Added credentials utility to use github-set environment variables for service principal for pulumi deployment

ProgrammerAL · ProgrammerAL · commit 153f85329c0f · 2024-09-16T23:01:55.000-04:00
diff --git a/infra/pulumi-infra-deploy/Program.cs b/infra/pulumi-infra-deploy/Program.cs
@@ -9,9 +9,11 @@
 using ProgrammerAl.Site.IaC.Config.GlobalConfigs;
 using ProgrammerAl.Site.IaC.StackBuilders.StorageApi;
 using ProgrammerAl.Site.IaC.StackBuilders.RouteFilterWorker;
+using ProgrammerAl.Site.IaC.Utilities;
 
 return await Pulumi.Deployment.RunAsync(async () =>
 {
+    CredentialsUtilities.SetCredentialEnvironmentVariables();
     var clientConfig = await Pulumi.AzureNative.Authorization.GetClientConfig.InvokeAsync();
 
     var config = new Config();
diff --git a/infra/pulumi-infra-deploy/Utilities/CredentialsUtilities.cs b/infra/pulumi-infra-deploy/Utilities/CredentialsUtilities.cs
@@ -0,0 +1,34 @@
+﻿using Pulumi;
+using Pulumi.AzureNative.KeyVault;
+using Pulumi.AzureNative.Storage;
+
+using System;
+
+namespace ProgrammerAl.Site.IaC.Utilities;
+
+public static class CredentialsUtilities
+{
+    /// <summary>
+    /// We use the `DefaultCredential` class for authenticating against Azure
+    /// The `EnvironmentCredential` uses the AZURE_* environment variables to know what Service Principal to use
+    /// But when using Pulumi in GitHub we have to set the same variables under the `ARM_*` names
+    /// So create the AZURE_* variables from the ARM_* variables if needed
+    /// </summary>
+    public static void SetCredentialEnvironmentVariables()
+    {
+        var clientId = Environment.GetEnvironmentVariable("ARM_CLIENT_ID");
+        var clientSecret = Environment.GetEnvironmentVariable("ARM_CLIENT_SECRET");
+        var tenantId = Environment.GetEnvironmentVariable("ARM_TENANT_ID");
+
+        if (!string.IsNullOrWhiteSpace(clientId)
+            && !string.IsNullOrWhiteSpace(clientSecret)
+            && !string.IsNullOrWhiteSpace(tenantId))
+        {
+            Log.Info($"ARM_* environment variables set. Creating AZURE_* environment variables for use with the `EnvironmentCredential` class");
+
+            Environment.SetEnvironmentVariable("AZURE_CLIENT_ID", clientId);
+            Environment.SetEnvironmentVariable("AZURE_CLIENT_SECRET", clientSecret);
+            Environment.SetEnvironmentVariable("AZURE_TENANT_ID", tenantId);
+        }
+    }
+}
