search

Azure / azure-cli-extensions

Public Repository for Extensions of Azure CLI.
https://docs.microsoft.com/en-us/cli/azure
MIT License
382 stars 1.23k forks source link

serviceconnector-passwordless fails for sql #7824

Closed SebastianWachsmuth closed 2 months ago

SebastianWachsmuth commented 3 months ago

Describe the bug

When attempting to create a service-connector to a sql-database in a webapp, using the command provided by the azure portal, the command fails.

Related command

az webapp connection create sql --resource-group {Group} --name {WebAppName} --target-resource-group {sql server resource group} --server {server} --database {Database} --system-identity

Errors

cli.azure.cli.core.azclierror: The command failed with an unexpected error. Here is the traceback: az_command_data_logger: The command failed with an unexpected error. Here is the traceback: cli.azure.cli.core.azclierror: get_connection_string() missing 1 required positional argument: 'dbname' Traceback (most recent call last): File "/usr/lib64/az/lib/python3.9/site-packages/knack/cli.py", line 233, in invoke cmd_result = self.invocation.execute(args) File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/init.py", line 664, in execute raise ex File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/init.py", line 731, in _run_jobs_serially results.append(self._run_job(expanded_arg, cmd_copy)) File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/init.py", line 701, in _run_job result = cmd_copy(params) File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/init.py", line 334, in call return self.handler(args, kwargs) File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/command_operation.py", line 121, in handler return op(command_args) File "/home/sebastian/.azure/cliextensions/serviceconnector-passwordless/azext_serviceconnector_passwordless/custom.py", line 33, in connection_create_ext return connection_create_func(cmd, client, connection_name, client_type, File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/command_modules/serviceconnector/custom.py", line 498, in connection_create_func new_auth_info = enable_mi_for_db_linker( File "/home/sebastian/.azure/cliextensions/serviceconnector-passwordless/azext_serviceconnector_passwordless/_credential_free.py", line 145, in enable_mi_for_db_linker target_handler.create_aad_user() File "/home/sebastian/.azure/cliextensions/serviceconnector-passwordless/azext_serviceconnector_passwordless/_credential_free.py", line 500, in create_aad_user connection_args = self.get_connection_string() TypeError: get_connection_string() missing 1 required positional argument: 'dbname' az_command_data_logger: get_connection_string() missing 1 required positional argument: 'dbname' Traceback (most recent call last): File "/usr/lib64/az/lib/python3.9/site-packages/knack/cli.py", line 233, in invoke cmd_result = self.invocation.execute(args) File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/init.py", line 664, in execute raise ex File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/init.py", line 731, in _run_jobs_serially results.append(self._run_job(expanded_arg, cmd_copy)) File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/init.py", line 701, in _run_job result = cmd_copy(params) File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/init.py", line 334, in call return self.handler(args, kwargs) File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/command_operation.py", line 121, in handler return op(command_args) File "/home/sebastian/.azure/cliextensions/serviceconnector-passwordless/azext_serviceconnector_passwordless/custom.py", line 33, in connection_create_ext return connection_create_func(cmd, client, connection_name, client_type, File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/command_modules/serviceconnector/custom.py", line 498, in connection_create_func new_auth_info = enable_mi_for_db_linker( File "/home/sebastian/.azure/cliextensions/serviceconnector-passwordless/azext_serviceconnector_passwordless/_credential_free.py", line 145, in enable_mi_for_db_linker target_handler.create_aad_user() File "/home/sebastian/.azure/cliextensions/serviceconnector-passwordless/azext_serviceconnector_passwordless/_credential_free.py", line 500, in create_aad_user connection_args = self.get_connection_string() TypeError: get_connection_string() missing 1 required positional argument: 'dbname'

Issue script & Debug output

cli.knack.cli: Command arguments: ['webapp', 'connection', 'create', 'sql', '--resource-group', '...', '--name', 'd...', '--target-resource-group', '...', '--server', '...', '--database', '...', '--system-identity', '--debug'] cli.knack.cli: init debug log: Enable color in terminal. cli.knack.cli: Event: Cli.PreExecute [] cli.knack.cli: Event: CommandParser.OnGlobalArgumentsCreate [<function CLILogging.on_global_arguments at 0x7f3da4ea91f0>, <function OutputProducer.on_global_arguments at 0x7f3da4dc3dc0>, <function CLIQuery.on_global_arguments at 0x7f3da4d5a3a0>] cli.knack.cli: Event: CommandInvoker.OnPreCommandTableCreate [] cli.azure.cli.core: Modules found from index for 'webapp': ['azure.cli.command_modules.appservice', 'azure.cli.command_modules.serviceconnector', 'azext_serviceconnector_passwordless'] cli.azure.cli.core: Loading command modules: cli.azure.cli.core: Name Load Time Groups Commands cli.azure.cli.core: appservice 0.297 79 270 cli.azure.cli.core: serviceconnector 0.093 20 307 cli.azure.cli.core: Total (2) 0.390 99 577 cli.azure.cli.core: These extensions are not installed and will be skipped: ['azext_next'] cli.azure.cli.core: Loading extensions: cli.azure.cli.core: Name Load Time Groups Commands Directory cli.azure.cli.core: ai-examples 0.114 1 1 /usr/lib/python3.9/site-packages/azure-cli-extensions/ai-examples cli.azure.cli.core: serviceconnector-passwordless 0.061 14 20 /home/sebastian/.azure/cliextensions/serviceconnector-passwordless cli.azure.cli.core: Total (2) 0.174 15 21
cli.azure.cli.core: Loaded 98 groups, 578 commands. cli.azure.cli.core: Found a match in the command table. cli.azure.cli.core: Raw command : webapp connection create sql cli.azure.cli.core: Command table: webapp connection create sql cli.knack.cli: Event: CommandInvoker.OnPreCommandTableTruncate [<function AzCliLogging.init_command_file_logging at 0x7f3da42098b0>] cli.azure.cli.core.azlogging: metadata file logging enabled - writing logs to '/home/sebastian/.azure/commands/2024-07-24.16-15-33.webapp_connection_create_sql.5097.log'. az_command_data_logger: command args: webapp connection create sql --resource-group {} --name {} --target-resource-group {} --server {} --database {} --system-identity --debug cli.knack.cli: Event: CommandInvoker.OnPreArgumentLoad [<function register_global_subscription_argument..add_subscription_parameter at 0x7f3da41b14c0>] cli.knack.cli: Event: CommandInvoker.OnPostArgumentLoad [] cli.knack.cli: Event: CommandInvoker.OnPostCommandTableCreate [<function register_ids_argument..add_ids_arguments at 0x7f3da41d74c0>, <function register_cache_arguments..add_cache_arguments at 0x7f3da417b3a0>] cli.knack.cli: Event: CommandInvoker.OnCommandTableLoaded [] cli.knack.cli: Event: CommandInvoker.OnPreParseArgs [] cli.knack.cli: Event: CommandInvoker.OnPostParseArgs [<function OutputProducer.handle_output_argument at 0x7f3da4dc3e50>, <function CLIQuery.handle_query_parameter at 0x7f3da4d5a430>, <function register_ids_argument..parse_ids_arguments at 0x7f3da417b310>] az_command_data_logger: extension name: serviceconnector-passwordless az_command_data_logger: extension version: 2.0.6 cli.azure.cli.core.commands: The behavior of this command has been altered by the following extension: serviceconnector-passwordless cli.azure.cli.command_modules.serviceconnector._validators: Connection name is not specified, use generated one: --connection sql_6dgf1 cli.azure.cli.command_modules.serviceconnector._utils: CompletedProcess(args='az webapp show --id /subscriptions/... -o json', returncode=0, stdout=b'...') cli.azure.cli.command_modules.serviceconnector._validators: Client type is not specified, use detected one: --client-type dotnet cli.azure.cli.core.commands.client_factory: Getting management service client client_type=ServiceLinkerManagementClient urllib3.connectionpool: Starting new HTTP connection (1): localhost:50342 urllib3.connectionpool: http://localhost:50342 "POST /oauth2/token HTTP/1.1" 200 3140 msrestazure.azure_active_directory: MSI: Retrieving a token from http://localhost:50342/oauth2/token, with payload {'resource': 'https://management.core.windows.net/'} cli.azure.cli.command_modules.serviceconnector._utils: CompletedProcess(args='az account show -o json', returncode=0, stdout=b'{... }\n}\n', stderr=b'') cli.azure.cli.command_modules.serviceconnector._utils: CompletedProcess(args='az sql db show --ids ... -o json', returncode=0, stdout=b'{...}\n', stderr=b'') cli.azext_serviceconnector_passwordless._credential_free: Checking if WebApp enables System Identity... cli.azure.cli.command_modules.serviceconnector._utils: CompletedProcess(args='az webapp identity show --ids ... -o json', returncode=0, stdout=b'{}\n', stderr=b'') cli.azure.cli.command_modules.serviceconnector._utils: CompletedProcess(args='az sql server ad-admin list --ids ... -o json', returncode=0, stdout=b'[\n {... }\n]\n', stderr=b'') Do you want to set current user as Entra admin? (y/n): n cli.azure.cli.core.azclierror: Traceback (most recent call last): File "/usr/lib64/az/lib/python3.9/site-packages/knack/cli.py", line 233, in invoke cmd_result = self.invocation.execute(args) File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/init.py", line 664, in execute raise ex File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/init.py", line 731, in _run_jobs_serially results.append(self._run_job(expanded_arg, cmd_copy)) File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/init.py", line 701, in _run_job result = cmd_copy(params) File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/init.py", line 334, in call return self.handler(*args, kwargs) File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/command_operation.py", line 121, in handler return op(command_args) File "/home/sebastian/.azure/cliextensions/serviceconnector-passwordless/azext_serviceconnector_passwordless/custom.py", line 33, in connection_create_ext return connection_create_func(cmd, client, connection_name, client_type, File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/command_modules/serviceconnector/custom.py", line 498, in connection_create_func new_auth_info = enable_mi_for_db_linker( File "/home/sebastian/.azure/cliextensions/serviceconnector-passwordless/azext_serviceconnector_passwordless/_credential_free.py", line 145, in enable_mi_for_db_linker target_handler.create_aad_user() File "/home/sebastian/.azure/cliextensions/serviceconnector-passwordless/azext_serviceconnector_passwordless/_credential_free.py", line 500, in create_aad_user connection_args = self.get_connection_string() TypeError: get_connection_string() missing 1 required positional argument: 'dbname'

cli.azure.cli.core.azclierror: The command failed with an unexpected error. Here is the traceback: az_command_data_logger: The command failed with an unexpected error. Here is the traceback: cli.azure.cli.core.azclierror: get_connection_string() missing 1 required positional argument: 'dbname' Traceback (most recent call last): File "/usr/lib64/az/lib/python3.9/site-packages/knack/cli.py", line 233, in invoke cmd_result = self.invocation.execute(args) File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/init.py", line 664, in execute raise ex File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/init.py", line 731, in _run_jobs_serially results.append(self._run_job(expanded_arg, cmd_copy)) File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/init.py", line 701, in _run_job result = cmd_copy(params) File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/init.py", line 334, in call return self.handler(args, kwargs) File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/command_operation.py", line 121, in handler return op(command_args) File "/home/sebastian/.azure/cliextensions/serviceconnector-passwordless/azext_serviceconnector_passwordless/custom.py", line 33, in connection_create_ext return connection_create_func(cmd, client, connection_name, client_type, File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/command_modules/serviceconnector/custom.py", line 498, in connection_create_func new_auth_info = enable_mi_for_db_linker( File "/home/sebastian/.azure/cliextensions/serviceconnector-passwordless/azext_serviceconnector_passwordless/_credential_free.py", line 145, in enable_mi_for_db_linker target_handler.create_aad_user() File "/home/sebastian/.azure/cliextensions/serviceconnector-passwordless/azext_serviceconnector_passwordless/_credential_free.py", line 500, in create_aad_user connection_args = self.get_connection_string() TypeError: get_connection_string() missing 1 required positional argument: 'dbname' az_command_data_logger: get_connection_string() missing 1 required positional argument: 'dbname' Traceback (most recent call last): File "/usr/lib64/az/lib/python3.9/site-packages/knack/cli.py", line 233, in invoke cmd_result = self.invocation.execute(args) File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/init.py", line 664, in execute raise ex File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/init.py", line 731, in _run_jobs_serially results.append(self._run_job(expanded_arg, cmd_copy)) File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/init.py", line 701, in _run_job result = cmd_copy(params) File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/init.py", line 334, in call return self.handler(args, kwargs) File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/core/commands/command_operation.py", line 121, in handler return op(command_args) File "/home/sebastian/.azure/cliextensions/serviceconnector-passwordless/azext_serviceconnector_passwordless/custom.py", line 33, in connection_create_ext return connection_create_func(cmd, client, connection_name, client_type, File "/usr/lib64/az/lib/python3.9/site-packages/azure/cli/command_modules/serviceconnector/custom.py", line 498, in connection_create_func new_auth_info = enable_mi_for_db_linker( File "/home/sebastian/.azure/cliextensions/serviceconnector-passwordless/azext_serviceconnector_passwordless/_credential_free.py", line 145, in enable_mi_for_db_linker target_handler.create_aad_user() File "/home/sebastian/.azure/cliextensions/serviceconnector-passwordless/azext_serviceconnector_passwordless/_credential_free.py", line 500, in create_aad_user connection_args = self.get_connection_string() TypeError: get_connection_string() missing 1 required positional argument: 'dbname' To check existing issues, please visit: https://github.com/Azure/azure-cli/issues cli.knack.cli: Event: Cli.PostExecute [<function AzCliLogging.deinit_cmd_metadata_logging at 0x7f3da4209af0>] az_command_data_logger: exit code: 1 cli.main: Command ran in 16.643 seconds (init: 0.168, invoke: 16.475) telemetry.main: Begin splitting cli events and extra events, total events: 1 telemetry.client: Accumulated 0 events. Flush the clients. telemetry.main: Finish splitting cli events and extra events, cli events: 1 telemetry.save: Save telemetry record of length 8368 in cache telemetry.main: Begin creating telemetry upload process. telemetry.process: Creating upload process: "/usr/bin/python3.9 /usr/lib/az/lib/python3.9/site-packages/azure/cli/telemetry/init.py /home/sebastian/.azure" telemetry.process: Return from creating process telemetry.main: Finish creating telemetry upload process.

Expected behavior

The Commands succeeds and the service-connector is created

Environment Summary

azure-cli 2.62.0

core 2.62.0 telemetry 1.1.0

Extensions: ai-examples 0.2.5 ml 2.28.0 serviceconnector-passwordless 2.0.6 ssh 2.0.4

Dependencies: msal 1.28.1 azure-mgmt-resource 23.1.1

Python location '/usr/bin/python3.9' Extensions directory '/home/sebastian/.azure/cliextensions' Extensions system directory '/usr/lib/python3.9/site-packages/azure-cli-extensions'

Python (Linux) 3.9.19 (main, Mar 28 2024, 18:56:59) [GCC 11.2.0]

Legal docs and information: aka.ms/AzureCliLegal

Your CLI is up-to-date.

Additional context

get_connection_string is defined as 

def get_connection_string(self, dbname)

but is is called without dbname here and other places

yonzhan commented 3 months ago

Thank you for opening this issue, we will look into it.

microsoft-github-policy-service[bot] commented 3 months ago

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @azureSQLGitHub.

microsoft-github-policy-service[bot] commented 3 months ago

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @anuragdalmia, @shilpigautam, @ramaganesan-rg.

microsoft-github-policy-service[bot] commented 3 months ago

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @AzureAppServiceCLI, @antcp.

KevinDockx commented 2 months ago

I can confirm that this issue persists. The command fails with the error message reported above, both when trying to create the connection via the portal on Cloud Shell (Bash) & when running it locally via the Azure CLI on Powershell. The end result is that creating a connection via the service connector between an app service & a SQL database is currently impossible.

vicflamenco commented 2 months ago

Can reproduce issue with serviceconnector-passwordless 2.0.6 on azure CLI

skeith92 commented 2 months ago

i can reproduce the issue too. This is what I use in the release pipeline as a workaround before creating the service connector:

az extension add --name serviceconnector-passwordless --version 2.0.5 --allow-preview true

wszdwp commented 2 months ago

I can reproduce this issue on Azure Portal. I was trying to add service connector for a web app on cloud shell of Azure portal. Thanks @skeith92 for the workaround. I followed his step with one more step to first remove the pre-installed the extension. Then it works for me. az extension remove --name serviceconnector-passwordless az extension add --name serviceconnector-passwordless --version 2.0.5 --allow-preview true