[{"data":1,"prerenderedAt":3731},["Reactive",2],{"navigation":3,"aAII9Cz3yR":204,"tags-Microsoft Entra ID":397},[4,192,200],{"title":5,"_path":6,"children":7,"icon":191},"Blog","/posts",[8,11,14,17,20,23,26,29,32,35,38,41,44,47,50,53,56,59,62,65,68,71,74,77,80,83,86,89,92,95,98,101,104,107,110,113,116,119,122,125,128,131,134,137,140,143,146,149,152,155,158,161,164,167,170,173,176,179,182,185,188],{"title":9,"_path":10},"Testing your API with REST Client","/posts/testing-your-api-with-rest-client",{"title":12,"_path":13},"HTML templating in Xamarin","/posts/html-templating-in-xamarin",{"title":15,"_path":16},"Goodbye Azure Portal, Welcome Azure CLI","/posts/welcome-azure-cli",{"title":18,"_path":19},"Coming across Gitpod","/posts/gitpod",{"title":21,"_path":22},"Handle token retrieval while querying an API","/posts/delegating-handler",{"title":24,"_path":25},"Clean up your local git branches.","/posts/cleaning-git-branches",{"title":27,"_path":28},"Automate configuration of Teams Tab SSO with PowerShell.","/posts/teams-sso-powershell",{"title":30,"_path":31},"How to do a technology watch? - Part 1","/posts/technology-watch-part1",{"title":33,"_path":34},"How to do a technology watch? - Part 2","/posts/technology-watch-part2",{"title":36,"_path":37},"You almost no longer need Key Vault references for Azure Functions.","/posts/azure-functions-custom-configuration",{"title":39,"_path":40},"How to do a technology watch? - Part 3","/posts/technology-watch-part3",{"title":42,"_path":43},"Forget DevOps, the future is already here!","/posts/devops-future",{"title":45,"_path":46},"Week 9, 2021 - Tips I learned this week","/posts/w09-2021-tips-learned-this-week",{"title":48,"_path":49},"Week 12, 2021 - Tips I learned this week","/posts/w12-2021-tips-learned-this-week",{"title":51,"_path":52},"Week 14, 2021 - Tips I learned this week","/posts/w14-2021-tips-learned-this-week",{"title":54,"_path":55},"Once upon a time in .NET","/posts/once-upon-a-time-in-dotnet",{"title":57,"_path":58},"Install your applications with winget","/posts/winget-import",{"title":60,"_path":61},"Customize your applications when installing them with winget","/posts/winget-override",{"title":63,"_path":64},"Week 22, 2021 - Tips I learned this week","/posts/w22-2021-tips-learned-this-week",{"title":66,"_path":67},"How to connect to an Azure SQL Database from C# using Azure AD","/posts/sqlclient-active-directory-authent",{"title":69,"_path":70},"Producing packages for Windows Package Manager","/posts/wingetcreate",{"title":72,"_path":73},"4 tips about GitHub Actions environment variables and contexts","/posts/github-actions-var-and-context",{"title":75,"_path":76},"AzureWebJobsStorage, the secret you don't need in your Function App.","/posts/azure-functions-without-azurewebjobsstorage",{"title":78,"_path":79},"ASP.NET Core - Lost in configuration","/posts/lost-in-configuration",{"title":81,"_path":82},"Week 39, 2021 - Tips I learned this week","/posts/w39-2021-tips-learned-this-week",{"title":84,"_path":85},"Week 41, 2021 - Tips I learned this week","/posts/w41-2021-tips-learned-this-week",{"title":87,"_path":88},"Migrating and open-sourcing my blog","/posts/migrating-blog",{"title":90,"_path":91},"Week 45, 2021 - Tips I learned this week","/posts/w45-2021-tips-learned-this-week",{"title":93,"_path":94},"Organize your GitHub stars with Astral","/posts/astral",{"title":96,"_path":97},"Pulumi with an Azure Blob Storage backend","/posts/pulumi-azure-backend",{"title":99,"_path":100},"IaC Hot Reload with Pulumi Watch","/posts/pulumi-watch",{"title":102,"_path":103},"Week 2, 2022 - Tips I learned this week","/posts/w02-2022-tips-learned-this-week",{"title":105,"_path":106},"Week 3, 2022 - Tips I learned this week","/posts/w03-2022-tips-learned-this-week",{"title":108,"_path":109},"Week 5, 2022 - Tips I learned this week","/posts/w05-2022-tips-learned-this-week",{"title":111,"_path":112},"How to provision an Azure SQL Database with Active Directory authentication","/posts/sqldatabase-active-directory-authent",{"title":114,"_path":115},"Why will I choose Pulumi over Terraform for my next project?","/posts/pulumi-vs-terraform",{"title":117,"_path":118},"Week 19, 2022 - Tips I learned this week","/posts/w19-2022-tips-learned-this-week",{"title":120,"_path":121},"Week 20, 2022 - Tips I learned this week","/posts/w20-2022-tips-learned-this-week",{"title":123,"_path":124},"Keeping secrets secure when using API Clients","/posts/http-clients-secrets",{"title":126,"_path":127},"What made me want to be a developer?","/posts/be-a-developer",{"title":129,"_path":130},"What can we do when stuck with a programming problem?","/posts/get-unstuck",{"title":132,"_path":133},"How did I automate the setup of my developer Windows laptop?","/posts/automate-developer-machine",{"title":135,"_path":136},"Discussion about API clients","/posts/http-clients",{"title":138,"_path":139},"Week 46, 2022 - Tips I learned this week","/posts/w46-2022-tips-learned-this-week",{"title":141,"_path":142},"When Pulumi met Nuke: a .NET love story","/posts/when-pulumi-met-nuke",{"title":144,"_path":145},"A year of learning and sharing - Dev Retro 2022","/posts/2022-retro",{"title":147,"_path":148},"Perform Dynamic Execution of an npm Package","/posts/pnpm-dlx",{"title":150,"_path":151},"Manage multiple Node.js versions","/posts/pnpm-env",{"title":153,"_path":154},"Introducing the Vue.js CI/CD series","/posts/vuecicd-introduction",{"title":156,"_path":157},"Execute commands using your project dependencies","/posts/pnpm-exec",{"title":159,"_path":160},"Vue.js CI/CD: Continuous Integration","/posts/vuecicd-ci",{"title":162,"_path":163},"Who is using pnpm?","/posts/pnpm-who-is-using",{"title":165,"_path":166},"Create an Azure-Ready GitHub Repository using Pulumi","/posts/azure-ready-github-repository",{"title":168,"_path":169},"Deploying to Azure from Azure DevOps without secrets","/posts/ado-workload-identity-federation",{"title":171,"_path":172},"Effortlessly Configure GitHub Repositories for Azure Deployment via OIDC","/posts/scripting-azure-ready-github-repository",{"title":174,"_path":175},"Playing with the .NET 8 Web API template","/posts/playing-with-dotnet8",{"title":177,"_path":178},"Another year of sharing and learning - Dev Retro 2023","/posts/2023-retro",{"title":180,"_path":181},"Week 4, 2024 - Tips I learned this week","/posts/w04-2024-tips-learned-this-week",{"title":183,"_path":184},"Using dependency injection with Azure .NET SDK","/posts/azure-sdk-di",{"title":186,"_path":187},"Having Fun With IT Event Calendars","/posts/it-event-calendars",{"title":189,"_path":190},"Call your Azure AD B2C protected API with authenticated HTTP requests from your JetBrains IDE","/posts/http-clients-oauth2","i-heroicons-newspaper",{"title":193,"_path":194,"children":195,"icon":199},"Goodies","/goodies",[196],{"title":197,"_path":198},"My Git Cheat Sheet","/goodies/gitcheatsheet","i-heroicons-gift-solid",{"title":201,"_path":202,"icon":203},"About","/about","i-heroicons-user-circle-solid",[205,207,209,211,214,217,220,223,226,229,231,234,237,240,242,244,247,250,253,255,258,261,264,267,270,273,276,279,282,285,287,289,292,294,297,300,303,305,308,310,313,316,319,322,325,327,329,332,335,338,341,344,347,350,353,356,359,361,363,366,369,372,375,377,380,383,385,388,391,394],[206,206],"tooling",[208,208],"vscode",[210,210],"rest",[212,213],"http","HTTP",[215,216],"razor","Razor",[218,219],"xamarin","Xamarin",[221,222],"templating","Templating",[224,225],"azure-cli","Azure CLI",[227,228],"azure","Azure",[230,230],"shell",[232,233],"github","GitHub",[235,236],"asp-net-core","ASP.NET Core",[238,239],"net",".NET",[241,241],"git",[243,243],"nushell",[245,246],"microsoft-teams","Microsoft Teams",[248,249],"powershell","PowerShell",[251,252],"azure-active-directory","Azure Active Directory",[254,254],"learning",[256,257],"azure-functions","Azure Functions",[259,260],"azure-key-vault","Azure Key Vault",[262,263],"configuration","Configuration",[265,266],"devops","DevOps",[268,269],"it","IT",[271,272],"tips-learned-this-week","tips learned this week",[274,275],"windows-terminal","Windows Terminal",[277,278],"azure-pipelines","Azure Pipelines",[280,281],"application-insights","Application Insights",[283,284],"azure-iot","Azure IoT",[286,286],"records",[288,288],"refit",[290,291],"development-box-setup","development box setup",[293,293],"winget",[295,296],"package-manager","package manager",[298,299],"azure-sql-database","Azure SQL Database",[301,302],"azure-sdk","Azure SDK",[304,304],"wingetcreate",[306,307],"github-actions","GitHub Actions",[309,309],"jq",[311,312],"pulumi","Pulumi",[314,315],"iac","IaC",[317,318],"azure-storage","Azure Storage",[320,321],"azure-signalr","Azure SignalR",[323,324],"visio","Visio",[326,326],"csharp",[328,328],"jest",[330,331],"statiq","Statiq",[333,334],"open-source","open source",[336,337],"visual-studio","Visual Studio",[339,340],"vue-js","Vue.js",[342,343],"azure-devops","Azure DevOps",[345,346],"vite","Vite",[348,349],"code-analysis","Code analysis",[351,352],"diagram","Diagram",[354,355],"terraform","Terraform",[357,358],"typescript","TypeScript",[360,360],"thoughts",[362,362],"pnpm",[364,365],"nuke","Nuke",[367,368],"pipelines","Pipelines",[370,371],"cicd","CI/CD",[373,374],"openid-connect","OpenID Connect",[376,376],"security",[378,379],"github-cli","GitHub CLI",[381,382],"microsoft-entra-id","Microsoft Entra ID",[384,384],"advent",[386,387],"finops","FinOps",[389,390],"anglesharp","AngleSharp",[392,393],"oauth2","OAuth2",[395,396],"azure-ad-b2c","Azure AD B2C",[398],{"_path":172,"_dir":399,"_draft":400,"_partial":400,"_locale":401,"title":171,"description":402,"lead":403,"date":404,"image":405,"badge":407,"tags":408,"body":409,"_type":3726,"_id":3727,"_source":3728,"_file":3729,"_extension":3730},"posts",false,"","What if we could script the creation and configuration of a GitHub Repository so that it is ready to provision or deploy Azure resources from a GitHub Actions pipeline? We will do that in this article using the Azure CLI and GitHub CLI.","Scripting your Azure-Ready GitHub Repository using Azure and GitHub CLI","2023-10-23T00:00:00.000Z",{"src":406},"/images/azureOIDC_2.webp",{"label":266},[228,225,233,379,307,374,382],{"type":410,"children":411,"toc":3715},"root",[412,419,426,431,436,807,823,828,840,859,865,872,886,899,911,917,930,935,1006,1011,1101,1126,1131,1198,1229,1235,1240,1356,1388,1393,1565,1570,1703,1708,1923,1948,1961,2081,2086,2143,2149,2154,2174,2256,2261,2366,2375,2381,3655,3661,3674,3679,3699,3704,3709],{"type":413,"tag":414,"props":415,"children":416},"element","p",{},[417],{"type":418,"value":402},"text",{"type":413,"tag":420,"props":421,"children":423},"h2",{"id":422},"the-objective",[424],{"type":418,"value":425},"The Objective",{"type":413,"tag":414,"props":427,"children":428},{},[429],{"type":418,"value":430},"The goal is to go from nothing to running a GitHub Actions workflow that authenticates to Azure using Open ID Connect (so without secret credentials) in a newly created GitHub repository.",{"type":413,"tag":414,"props":432,"children":433},{},[434],{"type":418,"value":435},"The workflow we plan to run is as follows:",{"type":413,"tag":437,"props":438,"children":442},"pre",{"className":439,"code":440,"language":441,"meta":401,"style":401},"language-yaml shiki shiki-themes material-theme-lighter material-theme material-theme-palenight","name: Run Azure Login with OIDC\non:\n  workflow_dispatch:\n\npermissions:\n  id-token: write\n  contents: read\njobs:\n  build-and-deploy:\n    runs-on: ubuntu-latest\n    steps:\n      - name: 'Az CLI login'\n        uses: azure/login@v1\n        with:\n          client-id: ${{ secrets.AZURE_CLIENT_ID }}\n          tenant-id: ${{ secrets.AZURE_TENANT_ID }}\n          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}\n\n      - name: 'Run az commands'\n        run: |\n          az account show\n          az group list\n","yaml",[443],{"type":413,"tag":444,"props":445,"children":446},"code",{"__ignoreMap":401},[447,471,486,499,509,522,540,558,571,584,602,615,648,666,679,697,715,733,741,770,789,798],{"type":413,"tag":448,"props":449,"children":452},"span",{"class":450,"line":451},"line",1,[453,459,465],{"type":413,"tag":448,"props":454,"children":456},{"style":455},"--shiki-light:#E53935;--shiki-default:#F07178;--shiki-dark:#F07178",[457],{"type":418,"value":458},"name",{"type":413,"tag":448,"props":460,"children":462},{"style":461},"--shiki-light:#39ADB5;--shiki-default:#89DDFF;--shiki-dark:#89DDFF",[463],{"type":418,"value":464},":",{"type":413,"tag":448,"props":466,"children":468},{"style":467},"--shiki-light:#91B859;--shiki-default:#C3E88D;--shiki-dark:#C3E88D",[469],{"type":418,"value":470}," Run Azure Login with OIDC\n",{"type":413,"tag":448,"props":472,"children":474},{"class":450,"line":473},2,[475,481],{"type":413,"tag":448,"props":476,"children":478},{"style":477},"--shiki-light:#FF5370;--shiki-default:#FF9CAC;--shiki-dark:#FF9CAC",[479],{"type":418,"value":480},"on",{"type":413,"tag":448,"props":482,"children":483},{"style":461},[484],{"type":418,"value":485},":\n",{"type":413,"tag":448,"props":487,"children":489},{"class":450,"line":488},3,[490,495],{"type":413,"tag":448,"props":491,"children":492},{"style":455},[493],{"type":418,"value":494},"  workflow_dispatch",{"type":413,"tag":448,"props":496,"children":497},{"style":461},[498],{"type":418,"value":485},{"type":413,"tag":448,"props":500,"children":502},{"class":450,"line":501},4,[503],{"type":413,"tag":448,"props":504,"children":506},{"emptyLinePlaceholder":505},true,[507],{"type":418,"value":508},"\n",{"type":413,"tag":448,"props":510,"children":512},{"class":450,"line":511},5,[513,518],{"type":413,"tag":448,"props":514,"children":515},{"style":455},[516],{"type":418,"value":517},"permissions",{"type":413,"tag":448,"props":519,"children":520},{"style":461},[521],{"type":418,"value":485},{"type":413,"tag":448,"props":523,"children":525},{"class":450,"line":524},6,[526,531,535],{"type":413,"tag":448,"props":527,"children":528},{"style":455},[529],{"type":418,"value":530},"  id-token",{"type":413,"tag":448,"props":532,"children":533},{"style":461},[534],{"type":418,"value":464},{"type":413,"tag":448,"props":536,"children":537},{"style":467},[538],{"type":418,"value":539}," write\n",{"type":413,"tag":448,"props":541,"children":543},{"class":450,"line":542},7,[544,549,553],{"type":413,"tag":448,"props":545,"children":546},{"style":455},[547],{"type":418,"value":548},"  contents",{"type":413,"tag":448,"props":550,"children":551},{"style":461},[552],{"type":418,"value":464},{"type":413,"tag":448,"props":554,"children":555},{"style":467},[556],{"type":418,"value":557}," read\n",{"type":413,"tag":448,"props":559,"children":561},{"class":450,"line":560},8,[562,567],{"type":413,"tag":448,"props":563,"children":564},{"style":455},[565],{"type":418,"value":566},"jobs",{"type":413,"tag":448,"props":568,"children":569},{"style":461},[570],{"type":418,"value":485},{"type":413,"tag":448,"props":572,"children":574},{"class":450,"line":573},9,[575,580],{"type":413,"tag":448,"props":576,"children":577},{"style":455},[578],{"type":418,"value":579},"  build-and-deploy",{"type":413,"tag":448,"props":581,"children":582},{"style":461},[583],{"type":418,"value":485},{"type":413,"tag":448,"props":585,"children":587},{"class":450,"line":586},10,[588,593,597],{"type":413,"tag":448,"props":589,"children":590},{"style":455},[591],{"type":418,"value":592},"    runs-on",{"type":413,"tag":448,"props":594,"children":595},{"style":461},[596],{"type":418,"value":464},{"type":413,"tag":448,"props":598,"children":599},{"style":467},[600],{"type":418,"value":601}," ubuntu-latest\n",{"type":413,"tag":448,"props":603,"children":605},{"class":450,"line":604},11,[606,611],{"type":413,"tag":448,"props":607,"children":608},{"style":455},[609],{"type":418,"value":610},"    steps",{"type":413,"tag":448,"props":612,"children":613},{"style":461},[614],{"type":418,"value":485},{"type":413,"tag":448,"props":616,"children":618},{"class":450,"line":617},12,[619,624,629,633,638,643],{"type":413,"tag":448,"props":620,"children":621},{"style":461},[622],{"type":418,"value":623},"      -",{"type":413,"tag":448,"props":625,"children":626},{"style":455},[627],{"type":418,"value":628}," name",{"type":413,"tag":448,"props":630,"children":631},{"style":461},[632],{"type":418,"value":464},{"type":413,"tag":448,"props":634,"children":635},{"style":461},[636],{"type":418,"value":637}," '",{"type":413,"tag":448,"props":639,"children":640},{"style":467},[641],{"type":418,"value":642},"Az CLI login",{"type":413,"tag":448,"props":644,"children":645},{"style":461},[646],{"type":418,"value":647},"'\n",{"type":413,"tag":448,"props":649,"children":651},{"class":450,"line":650},13,[652,657,661],{"type":413,"tag":448,"props":653,"children":654},{"style":455},[655],{"type":418,"value":656},"        uses",{"type":413,"tag":448,"props":658,"children":659},{"style":461},[660],{"type":418,"value":464},{"type":413,"tag":448,"props":662,"children":663},{"style":467},[664],{"type":418,"value":665}," azure/login@v1\n",{"type":413,"tag":448,"props":667,"children":669},{"class":450,"line":668},14,[670,675],{"type":413,"tag":448,"props":671,"children":672},{"style":455},[673],{"type":418,"value":674},"        with",{"type":413,"tag":448,"props":676,"children":677},{"style":461},[678],{"type":418,"value":485},{"type":413,"tag":448,"props":680,"children":682},{"class":450,"line":681},15,[683,688,692],{"type":413,"tag":448,"props":684,"children":685},{"style":455},[686],{"type":418,"value":687},"          client-id",{"type":413,"tag":448,"props":689,"children":690},{"style":461},[691],{"type":418,"value":464},{"type":413,"tag":448,"props":693,"children":694},{"style":467},[695],{"type":418,"value":696}," ${{ secrets.AZURE_CLIENT_ID }}\n",{"type":413,"tag":448,"props":698,"children":700},{"class":450,"line":699},16,[701,706,710],{"type":413,"tag":448,"props":702,"children":703},{"style":455},[704],{"type":418,"value":705},"          tenant-id",{"type":413,"tag":448,"props":707,"children":708},{"style":461},[709],{"type":418,"value":464},{"type":413,"tag":448,"props":711,"children":712},{"style":467},[713],{"type":418,"value":714}," ${{ secrets.AZURE_TENANT_ID }}\n",{"type":413,"tag":448,"props":716,"children":718},{"class":450,"line":717},17,[719,724,728],{"type":413,"tag":448,"props":720,"children":721},{"style":455},[722],{"type":418,"value":723},"          subscription-id",{"type":413,"tag":448,"props":725,"children":726},{"style":461},[727],{"type":418,"value":464},{"type":413,"tag":448,"props":729,"children":730},{"style":467},[731],{"type":418,"value":732}," ${{ secrets.AZURE_SUBSCRIPTION_ID }}\n",{"type":413,"tag":448,"props":734,"children":736},{"class":450,"line":735},18,[737],{"type":413,"tag":448,"props":738,"children":739},{"emptyLinePlaceholder":505},[740],{"type":418,"value":508},{"type":413,"tag":448,"props":742,"children":744},{"class":450,"line":743},19,[745,749,753,757,761,766],{"type":413,"tag":448,"props":746,"children":747},{"style":461},[748],{"type":418,"value":623},{"type":413,"tag":448,"props":750,"children":751},{"style":455},[752],{"type":418,"value":628},{"type":413,"tag":448,"props":754,"children":755},{"style":461},[756],{"type":418,"value":464},{"type":413,"tag":448,"props":758,"children":759},{"style":461},[760],{"type":418,"value":637},{"type":413,"tag":448,"props":762,"children":763},{"style":467},[764],{"type":418,"value":765},"Run az commands",{"type":413,"tag":448,"props":767,"children":768},{"style":461},[769],{"type":418,"value":647},{"type":413,"tag":448,"props":771,"children":773},{"class":450,"line":772},20,[774,779,783],{"type":413,"tag":448,"props":775,"children":776},{"style":455},[777],{"type":418,"value":778},"        run",{"type":413,"tag":448,"props":780,"children":781},{"style":461},[782],{"type":418,"value":464},{"type":413,"tag":448,"props":784,"children":786},{"style":785},"--shiki-light:#39ADB5;--shiki-default:#89DDFF;--shiki-dark:#89DDFF;--shiki-light-font-style:italic;--shiki-default-font-style:italic;--shiki-dark-font-style:italic",[787],{"type":418,"value":788}," |\n",{"type":413,"tag":448,"props":790,"children":792},{"class":450,"line":791},21,[793],{"type":413,"tag":448,"props":794,"children":795},{"style":467},[796],{"type":418,"value":797},"          az account show\n",{"type":413,"tag":448,"props":799,"children":801},{"class":450,"line":800},22,[802],{"type":413,"tag":448,"props":803,"children":804},{"style":467},[805],{"type":418,"value":806},"          az group list\n",{"type":413,"tag":414,"props":808,"children":809},{},[810,812,821],{"type":418,"value":811},"This workflow is an example coming from ",{"type":413,"tag":813,"props":814,"children":818},"a",{"href":815,"rel":816},"https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-azure",[817],"nofollow",[819],{"type":418,"value":820},"the GitHub documentation",{"type":418,"value":822}," showing how to configure GitHub Actions workflow to access Azure resources protected by Microsoft Entra.",{"type":413,"tag":414,"props":824,"children":825},{},[826],{"type":418,"value":827},"To run this workflow we will need to automate the configuration of these resources:",{"type":413,"tag":414,"props":829,"children":830},{},[831],{"type":413,"tag":832,"props":833,"children":839},"img",{"alt":834,"className":835,"src":838},"A diagram showing the interactions between Azure and GitHub.",[836,837],"rounded-lg","mx-auto","/posts/images/scripting_azurereadygithub_azure_1.webp",[],{"type":413,"tag":841,"props":842,"children":844},"callout",{"icon":843},"i-heroicons-chat-bubble-left-20-solid",[845],{"type":413,"tag":414,"props":846,"children":847},{},[848,850,857],{"type":418,"value":849},"Looks familiar? That's the same diagram from my article about ",{"type":413,"tag":813,"props":851,"children":854},{"href":852,"rel":853},"https://www.techwatching.dev/posts/azure-ready-github-repository",[817],[855],{"type":418,"value":856},"creating an Azure-Ready GitHub Repository using Pulumi",{"type":418,"value":858},". The purpose was the same but using Pulumi instead of CLI tools. If you prefer a declarative Infrastructure as Code approach using programming languages over CLI tools, you should definitively read it 😉",{"type":413,"tag":420,"props":860,"children":862},{"id":861},"the-script",[863],{"type":418,"value":864},"The Script",{"type":413,"tag":866,"props":867,"children":869},"h3",{"id":868},"a-word-about-the-tools-used",[870],{"type":418,"value":871},"A word about the tools used",{"type":413,"tag":414,"props":873,"children":874},{},[875,877,884],{"type":418,"value":876},"I will be using ",{"type":413,"tag":813,"props":878,"children":881},{"href":879,"rel":880},"https://learn.microsoft.com/en-us/powershell/scripting/install/installing-powershell?view=powershell-7.3",[817],[882],{"type":418,"value":883},"PowerShell which is cross-platform",{"type":418,"value":885},". However, if you prefer using a different shell, you will simply need to adjust some syntax (such as the environment variable declarations) to ensure compatibility.",{"type":413,"tag":414,"props":887,"children":888},{},[889,891,897],{"type":418,"value":890},"To create and configure the Microsoft Entra ID resources, we will need the ",{"type":413,"tag":813,"props":892,"children":895},{"href":893,"rel":894},"https://learn.microsoft.com/en-us/cli/azure/install-azure-cli",[817],[896],{"type":418,"value":225},{"type":418,"value":898},".",{"type":413,"tag":414,"props":900,"children":901},{},[902,904,910],{"type":418,"value":903},"To create and configure the GitHub repository, we will need the ",{"type":413,"tag":813,"props":905,"children":908},{"href":906,"rel":907},"https://cli.github.com/",[817],[909],{"type":418,"value":379},{"type":418,"value":898},{"type":413,"tag":866,"props":912,"children":914},{"id":913},"create-the-repository-on-github",[915],{"type":418,"value":916},"Create the repository on GitHub",{"type":413,"tag":414,"props":918,"children":919},{},[920,922,928],{"type":418,"value":921},"Let's assume we are already in a new directory with the YAML workflow file ",{"type":413,"tag":444,"props":923,"children":925},{"className":924},[],[926],{"type":418,"value":927},".github\\workflows\\main.yml",{"type":418,"value":929}," in it.",{"type":413,"tag":414,"props":931,"children":932},{},[933],{"type":418,"value":934},"First, we can initialize the git repository.",{"type":413,"tag":437,"props":936,"children":940},{"className":937,"code":938,"language":939,"meta":401,"style":401},"language-bash shiki shiki-themes material-theme-lighter material-theme material-theme-palenight","git init\ngit add .\ngit commit -m \"Intialize repository with the GitHub Actions workflow file\"\n","bash",[941],{"type":413,"tag":444,"props":942,"children":943},{"__ignoreMap":401},[944,957,974],{"type":413,"tag":448,"props":945,"children":946},{"class":450,"line":451},[947,952],{"type":413,"tag":448,"props":948,"children":950},{"style":949},"--shiki-light:#E2931D;--shiki-default:#FFCB6B;--shiki-dark:#FFCB6B",[951],{"type":418,"value":241},{"type":413,"tag":448,"props":953,"children":954},{"style":467},[955],{"type":418,"value":956}," init\n",{"type":413,"tag":448,"props":958,"children":959},{"class":450,"line":473},[960,964,969],{"type":413,"tag":448,"props":961,"children":962},{"style":949},[963],{"type":418,"value":241},{"type":413,"tag":448,"props":965,"children":966},{"style":467},[967],{"type":418,"value":968}," add",{"type":413,"tag":448,"props":970,"children":971},{"style":467},[972],{"type":418,"value":973}," .\n",{"type":413,"tag":448,"props":975,"children":976},{"class":450,"line":488},[977,981,986,991,996,1001],{"type":413,"tag":448,"props":978,"children":979},{"style":949},[980],{"type":418,"value":241},{"type":413,"tag":448,"props":982,"children":983},{"style":467},[984],{"type":418,"value":985}," commit",{"type":413,"tag":448,"props":987,"children":988},{"style":467},[989],{"type":418,"value":990}," -m",{"type":413,"tag":448,"props":992,"children":993},{"style":461},[994],{"type":418,"value":995}," \"",{"type":413,"tag":448,"props":997,"children":998},{"style":467},[999],{"type":418,"value":1000},"Intialize repository with the GitHub Actions workflow file",{"type":413,"tag":448,"props":1002,"children":1003},{"style":461},[1004],{"type":418,"value":1005},"\"\n",{"type":413,"tag":414,"props":1007,"children":1008},{},[1009],{"type":418,"value":1010},"Second, we can create the GitHub repository and push the git repository we just initialized in it.",{"type":413,"tag":437,"props":1012,"children":1015},{"className":1013,"code":1014,"language":248,"meta":401,"style":401},"language-powershell shiki shiki-themes material-theme-lighter material-theme material-theme-palenight","$repositoryName = \"MyAzureReadyRepository\"\ngh repo create $repositoryName --private --source=. --push\n",[1016],{"type":413,"tag":444,"props":1017,"children":1018},{"__ignoreMap":401},[1019,1051],{"type":413,"tag":448,"props":1020,"children":1021},{"class":450,"line":451},[1022,1027,1033,1038,1042,1047],{"type":413,"tag":448,"props":1023,"children":1024},{"style":461},[1025],{"type":418,"value":1026},"$",{"type":413,"tag":448,"props":1028,"children":1030},{"style":1029},"--shiki-light:#90A4AE;--shiki-default:#EEFFFF;--shiki-dark:#BABED8",[1031],{"type":418,"value":1032},"repositoryName ",{"type":413,"tag":448,"props":1034,"children":1035},{"style":461},[1036],{"type":418,"value":1037},"=",{"type":413,"tag":448,"props":1039,"children":1040},{"style":461},[1041],{"type":418,"value":995},{"type":413,"tag":448,"props":1043,"children":1044},{"style":467},[1045],{"type":418,"value":1046},"MyAzureReadyRepository",{"type":413,"tag":448,"props":1048,"children":1049},{"style":461},[1050],{"type":418,"value":1005},{"type":413,"tag":448,"props":1052,"children":1053},{"class":450,"line":473},[1054,1059,1063,1067,1072,1077,1081,1086,1091,1096],{"type":413,"tag":448,"props":1055,"children":1056},{"style":1029},[1057],{"type":418,"value":1058},"gh repo create ",{"type":413,"tag":448,"props":1060,"children":1061},{"style":461},[1062],{"type":418,"value":1026},{"type":413,"tag":448,"props":1064,"children":1065},{"style":1029},[1066],{"type":418,"value":1032},{"type":413,"tag":448,"props":1068,"children":1069},{"style":461},[1070],{"type":418,"value":1071},"--",{"type":413,"tag":448,"props":1073,"children":1074},{"style":1029},[1075],{"type":418,"value":1076},"private ",{"type":413,"tag":448,"props":1078,"children":1079},{"style":461},[1080],{"type":418,"value":1071},{"type":413,"tag":448,"props":1082,"children":1083},{"style":1029},[1084],{"type":418,"value":1085},"source",{"type":413,"tag":448,"props":1087,"children":1088},{"style":461},[1089],{"type":418,"value":1090},"=.",{"type":413,"tag":448,"props":1092,"children":1093},{"style":461},[1094],{"type":418,"value":1095}," --",{"type":413,"tag":448,"props":1097,"children":1098},{"style":1029},[1099],{"type":418,"value":1100},"push\n",{"type":413,"tag":841,"props":1102,"children":1104},{"icon":1103},"i-heroicons-light-bulb",[1105],{"type":413,"tag":414,"props":1106,"children":1107},{},[1108,1110,1116,1118,1124],{"type":418,"value":1109},"You can use the ",{"type":413,"tag":444,"props":1111,"children":1113},{"className":1112},[],[1114],{"type":418,"value":1115},"--public",{"type":418,"value":1117}," flag instead of the ",{"type":413,"tag":444,"props":1119,"children":1121},{"className":1120},[],[1122],{"type":418,"value":1123},"--private",{"type":418,"value":1125}," one if you want your GitHub repository to be public.",{"type":413,"tag":414,"props":1127,"children":1128},{},[1129],{"type":418,"value":1130},"The repository's full name (containing the organization name) can be retrieved like this:",{"type":413,"tag":437,"props":1132,"children":1134},{"className":1013,"code":1133,"language":248,"meta":401,"style":401},"$repositoryFullName=$(gh repo view --json nameWithOwner -q \".nameWithOwner\")\n",[1135],{"type":413,"tag":444,"props":1136,"children":1137},{"__ignoreMap":401},[1138],{"type":413,"tag":448,"props":1139,"children":1140},{"class":450,"line":451},[1141,1145,1150,1155,1160,1164,1169,1174,1179,1184,1189,1193],{"type":413,"tag":448,"props":1142,"children":1143},{"style":461},[1144],{"type":418,"value":1026},{"type":413,"tag":448,"props":1146,"children":1147},{"style":1029},[1148],{"type":418,"value":1149},"repositoryFullName",{"type":413,"tag":448,"props":1151,"children":1152},{"style":461},[1153],{"type":418,"value":1154},"=$(",{"type":413,"tag":448,"props":1156,"children":1157},{"style":1029},[1158],{"type":418,"value":1159},"gh repo view ",{"type":413,"tag":448,"props":1161,"children":1162},{"style":461},[1163],{"type":418,"value":1071},{"type":413,"tag":448,"props":1165,"children":1166},{"style":1029},[1167],{"type":418,"value":1168},"json nameWithOwner ",{"type":413,"tag":448,"props":1170,"children":1171},{"style":461},[1172],{"type":418,"value":1173},"-",{"type":413,"tag":448,"props":1175,"children":1176},{"style":1029},[1177],{"type":418,"value":1178},"q ",{"type":413,"tag":448,"props":1180,"children":1181},{"style":461},[1182],{"type":418,"value":1183},"\"",{"type":413,"tag":448,"props":1185,"children":1186},{"style":467},[1187],{"type":418,"value":1188},".nameWithOwner",{"type":413,"tag":448,"props":1190,"children":1191},{"style":461},[1192],{"type":418,"value":1183},{"type":413,"tag":448,"props":1194,"children":1195},{"style":461},[1196],{"type":418,"value":1197},")\n",{"type":413,"tag":841,"props":1199,"children":1200},{"icon":1103},[1201],{"type":413,"tag":414,"props":1202,"children":1203},{},[1204,1206,1212,1214,1220,1222],{"type":418,"value":1205},"Passing the ",{"type":413,"tag":444,"props":1207,"children":1209},{"className":1208},[],[1210],{"type":418,"value":1211},"--json",{"type":418,"value":1213}," flag converts the output format to JSON which, combined with the ",{"type":413,"tag":444,"props":1215,"children":1217},{"className":1216},[],[1218],{"type":418,"value":1219},"--q",{"type":418,"value":1221}," flag can be handy for filtering or formatting a command output. More on that ",{"type":413,"tag":813,"props":1223,"children":1226},{"href":1224,"rel":1225},"https://cli.github.com/manual/gh_help_formatting",[817],[1227],{"type":418,"value":1228},"in the documentation",{"type":413,"tag":866,"props":1230,"children":1232},{"id":1231},"create-the-microsoft-entra-id-resources",[1233],{"type":418,"value":1234},"Create the Microsoft Entra ID resources",{"type":413,"tag":414,"props":1236,"children":1237},{},[1238],{"type":418,"value":1239},"Later, we will need the subscription and the tenant identifiers. Let's retrieve them now and take this opportunity to check that we are logged in on the correct tenant with the correct subscription selected.",{"type":413,"tag":437,"props":1241,"children":1243},{"className":1013,"code":1242,"language":248,"meta":401,"style":401},"$subscriptionId=$(az account show --query \"id\" -o tsv)\n$tenantId=$(az account show --query \"tenantId\" -o tsv)\n",[1244],{"type":413,"tag":444,"props":1245,"children":1246},{"__ignoreMap":401},[1247,1304],{"type":413,"tag":448,"props":1248,"children":1249},{"class":450,"line":451},[1250,1254,1259,1263,1268,1272,1277,1281,1286,1290,1295,1300],{"type":413,"tag":448,"props":1251,"children":1252},{"style":461},[1253],{"type":418,"value":1026},{"type":413,"tag":448,"props":1255,"children":1256},{"style":1029},[1257],{"type":418,"value":1258},"subscriptionId",{"type":413,"tag":448,"props":1260,"children":1261},{"style":461},[1262],{"type":418,"value":1154},{"type":413,"tag":448,"props":1264,"children":1265},{"style":1029},[1266],{"type":418,"value":1267},"az account show ",{"type":413,"tag":448,"props":1269,"children":1270},{"style":461},[1271],{"type":418,"value":1071},{"type":413,"tag":448,"props":1273,"children":1274},{"style":1029},[1275],{"type":418,"value":1276},"query ",{"type":413,"tag":448,"props":1278,"children":1279},{"style":461},[1280],{"type":418,"value":1183},{"type":413,"tag":448,"props":1282,"children":1283},{"style":467},[1284],{"type":418,"value":1285},"id",{"type":413,"tag":448,"props":1287,"children":1288},{"style":461},[1289],{"type":418,"value":1183},{"type":413,"tag":448,"props":1291,"children":1292},{"style":461},[1293],{"type":418,"value":1294}," -",{"type":413,"tag":448,"props":1296,"children":1297},{"style":1029},[1298],{"type":418,"value":1299},"o tsv",{"type":413,"tag":448,"props":1301,"children":1302},{"style":461},[1303],{"type":418,"value":1197},{"type":413,"tag":448,"props":1305,"children":1306},{"class":450,"line":473},[1307,1311,1316,1320,1324,1328,1332,1336,1340,1344,1348,1352],{"type":413,"tag":448,"props":1308,"children":1309},{"style":461},[1310],{"type":418,"value":1026},{"type":413,"tag":448,"props":1312,"children":1313},{"style":1029},[1314],{"type":418,"value":1315},"tenantId",{"type":413,"tag":448,"props":1317,"children":1318},{"style":461},[1319],{"type":418,"value":1154},{"type":413,"tag":448,"props":1321,"children":1322},{"style":1029},[1323],{"type":418,"value":1267},{"type":413,"tag":448,"props":1325,"children":1326},{"style":461},[1327],{"type":418,"value":1071},{"type":413,"tag":448,"props":1329,"children":1330},{"style":1029},[1331],{"type":418,"value":1276},{"type":413,"tag":448,"props":1333,"children":1334},{"style":461},[1335],{"type":418,"value":1183},{"type":413,"tag":448,"props":1337,"children":1338},{"style":467},[1339],{"type":418,"value":1315},{"type":413,"tag":448,"props":1341,"children":1342},{"style":461},[1343],{"type":418,"value":1183},{"type":413,"tag":448,"props":1345,"children":1346},{"style":461},[1347],{"type":418,"value":1294},{"type":413,"tag":448,"props":1349,"children":1350},{"style":1029},[1351],{"type":418,"value":1299},{"type":413,"tag":448,"props":1353,"children":1354},{"style":461},[1355],{"type":418,"value":1197},{"type":413,"tag":841,"props":1357,"children":1358},{"icon":843},[1359],{"type":413,"tag":414,"props":1360,"children":1361},{},[1362,1364,1370,1372,1378,1380,1387],{"type":418,"value":1363},"Similar to the GitHub CLI, the Azure CLI has a ",{"type":413,"tag":444,"props":1365,"children":1367},{"className":1366},[],[1368],{"type":418,"value":1369},"--query",{"type":418,"value":1371}," flag to filter a command output. There are also different output formats. The ",{"type":413,"tag":444,"props":1373,"children":1375},{"className":1374},[],[1376],{"type":418,"value":1377},"tsv",{"type":418,"value":1379}," (tab-separated values) one is useful for capturing a value in an environment variable. If you are not very familiar with the Azure CLI, you can check my article on the topic ",{"type":413,"tag":813,"props":1381,"children":1384},{"href":1382,"rel":1383},"https://www.techwatching.dev/posts/welcome-azure-cli",[817],[1385],{"type":418,"value":1386},"here",{"type":418,"value":898},{"type":413,"tag":414,"props":1389,"children":1390},{},[1391],{"type":418,"value":1392},"To create the app registration and its associated service principal, we can execute the following commands:",{"type":413,"tag":437,"props":1394,"children":1396},{"className":1013,"code":1395,"language":248,"meta":401,"style":401},"$appId=$(az ad app create --display-name \"GitHub Action OIDC for ${repositoryFullName}\" --query \"appId\" -o tsv)\n$servicePrincipalId=$(az ad sp create --id $appId --query \"id\" -o tsv)\n",[1397],{"type":413,"tag":444,"props":1398,"children":1399},{"__ignoreMap":401},[1400,1494],{"type":413,"tag":448,"props":1401,"children":1402},{"class":450,"line":451},[1403,1407,1412,1416,1421,1425,1430,1434,1439,1443,1448,1453,1457,1462,1466,1470,1474,1478,1482,1486,1490],{"type":413,"tag":448,"props":1404,"children":1405},{"style":461},[1406],{"type":418,"value":1026},{"type":413,"tag":448,"props":1408,"children":1409},{"style":1029},[1410],{"type":418,"value":1411},"appId",{"type":413,"tag":448,"props":1413,"children":1414},{"style":461},[1415],{"type":418,"value":1154},{"type":413,"tag":448,"props":1417,"children":1418},{"style":1029},[1419],{"type":418,"value":1420},"az ad app create ",{"type":413,"tag":448,"props":1422,"children":1423},{"style":461},[1424],{"type":418,"value":1071},{"type":413,"tag":448,"props":1426,"children":1427},{"style":1029},[1428],{"type":418,"value":1429},"display",{"type":413,"tag":448,"props":1431,"children":1432},{"style":461},[1433],{"type":418,"value":1173},{"type":413,"tag":448,"props":1435,"children":1436},{"style":1029},[1437],{"type":418,"value":1438},"name ",{"type":413,"tag":448,"props":1440,"children":1441},{"style":461},[1442],{"type":418,"value":1183},{"type":413,"tag":448,"props":1444,"children":1445},{"style":467},[1446],{"type":418,"value":1447},"GitHub Action OIDC for ",{"type":413,"tag":448,"props":1449,"children":1450},{"style":461},[1451],{"type":418,"value":1452},"${",{"type":413,"tag":448,"props":1454,"children":1455},{"style":1029},[1456],{"type":418,"value":1149},{"type":413,"tag":448,"props":1458,"children":1459},{"style":461},[1460],{"type":418,"value":1461},"}\"",{"type":413,"tag":448,"props":1463,"children":1464},{"style":461},[1465],{"type":418,"value":1095},{"type":413,"tag":448,"props":1467,"children":1468},{"style":1029},[1469],{"type":418,"value":1276},{"type":413,"tag":448,"props":1471,"children":1472},{"style":461},[1473],{"type":418,"value":1183},{"type":413,"tag":448,"props":1475,"children":1476},{"style":467},[1477],{"type":418,"value":1411},{"type":413,"tag":448,"props":1479,"children":1480},{"style":461},[1481],{"type":418,"value":1183},{"type":413,"tag":448,"props":1483,"children":1484},{"style":461},[1485],{"type":418,"value":1294},{"type":413,"tag":448,"props":1487,"children":1488},{"style":1029},[1489],{"type":418,"value":1299},{"type":413,"tag":448,"props":1491,"children":1492},{"style":461},[1493],{"type":418,"value":1197},{"type":413,"tag":448,"props":1495,"children":1496},{"class":450,"line":473},[1497,1501,1506,1510,1515,1519,1524,1528,1533,1537,1541,1545,1549,1553,1557,1561],{"type":413,"tag":448,"props":1498,"children":1499},{"style":461},[1500],{"type":418,"value":1026},{"type":413,"tag":448,"props":1502,"children":1503},{"style":1029},[1504],{"type":418,"value":1505},"servicePrincipalId",{"type":413,"tag":448,"props":1507,"children":1508},{"style":461},[1509],{"type":418,"value":1154},{"type":413,"tag":448,"props":1511,"children":1512},{"style":1029},[1513],{"type":418,"value":1514},"az ad sp create ",{"type":413,"tag":448,"props":1516,"children":1517},{"style":461},[1518],{"type":418,"value":1071},{"type":413,"tag":448,"props":1520,"children":1521},{"style":1029},[1522],{"type":418,"value":1523},"id ",{"type":413,"tag":448,"props":1525,"children":1526},{"style":461},[1527],{"type":418,"value":1026},{"type":413,"tag":448,"props":1529,"children":1530},{"style":1029},[1531],{"type":418,"value":1532},"appId ",{"type":413,"tag":448,"props":1534,"children":1535},{"style":461},[1536],{"type":418,"value":1071},{"type":413,"tag":448,"props":1538,"children":1539},{"style":1029},[1540],{"type":418,"value":1276},{"type":413,"tag":448,"props":1542,"children":1543},{"style":461},[1544],{"type":418,"value":1183},{"type":413,"tag":448,"props":1546,"children":1547},{"style":467},[1548],{"type":418,"value":1285},{"type":413,"tag":448,"props":1550,"children":1551},{"style":461},[1552],{"type":418,"value":1183},{"type":413,"tag":448,"props":1554,"children":1555},{"style":461},[1556],{"type":418,"value":1294},{"type":413,"tag":448,"props":1558,"children":1559},{"style":1029},[1560],{"type":418,"value":1299},{"type":413,"tag":448,"props":1562,"children":1563},{"style":461},[1564],{"type":418,"value":1197},{"type":413,"tag":414,"props":1566,"children":1567},{},[1568],{"type":418,"value":1569},"We can now assign the contributor role to the service principal on the subscription.",{"type":413,"tag":437,"props":1571,"children":1573},{"className":1013,"code":1572,"language":248,"meta":401,"style":401},"az role assignment create --role contributor --subscription $subscriptionId --assignee-object-id  $servicePrincipalId --assignee-principal-type ServicePrincipal --scope /subscriptions/$subscriptionId\n",[1574],{"type":413,"tag":444,"props":1575,"children":1576},{"__ignoreMap":401},[1577],{"type":413,"tag":448,"props":1578,"children":1579},{"class":450,"line":451},[1580,1585,1589,1594,1598,1603,1607,1612,1616,1621,1625,1630,1634,1639,1643,1648,1652,1656,1660,1665,1669,1674,1678,1683,1688,1693,1698],{"type":413,"tag":448,"props":1581,"children":1582},{"style":1029},[1583],{"type":418,"value":1584},"az role assignment create ",{"type":413,"tag":448,"props":1586,"children":1587},{"style":461},[1588],{"type":418,"value":1071},{"type":413,"tag":448,"props":1590,"children":1591},{"style":1029},[1592],{"type":418,"value":1593},"role contributor ",{"type":413,"tag":448,"props":1595,"children":1596},{"style":461},[1597],{"type":418,"value":1071},{"type":413,"tag":448,"props":1599,"children":1600},{"style":1029},[1601],{"type":418,"value":1602},"subscription ",{"type":413,"tag":448,"props":1604,"children":1605},{"style":461},[1606],{"type":418,"value":1026},{"type":413,"tag":448,"props":1608,"children":1609},{"style":1029},[1610],{"type":418,"value":1611},"subscriptionId ",{"type":413,"tag":448,"props":1613,"children":1614},{"style":461},[1615],{"type":418,"value":1071},{"type":413,"tag":448,"props":1617,"children":1618},{"style":1029},[1619],{"type":418,"value":1620},"assignee",{"type":413,"tag":448,"props":1622,"children":1623},{"style":461},[1624],{"type":418,"value":1173},{"type":413,"tag":448,"props":1626,"children":1627},{"style":1029},[1628],{"type":418,"value":1629},"object",{"type":413,"tag":448,"props":1631,"children":1632},{"style":461},[1633],{"type":418,"value":1173},{"type":413,"tag":448,"props":1635,"children":1636},{"style":1029},[1637],{"type":418,"value":1638},"id  ",{"type":413,"tag":448,"props":1640,"children":1641},{"style":461},[1642],{"type":418,"value":1026},{"type":413,"tag":448,"props":1644,"children":1645},{"style":1029},[1646],{"type":418,"value":1647},"servicePrincipalId ",{"type":413,"tag":448,"props":1649,"children":1650},{"style":461},[1651],{"type":418,"value":1071},{"type":413,"tag":448,"props":1653,"children":1654},{"style":1029},[1655],{"type":418,"value":1620},{"type":413,"tag":448,"props":1657,"children":1658},{"style":461},[1659],{"type":418,"value":1173},{"type":413,"tag":448,"props":1661,"children":1662},{"style":1029},[1663],{"type":418,"value":1664},"principal",{"type":413,"tag":448,"props":1666,"children":1667},{"style":461},[1668],{"type":418,"value":1173},{"type":413,"tag":448,"props":1670,"children":1671},{"style":1029},[1672],{"type":418,"value":1673},"type ServicePrincipal ",{"type":413,"tag":448,"props":1675,"children":1676},{"style":461},[1677],{"type":418,"value":1071},{"type":413,"tag":448,"props":1679,"children":1680},{"style":1029},[1681],{"type":418,"value":1682},"scope ",{"type":413,"tag":448,"props":1684,"children":1685},{"style":461},[1686],{"type":418,"value":1687},"/",{"type":413,"tag":448,"props":1689,"children":1690},{"style":1029},[1691],{"type":418,"value":1692},"subscriptions",{"type":413,"tag":448,"props":1694,"children":1695},{"style":461},[1696],{"type":418,"value":1697},"/$",{"type":413,"tag":448,"props":1699,"children":1700},{"style":1029},[1701],{"type":418,"value":1702},"subscriptionId\n",{"type":413,"tag":414,"props":1704,"children":1705},{},[1706],{"type":418,"value":1707},"Creating federated credentials is a bit more complex as one of the arguments needs to be an in-line JSON string.",{"type":413,"tag":437,"props":1709,"children":1711},{"className":1013,"code":1710,"language":248,"meta":401,"style":401},"$parametersJson = @{\n    name = \"FederatedIdentityForWorkshop\"\n    issuer = \"https://token.actions.githubusercontent.com\"\n    subject = \"repo:${repositoryFullName}:ref:refs/heads/main\"\n    description = \"Deployments for ${repositoryFullName}\"\n    audiences = @(\n        \"api://AzureADTokenExchange\"\n    )\n}\n",[1712],{"type":413,"tag":444,"props":1713,"children":1714},{"__ignoreMap":401},[1715,1742,1767,1792,1835,1869,1890,1907,1915],{"type":413,"tag":448,"props":1716,"children":1717},{"class":450,"line":451},[1718,1722,1727,1731,1737],{"type":413,"tag":448,"props":1719,"children":1720},{"style":461},[1721],{"type":418,"value":1026},{"type":413,"tag":448,"props":1723,"children":1724},{"style":1029},[1725],{"type":418,"value":1726},"parametersJson ",{"type":413,"tag":448,"props":1728,"children":1729},{"style":461},[1730],{"type":418,"value":1037},{"type":413,"tag":448,"props":1732,"children":1734},{"style":1733},"--shiki-light:#F76D47;--shiki-default:#F78C6C;--shiki-dark:#F78C6C",[1735],{"type":418,"value":1736}," @",{"type":413,"tag":448,"props":1738,"children":1739},{"style":461},[1740],{"type":418,"value":1741},"{\n",{"type":413,"tag":448,"props":1743,"children":1744},{"class":450,"line":473},[1745,1750,1754,1758,1763],{"type":413,"tag":448,"props":1746,"children":1747},{"style":1029},[1748],{"type":418,"value":1749},"    name ",{"type":413,"tag":448,"props":1751,"children":1752},{"style":461},[1753],{"type":418,"value":1037},{"type":413,"tag":448,"props":1755,"children":1756},{"style":461},[1757],{"type":418,"value":995},{"type":413,"tag":448,"props":1759,"children":1760},{"style":467},[1761],{"type":418,"value":1762},"FederatedIdentityForWorkshop",{"type":413,"tag":448,"props":1764,"children":1765},{"style":461},[1766],{"type":418,"value":1005},{"type":413,"tag":448,"props":1768,"children":1769},{"class":450,"line":488},[1770,1775,1779,1783,1788],{"type":413,"tag":448,"props":1771,"children":1772},{"style":1029},[1773],{"type":418,"value":1774},"    issuer ",{"type":413,"tag":448,"props":1776,"children":1777},{"style":461},[1778],{"type":418,"value":1037},{"type":413,"tag":448,"props":1780,"children":1781},{"style":461},[1782],{"type":418,"value":995},{"type":413,"tag":448,"props":1784,"children":1785},{"style":467},[1786],{"type":418,"value":1787},"https://token.actions.githubusercontent.com",{"type":413,"tag":448,"props":1789,"children":1790},{"style":461},[1791],{"type":418,"value":1005},{"type":413,"tag":448,"props":1793,"children":1794},{"class":450,"line":501},[1795,1800,1804,1808,1813,1817,1821,1826,1831],{"type":413,"tag":448,"props":1796,"children":1797},{"style":1029},[1798],{"type":418,"value":1799},"    subject ",{"type":413,"tag":448,"props":1801,"children":1802},{"style":461},[1803],{"type":418,"value":1037},{"type":413,"tag":448,"props":1805,"children":1806},{"style":461},[1807],{"type":418,"value":995},{"type":413,"tag":448,"props":1809,"children":1810},{"style":467},[1811],{"type":418,"value":1812},"repo:",{"type":413,"tag":448,"props":1814,"children":1815},{"style":461},[1816],{"type":418,"value":1452},{"type":413,"tag":448,"props":1818,"children":1819},{"style":1029},[1820],{"type":418,"value":1149},{"type":413,"tag":448,"props":1822,"children":1823},{"style":461},[1824],{"type":418,"value":1825},"}",{"type":413,"tag":448,"props":1827,"children":1828},{"style":467},[1829],{"type":418,"value":1830},":ref:refs/heads/main",{"type":413,"tag":448,"props":1832,"children":1833},{"style":461},[1834],{"type":418,"value":1005},{"type":413,"tag":448,"props":1836,"children":1837},{"class":450,"line":511},[1838,1843,1847,1851,1856,1860,1864],{"type":413,"tag":448,"props":1839,"children":1840},{"style":1029},[1841],{"type":418,"value":1842},"    description ",{"type":413,"tag":448,"props":1844,"children":1845},{"style":461},[1846],{"type":418,"value":1037},{"type":413,"tag":448,"props":1848,"children":1849},{"style":461},[1850],{"type":418,"value":995},{"type":413,"tag":448,"props":1852,"children":1853},{"style":467},[1854],{"type":418,"value":1855},"Deployments for ",{"type":413,"tag":448,"props":1857,"children":1858},{"style":461},[1859],{"type":418,"value":1452},{"type":413,"tag":448,"props":1861,"children":1862},{"style":1029},[1863],{"type":418,"value":1149},{"type":413,"tag":448,"props":1865,"children":1866},{"style":461},[1867],{"type":418,"value":1868},"}\"\n",{"type":413,"tag":448,"props":1870,"children":1871},{"class":450,"line":524},[1872,1877,1881,1885],{"type":413,"tag":448,"props":1873,"children":1874},{"style":1029},[1875],{"type":418,"value":1876},"    audiences ",{"type":413,"tag":448,"props":1878,"children":1879},{"style":461},[1880],{"type":418,"value":1037},{"type":413,"tag":448,"props":1882,"children":1883},{"style":1733},[1884],{"type":418,"value":1736},{"type":413,"tag":448,"props":1886,"children":1887},{"style":461},[1888],{"type":418,"value":1889},"(\n",{"type":413,"tag":448,"props":1891,"children":1892},{"class":450,"line":542},[1893,1898,1903],{"type":413,"tag":448,"props":1894,"children":1895},{"style":461},[1896],{"type":418,"value":1897},"        \"",{"type":413,"tag":448,"props":1899,"children":1900},{"style":467},[1901],{"type":418,"value":1902},"api://AzureADTokenExchange",{"type":413,"tag":448,"props":1904,"children":1905},{"style":461},[1906],{"type":418,"value":1005},{"type":413,"tag":448,"props":1908,"children":1909},{"class":450,"line":560},[1910],{"type":413,"tag":448,"props":1911,"children":1912},{"style":461},[1913],{"type":418,"value":1914},"    )\n",{"type":413,"tag":448,"props":1916,"children":1917},{"class":450,"line":573},[1918],{"type":413,"tag":448,"props":1919,"children":1920},{"style":461},[1921],{"type":418,"value":1922},"}\n",{"type":413,"tag":841,"props":1924,"children":1925},{"icon":1103},[1926],{"type":413,"tag":414,"props":1927,"children":1928},{},[1929,1931,1937,1939,1946],{"type":418,"value":1930},"The ",{"type":413,"tag":444,"props":1932,"children":1934},{"className":1933},[],[1935],{"type":418,"value":1936},"subject",{"type":418,"value":1938}," property here specifies that the GitHub Actions workflow from the created repository is only authorized to authenticate to Azure when it runs on the main branch. Of course, there are other possible configurations, such as those involving pull requests or environments. Consult the ",{"type":413,"tag":813,"props":1940,"children":1943},{"href":1941,"rel":1942},"https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#example-subject-claims",[817],[1944],{"type":418,"value":1945},"documentation",{"type":418,"value":1947}," to learn more about these options.",{"type":413,"tag":414,"props":1949,"children":1950},{},[1951,1953,1960],{"type":418,"value":1952},"To make this JSON string an inline string with escaped quotes that works for the Azure CLI, we have to transform the string using a command I found in this ",{"type":413,"tag":813,"props":1954,"children":1957},{"href":1955,"rel":1956},"https://medium.com/medialesson/use-dynamic-json-strings-with-azure-cli-commands-in-powershell-b191eccc8e9b",[817],[1958],{"type":418,"value":1959},"blog article",{"type":418,"value":898},{"type":413,"tag":437,"props":1962,"children":1964},{"className":1013,"code":1963,"language":248,"meta":401,"style":401},"$parameters = $($parametersJson | ConvertTo-Json -Depth 100 -Compress).Replace(\"`\"\", \"\\`\"\")\n",[1965],{"type":413,"tag":444,"props":1966,"children":1967},{"__ignoreMap":401},[1968],{"type":413,"tag":448,"props":1969,"children":1970},{"class":450,"line":451},[1971,1975,1980,1984,1989,1993,1998,2004,2008,2013,2018,2022,2027,2032,2037,2042,2046,2051,2055,2060,2064,2069,2073,2077],{"type":413,"tag":448,"props":1972,"children":1973},{"style":461},[1974],{"type":418,"value":1026},{"type":413,"tag":448,"props":1976,"children":1977},{"style":1029},[1978],{"type":418,"value":1979},"parameters ",{"type":413,"tag":448,"props":1981,"children":1982},{"style":461},[1983],{"type":418,"value":1037},{"type":413,"tag":448,"props":1985,"children":1986},{"style":461},[1987],{"type":418,"value":1988}," $($",{"type":413,"tag":448,"props":1990,"children":1991},{"style":1029},[1992],{"type":418,"value":1726},{"type":413,"tag":448,"props":1994,"children":1995},{"style":461},[1996],{"type":418,"value":1997},"|",{"type":413,"tag":448,"props":1999,"children":2001},{"style":2000},"--shiki-light:#6182B8;--shiki-default:#82AAFF;--shiki-dark:#82AAFF",[2002],{"type":418,"value":2003}," ConvertTo-Json",{"type":413,"tag":448,"props":2005,"children":2006},{"style":461},[2007],{"type":418,"value":1294},{"type":413,"tag":448,"props":2009,"children":2010},{"style":1029},[2011],{"type":418,"value":2012},"Depth ",{"type":413,"tag":448,"props":2014,"children":2015},{"style":1733},[2016],{"type":418,"value":2017},"100",{"type":413,"tag":448,"props":2019,"children":2020},{"style":461},[2021],{"type":418,"value":1294},{"type":413,"tag":448,"props":2023,"children":2024},{"style":1029},[2025],{"type":418,"value":2026},"Compress",{"type":413,"tag":448,"props":2028,"children":2029},{"style":461},[2030],{"type":418,"value":2031},")",{"type":413,"tag":448,"props":2033,"children":2034},{"style":1029},[2035],{"type":418,"value":2036},".Replace",{"type":413,"tag":448,"props":2038,"children":2039},{"style":461},[2040],{"type":418,"value":2041},"(",{"type":413,"tag":448,"props":2043,"children":2044},{"style":461},[2045],{"type":418,"value":1183},{"type":413,"tag":448,"props":2047,"children":2048},{"style":1029},[2049],{"type":418,"value":2050},"`\"",{"type":413,"tag":448,"props":2052,"children":2053},{"style":461},[2054],{"type":418,"value":1183},{"type":413,"tag":448,"props":2056,"children":2057},{"style":461},[2058],{"type":418,"value":2059},",",{"type":413,"tag":448,"props":2061,"children":2062},{"style":461},[2063],{"type":418,"value":995},{"type":413,"tag":448,"props":2065,"children":2066},{"style":467},[2067],{"type":418,"value":2068},"\\",{"type":413,"tag":448,"props":2070,"children":2071},{"style":1029},[2072],{"type":418,"value":2050},{"type":413,"tag":448,"props":2074,"children":2075},{"style":461},[2076],{"type":418,"value":1183},{"type":413,"tag":448,"props":2078,"children":2079},{"style":461},[2080],{"type":418,"value":1197},{"type":413,"tag":414,"props":2082,"children":2083},{},[2084],{"type":418,"value":2085},"And finally, we can create the federated credentials.",{"type":413,"tag":437,"props":2087,"children":2089},{"className":1013,"code":2088,"language":248,"meta":401,"style":401},"az ad app federated-credential create --id $appId --parameters $parameters\n",[2090],{"type":413,"tag":444,"props":2091,"children":2092},{"__ignoreMap":401},[2093],{"type":413,"tag":448,"props":2094,"children":2095},{"class":450,"line":451},[2096,2101,2105,2110,2114,2118,2122,2126,2130,2134,2138],{"type":413,"tag":448,"props":2097,"children":2098},{"style":1029},[2099],{"type":418,"value":2100},"az ad app federated",{"type":413,"tag":448,"props":2102,"children":2103},{"style":461},[2104],{"type":418,"value":1173},{"type":413,"tag":448,"props":2106,"children":2107},{"style":1029},[2108],{"type":418,"value":2109},"credential create ",{"type":413,"tag":448,"props":2111,"children":2112},{"style":461},[2113],{"type":418,"value":1071},{"type":413,"tag":448,"props":2115,"children":2116},{"style":1029},[2117],{"type":418,"value":1523},{"type":413,"tag":448,"props":2119,"children":2120},{"style":461},[2121],{"type":418,"value":1026},{"type":413,"tag":448,"props":2123,"children":2124},{"style":1029},[2125],{"type":418,"value":1532},{"type":413,"tag":448,"props":2127,"children":2128},{"style":461},[2129],{"type":418,"value":1071},{"type":413,"tag":448,"props":2131,"children":2132},{"style":1029},[2133],{"type":418,"value":1979},{"type":413,"tag":448,"props":2135,"children":2136},{"style":461},[2137],{"type":418,"value":1026},{"type":413,"tag":448,"props":2139,"children":2140},{"style":1029},[2141],{"type":418,"value":2142},"parameters\n",{"type":413,"tag":866,"props":2144,"children":2146},{"id":2145},"configure-the-github-actions-and-run-the-workflow",[2147],{"type":418,"value":2148},"Configure the GitHub Actions and run the workflow",{"type":413,"tag":414,"props":2150,"children":2151},{},[2152],{"type":418,"value":2153},"For the OIDC authentication to function properly, we need to set 3 GitHub Actions Secrets (could also be GitHub Actions variables as there are not really secrets):",{"type":413,"tag":2155,"props":2156,"children":2157},"ol",{},[2158,2164,2169],{"type":413,"tag":2159,"props":2160,"children":2161},"li",{},[2162],{"type":418,"value":2163},"The identifier of the Azure tenant",{"type":413,"tag":2159,"props":2165,"children":2166},{},[2167],{"type":418,"value":2168},"The identifier of the Azure subscription",{"type":413,"tag":2159,"props":2170,"children":2171},{},[2172],{"type":418,"value":2173},"The application identifier of the app registration",{"type":413,"tag":437,"props":2175,"children":2177},{"className":1013,"code":2176,"language":248,"meta":401,"style":401},"gh secret set AZURE_TENANT_ID --body $tenantId\ngh secret set AZURE_SUBSCRIPTION_ID --body $subscriptionId\ngh secret set AZURE_CLIENT_ID --body $appId\n",[2178],{"type":413,"tag":444,"props":2179,"children":2180},{"__ignoreMap":401},[2181,2207,2231],{"type":413,"tag":448,"props":2182,"children":2183},{"class":450,"line":451},[2184,2189,2193,2198,2202],{"type":413,"tag":448,"props":2185,"children":2186},{"style":1029},[2187],{"type":418,"value":2188},"gh secret set AZURE_TENANT_ID ",{"type":413,"tag":448,"props":2190,"children":2191},{"style":461},[2192],{"type":418,"value":1071},{"type":413,"tag":448,"props":2194,"children":2195},{"style":1029},[2196],{"type":418,"value":2197},"body ",{"type":413,"tag":448,"props":2199,"children":2200},{"style":461},[2201],{"type":418,"value":1026},{"type":413,"tag":448,"props":2203,"children":2204},{"style":1029},[2205],{"type":418,"value":2206},"tenantId\n",{"type":413,"tag":448,"props":2208,"children":2209},{"class":450,"line":473},[2210,2215,2219,2223,2227],{"type":413,"tag":448,"props":2211,"children":2212},{"style":1029},[2213],{"type":418,"value":2214},"gh secret set AZURE_SUBSCRIPTION_ID ",{"type":413,"tag":448,"props":2216,"children":2217},{"style":461},[2218],{"type":418,"value":1071},{"type":413,"tag":448,"props":2220,"children":2221},{"style":1029},[2222],{"type":418,"value":2197},{"type":413,"tag":448,"props":2224,"children":2225},{"style":461},[2226],{"type":418,"value":1026},{"type":413,"tag":448,"props":2228,"children":2229},{"style":1029},[2230],{"type":418,"value":1702},{"type":413,"tag":448,"props":2232,"children":2233},{"class":450,"line":488},[2234,2239,2243,2247,2251],{"type":413,"tag":448,"props":2235,"children":2236},{"style":1029},[2237],{"type":418,"value":2238},"gh secret set AZURE_CLIENT_ID ",{"type":413,"tag":448,"props":2240,"children":2241},{"style":461},[2242],{"type":418,"value":1071},{"type":413,"tag":448,"props":2244,"children":2245},{"style":1029},[2246],{"type":418,"value":2197},{"type":413,"tag":448,"props":2248,"children":2249},{"style":461},[2250],{"type":418,"value":1026},{"type":413,"tag":448,"props":2252,"children":2253},{"style":1029},[2254],{"type":418,"value":2255},"appId\n",{"type":413,"tag":414,"props":2257,"children":2258},{},[2259],{"type":418,"value":2260},"We can directly run the workflow from the GitHub CLI, and watch the run until it is completed.",{"type":413,"tag":437,"props":2262,"children":2264},{"className":1013,"code":2263,"language":248,"meta":401,"style":401},"gh workflow run main.yml\n$runId=$(gh run list --workflow=main.yml --json databaseId -q \".[0].databaseId\")\ngh run watch $runId\n",[2265],{"type":413,"tag":444,"props":2266,"children":2267},{"__ignoreMap":401},[2268,2276,2349],{"type":413,"tag":448,"props":2269,"children":2270},{"class":450,"line":451},[2271],{"type":413,"tag":448,"props":2272,"children":2273},{"style":1029},[2274],{"type":418,"value":2275},"gh workflow run main.yml\n",{"type":413,"tag":448,"props":2277,"children":2278},{"class":450,"line":473},[2279,2283,2288,2292,2297,2301,2306,2310,2315,2319,2324,2328,2332,2336,2341,2345],{"type":413,"tag":448,"props":2280,"children":2281},{"style":461},[2282],{"type":418,"value":1026},{"type":413,"tag":448,"props":2284,"children":2285},{"style":1029},[2286],{"type":418,"value":2287},"runId",{"type":413,"tag":448,"props":2289,"children":2290},{"style":461},[2291],{"type":418,"value":1154},{"type":413,"tag":448,"props":2293,"children":2294},{"style":1029},[2295],{"type":418,"value":2296},"gh run list ",{"type":413,"tag":448,"props":2298,"children":2299},{"style":461},[2300],{"type":418,"value":1071},{"type":413,"tag":448,"props":2302,"children":2303},{"style":1029},[2304],{"type":418,"value":2305},"workflow",{"type":413,"tag":448,"props":2307,"children":2308},{"style":461},[2309],{"type":418,"value":1037},{"type":413,"tag":448,"props":2311,"children":2312},{"style":1029},[2313],{"type":418,"value":2314},"main.yml ",{"type":413,"tag":448,"props":2316,"children":2317},{"style":461},[2318],{"type":418,"value":1071},{"type":413,"tag":448,"props":2320,"children":2321},{"style":1029},[2322],{"type":418,"value":2323},"json databaseId ",{"type":413,"tag":448,"props":2325,"children":2326},{"style":461},[2327],{"type":418,"value":1173},{"type":413,"tag":448,"props":2329,"children":2330},{"style":1029},[2331],{"type":418,"value":1178},{"type":413,"tag":448,"props":2333,"children":2334},{"style":461},[2335],{"type":418,"value":1183},{"type":413,"tag":448,"props":2337,"children":2338},{"style":467},[2339],{"type":418,"value":2340},".[0].databaseId",{"type":413,"tag":448,"props":2342,"children":2343},{"style":461},[2344],{"type":418,"value":1183},{"type":413,"tag":448,"props":2346,"children":2347},{"style":461},[2348],{"type":418,"value":1197},{"type":413,"tag":448,"props":2350,"children":2351},{"class":450,"line":488},[2352,2357,2361],{"type":413,"tag":448,"props":2353,"children":2354},{"style":1029},[2355],{"type":418,"value":2356},"gh run watch ",{"type":413,"tag":448,"props":2358,"children":2359},{"style":461},[2360],{"type":418,"value":1026},{"type":413,"tag":448,"props":2362,"children":2363},{"style":1029},[2364],{"type":418,"value":2365},"runId\n",{"type":413,"tag":414,"props":2367,"children":2368},{},[2369],{"type":413,"tag":832,"props":2370,"children":2374},{"alt":2371,"className":2372,"src":2373},"Screenshot of the GitHub Actions workfow run",[836,837],"/posts/images/scripting_azurereadygithub_github_1.webp",[],{"type":413,"tag":420,"props":2376,"children":2378},{"id":2377},"full-script",[2379],{"type":418,"value":2380},"Full script",{"type":413,"tag":437,"props":2382,"children":2384},{"className":1013,"code":2383,"language":248,"meta":401,"style":401},"# Initialize git repository with current code\n# You should have added the main.yml workflow file in the `.github\\workflows` directory \ngit init\ngit add .\ngit commit -m \"Intialize repository with the GitHub Actions workflow file\"\n\n# Create a new remote private GitHub repository\n$repositoryName = \"MyAzureReadyRepository\"\ngh repo create $repositoryName --private --source=. --push\n\n# Retrieve the repository full name (org/repo)\n$repositoryFullName=$(gh repo view --json nameWithOwner -q \".nameWithOwner\") \n\n# Retrieve the current subscription and current tenant identifiers \n$subscriptionId=$(az account show --query \"id\" -o tsv)\n$tenantId=$(az account show --query \"tenantId\" -o tsv)\n\n# Create an App Registration and its associated service principal\n$appId=$(az ad app create --display-name \"GitHub Action OIDC for ${repositoryFullName}\" --query \"appId\" -o tsv)\n$servicePrincipalId=$(az ad sp create --id $appId --query \"id\" -o tsv)\n\n# Assign the contributor role to the service principal on the subscription\naz role assignment create --role contributor --subscription $subscriptionId --assignee-object-id  $servicePrincipalId --assignee-principal-type ServicePrincipal --scope /subscriptions/$subscriptionId\n\n# Prepare parameters for federated credentials\n$parametersJson = @{\n    name = \"FederatedIdentityForWorkshop\"\n    issuer = \"https://token.actions.githubusercontent.com\"\n    subject = \"repo:${repositoryFullName}:ref:refs/heads/main\"\n    description = \"Deployments for ${repositoryFullName}\"\n    audiences = @(\n        \"api://AzureADTokenExchange\"\n    )\n}\n\n# Change parameters to single line string with escaped quotes to make it work with Azure CLI\n# https://medium.com/medialesson/use-dynamic-json-strings-with-azure-cli-commands-in-powershell-b191eccc8e9b\n$parameters = $($parametersJson | ConvertTo-Json -Depth 100 -Compress).Replace(\"`\"\", \"\\`\"\")\n\n# Create federated credentials\naz ad app federated-credential create --id $appId --parameters $parameters\n\n# Create GitHub secrets needed for the GitHub Actions\ngh secret set AZURE_TENANT_ID --body $tenantId\ngh secret set AZURE_SUBSCRIPTION_ID --body $subscriptionId\ngh secret set AZURE_CLIENT_ID --body $appId\n\n# Run workflow\ngh workflow run main.yml\n$runId=$(gh run list --workflow=main.yml --json databaseId -q \".[0].databaseId\")\ngh run watch $runId\n\n# Open the repostory in the browser\ngh repo view -w\n",[2385],{"type":413,"tag":444,"props":2386,"children":2387},{"__ignoreMap":401},[2388,2397,2405,2413,2421,2450,2457,2465,2492,2535,2542,2550,2606,2613,2621,2672,2723,2730,2738,2825,2892,2899,2907,3019,3027,3036,3060,3084,3108,3148,3180,3200,3216,3224,3232,3240,3249,3258,3358,3366,3375,3423,3431,3440,3464,3488,3512,3520,3529,3537,3605,3621,3629,3638],{"type":413,"tag":448,"props":2389,"children":2390},{"class":450,"line":451},[2391],{"type":413,"tag":448,"props":2392,"children":2394},{"style":2393},"--shiki-light:#90A4AE;--shiki-default:#546E7A;--shiki-dark:#676E95;--shiki-light-font-style:italic;--shiki-default-font-style:italic;--shiki-dark-font-style:italic",[2395],{"type":418,"value":2396},"# Initialize git repository with current code\n",{"type":413,"tag":448,"props":2398,"children":2399},{"class":450,"line":473},[2400],{"type":413,"tag":448,"props":2401,"children":2402},{"style":2393},[2403],{"type":418,"value":2404},"# You should have added the main.yml workflow file in the `.github\\workflows` directory \n",{"type":413,"tag":448,"props":2406,"children":2407},{"class":450,"line":488},[2408],{"type":413,"tag":448,"props":2409,"children":2410},{"style":1029},[2411],{"type":418,"value":2412},"git init\n",{"type":413,"tag":448,"props":2414,"children":2415},{"class":450,"line":501},[2416],{"type":413,"tag":448,"props":2417,"children":2418},{"style":1029},[2419],{"type":418,"value":2420},"git add .\n",{"type":413,"tag":448,"props":2422,"children":2423},{"class":450,"line":511},[2424,2429,2433,2438,2442,2446],{"type":413,"tag":448,"props":2425,"children":2426},{"style":1029},[2427],{"type":418,"value":2428},"git commit ",{"type":413,"tag":448,"props":2430,"children":2431},{"style":461},[2432],{"type":418,"value":1173},{"type":413,"tag":448,"props":2434,"children":2435},{"style":1029},[2436],{"type":418,"value":2437},"m ",{"type":413,"tag":448,"props":2439,"children":2440},{"style":461},[2441],{"type":418,"value":1183},{"type":413,"tag":448,"props":2443,"children":2444},{"style":467},[2445],{"type":418,"value":1000},{"type":413,"tag":448,"props":2447,"children":2448},{"style":461},[2449],{"type":418,"value":1005},{"type":413,"tag":448,"props":2451,"children":2452},{"class":450,"line":524},[2453],{"type":413,"tag":448,"props":2454,"children":2455},{"emptyLinePlaceholder":505},[2456],{"type":418,"value":508},{"type":413,"tag":448,"props":2458,"children":2459},{"class":450,"line":542},[2460],{"type":413,"tag":448,"props":2461,"children":2462},{"style":2393},[2463],{"type":418,"value":2464},"# Create a new remote private GitHub repository\n",{"type":413,"tag":448,"props":2466,"children":2467},{"class":450,"line":560},[2468,2472,2476,2480,2484,2488],{"type":413,"tag":448,"props":2469,"children":2470},{"style":461},[2471],{"type":418,"value":1026},{"type":413,"tag":448,"props":2473,"children":2474},{"style":1029},[2475],{"type":418,"value":1032},{"type":413,"tag":448,"props":2477,"children":2478},{"style":461},[2479],{"type":418,"value":1037},{"type":413,"tag":448,"props":2481,"children":2482},{"style":461},[2483],{"type":418,"value":995},{"type":413,"tag":448,"props":2485,"children":2486},{"style":467},[2487],{"type":418,"value":1046},{"type":413,"tag":448,"props":2489,"children":2490},{"style":461},[2491],{"type":418,"value":1005},{"type":413,"tag":448,"props":2493,"children":2494},{"class":450,"line":573},[2495,2499,2503,2507,2511,2515,2519,2523,2527,2531],{"type":413,"tag":448,"props":2496,"children":2497},{"style":1029},[2498],{"type":418,"value":1058},{"type":413,"tag":448,"props":2500,"children":2501},{"style":461},[2502],{"type":418,"value":1026},{"type":413,"tag":448,"props":2504,"children":2505},{"style":1029},[2506],{"type":418,"value":1032},{"type":413,"tag":448,"props":2508,"children":2509},{"style":461},[2510],{"type":418,"value":1071},{"type":413,"tag":448,"props":2512,"children":2513},{"style":1029},[2514],{"type":418,"value":1076},{"type":413,"tag":448,"props":2516,"children":2517},{"style":461},[2518],{"type":418,"value":1071},{"type":413,"tag":448,"props":2520,"children":2521},{"style":1029},[2522],{"type":418,"value":1085},{"type":413,"tag":448,"props":2524,"children":2525},{"style":461},[2526],{"type":418,"value":1090},{"type":413,"tag":448,"props":2528,"children":2529},{"style":461},[2530],{"type":418,"value":1095},{"type":413,"tag":448,"props":2532,"children":2533},{"style":1029},[2534],{"type":418,"value":1100},{"type":413,"tag":448,"props":2536,"children":2537},{"class":450,"line":586},[2538],{"type":413,"tag":448,"props":2539,"children":2540},{"emptyLinePlaceholder":505},[2541],{"type":418,"value":508},{"type":413,"tag":448,"props":2543,"children":2544},{"class":450,"line":604},[2545],{"type":413,"tag":448,"props":2546,"children":2547},{"style":2393},[2548],{"type":418,"value":2549},"# Retrieve the repository full name (org/repo)\n",{"type":413,"tag":448,"props":2551,"children":2552},{"class":450,"line":617},[2553,2557,2561,2565,2569,2573,2577,2581,2585,2589,2593,2597,2601],{"type":413,"tag":448,"props":2554,"children":2555},{"style":461},[2556],{"type":418,"value":1026},{"type":413,"tag":448,"props":2558,"children":2559},{"style":1029},[2560],{"type":418,"value":1149},{"type":413,"tag":448,"props":2562,"children":2563},{"style":461},[2564],{"type":418,"value":1154},{"type":413,"tag":448,"props":2566,"children":2567},{"style":1029},[2568],{"type":418,"value":1159},{"type":413,"tag":448,"props":2570,"children":2571},{"style":461},[2572],{"type":418,"value":1071},{"type":413,"tag":448,"props":2574,"children":2575},{"style":1029},[2576],{"type":418,"value":1168},{"type":413,"tag":448,"props":2578,"children":2579},{"style":461},[2580],{"type":418,"value":1173},{"type":413,"tag":448,"props":2582,"children":2583},{"style":1029},[2584],{"type":418,"value":1178},{"type":413,"tag":448,"props":2586,"children":2587},{"style":461},[2588],{"type":418,"value":1183},{"type":413,"tag":448,"props":2590,"children":2591},{"style":467},[2592],{"type":418,"value":1188},{"type":413,"tag":448,"props":2594,"children":2595},{"style":461},[2596],{"type":418,"value":1183},{"type":413,"tag":448,"props":2598,"children":2599},{"style":461},[2600],{"type":418,"value":2031},{"type":413,"tag":448,"props":2602,"children":2603},{"style":1029},[2604],{"type":418,"value":2605}," \n",{"type":413,"tag":448,"props":2607,"children":2608},{"class":450,"line":650},[2609],{"type":413,"tag":448,"props":2610,"children":2611},{"emptyLinePlaceholder":505},[2612],{"type":418,"value":508},{"type":413,"tag":448,"props":2614,"children":2615},{"class":450,"line":668},[2616],{"type":413,"tag":448,"props":2617,"children":2618},{"style":2393},[2619],{"type":418,"value":2620},"# Retrieve the current subscription and current tenant identifiers \n",{"type":413,"tag":448,"props":2622,"children":2623},{"class":450,"line":681},[2624,2628,2632,2636,2640,2644,2648,2652,2656,2660,2664,2668],{"type":413,"tag":448,"props":2625,"children":2626},{"style":461},[2627],{"type":418,"value":1026},{"type":413,"tag":448,"props":2629,"children":2630},{"style":1029},[2631],{"type":418,"value":1258},{"type":413,"tag":448,"props":2633,"children":2634},{"style":461},[2635],{"type":418,"value":1154},{"type":413,"tag":448,"props":2637,"children":2638},{"style":1029},[2639],{"type":418,"value":1267},{"type":413,"tag":448,"props":2641,"children":2642},{"style":461},[2643],{"type":418,"value":1071},{"type":413,"tag":448,"props":2645,"children":2646},{"style":1029},[2647],{"type":418,"value":1276},{"type":413,"tag":448,"props":2649,"children":2650},{"style":461},[2651],{"type":418,"value":1183},{"type":413,"tag":448,"props":2653,"children":2654},{"style":467},[2655],{"type":418,"value":1285},{"type":413,"tag":448,"props":2657,"children":2658},{"style":461},[2659],{"type":418,"value":1183},{"type":413,"tag":448,"props":2661,"children":2662},{"style":461},[2663],{"type":418,"value":1294},{"type":413,"tag":448,"props":2665,"children":2666},{"style":1029},[2667],{"type":418,"value":1299},{"type":413,"tag":448,"props":2669,"children":2670},{"style":461},[2671],{"type":418,"value":1197},{"type":413,"tag":448,"props":2673,"children":2674},{"class":450,"line":699},[2675,2679,2683,2687,2691,2695,2699,2703,2707,2711,2715,2719],{"type":413,"tag":448,"props":2676,"children":2677},{"style":461},[2678],{"type":418,"value":1026},{"type":413,"tag":448,"props":2680,"children":2681},{"style":1029},[2682],{"type":418,"value":1315},{"type":413,"tag":448,"props":2684,"children":2685},{"style":461},[2686],{"type":418,"value":1154},{"type":413,"tag":448,"props":2688,"children":2689},{"style":1029},[2690],{"type":418,"value":1267},{"type":413,"tag":448,"props":2692,"children":2693},{"style":461},[2694],{"type":418,"value":1071},{"type":413,"tag":448,"props":2696,"children":2697},{"style":1029},[2698],{"type":418,"value":1276},{"type":413,"tag":448,"props":2700,"children":2701},{"style":461},[2702],{"type":418,"value":1183},{"type":413,"tag":448,"props":2704,"children":2705},{"style":467},[2706],{"type":418,"value":1315},{"type":413,"tag":448,"props":2708,"children":2709},{"style":461},[2710],{"type":418,"value":1183},{"type":413,"tag":448,"props":2712,"children":2713},{"style":461},[2714],{"type":418,"value":1294},{"type":413,"tag":448,"props":2716,"children":2717},{"style":1029},[2718],{"type":418,"value":1299},{"type":413,"tag":448,"props":2720,"children":2721},{"style":461},[2722],{"type":418,"value":1197},{"type":413,"tag":448,"props":2724,"children":2725},{"class":450,"line":717},[2726],{"type":413,"tag":448,"props":2727,"children":2728},{"emptyLinePlaceholder":505},[2729],{"type":418,"value":508},{"type":413,"tag":448,"props":2731,"children":2732},{"class":450,"line":735},[2733],{"type":413,"tag":448,"props":2734,"children":2735},{"style":2393},[2736],{"type":418,"value":2737},"# Create an App Registration and its associated service principal\n",{"type":413,"tag":448,"props":2739,"children":2740},{"class":450,"line":743},[2741,2745,2749,2753,2757,2761,2765,2769,2773,2777,2781,2785,2789,2793,2797,2801,2805,2809,2813,2817,2821],{"type":413,"tag":448,"props":2742,"children":2743},{"style":461},[2744],{"type":418,"value":1026},{"type":413,"tag":448,"props":2746,"children":2747},{"style":1029},[2748],{"type":418,"value":1411},{"type":413,"tag":448,"props":2750,"children":2751},{"style":461},[2752],{"type":418,"value":1154},{"type":413,"tag":448,"props":2754,"children":2755},{"style":1029},[2756],{"type":418,"value":1420},{"type":413,"tag":448,"props":2758,"children":2759},{"style":461},[2760],{"type":418,"value":1071},{"type":413,"tag":448,"props":2762,"children":2763},{"style":1029},[2764],{"type":418,"value":1429},{"type":413,"tag":448,"props":2766,"children":2767},{"style":461},[2768],{"type":418,"value":1173},{"type":413,"tag":448,"props":2770,"children":2771},{"style":1029},[2772],{"type":418,"value":1438},{"type":413,"tag":448,"props":2774,"children":2775},{"style":461},[2776],{"type":418,"value":1183},{"type":413,"tag":448,"props":2778,"children":2779},{"style":467},[2780],{"type":418,"value":1447},{"type":413,"tag":448,"props":2782,"children":2783},{"style":461},[2784],{"type":418,"value":1452},{"type":413,"tag":448,"props":2786,"children":2787},{"style":1029},[2788],{"type":418,"value":1149},{"type":413,"tag":448,"props":2790,"children":2791},{"style":461},[2792],{"type":418,"value":1461},{"type":413,"tag":448,"props":2794,"children":2795},{"style":461},[2796],{"type":418,"value":1095},{"type":413,"tag":448,"props":2798,"children":2799},{"style":1029},[2800],{"type":418,"value":1276},{"type":413,"tag":448,"props":2802,"children":2803},{"style":461},[2804],{"type":418,"value":1183},{"type":413,"tag":448,"props":2806,"children":2807},{"style":467},[2808],{"type":418,"value":1411},{"type":413,"tag":448,"props":2810,"children":2811},{"style":461},[2812],{"type":418,"value":1183},{"type":413,"tag":448,"props":2814,"children":2815},{"style":461},[2816],{"type":418,"value":1294},{"type":413,"tag":448,"props":2818,"children":2819},{"style":1029},[2820],{"type":418,"value":1299},{"type":413,"tag":448,"props":2822,"children":2823},{"style":461},[2824],{"type":418,"value":1197},{"type":413,"tag":448,"props":2826,"children":2827},{"class":450,"line":772},[2828,2832,2836,2840,2844,2848,2852,2856,2860,2864,2868,2872,2876,2880,2884,2888],{"type":413,"tag":448,"props":2829,"children":2830},{"style":461},[2831],{"type":418,"value":1026},{"type":413,"tag":448,"props":2833,"children":2834},{"style":1029},[2835],{"type":418,"value":1505},{"type":413,"tag":448,"props":2837,"children":2838},{"style":461},[2839],{"type":418,"value":1154},{"type":413,"tag":448,"props":2841,"children":2842},{"style":1029},[2843],{"type":418,"value":1514},{"type":413,"tag":448,"props":2845,"children":2846},{"style":461},[2847],{"type":418,"value":1071},{"type":413,"tag":448,"props":2849,"children":2850},{"style":1029},[2851],{"type":418,"value":1523},{"type":413,"tag":448,"props":2853,"children":2854},{"style":461},[2855],{"type":418,"value":1026},{"type":413,"tag":448,"props":2857,"children":2858},{"style":1029},[2859],{"type":418,"value":1532},{"type":413,"tag":448,"props":2861,"children":2862},{"style":461},[2863],{"type":418,"value":1071},{"type":413,"tag":448,"props":2865,"children":2866},{"style":1029},[2867],{"type":418,"value":1276},{"type":413,"tag":448,"props":2869,"children":2870},{"style":461},[2871],{"type":418,"value":1183},{"type":413,"tag":448,"props":2873,"children":2874},{"style":467},[2875],{"type":418,"value":1285},{"type":413,"tag":448,"props":2877,"children":2878},{"style":461},[2879],{"type":418,"value":1183},{"type":413,"tag":448,"props":2881,"children":2882},{"style":461},[2883],{"type":418,"value":1294},{"type":413,"tag":448,"props":2885,"children":2886},{"style":1029},[2887],{"type":418,"value":1299},{"type":413,"tag":448,"props":2889,"children":2890},{"style":461},[2891],{"type":418,"value":1197},{"type":413,"tag":448,"props":2893,"children":2894},{"class":450,"line":791},[2895],{"type":413,"tag":448,"props":2896,"children":2897},{"emptyLinePlaceholder":505},[2898],{"type":418,"value":508},{"type":413,"tag":448,"props":2900,"children":2901},{"class":450,"line":800},[2902],{"type":413,"tag":448,"props":2903,"children":2904},{"style":2393},[2905],{"type":418,"value":2906},"# Assign the contributor role to the service principal on the subscription\n",{"type":413,"tag":448,"props":2908,"children":2910},{"class":450,"line":2909},23,[2911,2915,2919,2923,2927,2931,2935,2939,2943,2947,2951,2955,2959,2963,2967,2971,2975,2979,2983,2987,2991,2995,2999,3003,3007,3011,3015],{"type":413,"tag":448,"props":2912,"children":2913},{"style":1029},[2914],{"type":418,"value":1584},{"type":413,"tag":448,"props":2916,"children":2917},{"style":461},[2918],{"type":418,"value":1071},{"type":413,"tag":448,"props":2920,"children":2921},{"style":1029},[2922],{"type":418,"value":1593},{"type":413,"tag":448,"props":2924,"children":2925},{"style":461},[2926],{"type":418,"value":1071},{"type":413,"tag":448,"props":2928,"children":2929},{"style":1029},[2930],{"type":418,"value":1602},{"type":413,"tag":448,"props":2932,"children":2933},{"style":461},[2934],{"type":418,"value":1026},{"type":413,"tag":448,"props":2936,"children":2937},{"style":1029},[2938],{"type":418,"value":1611},{"type":413,"tag":448,"props":2940,"children":2941},{"style":461},[2942],{"type":418,"value":1071},{"type":413,"tag":448,"props":2944,"children":2945},{"style":1029},[2946],{"type":418,"value":1620},{"type":413,"tag":448,"props":2948,"children":2949},{"style":461},[2950],{"type":418,"value":1173},{"type":413,"tag":448,"props":2952,"children":2953},{"style":1029},[2954],{"type":418,"value":1629},{"type":413,"tag":448,"props":2956,"children":2957},{"style":461},[2958],{"type":418,"value":1173},{"type":413,"tag":448,"props":2960,"children":2961},{"style":1029},[2962],{"type":418,"value":1638},{"type":413,"tag":448,"props":2964,"children":2965},{"style":461},[2966],{"type":418,"value":1026},{"type":413,"tag":448,"props":2968,"children":2969},{"style":1029},[2970],{"type":418,"value":1647},{"type":413,"tag":448,"props":2972,"children":2973},{"style":461},[2974],{"type":418,"value":1071},{"type":413,"tag":448,"props":2976,"children":2977},{"style":1029},[2978],{"type":418,"value":1620},{"type":413,"tag":448,"props":2980,"children":2981},{"style":461},[2982],{"type":418,"value":1173},{"type":413,"tag":448,"props":2984,"children":2985},{"style":1029},[2986],{"type":418,"value":1664},{"type":413,"tag":448,"props":2988,"children":2989},{"style":461},[2990],{"type":418,"value":1173},{"type":413,"tag":448,"props":2992,"children":2993},{"style":1029},[2994],{"type":418,"value":1673},{"type":413,"tag":448,"props":2996,"children":2997},{"style":461},[2998],{"type":418,"value":1071},{"type":413,"tag":448,"props":3000,"children":3001},{"style":1029},[3002],{"type":418,"value":1682},{"type":413,"tag":448,"props":3004,"children":3005},{"style":461},[3006],{"type":418,"value":1687},{"type":413,"tag":448,"props":3008,"children":3009},{"style":1029},[3010],{"type":418,"value":1692},{"type":413,"tag":448,"props":3012,"children":3013},{"style":461},[3014],{"type":418,"value":1697},{"type":413,"tag":448,"props":3016,"children":3017},{"style":1029},[3018],{"type":418,"value":1702},{"type":413,"tag":448,"props":3020,"children":3022},{"class":450,"line":3021},24,[3023],{"type":413,"tag":448,"props":3024,"children":3025},{"emptyLinePlaceholder":505},[3026],{"type":418,"value":508},{"type":413,"tag":448,"props":3028,"children":3030},{"class":450,"line":3029},25,[3031],{"type":413,"tag":448,"props":3032,"children":3033},{"style":2393},[3034],{"type":418,"value":3035},"# Prepare parameters for federated credentials\n",{"type":413,"tag":448,"props":3037,"children":3039},{"class":450,"line":3038},26,[3040,3044,3048,3052,3056],{"type":413,"tag":448,"props":3041,"children":3042},{"style":461},[3043],{"type":418,"value":1026},{"type":413,"tag":448,"props":3045,"children":3046},{"style":1029},[3047],{"type":418,"value":1726},{"type":413,"tag":448,"props":3049,"children":3050},{"style":461},[3051],{"type":418,"value":1037},{"type":413,"tag":448,"props":3053,"children":3054},{"style":1733},[3055],{"type":418,"value":1736},{"type":413,"tag":448,"props":3057,"children":3058},{"style":461},[3059],{"type":418,"value":1741},{"type":413,"tag":448,"props":3061,"children":3063},{"class":450,"line":3062},27,[3064,3068,3072,3076,3080],{"type":413,"tag":448,"props":3065,"children":3066},{"style":1029},[3067],{"type":418,"value":1749},{"type":413,"tag":448,"props":3069,"children":3070},{"style":461},[3071],{"type":418,"value":1037},{"type":413,"tag":448,"props":3073,"children":3074},{"style":461},[3075],{"type":418,"value":995},{"type":413,"tag":448,"props":3077,"children":3078},{"style":467},[3079],{"type":418,"value":1762},{"type":413,"tag":448,"props":3081,"children":3082},{"style":461},[3083],{"type":418,"value":1005},{"type":413,"tag":448,"props":3085,"children":3087},{"class":450,"line":3086},28,[3088,3092,3096,3100,3104],{"type":413,"tag":448,"props":3089,"children":3090},{"style":1029},[3091],{"type":418,"value":1774},{"type":413,"tag":448,"props":3093,"children":3094},{"style":461},[3095],{"type":418,"value":1037},{"type":413,"tag":448,"props":3097,"children":3098},{"style":461},[3099],{"type":418,"value":995},{"type":413,"tag":448,"props":3101,"children":3102},{"style":467},[3103],{"type":418,"value":1787},{"type":413,"tag":448,"props":3105,"children":3106},{"style":461},[3107],{"type":418,"value":1005},{"type":413,"tag":448,"props":3109,"children":3111},{"class":450,"line":3110},29,[3112,3116,3120,3124,3128,3132,3136,3140,3144],{"type":413,"tag":448,"props":3113,"children":3114},{"style":1029},[3115],{"type":418,"value":1799},{"type":413,"tag":448,"props":3117,"children":3118},{"style":461},[3119],{"type":418,"value":1037},{"type":413,"tag":448,"props":3121,"children":3122},{"style":461},[3123],{"type":418,"value":995},{"type":413,"tag":448,"props":3125,"children":3126},{"style":467},[3127],{"type":418,"value":1812},{"type":413,"tag":448,"props":3129,"children":3130},{"style":461},[3131],{"type":418,"value":1452},{"type":413,"tag":448,"props":3133,"children":3134},{"style":1029},[3135],{"type":418,"value":1149},{"type":413,"tag":448,"props":3137,"children":3138},{"style":461},[3139],{"type":418,"value":1825},{"type":413,"tag":448,"props":3141,"children":3142},{"style":467},[3143],{"type":418,"value":1830},{"type":413,"tag":448,"props":3145,"children":3146},{"style":461},[3147],{"type":418,"value":1005},{"type":413,"tag":448,"props":3149,"children":3151},{"class":450,"line":3150},30,[3152,3156,3160,3164,3168,3172,3176],{"type":413,"tag":448,"props":3153,"children":3154},{"style":1029},[3155],{"type":418,"value":1842},{"type":413,"tag":448,"props":3157,"children":3158},{"style":461},[3159],{"type":418,"value":1037},{"type":413,"tag":448,"props":3161,"children":3162},{"style":461},[3163],{"type":418,"value":995},{"type":413,"tag":448,"props":3165,"children":3166},{"style":467},[3167],{"type":418,"value":1855},{"type":413,"tag":448,"props":3169,"children":3170},{"style":461},[3171],{"type":418,"value":1452},{"type":413,"tag":448,"props":3173,"children":3174},{"style":1029},[3175],{"type":418,"value":1149},{"type":413,"tag":448,"props":3177,"children":3178},{"style":461},[3179],{"type":418,"value":1868},{"type":413,"tag":448,"props":3181,"children":3183},{"class":450,"line":3182},31,[3184,3188,3192,3196],{"type":413,"tag":448,"props":3185,"children":3186},{"style":1029},[3187],{"type":418,"value":1876},{"type":413,"tag":448,"props":3189,"children":3190},{"style":461},[3191],{"type":418,"value":1037},{"type":413,"tag":448,"props":3193,"children":3194},{"style":1733},[3195],{"type":418,"value":1736},{"type":413,"tag":448,"props":3197,"children":3198},{"style":461},[3199],{"type":418,"value":1889},{"type":413,"tag":448,"props":3201,"children":3203},{"class":450,"line":3202},32,[3204,3208,3212],{"type":413,"tag":448,"props":3205,"children":3206},{"style":461},[3207],{"type":418,"value":1897},{"type":413,"tag":448,"props":3209,"children":3210},{"style":467},[3211],{"type":418,"value":1902},{"type":413,"tag":448,"props":3213,"children":3214},{"style":461},[3215],{"type":418,"value":1005},{"type":413,"tag":448,"props":3217,"children":3219},{"class":450,"line":3218},33,[3220],{"type":413,"tag":448,"props":3221,"children":3222},{"style":461},[3223],{"type":418,"value":1914},{"type":413,"tag":448,"props":3225,"children":3227},{"class":450,"line":3226},34,[3228],{"type":413,"tag":448,"props":3229,"children":3230},{"style":461},[3231],{"type":418,"value":1922},{"type":413,"tag":448,"props":3233,"children":3235},{"class":450,"line":3234},35,[3236],{"type":413,"tag":448,"props":3237,"children":3238},{"emptyLinePlaceholder":505},[3239],{"type":418,"value":508},{"type":413,"tag":448,"props":3241,"children":3243},{"class":450,"line":3242},36,[3244],{"type":413,"tag":448,"props":3245,"children":3246},{"style":2393},[3247],{"type":418,"value":3248},"# Change parameters to single line string with escaped quotes to make it work with Azure CLI\n",{"type":413,"tag":448,"props":3250,"children":3252},{"class":450,"line":3251},37,[3253],{"type":413,"tag":448,"props":3254,"children":3255},{"style":2393},[3256],{"type":418,"value":3257},"# https://medium.com/medialesson/use-dynamic-json-strings-with-azure-cli-commands-in-powershell-b191eccc8e9b\n",{"type":413,"tag":448,"props":3259,"children":3261},{"class":450,"line":3260},38,[3262,3266,3270,3274,3278,3282,3286,3290,3294,3298,3302,3306,3310,3314,3318,3322,3326,3330,3334,3338,3342,3346,3350,3354],{"type":413,"tag":448,"props":3263,"children":3264},{"style":461},[3265],{"type":418,"value":1026},{"type":413,"tag":448,"props":3267,"children":3268},{"style":1029},[3269],{"type":418,"value":1979},{"type":413,"tag":448,"props":3271,"children":3272},{"style":461},[3273],{"type":418,"value":1037},{"type":413,"tag":448,"props":3275,"children":3276},{"style":461},[3277],{"type":418,"value":1988},{"type":413,"tag":448,"props":3279,"children":3280},{"style":1029},[3281],{"type":418,"value":1726},{"type":413,"tag":448,"props":3283,"children":3284},{"style":461},[3285],{"type":418,"value":1997},{"type":413,"tag":448,"props":3287,"children":3288},{"style":2000},[3289],{"type":418,"value":2003},{"type":413,"tag":448,"props":3291,"children":3292},{"style":461},[3293],{"type":418,"value":1294},{"type":413,"tag":448,"props":3295,"children":3296},{"style":1029},[3297],{"type":418,"value":2012},{"type":413,"tag":448,"props":3299,"children":3300},{"style":1733},[3301],{"type":418,"value":2017},{"type":413,"tag":448,"props":3303,"children":3304},{"style":461},[3305],{"type":418,"value":1294},{"type":413,"tag":448,"props":3307,"children":3308},{"style":1029},[3309],{"type":418,"value":2026},{"type":413,"tag":448,"props":3311,"children":3312},{"style":461},[3313],{"type":418,"value":2031},{"type":413,"tag":448,"props":3315,"children":3316},{"style":1029},[3317],{"type":418,"value":2036},{"type":413,"tag":448,"props":3319,"children":3320},{"style":461},[3321],{"type":418,"value":2041},{"type":413,"tag":448,"props":3323,"children":3324},{"style":461},[3325],{"type":418,"value":1183},{"type":413,"tag":448,"props":3327,"children":3328},{"style":1029},[3329],{"type":418,"value":2050},{"type":413,"tag":448,"props":3331,"children":3332},{"style":461},[3333],{"type":418,"value":1183},{"type":413,"tag":448,"props":3335,"children":3336},{"style":461},[3337],{"type":418,"value":2059},{"type":413,"tag":448,"props":3339,"children":3340},{"style":461},[3341],{"type":418,"value":995},{"type":413,"tag":448,"props":3343,"children":3344},{"style":467},[3345],{"type":418,"value":2068},{"type":413,"tag":448,"props":3347,"children":3348},{"style":1029},[3349],{"type":418,"value":2050},{"type":413,"tag":448,"props":3351,"children":3352},{"style":461},[3353],{"type":418,"value":1183},{"type":413,"tag":448,"props":3355,"children":3356},{"style":461},[3357],{"type":418,"value":1197},{"type":413,"tag":448,"props":3359,"children":3361},{"class":450,"line":3360},39,[3362],{"type":413,"tag":448,"props":3363,"children":3364},{"emptyLinePlaceholder":505},[3365],{"type":418,"value":508},{"type":413,"tag":448,"props":3367,"children":3369},{"class":450,"line":3368},40,[3370],{"type":413,"tag":448,"props":3371,"children":3372},{"style":2393},[3373],{"type":418,"value":3374},"# Create federated credentials\n",{"type":413,"tag":448,"props":3376,"children":3378},{"class":450,"line":3377},41,[3379,3383,3387,3391,3395,3399,3403,3407,3411,3415,3419],{"type":413,"tag":448,"props":3380,"children":3381},{"style":1029},[3382],{"type":418,"value":2100},{"type":413,"tag":448,"props":3384,"children":3385},{"style":461},[3386],{"type":418,"value":1173},{"type":413,"tag":448,"props":3388,"children":3389},{"style":1029},[3390],{"type":418,"value":2109},{"type":413,"tag":448,"props":3392,"children":3393},{"style":461},[3394],{"type":418,"value":1071},{"type":413,"tag":448,"props":3396,"children":3397},{"style":1029},[3398],{"type":418,"value":1523},{"type":413,"tag":448,"props":3400,"children":3401},{"style":461},[3402],{"type":418,"value":1026},{"type":413,"tag":448,"props":3404,"children":3405},{"style":1029},[3406],{"type":418,"value":1532},{"type":413,"tag":448,"props":3408,"children":3409},{"style":461},[3410],{"type":418,"value":1071},{"type":413,"tag":448,"props":3412,"children":3413},{"style":1029},[3414],{"type":418,"value":1979},{"type":413,"tag":448,"props":3416,"children":3417},{"style":461},[3418],{"type":418,"value":1026},{"type":413,"tag":448,"props":3420,"children":3421},{"style":1029},[3422],{"type":418,"value":2142},{"type":413,"tag":448,"props":3424,"children":3426},{"class":450,"line":3425},42,[3427],{"type":413,"tag":448,"props":3428,"children":3429},{"emptyLinePlaceholder":505},[3430],{"type":418,"value":508},{"type":413,"tag":448,"props":3432,"children":3434},{"class":450,"line":3433},43,[3435],{"type":413,"tag":448,"props":3436,"children":3437},{"style":2393},[3438],{"type":418,"value":3439},"# Create GitHub secrets needed for the GitHub Actions\n",{"type":413,"tag":448,"props":3441,"children":3443},{"class":450,"line":3442},44,[3444,3448,3452,3456,3460],{"type":413,"tag":448,"props":3445,"children":3446},{"style":1029},[3447],{"type":418,"value":2188},{"type":413,"tag":448,"props":3449,"children":3450},{"style":461},[3451],{"type":418,"value":1071},{"type":413,"tag":448,"props":3453,"children":3454},{"style":1029},[3455],{"type":418,"value":2197},{"type":413,"tag":448,"props":3457,"children":3458},{"style":461},[3459],{"type":418,"value":1026},{"type":413,"tag":448,"props":3461,"children":3462},{"style":1029},[3463],{"type":418,"value":2206},{"type":413,"tag":448,"props":3465,"children":3467},{"class":450,"line":3466},45,[3468,3472,3476,3480,3484],{"type":413,"tag":448,"props":3469,"children":3470},{"style":1029},[3471],{"type":418,"value":2214},{"type":413,"tag":448,"props":3473,"children":3474},{"style":461},[3475],{"type":418,"value":1071},{"type":413,"tag":448,"props":3477,"children":3478},{"style":1029},[3479],{"type":418,"value":2197},{"type":413,"tag":448,"props":3481,"children":3482},{"style":461},[3483],{"type":418,"value":1026},{"type":413,"tag":448,"props":3485,"children":3486},{"style":1029},[3487],{"type":418,"value":1702},{"type":413,"tag":448,"props":3489,"children":3491},{"class":450,"line":3490},46,[3492,3496,3500,3504,3508],{"type":413,"tag":448,"props":3493,"children":3494},{"style":1029},[3495],{"type":418,"value":2238},{"type":413,"tag":448,"props":3497,"children":3498},{"style":461},[3499],{"type":418,"value":1071},{"type":413,"tag":448,"props":3501,"children":3502},{"style":1029},[3503],{"type":418,"value":2197},{"type":413,"tag":448,"props":3505,"children":3506},{"style":461},[3507],{"type":418,"value":1026},{"type":413,"tag":448,"props":3509,"children":3510},{"style":1029},[3511],{"type":418,"value":2255},{"type":413,"tag":448,"props":3513,"children":3515},{"class":450,"line":3514},47,[3516],{"type":413,"tag":448,"props":3517,"children":3518},{"emptyLinePlaceholder":505},[3519],{"type":418,"value":508},{"type":413,"tag":448,"props":3521,"children":3523},{"class":450,"line":3522},48,[3524],{"type":413,"tag":448,"props":3525,"children":3526},{"style":2393},[3527],{"type":418,"value":3528},"# Run workflow\n",{"type":413,"tag":448,"props":3530,"children":3532},{"class":450,"line":3531},49,[3533],{"type":413,"tag":448,"props":3534,"children":3535},{"style":1029},[3536],{"type":418,"value":2275},{"type":413,"tag":448,"props":3538,"children":3540},{"class":450,"line":3539},50,[3541,3545,3549,3553,3557,3561,3565,3569,3573,3577,3581,3585,3589,3593,3597,3601],{"type":413,"tag":448,"props":3542,"children":3543},{"style":461},[3544],{"type":418,"value":1026},{"type":413,"tag":448,"props":3546,"children":3547},{"style":1029},[3548],{"type":418,"value":2287},{"type":413,"tag":448,"props":3550,"children":3551},{"style":461},[3552],{"type":418,"value":1154},{"type":413,"tag":448,"props":3554,"children":3555},{"style":1029},[3556],{"type":418,"value":2296},{"type":413,"tag":448,"props":3558,"children":3559},{"style":461},[3560],{"type":418,"value":1071},{"type":413,"tag":448,"props":3562,"children":3563},{"style":1029},[3564],{"type":418,"value":2305},{"type":413,"tag":448,"props":3566,"children":3567},{"style":461},[3568],{"type":418,"value":1037},{"type":413,"tag":448,"props":3570,"children":3571},{"style":1029},[3572],{"type":418,"value":2314},{"type":413,"tag":448,"props":3574,"children":3575},{"style":461},[3576],{"type":418,"value":1071},{"type":413,"tag":448,"props":3578,"children":3579},{"style":1029},[3580],{"type":418,"value":2323},{"type":413,"tag":448,"props":3582,"children":3583},{"style":461},[3584],{"type":418,"value":1173},{"type":413,"tag":448,"props":3586,"children":3587},{"style":1029},[3588],{"type":418,"value":1178},{"type":413,"tag":448,"props":3590,"children":3591},{"style":461},[3592],{"type":418,"value":1183},{"type":413,"tag":448,"props":3594,"children":3595},{"style":467},[3596],{"type":418,"value":2340},{"type":413,"tag":448,"props":3598,"children":3599},{"style":461},[3600],{"type":418,"value":1183},{"type":413,"tag":448,"props":3602,"children":3603},{"style":461},[3604],{"type":418,"value":1197},{"type":413,"tag":448,"props":3606,"children":3608},{"class":450,"line":3607},51,[3609,3613,3617],{"type":413,"tag":448,"props":3610,"children":3611},{"style":1029},[3612],{"type":418,"value":2356},{"type":413,"tag":448,"props":3614,"children":3615},{"style":461},[3616],{"type":418,"value":1026},{"type":413,"tag":448,"props":3618,"children":3619},{"style":1029},[3620],{"type":418,"value":2365},{"type":413,"tag":448,"props":3622,"children":3624},{"class":450,"line":3623},52,[3625],{"type":413,"tag":448,"props":3626,"children":3627},{"emptyLinePlaceholder":505},[3628],{"type":418,"value":508},{"type":413,"tag":448,"props":3630,"children":3632},{"class":450,"line":3631},53,[3633],{"type":413,"tag":448,"props":3634,"children":3635},{"style":2393},[3636],{"type":418,"value":3637},"# Open the repostory in the browser\n",{"type":413,"tag":448,"props":3639,"children":3641},{"class":450,"line":3640},54,[3642,3646,3650],{"type":413,"tag":448,"props":3643,"children":3644},{"style":1029},[3645],{"type":418,"value":1159},{"type":413,"tag":448,"props":3647,"children":3648},{"style":461},[3649],{"type":418,"value":1173},{"type":413,"tag":448,"props":3651,"children":3652},{"style":1029},[3653],{"type":418,"value":3654},"w\n",{"type":413,"tag":420,"props":3656,"children":3658},{"id":3657},"final-thoughts",[3659],{"type":418,"value":3660},"Final Thoughts",{"type":413,"tag":414,"props":3662,"children":3663},{},[3664,3666,3672],{"type":418,"value":3665},"I am very glad to have scripted the creation and configuration of a GitHub repository ready to deploy to Azure. Even if I had already done the ",{"type":413,"tag":813,"props":3667,"children":3669},{"href":852,"rel":3668},[817],[3670],{"type":418,"value":3671},"same using Pulumi",{"type":418,"value":3673},", having a small script can sometimes be more convenient than having a full IaC program. In my case, I needed to automate that for a workshop, so it was easier to give participants a script to execute.",{"type":413,"tag":414,"props":3675,"children":3676},{},[3677],{"type":418,"value":3678},"However, I must admit that developing this script proved to be much more challenging than provisioning the same resources using Pulumi. I didn't expect it to take so much time: browsing the CLI documentation, finding the correct syntax, and understanding the cause of failures. In contrast, using the GitHub and Azure Pulumi providers in my TypeScript code turned out to be a much more enjoyable experience.",{"type":413,"tag":414,"props":3680,"children":3681},{},[3682,3684,3689,3691,3697],{"type":418,"value":3683},"Nevertheless, I was pleased to be introduced to the GitHub CLI, which I hadn't explored extensively until now. While I found it very useful, a few things bothered me. Not all commands can be used with the ",{"type":413,"tag":444,"props":3685,"children":3687},{"className":3686},[],[3688],{"type":418,"value":1211},{"type":418,"value":3690}," and ",{"type":413,"tag":444,"props":3692,"children":3694},{"className":3693},[],[3695],{"type":418,"value":3696},"-q",{"type":418,"value":3698}," parameters, which is not very convenient for scripting. Commands that create things (repo, workflow runs) don't return the identifier of the thing they create. I wish GitHub CLI would be more similar to Azure CLI in these matters. I have no doubt these will be improved over time.",{"type":413,"tag":414,"props":3700,"children":3701},{},[3702],{"type":418,"value":3703},"As for Azure CLI, I am still a big fan, although a bit disappointed to have struggled with the inline JSON string.",{"type":413,"tag":414,"props":3705,"children":3706},{},[3707],{"type":418,"value":3708},"Keep learning, keep sharing.",{"type":413,"tag":3710,"props":3711,"children":3712},"style",{},[3713],{"type":418,"value":3714},"html .light .shiki span {color: var(--shiki-light);background: var(--shiki-light-bg);font-style: var(--shiki-light-font-style);font-weight: var(--shiki-light-font-weight);text-decoration: var(--shiki-light-text-decoration);}html.light .shiki span {color: var(--shiki-light);background: var(--shiki-light-bg);font-style: var(--shiki-light-font-style);font-weight: var(--shiki-light-font-weight);text-decoration: var(--shiki-light-text-decoration);}html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html.dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}",{"title":401,"searchDepth":473,"depth":473,"links":3716},[3717,3718,3724,3725],{"id":422,"depth":473,"text":425},{"id":861,"depth":473,"text":864,"children":3719},[3720,3721,3722,3723],{"id":868,"depth":488,"text":871},{"id":913,"depth":488,"text":916},{"id":1231,"depth":488,"text":1234},{"id":2145,"depth":488,"text":2148},{"id":2377,"depth":473,"text":2380},{"id":3657,"depth":473,"text":3660},"markdown","content:1.posts:55.scripting-azure-ready-github-repository.md","content","1.posts/55.scripting-azure-ready-github-repository.md","md",1716749600855]