Add worklaod identity as option for schema manager (#4766)

* Add worklaod identity as option for schema manager

* remove incorrect test file

* move resources to correct location

src/Microsoft.Health.Fhir.SchemaManager/ApplyCommand.cs

@@ -31,6 +31,7 @@ public ApplyCommand(
         AddOption(CommandOptions.ConnectionStringOption());
         AddOption(CommandOptions.ManagedIdentityClientIdOption());
         AddOption(CommandOptions.AuthenticationTypeOption());
+        AddOption(CommandOptions.EnableWorkloadIdentityOptions());
         AddOption(CommandOptions.VersionOption());
         AddOption(CommandOptions.NextOption());
         AddOption(CommandOptions.LatestOption());

src/Microsoft.Health.Fhir.SchemaManager/CommandCollectionExtensions.cs

@@ -61,6 +61,8 @@ public static IConfigurationBuilder AddSchemaCommandLine(this IConfigurationBuil
             { OptionAliases.ManagedIdentityClientId, OptionAliases.ManagedIdentityClientId },
             { OptionAliases.AuthenticationType, OptionAliases.AuthenticationType },
             { OptionAliases.Version, OptionAliases.Version },
+            { OptionAliases.EnableWorkloadIdentityShort, OptionAliases.EnableWorkloadIdentity },
+            { OptionAliases.EnableWorkloadIdentity, OptionAliases.EnableWorkloadIdentity },
         };
 
         configurationBuilder.AddCommandLine(args, switchMappings);

src/Microsoft.Health.Fhir.SchemaManager/CommandOptions.cs

@@ -53,6 +53,20 @@ public static Option AuthenticationTypeOption()
         return authenticationTypeOption;
     }
 
+    public static Option<string> EnableWorkloadIdentityOptions()
+    {
+        var enableWorkloadIdentityOptions = new Option<string>(
+            name: OptionAliases.EnableWorkloadIdentity,
+            description: Resources.EnableWorkloadIdentityDescription)
+        {
+            Arity = ArgumentArity.ZeroOrOne,
+        };
+
+        enableWorkloadIdentityOptions.AddAlias(OptionAliases.EnableWorkloadIdentityShort);
+
+        return enableWorkloadIdentityOptions;
+    }
+
     public static Option VersionOption()
     {
         var versionOption = new Option<int>(

src/Microsoft.Health.Fhir.SchemaManager/OptionAliases.cs

@@ -11,6 +11,8 @@ public static class OptionAliases
     public const string AuthenticationTypeShort = "-at";
     public const string ConnectionString = "--connection-string";
     public const string ConnectionStringShort = "-cs";
+    public const string EnableWorkloadIdentity = "--enable-workload-identity";
+    public const string EnableWorkloadIdentityShort = "-wi";
     public const string Force = "--force";
     public const string ForceShort = "-f";
     public const string Latest = "--latest";

src/Microsoft.Health.Fhir.SchemaManager/Properties/Resources.resx

@@ -129,6 +129,9 @@
   <data name="ConnectionStringRequiredValidation" xml:space="preserve">
     <value>You must include a connection string.</value>
   </data>
+  <data name="EnableWorkloadIdentityDescription" xml:space="preserve">
+    <value>Enables the use of workload identity over managed identity.</value>
+  </data>
   <data name="ForceOptionDescription" xml:space="preserve">
     <value>The schema migration is run without validating the specified schema version.</value>
   </data>

src/Microsoft.Health.Fhir.SchemaManager/SchemaManagerServiceCollectionBuilder.cs

@@ -40,6 +40,12 @@ public static IServiceCollection AddSchemaManager(this IServiceCollection servic
 
         services.AddSqlServerManagement<SchemaVersion>();
 
+        // Optionally add support for Workload Identity
+        if (bool.TryParse(config[OptionAliases.EnableWorkloadIdentity], out bool enableWorkloadIdentity) && enableWorkloadIdentity)
+        {
+            services.EnableWorkloadManagedIdentity();
+        }
+
         services.AddSingleton<BaseSchemaRunner>();
         services.AddSingleton<IBaseSchemaRunner, FhirBaseSchemaRunner>();