From 9ed7020deef3aa2b7c31a7c9d1d942cc2727c9e8 Mon Sep 17 00:00:00 2001
From: Erika Gressi <56914614+eriqua@users.noreply.github.com>
Date: Wed, 5 Feb 2025 16:34:40 +0100
Subject: [PATCH] feat: Remove `'avm/ptn/lz/sub-vending` from OIDC exeption
 list (#4304)

## Description

Removing `'avm/ptn/lz/sub-vending` from the list of modules requiring
service principal + secret authentication (OIDC exception)

## Pipeline Reference

<!-- Insert your Pipeline Status Badge below -->

| Pipeline |
| -------- |
|
[![avm.ptn.lz.sub-vending](https://github.com/Azure/bicep-registry-modules/actions/workflows/avm.ptn.lz.sub-vending.yml/badge.svg?branch=users%2Ferikag%2Foidc_sub&event=workflow_dispatch)](https://github.com/Azure/bicep-registry-modules/actions/workflows/avm.ptn.lz.sub-vending.yml)
|

## Type of Change

<!-- Use the checkboxes [x] on the options that are relevant. -->

- [ ] Update to CI Environment or utilities (Non-module affecting
changes)
- [ ] Azure Verified Module updates:
- [ ] Bugfix containing backwards-compatible bug fixes, and I have NOT
bumped the MAJOR or MINOR version in `version.json`:
- [ ] Someone has opened a bug report issue, and I have included "Closes
#{bug_report_issue_number}" in the PR description.
- [ ] The bug was found by the module author, and no one has opened an
issue to report it yet.
- [ ] Feature update backwards compatible feature updates, and I have
bumped the MINOR version in `version.json`.
- [ ] Breaking changes and I have bumped the MAJOR version in
`version.json`.
  - [ ] Update to documentation

## Checklist

- [ ] I'm sure there are no other open Pull Requests for the same
update/change
- [ ] I have run `Set-AVMModule` locally to generate the supporting
module files.
- [ ] My corresponding pipelines / checks run clean and green without
any errors or warnings

<!-- Please keep up to date with the contribution guide at
https://aka.ms/avm/contribute/bicep -->
---
 .../actions/templates/avm-validateModuleDeployment/action.yml  | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/.github/actions/templates/avm-validateModuleDeployment/action.yml b/.github/actions/templates/avm-validateModuleDeployment/action.yml
index dc2b3ff5a4..c26b7137e9 100644
--- a/.github/actions/templates/avm-validateModuleDeployment/action.yml
+++ b/.github/actions/templates/avm-validateModuleDeployment/action.yml
@@ -70,10 +70,9 @@ runs:
           # Grouping task logs
           Write-Output '::group::Set OIDC exception'
 
-          # List of modules requiring more that 1 hour to deploy and delete resources
+          # List of modules requiring service principal + secret authentication
           $modulePath = "${{ inputs.modulePath }}"
           $exceptionModulePaths = @(
-            'avm/ptn/lz/sub-vending'                             # Requires additional OIDC MSI permissions
             'avm/res/compute/image'                              # Failing on resource deletion when trying to delete RBAC at subscription level
             'avm/res/compute/disk'                               # Failing on resource deletion when trying to delete RBAC at subscription level
             'avm/ptn/virtual-machine-images/azure-image-builder' # Failing on resource deletion when trying to delete RBAC at subscription level