Comments (5)
You'll need to provide whatever credentials you need to the container. GitHub makes this more awkward than it should be because it doesn't mount the job HOME dir into the container.
From looking at the OIDC login action for Google Cloud it looks like it stores credentials in the job temp directory and sets the standard environment variables to point to it, so I think it would just work.
Often you can pass credentials just in environment variables, which could be set explicitly for the terraform action or set by a previous step.
With AWS for example, the OIDC login action already sets the required environment variables so it also just works.
I don't know Azure, so I don't know where you would find such credentials after using azure/login
.
from terraform-github-actions.
Thanks, will probably dig a bit deep feed into this issue.
from terraform-github-actions.
OIDC , seems to be supported now - although strangely not made its way to the main docs
https://github.com/hashicorp/terraform-provider-azurerm/pull/16555/files
from terraform-github-actions.
Tested it , fairly straightforward with TF - no change needed for the actions (as terraform now has go module to retrieve the id-token , using github actions) .
a bit strange, that the terraform azurerm provider has a specific coupling to github action (env variables too).
a spike here -> https://github.com/stevengonsalvez/cloud-cicd-exploration/blob/master/.github/workflows/az-oidc-test.yml , will probably write it up as well.
from terraform-github-actions.
Glad everything seems to be working. Closing as there doesn't seem to be any changes necessary to the actions.
from terraform-github-actions.
Related Issues (20)
- Cannot run plan with S3 backend HOT 4
- Inability to trigger the action due to an alleged missing file HOT 5
- Terraform Plan action fails due to Unknown token: 15:19 IDENT confluent_service_account.app-producer.id error HOT 10
- "terraform-plan" fails with an error while using "terraform plan" succeeds HOT 2
- backend_config read as file in apply
- Ability to Share Plan Outputs Between Runs HOT 6
- Resources are not removed despite the action claiming otherwise HOT 2
- Issues in terraform version 1.6.0 HOT 1
- Support for Terraform 1.6 test framework HOT 1
- Terraform Cloud deploy with hard-coded workspace fails
- Add option to create new comments on following execution of a terraform operation HOT 3
- OpenTofu support HOT 5
- Terraform Plan Action failing on tf version 1.6.x showing S3 403 permission error
- terraform-plan error: The process '/usr/bin/git' failed with exit code 128 HOT 2
- Terraform Plan Fails on self-hosted runner - ls: cannot access '/github/home': No such file or directory HOT 12
- .tool-versions at workspace level doesn't work HOT 1
- Terraform Cloud backend requires manual "Confirm & Apply" for Terraform >= 1.6.0 HOT 6
- Add option for multiple SSH keys (GH deploy keys)
- auto apply if no resources changed HOT 1
- Impossible to update to a newer terraform version if only the GitHub Action is allowed to execute terraform HOT 8
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-github-actions.