4170},{"style":1102},[4171],{"type":232,"value":4172},"          command",{"type":227,"tag":654,"props":4174,"children":4175},{"style":667},[4176],{"type":232,"value":1110},{"type":227,"tag":654,"props":4178,"children":4179},{"style":700},[4180],{"type":232,"value":4181}," up\n",{"type":227,"tag":654,"props":4183,"children":4185},{"class":656,"line":4184},35,[4186,4191,4195],{"type":227,"tag":654,"props":4187,"children":4188},{"style":1102},[4189],{"type":232,"value":4190},"          stack-name",{"type":227,"tag":654,"props":4192,"children":4193},{"style":667},[4194],{"type":232,"value":1110},{"type":227,"tag":654,"props":4196,"children":4197},{"style":700},[4198],{"type":232,"value":4199}," dev\n",{"type":227,"tag":654,"props":4201,"children":4203},{"class":656,"line":4202},36,[4204,4209],{"type":227,"tag":654,"props":4205,"children":4206},{"style":1102},[4207],{"type":232,"value":4208},"        env",{"type":227,"tag":654,"props":4210,"children":4211},{"style":667},[4212],{"type":232,"value":3366},{"type":227,"tag":654,"props":4214,"children":4216},{"class":656,"line":4215},37,[4217,4222,4226],{"type":227,"tag":654,"props":4218,"children":4219},{"style":1102},[4220],{"type":232,"value":4221},"          ARM_USE_OIDC",{"type":227,"tag":654,"props":4223,"children":4224},{"style":667},[4225],{"type":232,"value":1110},{"type":227,"tag":654,"props":4227,"children":4228},{"style":1173},[4229],{"type":232,"value":1176},{"type":227,"tag":654,"props":4231,"children":4233},{"class":656,"line":4232},38,[4234,4239,4243],{"type":227,"tag":654,"props":4235,"children":4236},{"style":1102},[4237],{"type":232,"value":4238},"          PULUMI_ACCESS_TOKEN",{"type":227,"tag":654,"props":4240,"children":4241},{"style":667},[4242],{"type":232,"value":1110},{"type":227,"tag":654,"props":4244,"children":4245},{"style":700},[4246],{"type":232,"value":4247}," ${{ secrets.PULUMI_ACCESS_TOKEN }}\n",{"type":227,"tag":654,"props":4249,"children":4251},{"class":656,"line":4250},39,[4252,4257,4261],{"type":227,"tag":654,"props":4253,"children":4254},{"style":1102},[4255],{"type":232,"value":4256},"          ARM_CLIENT_ID",{"type":227,"tag":654,"props":4258,"children":4259},{"style":667},[4260],{"type":232,"value":1110},{"type":227,"tag":654,"props":4262,"children":4263},{"style":700},[4264],{"type":232,"value":4265}," ${{ secrets.ARM_CLIENT_ID }}\n",{"type":227,"tag":654,"props":4267,"children":4269},{"class":656,"line":4268},40,[4270,4275,4279],{"type":227,"tag":654,"props":4271,"children":4272},{"style":1102},[4273],{"type":232,"value":4274},"          ARM_TENANT_ID",{"type":227,"tag":654,"props":4276,"children":4277},{"style":667},[4278],{"type":232,"value":1110},{"type":227,"tag":654,"props":4280,"children":4281},{"style":700},[4282],{"type":232,"value":4283}," ${{ secrets.ARM_TENANT_ID }}\n",{"type":227,"tag":654,"props":4285,"children":4287},{"class":656,"line":4286},41,[4288,4293,4297],{"type":227,"tag":654,"props":4289,"children":4290},{"style":1102},[4291],{"type":232,"value":4292},"          ARM_SUBSCRIPTION_ID",{"type":227,"tag":654,"props":4294,"children":4295},{"style":667},[4296],{"type":232,"value":1110},{"type":227,"tag":654,"props":4298,"children":4299},{"style":700},[4300],{"type":232,"value":4301}," ${{ secrets.ARM_SUBSCRIPTION_ID }}\n",{"type":227,"tag":228,"props":4303,"children":4304},{},[4305,4307,4313],{"type":232,"value":4306},"A permission section is required with 2 settings (more details ",{"type":227,"tag":482,"props":4308,"children":4311},{"href":4309,"rel":4310},"https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#adding-permissions-settings",[486],[4312],{"type":232,"value":2501},{"type":232,"value":4314},"):",{"type":227,"tag":300,"props":4316,"children":4317},{},[4318,4329],{"type":227,"tag":304,"props":4319,"children":4320},{},[4321,4327],{"type":227,"tag":310,"props":4322,"children":4324},{"className":4323},[],[4325],{"type":232,"value":4326},"id-token: write",{"type":232,"value":4328}," ➡️ needed to request the OIDC token",{"type":227,"tag":304,"props":4330,"children":4331},{},[4332,4338],{"type":227,"tag":310,"props":4333,"children":4335},{"className":4334},[],[4336],{"type":232,"value":4337},"contents: read",{"type":232,"value":4339}," ➡️ needed to perform checkout action",{"type":227,"tag":411,"props":4341,"children":4342},{"icon":413},[4343],{"type":227,"tag":228,"props":4344,"children":4345},{},[4346],{"type":232,"value":4347},"When you start to specify specific permissions, you have to specify all the permissions you need for the job because the default permissions won't apply anymore.",{"type":227,"tag":228,"props":4349,"children":4350},{},[4351,4353,4359,4361,4367,4369,4375],{"type":232,"value":4352},"The 3 steps following the checkout step are actions to specify the Node.js version to use, install and correctly configure ",{"type":227,"tag":482,"props":4354,"children":4357},{"href":4355,"rel":4356},"https://bordeauxcoders.com/series/pnpm-101",[486],[4358],{"type":232,"value":802},{"type":232,"value":4360},". We assume here the infrastructure will be provisioned using TypeScript (and Pulumi of course) but there would have been similar steps with other runtimes/languages (a ",{"type":227,"tag":310,"props":4362,"children":4364},{"className":4363},[],[4365],{"type":232,"value":4366},"setup-dotnet",{"type":232,"value":4368}," and a ",{"type":227,"tag":310,"props":4370,"children":4372},{"className":4371},[],[4373],{"type":232,"value":4374},"dotnet retore",{"type":232,"value":4376}," action for .NET for instance).",{"type":227,"tag":228,"props":4378,"children":4379},{},[4380,4382,4388,4390,4395,4397,4403,4405,4410],{"type":232,"value":4381},"The last action is the Pulumi action to provision the infrastructure by running the ",{"type":227,"tag":310,"props":4383,"children":4385},{"className":4384},[],[4386],{"type":232,"value":4387},"pulumi up",{"type":232,"value":4389}," on the ",{"type":227,"tag":310,"props":4391,"children":4393},{"className":4392},[],[4394],{"type":232,"value":764},{"type":232,"value":4396}," stack. We can see that this action uses environment variables whose values are based on the GitHub Actions secrets we defined earlier. To tell Pulumi to use OIDC, we just have to set the ",{"type":227,"tag":310,"props":4398,"children":4400},{"className":4399},[],[4401],{"type":232,"value":4402},"ARM_USE_OIDC",{"type":232,"value":4404}," environment variable to ",{"type":227,"tag":310,"props":4406,"children":4408},{"className":4407},[],[4409],{"type":232,"value":1309},{"type":232,"value":1061},{"type":227,"tag":644,"props":4412,"children":4414},{"className":3324,"code":4413,"language":3326,"meta":207,"style":207},"        env:\n          ARM_USE_OIDC: true\n          PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}\n          ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}\n          ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}\n          ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }} \n",[4415],{"type":227,"tag":310,"props":4416,"children":4417},{"__ignoreMap":207},[4418,4429,4444,4459,4474,4489],{"type":227,"tag":654,"props":4419,"children":4420},{"class":656,"line":657},[4421,4425],{"type":227,"tag":654,"props":4422,"children":4423},{"style":1102},[4424],{"type":232,"value":4208},{"type":227,"tag":654,"props":4426,"children":4427},{"style":667},[4428],{"type":232,"value":3366},{"type":227,"tag":654,"props":4430,"children":4431},{"class":656,"line":1019},[4432,4436,4440],{"type":227,"tag":654,"props":4433,"children":4434},{"style":1102},[4435],{"type":232,"value":4221},{"type":227,"tag":654,"props":4437,"children":4438},{"style":667},[4439],{"type":232,"value":1110},{"type":227,"tag":654,"props":4441,"children":4442},{"style":1173},[4443],{"type":232,"value":1176},{"type":227,"tag":654,"props":4445,"children":4446},{"class":656,"line":1029},[4447,4451,4455],{"type":227,"tag":654,"props":4448,"children":4449},{"style":1102},[4450],{"type":232,"value":4238},{"type":227,"tag":654,"props":4452,"children":4453},{"style":667},[4454],{"type":232,"value":1110},{"type":227,"tag":654,"props":4456,"children":4457},{"style":700},[4458],{"type":232,"value":4247},{"type":227,"tag":654,"props":4460,"children":4461},{"class":656,"line":1098},[4462,4466,4470],{"type":227,"tag":654,"props":4463,"children":4464},{"style":1102},[4465],{"type":232,"value":4256},{"type":227,"tag":654,"props":4467,"children":4468},{"style":667},[4469],{"type":232,"value":1110},{"type":227,"tag":654,"props":4471,"children":4472},{"style":700},[4473],{"type":232,"value":4265},{"type":227,"tag":654,"props":4475,"children":4476},{"class":656,"line":1130},[4477,4481,4485],{"type":227,"tag":654,"props":4478,"children":4479},{"style":1102},[4480],{"type":232,"value":4274},{"type":227,"tag":654,"props":4482,"children":4483},{"style":667},[4484],{"type":232,"value":1110},{"type":227,"tag":654,"props":4486,"children":4487},{"style":700},[4488],{"type":232,"value":4283},{"type":227,"tag":654,"props":4490,"children":4491},{"class":656,"line":1160},[4492,4496,4500],{"type":227,"tag":654,"props":4493,"children":4494},{"style":1102},[4495],{"type":232,"value":4292},{"type":227,"tag":654,"props":4497,"children":4498},{"style":667},[4499],{"type":232,"value":1110},{"type":227,"tag":654,"props":4501,"children":4502},{"style":700},[4503],{"type":232,"value":4301},{"type":227,"tag":228,"props":4505,"children":4506},{},[4507,4509,4515,4517,4524],{"type":232,"value":4508},"A GitHub Actions secret we did not talk about is ",{"type":227,"tag":310,"props":4510,"children":4512},{"className":4511},[],[4513],{"type":232,"value":4514},"PULUMI_ACCESS_TOKEN",{"type":232,"value":4516}," that is a ",{"type":227,"tag":482,"props":4518,"children":4521},{"href":4519,"rel":4520},"https://www.pulumi.com/docs/pulumi-cloud/access-management/access-tokens/",[486],[4522],{"type":232,"value":4523},"Pulumi access token",{"type":232,"value":4525}," to use Pulumi Cloud as our backend to store the infrastructure state and encrypt secrets. This token should be:",{"type":227,"tag":2601,"props":4527,"children":4528},{},[4529,4541,4552],{"type":227,"tag":304,"props":4530,"children":4531},{},[4532,4534,4540],{"type":232,"value":4533},"Created from Pulumi Cloud (following the documentation ",{"type":227,"tag":482,"props":4535,"children":4538},{"href":4536,"rel":4537},"https://www.pulumi.com/docs/pulumi-cloud/access-management/access-tokens/#personal-access-tokens",[486],[4539],{"type":232,"value":2501},{"type":232,"value":1190},{"type":227,"tag":304,"props":4542,"children":4543},{},[4544,4546],{"type":232,"value":4545},"Stored in the stack configuration using the following command ",{"type":227,"tag":310,"props":4547,"children":4549},{"className":4548},[],[4550],{"type":232,"value":4551},"pulumi config set pulumiTokenForRepository ******* --secret",{"type":227,"tag":304,"props":4553,"children":4554},{},[4555,4557],{"type":232,"value":4556},"Stored in a GitHub Actions secret using this code",{"type":227,"tag":644,"props":4558,"children":4560},{"className":963,"code":4559,"language":965,"meta":207,"style":207},"new github.ActionsSecret(\"pulumiAccessToken\", {\n  repository: repository.name,\n  secretName: \"PULUMI_ACCESS_TOKEN\",\n  plaintextValue: config.requireSecret(\"pulumiTokenForRepository\"),\n});\n",[4561],{"type":227,"tag":310,"props":4562,"children":4563},{"__ignoreMap":207},[4564,4608,4635,4662,4711],{"type":227,"tag":654,"props":4565,"children":4566},{"class":656,"line":657},[4567,4571,4575,4579,4583,4587,4591,4596,4600,4604],{"type":227,"tag":654,"props":4568,"children":4569},{"style":667},[4570],{"type":232,"value":1624},{"type":227,"tag":654,"props":4572,"children":4573},{"style":661},[4574],{"type":232,"value":1056},{"type":227,"tag":654,"props":4576,"children":4577},{"style":667},[4578],{"type":232,"value":1061},{"type":227,"tag":654,"props":4580,"children":4581},{"style":1064},[4582],{"type":232,"value":2861},{"type":227,"tag":654,"props":4584,"children":4585},{"style":661},[4586],{"type":232,"value":1072},{"type":227,"tag":654,"props":4588,"children":4589},{"style":667},[4590],{"type":232,"value":262},{"type":227,"tag":654,"props":4592,"children":4593},{"style":700},[4594],{"type":232,"value":4595},"pulumiAccessToken",{"type":227,"tag":654,"props":4597,"children":4598},{"style":667},[4599],{"type":232,"value":262},{"type":227,"tag":654,"props":4601,"children":4602},{"style":667},[4603],{"type":232,"value":1090},{"type":227,"tag":654,"props":4605,"children":4606},{"style":667},[4607],{"type":232,"value":1095},{"type":227,"tag":654,"props":4609,"children":4610},{"class":656,"line":1019},[4611,4615,4619,4623,4627,4631],{"type":227,"tag":654,"props":4612,"children":4613},{"style":1102},[4614],{"type":232,"value":2683},{"type":227,"tag":654,"props":4616,"children":4617},{"style":667},[4618],{"type":232,"value":1110},{"type":227,"tag":654,"props":4620,"children":4621},{"style":661},[4622],{"type":232,"value":1230},{"type":227,"tag":654,"props":4624,"children":4625},{"style":667},[4626],{"type":232,"value":1061},{"type":227,"tag":654,"props":4628,"children":4629},{"style":661},[4630],{"type":232,"value":1263},{"type":227,"tag":654,"props":4632,"children":4633},{"style":667},[4634],{"type":232,"value":1127},{"type":227,"tag":654,"props":4636,"children":4637},{"class":656,"line":1029},[4638,4642,4646,4650,4654,4658],{"type":227,"tag":654,"props":4639,"children":4640},{"style":1102},[4641],{"type":232,"value":2920},{"type":227,"tag":654,"props":4643,"children":4644},{"style":667},[4645],{"type":232,"value":1110},{"type":227,"tag":654,"props":4647,"children":4648},{"style":667},[4649],{"type":232,"value":1003},{"type":227,"tag":654,"props":4651,"children":4652},{"style":700},[4653],{"type":232,"value":4514},{"type":227,"tag":654,"props":4655,"children":4656},{"style":667},[4657],{"type":232,"value":262},{"type":227,"tag":654,"props":4659,"children":4660},{"style":667},[4661],{"type":232,"value":1127},{"type":227,"tag":654,"props":4663,"children":4664},{"class":656,"line":1098},[4665,4669,4673,4677,4681,4686,4690,4694,4699,4703,4707],{"type":227,"tag":654,"props":4666,"children":4667},{"style":1102},[4668],{"type":232,"value":2948},{"type":227,"tag":654,"props":4670,"children":4671},{"style":667},[4672],{"type":232,"value":1110},{"type":227,"tag":654,"props":4674,"children":4675},{"style":661},[4676],{"type":232,"value":2361},{"type":227,"tag":654,"props":4678,"children":4679},{"style":667},[4680],{"type":232,"value":1061},{"type":227,"tag":654,"props":4682,"children":4683},{"style":1064},[4684],{"type":232,"value":4685},"requireSecret",{"type":227,"tag":654,"props":4687,"children":4688},{"style":661},[4689],{"type":232,"value":1072},{"type":227,"tag":654,"props":4691,"children":4692},{"style":667},[4693],{"type":232,"value":262},{"type":227,"tag":654,"props":4695,"children":4696},{"style":700},[4697],{"type":232,"value":4698},"pulumiTokenForRepository",{"type":227,"tag":654,"props":4700,"children":4701},{"style":667},[4702],{"type":232,"value":262},{"type":227,"tag":654,"props":4704,"children":4705},{"style":661},[4706],{"type":232,"value":1190},{"type":227,"tag":654,"props":4708,"children":4709},{"style":667},[4710],{"type":232,"value":1127},{"type":227,"tag":654,"props":4712,"children":4713},{"class":656,"line":1130},[4714,4718,4722],{"type":227,"tag":654,"props":4715,"children":4716},{"style":667},[4717],{"type":232,"value":1185},{"type":227,"tag":654,"props":4719,"children":4720},{"style":661},[4721],{"type":232,"value":1190},{"type":227,"tag":654,"props":4723,"children":4724},{"style":667},[4725],{"type":232,"value":1016},{"type":227,"tag":228,"props":4727,"children":4728},{},[4729],{"type":232,"value":4730},"The last thing to do is to add this workflow file to the GitHub repository:",{"type":227,"tag":644,"props":4732,"children":4734},{"className":963,"code":4733,"language":965,"meta":207,"style":207},"import { readFileSync } from \"fs\";\n\nconst pipelineContent = readFileSync(\"main.yml\", \"utf-8\");\nnew github.RepositoryFile(\"pipelineRepositoryFile\", {\n  repository: repository.name,\n  branch: \"main\",\n  file: \".github/workflows/main.yml\",\n  content: pipelineContent,\n  commitMessage: \"Add preconfigured pipeline file\",\n  commitAuthor: \"Alexandre Nédélec\",\n  commitEmail: \"15186176+TechWatching@users.noreply.github.com\",\n  overwriteOnCreate: true,\n});\n",[4735],{"type":227,"tag":310,"props":4736,"children":4737},{"__ignoreMap":207},[4738,4779,4786,4848,4893,4920,4948,4977,4998,5027,5056,5085,5106],{"type":227,"tag":654,"props":4739,"children":4740},{"class":656,"line":657},[4741,4745,4749,4754,4758,4762,4766,4771,4775],{"type":227,"tag":654,"props":4742,"children":4743},{"style":975},[4744],{"type":232,"value":978},{"type":227,"tag":654,"props":4746,"children":4747},{"style":667},[4748],{"type":232,"value":1450},{"type":227,"tag":654,"props":4750,"children":4751},{"style":661},[4752],{"type":232,"value":4753}," readFileSync",{"type":227,"tag":654,"props":4755,"children":4756},{"style":667},[4757],{"type":232,"value":1477},{"type":227,"tag":654,"props":4759,"children":4760},{"style":975},[4761],{"type":232,"value":2048},{"type":227,"tag":654,"props":4763,"children":4764},{"style":667},[4765],{"type":232,"value":1003},{"type":227,"tag":654,"props":4767,"children":4768},{"style":700},[4769],{"type":232,"value":4770},"fs",{"type":227,"tag":654,"props":4772,"children":4773},{"style":667},[4774],{"type":232,"value":262},{"type":227,"tag":654,"props":4776,"children":4777},{"style":667},[4778],{"type":232,"value":1016},{"type":227,"tag":654,"props":4780,"children":4781},{"class":656,"line":1019},[4782],{"type":227,"tag":654,"props":4783,"children":4784},{"emptyLinePlaceholder":1023},[4785],{"type":232,"value":1026},{"type":227,"tag":654,"props":4787,"children":4788},{"class":656,"line":1029},[4789,4793,4798,4802,4806,4810,4814,4819,4823,4827,4831,4836,4840,4844],{"type":227,"tag":654,"props":4790,"children":4791},{"style":1033},[4792],{"type":232,"value":1036},{"type":227,"tag":654,"props":4794,"children":4795},{"style":661},[4796],{"type":232,"value":4797}," pipelineContent ",{"type":227,"tag":654,"props":4799,"children":4800},{"style":667},[4801],{"type":232,"value":1046},{"type":227,"tag":654,"props":4803,"children":4804},{"style":1064},[4805],{"type":232,"value":4753},{"type":227,"tag":654,"props":4807,"children":4808},{"style":661},[4809],{"type":232,"value":1072},{"type":227,"tag":654,"props":4811,"children":4812},{"style":667},[4813],{"type":232,"value":262},{"type":227,"tag":654,"props":4815,"children":4816},{"style":700},[4817],{"type":232,"value":4818},"main.yml",{"type":227,"tag":654,"props":4820,"children":4821},{"style":667},[4822],{"type":232,"value":262},{"type":227,"tag":654,"props":4824,"children":4825},{"style":667},[4826],{"type":232,"value":1090},{"type":227,"tag":654,"props":4828,"children":4829},{"style":667},[4830],{"type":232,"value":1003},{"type":227,"tag":654,"props":4832,"children":4833},{"style":700},[4834],{"type":232,"value":4835},"utf-8",{"type":227,"tag":654,"props":4837,"children":4838},{"style":667},[4839],{"type":232,"value":262},{"type":227,"tag":654,"props":4841,"children":4842},{"style":661},[4843],{"type":232,"value":1190},{"type":227,"tag":654,"props":4845,"children":4846},{"style":667},[4847],{"type":232,"value":1016},{"type":227,"tag":654,"props":4849,"children":4850},{"class":656,"line":1098},[4851,4855,4859,4863,4868,4872,4876,4881,4885,4889],{"type":227,"tag":654,"props":4852,"children":4853},{"style":667},[4854],{"type":232,"value":1624},{"type":227,"tag":654,"props":4856,"children":4857},{"style":661},[4858],{"type":232,"value":1056},{"type":227,"tag":654,"props":4860,"children":4861},{"style":667},[4862],{"type":232,"value":1061},{"type":227,"tag":654,"props":4864,"children":4865},{"style":1064},[4866],{"type":232,"value":4867},"RepositoryFile",{"type":227,"tag":654,"props":4869,"children":4870},{"style":661},[4871],{"type":232,"value":1072},{"type":227,"tag":654,"props":4873,"children":4874},{"style":667},[4875],{"type":232,"value":262},{"type":227,"tag":654,"props":4877,"children":4878},{"style":700},[4879],{"type":232,"value":4880},"pipelineRepositoryFile",{"type":227,"tag":654,"props":4882,"children":4883},{"style":667},[4884],{"type":232,"value":262},{"type":227,"tag":654,"props":4886,"children":4887},{"style":667},[4888],{"type":232,"value":1090},{"type":227,"tag":654,"props":4890,"children":4891},{"style":667},[4892],{"type":232,"value":1095},{"type":227,"tag":654,"props":4894,"children":4895},{"class":656,"line":1130},[4896,4900,4904,4908,4912,4916],{"type":227,"tag":654,"props":4897,"children":4898},{"style":1102},[4899],{"type":232,"value":2683},{"type":227,"tag":654,"props":4901,"children":4902},{"style":667},[4903],{"type":232,"value":1110},{"type":227,"tag":654,"props":4905,"children":4906},{"style":661},[4907],{"type":232,"value":1230},{"type":227,"tag":654,"props":4909,"children":4910},{"style":667},[4911],{"type":232,"value":1061},{"type":227,"tag":654,"props":4913,"children":4914},{"style":661},[4915],{"type":232,"value":1263},{"type":227,"tag":654,"props":4917,"children":4918},{"style":667},[4919],{"type":232,"value":1127},{"type":227,"tag":654,"props":4921,"children":4922},{"class":656,"line":1160},[4923,4928,4932,4936,4940,4944],{"type":227,"tag":654,"props":4924,"children":4925},{"style":1102},[4926],{"type":232,"value":4927},"  branch",{"type":227,"tag":654,"props":4929,"children":4930},{"style":667},[4931],{"type":232,"value":1110},{"type":227,"tag":654,"props":4933,"children":4934},{"style":667},[4935],{"type":232,"value":1003},{"type":227,"tag":654,"props":4937,"children":4938},{"style":700},[4939],{"type":232,"value":315},{"type":227,"tag":654,"props":4941,"children":4942},{"style":667},[4943],{"type":232,"value":262},{"type":227,"tag":654,"props":4945,"children":4946},{"style":667},[4947],{"type":232,"value":1127},{"type":227,"tag":654,"props":4949,"children":4950},{"class":656,"line":1179},[4951,4956,4960,4964,4969,4973],{"type":227,"tag":654,"props":4952,"children":4953},{"style":1102},[4954],{"type":232,"value":4955},"  file",{"type":227,"tag":654,"props":4957,"children":4958},{"style":667},[4959],{"type":232,"value":1110},{"type":227,"tag":654,"props":4961,"children":4962},{"style":667},[4963],{"type":232,"value":1003},{"type":227,"tag":654,"props":4965,"children":4966},{"style":700},[4967],{"type":232,"value":4968},".github/workflows/main.yml",{"type":227,"tag":654,"props":4970,"children":4971},{"style":667},[4972],{"type":232,"value":262},{"type":227,"tag":654,"props":4974,"children":4975},{"style":667},[4976],{"type":232,"value":1127},{"type":227,"tag":654,"props":4978,"children":4979},{"class":656,"line":1197},[4980,4985,4989,4994],{"type":227,"tag":654,"props":4981,"children":4982},{"style":1102},[4983],{"type":232,"value":4984},"  content",{"type":227,"tag":654,"props":4986,"children":4987},{"style":667},[4988],{"type":232,"value":1110},{"type":227,"tag":654,"props":4990,"children":4991},{"style":661},[4992],{"type":232,"value":4993}," pipelineContent",{"type":227,"tag":654,"props":4995,"children":4996},{"style":667},[4997],{"type":232,"value":1127},{"type":227,"tag":654,"props":4999,"children":5000},{"class":656,"line":1205},[5001,5006,5010,5014,5019,5023],{"type":227,"tag":654,"props":5002,"children":5003},{"style":1102},[5004],{"type":232,"value":5005},"  commitMessage",{"type":227,"tag":654,"props":5007,"children":5008},{"style":667},[5009],{"type":232,"value":1110},{"type":227,"tag":654,"props":5011,"children":5012},{"style":667},[5013],{"type":232,"value":1003},{"type":227,"tag":654,"props":5015,"children":5016},{"style":700},[5017],{"type":232,"value":5018},"Add preconfigured pipeline file",{"type":227,"tag":654,"props":5020,"children":5021},{"style":667},[5022],{"type":232,"value":262},{"type":227,"tag":654,"props":5024,"children":5025},{"style":667},[5026],{"type":232,"value":1127},{"type":227,"tag":654,"props":5028,"children":5029},{"class":656,"line":3036},[5030,5035,5039,5043,5048,5052],{"type":227,"tag":654,"props":5031,"children":5032},{"style":1102},[5033],{"type":232,"value":5034},"  commitAuthor",{"type":227,"tag":654,"props":5036,"children":5037},{"style":667},[5038],{"type":232,"value":1110},{"type":227,"tag":654,"props":5040,"children":5041},{"style":667},[5042],{"type":232,"value":1003},{"type":227,"tag":654,"props":5044,"children":5045},{"style":700},[5046],{"type":232,"value":5047},"Alexandre Nédélec",{"type":227,"tag":654,"props":5049,"children":5050},{"style":667},[5051],{"type":232,"value":262},{"type":227,"tag":654,"props":5053,"children":5054},{"style":667},[5055],{"type":232,"value":1127},{"type":227,"tag":654,"props":5057,"children":5058},{"class":656,"line":3064},[5059,5064,5068,5072,5077,5081],{"type":227,"tag":654,"props":5060,"children":5061},{"style":1102},[5062],{"type":232,"value":5063},"  commitEmail",{"type":227,"tag":654,"props":5065,"children":5066},{"style":667},[5067],{"type":232,"value":1110},{"type":227,"tag":654,"props":5069,"children":5070},{"style":667},[5071],{"type":232,"value":1003},{"type":227,"tag":654,"props":5073,"children":5074},{"style":700},[5075],{"type":232,"value":5076},"15186176+TechWatching@users.noreply.github.com",{"type":227,"tag":654,"props":5078,"children":5079},{"style":667},[5080],{"type":232,"value":262},{"type":227,"tag":654,"props":5082,"children":5083},{"style":667},[5084],{"type":232,"value":1127},{"type":227,"tag":654,"props":5086,"children":5087},{"class":656,"line":3093},[5088,5093,5097,5102],{"type":227,"tag":654,"props":5089,"children":5090},{"style":1102},[5091],{"type":232,"value":5092},"  overwriteOnCreate",{"type":227,"tag":654,"props":5094,"children":5095},{"style":667},[5096],{"type":232,"value":1110},{"type":227,"tag":654,"props":5098,"children":5099},{"style":1173},[5100],{"type":232,"value":5101}," true",{"type":227,"tag":654,"props":5103,"children":5104},{"style":667},[5105],{"type":232,"value":1127},{"type":227,"tag":654,"props":5107,"children":5108},{"class":656,"line":3121},[5109,5113,5117],{"type":227,"tag":654,"props":5110,"children":5111},{"style":667},[5112],{"type":232,"value":1185},{"type":227,"tag":654,"props":5114,"children":5115},{"style":661},[5116],{"type":232,"value":1190},{"type":227,"tag":654,"props":5118,"children":5119},{"style":667},[5120],{"type":232,"value":1016},{"type":227,"tag":228,"props":5122,"children":5123},{},[5124],{"type":232,"value":5125},"This code:",{"type":227,"tag":2601,"props":5127,"children":5128},{},[5129,5141,5153],{"type":227,"tag":304,"props":5130,"children":5131},{},[5132,5134,5139],{"type":232,"value":5133},"reads the ",{"type":227,"tag":310,"props":5135,"children":5137},{"className":5136},[],[5138],{"type":232,"value":4818},{"type":232,"value":5140}," file that contains the workflow we saw previously",{"type":227,"tag":304,"props":5142,"children":5143},{},[5144,5146,5151],{"type":232,"value":5145},"creates a file with this content in the repository in the ",{"type":227,"tag":310,"props":5147,"children":5149},{"className":5148},[],[5150],{"type":232,"value":333},{"type":232,"value":5152}," folder for the GitHub Actions workflows",{"type":227,"tag":304,"props":5154,"children":5155},{},[5156],{"type":232,"value":5157},"makes a commit when creating the file (or modifying it)",{"type":227,"tag":411,"props":5159,"children":5160},{"icon":464},[5161],{"type":227,"tag":228,"props":5162,"children":5163},{},[5164,5166,5172,5174,5179],{"type":232,"value":5165},"To read the YAML file, I use the ",{"type":227,"tag":310,"props":5167,"children":5169},{"className":5168},[],[5170],{"type":232,"value":5171},"readFileSync",{"type":232,"value":5173}," method from the File System API ",{"type":227,"tag":310,"props":5175,"children":5177},{"className":5176},[],[5178],{"type":232,"value":4770},{"type":232,"value":5180},". That's one of the things I love about Pulumi: you use the things you already know and that already exist in your ecosystem. No need to look for a module or wait for someone to write one, there is probably something standard or a popular community library you can use.",{"type":227,"tag":252,"props":5182,"children":5184},{"id":5183},"test-the-azure-ready-github-repository",[5185],{"type":232,"value":5186},"Test the Azure-Ready GitHub Repository",{"type":227,"tag":228,"props":5188,"children":5189},{},[5190,5192,5197],{"type":232,"value":5191},"Now that the infrastructure code to provision the Azure-Ready GitHub repository is written, let's run it with the ",{"type":227,"tag":310,"props":5193,"children":5195},{"className":5194},[],[5196],{"type":232,"value":4387},{"type":232,"value":5198}," command and see if it works!",{"type":227,"tag":228,"props":5200,"children":5201},{},[5202],{"type":227,"tag":273,"props":5203,"children":5208},{"alt":5204,"className":5205,"src":5206,"width":5207},"Ouput of the pulumi up command with all the resources created.",[277,278],"/posts/images/azurereadygithub_pulumi_1.webp",1000,[],{"type":227,"tag":228,"props":5210,"children":5211},{},[5212],{"type":232,"value":5213},"All the resources are correctly created and our new GitHub repository is ready to be used.",{"type":227,"tag":228,"props":5215,"children":5216},{},[5217],{"type":227,"tag":273,"props":5218,"children":5222},{"alt":5219,"className":5220,"src":5221},"Picture of the Azure Ready GitHub repository",[277,278],"/posts/images/azurereadygithub_github_2.webp",[],{"type":227,"tag":228,"props":5224,"children":5225},{},[5226],{"type":232,"value":5227},"Let's clone it.",{"type":227,"tag":644,"props":5229,"children":5233},{"className":5230,"code":5231,"language":5232,"meta":207,"style":207},"language-bash shiki shiki-themes material-theme-lighter material-theme material-theme-palenight","git clone https://github.com/TechWatching/azure-ready-repository; cd azure-ready-repository\n","bash",[5234],{"type":227,"tag":310,"props":5235,"children":5236},{"__ignoreMap":207},[5237],{"type":227,"tag":654,"props":5238,"children":5239},{"class":656,"line":657},[5240,5246,5251,5256,5261,5266],{"type":227,"tag":654,"props":5241,"children":5243},{"style":5242},"--shiki-light:#E2931D;--shiki-default:#FFCB6B;--shiki-dark:#FFCB6B",[5244],{"type":232,"value":5245},"git",{"type":227,"tag":654,"props":5247,"children":5248},{"style":700},[5249],{"type":232,"value":5250}," clone",{"type":227,"tag":654,"props":5252,"children":5253},{"style":700},[5254],{"type":232,"value":5255}," https://github.com/TechWatching/azure-ready-repository",{"type":227,"tag":654,"props":5257,"children":5258},{"style":667},[5259],{"type":232,"value":5260},";",{"type":227,"tag":654,"props":5262,"children":5263},{"style":1064},[5264],{"type":232,"value":5265}," cd",{"type":227,"tag":654,"props":5267,"children":5268},{"style":700},[5269],{"type":232,"value":5270}," azure-ready-repository\n",{"type":227,"tag":228,"props":5272,"children":5273},{},[5274],{"type":232,"value":5275},"We want to verify that the GitHub project is properly configured and can provision Azure resources from its GitHub Actions workflow.",{"type":227,"tag":228,"props":5277,"children":5278},{},[5279],{"type":232,"value":5280},"Let's add some infrastructure code that provisions a few Azure resources to check that:",{"type":227,"tag":644,"props":5282,"children":5284},{"className":5230,"code":5283,"language":5232,"meta":207,"style":207},"pulumi new azure-typescript -n \"AzureReadyGitHuRepository\" -y --force\n",[5285],{"type":227,"tag":310,"props":5286,"children":5287},{"__ignoreMap":207},[5288],{"type":227,"tag":654,"props":5289,"children":5290},{"class":656,"line":657},[5291,5296,5300,5305,5310,5314,5319,5323,5328],{"type":227,"tag":654,"props":5292,"children":5293},{"style":5242},[5294],{"type":232,"value":5295},"pulumi",{"type":227,"tag":654,"props":5297,"children":5298},{"style":700},[5299],{"type":232,"value":1051},{"type":227,"tag":654,"props":5301,"children":5302},{"style":700},[5303],{"type":232,"value":5304}," azure-typescript",{"type":227,"tag":654,"props":5306,"children":5307},{"style":700},[5308],{"type":232,"value":5309}," -n",{"type":227,"tag":654,"props":5311,"children":5312},{"style":667},[5313],{"type":232,"value":1003},{"type":227,"tag":654,"props":5315,"children":5316},{"style":700},[5317],{"type":232,"value":5318},"AzureReadyGitHuRepository",{"type":227,"tag":654,"props":5320,"children":5321},{"style":667},[5322],{"type":232,"value":262},{"type":227,"tag":654,"props":5324,"children":5325},{"style":700},[5326],{"type":232,"value":5327}," -y",{"type":227,"tag":654,"props":5329,"children":5330},{"style":700},[5331],{"type":232,"value":5332}," --force\n",{"type":227,"tag":228,"props":5334,"children":5335},{},[5336,5337,5343],{"type":232,"value":1909},{"type":227,"tag":310,"props":5338,"children":5340},{"className":5339},[],[5341],{"type":232,"value":5342},"--force",{"type":232,"value":5344}," option allows us to create the code within a non-empty directory.",{"type":227,"tag":228,"props":5346,"children":5347},{},[5348,5350,5356],{"type":232,"value":5349},"I used the ",{"type":227,"tag":310,"props":5351,"children":5353},{"className":5352},[],[5354],{"type":232,"value":5355},"azure-typescript",{"type":232,"value":5357}," template that creates a storage account and outputs retrieve its primary access key.",{"type":227,"tag":411,"props":5359,"children":5360},{"icon":450},[5361],{"type":227,"tag":228,"props":5362,"children":5363},{},[5364,5366,5373],{"type":232,"value":5365},"In the SDK, the outputs of the function that lists the storage access keys are not currently marked as secrets. There is currently an ",{"type":227,"tag":482,"props":5367,"children":5370},{"href":5368,"rel":5369},"https://github.com/pulumi/pulumi-azure-native/issues/2408",[486],[5371],{"type":232,"value":5372},"open issue",{"type":232,"value":5374}," to change that but in the meantime, I have just modified the code to label the stack output as secret ensuring its encryption.",{"type":227,"tag":228,"props":5376,"children":5377},{},[5378,5380,5386,5388,5394],{"type":232,"value":5379},"Let's run a ",{"type":227,"tag":310,"props":5381,"children":5383},{"className":5382},[],[5384],{"type":232,"value":5385},"pnpm install",{"type":232,"value":5387}," to install the dependencies and generate the ",{"type":227,"tag":310,"props":5389,"children":5391},{"className":5390},[],[5392],{"type":232,"value":5393},"pnpm-lock.yaml",{"type":232,"value":5395}," file. Then, we can push the code to GitHub and run the pipeline to see how it goes.",{"type":227,"tag":228,"props":5397,"children":5398},{},[5399],{"type":227,"tag":273,"props":5400,"children":5404},{"alt":5401,"className":5402,"src":5403},"Logs of the pipeline run showing that the workflow successfully created a storage account.",[277,278],"/posts/images/azurereadygithub_github_3.webp",[],{"type":227,"tag":228,"props":5406,"children":5407},{},[5408],{"type":232,"value":5409},"That's it, we succeeded to provision a storage account from our new GitHub repository whose creation and configuration were entirely automated using Pulumi.",{"type":227,"tag":252,"props":5411,"children":5413},{"id":5412},"to-conclude",[5414],{"type":232,"value":5415},"To conclude",{"type":227,"tag":282,"props":5417,"children":5419},{"id":5418},"additional-information",[5420],{"type":232,"value":5421},"Additional information",{"type":227,"tag":228,"props":5423,"children":5424},{},[5425],{"type":232,"value":5426},"There are different platforms you can use to host your Git repositories: GitHub, GitLab, and Azure DevOps to name a few. We use GitHub in this article but you can easily apply the same logic with other platforms (Pulumi has providers for GitLab and Azure DevOps as well).",{"type":227,"tag":228,"props":5428,"children":5429},{},[5430],{"type":232,"value":5431},"Even though the Azure-Ready GitHub repository is provisioned using Pulumi, there's nothing stopping you from using another Infrastructure as Code solution that supports Azure OIDC (such as Azure CLI, which was mentioned in the article, Azure Bicep, or even Terraform) in the GitHub Actions workflow of the created repository. You don't even have to provision infrastructure; you can use this workflow to simply deploy an application to an existing Azure resource.",{"type":227,"tag":282,"props":5433,"children":5435},{"id":5434},"potential-enhancements",[5436],{"type":232,"value":5437},"Potential Enhancements",{"type":227,"tag":228,"props":5439,"children":5440},{},[5441],{"type":232,"value":5442},"There are many aspects that could be improved in the infrastructure code provisioning the Azure-Ready GitHub repository, but I believe the current solution serves as a good starting point. Nevertheless, here are some ideas for potential enhancements:",{"type":227,"tag":300,"props":5444,"children":5445},{},[5446,5451,5456],{"type":227,"tag":304,"props":5447,"children":5448},{},[5449],{"type":232,"value":5450},"make additional items, such as the commit author, configurable",{"type":227,"tag":304,"props":5452,"children":5453},{},[5454],{"type":232,"value":5455},"authorize an environment and not only a branch to retrieve an Azure token",{"type":227,"tag":304,"props":5457,"children":5458},{},[5459],{"type":232,"value":5460},"use environment variables/secrets instead of variable/secrets at the repository scope",{"type":227,"tag":228,"props":5462,"children":5463},{},[5464],{"type":232,"value":5465},"I think it would be interesting as well to put that code behind an API or a Web application using Pulumi Automation API to have a self-service solution to create Azure-Ready GitHub repository on the fly.",{"type":227,"tag":282,"props":5467,"children":5469},{"id":5468},"related-articles",[5470],{"type":232,"value":5471},"Related articles",{"type":227,"tag":228,"props":5473,"children":5474},{},[5475],{"type":232,"value":5476},"Here are some articles on the same topic I wanted to mention:",{"type":227,"tag":300,"props":5478,"children":5479},{},[5480,5512,5540],{"type":227,"tag":304,"props":5481,"children":5482},{},[5483,5494,5496,5501,5505,5510],{"type":227,"tag":482,"props":5484,"children":5487},{"href":5485,"rel":5486},"https://leebriggs.co.uk/blog/2022/01/23/gha-cloud-credentials",[486],[5488],{"type":227,"tag":5489,"props":5490,"children":5491},"strong",{},[5492],{"type":232,"value":5493},"Stop using static cloud credentials in GitHub Actions",{"type":232,"value":5495}," ",{"type":227,"tag":5489,"props":5497,"children":5498},{},[5499],{"type":232,"value":5500},"by Lee Briggs",{"type":227,"tag":5502,"props":5503,"children":5504},"br",{},[],{"type":227,"tag":5489,"props":5506,"children":5507},{},[5508],{"type":232,"value":5509},"➡️",{"type":232,"value":5511}," This post provides examples for configuring OIDC authentication with GitHub Actions for AWS, Azure, and GCP. The code for Azure is quite similar to the code I showed here. Yet, it doesn't go so far as to initialize a pipeline ready to deploy resources with Pulumi. Anyway, it's awesome to have the code for all 3 major providers.",{"type":227,"tag":304,"props":5513,"children":5514},{},[5515,5525,5526,5531,5534,5538],{"type":227,"tag":482,"props":5516,"children":5519},{"href":5517,"rel":5518},"https://xaviergeerinck.com/2023/05/16/configuring-github-actions-to-azure-authentication-with-oidc/",[486],[5520],{"type":227,"tag":5489,"props":5521,"children":5522},{},[5523],{"type":232,"value":5524},"Configuring GitHub Actions to Azure authentication with OIDC",{"type":232,"value":5495},{"type":227,"tag":5489,"props":5527,"children":5528},{},[5529],{"type":232,"value":5530},"by Xavier Geerinck",{"type":227,"tag":5502,"props":5532,"children":5533},{},[],{"type":227,"tag":5489,"props":5535,"children":5536},{},[5537],{"type":232,"value":5509},{"type":232,"value":5539},"This post also shows how to configure OIDC authentication with GitHub Actions and Azure but using an Azure CLI script. Although the GitHub repository creation and configuration are done manually, automating the Azure part with a few lines of script is nice.",{"type":227,"tag":304,"props":5541,"children":5542},{},[5543,5553,5554,5559,5562],{"type":227,"tag":482,"props":5544,"children":5547},{"href":5545,"rel":5546},"https://samcogan.com/getting-rid-of-passwords-for-deployment-with-pulumi-oidc-support/",[486],[5548],{"type":227,"tag":5489,"props":5549,"children":5550},{},[5551],{"type":232,"value":5552},"Getting Rid of Passwords for Deployment with Pulumi OIDC Support",{"type":232,"value":5495},{"type":227,"tag":5489,"props":5555,"children":5556},{},[5557],{"type":232,"value":5558},"by Sam Cogan",{"type":227,"tag":5502,"props":5560,"children":5561},{},[],{"type":232,"value":5563},"\n➡️ If you don't care about automating everything and simply want to configure OIDC authentication through the Azure portal, that's the post you will want to read. There is also an example of a pipeline to provision Azure infrastructure using a .NET Pulumi program.",{"type":227,"tag":282,"props":5565,"children":5567},{"id":5566},"complete-code-solution",[5568],{"type":232,"value":5569},"Complete code solution",{"type":227,"tag":228,"props":5571,"children":5572},{},[5573],{"type":232,"value":5574},"In this article, I aimed to provide a step-by-step explanation of how to automate the creation of a GitHub repository with a properly configured workflow to interact with Azure using OpenID Connect. Consequently, the article turned out to be quite lengthy. I apologize for that, but I didn't want to present the code without adequate explanation.",{"type":227,"tag":228,"props":5576,"children":5577},{},[5578],{"type":232,"value":5579},"Anyway, now that we've covered everything, here is the complete code, which is just 75 lines long:",{"type":227,"tag":644,"props":5581,"children":5583},{"className":963,"code":5582,"language":965,"meta":207,"style":207},"import * as pulumi from \"@pulumi/pulumi\";\nimport * as github from \"@pulumi/github\";\nimport * as azuread from \"@pulumi/azuread\";\nimport * as authorization from \"@pulumi/azure-native/authorization\";\nimport { azureBuiltInRoles } from \"./builtInRoles\";\nimport { readFileSync } from \"fs\";\n\nconst config = new pulumi.Config();\n\nconst repository = new github.Repository(\"azure-ready-repository\", {\n  name: \"azure-ready-repository\",\n  visibility: \"public\",\n  autoInit: true\n});\n\nexport const repositoryCloneUrl = repository.httpCloneUrl;\n\nconst aadApplication = new azuread.Application(\"AzureReadyApp\", { displayName: \"Azure Ready App\" });\nconst servicePrincipal = new azuread.ServicePrincipal(\"AzureReadyServicePrincipal\", {\n  applicationId: aadApplication.applicationId,\n});\nnew azuread.ApplicationFederatedIdentityCredential(\"AzureReadyAppFederatedIdentityCredential\", {\n  applicationObjectId: aadApplication.objectId,\n  displayName: \"AzureReadyDeploys\",\n  description: \"Deployments for azure-ready-repository\",\n  audiences: [\"api://AzureADTokenExchange\"],\n  issuer: \"https://token.actions.githubusercontent.com\",\n  subject: pulumi.interpolate`repo:${repository.fullName}:ref:refs/heads/main`,\n});\n\nconst azureConfig = pulumi.output(authorization.getClientConfig());\nconst subscriptionId = azureConfig.subscriptionId;\n\nnew authorization.RoleAssignment(\"contributor\", {\n  principalId: servicePrincipal.id,\n  principalType: authorization.PrincipalType.ServicePrincipal,\n  roleDefinitionId: azureBuiltInRoles.contributor,\n  scope: pulumi.interpolate`/subscriptions/${subscriptionId}`,\n});\n\nnew github.ActionsSecret(\"tenantId\", {\n  repository: repository.name,\n  secretName: \"ARM_TENANT_ID\",\n  plaintextValue: azureConfig.tenantId,\n});\n\nnew github.ActionsSecret(\"subscriptionId\", {\n  repository: repository.name,\n  secretName: \"ARM_SUBSCRIPTION_ID\",\n  plaintextValue: azureConfig.subscriptionId,\n});\n\nnew github.ActionsSecret(\"clientId\", {\n  repository: repository.name,\n  secretName: \"ARM_CLIENT_ID\",\n  plaintextValue: aadApplication.applicationId,\n});\n\nnew github.ActionsSecret(\"pulumiAccessToken\", {\n  repository: repository.name,\n  secretName: \"PULUMI_ACCESS_TOKEN\",\n  plaintextValue: config.requireSecret(\"pulumiTokenForRepository\"),\n});\n\nconst pipelineContent = readFileSync(\"main.yml\", \"utf-8\");\nnew github.RepositoryFile(\"pipelineRepositoryFile\", {\n  repository: repository.name,\n  branch: \"main\",\n  file: \".github/workflows/main.yml\",\n  content: pipelineContent,\n  commitMessage: \"Add preconfigured pipeline file\",\n  commitAuthor: \"Alexandre Nédélec\",\n  commitEmail: \"15186176+TechWatching@users.noreply.github.com\",\n  overwriteOnCreate: true,\n});\n",[5584],{"type":227,"tag":310,"props":5585,"children":5586},{"__ignoreMap":207},[5587,5628,5667,5706,5745,5784,5823,5830,5869,5876,5931,5958,5985,6000,6015,6022,6057,6064,6151,6207,6234,6249,6292,6319,6346,6373,6408,6435,6498,6513,6520,6567,6598,6605,6648,6675,6710,6737,6784,6799,6806,6849,6877,6905,6933,6949,6957,7001,7029,7057,7085,7101,7109,7153,7181,7209,7237,7253,7261,7305,7333,7361,7409,7425,7433,7493,7537,7565,7593,7621,7641,7669,7697,7725,7745],{"type":227,"tag":654,"props":5588,"children":5589},{"class":656,"line":657},[5590,5594,5598,5602,5607,5611,5615,5620,5624],{"type":227,"tag":654,"props":5591,"children":5592},{"style":975},[5593],{"type":232,"value":978},{"type":227,"tag":654,"props":5595,"children":5596},{"style":667},[5597],{"type":232,"value":983},{"type":227,"tag":654,"props":5599,"children":5600},{"style":975},[5601],{"type":232,"value":988},{"type":227,"tag":654,"props":5603,"children":5604},{"style":661},[5605],{"type":232,"value":5606}," pulumi ",{"type":227,"tag":654,"props":5608,"children":5609},{"style":975},[5610],{"type":232,"value":998},{"type":227,"tag":654,"props":5612,"children":5613},{"style":667},[5614],{"type":232,"value":1003},{"type":227,"tag":654,"props":5616,"children":5617},{"style":700},[5618],{"type":232,"value":5619},"@pulumi/pulumi",{"type":227,"tag":654,"props":5621,"children":5622},{"style":667},[5623],{"type":232,"value":262},{"type":227,"tag":654,"props":5625,"children":5626},{"style":667},[5627],{"type":232,"value":1016},{"type":227,"tag":654,"props":5629,"children":5630},{"class":656,"line":1019},[5631,5635,5639,5643,5647,5651,5655,5659,5663],{"type":227,"tag":654,"props":5632,"children":5633},{"style":975},[5634],{"type":232,"value":978},{"type":227,"tag":654,"props":5636,"children":5637},{"style":667},[5638],{"type":232,"value":983},{"type":227,"tag":654,"props":5640,"children":5641},{"style":975},[5642],{"type":232,"value":988},{"type":227,"tag":654,"props":5644,"children":5645},{"style":661},[5646],{"type":232,"value":993},{"type":227,"tag":654,"props":5648,"children":5649},{"style":975},[5650],{"type":232,"value":998},{"type":227,"tag":654,"props":5652,"children":5653},{"style":667},[5654],{"type":232,"value":1003},{"type":227,"tag":654,"props":5656,"children":5657},{"style":700},[5658],{"type":232,"value":885},{"type":227,"tag":654,"props":5660,"children":5661},{"style":667},[5662],{"type":232,"value":262},{"type":227,"tag":654,"props":5664,"children":5665},{"style":667},[5666],{"type":232,"value":1016},{"type":227,"tag":654,"props":5668,"children":5669},{"class":656,"line":1029},[5670,5674,5678,5682,5686,5690,5694,5698,5702],{"type":227,"tag":654,"props":5671,"children":5672},{"style":975},[5673],{"type":232,"value":978},{"type":227,"tag":654,"props":5675,"children":5676},{"style":667},[5677],{"type":232,"value":983},{"type":227,"tag":654,"props":5679,"children":5680},{"style":975},[5681],{"type":232,"value":988},{"type":227,"tag":654,"props":5683,"children":5684},{"style":661},[5685],{"type":232,"value":1363},{"type":227,"tag":654,"props":5687,"children":5688},{"style":975},[5689],{"type":232,"value":998},{"type":227,"tag":654,"props":5691,"children":5692},{"style":667},[5693],{"type":232,"value":1003},{"type":227,"tag":654,"props":5695,"children":5696},{"style":700},[5697],{"type":232,"value":880},{"type":227,"tag":654,"props":5699,"children":5700},{"style":667},[5701],{"type":232,"value":262},{"type":227,"tag":654,"props":5703,"children":5704},{"style":667},[5705],{"type":232,"value":1016},{"type":227,"tag":654,"props":5707,"children":5708},{"class":656,"line":1098},[5709,5713,5717,5721,5725,5729,5733,5737,5741],{"type":227,"tag":654,"props":5710,"children":5711},{"style":975},[5712],{"type":232,"value":978},{"type":227,"tag":654,"props":5714,"children":5715},{"style":667},[5716],{"type":232,"value":983},{"type":227,"tag":654,"props":5718,"children":5719},{"style":975},[5720],{"type":232,"value":988},{"type":227,"tag":654,"props":5722,"children":5723},{"style":661},[5724],{"type":232,"value":2002},{"type":227,"tag":654,"props":5726,"children":5727},{"style":975},[5728],{"type":232,"value":998},{"type":227,"tag":654,"props":5730,"children":5731},{"style":667},[5732],{"type":232,"value":1003},{"type":227,"tag":654,"props":5734,"children":5735},{"style":700},[5736],{"type":232,"value":2015},{"type":227,"tag":654,"props":5738,"children":5739},{"style":667},[5740],{"type":232,"value":262},{"type":227,"tag":654,"props":5742,"children":5743},{"style":667},[5744],{"type":232,"value":1016},{"type":227,"tag":654,"props":5746,"children":5747},{"class":656,"line":1130},[5748,5752,5756,5760,5764,5768,5772,5776,5780],{"type":227,"tag":654,"props":5749,"children":5750},{"style":975},[5751],{"type":232,"value":978},{"type":227,"tag":654,"props":5753,"children":5754},{"style":667},[5755],{"type":232,"value":1450},{"type":227,"tag":654,"props":5757,"children":5758},{"style":661},[5759],{"type":232,"value":2039},{"type":227,"tag":654,"props":5761,"children":5762},{"style":667},[5763],{"type":232,"value":1477},{"type":227,"tag":654,"props":5765,"children":5766},{"style":975},[5767],{"type":232,"value":2048},{"type":227,"tag":654,"props":5769,"children":5770},{"style":667},[5771],{"type":232,"value":1003},{"type":227,"tag":654,"props":5773,"children":5774},{"style":700},[5775],{"type":232,"value":2057},{"type":227,"tag":654,"props":5777,"children":5778},{"style":667},[5779],{"type":232,"value":262},{"type":227,"tag":654,"props":5781,"children":5782},{"style":667},[5783],{"type":232,"value":1016},{"type":227,"tag":654,"props":5785,"children":5786},{"class":656,"line":1160},[5787,5791,5795,5799,5803,5807,5811,5815,5819],{"type":227,"tag":654,"props":5788,"children":5789},{"style":975},[5790],{"type":232,"value":978},{"type":227,"tag":654,"props":5792,"children":5793},{"style":667},[5794],{"type":232,"value":1450},{"type":227,"tag":654,"props":5796,"children":5797},{"style":661},[5798],{"type":232,"value":4753},{"type":227,"tag":654,"props":5800,"children":5801},{"style":667},[5802],{"type":232,"value":1477},{"type":227,"tag":654,"props":5804,"children":5805},{"style":975},[5806],{"type":232,"value":2048},{"type":227,"tag":654,"props":5808,"children":5809},{"style":667},[5810],{"type":232,"value":1003},{"type":227,"tag":654,"props":5812,"children":5813},{"style":700},[5814],{"type":232,"value":4770},{"type":227,"tag":654,"props":5816,"children":5817},{"style":667},[5818],{"type":232,"value":262},{"type":227,"tag":654,"props":5820,"children":5821},{"style":667},[5822],{"type":232,"value":1016},{"type":227,"tag":654,"props":5824,"children":5825},{"class":656,"line":1179},[5826],{"type":227,"tag":654,"props":5827,"children":5828},{"emptyLinePlaceholder":1023},[5829],{"type":232,"value":1026},{"type":227,"tag":654,"props":5831,"children":5832},{"class":656,"line":1197},[5833,5837,5841,5845,5849,5853,5857,5861,5865],{"type":227,"tag":654,"props":5834,"children":5835},{"style":1033},[5836],{"type":232,"value":1036},{"type":227,"tag":654,"props":5838,"children":5839},{"style":661},[5840],{"type":232,"value":2310},{"type":227,"tag":654,"props":5842,"children":5843},{"style":667},[5844],{"type":232,"value":1046},{"type":227,"tag":654,"props":5846,"children":5847},{"style":667},[5848],{"type":232,"value":1051},{"type":227,"tag":654,"props":5850,"children":5851},{"style":661},[5852],{"type":232,"value":1834},{"type":227,"tag":654,"props":5854,"children":5855},{"style":667},[5856],{"type":232,"value":1061},{"type":227,"tag":654,"props":5858,"children":5859},{"style":1064},[5860],{"type":232,"value":2331},{"type":227,"tag":654,"props":5862,"children":5863},{"style":661},[5864],{"type":232,"value":2336},{"type":227,"tag":654,"props":5866,"children":5867},{"style":667},[5868],{"type":232,"value":1016},{"type":227,"tag":654,"props":5870,"children":5871},{"class":656,"line":1205},[5872],{"type":227,"tag":654,"props":5873,"children":5874},{"emptyLinePlaceholder":1023},[5875],{"type":232,"value":1026},{"type":227,"tag":654,"props":5877,"children":5878},{"class":656,"line":3036},[5879,5883,5887,5891,5895,5899,5903,5907,5911,5915,5919,5923,5927],{"type":227,"tag":654,"props":5880,"children":5881},{"style":1033},[5882],{"type":232,"value":1036},{"type":227,"tag":654,"props":5884,"children":5885},{"style":661},[5886],{"type":232,"value":1041},{"type":227,"tag":654,"props":5888,"children":5889},{"style":667},[5890],{"type":232,"value":1046},{"type":227,"tag":654,"props":5892,"children":5893},{"style":667},[5894],{"type":232,"value":1051},{"type":227,"tag":654,"props":5896,"children":5897},{"style":661},[5898],{"type":232,"value":1056},{"type":227,"tag":654,"props":5900,"children":5901},{"style":667},[5902],{"type":232,"value":1061},{"type":227,"tag":654,"props":5904,"children":5905},{"style":1064},[5906],{"type":232,"value":1067},{"type":227,"tag":654,"props":5908,"children":5909},{"style":661},[5910],{"type":232,"value":1072},{"type":227,"tag":654,"props":5912,"children":5913},{"style":667},[5914],{"type":232,"value":262},{"type":227,"tag":654,"props":5916,"children":5917},{"style":700},[5918],{"type":232,"value":1081},{"type":227,"tag":654,"props":5920,"children":5921},{"style":667},[5922],{"type":232,"value":262},{"type":227,"tag":654,"props":5924,"children":5925},{"style":667},[5926],{"type":232,"value":1090},{"type":227,"tag":654,"props":5928,"children":5929},{"style":667},[5930],{"type":232,"value":1095},{"type":227,"tag":654,"props":5932,"children":5933},{"class":656,"line":3064},[5934,5938,5942,5946,5950,5954],{"type":227,"tag":654,"props":5935,"children":5936},{"style":1102},[5937],{"type":232,"value":1105},{"type":227,"tag":654,"props":5939,"children":5940},{"style":667},[5941],{"type":232,"value":1110},{"type":227,"tag":654,"props":5943,"children":5944},{"style":667},[5945],{"type":232,"value":1003},{"type":227,"tag":654,"props":5947,"children":5948},{"style":700},[5949],{"type":232,"value":1081},{"type":227,"tag":654,"props":5951,"children":5952},{"style":667},[5953],{"type":232,"value":262},{"type":227,"tag":654,"props":5955,"children":5956},{"style":667},[5957],{"type":232,"value":1127},{"type":227,"tag":654,"props":5959,"children":5960},{"class":656,"line":3093},[5961,5965,5969,5973,5977,5981],{"type":227,"tag":654,"props":5962,"children":5963},{"style":1102},[5964],{"type":232,"value":1136},{"type":227,"tag":654,"props":5966,"children":5967},{"style":667},[5968],{"type":232,"value":1110},{"type":227,"tag":654,"props":5970,"children":5971},{"style":667},[5972],{"type":232,"value":1003},{"type":227,"tag":654,"props":5974,"children":5975},{"style":700},[5976],{"type":232,"value":1149},{"type":227,"tag":654,"props":5978,"children":5979},{"style":667},[5980],{"type":232,"value":262},{"type":227,"tag":654,"props":5982,"children":5983},{"style":667},[5984],{"type":232,"value":1127},{"type":227,"tag":654,"props":5986,"children":5987},{"class":656,"line":3121},[5988,5992,5996],{"type":227,"tag":654,"props":5989,"children":5990},{"style":1102},[5991],{"type":232,"value":1166},{"type":227,"tag":654,"props":5993,"children":5994},{"style":667},[5995],{"type":232,"value":1110},{"type":227,"tag":654,"props":5997,"children":5998},{"style":1173},[5999],{"type":232,"value":1176},{"type":227,"tag":654,"props":6001,"children":6002},{"class":656,"line":3137},[6003,6007,6011],{"type":227,"tag":654,"props":6004,"children":6005},{"style":667},[6006],{"type":232,"value":1185},{"type":227,"tag":654,"props":6008,"children":6009},{"style":661},[6010],{"type":232,"value":1190},{"type":227,"tag":654,"props":6012,"children":6013},{"style":667},[6014],{"type":232,"value":1016},{"type":227,"tag":654,"props":6016,"children":6017},{"class":656,"line":3145},[6018],{"type":227,"tag":654,"props":6019,"children":6020},{"emptyLinePlaceholder":1023},[6021],{"type":232,"value":1026},{"type":227,"tag":654,"props":6023,"children":6024},{"class":656,"line":3190},[6025,6029,6033,6037,6041,6045,6049,6053],{"type":227,"tag":654,"props":6026,"children":6027},{"style":975},[6028],{"type":232,"value":1211},{"type":227,"tag":654,"props":6030,"children":6031},{"style":1033},[6032],{"type":232,"value":1216},{"type":227,"tag":654,"props":6034,"children":6035},{"style":661},[6036],{"type":232,"value":1221},{"type":227,"tag":654,"props":6038,"children":6039},{"style":667},[6040],{"type":232,"value":1046},{"type":227,"tag":654,"props":6042,"children":6043},{"style":661},[6044],{"type":232,"value":1230},{"type":227,"tag":654,"props":6046,"children":6047},{"style":667},[6048],{"type":232,"value":1061},{"type":227,"tag":654,"props":6050,"children":6051},{"style":661},[6052],{"type":232,"value":1239},{"type":227,"tag":654,"props":6054,"children":6055},{"style":667},[6056],{"type":232,"value":1016},{"type":227,"tag":654,"props":6058,"children":6059},{"class":656,"line":3218},[6060],{"type":227,"tag":654,"props":6061,"children":6062},{"emptyLinePlaceholder":1023},[6063],{"type":232,"value":1026},{"type":227,"tag":654,"props":6065,"children":6066},{"class":656,"line":3247},[6067,6071,6075,6079,6083,6087,6091,6095,6099,6103,6107,6111,6115,6119,6123,6127,6131,6135,6139,6143,6147],{"type":227,"tag":654,"props":6068,"children":6069},{"style":1033},[6070],{"type":232,"value":1036},{"type":227,"tag":654,"props":6072,"children":6073},{"style":661},[6074],{"type":232,"value":1402},{"type":227,"tag":654,"props":6076,"children":6077},{"style":667},[6078],{"type":232,"value":1046},{"type":227,"tag":654,"props":6080,"children":6081},{"style":667},[6082],{"type":232,"value":1051},{"type":227,"tag":654,"props":6084,"children":6085},{"style":661},[6086],{"type":232,"value":1415},{"type":227,"tag":654,"props":6088,"children":6089},{"style":667},[6090],{"type":232,"value":1061},{"type":227,"tag":654,"props":6092,"children":6093},{"style":1064},[6094],{"type":232,"value":1424},{"type":227,"tag":654,"props":6096,"children":6097},{"style":661},[6098],{"type":232,"value":1072},{"type":227,"tag":654,"props":6100,"children":6101},{"style":667},[6102],{"type":232,"value":262},{"type":227,"tag":654,"props":6104,"children":6105},{"style":700},[6106],{"type":232,"value":1437},{"type":227,"tag":654,"props":6108,"children":6109},{"style":667},[6110],{"type":232,"value":262},{"type":227,"tag":654,"props":6112,"children":6113},{"style":667},[6114],{"type":232,"value":1090},{"type":227,"tag":654,"props":6116,"children":6117},{"style":667},[6118],{"type":232,"value":1450},{"type":227,"tag":654,"props":6120,"children":6121},{"style":1102},[6122],{"type":232,"value":1455},{"type":227,"tag":654,"props":6124,"children":6125},{"style":667},[6126],{"type":232,"value":1110},{"type":227,"tag":654,"props":6128,"children":6129},{"style":667},[6130],{"type":232,"value":1003},{"type":227,"tag":654,"props":6132,"children":6133},{"style":700},[6134],{"type":232,"value":1468},{"type":227,"tag":654,"props":6136,"children":6137},{"style":667},[6138],{"type":232,"value":262},{"type":227,"tag":654,"props":6140,"children":6141},{"style":667},[6142],{"type":232,"value":1477},{"type":227,"tag":654,"props":6144,"children":6145},{"style":661},[6146],{"type":232,"value":1190},{"type":227,"tag":654,"props":6148,"children":6149},{"style":667},[6150],{"type":232,"value":1016},{"type":227,"tag":654,"props":6152,"children":6153},{"class":656,"line":3275},[6154,6158,6162,6166,6170,6174,6178,6182,6186,6190,6195,6199,6203],{"type":227,"tag":654,"props":6155,"children":6156},{"style":1033},[6157],{"type":232,"value":1036},{"type":227,"tag":654,"props":6159,"children":6160},{"style":661},[6161],{"type":232,"value":1497},{"type":227,"tag":654,"props":6163,"children":6164},{"style":667},[6165],{"type":232,"value":1046},{"type":227,"tag":654,"props":6167,"children":6168},{"style":667},[6169],{"type":232,"value":1051},{"type":227,"tag":654,"props":6171,"children":6172},{"style":661},[6173],{"type":232,"value":1415},{"type":227,"tag":654,"props":6175,"children":6176},{"style":667},[6177],{"type":232,"value":1061},{"type":227,"tag":654,"props":6179,"children":6180},{"style":1064},[6181],{"type":232,"value":1518},{"type":227,"tag":654,"props":6183,"children":6184},{"style":661},[6185],{"type":232,"value":1072},{"type":227,"tag":654,"props":6187,"children":6188},{"style":667},[6189],{"type":232,"value":262},{"type":227,"tag":654,"props":6191,"children":6192},{"style":700},[6193],{"type":232,"value":6194},"AzureReadyServicePrincipal",{"type":227,"tag":654,"props":6196,"children":6197},{"style":667},[6198],{"type":232,"value":262},{"type":227,"tag":654,"props":6200,"children":6201},{"style":667},[6202],{"type":232,"value":1090},{"type":227,"tag":654,"props":6204,"children":6205},{"style":667},[6206],{"type":232,"value":1095},{"type":227,"tag":654,"props":6208,"children":6209},{"class":656,"line":3606},[6210,6214,6218,6222,6226,6230],{"type":227,"tag":654,"props":6211,"children":6212},{"style":1102},[6213],{"type":232,"value":1551},{"type":227,"tag":654,"props":6215,"children":6216},{"style":667},[6217],{"type":232,"value":1110},{"type":227,"tag":654,"props":6219,"children":6220},{"style":661},[6221],{"type":232,"value":1560},{"type":227,"tag":654,"props":6223,"children":6224},{"style":667},[6225],{"type":232,"value":1061},{"type":227,"tag":654,"props":6227,"children":6228},{"style":661},[6229],{"type":232,"value":1569},{"type":227,"tag":654,"props":6231,"children":6232},{"style":667},[6233],{"type":232,"value":1127},{"type":227,"tag":654,"props":6235,"children":6236},{"class":656,"line":3635},[6237,6241,6245],{"type":227,"tag":654,"props":6238,"children":6239},{"style":667},[6240],{"type":232,"value":1185},{"type":227,"tag":654,"props":6242,"children":6243},{"style":661},[6244],{"type":232,"value":1190},{"type":227,"tag":654,"props":6246,"children":6247},{"style":667},[6248],{"type":232,"value":1016},{"type":227,"tag":654,"props":6250,"children":6251},{"class":656,"line":3653},[6252,6256,6260,6264,6268,6272,6276,6280,6284,6288],{"type":227,"tag":654,"props":6253,"children":6254},{"style":667},[6255],{"type":232,"value":1624},{"type":227,"tag":654,"props":6257,"children":6258},{"style":661},[6259],{"type":232,"value":1415},{"type":227,"tag":654,"props":6261,"children":6262},{"style":667},[6263],{"type":232,"value":1061},{"type":227,"tag":654,"props":6265,"children":6266},{"style":1064},[6267],{"type":232,"value":1637},{"type":227,"tag":654,"props":6269,"children":6270},{"style":661},[6271],{"type":232,"value":1072},{"type":227,"tag":654,"props":6273,"children":6274},{"style":667},[6275],{"type":232,"value":262},{"type":227,"tag":654,"props":6277,"children":6278},{"style":700},[6279],{"type":232,"value":1650},{"type":227,"tag":654,"props":6281,"children":6282},{"style":667},[6283],{"type":232,"value":262},{"type":227,"tag":654,"props":6285,"children":6286},{"style":667},[6287],{"type":232,"value":1090},{"type":227,"tag":654,"props":6289,"children":6290},{"style":667},[6291],{"type":232,"value":1095},{"type":227,"tag":654,"props":6293,"children":6294},{"class":656,"line":3662},[6295,6299,6303,6307,6311,6315],{"type":227,"tag":654,"props":6296,"children":6297},{"style":1102},[6298],{"type":232,"value":1670},{"type":227,"tag":654,"props":6300,"children":6301},{"style":667},[6302],{"type":232,"value":1110},{"type":227,"tag":654,"props":6304,"children":6305},{"style":661},[6306],{"type":232,"value":1560},{"type":227,"tag":654,"props":6308,"children":6309},{"style":667},[6310],{"type":232,"value":1061},{"type":227,"tag":654,"props":6312,"children":6313},{"style":661},[6314],{"type":232,"value":1687},{"type":227,"tag":654,"props":6316,"children":6317},{"style":667},[6318],{"type":232,"value":1127},{"type":227,"tag":654,"props":6320,"children":6321},{"class":656,"line":3999},[6322,6326,6330,6334,6338,6342],{"type":227,"tag":654,"props":6323,"children":6324},{"style":1102},[6325],{"type":232,"value":1699},{"type":227,"tag":654,"props":6327,"children":6328},{"style":667},[6329],{"type":232,"value":1110},{"type":227,"tag":654,"props":6331,"children":6332},{"style":667},[6333],{"type":232,"value":1003},{"type":227,"tag":654,"props":6335,"children":6336},{"style":700},[6337],{"type":232,"value":1712},{"type":227,"tag":654,"props":6339,"children":6340},{"style":667},[6341],{"type":232,"value":262},{"type":227,"tag":654,"props":6343,"children":6344},{"style":667},[6345],{"type":232,"value":1127},{"type":227,"tag":654,"props":6347,"children":6348},{"class":656,"line":4018},[6349,6353,6357,6361,6365,6369],{"type":227,"tag":654,"props":6350,"children":6351},{"style":1102},[6352],{"type":232,"value":1728},{"type":227,"tag":654,"props":6354,"children":6355},{"style":667},[6356],{"type":232,"value":1110},{"type":227,"tag":654,"props":6358,"children":6359},{"style":667},[6360],{"type":232,"value":1003},{"type":227,"tag":654,"props":6362,"children":6363},{"style":700},[6364],{"type":232,"value":1741},{"type":227,"tag":654,"props":6366,"children":6367},{"style":667},[6368],{"type":232,"value":262},{"type":227,"tag":654,"props":6370,"children":6371},{"style":667},[6372],{"type":232,"value":1127},{"type":227,"tag":654,"props":6374,"children":6375},{"class":656,"line":4043},[6376,6380,6384,6388,6392,6396,6400,6404],{"type":227,"tag":654,"props":6377,"children":6378},{"style":1102},[6379],{"type":232,"value":1757},{"type":227,"tag":654,"props":6381,"children":6382},{"style":667},[6383],{"type":232,"value":1110},{"type":227,"tag":654,"props":6385,"children":6386},{"style":661},[6387],{"type":232,"value":1766},{"type":227,"tag":654,"props":6389,"children":6390},{"style":667},[6391],{"type":232,"value":262},{"type":227,"tag":654,"props":6393,"children":6394},{"style":700},[6395],{"type":232,"value":1775},{"type":227,"tag":654,"props":6397,"children":6398},{"style":667},[6399],{"type":232,"value":262},{"type":227,"tag":654,"props":6401,"children":6402},{"style":661},[6403],{"type":232,"value":1784},{"type":227,"tag":654,"props":6405,"children":6406},{"style":667},[6407],{"type":232,"value":1127},{"type":227,"tag":654,"props":6409,"children":6410},{"class":656,"line":4052},[6411,6415,6419,6423,6427,6431],{"type":227,"tag":654,"props":6412,"children":6413},{"style":1102},[6414],{"type":232,"value":1796},{"type":227,"tag":654,"props":6416,"children":6417},{"style":667},[6418],{"type":232,"value":1110},{"type":227,"tag":654,"props":6420,"children":6421},{"style":667},[6422],{"type":232,"value":1003},{"type":227,"tag":654,"props":6424,"children":6425},{"style":700},[6426],{"type":232,"value":1809},{"type":227,"tag":654,"props":6428,"children":6429},{"style":667},[6430],{"type":232,"value":262},{"type":227,"tag":654,"props":6432,"children":6433},{"style":667},[6434],{"type":232,"value":1127},{"type":227,"tag":654,"props":6436,"children":6437},{"class":656,"line":4073},[6438,6442,6446,6450,6454,6458,6462,6466,6470,6474,6478,6482,6486,6490,6494],{"type":227,"tag":654,"props":6439,"children":6440},{"style":1102},[6441],{"type":232,"value":1825},{"type":227,"tag":654,"props":6443,"children":6444},{"style":667},[6445],{"type":232,"value":1110},{"type":227,"tag":654,"props":6447,"children":6448},{"style":661},[6449],{"type":232,"value":1834},{"type":227,"tag":654,"props":6451,"children":6452},{"style":667},[6453],{"type":232,"value":1061},{"type":227,"tag":654,"props":6455,"children":6456},{"style":1064},[6457],{"type":232,"value":1843},{"type":227,"tag":654,"props":6459,"children":6460},{"style":667},[6461],{"type":232,"value":1848},{"type":227,"tag":654,"props":6463,"children":6464},{"style":700},[6465],{"type":232,"value":1853},{"type":227,"tag":654,"props":6467,"children":6468},{"style":667},[6469],{"type":232,"value":1858},{"type":227,"tag":654,"props":6471,"children":6472},{"style":661},[6473],{"type":232,"value":1863},{"type":227,"tag":654,"props":6475,"children":6476},{"style":667},[6477],{"type":232,"value":1061},{"type":227,"tag":654,"props":6479,"children":6480},{"style":661},[6481],{"type":232,"value":1872},{"type":227,"tag":654,"props":6483,"children":6484},{"style":667},[6485],{"type":232,"value":1185},{"type":227,"tag":654,"props":6487,"children":6488},{"style":700},[6489],{"type":232,"value":1881},{"type":227,"tag":654,"props":6491,"children":6492},{"style":667},[6493],{"type":232,"value":1848},{"type":227,"tag":654,"props":6495,"children":6496},{"style":667},[6497],{"type":232,"value":1127},{"type":227,"tag":654,"props":6499,"children":6500},{"class":656,"line":4090},[6501,6505,6509],{"type":227,"tag":654,"props":6502,"children":6503},{"style":667},[6504],{"type":232,"value":1185},{"type":227,"tag":654,"props":6506,"children":6507},{"style":661},[6508],{"type":232,"value":1190},{"type":227,"tag":654,"props":6510,"children":6511},{"style":667},[6512],{"type":232,"value":1016},{"type":227,"tag":654,"props":6514,"children":6515},{"class":656,"line":4098},[6516],{"type":227,"tag":654,"props":6517,"children":6518},{"emptyLinePlaceholder":1023},[6519],{"type":232,"value":1026},{"type":227,"tag":654,"props":6521,"children":6522},{"class":656,"line":4119},[6523,6527,6531,6535,6539,6543,6547,6551,6555,6559,6563],{"type":227,"tag":654,"props":6524,"children":6525},{"style":1033},[6526],{"type":232,"value":1036},{"type":227,"tag":654,"props":6528,"children":6529},{"style":661},[6530],{"type":232,"value":2418},{"type":227,"tag":654,"props":6532,"children":6533},{"style":667},[6534],{"type":232,"value":1046},{"type":227,"tag":654,"props":6536,"children":6537},{"style":661},[6538],{"type":232,"value":1834},{"type":227,"tag":654,"props":6540,"children":6541},{"style":667},[6542],{"type":232,"value":1061},{"type":227,"tag":654,"props":6544,"children":6545},{"style":1064},[6546],{"type":232,"value":1277},{"type":227,"tag":654,"props":6548,"children":6549},{"style":661},[6550],{"type":232,"value":2439},{"type":227,"tag":654,"props":6552,"children":6553},{"style":667},[6554],{"type":232,"value":1061},{"type":227,"tag":654,"props":6556,"children":6557},{"style":1064},[6558],{"type":232,"value":2448},{"type":227,"tag":654,"props":6560,"children":6561},{"style":661},[6562],{"type":232,"value":2453},{"type":227,"tag":654,"props":6564,"children":6565},{"style":667},[6566],{"type":232,"value":1016},{"type":227,"tag":654,"props":6568,"children":6569},{"class":656,"line":4136},[6570,6574,6578,6582,6586,6590,6594],{"type":227,"tag":654,"props":6571,"children":6572},{"style":1033},[6573],{"type":232,"value":1036},{"type":227,"tag":654,"props":6575,"children":6576},{"style":661},[6577],{"type":232,"value":2352},{"type":227,"tag":654,"props":6579,"children":6580},{"style":667},[6581],{"type":232,"value":1046},{"type":227,"tag":654,"props":6583,"children":6584},{"style":661},[6585],{"type":232,"value":2477},{"type":227,"tag":654,"props":6587,"children":6588},{"style":667},[6589],{"type":232,"value":1061},{"type":227,"tag":654,"props":6591,"children":6592},{"style":661},[6593],{"type":232,"value":2255},{"type":227,"tag":654,"props":6595,"children":6596},{"style":667},[6597],{"type":232,"value":1016},{"type":227,"tag":654,"props":6599,"children":6600},{"class":656,"line":4154},[6601],{"type":227,"tag":654,"props":6602,"children":6603},{"emptyLinePlaceholder":1023},[6604],{"type":232,"value":1026},{"type":227,"tag":654,"props":6606,"children":6607},{"class":656,"line":4166},[6608,6612,6616,6620,6624,6628,6632,6636,6640,6644],{"type":227,"tag":654,"props":6609,"children":6610},{"style":667},[6611],{"type":232,"value":1624},{"type":227,"tag":654,"props":6613,"children":6614},{"style":661},[6615],{"type":232,"value":2084},{"type":227,"tag":654,"props":6617,"children":6618},{"style":667},[6619],{"type":232,"value":1061},{"type":227,"tag":654,"props":6621,"children":6622},{"style":1064},[6623],{"type":232,"value":2093},{"type":227,"tag":654,"props":6625,"children":6626},{"style":661},[6627],{"type":232,"value":1072},{"type":227,"tag":654,"props":6629,"children":6630},{"style":667},[6631],{"type":232,"value":262},{"type":227,"tag":654,"props":6633,"children":6634},{"style":700},[6635],{"type":232,"value":2106},{"type":227,"tag":654,"props":6637,"children":6638},{"style":667},[6639],{"type":232,"value":262},{"type":227,"tag":654,"props":6641,"children":6642},{"style":667},[6643],{"type":232,"value":1090},{"type":227,"tag":654,"props":6645,"children":6646},{"style":667},[6647],{"type":232,"value":1095},{"type":227,"tag":654,"props":6649,"children":6650},{"class":656,"line":4184},[6651,6655,6659,6663,6667,6671],{"type":227,"tag":654,"props":6652,"children":6653},{"style":1102},[6654],{"type":232,"value":2126},{"type":227,"tag":654,"props":6656,"children":6657},{"style":667},[6658],{"type":232,"value":1110},{"type":227,"tag":654,"props":6660,"children":6661},{"style":661},[6662],{"type":232,"value":2135},{"type":227,"tag":654,"props":6664,"children":6665},{"style":667},[6666],{"type":232,"value":1061},{"type":227,"tag":654,"props":6668,"children":6669},{"style":661},[6670],{"type":232,"value":2144},{"type":227,"tag":654,"props":6672,"children":6673},{"style":667},[6674],{"type":232,"value":1127},{"type":227,"tag":654,"props":6676,"children":6677},{"class":656,"line":4202},[6678,6682,6686,6690,6694,6698,6702,6706],{"type":227,"tag":654,"props":6679,"children":6680},{"style":1102},[6681],{"type":232,"value":2156},{"type":227,"tag":654,"props":6683,"children":6684},{"style":667},[6685],{"type":232,"value":1110},{"type":227,"tag":654,"props":6687,"children":6688},{"style":661},[6689],{"type":232,"value":2084},{"type":227,"tag":654,"props":6691,"children":6692},{"style":667},[6693],{"type":232,"value":1061},{"type":227,"tag":654,"props":6695,"children":6696},{"style":661},[6697],{"type":232,"value":2173},{"type":227,"tag":654,"props":6699,"children":6700},{"style":667},[6701],{"type":232,"value":1061},{"type":227,"tag":654,"props":6703,"children":6704},{"style":661},[6705],{"type":232,"value":1518},{"type":227,"tag":654,"props":6707,"children":6708},{"style":667},[6709],{"type":232,"value":1127},{"type":227,"tag":654,"props":6711,"children":6712},{"class":656,"line":4215},[6713,6717,6721,6725,6729,6733],{"type":227,"tag":654,"props":6714,"children":6715},{"style":1102},[6716],{"type":232,"value":2193},{"type":227,"tag":654,"props":6718,"children":6719},{"style":667},[6720],{"type":232,"value":1110},{"type":227,"tag":654,"props":6722,"children":6723},{"style":661},[6724],{"type":232,"value":2039},{"type":227,"tag":654,"props":6726,"children":6727},{"style":667},[6728],{"type":232,"value":1061},{"type":227,"tag":654,"props":6730,"children":6731},{"style":661},[6732],{"type":232,"value":2106},{"type":227,"tag":654,"props":6734,"children":6735},{"style":667},[6736],{"type":232,"value":1127},{"type":227,"tag":654,"props":6738,"children":6739},{"class":656,"line":4232},[6740,6744,6748,6752,6756,6760,6764,6768,6772,6776,6780],{"type":227,"tag":654,"props":6741,"children":6742},{"style":1102},[6743],{"type":232,"value":2221},{"type":227,"tag":654,"props":6745,"children":6746},{"style":667},[6747],{"type":232,"value":1110},{"type":227,"tag":654,"props":6749,"children":6750},{"style":661},[6751],{"type":232,"value":1834},{"type":227,"tag":654,"props":6753,"children":6754},{"style":667},[6755],{"type":232,"value":1061},{"type":227,"tag":654,"props":6757,"children":6758},{"style":1064},[6759],{"type":232,"value":1843},{"type":227,"tag":654,"props":6761,"children":6762},{"style":667},[6763],{"type":232,"value":1848},{"type":227,"tag":654,"props":6765,"children":6766},{"style":700},[6767],{"type":232,"value":2246},{"type":227,"tag":654,"props":6769,"children":6770},{"style":667},[6771],{"type":232,"value":1858},{"type":227,"tag":654,"props":6773,"children":6774},{"style":661},[6775],{"type":232,"value":2255},{"type":227,"tag":654,"props":6777,"children":6778},{"style":667},[6779],{"type":232,"value":2260},{"type":227,"tag":654,"props":6781,"children":6782},{"style":667},[6783],{"type":232,"value":1127},{"type":227,"tag":654,"props":6785,"children":6786},{"class":656,"line":4250},[6787,6791,6795],{"type":227,"tag":654,"props":6788,"children":6789},{"style":667},[6790],{"type":232,"value":1185},{"type":227,"tag":654,"props":6792,"children":6793},{"style":661},[6794],{"type":232,"value":1190},{"type":227,"tag":654,"props":6796,"children":6797},{"style":667},[6798],{"type":232,"value":1016},{"type":227,"tag":654,"props":6800,"children":6801},{"class":656,"line":4268},[6802],{"type":227,"tag":654,"props":6803,"children":6804},{"emptyLinePlaceholder":1023},[6805],{"type":232,"value":1026},{"type":227,"tag":654,"props":6807,"children":6808},{"class":656,"line":4286},[6809,6813,6817,6821,6825,6829,6833,6837,6841,6845],{"type":227,"tag":654,"props":6810,"children":6811},{"style":667},[6812],{"type":232,"value":1624},{"type":227,"tag":654,"props":6814,"children":6815},{"style":661},[6816],{"type":232,"value":1056},{"type":227,"tag":654,"props":6818,"children":6819},{"style":667},[6820],{"type":232,"value":1061},{"type":227,"tag":654,"props":6822,"children":6823},{"style":1064},[6824],{"type":232,"value":2861},{"type":227,"tag":654,"props":6826,"children":6827},{"style":661},[6828],{"type":232,"value":1072},{"type":227,"tag":654,"props":6830,"children":6831},{"style":667},[6832],{"type":232,"value":262},{"type":227,"tag":654,"props":6834,"children":6835},{"style":700},[6836],{"type":232,"value":2663},{"type":227,"tag":654,"props":6838,"children":6839},{"style":667},[6840],{"type":232,"value":262},{"type":227,"tag":654,"props":6842,"children":6843},{"style":667},[6844],{"type":232,"value":1090},{"type":227,"tag":654,"props":6846,"children":6847},{"style":667},[6848],{"type":232,"value":1095},{"type":227,"tag":654,"props":6850,"children":6852},{"class":656,"line":6851},42,[6853,6857,6861,6865,6869,6873],{"type":227,"tag":654,"props":6854,"children":6855},{"style":1102},[6856],{"type":232,"value":2683},{"type":227,"tag":654,"props":6858,"children":6859},{"style":667},[6860],{"type":232,"value":1110},{"type":227,"tag":654,"props":6862,"children":6863},{"style":661},[6864],{"type":232,"value":1230},{"type":227,"tag":654,"props":6866,"children":6867},{"style":667},[6868],{"type":232,"value":1061},{"type":227,"tag":654,"props":6870,"children":6871},{"style":661},[6872],{"type":232,"value":1263},{"type":227,"tag":654,"props":6874,"children":6875},{"style":667},[6876],{"type":232,"value":1127},{"type":227,"tag":654,"props":6878,"children":6880},{"class":656,"line":6879},43,[6881,6885,6889,6893,6897,6901],{"type":227,"tag":654,"props":6882,"children":6883},{"style":1102},[6884],{"type":232,"value":2920},{"type":227,"tag":654,"props":6886,"children":6887},{"style":667},[6888],{"type":232,"value":1110},{"type":227,"tag":654,"props":6890,"children":6891},{"style":667},[6892],{"type":232,"value":1003},{"type":227,"tag":654,"props":6894,"children":6895},{"style":700},[6896],{"type":232,"value":2724},{"type":227,"tag":654,"props":6898,"children":6899},{"style":667},[6900],{"type":232,"value":262},{"type":227,"tag":654,"props":6902,"children":6903},{"style":667},[6904],{"type":232,"value":1127},{"type":227,"tag":654,"props":6906,"children":6908},{"class":656,"line":6907},44,[6909,6913,6917,6921,6925,6929],{"type":227,"tag":654,"props":6910,"children":6911},{"style":1102},[6912],{"type":232,"value":2948},{"type":227,"tag":654,"props":6914,"children":6915},{"style":667},[6916],{"type":232,"value":1110},{"type":227,"tag":654,"props":6918,"children":6919},{"style":661},[6920],{"type":232,"value":2477},{"type":227,"tag":654,"props":6922,"children":6923},{"style":667},[6924],{"type":232,"value":1061},{"type":227,"tag":654,"props":6926,"children":6927},{"style":661},[6928],{"type":232,"value":2663},{"type":227,"tag":654,"props":6930,"children":6931},{"style":667},[6932],{"type":232,"value":1127},{"type":227,"tag":654,"props":6934,"children":6936},{"class":656,"line":6935},45,[6937,6941,6945],{"type":227,"tag":654,"props":6938,"children":6939},{"style":667},[6940],{"type":232,"value":1185},{"type":227,"tag":654,"props":6942,"children":6943},{"style":661},[6944],{"type":232,"value":1190},{"type":227,"tag":654,"props":6946,"children":6947},{"style":667},[6948],{"type":232,"value":1016},{"type":227,"tag":654,"props":6950,"children":6952},{"class":656,"line":6951},46,[6953],{"type":227,"tag":654,"props":6954,"children":6955},{"emptyLinePlaceholder":1023},[6956],{"type":232,"value":1026},{"type":227,"tag":654,"props":6958,"children":6960},{"class":656,"line":6959},47,[6961,6965,6969,6973,6977,6981,6985,6989,6993,6997],{"type":227,"tag":654,"props":6962,"children":6963},{"style":667},[6964],{"type":232,"value":1624},{"type":227,"tag":654,"props":6966,"children":6967},{"style":661},[6968],{"type":232,"value":1056},{"type":227,"tag":654,"props":6970,"children":6971},{"style":667},[6972],{"type":232,"value":1061},{"type":227,"tag":654,"props":6974,"children":6975},{"style":1064},[6976],{"type":232,"value":2861},{"type":227,"tag":654,"props":6978,"children":6979},{"style":661},[6980],{"type":232,"value":1072},{"type":227,"tag":654,"props":6982,"children":6983},{"style":667},[6984],{"type":232,"value":262},{"type":227,"tag":654,"props":6986,"children":6987},{"style":700},[6988],{"type":232,"value":2255},{"type":227,"tag":654,"props":6990,"children":6991},{"style":667},[6992],{"type":232,"value":262},{"type":227,"tag":654,"props":6994,"children":6995},{"style":667},[6996],{"type":232,"value":1090},{"type":227,"tag":654,"props":6998,"children":6999},{"style":667},[7000],{"type":232,"value":1095},{"type":227,"tag":654,"props":7002,"children":7004},{"class":656,"line":7003},48,[7005,7009,7013,7017,7021,7025],{"type":227,"tag":654,"props":7006,"children":7007},{"style":1102},[7008],{"type":232,"value":2683},{"type":227,"tag":654,"props":7010,"children":7011},{"style":667},[7012],{"type":232,"value":1110},{"type":227,"tag":654,"props":7014,"children":7015},{"style":661},[7016],{"type":232,"value":1230},{"type":227,"tag":654,"props":7018,"children":7019},{"style":667},[7020],{"type":232,"value":1061},{"type":227,"tag":654,"props":7022,"children":7023},{"style":661},[7024],{"type":232,"value":1263},{"type":227,"tag":654,"props":7026,"children":7027},{"style":667},[7028],{"type":232,"value":1127},{"type":227,"tag":654,"props":7030,"children":7032},{"class":656,"line":7031},49,[7033,7037,7041,7045,7049,7053],{"type":227,"tag":654,"props":7034,"children":7035},{"style":1102},[7036],{"type":232,"value":2920},{"type":227,"tag":654,"props":7038,"children":7039},{"style":667},[7040],{"type":232,"value":1110},{"type":227,"tag":654,"props":7042,"children":7043},{"style":667},[7044],{"type":232,"value":1003},{"type":227,"tag":654,"props":7046,"children":7047},{"style":700},[7048],{"type":232,"value":3082},{"type":227,"tag":654,"props":7050,"children":7051},{"style":667},[7052],{"type":232,"value":262},{"type":227,"tag":654,"props":7054,"children":7055},{"style":667},[7056],{"type":232,"value":1127},{"type":227,"tag":654,"props":7058,"children":7060},{"class":656,"line":7059},50,[7061,7065,7069,7073,7077,7081],{"type":227,"tag":654,"props":7062,"children":7063},{"style":1102},[7064],{"type":232,"value":2948},{"type":227,"tag":654,"props":7066,"children":7067},{"style":667},[7068],{"type":232,"value":1110},{"type":227,"tag":654,"props":7070,"children":7071},{"style":661},[7072],{"type":232,"value":2477},{"type":227,"tag":654,"props":7074,"children":7075},{"style":667},[7076],{"type":232,"value":1061},{"type":227,"tag":654,"props":7078,"children":7079},{"style":661},[7080],{"type":232,"value":2255},{"type":227,"tag":654,"props":7082,"children":7083},{"style":667},[7084],{"type":232,"value":1127},{"type":227,"tag":654,"props":7086,"children":7088},{"class":656,"line":7087},51,[7089,7093,7097],{"type":227,"tag":654,"props":7090,"children":7091},{"style":667},[7092],{"type":232,"value":1185},{"type":227,"tag":654,"props":7094,"children":7095},{"style":661},[7096],{"type":232,"value":1190},{"type":227,"tag":654,"props":7098,"children":7099},{"style":667},[7100],{"type":232,"value":1016},{"type":227,"tag":654,"props":7102,"children":7104},{"class":656,"line":7103},52,[7105],{"type":227,"tag":654,"props":7106,"children":7107},{"emptyLinePlaceholder":1023},[7108],{"type":232,"value":1026},{"type":227,"tag":654,"props":7110,"children":7112},{"class":656,"line":7111},53,[7113,7117,7121,7125,7129,7133,7137,7141,7145,7149],{"type":227,"tag":654,"props":7114,"children":7115},{"style":667},[7116],{"type":232,"value":1624},{"type":227,"tag":654,"props":7118,"children":7119},{"style":661},[7120],{"type":232,"value":1056},{"type":227,"tag":654,"props":7122,"children":7123},{"style":667},[7124],{"type":232,"value":1061},{"type":227,"tag":654,"props":7126,"children":7127},{"style":1064},[7128],{"type":232,"value":2861},{"type":227,"tag":654,"props":7130,"children":7131},{"style":661},[7132],{"type":232,"value":1072},{"type":227,"tag":654,"props":7134,"children":7135},{"style":667},[7136],{"type":232,"value":262},{"type":227,"tag":654,"props":7138,"children":7139},{"style":700},[7140],{"type":232,"value":3175},{"type":227,"tag":654,"props":7142,"children":7143},{"style":667},[7144],{"type":232,"value":262},{"type":227,"tag":654,"props":7146,"children":7147},{"style":667},[7148],{"type":232,"value":1090},{"type":227,"tag":654,"props":7150,"children":7151},{"style":667},[7152],{"type":232,"value":1095},{"type":227,"tag":654,"props":7154,"children":7156},{"class":656,"line":7155},54,[7157,7161,7165,7169,7173,7177],{"type":227,"tag":654,"props":7158,"children":7159},{"style":1102},[7160],{"type":232,"value":2683},{"type":227,"tag":654,"props":7162,"children":7163},{"style":667},[7164],{"type":232,"value":1110},{"type":227,"tag":654,"props":7166,"children":7167},{"style":661},[7168],{"type":232,"value":1230},{"type":227,"tag":654,"props":7170,"children":7171},{"style":667},[7172],{"type":232,"value":1061},{"type":227,"tag":654,"props":7174,"children":7175},{"style":661},[7176],{"type":232,"value":1263},{"type":227,"tag":654,"props":7178,"children":7179},{"style":667},[7180],{"type":232,"value":1127},{"type":227,"tag":654,"props":7182,"children":7184},{"class":656,"line":7183},55,[7185,7189,7193,7197,7201,7205],{"type":227,"tag":654,"props":7186,"children":7187},{"style":1102},[7188],{"type":232,"value":2920},{"type":227,"tag":654,"props":7190,"children":7191},{"style":667},[7192],{"type":232,"value":1110},{"type":227,"tag":654,"props":7194,"children":7195},{"style":667},[7196],{"type":232,"value":1003},{"type":227,"tag":654,"props":7198,"children":7199},{"style":700},[7200],{"type":232,"value":3236},{"type":227,"tag":654,"props":7202,"children":7203},{"style":667},[7204],{"type":232,"value":262},{"type":227,"tag":654,"props":7206,"children":7207},{"style":667},[7208],{"type":232,"value":1127},{"type":227,"tag":654,"props":7210,"children":7212},{"class":656,"line":7211},56,[7213,7217,7221,7225,7229,7233],{"type":227,"tag":654,"props":7214,"children":7215},{"style":1102},[7216],{"type":232,"value":2948},{"type":227,"tag":654,"props":7218,"children":7219},{"style":667},[7220],{"type":232,"value":1110},{"type":227,"tag":654,"props":7222,"children":7223},{"style":661},[7224],{"type":232,"value":1560},{"type":227,"tag":654,"props":7226,"children":7227},{"style":667},[7228],{"type":232,"value":1061},{"type":227,"tag":654,"props":7230,"children":7231},{"style":661},[7232],{"type":232,"value":1569},{"type":227,"tag":654,"props":7234,"children":7235},{"style":667},[7236],{"type":232,"value":1127},{"type":227,"tag":654,"props":7238,"children":7240},{"class":656,"line":7239},57,[7241,7245,7249],{"type":227,"tag":654,"props":7242,"children":7243},{"style":667},[7244],{"type":232,"value":1185},{"type":227,"tag":654,"props":7246,"children":7247},{"style":661},[7248],{"type":232,"value":1190},{"type":227,"tag":654,"props":7250,"children":7251},{"style":667},[7252],{"type":232,"value":1016},{"type":227,"tag":654,"props":7254,"children":7256},{"class":656,"line":7255},58,[7257],{"type":227,"tag":654,"props":7258,"children":7259},{"emptyLinePlaceholder":1023},[7260],{"type":232,"value":1026},{"type":227,"tag":654,"props":7262,"children":7264},{"class":656,"line":7263},59,[7265,7269,7273,7277,7281,7285,7289,7293,7297,7301],{"type":227,"tag":654,"props":7266,"children":7267},{"style":667},[7268],{"type":232,"value":1624},{"type":227,"tag":654,"props":7270,"children":7271},{"style":661},[7272],{"type":232,"value":1056},{"type":227,"tag":654,"props":7274,"children":7275},{"style":667},[7276],{"type":232,"value":1061},{"type":227,"tag":654,"props":7278,"children":7279},{"style":1064},[7280],{"type":232,"value":2861},{"type":227,"tag":654,"props":7282,"children":7283},{"style":661},[7284],{"type":232,"value":1072},{"type":227,"tag":654,"props":7286,"children":7287},{"style":667},[7288],{"type":232,"value":262},{"type":227,"tag":654,"props":7290,"children":7291},{"style":700},[7292],{"type":232,"value":4595},{"type":227,"tag":654,"props":7294,"children":7295},{"style":667},[7296],{"type":232,"value":262},{"type":227,"tag":654,"props":7298,"children":7299},{"style":667},[7300],{"type":232,"value":1090},{"type":227,"tag":654,"props":7302,"children":7303},{"style":667},[7304],{"type":232,"value":1095},{"type":227,"tag":654,"props":7306,"children":7308},{"class":656,"line":7307},60,[7309,7313,7317,7321,7325,7329],{"type":227,"tag":654,"props":7310,"children":7311},{"style":1102},[7312],{"type":232,"value":2683},{"type":227,"tag":654,"props":7314,"children":7315},{"style":667},[7316],{"type":232,"value":1110},{"type":227,"tag":654,"props":7318,"children":7319},{"style":661},[7320],{"type":232,"value":1230},{"type":227,"tag":654,"props":7322,"children":7323},{"style":667},[7324],{"type":232,"value":1061},{"type":227,"tag":654,"props":7326,"children":7327},{"style":661},[7328],{"type":232,"value":1263},{"type":227,"tag":654,"props":7330,"children":7331},{"style":667},[7332],{"type":232,"value":1127},{"type":227,"tag":654,"props":7334,"children":7336},{"class":656,"line":7335},61,[7337,7341,7345,7349,7353,7357],{"type":227,"tag":654,"props":7338,"children":7339},{"style":1102},[7340],{"type":232,"value":2920},{"type":227,"tag":654,"props":7342,"children":7343},{"style":667},[7344],{"type":232,"value":1110},{"type":227,"tag":654,"props":7346,"children":7347},{"style":667},[7348],{"type":232,"value":1003},{"type":227,"tag":654,"props":7350,"children":7351},{"style":700},[7352],{"type":232,"value":4514},{"type":227,"tag":654,"props":7354,"children":7355},{"style":667},[7356],{"type":232,"value":262},{"type":227,"tag":654,"props":7358,"children":7359},{"style":667},[7360],{"type":232,"value":1127},{"type":227,"tag":654,"props":7362,"children":7364},{"class":656,"line":7363},62,[7365,7369,7373,7377,7381,7385,7389,7393,7397,7401,7405],{"type":227,"tag":654,"props":7366,"children":7367},{"style":1102},[7368],{"type":232,"value":2948},{"type":227,"tag":654,"props":7370,"children":7371},{"style":667},[7372],{"type":232,"value":1110},{"type":227,"tag":654,"props":7374,"children":7375},{"style":661},[7376],{"type":232,"value":2361},{"type":227,"tag":654,"props":7378,"children":7379},{"style":667},[7380],{"type":232,"value":1061},{"type":227,"tag":654,"props":7382,"children":7383},{"style":1064},[7384],{"type":232,"value":4685},{"type":227,"tag":654,"props":7386,"children":7387},{"style":661},[7388],{"type":232,"value":1072},{"type":227,"tag":654,"props":7390,"children":7391},{"style":667},[7392],{"type":232,"value":262},{"type":227,"tag":654,"props":7394,"children":7395},{"style":700},[7396],{"type":232,"value":4698},{"type":227,"tag":654,"props":7398,"children":7399},{"style":667},[7400],{"type":232,"value":262},{"type":227,"tag":654,"props":7402,"children":7403},{"style":661},[7404],{"type":232,"value":1190},{"type":227,"tag":654,"props":7406,"children":7407},{"style":667},[7408],{"type":232,"value":1127},{"type":227,"tag":654,"props":7410,"children":7412},{"class":656,"line":7411},63,[7413,7417,7421],{"type":227,"tag":654,"props":7414,"children":7415},{"style":667},[7416],{"type":232,"value":1185},{"type":227,"tag":654,"props":7418,"children":7419},{"style":661},[7420],{"type":232,"value":1190},{"type":227,"tag":654,"props":7422,"children":7423},{"style":667},[7424],{"type":232,"value":1016},{"type":227,"tag":654,"props":7426,"children":7428},{"class":656,"line":7427},64,[7429],{"type":227,"tag":654,"props":7430,"children":7431},{"emptyLinePlaceholder":1023},[7432],{"type":232,"value":1026},{"type":227,"tag":654,"props":7434,"children":7436},{"class":656,"line":7435},65,[7437,7441,7445,7449,7453,7457,7461,7465,7469,7473,7477,7481,7485,7489],{"type":227,"tag":654,"props":7438,"children":7439},{"style":1033},[7440],{"type":232,"value":1036},{"type":227,"tag":654,"props":7442,"children":7443},{"style":661},[7444],{"type":232,"value":4797},{"type":227,"tag":654,"props":7446,"children":7447},{"style":667},[7448],{"type":232,"value":1046},{"type":227,"tag":654,"props":7450,"children":7451},{"style":1064},[7452],{"type":232,"value":4753},{"type":227,"tag":654,"props":7454,"children":7455},{"style":661},[7456],{"type":232,"value":1072},{"type":227,"tag":654,"props":7458,"children":7459},{"style":667},[7460],{"type":232,"value":262},{"type":227,"tag":654,"props":7462,"children":7463},{"style":700},[7464],{"type":232,"value":4818},{"type":227,"tag":654,"props":7466,"children":7467},{"style":667},[7468],{"type":232,"value":262},{"type":227,"tag":654,"props":7470,"children":7471},{"style":667},[7472],{"type":232,"value":1090},{"type":227,"tag":654,"props":7474,"children":7475},{"style":667},[7476],{"type":232,"value":1003},{"type":227,"tag":654,"props":7478,"children":7479},{"style":700},[7480],{"type":232,"value":4835},{"type":227,"tag":654,"props":7482,"children":7483},{"style":667},[7484],{"type":232,"value":262},{"type":227,"tag":654,"props":7486,"children":7487},{"style":661},[7488],{"type":232,"value":1190},{"type":227,"tag":654,"props":7490,"children":7491},{"style":667},[7492],{"type":232,"value":1016},{"type":227,"tag":654,"props":7494,"children":7496},{"class":656,"line":7495},66,[7497,7501,7505,7509,7513,7517,7521,7525,7529,7533],{"type":227,"tag":654,"props":7498,"children":7499},{"style":667},[7500],{"type":232,"value":1624},{"type":227,"tag":654,"props":7502,"children":7503},{"style":661},[7504],{"type":232,"value":1056},{"type":227,"tag":654,"props":7506,"children":7507},{"style":667},[7508],{"type":232,"value":1061},{"type":227,"tag":654,"props":7510,"children":7511},{"style":1064},[7512],{"type":232,"value":4867},{"type":227,"tag":654,"props":7514,"children":7515},{"style":661},[7516],{"type":232,"value":1072},{"type":227,"tag":654,"props":7518,"children":7519},{"style":667},[7520],{"type":232,"value":262},{"type":227,"tag":654,"props":7522,"children":7523},{"style":700},[7524],{"type":232,"value":4880},{"type":227,"tag":654,"props":7526,"children":7527},{"style":667},[7528],{"type":232,"value":262},{"type":227,"tag":654,"props":7530,"children":7531},{"style":667},[7532],{"type":232,"value":1090},{"type":227,"tag":654,"props":7534,"children":7535},{"style":667},[7536],{"type":232,"value":1095},{"type":227,"tag":654,"props":7538,"children":7540},{"class":656,"line":7539},67,[7541,7545,7549,7553,7557,7561],{"type":227,"tag":654,"props":7542,"children":7543},{"style":1102},[7544],{"type":232,"value":2683},{"type":227,"tag":654,"props":7546,"children":7547},{"style":667},[7548],{"type":232,"value":1110},{"type":227,"tag":654,"props":7550,"children":7551},{"style":661},[7552],{"type":232,"value":1230},{"type":227,"tag":654,"props":7554,"children":7555},{"style":667},[7556],{"type":232,"value":1061},{"type":227,"tag":654,"props":7558,"children":7559},{"style":661},[7560],{"type":232,"value":1263},{"type":227,"tag":654,"props":7562,"children":7563},{"style":667},[7564],{"type":232,"value":1127},{"type":227,"tag":654,"props":7566,"children":7568},{"class":656,"line":7567},68,[7569,7573,7577,7581,7585,7589],{"type":227,"tag":654,"props":7570,"children":7571},{"style":1102},[7572],{"type":232,"value":4927},{"type":227,"tag":654,"props":7574,"children":7575},{"style":667},[7576],{"type":232,"value":1110},{"type":227,"tag":654,"props":7578,"children":7579},{"style":667},[7580],{"type":232,"value":1003},{"type":227,"tag":654,"props":7582,"children":7583},{"style":700},[7584],{"type":232,"value":315},{"type":227,"tag":654,"props":7586,"children":7587},{"style":667},[7588],{"type":232,"value":262},{"type":227,"tag":654,"props":7590,"children":7591},{"style":667},[7592],{"type":232,"value":1127},{"type":227,"tag":654,"props":7594,"children":7596},{"class":656,"line":7595},69,[7597,7601,7605,7609,7613,7617],{"type":227,"tag":654,"props":7598,"children":7599},{"style":1102},[7600],{"type":232,"value":4955},{"type":227,"tag":654,"props":7602,"children":7603},{"style":667},[7604],{"type":232,"value":1110},{"type":227,"tag":654,"props":7606,"children":7607},{"style":667},[7608],{"type":232,"value":1003},{"type":227,"tag":654,"props":7610,"children":7611},{"style":700},[7612],{"type":232,"value":4968},{"type":227,"tag":654,"props":7614,"children":7615},{"style":667},[7616],{"type":232,"value":262},{"type":227,"tag":654,"props":7618,"children":7619},{"style":667},[7620],{"type":232,"value":1127},{"type":227,"tag":654,"props":7622,"children":7624},{"class":656,"line":7623},70,[7625,7629,7633,7637],{"type":227,"tag":654,"props":7626,"children":7627},{"style":1102},[7628],{"type":232,"value":4984},{"type":227,"tag":654,"props":7630,"children":7631},{"style":667},[7632],{"type":232,"value":1110},{"type":227,"tag":654,"props":7634,"children":7635},{"style":661},[7636],{"type":232,"value":4993},{"type":227,"tag":654,"props":7638,"children":7639},{"style":667},[7640],{"type":232,"value":1127},{"type":227,"tag":654,"props":7642,"children":7644},{"class":656,"line":7643},71,[7645,7649,7653,7657,7661,7665],{"type":227,"tag":654,"props":7646,"children":7647},{"style":1102},[7648],{"type":232,"value":5005},{"type":227,"tag":654,"props":7650,"children":7651},{"style":667},[7652],{"type":232,"value":1110},{"type":227,"tag":654,"props":7654,"children":7655},{"style":667},[7656],{"type":232,"value":1003},{"type":227,"tag":654,"props":7658,"children":7659},{"style":700},[7660],{"type":232,"value":5018},{"type":227,"tag":654,"props":7662,"children":7663},{"style":667},[7664],{"type":232,"value":262},{"type":227,"tag":654,"props":7666,"children":7667},{"style":667},[7668],{"type":232,"value":1127},{"type":227,"tag":654,"props":7670,"children":7672},{"class":656,"line":7671},72,[7673,7677,7681,7685,7689,7693],{"type":227,"tag":654,"props":7674,"children":7675},{"style":1102},[7676],{"type":232,"value":5034},{"type":227,"tag":654,"props":7678,"children":7679},{"style":667},[7680],{"type":232,"value":1110},{"type":227,"tag":654,"props":7682,"children":7683},{"style":667},[7684],{"type":232,"value":1003},{"type":227,"tag":654,"props":7686,"children":7687},{"style":700},[7688],{"type":232,"value":5047},{"type":227,"tag":654,"props":7690,"children":7691},{"style":667},[7692],{"type":232,"value":262},{"type":227,"tag":654,"props":7694,"children":7695},{"style":667},[7696],{"type":232,"value":1127},{"type":227,"tag":654,"props":7698,"children":7700},{"class":656,"line":7699},73,[7701,7705,7709,7713,7717,7721],{"type":227,"tag":654,"props":7702,"children":7703},{"style":1102},[7704],{"type":232,"value":5063},{"type":227,"tag":654,"props":7706,"children":7707},{"style":667},[7708],{"type":232,"value":1110},{"type":227,"tag":654,"props":7710,"children":7711},{"style":667},[7712],{"type":232,"value":1003},{"type":227,"tag":654,"props":7714,"children":7715},{"style":700},[7716],{"type":232,"value":5076},{"type":227,"tag":654,"props":7718,"children":7719},{"style":667},[7720],{"type":232,"value":262},{"type":227,"tag":654,"props":7722,"children":7723},{"style":667},[7724],{"type":232,"value":1127},{"type":227,"tag":654,"props":7726,"children":7728},{"class":656,"line":7727},74,[7729,7733,7737,7741],{"type":227,"tag":654,"props":7730,"children":7731},{"style":1102},[7732],{"type":232,"value":5092},{"type":227,"tag":654,"props":7734,"children":7735},{"style":667},[7736],{"type":232,"value":1110},{"type":227,"tag":654,"props":7738,"children":7739},{"style":1173},[7740],{"type":232,"value":5101},{"type":227,"tag":654,"props":7742,"children":7743},{"style":667},[7744],{"type":232,"value":1127},{"type":227,"tag":654,"props":7746,"children":7748},{"class":656,"line":7747},75,[7749,7753,7757],{"type":227,"tag":654,"props":7750,"children":7751},{"style":667},[7752],{"type":232,"value":1185},{"type":227,"tag":654,"props":7754,"children":7755},{"style":661},[7756],{"type":232,"value":1190},{"type":227,"tag":654,"props":7758,"children":7759},{"style":667},[7760],{"type":232,"value":1016},{"type":227,"tag":228,"props":7762,"children":7763},{},[7764,7766,7773],{"type":232,"value":7765},"You can find the complete source code used for this article ",{"type":227,"tag":482,"props":7767,"children":7770},{"href":7768,"rel":7769},"https://github.com/TechWatching/AzureOIDC",[486],[7771],{"type":232,"value":7772},"in this GitHub repository",{"type":232,"value":1061},{"type":227,"tag":228,"props":7775,"children":7776},{},[7777],{"type":232,"value":7778},"I hope you enjoyed this article. Please feel free to share your thoughts in the comments, ask questions, or make suggestions. Keep learning.",{"type":227,"tag":7780,"props":7781,"children":7782},"style",{},[7783],{"type":232,"value":7784},"html .light .shiki span {color: var(--shiki-light);background: var(--shiki-light-bg);font-style: var(--shiki-light-font-style);font-weight: var(--shiki-light-font-weight);text-decoration: var(--shiki-light-text-decoration);}html.light .shiki span {color: var(--shiki-light);background: var(--shiki-light-bg);font-style: var(--shiki-light-font-style);font-weight: var(--shiki-light-font-weight);text-decoration: var(--shiki-light-text-decoration);}html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html.dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}",{"title":207,"searchDepth":1019,"depth":1019,"links":7786},[7787,7793,7794,7803,7804],{"id":254,"depth":1019,"text":257,"children":7788},[7789,7790,7791,7792],{"id":284,"depth":1029,"text":287},{"id":347,"depth":1029,"text":350},{"id":434,"depth":1029,"text":437},{"id":542,"depth":1029,"text":545},{"id":557,"depth":1019,"text":560},{"id":628,"depth":1019,"text":631,"children":7795},[7796,7797,7798,7800,7801,7802],{"id":634,"depth":1029,"text":637},{"id":888,"depth":1029,"text":891},{"id":1322,"depth":1029,"text":7799},"Create the identity in Azure Active Directory for the GitHub Actions workflow",{"id":1962,"depth":1029,"text":1965},{"id":2586,"depth":1029,"text":2589},{"id":3308,"depth":1029,"text":3311},{"id":5183,"depth":1019,"text":5186},{"id":5412,"depth":1019,"text":5415,"children":7805},[7806,7807,7808,7809],{"id":5418,"depth":1029,"text":5421},{"id":5434,"depth":1029,"text":5437},{"id":5468,"depth":1029,"text":5471},{"id":5566,"depth":1029,"text":5569},"markdown","content:1.posts:53.azure-ready-github-repository.md","content","1.posts/53.azure-ready-github-repository.md","md",[7816,7827],{"_path":169,"_dir":205,"_draft":206,"_partial":206,"_locale":207,"title":168,"description":7817,"lead":7818,"date":7819,"image":7820,"badge":7822,"tags":7823,"_type":7810,"_id":7825,"_source":7812,"_file":7826,"_extension":7814},"If you are deploying your application to Azure from Azure Pipelines, you might want to leverage the ability to do so without using secrets thanks to Workload identity federation. In this article, I will demonstrate how to automate the configuration of your Azure DevOps project, with everything pre-configured to securely deploy applications to Azure.","Azure DevOps Workload identity federation (OIDC) with Pulumi","2023-09-21T00:00:00.000Z",{"src":7821},"/images/azuredevopsoidc.webp",{"label":214},[216,217,218,219,220,221,222,7824],".NET","content:1.posts:54.ado-workload-identity-federation.md","1.posts/54.ado-workload-identity-federation.md",{"_path":163,"_dir":205,"_draft":206,"_partial":206,"_locale":207,"title":162,"description":7828,"lead":7829,"date":7830,"badge":7831,"image":7833,"tags":7835,"canonical":7838,"_type":7810,"_id":7839,"_source":7812,"_file":7840,"_extension":7814},"You may have come across pnpm through discussions with fellow developers, reading blog posts, watching videos, or attending developer conferences. You have probably heard its praises: it's fast, disk-space efficient, and great for monorepos.","Discussion about pnpm usage and popularity.","2023-07-06T00:00:00.000Z",{"label":7832},"Tooling",{"src":7834},"/images/pnpm.png",[802,7836,7837],"package manager","tooling","https://bordeauxcoders.com/who-is-using-pnpm","content:1.posts:52.pnpm-who-is-using.md","1.posts/52.pnpm-who-is-using.md",1716749601504]