Azure · lonegunmanb · Sep 12, 2024 · Sep 12, 2024 · Sep 12, 2024 · Sep 12, 2024
@@ -1,6 +1,6 @@
 name: E2E Test Check
 on:
-  pull_request:
+  pull_request_target:
     types: ['opened', 'synchronize']
     paths:
       - '.github/**'
@@ -11,7 +11,7 @@ permissions:
 
 jobs:
   e2e-check:
-    runs-on: [self-hosted, 1ES.Pool=terraform-azurerm-doc]
+    runs-on: ubuntu-latest
     environment:
       name: acctests
     steps:
@@ -28,15 +28,16 @@ jobs:
           dir_names_max_depth: 2
       - name: test pr
         env:
+          ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+          ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
+          ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
           ALL_CHANGED_FILES: ${{ steps.changed-files.outputs.all_changed_files }}
         run: |
           echo "change files" $ALL_CHANGED_FILES
-          az login --identity --username $MSI_ID > /dev/null
-          export ARM_SUBSCRIPTION_ID=$(az login --identity --username $MSI_ID | jq -r '.[0] | .id')
-          export ARM_TENANT_ID=$(az login --identity --username $MSI_ID | jq -r '.[0] | .tenantId')
-          ARM_CLIENT_ID=$(az identity list | jq -r --arg MSI_ID "$MSI_ID" '.[] | select(.principalId == $MSI_ID) | .clientId')
+          export ARM_OIDC_REQUEST_TOKEN=$ACTIONS_ID_TOKEN_REQUEST_TOKEN
+          export ARM_OIDC_REQUEST_URL=$ACTIONS_ID_TOKEN_REQUEST_URL
           export CHANGED_FOLDERS="${{ steps.changed-files.outputs.all_changed_files }}"
-          docker run --rm -v $(pwd):/src -w /src/test --network=host -e MSI_ID -e ARM_SUBSCRIPTION_ID -e ARM_TENANT_ID -e ARM_CLIENT_ID -e ARM_USE_MSI=true -e CHANGED_FOLDERS mcr.microsoft.com/azterraform:latest sh -c "pkenv install 1.10.2 && go mod tidy && go test -timeout=360m -v ./e2e"
+          docker run --rm -v $(pwd):/src -w /src/test --network=host -e ARM_SUBSCRIPTION_ID -e ARM_TENANT_ID -e ARM_CLIENT_ID -e ARM_OIDC_REQUEST_TOKEN -e ARM_OIDC_REQUEST_URL -e ARM_USE_OIDC=true -e CHANGED_FOLDERS mcr.microsoft.com/azterraform:latest sh -c "pkenv install 1.10.2 && go mod tidy && go test -timeout=360m -v ./e2e"
       - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 #v3.1.3
         with:
           name: TestRecord-${{ github.event.number }}

@@ -9,7 +9,7 @@ permissions:
 
 jobs:
   full-e2e-check:
-    runs-on: [self-hosted, 1ES.Pool=terraform-azurerm-doc]
+    runs-on: ubuntu-latest
     timeout-minutes: 1440
     environment:
       name: crontests
@@ -21,11 +21,12 @@ jobs:
         timeout-minutes: 1440
         run: |
           git config --global --add safe.directory '*'
-          az login --identity --username $MSI_ID > /dev/null
-          export ARM_SUBSCRIPTION_ID=$(az login --identity --username $MSI_ID | jq -r '.[0] | .id')
-          export ARM_TENANT_ID=$(az login --identity --username $MSI_ID | jq -r '.[0] | .tenantId')
-          ARM_CLIENT_ID=$(az identity list | jq -r --arg MSI_ID "$MSI_ID" '.[] | select(.principalId == $MSI_ID) | .clientId')
-          docker run --rm -v $(pwd):/src -w /src/test -e MSI_ID -e ARM_SUBSCRIPTION_ID -e ARM_CLIENT_ID -e ARM_TENANT_ID -e ARM_USE_MSI=true -e CHANGED_FOLDERS mcr.microsoft.com/azterraform sh -c "go mod tidy && go test -timeout=1440m -parallel 10 -v ./e2e"
+          export ARM_OIDC_REQUEST_TOKEN=$ACTIONS_ID_TOKEN_REQUEST_TOKEN
+          export ARM_OIDC_REQUEST_URL=$ACTIONS_ID_TOKEN_REQUEST_URL
+          export ARM_SUBSCRIPTION_ID=${{ secrets.AZURE_SUBSCRIPTION_ID }}
+          export ARM_TENANT_ID=${{ secrets.AZURE_TENANT_ID }}
+          export ARM_CLIENT_ID=${{ secrets.AZURE_CLIENT_ID }}
+          docker run --rm -v $(pwd):/src -w /src/test -e MSI_ID -e ARM_SUBSCRIPTION_ID -e ARM_CLIENT_ID -e ARM_TENANT_ID -e ARM_OIDC_REQUEST_TOKEN -e ARM_OIDC_REQUEST_URL -e ARM_USE_OIDC=true -e CHANGED_FOLDERS mcr.microsoft.com/azterraform sh -c "go mod tidy && go test -timeout=1440m -parallel 10 -v ./e2e"
       - name: Update
         run: |
           docker run --rm -v $(pwd):/src -w /src mcr.microsoft.com/azterraform sh scripts/update-test-record.sh

diff --git a/quickstart/101-aci-linuxcontainer-public-ip/main.tf b/quickstart/101-aci-linuxcontainer-public-ip/main.tf
@@ -2,6 +2,7 @@ resource "random_pet" "rg_name" {
   prefix = var.resource_group_name_prefix
 }
 
+
 resource "azurerm_resource_group" "rg" {
   name     = random_pet.rg_name.id
   location = var.resource_group_location