Azure · MoChilia · Jun 8, 2023 · Jun 8, 2023 · Jun 9, 2023 · Jun 12, 2023
diff --git a/.github/workflows/azure-login-negative.yml b/.github/workflows/azure-login-negative.yml
@@ -356,4 +356,74 @@ jobs:
       uses: actions/github-script@v3
       with:
           script: |
-            core.setFailed('Last action should fail but not. Please check it.')
+            core.setFailed('Last action should fail but not. Please check it.')
+
+    - name: Login with tenant-level account, without allow-no-subscriptions
+      id: login_11
+      continue-on-error: true
+      uses: ./
+      with:
+        client-id: ${{ secrets.OIDC_SP2_CLIENT_ID }}
+        tenant-id: ${{ secrets.OIDC_SP2_TENANT_ID }}
+        subscription-id: ${{ secrets.OIDC_SP2_SUBSCRIPTION_ID }}
+        enable-AzPSSession: true
+
+    - name: Check Last step failed
+      if: steps.login_11.outcome == 'success'
+      uses: actions/github-script@v3
+      with:
+          script: |
+            core.setFailed('Last action should fail but not. Please check it.')
+
+    # Secret of SP1 in creds will be used to sign in SP2
+    - name: Login with both creds and individual parameters
+      id: login_12
+      continue-on-error: true
+      uses: ./
+      with:
+        creds: ${{secrets.SP1}}
+        client-id: ${{ secrets.OIDC_SP2_CLIENT_ID }}
+        tenant-id: ${{ secrets.OIDC_SP2_TENANT_ID }}
+        subscription-id: ${{ secrets.OIDC_SP2_SUBSCRIPTION_ID }}
+        allow-no-subscriptions: true
+        enable-AzPSSession: true
+
+    - name: Check Last step failed
+      if: steps.login_12.outcome == 'success'
+      uses: actions/github-script@v3
+      with:
+          script: |
+            core.setFailed('Last action should fail but not. Please check it.')
+
+  VMTest:
+    strategy:
+      matrix:
+        os: [self_linux, self_windows]
+    runs-on: ${{ matrix.os }}
+    environment: Automation test
+
+    steps:
+    - name: 'Checking out repo code'
+      uses: actions/checkout@v3.5.2
+
+    - name: Set Node.js 16.x for GitHub Action
+      uses: actions/setup-node@v1
+      with:
+        node-version: 16.x
+
+    - name: 'Validate build'
+      run: |
+        npm install
+        npm run build
+
+    - name: Login with system-assigned managed identity without auth-type
+      id: login_13
+      continue-on-error: true
+      uses: ./
+
+    - name: Check Last step failed
+      if: steps.login_13.outcome == 'success'
+      uses: actions/github-script@v3
+      with:
+          script: |
+            core.setFailed('Last action should fail but not. Please check it.')
diff --git a/.github/workflows/azure-login-positive.yml b/.github/workflows/azure-login-positive.yml
@@ -75,6 +75,28 @@ jobs:
         inlineScript: |
           Get-AzContext | Format-List
 
+    - name: Login with explicit auth-type
+      uses: ./
+      with:
+        creds: ${{secrets.SP1}}
+        auth-type: SERVICE_PRINCIPAL
+        enable-AzPSSession: true
+
+    - name: Run Azure Cli
+      run: |
+        az account show
+        az group show --name GitHubActionGroup
+        az vm list
+
+    - name: Run Azure PowerShell
+      uses: azure/powershell@v1.2.0
+      with:
+        azPSVersion: "latest"
+        inlineScript: |
+          Get-AzContext | Format-List
+          Get-AzResourceGroup -Name GitHubActionGroup
+          Get-AzVM
+
   ParameterTest:
     strategy:
       matrix:
@@ -96,53 +118,47 @@ jobs:
         npm install
         npm run build
 
-    - name: Login with both creds and individual parameters
+    - name: Login with creds, disable ps session
       uses: ./
       with:
         creds: ${{secrets.SP1}}
-        client-id: ${{ secrets.OIDC_SP2_CLIENT_ID }}
-        tenant-id: ${{ secrets.OIDC_SP2_TENANT_ID }}
-        subscription-id: ${{ secrets.OIDC_SP2_SUBSCRIPTION_ID }}
-        enable-AzPSSession: true
+        enable-AzPSSession: false
 
-    - name: Run Azure Cli
+    - name: Run Azure Cli 
       run: |
         az account show
         az group show --name GitHubActionGroup
         az vm list
 
-    - name: Run Azure PowerShell
-      uses: azure/powershell@v1.2.0
-      with:
-        azPSVersion: "latest"
-        inlineScript: |
-          Get-AzContext | Format-List
-          Get-AzResourceGroup -Name GitHubActionGroup
-          Get-AzVM
-
-    - name: Login with creds, disable ps session
+    - name: Login with creds, wrong boolean value
       uses: ./
       with:
         creds: ${{secrets.SP1}}
-        enable-AzPSSession: false
+        enable-AzPSSession: notboolean
 
     - name: Run Azure Cli 
       run: |
         az account show
         az group show --name GitHubActionGroup
         az vm list
 
-    - name: Login with creds, wrong boolean value
+    - name: Login by OIDC with all info in creds 
       uses: ./
       with:
-        creds: ${{secrets.SP1}}
-        enable-AzPSSession: notboolean
+        creds: ${{secrets.SP2}}
+        allow-no-subscriptions: true
+        enable-AzPSSession: true
 
-    - name: Run Azure Cli 
+    - name: Run Azure Cli
       run: |
         az account show
-        az group show --name GitHubActionGroup
-        az vm list
+
+    - name: Run Azure PowerShell
+      uses: azure/powershell@v1.2.0
+      with:
+        azPSVersion: "latest"
+        inlineScript: |
+          Get-AzContext | Format-List
 
     - name: Login with creds, allow no subscription
       uses: ./
@@ -185,3 +201,96 @@ jobs:
         inlineScript: |
           Get-AzContext | Format-List
 
+  VMTest:
+    strategy:
+      matrix:
+        os: [self_linux, self_windows]
+    runs-on: ${{ matrix.os }}
+    environment: Automation test
+
+    steps:
+    - name: 'Checking out repo code'
+      uses: actions/checkout@v3.5.2
+
+    - name: Set Node.js 16.x for GitHub Action
+      uses: actions/setup-node@v1
+      with:
+        node-version: 16.x
+
+    - name: 'Validate build'
+      run: |
+        npm install
+        npm run build
+
+    - name: Login with system-assigned managed identity
+      uses: ./
+      with:
+        auth-type: IDENTITY
+      #   enable-AzPSSession: true
+
+    - name: Run Azure Cli
+      run: |
+        az account show
+
+    # - name: Run Azure PowerShell
+    #   uses: azure/powershell@v1.2.0
+    #   with:
+    #     azPSVersion: "latest"
+    #     inlineScript: |
+    #       Get-AzContext | Format-List
+
+    - name: Login with user-assigned managed identity
+      uses: ./
+      with:
+        client-id: ${{ secrets.UMI1_CLIENT_ID }}
+        auth-type: IDENTITY
+        # enable-AzPSSession: true
+
+    - name: Run Azure Cli
+      run: |
+        az account show
+
+    # - name: Run Azure PowerShell
+    #   uses: azure/powershell@v1.2.0
+    #   with:
+    #     azPSVersion: "latest"
+    #     inlineScript: |
+    #       Get-AzContext | Format-List
+
+    - name: Login with user-assigned managed identity, subscription-id
+      uses: ./
+      with:
+        client-id: ${{ secrets.UMI1_CLIENT_ID }}
+        subscription-id: ${{ secrets.UMI1_SUBSCRIPTION_ID }}
+        auth-type: IDENTITY
+        # enable-AzPSSession: true
+
+    - name: Run Azure Cli
+      run: |
+        az account show
+
+    # - name: Run Azure PowerShell
+    #   uses: azure/powershell@v1.2.0
+    #   with:
+    #     azPSVersion: "latest"
+    #     inlineScript: |
+    #       Get-AzContext | Format-List
+
+    - name: Login with tenant-level user-assigned managed identity with allow-no-subscriptions
+      uses: ./
+      with:
+        client-id: ${{ secrets.UMI2_CLIENT_ID }}
+        allow-no-subscriptions: true
+        auth-type: IDENTITY
+        # enable-AzPSSession: true
+
+    - name: Run Azure Cli
+      run: |
+        az account show
+
+    # - name: Run Azure PowerShell
+    #   uses: azure/powershell@v1.2.0
+    #   with:
+    #     azPSVersion: "latest"
+    #     inlineScript: |
+    #       Get-AzContext | Format-List