Skip to content

Migrate integration tests from GitHub workflow to Azure pipeline#330

Merged
robgruen merged 1 commit into
mainfrom
dev/robgruen/azure_pipeline
Jun 24, 2026
Merged

Migrate integration tests from GitHub workflow to Azure pipeline#330
robgruen merged 1 commit into
mainfrom
dev/robgruen/azure_pipeline

Conversation

@robgruen

Copy link
Copy Markdown
Contributor

This pull request migrates the integration test workflow from GitHub Actions to Azure Pipelines, enhancing security and aligning with Azure DevOps best practices. The new pipeline leverages Azure Workload Identity Federation (WIF) for authentication, eliminating the need to store or manage API keys or client secrets. It also adapts the workflow to Azure Pipelines conventions and requirements.

Migration from GitHub Actions to Azure Pipelines:

  • Removed: The entire .github/workflows/integration_tests.yml GitHub Actions workflow, which previously handled integration test runs, permission checks, and Azure authentication using secrets.
  • Added: A new pipelines/azure-integration-tests.yml Azure Pipelines configuration that:
    • Builds and tests the code using Azure Pipelines jobs and steps.
    • Authenticates to Azure using Workload Identity Federation (WIF) instead of API keys, improving security and simplifying secret management.
    • Removes fork-PR permission gating and manual Azure CLI installation, as these are unnecessary with WIF and Azure-hosted agents.

Pipeline and Authentication Improvements:

  • The pipeline now uses an Azure Resource Manager service connection configured for WIF, with all secrets managed by Azure and access governed by RBAC and pipeline authorization.
  • Integration tests are run with environment variables set for endpoint, model, and authentication, and use the "identity" keyword to trigger DefaultAzureCredential authentication.

Scheduling and Branch Protection:

  • Nightly test runs are scheduled via Azure Pipelines, matching the previous GitHub Actions cron schedule.
  • Instructions are provided to set up branch protection using the Azure Pipeline as a required status check, replacing the GitHub merge_group feature.

Test Result Publishing:

  • Test results are published using Azure Pipelines tasks, ensuring visibility of test outcomes within Azure DevOps.

@robgruen robgruen requested a review from a team as a code owner June 24, 2026 16:50
@robgruen robgruen merged commit 0d7486b into main Jun 24, 2026
6 of 7 checks passed
@robgruen robgruen deleted the dev/robgruen/azure_pipeline branch June 24, 2026 16:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant