GitHub Actions with Federated Credentials #4822

tamirkamara · 2026-01-26T07:00:09Z

What is being addressed

The workflows in this repo currently rely on a service principal with a secret. This is considered less secure and no longer the only way to have GitHub Actions authenticate to Azure.

How is this addressed

Switch workflows to use federated credentials
Change scripts so that Terraform will rely on azure-cli authentication as that's renews tokens automatically while terraform doesn't (while inside the dev container)
Update documentation and changelog

github-actions · 2026-01-26T07:01:25Z

Unit Test Results

0 tests 0 ✅ 0s ⏱️
0 suites 0 💤
0 files 0 ❌

Results for commit 7d0b707.

♻️ This comment has been updated with latest results.

tamirkamara · 2026-01-26T11:35:40Z

/test

github-actions · 2026-01-26T11:35:53Z

🤖 pr-bot 🤖

🏃 Running tests: https://github.com/microsoft/AzureTRE/actions/runs/21356238812 (with refid 7ad231f2)

(in response to this comment from @tamirkamara)

tamirkamara force-pushed the tamirkamara/gha-oidc branch from 121cbb6 to 3285194 Compare January 26, 2026 07:00

tamirkamara force-pushed the tamirkamara/gha-oidc branch from 3285194 to d5639ab Compare January 26, 2026 07:14

tamirkamara added 4 commits January 26, 2026 10:36

github actions federated credential

1abf738

update changelog

b1ab6ad

update exec bit

aa0be58

update workflow param

7076332

tamirkamara force-pushed the tamirkamara/gha-oidc branch from d5639ab to 7076332 Compare January 26, 2026 08:36

tamirkamara added 2 commits January 26, 2026 10:41

Use secrets instead of vars

79cee4b

fix

6b47fbf

tamirkamara temporarily deployed to CICD January 26, 2026 12:00 — with GitHub Actions Inactive

tamirkamara temporarily deployed to CICD January 26, 2026 12:07 — with GitHub Actions Inactive

tamirkamara temporarily deployed to CICD January 26, 2026 14:54 — with GitHub Actions Inactive

tamirkamara temporarily deployed to CICD January 26, 2026 14:56 — with GitHub Actions Inactive

tamirkamara temporarily deployed to CICD January 26, 2026 15:09 — with GitHub Actions Inactive

tamirkamara temporarily deployed to CICD January 26, 2026 15:10 — with GitHub Actions Inactive

tamirkamara temporarily deployed to CICD January 26, 2026 15:13 — with GitHub Actions Inactive

tamirkamara temporarily deployed to CICD January 26, 2026 15:15 — with GitHub Actions Inactive

tamirkamara enabled auto-merge (squash) January 26, 2026 15:20

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Actions with Federated Credentials #4822

GitHub Actions with Federated Credentials #4822

Uh oh!

tamirkamara commented Jan 26, 2026 •

edited

Loading

Uh oh!

github-actions bot commented Jan 26, 2026 •

edited

Loading

Uh oh!

tamirkamara commented Jan 26, 2026

Uh oh!

github-actions bot commented Jan 26, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

GitHub Actions with Federated Credentials #4822

Are you sure you want to change the base?

GitHub Actions with Federated Credentials #4822

Uh oh!

Conversation

tamirkamara commented Jan 26, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

What is being addressed

How is this addressed

Uh oh!

github-actions bot commented Jan 26, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Unit Test Results

Uh oh!

tamirkamara commented Jan 26, 2026

Uh oh!

github-actions bot commented Jan 26, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

tamirkamara commented Jan 26, 2026 •

edited

Loading

github-actions bot commented Jan 26, 2026 •

edited

Loading