Closed internetionals closed 4 years ago
@internetionals Could you pleae help fixes the CI fail, when you're free it will push for PR review and meger! Thank you very much!
First inspection of those CI failures don't appear to be related to this specific change. There should not be any unicode related issues being introduced that weren't there before.
This change is centered arount the state of the auth_source: cli
logic, that gets read from the az
tool, but these tests actually use a totally different auth_source: credential_file
or auth_source: env
.
The only other field we use is the subscription_id
which can come from the env, but that should never contain unicode characters (being a UUID). Furthermore, this logic handles it identically to eg. the auth_source: msi
code, so that should logically suffer the same issues if that were the case.
Having said that, let's look at the errors (after a rerun of the tests):
https://travis-ci.org/Azure/azure_preview_modules/jobs/648311448#L781
Operation could not be completed as it results in exceeding approved Total Regional Cores quota. Additional details - Deployment Model: Resource Manager, Location: eastus, Current Limit: 100, Current Usage: 100, Additional Required: 1, (Minimum) New Limit Required: 101.
It appears that the Azure subscription performing the CI tests has reached the number of cores quota in Azure. Somebody should probably request an increase.
The other is one that I've seen multiple times in both CI runs (these errors are from the second run):
https://travis-ci.org/Azure/azure_preview_modules/jobs/648311452#L1268 https://travis-ci.org/Azure/azure_preview_modules/jobs/648311454#L798
"/home/travis/virtualenv/python2.7.15/lib/python2.7/site-packages/msrestazure/azure_exceptions.py", line 89, in __str__
error_str += "Message: {}".format(self._message)
UnicodeEncodeError: 'ascii' codec can't encode character u'\\u2018' in position 596: ordinal not in range(128)
When looking at this error in the msrestazure
python module we see it originates inside the CloudErrorData
class. So this leads to me assuming that the Azure API is returning a unicode quote in it's error message.
The CI runner probably has no special locale settings so it defaults to ascii
for it's output handling. I'll try forcing the I/O encoding to 'utf-8' to see if these disappear.
Too bad, my PYTHONIOENCODING=utf-8
didn't appear to help. I'm creating new issues for these problems.
@internetionalsThank you for taking the time to contribute to this PR. We will transfer ansible 's azure module related Issue and PR to azure collection (https://github.com/ansible-collections/azure/pulls), can you transfer the Issue to azure collection repo?
I already submitted this pull request there, see: ansible-collections/azure#53
This is the same change I have a pull request for at the Ansible main repository, but it isn't entirely clear what the correct path for new changes is for the Azure Ansible modules.
See original pull request: https://github.com/ansible/ansible/pull/65331
I also couldn't find the
doc_fragments
part from the original change, so this change doesn't update the documentation, which the original does.Also relates to these issues/pull requests in the main Ansible repository:
Below is the text from the pull request against the main Ansible repository:
SUMMARY
When using credentials obtained from the azure cli only the default subscription can be used, even though the azure cli is authenticated for multiple subscriptions.
This change passes any optionally specified
subscription_id
(similar to how it's done forauth_source: msi
) along when requesting the azure cli credentials. If none is specified it falls back to the current behaviour of selecting the default subscription.The only other change that had to be made was in the
auth_source: auto
case where we would always assume that all credential information is passed using arguments whensubscription_id
is set. I changed this to check the fields that actually refer to specific credentials (namelyclient_id
(for service principals) andad_user
(for user names)). This way we still fall through to the azure cli method, eventhough onlysubscription_id
is explicitly set.Fixes #321 Fixes
ansible#63182
This effectively fixes the same problem as
ansible#48089
is trying to fix, only in a way that is more consistent with how credentials and subscription id's are determined for otherauth_source
s. This was one of the main criticisms that's probably holding that pull request up.ISSUE TYPE
COMPONENT NAME
azure_rm_common
ADDITIONAL INFORMATION
We have different Azure subscriptions for our prod and dev environments. By default we only work on the dev environment, but we have a number of playbooks that we want to work with all virtual machines at once.
Demonstration playbook:
Before:
After: