search

jenkinsci / azure-container-agents-plugin

Azure Container Agents Plugin for Jenkins
https://plugins.jenkins.io/azure-container-agents/
MIT License
19 stars 26 forks source link

Add support for assigning Managed Identity to the container #282

Open jhyot opened 7 months ago

jhyot commented 7 months ago

What feature do you want to see added?

It seems that currently it is not possible to let this plugin assign a managed identity to the created containers, is that correct?

We need to access certain Azure resources from our builds. By far the most convenient and secure would be to use managed identities which are assigned to the created containers. That way we don't have to inject any hardcoded credentials into to container, which can always end up leaking.

Azure container instances supports managed identities out of the box, so this should be rather straightforward: https://learn.microsoft.com/en-us/azure/container-instances/container-instances-managed-identity

Upstream changes

No response

Are you interested in contributing this feature?

If this project is still active and I would receive help in getting this into a new release quickly, I would be willing to give this implementation a try.

timja commented 7 months ago

Hey, happy to review / merge changes like this not a problem.

If you're willing to make the changes it can be in a new release quickly.

jhyot commented 7 months ago

Great. I am in the preliminary stages of evaluating this plugin whether it works for us. If that is successful, I'll get back here and try to implement this enhancement.