Check Azure Permissions #4

	name: Check Azure Permissions

	on:
	workflow_dispatch:
	inputs:
	SUBSCRIPTION_ID:
	description: 'Subscription ID'
	required: true
	ACR_NAME:
	description: 'ACR Name'
	required: true
	RESOURCE_GROUP:
	description: 'Resource Group'
	required: true

	jobs:
	build:
	runs-on: ubuntu-latest
	env:
	AZURE_CLIENT_ID: ${{ secrets.APP2_AZURE_CLIENT_ID }}
	AZURE_CLIENT_SECRET: ${{ secrets.APP2_AZURE_CLIENT_SECRET }}
	AZURE_TENANT_ID: ${{ secrets.APP2_AZURE_TENANT_ID }}
	SUBSCRIPTION_ID: ${{ github.event.inputs.SUBSCRIPTION_ID }}
	ACR_NAME: ${{ github.event.inputs.ACR_NAME }}
	RESOURCE_GROUP: ${{ github.event.inputs.RESOURCE_GROUP }}

	steps:
	- name: Checkout Repository Content
	uses: actions/checkout@v3

	- name: Construct Azure Credentials
	id: construct_creds
	run: \|
	echo "{\"clientId\":\"${{ secrets.APP2_AZURE_CLIENT_ID }}\",\"clientSecret\":\"${{ secrets.APP2_AZURE_CLIENT_SECRET }}\",\"subscriptionId\":\"${{ secrets.AZURE_SUBSCRIPTION_ID }}\",\"tenantId\":\"${{ secrets.APP2_AZURE_TENANT_ID }}\"}" > azure_credentials.json
	echo "AZURE_CREDENTIALS=$(cat azure_credentials.json)" >> $GITHUB_ENV

	- name: Azure Login
	uses: azure/login@v1

	- name: Check the role
	env:
	APP_ID: ${{ env.AZURE_CLIENT_ID }}
	SUBSCRIPTION_ID: ${{ env.SUBSCRIPTION_ID }}
	RESOURCE_GROUP: ${{ env.RESOURCE_GROUP }}
	ACR_NAME: ${{ env.ACR_NAME }}
	run: \|
	az role assignment list --assignee $APP_ID --scope /subscriptions/$SUBSCRIPTION_ID/resourceGroups/$RESOURCE_GROUP/providers/Microsoft.ContainerRegistry/registries/$ACR_NAME

Provide feedback