From 1b1365e89b9fee27fcfe2c34d23fa6779b437ab2 Mon Sep 17 00:00:00 2001 From: Harmanpreet-Microsoft Date: Fri, 17 Apr 2026 18:06:13 +0530 Subject: [PATCH] fix: address PR review comments on workflow files - azure-dev.yml: Export derived RG name as AZURE_RESOURCE_GROUP (not RESOURCE_GROUP) so azd provision picks up the correct resource group when vars.AZURE_RESOURCE_GROUP is empty. - azd-template-validation.yml: Use secrets.AZURE_PRINCIPAL_ID instead of secrets.AZURE_CLIENT_ID as fallback for AZURE_PRINCIPAL_ID. Client ID is not the SP object ID and causes RBAC assignment failures. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --- .github/workflows/azd-template-validation.yml | 2 +- .github/workflows/azure-dev.yml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/azd-template-validation.yml b/.github/workflows/azd-template-validation.yml index d2e2abc..752ecfc 100644 --- a/.github/workflows/azd-template-validation.yml +++ b/.github/workflows/azd-template-validation.yml @@ -45,7 +45,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} TEMP: /tmp fabricCapacityMode: 'none' - AZURE_PRINCIPAL_ID: ${{ vars.PRINCIPAL_ID || secrets.AZURE_CLIENT_ID }} + AZURE_PRINCIPAL_ID: ${{ vars.PRINCIPAL_ID || secrets.AZURE_PRINCIPAL_ID }} AZURE_PRINCIPAL_TYPE: 'ServicePrincipal' - name: print result run: cat ${{ steps.validation.outputs.resultFile }} diff --git a/.github/workflows/azure-dev.yml b/.github/workflows/azure-dev.yml index 0e30910..631604c 100644 --- a/.github/workflows/azure-dev.yml +++ b/.github/workflows/azure-dev.yml @@ -83,8 +83,8 @@ jobs: echo "Resource group already exists: $RESOURCE_GROUP" fi - # Set for subsequent steps - echo "RESOURCE_GROUP=$RESOURCE_GROUP" >> $GITHUB_ENV + # Export as AZURE_RESOURCE_GROUP so azd provision picks up the correct RG + echo "AZURE_RESOURCE_GROUP=$RESOURCE_GROUP" >> $GITHUB_ENV - name: Provision Infrastructure id: provision-main