search

Azure / powershell

GH Action to run Az PowerShell scripts for developers and administrators to develop, deploy, and manage Microsoft Azure applications.
MIT License
60 stars 40 forks source link

Which docker image can I use to run the github action #104

Open wenwenchenbosch opened 5 months ago

wenwenchenbosch commented 5 months ago

I want to use this github action to run inlineScript. The github should be running in a docker container, but I can not find any official image for this purpose.

My workflow file looks similar to the one in README. I only added container:

on: [push]

name: AzurePowerShellSample

jobs:

  build:
    runs-on: ubuntu-latest
    container:
      image: ???
    steps:

    - name: Login via Az module
      uses: azure/login@v2
      with:
        creds: ${{secrets.AZURE_CREDENTIALS}}
        enable-AzPSSession: true 

    - name: Run Azure PowerShell inline script
      uses: azure/powershell@v2
      with:
        inlineScript: |
          Get-AzVM -ResourceGroupName "ResourceGroup11"
        azPSVersion: "latest"

With image: mcr.microsoft.com/azure-powershell:latest I get error Error: Login failed with Error: Unable to locate executable file: az. in the login step. With image:mcr.microsoft.com/azure-cli:latest I get error Error: Unable to locate executable file: pwsh. in the running script step.

Can someone help me? Or I need a customer docker image for running this simple workflow?

YanaXu commented 5 months ago

Hi @wenwenchenbosch , it's the limitation that if you want to use Azure Login Action, Azure cli and Azure PowerShell should be installed on your runner. May I ask why you need run the Azure PowerShell script in a docker container? It's not a suggested way to run it. You know many softwares are not installed in many docker images.

The images you have tried are only with Azure Cli or Azure PowerShell, not both of them. That's why it failes.

If you do need to run a docker image (only with Azure PowerShell but without Azure Cli) to run Azure PowerShell script in GitHub actions, I suggest you to login with Azure PowerShell directly instead of using Azure Login Action. For example

    - name: GetFederatedToken
      uses: actions/github-script@v4
      with:
        script: |
          const idToken = await core.getIDToken('api://AzureADTokenExchange')
          core.exportVariable('idToken', idToken)

    - name: OIDCLoginAndRunAzurePowerShell
      shell: pwsh
      env: 
        tenantId: ${{secrets.tenantId }}
        subscriptionId: ${{secrets.subscriptionId }}
        clientId: ${{secrets.clientId}}
      run: |
        Connect-AzAccount -ServicePrincipal -ApplicationId $env:clientId -Tenant $env:tenantId -SubscriptionId $env:subscriptionId -FederatedToken $env:idToken
        # run your azure powershell cmdlets
        # ...
wenwenchenbosch commented 5 months ago

Thanks for the reply. We use self-hosted runner for our project. The runners are shared for multiple projects, therefore, it is not possible to install software by myself.

Now I am using PowerShell command for login and it works, and I still need to figure out how to do deployment using PowerShell command. because azure/arm-deploy@v2 also requires az-cli