Skip to content

Support protected files and some input cleanup #39

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Aug 18, 2025
Merged

Support protected files and some input cleanup #39

merged 4 commits into from
Aug 18, 2025

Conversation

kuthiala
Copy link
Contributor

@kuthiala kuthiala commented Jul 18, 2025
edited
Loading

This change adds support for the protected files
feature supported by NGINXaaS. Users can give a new optional
input called protected-files that contains a comma
separated list of all the files that need to be marked
as protected. For more information, visit:
https://docs.nginx.com/nginxaas/azure/getting-started/nginx-configuration/nginx-configuration-portal/#add-an-nginx-configuration

Testing done:

  1. Used a service principal with Contributor role only over the NGINXaaS deployment.
  2. Updated an NGINXaaS deployment config with and without protected files.
  3. Updated an NGINXaaS deployment config with and without certificates.
  4. Tested this version of the action with the above combinations from an independent repo to test real world invocations.

@kuthiala kuthiala force-pushed the main branch 2 times, most recently from 7abd52e to f9dbec3 Compare July 18, 2025 21:26
@kuthiala kuthiala changed the title Draft: Support protected files and remove need for rg permissions for service principal Draft: Remove Azure pipeline task. Support protected files and remove need for rg permissions for service principal Jul 18, 2025
amudukutore
amudukutore reviewed Jul 22, 2025
View reviewed changes
Copy link
Contributor

@amudukutore amudukutore left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@kuthiala - given that these are both substantial changes (splitting up Actions and Azure pipeline, replace ARM templates with Azure CLI), I'd recommend creating separate MRs for these so we can discuss each one on it's merits (unless you feel there is a strong coupling in which case, I'd still prefer them to be separate but maybe sequenced in the right order). Also, when removing support for Azure pipelines, are you considering moving that to a separate repository or just removing it entirely? I'm not sure if we have customers actively using this (can we tell?) but I'd prefer we move this rather than removing it.

puneetsarna
puneetsarna reviewed Jul 22, 2025
View reviewed changes
puneetsarna
puneetsarna reviewed Jul 22, 2025
View reviewed changes
puneetsarna
puneetsarna reviewed Jul 22, 2025
View reviewed changes
puneetsarna
puneetsarna reviewed Jul 22, 2025
View reviewed changes
puneetsarna
puneetsarna reviewed Jul 22, 2025
View reviewed changes
puneetsarna
puneetsarna reviewed Jul 22, 2025
View reviewed changes
puneetsarna
puneetsarna reviewed Jul 22, 2025
View reviewed changes
puneetsarna
puneetsarna reviewed Jul 22, 2025
View reviewed changes
puneetsarna
puneetsarna reviewed Jul 22, 2025
View reviewed changes
@kuthiala kuthiala force-pushed the main branch 3 times, most recently from 09c8a09 to ac4ab39 Compare August 8, 2025 00:50
@kuthiala kuthiala changed the title Draft: Remove Azure pipeline task. Support protected files and remove need for rg permissions for service principal Support protected files and some input cleanup Aug 8, 2025
@kuthiala kuthiala force-pushed the main branch 8 times, most recently from 76a3797 to 5b90df0 Compare August 13, 2025 19:02
amudukutore
amudukutore reviewed Aug 13, 2025
View reviewed changes
Copy link
Contributor

@amudukutore amudukutore left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@kuthiala - these changes look good to me. I'll defer to @puneetsarna for final approval. What testing did you run on these changes? Can you please describe that in the PR description?

puneetsarna
puneetsarna reviewed Aug 13, 2025
View reviewed changes
@kuthiala kuthiala force-pushed the main branch 2 times, most recently from 97296e1 to a402007 Compare August 15, 2025 20:39
@kuthiala
protected files support and input cleanup in deploy-config.sh
ee54766 
This change also adds support for the protected files
feature supported by NGINXaaS. Users can give a new optional
input called protected-files that contains a comma
separated list of all the files that need to be marked
as protected. For more information, visit:
https://docs.nginx.com/nginxaas/azure/getting-started/nginx-configuration/nginx-configuration-portal/#add-an-nginx-configuration
@kuthiala
Input cleanup in deploy-certificate.sh
bcc5ca9 
This brings deploy-certificate.sh up to
parity with the input validation changes
made in deploy-config.sh. Adds some more
input validation for certificate parameters.
@kuthiala
restore previous action name
c08eec9
@kuthiala
update README.md to reflect new version of the action
3fd6364
@kuthiala kuthiala merged commit a0d07f7 into nginxinc:main Aug 18, 2025
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@amudukutore amudukutore amudukutore approved these changes

@puneetsarna puneetsarna puneetsarna approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@kuthiala @amudukutore @puneetsarna