[Yesterday 09:13] COLLE Augustin (DIGIT-EXT)
Sure, we can set a second pipeline. It requires you to register an application in your tenant and give this application the correct rights to perform the task
[Yesterday 09:21] COLLE Augustin (DIGIT-EXT)
If I remember correctly, you have to create it using Azure cli, command is az ad sp create-for-rbac (with few parameters). It will return a json like {"clientId": "123-1234-567-567890", "secret": "mySecret", ...} and this json can be saved in GitHub secrets with an easy to remember name such as CERT-EU_CREDENTIALS. Then you can duplicate the "deploy.yml" action and replace ${{secrets.AZURE_CREDENTIALS}} with your own secret.
[Yesterday 09:22] COLLE Augustin (DIGIT-EXT)
Note: Do it yourself, we as DIGIT.C1 will not be able to retrieve the secret from GitHub, good for your security posture
Add or modify deploy pipeline to also run on a CERT-EU subscription
[Yesterday 09:13] COLLE Augustin (DIGIT-EXT) Sure, we can set a second pipeline. It requires you to register an application in your tenant and give this application the correct rights to perform the task
[Yesterday 09:21] COLLE Augustin (DIGIT-EXT) If I remember correctly, you have to create it using Azure cli, command is az ad sp create-for-rbac (with few parameters). It will return a json like {"clientId": "123-1234-567-567890", "secret": "mySecret", ...} and this json can be saved in GitHub secrets with an easy to remember name such as CERT-EU_CREDENTIALS. Then you can duplicate the "deploy.yml" action and replace ${{secrets.AZURE_CREDENTIALS}} with your own secret.
[Yesterday 09:22] COLLE Augustin (DIGIT-EXT) Note: Do it yourself, we as DIGIT.C1 will not be able to retrieve the secret from GitHub, good for your security posture