search

Azure-Player / azure.datafactory.devops

Azure DevOps Deployment Tasks for Azure Data Factory objects
MIT License
39 stars 21 forks source link

Authentication via WorkloadIdentityFederation #154

Closed aj4314 closed 2 months ago

aj4314 commented 10 months ago

Hi Kamil,

I recently implemented the publish tool for a CICD pipeline running in Azure Devops and it was very smooth. Thanks for your hard work!

I have a quick question in regards to authentication methods when implementing through Azure Devops. Currently it seems that only the service principle approach or managed service identity works - I tried setting up a service connection using Workload Identity federation and encountered this error: image (6)

Since Azure is now recommending workload identity federation are there any plans to make different authentication approaches viable? My company is trying to move away from managing service principles and having to recycle secrets.

Kind regards!

NowinskiK commented 9 months ago

Error message (for searchability): ##[error]Unsupported authentication scheme 'WorkloadIdentityFederation' for Azure endpoint.

NowinskiK commented 9 months ago

MSFT fixed recently similar issue here (reference): https://github.com/microsoft/azure-pipelines-tasks/issues/18992 PR details: https://github.com/microsoft/azure-pipelines-tasks/pull/19256/commits/50e3e31ca81204c3bb51a2be9cc050a7d13472cc#diff-e7717abe1d4a4bc136d4e37c1e2695fc81b89047c49dfd7adf9b155d9135a2b9

timSchw commented 6 months ago

Hi @NowinskiK, any progress on this? We're having the same issue.

NowinskiK commented 6 months ago

I started working on this, but I don't have a solution yet.

ursu123 commented 4 months ago

Hi, we are experiencing the same issue. We would love to use the recommended authentication method for it - as a workaround we reverted to a SP auth.

mlongoria commented 2 months ago

I have clients who would like to use workload identity federation with the Release pipeline task. Is there an ETA on this yet? I tried it today and am still getting the same error as in this thread.

NowinskiK commented 2 months ago

I hope very soonish...

NowinskiK commented 2 months ago

Good news: I finally overcame all obstacles and errors related to the development of this feature. Currently, it's in tests. If you want to have access to Private Preview let me know. It should be deployed in a few days.

NowinskiK commented 2 months ago

Released in v.1.34

NowinskiK commented 2 months ago

This feature has been reverted from ver.1.x and released in a new major version 2.0, due to backwards incompatibility of related Az.* modules. (Issue #164)