Merge branch 'master' into ganeshrockz/no-subscription-login

test changes
Merge branch 'ganeshrockz/no-subscription-login' of https://github.com/Azure/login into ganeshrockz/no-subscription-login
2026-03-15 09:20:56 -04:00 · 2020-10-30 16:39:39 +05:30 · 2020-10-30 16:38:45 +05:30 · 2020-10-30 16:32:31 +05:30 · 2020-10-30 16:30:10 +05:30 · 2020-10-22 09:59:54 +05:30
5 changed files with 98 additions and 155 deletions
--- a/README.md
+++ b/README.md
@@ -14,7 +14,7 @@ Get started today with a [free Azure account](https://azure.com/free/open-source

 With the Azure login Action, you can automate your workflow to do an Azure login using [Azure service principal](https://docs.microsoft.com/azure/active-directory/develop/app-objects-and-service-principals) and run Azure CLI and Azure PowerShell scripts.

-By default, the action only logs in with the Azure CLI (using the `az login` command). To log in with the Az PowerShell module, set `enable-AzPSSession` to true. To login to Azure tenants without any subscriptions, set the optional parameter `allow-no-subscriptions` to true.
+By default, the action only logs in with the Azure CLI (using the `az login` command). To log in with the Az PowerShell module, set `enable-AzPSSession` to true.

 This repository contains GitHub Action for [Azure Login](https://github.com/Azure/login/blob/master/action.yml).

@@ -130,29 +130,6 @@ The following steps describe how to create the service principal, assign the rol

 NOTE: to manage service principals created with `az ad sp create-for-rbac`, visit the [Azure portal](https://portal.azure.com), navigate to your Azure Active Directory, then select **Manage** > **App registrations** on the left-hand menu. Your service principal should appear in the list. Select a principal to navigate to its properties. You can also manage role assignments using the [az role assignment](https://docs.microsoft.com/cli/azure/role/assignment?view=azure-cli-latest) command.

-## Support for using `allow-no-subscriptions` flag with az login
-
-Capability has been added to support access to tenants without subscriptions. This can be useful to run tenant level commands, such as `az ad`. The action accepts an optional parameter `allow-no-subscriptions` which is `false` by default.
-
-```yaml
-# File: .github/workflows/workflow.yml
-
-on: [push]
-
-name: AzureLoginWithNoSubscriptions
-
-jobs:
-
-  build-and-deploy:
-    runs-on: ubuntu-latest
-    steps:
-
-    - uses: azure/login@v1
-      with:
-        creds: ${{ secrets.AZURE_CREDENTIALS }}
-        allow-no-subscriptions: true
-```
-
 # Contributing

 This project welcomes contributions and suggestions.  Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.
--- a/lib/PowerShell/ServicePrincipalLogin.js
+++ b/lib/PowerShell/ServicePrincipalLogin.js
@@ -25,12 +25,11 @@ const PowerShellToolRunner_1 = __importDefault(require("./Utilities/PowerShellTo
 const ScriptBuilder_1 = __importDefault(require("./Utilities/ScriptBuilder"));
 const Constants_1 = __importDefault(require("./Constants"));
 class ServicePrincipalLogin {
-    constructor(servicePrincipalId, servicePrincipalKey, tenantId, subscriptionId, allowNoSubscriptionsLogin) {
+    constructor(servicePrincipalId, servicePrincipalKey, tenantId, subscriptionId) {
        this.servicePrincipalId = servicePrincipalId;
        this.servicePrincipalKey = servicePrincipalKey;
        this.tenantId = tenantId;
        this.subscriptionId = subscriptionId;
-        this.allowNoSubscriptionsLogin = allowNoSubscriptionsLogin;
    }
    initialize() {
        return __awaiter(this, void 0, void 0, function* () {
@@ -55,8 +54,7 @@ class ServicePrincipalLogin {
                servicePrincipalKey: this.servicePrincipalKey,
                subscriptionId: this.subscriptionId,
                environment: ServicePrincipalLogin.environment,
-                scopeLevel: ServicePrincipalLogin.scopeLevel,
-                allowNoSubscriptionsLogin: this.allowNoSubscriptionsLogin
+                scopeLevel: ServicePrincipalLogin.scopeLevel
            };
            const script = new ScriptBuilder_1.default().getAzPSLoginScript(ServicePrincipalLogin.scheme, this.tenantId, args);
            yield PowerShellToolRunner_1.default.init();
--- a/lib/PowerShell/Utilities/ScriptBuilder.js
+++ b/lib/PowerShell/Utilities/ScriptBuilder.js
@@ -23,7 +23,7 @@ class ScriptBuilder {
            command += `Connect-AzAccount -ServicePrincipal -Tenant '${tenantId}' -Credential \
            (New-Object System.Management.Automation.PSCredential('${args.servicePrincipalId}',(ConvertTo-SecureString '${args.servicePrincipalKey.replace("'", "''")}' -AsPlainText -Force))) \
                -Environment '${args.environment}' | out-null;`;
-            if (args.scopeLevel === Constants_1.default.Subscription && !args.allowNoSubscriptionsLogin) {
+            if (args.scopeLevel === Constants_1.default.Subscription) {
                command += `Set-AzContext -SubscriptionId '${args.subscriptionId}' -TenantId '${tenantId}' | out-null;`;
            }
        }
--- a/lib/main.js
+++ b/lib/main.js
@@ -1,111 +1,89 @@
-"use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-var __importStar = (this && this.__importStar) || function (mod) {
-    if (mod && mod.__esModule) return mod;
-    var result = {};
-    if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) result[k] = mod[k];
-    result["default"] = mod;
-    return result;
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-const core = __importStar(require("@actions/core"));
-const exec = __importStar(require("@actions/exec"));
-const io = __importStar(require("@actions/io"));
-const actions_secret_parser_1 = require("actions-secret-parser");
-const ServicePrincipalLogin_1 = require("./PowerShell/ServicePrincipalLogin");
-var azPath;
-var prefix = !!process.env.AZURE_HTTP_USER_AGENT ? `${process.env.AZURE_HTTP_USER_AGENT}` : "";
-var azPSHostEnv = !!process.env.AZUREPS_HOST_ENVIRONMENT ? `${process.env.AZUREPS_HOST_ENVIRONMENT}` : "";
-function main() {
-    return __awaiter(this, void 0, void 0, function* () {
-        try {
-            // Set user agent variable
-            var isAzCLISuccess = false;
-            let usrAgentRepo = `${process.env.GITHUB_REPOSITORY}`;
-            let actionName = 'AzureLogin';
-            let userAgentString = (!!prefix ? `${prefix}+` : '') + `GITHUBACTIONS/${actionName}@v1_${usrAgentRepo}`;
-            let azurePSHostEnv = (!!azPSHostEnv ? `${azPSHostEnv}+` : '') + `GITHUBACTIONS/${actionName}@v1_${usrAgentRepo}`;
-            core.exportVariable('AZURE_HTTP_USER_AGENT', userAgentString);
-            core.exportVariable('AZUREPS_HOST_ENVIRONMENT', azurePSHostEnv);
-            azPath = yield io.which("az", true);
-            let output = "";
-            const options = {
-                listeners: {
-                    stdout: (data) => {
-                        output += data.toString();
-                    }
-                }
-            };
-            yield executeAzCliCommand("--version", true, options);
-            core.debug(`az cli version used:\n${output}`);
-            
-            let creds = core.getInput('creds', { required: true });
-            let secrets = new actions_secret_parser_1.SecretParser(creds, actions_secret_parser_1.FormatType.JSON);
-            let servicePrincipalId = secrets.getSecret("$.clientId", false);
-            let servicePrincipalKey = secrets.getSecret("$.clientSecret", true);
-            let tenantId = secrets.getSecret("$.tenantId", false);
-            let subscriptionId = secrets.getSecret("$.subscriptionId", false);
-            const enableAzPSSession = core.getInput('enable-AzPSSession').toLowerCase() === "true";
-            const allowNoSubscriptionsLogin = core.getInput('allow-no-subscriptions').toLowerCase() === "true";
-            
-            if (!servicePrincipalId || !servicePrincipalKey || !tenantId) {
-                throw new Error("Not all values are present in the creds object. Ensure clientId, clientSecret and tenantId are supplied.");
-            }
-            if (!subscriptionId && !allowNoSubscriptionsLogin) {
-                throw new Error("Not all values are present in the creds object. Ensure subscriptionId is supplied.");
-            }
-            // Attempting Az cli login
-            if (allowNoSubscriptionsLogin) {
-                yield executeAzCliCommand(`login --allow-no-subscriptions --service-principal -u "${servicePrincipalId}" -p "${servicePrincipalKey}" --tenant "${tenantId}"`, true);
-            }
-            else {
-                yield executeAzCliCommand(`login --service-principal -u "${servicePrincipalId}" -p "${servicePrincipalKey}" --tenant "${tenantId}"`, true);
-                yield executeAzCliCommand(`account set --subscription "${subscriptionId}"`, true);
-            }
-            isAzCLISuccess = true;
-            if (enableAzPSSession) {
-                // Attempting Az PS login
-                console.log(`Running Azure PS Login`);
-                const spnlogin = new ServicePrincipalLogin_1.ServicePrincipalLogin(servicePrincipalId, servicePrincipalKey, tenantId, subscriptionId, allowNoSubscriptionsLogin);
-                yield spnlogin.initialize();
-                yield spnlogin.login();
-            }
-            console.log("Login successful.");
-        }
-        catch (error) {
-            if (!isAzCLISuccess) {
-                core.error("Az CLI Login failed. Please check the credentials. For more information refer https://aka.ms/create-secrets-for-GitHub-workflows");
-            }
-            else {
-                core.error(`Azure PowerShell Login failed. Please check the credentials. For more information refer https://aka.ms/create-secrets-for-GitHub-workflows"`);
-            }
-            core.setFailed(error);
-        }
-        finally {
-            // Reset AZURE_HTTP_USER_AGENT
-            core.exportVariable('AZURE_HTTP_USER_AGENT', prefix);
-            core.exportVariable('AZUREPS_HOST_ENVIRONMENT', azPSHostEnv);
-        }
-    });
-}
-
-function executeAzCliCommand(command, silent, options = {}) {
-    return __awaiter(this, void 0, void 0, function* () {
-        options.silent = !!silent;
-        try {
-            yield exec.exec(`"${azPath}" ${command}`, [], options);
-        }
-        catch (error) {
-            throw new Error(error);
-        }
-    });
-}
-main();
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) result[k] = mod[k];
+    result["default"] = mod;
+    return result;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const core = __importStar(require("@actions/core"));
+const exec = __importStar(require("@actions/exec"));
+const io = __importStar(require("@actions/io"));
+const actions_secret_parser_1 = require("actions-secret-parser");
+const ServicePrincipalLogin_1 = require("./PowerShell/ServicePrincipalLogin");
+var azPath;
+var prefix = !!process.env.AZURE_HTTP_USER_AGENT ? `${process.env.AZURE_HTTP_USER_AGENT}` : "";
+var azPSHostEnv = !!process.env.AZUREPS_HOST_ENVIRONMENT ? `${process.env.AZUREPS_HOST_ENVIRONMENT}` : "";
+function main() {
+    return __awaiter(this, void 0, void 0, function* () {
+        try {
+            // Set user agent variable
+            var isAzCLISuccess = false;
+            let usrAgentRepo = `${process.env.GITHUB_REPOSITORY}`;
+            let actionName = 'AzureLogin';
+            let userAgentString = (!!prefix ? `${prefix}+` : '') + `GITHUBACTIONS/${actionName}@v1_${usrAgentRepo}`;
+            let azurePSHostEnv = (!!azPSHostEnv ? `${azPSHostEnv}+` : '') + `GITHUBACTIONS/${actionName}@v1_${usrAgentRepo}`;
+            core.exportVariable('AZURE_HTTP_USER_AGENT', userAgentString);
+            core.exportVariable('AZUREPS_HOST_ENVIRONMENT', azurePSHostEnv);
+            azPath = yield io.which("az", true);
+            yield executeAzCliCommand("--version");
+            let creds = core.getInput('creds', { required: true });
+            let secrets = new actions_secret_parser_1.SecretParser(creds, actions_secret_parser_1.FormatType.JSON);
+            let servicePrincipalId = secrets.getSecret("$.clientId", false);
+            let servicePrincipalKey = secrets.getSecret("$.clientSecret", true);
+            let tenantId = secrets.getSecret("$.tenantId", false);
+            let subscriptionId = secrets.getSecret("$.subscriptionId", false);
+            const enableAzPSSession = core.getInput('enable-AzPSSession').toLowerCase() === "true";
+            if (!servicePrincipalId || !servicePrincipalKey || !tenantId || !subscriptionId) {
+                throw new Error("Not all values are present in the creds object. Ensure clientId, clientSecret, tenantId and subscriptionId are supplied.");
+            }
+            // Attempting Az cli login
+            yield executeAzCliCommand(`login --service-principal -u "${servicePrincipalId}" -p "${servicePrincipalKey}" --tenant "${tenantId}"`, true);
+            yield executeAzCliCommand(`account set --subscription "${subscriptionId}"`, true);
+            isAzCLISuccess = true;
+            if (enableAzPSSession) {
+                // Attempting Az PS login
+                console.log(`Running Azure PS Login`);
+                const spnlogin = new ServicePrincipalLogin_1.ServicePrincipalLogin(servicePrincipalId, servicePrincipalKey, tenantId, subscriptionId);
+                yield spnlogin.initialize();
+                yield spnlogin.login();
+            }
+            console.log("Login successful.");
+        }
+        catch (error) {
+            if (!isAzCLISuccess) {
+                core.error("Az CLI Login failed. Please check the credentials. For more information refer https://aka.ms/create-secrets-for-GitHub-workflows");
+            }
+            else {
+                core.error(`Azure PowerShell Login failed. Please check the credentials. For more information refer https://aka.ms/create-secrets-for-GitHub-workflows"`);
+            }
+            core.setFailed(error);
+        }
+        finally {
+            // Reset AZURE_HTTP_USER_AGENT
+            core.exportVariable('AZURE_HTTP_USER_AGENT', prefix);
+            core.exportVariable('AZUREPS_HOST_ENVIRONMENT', azPSHostEnv);
+        }
+    });
+}
+function executeAzCliCommand(command, silent) {
+    return __awaiter(this, void 0, void 0, function* () {
+        try {
+            yield exec.exec(`"${azPath}" ${command}`, [], { silent: !!silent });
+        }
+        catch (error) {
+            throw new Error(error);
+        }
+    });
+}
+main();
--- a/src/main.ts
+++ b/src/main.ts
@@ -21,17 +21,8 @@ async function main() {
        core.exportVariable('AZUREPS_HOST_ENVIRONMENT', azurePSHostEnv);

        azPath = await io.which("az", true);
-        let output: string = "";
-        const options: any = {
-            listeners: {
-                stdout: (data: Buffer) => {
-                    output += data.toString();
-                }
-            }
-        };
-        await executeAzCliCommand("--version", true, options);
-        core.debug(`az cli version used:\n${output}`);
-    
+        await executeAzCliCommand("--version");
+
        let creds = core.getInput('creds', { required: true });
        let secrets = new SecretParser(creds, FormatType.JSON);
        let servicePrincipalId = secrets.getSecret("$.clientId", false);
@@ -79,14 +70,13 @@ async function main() {
    }
 }

-async function executeAzCliCommand(command: string, silent?: boolean, options: any = {}) {
-    options.silent = !!silent;
+async function executeAzCliCommand(command: string, silent?: boolean) {
    try {
-        await exec.exec(`"${azPath}" ${command}`, [],  options); 
+        await exec.exec(`"${azPath}" ${command}`, [],  {silent: !!silent}); 
    }
    catch(error) {
        throw new Error(error);
    }
 }

-main();
+main();
Author	SHA1	Message	Date
Ganeshrockz	0ea4c38d97	Merge branch 'master' into ganeshrockz/no-subscription-login	2020-10-30 16:39:39 +05:30
Ganeshrockz	1ba06e2c3a	test changes	2020-10-30 16:38:45 +05:30
Ganeshrockz	01ee4cac28	Merge branch 'ganeshrockz/no-subscription-login' of https://github.com/Azure/login into ganeshrockz/no-subscription-login	2020-10-30 16:32:31 +05:30
Ganeshrockz	2cd1bbfddf	added no subcriptions login support	2020-10-30 16:30:10 +05:30
aksm-ms	f25d384c17	Merge branch 'master' into ganeshrockz/no-subscription-login	2020-10-22 09:59:54 +05:30
Ganeshrockz	b1b178e95a	Added L0s	2020-10-20 16:49:38 +05:30
Ganesh S	db750ed598	Added no subscription support	2020-10-20 13:26:18 +05:30