Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use VM managed identity for login #2175

Closed
wants to merge 1 commit into from
Closed

Use VM managed identity for login #2175

wants to merge 1 commit into from

Conversation

SimonYansenZhao
Copy link
Collaborator

@SimonYansenZhao SimonYansenZhao commented Sep 29, 2024
edited
Loading

Description

This PR resolves the issue #2171 by updating the testing workflows to use the Azure VM managed identity for login. It's tested in the PR #2174 .

  • Update the doc: tests/README.md
  • NOTE: Additional setup is required before this PR is merged:
    1. Create a Azure VM with Ubuntu 22.04
    * Configure the managed identity on creation: Management → Identity → Enable system assigned managed identity
    * Choosee Ubuntu 22.04 instead of 24.04, because PowerShell does not have packages on 24.04
    2. Go to the AML workspace (azureml-test-workspace) and grant the following roles to the VM's managed identity
    * AzureML Compute Operator
    * AzureML Data Scientist
    * Reader
    3. Install PowerShell, Azure CLI and Azure PowerShell on the VM
    4. Go to Recommenders → Settings → Actions → Runners → New self-hosted runner
    Run the command on the VM
    5. Change the following secret values with the IDs of the VM: Settings → Secrets and variables → Actions → New repository secret
    * AZURE_VM_TENANT_ID
    * AZURE_VM_SUBSCRIPTION_ID

Related Issues

References

Checklist:

  • I have followed the contribution guidelines and code style for this project.
  • I have added tests covering my contributions.
  • I have updated the documentation accordingly.
  • I have signed the commits, e.g. git commit -s -m "your commit message".
  • This PR is being made to staging branch AND NOT TO main branch.

miguelgfierro
miguelgfierro reviewed Oct 21, 2024
View reviewed changes
.github/actions/azureml-test/action.yml
@@ -15,9 +15,12 @@ inputs:
TEST_KIND:
required: true
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

New method that would not require a VM: https://learn.microsoft.com/en-us/azure/developer/github/connect-from-azure-openid-connect

@SimonYansenZhao SimonYansenZhao deleted the simonz/use-managed-identity branch October 27, 2024 07:18
@SimonYansenZhao SimonYansenZhao mentioned this pull request Oct 27, 2024
Merged
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@miguelgfierro miguelgfierro miguelgfierro left review comments

@gramhagen gramhagen Awaiting requested review from gramhagen gramhagen will be requested when the pull request is marked ready for review gramhagen is a code owner

@anargyri anargyri Awaiting requested review from anargyri anargyri will be requested when the pull request is marked ready for review anargyri is a code owner

@loomlike loomlike Awaiting requested review from loomlike loomlike will be requested when the pull request is marked ready for review loomlike is a code owner

@wutaomsft wutaomsft Awaiting requested review from wutaomsft wutaomsft will be requested when the pull request is marked ready for review wutaomsft is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@SimonYansenZhao @miguelgfierro