Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Pipelines] Pipeline use federated credential #3036

Merged
merged 24 commits into from
May 9, 2024
Merged

[Pipelines] Pipeline use federated credential #3036

Show file tree
Hide file tree
Changes from 5 commits
Commits
Show all changes
24 commits
Select commit Hold shift + click to select a range
2c1b5c1
Fix Core
crazygao Apr 26, 2024
357a945
Fix
crazygao Apr 26, 2024
308cf06
Fix
crazygao Apr 26, 2024
4fd94e5
Fix
crazygao May 6, 2024
8dac6f8
Fix
crazygao May 6, 2024
4a64491
Fix pipelines
crazygao May 7, 2024
9412538
Fix
crazygao May 7, 2024
0329881
Fix
crazygao May 7, 2024
05dac2d
Fix
crazygao May 7, 2024
4494645
Fix
crazygao May 7, 2024
40276ce
Fix
crazygao May 7, 2024
9e09eff
Fix
crazygao May 7, 2024
feb7c61
Fix
crazygao May 7, 2024
be547db
Fix
crazygao May 8, 2024
2ef2db0
Nit Fix
crazygao May 8, 2024
a9801d4
Fix
crazygao May 8, 2024
baddc69
Fix
crazygao May 8, 2024
12cb0e2
Fix
crazygao May 8, 2024
1e59bfa
Fix
crazygao May 8, 2024
ae99b74
Fix
crazygao May 9, 2024
9305234
Fix
crazygao May 9, 2024
ce8b806
Fix
crazygao May 9, 2024
76ea6d0
Merge branch 'main' into yigao/pipeline_az_login
crazygao May 9, 2024
f6fc8d6
Fix
crazygao May 9, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 10 additions & 4 deletions .github/workflows/build_msi_installer.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,10 @@ on:
required: false
description: 'Set the version of the private msi installer'

permissions:
id-token: write
contents: read

env:
packageSetupType: promptflow_with_extra
testWorkingDirectory: src/promptflow
Expand All @@ -29,7 +33,8 @@ jobs:
build_msi_installer:
runs-on: windows-latest
name: Build Windows MSI

environment:
internal
steps:
- name: Check input parameters
run: |
Expand Down Expand Up @@ -173,10 +178,11 @@ jobs:
msbuild /t:rebuild /p:Configuration=Release /p:Platform=x64 promptflow.wixproj
shell: pwsh

- name: Azure Login
uses: azure/login@v1
- uses: azure/login@v2
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
subscription-id: ${{secrets.AZURE_SUBSCRIPTION_ID}}
tenant-id: ${{secrets.AZURE_TENANT_ID}}
client-id: ${{secrets.AZURE_CLIENT_ID}}

- name: Download JSON file from Azure Blob Storage
id: download-json
Expand Down
21 changes: 17 additions & 4 deletions .github/workflows/promptflow-core-test.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,9 +15,16 @@ env:
TRACING_DIRECTORY: ${{ github.workspace }}/src/promptflow-tracing
WORKING_DIRECTORY: ${{ github.workspace }}/src/promptflow-core
RECORD_DIRECTORY: ${{ github.workspace }}/src/promptflow-recording
PROMPTFLOW_DIRECTORY: ${{ github.workspace }}/src/promptflow

permissions:
id-token: write
contents: read

jobs:
core_test:
environment:
internal
strategy:
matrix:
os: [ubuntu-latest]
Expand Down Expand Up @@ -48,9 +55,11 @@ jobs:
echo "PROMPT_FLOW_TEST_MODE=$(if [[ "${{ github.event_name }}" == "pull_request" ]]; then echo replay; else echo live; fi)" >> $GITHUB_ENV
- name: Azure login (non pull_request workflow)
if: github.event_name != 'pull_request'
uses: azure/login@v1
uses: azure/login@v2
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
subscription-id: ${{secrets.AZURE_SUBSCRIPTION_ID}}
tenant-id: ${{secrets.AZURE_TENANT_ID}}
client-id: ${{secrets.AZURE_CLIENT_ID}}
- name: generate live test resources (non pull_request workflow)
if: github.event_name != 'pull_request'
uses: "./.github/actions/step_generate_configs"
Expand All @@ -73,6 +82,8 @@ jobs:
${{ env.WORKING_DIRECTORY }}/core/htmlcov/

azureml_serving_test:
environment:
internal
strategy:
matrix:
os: [ubuntu-latest]
Expand Down Expand Up @@ -100,9 +111,11 @@ jobs:
echo "PROMPT_FLOW_TEST_MODE=$(if [[ "${{ github.event_name }}" == "pull_request" ]]; then echo replay; else echo live; fi)" >> $GITHUB_ENV
- name: Azure login (non pull_request workflow)
if: github.event_name != 'pull_request'
uses: azure/login@v1
uses: azure/login@v2
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
subscription-id: ${{secrets.AZURE_SUBSCRIPTION_ID}}
tenant-id: ${{secrets.AZURE_TENANT_ID}}
client-id: ${{secrets.AZURE_CLIENT_ID}}
- name: generate live test resources (non pull_request workflow)
if: github.event_name != 'pull_request'
uses: "./.github/actions/step_generate_configs"
Expand Down
14 changes: 12 additions & 2 deletions .github/workflows/promptflow-executor-e2e-test.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,11 @@ env:
PYTHONPATH: ${{ github.workspace }}/src/promptflow
IS_IN_CI_PIPELINE: "true"
RECORD_DIRECTORY: ${{ github.workspace }}/src/promptflow-recording

permissions:
id-token: write
contents: read

jobs:
authorize:
environment:
Expand Down Expand Up @@ -75,12 +80,15 @@ jobs:
path: |
${{ github.workspace }}/src/promptflow/dist/*.whl
${{ github.workspace }}/src/promptflow-tools/dist/*.whl

executor_e2e_tests:
needs: build
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest]
environment:
internal
runs-on: ${{ matrix.os }}
steps:
- name: Set test mode
Expand Down Expand Up @@ -120,9 +128,11 @@ jobs:
pip install .
working-directory: ${{ env.RECORD_DIRECTORY }}
- name: Azure Login
uses: azure/login@v1
uses: azure/login@v2
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
subscription-id: ${{secrets.AZURE_SUBSCRIPTION_ID}}
tenant-id: ${{secrets.AZURE_TENANT_ID}}
client-id: ${{secrets.AZURE_CLIENT_ID}}
- name: Generate Configs
uses: "./.github/actions/step_generate_configs"
with:
Expand Down
13 changes: 10 additions & 3 deletions .github/workflows/promptflow-executor-unit-test.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,9 @@ on:
- scripts/building/**
- .github/workflows/promptflow-executor-unit-test.yml
workflow_dispatch:
permissions:
id-token: write
contents: read
env:
packageSetupType: promptflow_with_extra
testWorkingDirectory: ${{ github.workspace }}/src/promptflow
Expand Down Expand Up @@ -77,6 +80,8 @@ jobs:
${{ github.workspace }}/src/promptflow-tools/dist/*.whl
executor_unit_tests:
needs: build
environment:
internal
strategy:
fail-fast: false
matrix:
Expand Down Expand Up @@ -125,9 +130,11 @@ jobs:
pip install .
working-directory: ${{ env.RECORD_DIRECTORY }}
- name: Azure Login
uses: azure/login@v1
uses: azure/login@v2
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
subscription-id: ${{secrets.AZURE_SUBSCRIPTION_ID}}
tenant-id: ${{secrets.AZURE_TENANT_ID}}
client-id: ${{secrets.AZURE_CLIENT_ID}}
- name: Generate Configs
uses: "./.github/actions/step_generate_configs"
with:
Expand Down Expand Up @@ -186,4 +193,4 @@ jobs:
pythonVersion: 3.9
coverageThreshold: 50
token: ${{ secrets.GITHUB_TOKEN }}
context: test/executor_unit
context: test/executor_unit
11 changes: 9 additions & 2 deletions .github/workflows/promptflow-global-config-test.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,9 @@ on:
- scripts/building/**
- .github/workflows/promptflow-global-config-test.yml
workflow_dispatch:
permissions:
id-token: write
contents: read
env:
IS_IN_CI_PIPELINE: "true"
RECORD_DIRECTORY: ${{ github.workspace }}/src/promptflow-recording
Expand All @@ -33,6 +36,8 @@ jobs:
- run: true
sdk_cli_global_config_tests:
needs: authorize
environment:
internal
strategy:
fail-fast: false
matrix:
Expand Down Expand Up @@ -77,9 +82,11 @@ jobs:
poetry run pip show promptflow-azure
poetry run pip show promptflow-tools
- name: Azure Login
uses: azure/login@v1
uses: azure/login@v2
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
subscription-id: ${{secrets.AZURE_SUBSCRIPTION_ID}}
tenant-id: ${{secrets.AZURE_TENANT_ID}}
client-id: ${{secrets.AZURE_CLIENT_ID}}
- name: Install Azure Login items
working-directory: ${{ env.WORKING_DIRECTORY }}
run: |
Expand Down
36 changes: 28 additions & 8 deletions .github/workflows/promptflow-release-testing-matrix.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,10 @@ env:
RECORD_DIRECTORY: ${{ github.workspace }}/src/promptflow-recording
PROMPT_FLOW_WORKSPACE_NAME: "promptflow-eastus"

permissions:
id-token: write
contents: read

jobs:
id:
runs-on: ubuntu-latest
Expand Down Expand Up @@ -123,6 +127,8 @@ jobs:
promptflow_core_tests:
if: ${{ github.event_name == 'workflow_dispatch' || github.event_name == 'workflow_call' || github.event_name == 'pull_request' }}
needs: build
environment:
internal
env:
PROMPT_FLOW_TEST_MODE: "live"
WORKING_DIRECTORY: ${{ github.workspace }}/src/promptflow-core
Expand All @@ -148,9 +154,11 @@ jobs:
name: wheel
path: ${{ env.WORKING_DIRECTORY }}/artifacts
- name: Azure Login
uses: azure/login@v1
uses: azure/login@v2
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
subscription-id: ${{secrets.AZURE_SUBSCRIPTION_ID}}
tenant-id: ${{secrets.AZURE_TENANT_ID}}
client-id: ${{secrets.AZURE_CLIENT_ID}}
- name: Generate Configs
uses: "./.github/actions/step_generate_configs"
with:
Expand Down Expand Up @@ -226,6 +234,8 @@ jobs:
promptflow_devkit_tests:
if: ${{ github.event_name == 'workflow_dispatch' || github.event_name == 'workflow_call' || github.event_name == 'pull_request' }}
needs: build
environment:
internal
env:
PROMPT_FLOW_TEST_MODE: "live"
WORKING_DIRECTORY: ${{ github.workspace }}/src/promptflow-devkit
Expand All @@ -251,9 +261,11 @@ jobs:
name: wheel
path: ${{ env.WORKING_DIRECTORY }}/artifacts
- name: Azure Login
uses: azure/login@v1
uses: azure/login@v2
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
subscription-id: ${{secrets.AZURE_SUBSCRIPTION_ID}}
tenant-id: ${{secrets.AZURE_TENANT_ID}}
client-id: ${{secrets.AZURE_CLIENT_ID}}
- name: Generate Configs
uses: "./.github/actions/step_generate_configs"
with:
Expand Down Expand Up @@ -283,6 +295,8 @@ jobs:

promptflow_azure_tests:
needs: build
environment:
internal
strategy:
fail-fast: false
matrix:
Expand All @@ -309,9 +323,11 @@ jobs:
name: wheel
path: ${{ env.WORKING_DIRECTORY }}/artifacts
- name: Azure Login
uses: azure/login@v1
uses: azure/login@v2
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
subscription-id: ${{secrets.AZURE_SUBSCRIPTION_ID}}
tenant-id: ${{secrets.AZURE_TENANT_ID}}
client-id: ${{secrets.AZURE_CLIENT_ID}}
- name: Generate Configs
uses: "./.github/actions/step_generate_configs"
with:
Expand Down Expand Up @@ -344,6 +360,8 @@ jobs:
promptflow_executor_tests:
if: ${{ github.event_name == 'workflow_dispatch' || github.event_name == 'workflow_call' || github.event_name == 'pull_request' }}
needs: build
environment:
internal
env:
testWorkingDirectory: src/promptflow
strategy:
Expand Down Expand Up @@ -374,9 +392,11 @@ jobs:
pip install -e .
working-directory: ${{ env.RECORD_DIRECTORY }}
- name: Azure Login
uses: azure/login@v1
uses: azure/login@v2
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
subscription-id: ${{secrets.AZURE_SUBSCRIPTION_ID}}
tenant-id: ${{secrets.AZURE_TENANT_ID}}
client-id: ${{secrets.AZURE_CLIENT_ID}}
- name: Generate Configs
uses: "./.github/actions/step_generate_configs"
with:
Expand Down
13 changes: 10 additions & 3 deletions .github/workflows/promptflow-sdk-cli-test.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,9 @@ on:
required: true
default: "./tests/sdk_cli_test ./tests/sdk_pfs_test"
type: string
permissions:
id-token: write
contents: read
env:
IS_IN_CI_PIPELINE: "true"
RECORD_DIRECTORY: ${{ github.workspace }}/src/promptflow-recording
Expand All @@ -33,6 +36,8 @@ jobs:
matrix:
os: [ubuntu-latest]
pythonVersion: ['3.8', '3.9', '3.10', '3.11']
environment:
internal
runs-on: ${{ matrix.os }}
steps:
- name: set test mode
Expand All @@ -56,9 +61,11 @@ jobs:
working-directory: ${{ env.WORKING_DIRECTORY }}
- name: Azure login (non pull_request workflow)
if: github.event_name != 'pull_request'
uses: azure/login@v1
uses: azure/login@v2
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
subscription-id: ${{secrets.AZURE_SUBSCRIPTION_ID}}
tenant-id: ${{secrets.AZURE_TENANT_ID}}
client-id: ${{secrets.AZURE_CLIENT_ID}}
- name: generate live test resources (non pull_request workflow)
if: github.event_name != 'pull_request'
uses: "./.github/actions/step_generate_configs"
Expand Down Expand Up @@ -113,4 +120,4 @@ jobs:
osVersion: ubuntu-latest
pythonVersion: 3.9
coverageThreshold: 40
context: test/sdk_cli
context: test/sdk_cli
4 changes: 4 additions & 0 deletions .github/workflows/promptflow-tracing-e2e-test.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,10 @@ env:
WORKING_DIRECTORY: ${{ github.workspace }}/src/promptflow-tracing
RECORD_DIRECTORY: ${{ github.workspace }}/src/promptflow-recording

permissions:
id-token: write
contents: read

jobs:
build:
runs-on: ubuntu-latest
Expand Down
12 changes: 10 additions & 2 deletions .github/workflows/samples_configuration.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,9 +15,15 @@ on:
env:
IS_IN_CI_PIPELINE: "true"

permissions:
id-token: write
contents: read

jobs:
samples_configuration:
runs-on: ubuntu-latest
environment:
internal
steps:
- name: Checkout repository
uses: actions/checkout@v4
Expand All @@ -28,9 +34,11 @@ jobs:
if: github.event_name != 'schedule'
run: echo '${{ secrets.EXAMPLE_WORKSPACE_CONFIG_JSON_PROD }}' > ${{ github.workspace }}/examples/config.json
- name: Azure Login
uses: azure/login@v1
uses: azure/login@v2
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
subscription-id: ${{secrets.AZURE_SUBSCRIPTION_ID}}
tenant-id: ${{secrets.AZURE_TENANT_ID}}
client-id: ${{secrets.AZURE_CLIENT_ID}}
- name: Setup Python 3.9 environment
uses: actions/setup-python@v4
with:
Expand Down
Loading
Loading