kubelogin is required for authentication to AKS cluster with Azure RBAC. It relies on environment variables to use a service principal.
This action uses set-arm-environment-variables to set the environment variables suitable for running Terraform, adds the kubelogin specific variables, and installs kubelogin itself.
Federated credentials must be set up to allow the action to authenticate to Azure and kubernetes
azure-credentials: A JSON string containing service principal credentials e.g. {“client_id”: “x”, “client_secret”: “x”, “subscription_id”: “x”, “tenant_id”: “x”}azure-client-id: Azure service principal or managed identity client ID when using OIDCazure-subscription-id: Azure service principal or managed identity subscription ID when using OIDCazure-tenant-id: Azure service principal or managed identity tenant ID when using OIDC- name: Set kubelogin environment
uses: DFE-Digital/github-actions/set-kubelogin-environment@master
with:
azure-client-id: $
azure-subscription-id: $
azure-tenant-id: $