GitHub Actions do not work - OIDC ref. is wrongly setup

[leo-schick]

Describe the bug When I deploy this repository from script, the predefined GitHub actions will not work. I get the following error message:

I took a look at the created OIDC app and found out that the subject is set up differently:

(screenshot in german, sorry :-) )

I changed the "Antragstellerbezeichner" from repo:git@github.com:myorganization/azure-saas.git:ref:refs/heads/main to repo:myorganization/azure-saas:ref:refs/heads/main and then it worked.

So the script creates the OIDC federation credentials with the wrong parameters.

Expected behavior

When running script create-oidc-workflow-github-action.sh, it should correctly setup the federation credentials .

Desktop (please complete the following information):

• OS: Ubuntu on WSL
• Browser -
• Version -

[1iveowl]

This has been tested, so not sure if this issue is caused by some dependencies have been updated/changed or if something else is at play. Need to investigate further.

[leo-schick]

I think I found now the reason for it, but could not fix it finally: the issue is the code here:

The git remote url is taken and the organization and project name is extracted. This works fine when one use a HTTPS git remote url. For example:

$ echo "https://github.com/Azure/azure-saas.git" | sed 's/.*\/\([^ ]*\/[^.]*\).*/\1/'
Azure/azure-saas

But this does not work out when I use a git url:

$ echo "git@github.com:Azure/azure-saas.git" | sed 's/.*\/\([^ ]*\/[^.]*\).*/\1/'
git@github.com:Azure/azure-saas.git

In such a case, the sed parameter needs to be adjusted to use the : as separator:

$ echo "git@github.com:Azure/azure-saas.git" | sed 's/.*:\([^ ]*\/[^.]*\).*/\1/'
Azure/azure-saas

The parameter change helped me to fix it for me. But it will not work with a HTTPS urls. I tried to implement a or expression like (\/|:) but this does not work...

@1iveowl maybe that is something you could investigate further?