I've tried to create a brand new Service Bus trigger azure function using the dotnet 8.0 isolated base image. (mcr.microsoft.com/azure-functions/dotnet-isolated:4-dotnet-isolated8.0)
I created the new project in Visual Studio 2022 and then added the environment variable: "ServiceBusConnection__fullyQualifiedNamespace" which contains the name of the service bus namespace.
Prior to trying to containerize the function, the trigger would use the Visual Studio credential to allow the function-code to connect to the service bus when running locally but once I used the docker-style of function project, it no longer inherited the credential from visual studio.
When the function is deployed to Azure, it does use the managed identity to connect to the service bus and receive queue messages.
The logs emitted are as follows.
Message processing error (Action=Receive, EntityPath=sb-queue, Endpoint=myservicebusfortesting.servicebus.windows.net)
Azure.Identity: DefaultAzureCredential failed to retrieve a token from the included credentials. See the troubleshooting guide for more information. https://aka.ms/azsdk/net/identity/defaultazurecredential/troubleshoot
EnvironmentCredential authentication unavailable. Environment variables are not fully configured. See the troubleshooting guide for more information. https://aka.ms/azsdk/net/identity/environmentcredential/troubleshoot
WorkloadIdentityCredential authentication unavailable. The workload options are not fully configured. See the troubleshooting guide for more information. https://aka.ms/azsdk/net/identity/workloadidentitycredential/troubleshoot
ManagedIdentityCredential authentication unavailable. Multiple attempts failed to obtain a token from the managed identity endpoint.
Process "/usr/share/dotnet/dotnet" has failed with unexpected error: Unhandled exception. System.ArgumentException: Startup hook assembly 'Microsoft.Azure.Functions.Worker.Core' failed to load. See inner exception for details.
In the Tools->Options for container tools -> Run a service in containers to enable Azure Authentication is enabled.
I can see that C:\Program Files\Microsoft Visual Studio\2022\Professional\MSBuild\Sdks\Microsoft.Docker.Sdk\tools\TokenService.Proxy\linux-x64\net6.0 is bound to /TokenService.Proxy
Visual Studio 2022 17.9.6
Added Microsoft.Identity 1.12.0 to the project to see if that helps
Is there an expectation that with that particular base image, that Visual Studio can provide the credential to the Service Bus Trigger function? Or, as is evidenced by the error logs above, are only EnvironmentCredential, WorkloadIdentity and ManagedIdentity credentials supported?
I've tried to create a brand new Service Bus trigger azure function using the dotnet 8.0 isolated base image. (mcr.microsoft.com/azure-functions/dotnet-isolated:4-dotnet-isolated8.0)
I created the new project in Visual Studio 2022 and then added the environment variable: "ServiceBusConnection__fullyQualifiedNamespace" which contains the name of the service bus namespace.
Prior to trying to containerize the function, the trigger would use the Visual Studio credential to allow the function-code to connect to the service bus when running locally but once I used the docker-style of function project, it no longer inherited the credential from visual studio.
When the function is deployed to Azure, it does use the managed identity to connect to the service bus and receive queue messages.
The logs emitted are as follows.
Message processing error (Action=Receive, EntityPath=sb-queue, Endpoint=myservicebusfortesting.servicebus.windows.net) Azure.Identity: DefaultAzureCredential failed to retrieve a token from the included credentials. See the troubleshooting guide for more information. https://aka.ms/azsdk/net/identity/defaultazurecredential/troubleshoot EnvironmentCredential authentication unavailable. Environment variables are not fully configured. See the troubleshooting guide for more information. https://aka.ms/azsdk/net/identity/environmentcredential/troubleshoot WorkloadIdentityCredential authentication unavailable. The workload options are not fully configured. See the troubleshooting guide for more information. https://aka.ms/azsdk/net/identity/workloadidentitycredential/troubleshoot ManagedIdentityCredential authentication unavailable. Multiple attempts failed to obtain a token from the managed identity endpoint. Process "/usr/share/dotnet/dotnet" has failed with unexpected error: Unhandled exception. System.ArgumentException: Startup hook assembly 'Microsoft.Azure.Functions.Worker.Core' failed to load. See inner exception for details.
In the Tools->Options for container tools -> Run a service in containers to enable Azure Authentication is enabled.
https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/identity/Azure.Identity/TROUBLESHOOTING.md#troubleshoot-visualstudiocredential-authentication-issues
I can see that C:\Program Files\Microsoft Visual Studio\2022\Professional\MSBuild\Sdks\Microsoft.Docker.Sdk\tools\TokenService.Proxy\linux-x64\net6.0 is bound to /TokenService.Proxy
Visual Studio 2022 17.9.6 Added Microsoft.Identity 1.12.0 to the project to see if that helps
Is there an expectation that with that particular base image, that Visual Studio can provide the credential to the Service Bus Trigger function? Or, as is evidenced by the error logs above, are only EnvironmentCredential, WorkloadIdentity and ManagedIdentity credentials supported?
thanks!