Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
AzureCLI@2 has a problem with the addSpnToEnvironment
See original GitHub issueNote
Issues in this repo are for tracking bugs, feature requests and questions for the tasks in this repo
For a list:
https://github.com/Microsoft/azure-pipelines-tasks/tree/master/Tasks
If you have an issue or request for the Azure Pipelines service, use developer community instead:
https://developercommunity.visualstudio.com/spaces/21/index.html )
Required Information
Entering this information will route you directly to the right team and expedite traction.
Question, Bug, or Feature?
Type: Bug
Enter Task Name: AzureCLI@2
list here (V# not needed):
https://github.com/Microsoft/azure-pipelines-tasks/tree/master/Tasks
Environment
-
Server - Azure Pipelines or TFS on-premises?
Azure Pipelines
- If using Azure Pipelines, provide the account name, team project name, build definition name/build number: hmctsreform/VirtualHearings/_build/results?buildId=13766
-
Agent - Hosted or Private: private
- If using private agent, provide the OS of the machine running the agent and the agent version: Server 2016 Datacenter Agent Version 2.158.0
Issue Description
Tried numerous configurations. Currently running under task Terraform Prepare Login.
- task: AzureCLI@2
displayName: Terraform Prepare Login
inputs:
azureSubscription: ${{ parameters.armServiceConnection }}
scriptType: pscore
scriptLocation: inlineScript
addSpnToEnvironment: true
inlineScript: |
$env:ARM_CLIENT_ID=$servicePrincipalId
$env:ARM_CLIENT_SECRET=$servicePrincipalKey
$env:ARM_SUBSCRIPTION_ID=$(az account show --query 'id' --output tsv)
$env:ARM_TENANT_ID= $(az account show --query 'tenantId' --output tsv)
$env:ARM_ACCESS_KEY=$(az storage account keys list -n ${{ parameters.storageAccount }} --query [0].value --output tsv)
terraform init -backend-config="storage_account_name=${{ parameters.storageAccount }}"
terraform workspace select ${{ parameters.environment }}
terraform plan -out=plan
env:
ARM_TENANT_ID: ${{ parameters.armTenantId }}
ARM_SUBSCRIPTION_ID: ${{ parameters.armSubscriptionId }}
ARM_CLIENT_ID: ${{ parameters.armClientId }}
ARM_CLIENT_SECRET: ${{ parameters.armClientSecret }}
workspace: ${{ parameters.environment }}
For the life of me I just can’t get the client_id and secret to be passed to these two variables. I’ve seen people say they got it working in AzureCLI@1. I however had another issue with the shell saying that I didn’t have access to the subscription although I do. In v2 I can login and its fine, but I can’t pass the keys for use in terraform.
Error logs
[Insert error from the logs here for a quick overview]
Issue Analytics
- State:
- Created 4 years ago
- Comments:9 (5 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
I had the same problem. Some documentation would be nice, even if it’s just here: https://docs.microsoft.com/en-us/azure/devops/pipelines/tasks/deploy/azure-cli?view=azure-devops
This github issue is the only thing I’ve found at all that mentions using
$env:servicePrincipalIdAlso, it would be nice if it said that this was the app id specifically, and not the object id of either the enterprise application or the app registration.
To get the object id of the enterprise application, e.g. for setting a key vault access policy:
This exact issue bit me again. The help text appears unchanged in production. Text as of this writing: