nodejs
Provide BuildWG access to Azure Portal for OpenJS Foundation subscription
We're now running the unencrypted server, and the 3 ARM vms' on the subscription that the OpenJS foundation has with Azure (had available credits).
As of right now, myself and Ben are the only ones who have access to that Tenant and the subscription contained therein.
Im very much trying to avoid the "share a login and creds in the secrets repo that everybody uses" for granting access to that portal, and would instead try to grant access to individual accounts.
I've made some attempts to see if it were possible to use OIDC for the SSO (using github as the IdP), much like we do with the Jenkins server (membership in github groups determine permissions/grants access), but so far Im not finding a good way to do that.
Given how infrequently Build WG members come and go, perhaps we just add a step to onboarding to grant access in the portal by invitation. Not as slick, and manual, but maybe not worth the automation effort.
Discussed today, we will add folks manually or create a shared service account.
