Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Auth Options: User-Managed Identity, System-Managed Identity, and AzDO Workload Identity Federation #545

Merged
merged 54 commits into from
Feb 5, 2025
Merged

Add Auth Options: User-Managed Identity, System-Managed Identity, and AzDO Workload Identity Federation #545

merged 54 commits into from
Feb 5, 2025

Conversation

ianjensenisme
Copy link
Contributor

@ianjensenisme ianjensenisme commented Dec 18, 2024
edited
Loading

This pull request introduces several new authentication methods and updates the documentation accordingly. The main changes include adding support for Managed Identity and Azure DevOps Workload Identity Federation authentication, along with corresponding updates to the documentation and tests.

Authentication Methods Added:

  • Added support for Managed Identity authentication, including both system-managed and user-managed identities (internal/api/auth.go).
  • Added support for Azure DevOps Workload Identity Federation authentication (internal/api/auth.go).

Documentation Updates:

  • Updated docs/index.md to include new sections for Managed Identity and Workload Identity Federation authentication methods. [1] [2] [3] [4]
  • Added new environment variables related to the new authentication methods (docs/index.md).

Configuration Changes:

  • Updated ProviderConfig struct to include new fields for Managed Identity and Azure DevOps Workload Identity Federation (internal/config/config.go). [1] [2]
  • Added new methods to check if the new authentication methods are provided (internal/config/config.go). [1] [2]

Tests:

  • Added unit tests for the new authentication methods to ensure they handle various error scenarios correctly (internal/api/client_test.go).

Changelog:

  • Added an entry to the changelog for the new authentication methods (.changes/unreleased/added-20241218.yaml).This pull request introduces new authentication methods for the Power Platform provider in Terraform. The key changes include adding support for Managed Identity and Workload Identity Federation, along with the necessary configuration updates and new methods for handling these authentication mechanisms.

Documentation Updates:

  • Added sections for "Authenticating to Power Platform using a Managed Identity" and "Authenticating to Power Platform using Workload Identity Federation" in docs/index.md. [1] [2] [3]

Codebase Enhancements:

  • Introduced new methods in internal/api/auth.go to handle authentication using User-Managed Identity, System-Managed Identity, and Azure DevOps Workload Identity Federation. [1] [2]

Configuration Changes:

  • Added UseMsi and AzDOServiceConnectionID to the ProviderConfig struct in internal/config/config.go and updated related methods to check for these configurations. [1] [2] [3] [4] [5]

Environment Variables:

Provider Configuration:

  • Updated the provider schema and configuration logic in internal/provider/provider.go to include the new authentication options. [1] [2] [3]

mawasile
mawasile requested changes Jan 6, 2025
View reviewed changes
docs/index.md Show resolved Hide resolved
docs/index.md Outdated Show resolved Hide resolved
docs/index.md Outdated Show resolved Hide resolved
internal/api/auth.go Show resolved Hide resolved
internal/provider/provider.go Show resolved Hide resolved
@ianjensenisme ianjensenisme requested a review from mattdot January 28, 2025 03:57
mattdot
mattdot previously approved these changes Jan 28, 2025
View reviewed changes
mawasile
mawasile previously approved these changes Jan 29, 2025
View reviewed changes
mawasile
mawasile previously approved these changes Feb 4, 2025
View reviewed changes
internal/api/client_test.go Outdated Show resolved Hide resolved
internal/api/client_test.go Outdated Show resolved Hide resolved
internal/api/client_test.go Outdated Show resolved Hide resolved
internal/api/client_test.go Outdated Show resolved Hide resolved
internal/api/client_test.go Outdated Show resolved Hide resolved
internal/api/client_test.go Outdated Show resolved Hide resolved
mattdot
mattdot previously approved these changes Feb 4, 2025
View reviewed changes
@ianjensenisme ianjensenisme enabled auto-merge (squash) February 5, 2025 19:12
@mawasile mawasile requested review from mawasile and mattdot February 5, 2025 19:17
@ianjensenisme ianjensenisme merged commit a731f46 into main Feb 5, 2025
14 checks passed
@ianjensenisme ianjensenisme deleted the ianjensenisme/243-Managed-Identity branch February 5, 2025 19:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mawasile mawasile mawasile approved these changes

@leighatami leighatami Awaiting requested review from leighatami leighatami is a code owner

@polatengin polatengin Awaiting requested review from polatengin polatengin is a code owner

@eduardodfmex eduardodfmex Awaiting requested review from eduardodfmex eduardodfmex is a code owner

@mattdot mattdot Awaiting requested review from mattdot mattdot is a code owner

Assignees

@ianjensenisme ianjensenisme

Labels
enhancement New feature or request security
Projects
None yet
Milestone
P0
Development

Successfully merging this pull request may close these issues.

OIDC Azure DevOps Workload Identity Managed Identity for the provider authentication
3 participants
@ianjensenisme @mattdot @mawasile