From 72195c60f1b9c21b69dd6e0f57763209db80b3d8 Mon Sep 17 00:00:00 2001 From: Simon Zhao Date: Sun, 29 Sep 2024 11:23:42 +0800 Subject: [PATCH] Use VM managed identity for login Signed-off-by: Simon Zhao --- .github/actions/azureml-test/action.yml | 11 ++++++++--- .github/workflows/azureml-cpu-nightly.yml | 5 +++-- .github/workflows/azureml-gpu-nightly.yml | 5 +++-- .github/workflows/azureml-spark-nightly.yml | 5 +++-- .github/workflows/azureml-unit-tests.yml | 5 +++-- 5 files changed, 20 insertions(+), 11 deletions(-) diff --git a/.github/actions/azureml-test/action.yml b/.github/actions/azureml-test/action.yml index 91a437719..6a292483f 100644 --- a/.github/actions/azureml-test/action.yml +++ b/.github/actions/azureml-test/action.yml @@ -15,9 +15,12 @@ inputs: TEST_KIND: required: true description: Type of test - unit or nightly - AZUREML_TEST_CREDENTIALS: + AZURE_VM_TENANT_ID: required: true - description: Credentials for AzureML login + description: Azure login VM tenant ID + AZURE_VM_SUBSCRIPTION_ID: + required: true + description: Azure login VM subscription ID AZUREML_TEST_SUBID: required: true description: AzureML subscription ID @@ -53,7 +56,9 @@ runs: - name: Log in to Azure uses: azure/login@v2 with: - creds: ${{ inputs.AZUREML_TEST_CREDENTIALS }} + auth-type: IDENTITY + tenant-id: ${{ inputs.AZURE_VM_TENANT_ID }} + subscription-id: ${{ inputs.AZURE_VM_SUBSCRIPTION_ID }} - name: Submit tests to AzureML shell: bash run: | diff --git a/.github/workflows/azureml-cpu-nightly.yml b/.github/workflows/azureml-cpu-nightly.yml index 89fc64757..4aefc63dd 100644 --- a/.github/workflows/azureml-cpu-nightly.yml +++ b/.github/workflows/azureml-cpu-nightly.yml @@ -63,7 +63,7 @@ jobs: execute-tests: needs: get-test-groups name: ${{ join(matrix.*, ', ') }} - runs-on: ubuntu-latest + runs-on: self-hosted strategy: max-parallel: 50 # Usage limits: https://docs.github.com/en/actions/learn-github-actions/usage-limits-billing-and-administration matrix: @@ -79,7 +79,8 @@ jobs: EXP_NAME: recommenders-nightly-${{ matrix.test-group }}-python${{ matrix.python-version }}-${{ github.ref }} ENV_NAME: recommenders-${{ github.sha }}-python${{ matrix.python-version }}${{ contains(matrix.test-group, 'gpu') && '-gpu' || '' }}${{ contains(matrix.test-group, 'spark') && '-spark' || '' }} TEST_KIND: 'nightly' - AZUREML_TEST_CREDENTIALS: ${{ secrets.AZUREML_TEST_CREDENTIALS }} + AZURE_VM_TENANT_ID: ${{ secrets.AZURE_VM_TENANT_ID }} + AZURE_VM_SUBSCRIPTION_ID: ${{ secrets.AZURE_VM_SUBSCRIPTION_ID }} AZUREML_TEST_SUBID: ${{ secrets.AZUREML_TEST_SUBID }} PYTHON_VERSION: ${{ matrix.python-version }} TEST_GROUP: ${{ matrix.test-group }} diff --git a/.github/workflows/azureml-gpu-nightly.yml b/.github/workflows/azureml-gpu-nightly.yml index 16e3e6ed2..1effb967d 100644 --- a/.github/workflows/azureml-gpu-nightly.yml +++ b/.github/workflows/azureml-gpu-nightly.yml @@ -63,7 +63,7 @@ jobs: execute-tests: needs: get-test-groups name: ${{ join(matrix.*, ', ') }} - runs-on: ubuntu-latest + runs-on: self-hosted strategy: max-parallel: 50 # Usage limits: https://docs.github.com/en/actions/learn-github-actions/usage-limits-billing-and-administration matrix: @@ -79,7 +79,8 @@ jobs: EXP_NAME: recommenders-nightly-${{ matrix.test-group }}-python${{ matrix.python-version }}-${{ github.ref }} ENV_NAME: recommenders-${{ github.sha }}-python${{ matrix.python-version }}${{ contains(matrix.test-group, 'gpu') && '-gpu' || '' }}${{ contains(matrix.test-group, 'spark') && '-spark' || '' }} TEST_KIND: 'nightly' - AZUREML_TEST_CREDENTIALS: ${{ secrets.AZUREML_TEST_CREDENTIALS }} + AZURE_VM_TENANT_ID: ${{ secrets.AZURE_VM_TENANT_ID }} + AZURE_VM_SUBSCRIPTION_ID: ${{ secrets.AZURE_VM_SUBSCRIPTION_ID }} AZUREML_TEST_SUBID: ${{ secrets.AZUREML_TEST_SUBID }} PYTHON_VERSION: ${{ matrix.python-version }} TEST_GROUP: ${{ matrix.test-group }} diff --git a/.github/workflows/azureml-spark-nightly.yml b/.github/workflows/azureml-spark-nightly.yml index 97789fccf..fd3275a83 100644 --- a/.github/workflows/azureml-spark-nightly.yml +++ b/.github/workflows/azureml-spark-nightly.yml @@ -62,7 +62,7 @@ jobs: execute-tests: needs: get-test-groups name: ${{ join(matrix.*, ', ') }} - runs-on: ubuntu-latest + runs-on: self-hosted strategy: max-parallel: 50 # Usage limits: https://docs.github.com/en/actions/learn-github-actions/usage-limits-billing-and-administration matrix: @@ -78,7 +78,8 @@ jobs: EXP_NAME: recommenders-nightly-${{ matrix.test-group }}-python${{ matrix.python-version }}-${{ github.ref }} ENV_NAME: recommenders-${{ github.sha }}-python${{ matrix.python-version }}${{ contains(matrix.test-group, 'gpu') && '-gpu' || '' }}${{ contains(matrix.test-group, 'spark') && '-spark' || '' }} TEST_KIND: 'nightly' - AZUREML_TEST_CREDENTIALS: ${{ secrets.AZUREML_TEST_CREDENTIALS }} + AZURE_VM_TENANT_ID: ${{ secrets.AZURE_VM_TENANT_ID }} + AZURE_VM_SUBSCRIPTION_ID: ${{ secrets.AZURE_VM_SUBSCRIPTION_ID }} AZUREML_TEST_SUBID: ${{ secrets.AZUREML_TEST_SUBID }} PYTHON_VERSION: ${{ matrix.python-version }} TEST_GROUP: ${{ matrix.test-group }} diff --git a/.github/workflows/azureml-unit-tests.yml b/.github/workflows/azureml-unit-tests.yml index ed3b5a98d..bfc0cdf3b 100644 --- a/.github/workflows/azureml-unit-tests.yml +++ b/.github/workflows/azureml-unit-tests.yml @@ -52,7 +52,7 @@ jobs: execute-tests: needs: get-test-groups name: ${{ join(matrix.*, ', ') }} - runs-on: ubuntu-latest + runs-on: self-hosted strategy: max-parallel: 50 # Usage limits: https://docs.github.com/en/actions/learn-github-actions/usage-limits-billing-and-administration matrix: @@ -68,7 +68,8 @@ jobs: EXP_NAME: recommenders-unit-${{ matrix.test-group }}-python${{ matrix.python-version }}-${{ github.sha }} ENV_NAME: recommenders-${{ github.sha }}-python${{ matrix.python-version }}${{ contains(matrix.test-group, 'gpu') && '-gpu' || '' }}${{ contains(matrix.test-group, 'spark') && '-spark' || '' }} TEST_KIND: 'unit' - AZUREML_TEST_CREDENTIALS: ${{ secrets.AZUREML_TEST_CREDENTIALS }} + AZURE_VM_TENANT_ID: ${{ secrets.AZURE_VM_TENANT_ID }} + AZURE_VM_SUBSCRIPTION_ID: ${{ secrets.AZURE_VM_SUBSCRIPTION_ID }} AZUREML_TEST_SUBID: ${{ secrets.AZUREML_TEST_SUBID }} PYTHON_VERSION: ${{ matrix.python-version }} TEST_GROUP: ${{ matrix.test-group }}