search

Azure / apiops

APIOps applies the concepts of GitOps and DevOps to API deployment. By using practices from these two methodologies, APIOps can enable everyone involved in the lifecycle of API design, development, and deployment with self-service and automated tools to ensure the quality of the specifications and APIs that they’re building.
https://azure.github.io/apiops
MIT License
319 stars 186 forks source link

[BUG] ClientSecretCredential authentication failed: Retry failed after 4 tries #382

Closed seilorjunior closed 1 year ago

seilorjunior commented 1 year ago

Release version

v4.10.1

Describe the bug

when i ran the chmod +x extractor.linux-x64.exe ./extractor.linux-x64.exe

i got an error Azure.Identity.AuthenticationFailedException: ClientSecretCredential authentication failed: Retry failed after 4 tries. Retry settings can be adjusted in ClientOptions.Retry or by configuring a custom retry policy in ClientOptions.RetryPolicy. (The SSL connection could not be established, see inner exception.) (The SSL connection could not be established, see inner exception.) (The SSL connection could not be established, see inner exception.)

Expected behavior

The exported files

Actual behavior

I got an exception

build 11-Sep-2023 17:09:21 { build 11-Sep-2023 17:09:21 "environmentName": "AzureCloud", build 11-Sep-2023 17:09:21 "homeTenantId": "****", build 11-Sep-2023 17:09:21 "id": "xxxxxxx", build 11-Sep-2023 17:09:21 "isDefault": true, build 11-Sep-2023 17:09:21 "managedByTenants": [], build 11-Sep-2023 17:09:21 "name": "xxxxxxxxxx", build 11-Sep-2023 17:09:21 "state": "Enabled", build 11-Sep-2023 17:09:21 "tenantId": "****", build 11-Sep-2023 17:09:21 "user": { build 11-Sep-2023 17:09:21 "name": "xxxxx-xxxx-xx-xxx-xxxxxxxx", build 11-Sep-2023 17:09:21 "type": "servicePrincipal" build 11-Sep-2023 17:09:21 } build 11-Sep-2023 17:09:21 } build 11-Sep-2023 17:09:22 dbug: Microsoft.Extensions.Hosting.Internal.Host[1] build 11-Sep-2023 17:09:22 Hosting starting build 11-Sep-2023 17:09:22 info: Extractor[0] build 11-Sep-2023 17:09:22 Beginning execution... build 11-Sep-2023 17:09:22 info: Extractor[0] build 11-Sep-2023 17:09:22 Exporting named values... build 11-Sep-2023 17:09:22 dbug: ListRestResources[0] build 11-Sep-2023 17:09:22 Listing REST resources at URI https://management.azure.com/subscriptions/xxx-xx-486xx5-xx-xxxxx/resourceGroups/xxxxxxxx/providers/Microsoft.ApiManagement/service/apimaxxxxxx/namedValues?api-version=2022-04-01-preview... build 11-Sep-2023 17:09:22 info: Microsoft.Hosting.Lifetime[0] build 11-Sep-2023 17:09:22 Application started. Press Ctrl+C to shut down. build 11-Sep-2023 17:09:22 info: Microsoft.Hosting.Lifetime[0] build 11-Sep-2023 17:09:22 Hosting environment: Production build 11-Sep-2023 17:09:22 info: Microsoft.Hosting.Lifetime[0] build 11-Sep-2023 17:09:22 Content root path: /home/bamboo-agent/xxx-xxxxxx/xxx-xxxx/xxxxxxxx build 11-Sep-2023 17:09:22 dbug: Microsoft.Extensions.Hosting.Internal.Host[2] build 11-Sep-2023 17:09:22 Hosting started build 11-Sep-2023 17:09:29 crit: Extractor[0] build 11-Sep-2023 17:09:29 Azure.Identity.AuthenticationFailedException: ClientSecretCredential authentication failed: Retry failed after 4 tries. Retry settings can be adjusted in ClientOptions.Retry or by configuring a custom retry policy in ClientOptions.RetryPolicy. (The SSL connection could not be established, see inner exception.) (The SSL connection could not be established, see inner exception.) (The SSL connection could not be established, see inner exception.) (The SSL connection could not be established, see inner exception.) build 11-Sep-2023 17:09:29 ---> System.AggregateException: Retry failed after 4 tries. Retry settings can be adjusted in ClientOptions.Retry or by configuring a custom retry policy in ClientOptions.RetryPolicy. (The SSL connection could not be established, see inner exception.) (The SSL connection could not be established, see inner exception.) (The SSL connection could not be established, see inner exception.) (The SSL connection could not be established, see inner exception.) build 11-Sep-2023 17:09:29 ---> Azure.RequestFailedException: The SSL connection could not be established, see inner exception. build 11-Sep-2023 17:09:29 ---> System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception. build 11-Sep-2023 17:09:29 ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid because of errors in the certificate chain: UntrustedRoot build 11-Sep-2023 17:09:29 at System.Net.Security.SslStream.SendAuthResetSignal(ProtocolToken message, ExceptionDispatchInfo exception) build 11-Sep-2023 17:09:29 at System.Net.Security.SslStream.CompleteHandshake(SslAuthenticationOptions sslAuthenticationOptions) build 11-Sep-2023 17:09:29 at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](Boolean receiveFirst, Byte[] reAuthenticationData, CancellationToken cancellationToken) build 11-Sep-2023 17:09:29 at System.Net.Http.ConnectHelper.EstablishSslConnectionAsync(SslClientAuthenticationOptions sslOptions, HttpRequestMessage request, Boolean async, Stream stream, CancellationToken cancellationToken) build 11-Sep-2023 17:09:29 --- End of inner exception stack trace --- build 11-Sep-2023 17:09:29 at System.Net.Http.ConnectHelper.EstablishSslConnectionAsync(SslClientAuthenticationOptions sslOptions, HttpRequestMessage request, Boolean async, Stream stream, CancellationToken cancellationToken)

Reproduction Steps

set the variables and run chmod +x extractor.linux-x64.exe ./extractor.linux-x64.exe

github-actions[bot] commented 1 year ago

🎉 Thank you for opening this issue! Please be patient while we will look into it and get back to you as this is an open source project. Don't forget to provide any additional information if needed (e.g. scrubbed logs, detailed feature requests,etc.). Whenever it's feasible, please don't hesitate to send a Pull Request (PR) our way. We'd greatly appreciate it, and we'll gladly assess and incorporate your changes. 🎉

waelkdouh commented 1 year ago

This is not a tool issue. Seems like you are having an authentication issue within your own DevOps environment.

seilorjunior commented 1 year ago

@waelkdouh yes, do you know if we can set the certificate to be used by tool? or if there is a away to ignore ssl?

seilorjunior commented 1 year ago

@waelkdouh i have verify and all the access are corrected also we run a curl on api in this APIM and we got the same issue

waelkdouh commented 1 year ago

@seilorjunior please remember to close the GitHub issue if your issue has been resolved.

seilorjunior commented 1 year ago

@waelkdouh it worked on bamboo, but we had to use AZURE_BEARER_TOKEN, without this one we had the error.

tlambert commented 1 year ago

I get this randomly on an email monitor that runs every 10 minutes. It works most of the time but then once or twice a day I get this error. It just started in the last 2 weeks