feat: Support Azure CLI credential

[shibayan]

The current static-web-apps-deploy task does not support Service Principal, so we always need to use tokens for deployment, but it is very time consuming to configure everything when deploying to multiple SWAs.

If the SWA CLI supports Azure CLI login (azure/login action), deployment would be very simple.

Close #751

[rhuanbarreto]

@manekinekko @v1212 @cjk7989 @IvanJobs any updates? This is important for improvements in static web apps deployment

[shibayan]

@manekinekko @v1212 @cjk7989 @IvanJobs I would be happy to have this feature reviewed as I believe it is something that many, including myself, have been waiting for.

[cjk7989]

Thanks @shibayan, sorry for the delay. I'll test the changes from my side and publish in the next release (maybe version 1.1.8). Could you give some details about the scenario how you login swa using Azure CLI?

[shibayan]

@cjk7989 Thanks, I believe the biggest scenario where we want to use Azure CLI credentials from SWA CLI is OpenID Connect (Federated Credential) in GitHub Actions as per #751 #715.

Web App deployments use Federated Credentials via Azure CLI, but since they are not available for Static Web Apps deployments, it is necessary to manage deployment tokens separately.

[rhuanbarreto]

Just to raise my case. I'm using the CLI directly because I have a monorepo deploying many different static websites. So I already use the azure login action in github actions to issue a token against azure management.

[cjk7989]

Hi @shibayan, sorry for the delay and thanks for the great contribution! I plan to test it from my side and apply the feature in the next release. Could you share a complete scenario how do you set up azure login in GitHub Actions?

[shibayan]

@cjk7989 In a monolipo configuration, it is not reasonable to manage credentials such as deployment tokens separately, since a single repository contains multiple applications and deployment is required for each.

The following is a workflow for a simple application I am running, which uses Federated Credential authentication in combination with Azure Login for the Web App, so only one set of credentials is needed, making the configuration even more secure.

• https://github.com/shibayan/appserviceinfo/blob/master/.github/workflows/backend-deploy.yml

The following is a deployment to Static Web App. The standard Action is provided as a Docker Image that includes a build environment, so the overhead is large for configurations where you want to build in advance and leave deployment to the user, so deployment is done using the SWA CLI.

• https://github.com/shibayan/appserviceinfo/blob/master/.github/workflows/frontend-deploy.yml

Since deployments to the same resource group will be made, we believe it is a common requirement that deployments to Static Web App use the same authentication information as Web App to reduce administration.

Although not a public project, the business is developing four SWAs in monolipo and deployments require four deployment tokens. It is extremely difficult to manage these four without making mistakes.

[KoblerS]

Any news on this PR, I would really appreciate if this feature can be merged as I really need to use the local Azure credentials?

[rhuanbarreto]

@manekinekko @v1212 @cjk7989 @IvanJobs we really need this in order to simplify our CI workflows. How can we find a way to prioritize this?

[shibayan]

Any updates?

[Timothyw0]

Hi All, sorry for the delay in review. Thank you @shibayan for raising this PR and adding support for the Azure/login Github action.

We will include this in our next release :)