"Horde jobs utilizing remote compilation are automatically granted access via an injected token that’s set as an environment variable for each job step"
I’m not clear how this automagic injection process works. How does the build machine get authorization initially to have a token auto injected and who injects it? It seems like whatever that token is, it still reverts to the interactive login because I guess it is failing?
Re: auth configuration. I originally tried OIDC with an Azure app. I got that to work right up until the issue I saw posted in another thread where there is a ServerComputeClient failure because the server is processing the token as OIDC but it’s actually an internal Horder server token. I wasn’t clear how to fix this though from that thread. It seems to be related to the (to me) opaque process of this token. Everything else was working on my local machine though, including the UBA horde login step, and normal login to the horde server for interactive/dashboard.
I then switched to “Horde” authentication and I have the ACL definition set up properly, similar to what you posted, and it works perfectly on my local PC. However, as mentioned, it fails on the build machine because it can’t do an interactive login.