notification-controller icon indicating copy to clipboard operation
notification-controller copied to clipboard
verified publisher icon fluxcd

Azure DevOps provider support for workload identity connection

Open miqm opened this issue 1 year ago • 1 comments

Hello,

Similar to the flux source controller (https://github.com/fluxcd/flux2/tree/main/rfcs/0007-git-repo-passwordless-auth), I'd like the notification controller to support connecting to Azure DevOps with Workload Identity that is assigned to the flux's notification controller pod(s).

Optionally, we could allow providing a clientId of the identity (that has configured federation of course) so we can use different identities on different repository references.

miqm avatar Dec 19 '24 12:12 miqm

The same process described here can be used for the implementation, replacing the access scope by the scope of Azure DevOps which we already have here. The access token acquired by this process can be used in azuredevops.NewPatConnection(), like documented here.

Related RFC: https://github.com/fluxcd/flux2/pull/5209

matheuscscp avatar Mar 08 '25 12:03 matheuscscp