From 1faf7ed290fb01d3745f59ab178656bcf2ebd07f Mon Sep 17 00:00:00 2001
From: david steele <davidsteele@microsoft.com>
Date: Thu, 19 Sep 2024 10:59:30 +0100
Subject: [PATCH] Add github action workflows

---
 .github/workflows/ci.yml      | 15 +++++++++++++++
 .github/workflows/release.yml | 21 +++++++++++++++++++++
 .gitignore                    |  1 +
 azure_auth.py                 |  3 ++-
 4 files changed, 39 insertions(+), 1 deletion(-)
 create mode 100644 .github/workflows/ci.yml
 create mode 100644 .github/workflows/release.yml

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
new file mode 100644
index 0000000..bbdb07e
--- /dev/null
+++ b/.github/workflows/ci.yml
@@ -0,0 +1,15 @@
+name: CI
+
+on: [push, pull_request]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    container:
+      image: mcr.microsoft.com/cbl-mariner/base/core:2.0
+    steps:
+      - name: Install dependencies
+        run: unset HOME; tdnf install -y build-essential git tar rpm-build ca-certificates
+      - uses: actions/checkout@v2
+      - name: build
+        run: make rpm
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
new file mode 100644
index 0000000..14f44fa
--- /dev/null
+++ b/.github/workflows/release.yml
@@ -0,0 +1,21 @@
+name: release
+
+on: push
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    container:
+      image: mcr.microsoft.com/cbl-mariner/base/core:2.0
+    steps:
+      - name: Install dependencies
+        run: unset HOME; tdnf install -y build-essential git tar rpm-build ca-certificates
+      - uses: actions/checkout@v2
+      - name: build
+        run: make rpm
+      - name: Release
+        uses: softprops/action-gh-release@v1
+        if: startsWith(github.ref, 'refs/tags/')
+        with:
+          files: |
+            rpmbuild/RPMS/x86_64/*.rpm
diff --git a/.gitignore b/.gitignore
index 05bad85..bcc3cc7 100644
--- a/.gitignore
+++ b/.gitignore
@@ -159,3 +159,4 @@ cython_debug/
 #  and can be added to the global gitignore or merged into this file.  For a more nuclear
 #  option (not recommended) you can uncomment the following to ignore the entire idea folder.
 #.idea/
+rpmbuild/
diff --git a/azure_auth.py b/azure_auth.py
index 01e84ec..24b9054 100644
--- a/azure_auth.py
+++ b/azure_auth.py
@@ -85,7 +85,8 @@ def get_token():
             stdout=subprocess.PIPE,
         )
     except subprocess.CalledProcessError as e:
-        # Try again if we are running as sudo in case our user has permission but the sudo user doesn't.
+        # Upon an error if running as sudo try again without runuser in case our user
+        # has permission on the storage account but the sudo user doesn't.
         if "SUDO_USER" in os.environ:
             output = subprocess.run(
                 AZ_COMMAND,