search

Azure / devops-governance

Example end-to-end Governance Model from CI/CD to Azure Resource Manager. Use this project to deploy example AAD, ARM and Azure DevOps resources to learn about e2e RBAC.
MIT License
189 stars 93 forks source link

Cannot deploy Azure DevOps Demo in Windows 11 with WSL #55

Open ormikopo1988 opened 2 years ago

ormikopo1988 commented 2 years ago

Please provide us with the following information:

This issue is for a: (mark with an x)

- [x ] bug report -> please search issues before submitting
- [ ] feature request
- [ ] documentation issue or request

Minimal steps to reproduce

  1. Open WSL in Windows
  2. Follow all steps described in the deploy.md guide
    • az login with outlook.com account (admin in tenant)
    • az account set (the msdn subscription)
    • mv _override.tf.sample _override.tf
    • export AZDO_ORG_SERVICE_URL="https://dev.azure.com/ormikopo-devops-demo"
    • export AZDO_PERSONAL_ACCESS_TOKEN="..." (token with full access in ADO organization 'ormikopo-devops-demo'
    • terraform init
    • terraform plan
    • terraform apply

Any log messages given by the failure

Authorization/roleAssignments/48bd9431-898d-c96f-6b85-6c4db80038fb] module.arm_environments["veggies_dev"].azurerm_role_assignment.rg_team_admins: Creation complete after 25s [id=/subscriptions/d7130c91-ee33-4fe2-8094-9eee918c70a6/resourceGroups/veggies-dev-5z86-rg/providers/Microsoft.Authorization/roleAssignments/27525561-5f47-dcc6-a306-0c0807501ea0] module.arm_environments["veggies_prod"].azurerm_role_assignment.rg_sp: Creation complete after 23s [id=/subscriptions/d7130c91-ee33-4fe2-8094-9eee918c70a6/resourceGroups/veggies-prod-5z86-rg/providers/Microsoft.Authorization/roleAssignments/16444cd1-fe25-290c-bee6-6e9a45e1a15f] module.arm_environments["veggies_prod"].azurerm_role_assignment.rg_team_devs: Creation complete after 25s [id=/subscriptions/d7130c91-ee33-4fe2-8094-9eee918c70a6/resourceGroups/veggies-prod-5z86-rg/providers/Microsoft.Authorization/roleAssignments/bf86d03a-c653-c599-76fb-d9e91c38c4de] module.arm_environments["veggies_prod"].azurerm_role_assignment.rg_team_admins: Creation complete after 23s [id=/subscriptions/d7130c91-ee33-4fe2-8094-9eee918c70a6/resourceGroups/veggies-prod-5z86-rg/providers/Microsoft.Authorization/roleAssignments/30aca515-6b35-5c3f-eb01-e82b0c963984] module.service_connections["infra_shared"].data.azurerm_client_config.current: Reading... module.service_connections["veggies_dev"].data.azurerm_subscription.current: Reading... module.service_connections["fruits_dev"].data.azurerm_client_config.current: Reading... module.service_connections["infra_shared"].data.azurerm_subscription.current: Reading... module.service_connections["fruits_prod"].data.azurerm_client_config.current: Reading... module.service_connections["fruits_prod"].data.azurerm_client_config.current: Read complete after 0s [id=2022-06-10 08:39:33.2838608 +0000 UTC] module.service_connections["veggies_dev"].data.azurerm_client_config.current: Reading... module.service_connections["veggies_prod"].data.azurerm_client_config.current: Reading... module.service_connections["fruits_prod"].data.azurerm_subscription.current: Reading... module.service_connections["fruits_dev"].data.azurerm_subscription.current: Reading... module.service_connections["fruits_dev"].data.azurerm_client_config.current: Read complete after 0s [id=2022-06-10 08:39:33.2843127 +0000 UTC] module.service_connections["infra_shared"].data.azurerm_client_config.current: Read complete after 0s [id=2022-06-10 08:39:33.2855188 +0000 UTC] module.service_connections["veggies_prod"].data.azurerm_subscription.current: Reading... module.service_connections["veggies_prod"].data.azurerm_client_config.current: Read complete after 0s [id=2022-06-10 08:39:33.2877869 +0000 UTC] module.service_connections["veggies_dev"].data.azurerm_client_config.current: Read complete after 0s [id=2022-06-10 08:39:33.2874753 +0000 UTC] module.service_connections["veggies_prod"].data.azuredevops_project.team: Reading... module.service_connections["infra_shared"].data.azuredevops_project.team: Reading... module.service_connections["veggies_dev"].data.azuredevops_project.team: Reading... module.service_connections["fruits_prod"].data.azuredevops_project.team: Reading... module.service_connections["fruits_dev"].data.azuredevops_project.team: Reading... module.service_connections["infra_shared"].data.azuredevops_project.team: Read complete after 1s [id=c04beb99-7d0b-4a0b-8081-08341d4aefed] module.service_connections["fruits_prod"].data.azuredevops_project.team: Read complete after 1s [id=c5440b4d-f516-42ae-8136-3b6258c7446d] module.service_connections["fruits_dev"].data.azuredevops_project.team: Read complete after 1s [id=c5440b4d-f516-42ae-8136-3b6258c7446d] module.service_connections["veggies_dev"].data.azuredevops_project.team: Read complete after 1s [id=c21c27d4-1ee7-4538-a0af-4afe9f4a99c6] module.service_connections["veggies_prod"].data.azuredevops_project.team: Read complete after 1s [id=c21c27d4-1ee7-4538-a0af-4afe9f4a99c6] module.service_connections["fruits_prod"].data.azurerm_subscription.current: Read complete after 1s [id=/subscriptions/d7130c91-ee33-4fe2-8094-9eee918c70a6] module.service_connections["fruits_dev"].data.azurerm_subscription.current: Read complete after 1s [id=/subscriptions/d7130c91-ee33-4fe2-8094-9eee918c70a6] module.service_connections["infra_shared"].data.azurerm_subscription.current: Read complete after 1s [id=/subscriptions/d7130c91-ee33-4fe2-8094-9eee918c70a6] module.service_connections["veggies_prod"].data.azurerm_subscription.current: Read complete after 1s [id=/subscriptions/d7130c91-ee33-4fe2-8094-9eee918c70a6] module.service_connections["veggies_dev"].data.azurerm_subscription.current: Read complete after 1s [id=/subscriptions/d7130c91-ee33-4fe2-8094-9eee918c70a6] module.service_connections["fruits_prod"].azuredevops_serviceendpoint_azurerm.workspace_endpoint: Creating... module.service_connections["veggies_dev"].azuredevops_serviceendpoint_azurerm.workspace_endpoint: Creating... module.service_connections["veggies_prod"].azuredevops_serviceendpoint_azurerm.workspace_endpoint: Creating... module.service_connections["infra_shared"].azuredevops_serviceendpoint_azurerm.workspace_endpoint: Creating... module.service_connections["fruits_dev"].azuredevops_serviceendpoint_azurerm.workspace_endpoint: Creating... module.service_connections["fruits_prod"].azuredevops_serviceendpoint_azurerm.workspace_endpoint: Still creating... [10s elapsed] module.service_connections["infra_shared"].azuredevops_serviceendpoint_azurerm.workspace_endpoint: Still creating... [10s elapsed] module.service_connections["veggies_dev"].azuredevops_serviceendpoint_azurerm.workspace_endpoint: Still creating... [10s elapsed] module.service_connections["veggies_prod"].azuredevops_serviceendpoint_azurerm.workspace_endpoint: Still creating... [10s elapsed] module.service_connections["fruits_dev"].azuredevops_serviceendpoint_azurerm.workspace_endpoint: Still creating... [10s elapsed] module.service_connections["fruits_prod"].azuredevops_serviceendpoint_azurerm.workspace_endpoint: Creation complete after 11s [id=b82b3ed1-7695-43c3-8545-9da7b4f07b2c] module.service_connections["fruits_dev"].azuredevops_serviceendpoint_azurerm.workspace_endpoint: Creation complete after 11s [id=0eaa1f41-21a6-437d-98f4-3fb027211c73] module.service_connections["veggies_prod"].azuredevops_serviceendpoint_azurerm.workspace_endpoint: Creation complete after 12s [id=f20b8d47-6116-41dd-891a-aa395719f22f] module.service_connections["veggies_dev"].azuredevops_serviceendpoint_azurerm.workspace_endpoint: Creation complete after 12s [id=9cb1aae4-210b-44dc-94c5-69738dec330f] module.service_connections["infra_shared"].azuredevops_serviceendpoint_azurerm.workspace_endpoint: Creation complete after 12s [id=936a31c8-a2e7-4e52-9a77-3886e10e35a2] ╷ │ Error: REST call returned status code 400 │ │ with module.ado_collaboration_permissions_fruits.azuredevops_group.team_group, │ on modules/azure-devops-permissions/main.tf line 16, in resource "azuredevops_group" "team_group": │ 16: resource "azuredevops_group" "team_group" { │ ╵ ╷ │ Error: REST call returned status code 400 │ │ with module.ado_team_permissions["fruits"].azuredevops_group.team_group, │ on modules/azure-devops-permissions/main.tf line 16, in resource "azuredevops_group" "team_group": │ 16: resource "azuredevops_group" "team_group" { │ ╵ ╷ │ Error: REST call returned status code 503 │ │ with module.ado_supermarket_permissions_veggies.azuredevops_group.team_group, │ on modules/azure-devops-permissions/main.tf line 16, in resource "azuredevops_group" "team_group": │ 16: resource "azuredevops_group" "team_group" { │ ╵ ╷ │ Error: REST call returned status code 400 │ │ with module.ado_supermarket_permissions_fruits.azuredevops_group.team_group, │ on modules/azure-devops-permissions/main.tf line 16, in resource "azuredevops_group" "team_group": │ 16: resource "azuredevops_group" "team_group" { │ ╵ ╷ │ Error: REST call returned status code 400 │ │ with module.ado_team_permissions["infra"].azuredevops_group.team_group, │ on modules/azure-devops-permissions/main.tf line 16, in resource "azuredevops_group" "team_group": │ 16: resource "azuredevops_group" "team_group" { │ ╵ ╷ │ Error: REST call returned status code 503 │ │ with module.ado_collaboration_permissions_veggies.azuredevops_group.admins_group, │ on modules/azure-devops-permissions/main.tf line 39, in resource "azuredevops_group" "admins_group": │ 39: resource "azuredevops_group" "admins_group" { │ ╵

Expected/desired behavior

Deploy the terraform resources (ADO projects, Resource groups, service principals, groups, users, etc.)

Versions

Windows 11, Terraform 1.22

Mention any other details that might be useful

Thanks! We'll be in touch soon.

ormikopo1988 commented 2 years ago

Also with another try and clean state (redownloaded the repo and did all the steps again). Now I am getting this:

e918c70a6/resourceGroups/infra-shared-7np2-rg/providers/Microsoft.Authorization/roleAssignments/a2379fa5-3575-86c0-7e39-6102210aa368] module.arm_environments["veggies_prod"].azurerm_role_assignment.rg_sp: Creating... module.arm_environments["fruits_dev"].azurerm_role_assignment.rg_sp: Creation complete after 25s [id=/subscriptions/d7130c91-ee33-4fe2-8094-9eee918c70a6/resourceGroups/fruits-dev-7np2-rg/providers/Microsoft.Authorization/roleAssignments/80b03c02-8495-e706-5799-c3430bb84898] module.arm_environments["infra_shared"].azurerm_storage_account.storage: Creation complete after 27s [id=/subscriptions/d7130c91-ee33-4fe2-8094-9eee918c70a6/resourceGroups/infra-shared-7np2-rg/providers/Microsoft.Storage/storageAccounts/infrashared7np2] module.arm_environments["veggies_prod"].azurerm_role_assignment.rg_team_admins: Creating... module.arm_environments["veggies_prod"].azurerm_storage_account.storage: Creating... module.arm_environments["fruits_dev"].azurerm_role_assignment.rg_team_devs: Still creating... [10s elapsed] module.arm_environments["fruits_dev"].azurerm_role_assignment.rg_team_admins: Still creating... [10s elapsed] module.arm_environments["veggies_dev"].azurerm_role_assignment.rg_sp: Still creating... [10s elapsed] module.arm_environments["veggies_dev"].azurerm_storage_account.storage: Still creating... [10s elapsed] module.arm_environments["veggies_dev"].azurerm_role_assignment.rg_team_devs: Still creating... [10s elapsed] module.arm_environments["veggies_dev"].azurerm_role_assignment.rg_team_admins: Still creating... [10s elapsed] module.arm_environments["veggies_prod"].azurerm_role_assignment.rg_team_devs: Still creating... [10s elapsed] module.arm_environments["veggies_prod"].azurerm_role_assignment.rg_sp: Still creating... [10s elapsed] module.arm_environments["veggies_prod"].azurerm_role_assignment.rg_team_admins: Still creating... [10s elapsed] module.arm_environments["veggies_prod"].azurerm_storage_account.storage: Still creating... [10s elapsed] module.arm_environments["fruits_dev"].azurerm_role_assignment.rg_team_devs: Still creating... [20s elapsed] module.arm_environments["fruits_dev"].azurerm_role_assignment.rg_team_admins: Still creating... [20s elapsed] module.arm_environments["veggies_dev"].azurerm_role_assignment.rg_sp: Still creating... [20s elapsed] module.arm_environments["veggies_dev"].azurerm_storage_account.storage: Still creating... [20s elapsed] module.arm_environments["veggies_dev"].azurerm_role_assignment.rg_team_devs: Still creating... [20s elapsed] module.arm_environments["veggies_prod"].azurerm_role_assignment.rg_team_devs: Still creating... [20s elapsed] module.arm_environments["veggies_dev"].azurerm_role_assignment.rg_team_admins: Still creating... [20s elapsed] module.arm_environments["veggies_prod"].azurerm_role_assignment.rg_sp: Still creating... [20s elapsed] module.arm_environments["veggies_prod"].azurerm_role_assignment.rg_team_admins: Still creating... [20s elapsed] module.arm_environments["veggies_prod"].azurerm_storage_account.storage: Still creating... [20s elapsed] module.arm_environments["veggies_dev"].azurerm_storage_account.storage: Creation complete after 23s [id=/subscriptions/d7130c91-ee33-4fe2-8094-9eee918c70a6/resourceGroups/veggies-dev-7np2-rg/providers/Microsoft.Storage/storageAccounts/veggiesdev7np2] module.arm_environments["veggies_prod"].azurerm_storage_account.storage: Creation complete after 24s [id=/subscriptions/d7130c91-ee33-4fe2-8094-9eee918c70a6/resourceGroups/veggies-prod-7np2-rg/providers/Microsoft.Storage/storageAccounts/veggiesprod7np2] module.arm_environments["veggies_prod"].azurerm_role_assignment.rg_team_devs: Creation complete after 26s [id=/subscriptions/d7130c91-ee33-4fe2-8094-9eee918c70a6/resourceGroups/veggies-prod-7np2-rg/providers/Microsoft.Authorization/roleAssignments/b5b46e8d-ac4a-1d0c-cede-15a089d8c41a] module.arm_environments["veggies_prod"].azurerm_role_assignment.rg_team_admins: Creation complete after 26s [id=/subscriptions/d7130c91-ee33-4fe2-8094-9eee918c70a6/resourceGroups/veggies-prod-7np2-rg/providers/Microsoft.Authorization/roleAssignments/67e73fd7-5a91-2023-1123-f79688be2cd3] module.arm_environments["veggies_dev"].azurerm_role_assignment.rg_sp: Creation complete after 27s [id=/subscriptions/d7130c91-ee33-4fe2-8094-9eee918c70a6/resourceGroups/veggies-dev-7np2-rg/providers/Microsoft.Authorization/roleAssignments/81f816fa-5422-2919-ccbe-be0f42b4247b] module.arm_environments["fruits_dev"].azurerm_role_assignment.rg_team_admins: Creation complete after 27s [id=/subscriptions/d7130c91-ee33-4fe2-8094-9eee918c70a6/resourceGroups/fruits-dev-7np2-rg/providers/Microsoft.Authorization/roleAssignments/aab38b0d-892a-f0d2-0cb7-580062b266d5] module.arm_environments["veggies_dev"].azurerm_role_assignment.rg_team_devs: Creation complete after 27s [id=/subscriptions/d7130c91-ee33-4fe2-8094-9eee918c70a6/resourceGroups/veggies-dev-7np2-rg/providers/Microsoft.Authorization/roleAssignments/fc06217f-2b80-b6d1-77be-21e6e3a71ada] module.arm_environments["veggies_dev"].azurerm_role_assignment.rg_team_admins: Creation complete after 26s [id=/subscriptions/d7130c91-ee33-4fe2-8094-9eee918c70a6/resourceGroups/veggies-dev-7np2-rg/providers/Microsoft.Authorization/roleAssignments/dacff71a-216a-db65-fefe-9189e882c1e7] module.arm_environments["veggies_prod"].azurerm_role_assignment.rg_sp: Creation complete after 26s [id=/subscriptions/d7130c91-ee33-4fe2-8094-9eee918c70a6/resourceGroups/veggies-prod-7np2-rg/providers/Microsoft.Authorization/roleAssignments/e2a537b2-b435-acda-1d78-8782b09ed40a] module.arm_environments["fruits_dev"].azurerm_role_assignment.rg_team_devs: Creation complete after 28s [id=/subscriptions/d7130c91-ee33-4fe2-8094-9eee918c70a6/resourceGroups/fruits-dev-7np2-rg/providers/Microsoft.Authorization/roleAssignments/d22f446f-fd07-a4e2-0803-9696912af271] module.service_connections["fruits_dev"].data.azurerm_client_config.current: Reading... module.service_connections["infra_shared"].data.azurerm_client_config.current: Reading... module.service_connections["veggies_prod"].data.azurerm_client_config.current: Reading... module.service_connections["infra_shared"].data.azurerm_subscription.current: Reading... module.service_connections["veggies_dev"].data.azurerm_subscription.current: Reading... module.service_connections["fruits_dev"].data.azurerm_subscription.current: Reading... module.service_connections["fruits_prod"].data.azurerm_client_config.current: Reading... module.service_connections["veggies_prod"].data.azurerm_subscription.current: Reading... module.service_connections["veggies_dev"].data.azurerm_client_config.current: Reading... module.service_connections["veggies_prod"].data.azurerm_client_config.current: Read complete after 0s [id=2022-06-10 10:50:21.852205 +0000 UTC] module.service_connections["fruits_prod"].data.azurerm_subscription.current: Reading... module.service_connections["infra_shared"].data.azurerm_client_config.current: Read complete after 0s [id=2022-06-10 10:50:21.8519895 +0000 UTC] module.service_connections["fruits_prod"].data.azurerm_client_config.current: Read complete after 0s [id=2022-06-10 10:50:21.8533039 +0000 UTC] module.service_connections["veggies_dev"].data.azurerm_client_config.current: Read complete after 0s [id=2022-06-10 10:50:21.8537266 +0000 UTC] module.service_connections["fruits_dev"].data.azurerm_client_config.current: Read complete after 0s [id=2022-06-10 10:50:21.8547714 +0000 UTC] module.service_connections["fruits_prod"].data.azuredevops_project.team: Reading... module.service_connections["veggies_prod"].data.azuredevops_project.team: Reading... module.service_connections["fruits_dev"].data.azuredevops_project.team: Reading... module.service_connections["veggies_dev"].data.azuredevops_project.team: Reading... module.service_connections["infra_shared"].data.azuredevops_project.team: Reading... module.service_connections["fruits_prod"].data.azuredevops_project.team: Read complete after 0s [id=6c763938-3f56-41d6-8782-092d415c32aa] module.service_connections["fruits_dev"].data.azuredevops_project.team: Read complete after 0s [id=6c763938-3f56-41d6-8782-092d415c32aa] module.service_connections["veggies_prod"].data.azuredevops_project.team: Read complete after 0s [id=5bbc7e20-8fb0-4e61-b1bc-e92e6a247212] module.service_connections["infra_shared"].data.azuredevops_project.team: Read complete after 0s [id=7d958df2-f8a9-46f3-a843-85bfdc3b8199] module.service_connections["veggies_dev"].data.azuredevops_project.team: Read complete after 0s [id=5bbc7e20-8fb0-4e61-b1bc-e92e6a247212] module.service_connections["veggies_prod"].data.azurerm_subscription.current: Read complete after 1s [id=/subscriptions/d7130c91-ee33-4fe2-8094-9eee918c70a6] module.service_connections["fruits_dev"].data.azurerm_subscription.current: Read complete after 1s [id=/subscriptions/d7130c91-ee33-4fe2-8094-9eee918c70a6] module.service_connections["fruits_prod"].data.azurerm_subscription.current: Read complete after 1s [id=/subscriptions/d7130c91-ee33-4fe2-8094-9eee918c70a6] module.service_connections["infra_shared"].data.azurerm_subscription.current: Read complete after 1s [id=/subscriptions/d7130c91-ee33-4fe2-8094-9eee918c70a6] module.service_connections["veggies_dev"].data.azurerm_subscription.current: Read complete after 1s [id=/subscriptions/d7130c91-ee33-4fe2-8094-9eee918c70a6] module.service_connections["veggies_prod"].azuredevops_serviceendpoint_azurerm.workspace_endpoint: Creating... module.service_connections["fruits_prod"].azuredevops_serviceendpoint_azurerm.workspace_endpoint: Creating... module.service_connections["infra_shared"].azuredevops_serviceendpoint_azurerm.workspace_endpoint: Creating... module.service_connections["fruits_dev"].azuredevops_serviceendpoint_azurerm.workspace_endpoint: Creating... module.service_connections["veggies_dev"].azuredevops_serviceendpoint_azurerm.workspace_endpoint: Creating... module.service_connections["veggies_prod"].azuredevops_serviceendpoint_azurerm.workspace_endpoint: Still creating... [10s elapsed] module.service_connections["infra_shared"].azuredevops_serviceendpoint_azurerm.workspace_endpoint: Still creating... [10s elapsed] module.service_connections["fruits_prod"].azuredevops_serviceendpoint_azurerm.workspace_endpoint: Still creating... [10s elapsed] module.service_connections["fruits_dev"].azuredevops_serviceendpoint_azurerm.workspace_endpoint: Still creating... [10s elapsed] module.service_connections["veggies_dev"].azuredevops_serviceendpoint_azurerm.workspace_endpoint: Still creating... [10s elapsed] module.service_connections["fruits_dev"].azuredevops_serviceendpoint_azurerm.workspace_endpoint: Creation complete after 11s [id=01fbaada-23b3-44a1-8692-59680af096d1] module.service_connections["veggies_dev"].azuredevops_serviceendpoint_azurerm.workspace_endpoint: Creation complete after 12s [id=b0227f92-335d-4681-b981-efecc35dd934] module.service_connections["infra_shared"].azuredevops_serviceendpoint_azurerm.workspace_endpoint: Creation complete after 12s [id=87b6a3e0-c19c-4a24-aa58-99cacdb24c8c] module.service_connections["veggies_prod"].azuredevops_serviceendpoint_azurerm.workspace_endpoint: Creation complete after 12s [id=1755d268-0c1a-4a72-802c-cfc028044637] module.service_connections["fruits_prod"].azuredevops_serviceendpoint_azurerm.workspace_endpoint: Creation complete after 12s [id=a9b370a3-dc9a-4184-94fb-aa40b5ae966c] ╷ │ Error: REST call returned status code 503 │ │ with module.ado_collaboration_permissions_veggies.azuredevops_group.admins_group, │ on modules/azure-devops-permissions/main.tf line 39, in resource "azuredevops_group" "admins_group": │ 39: resource "azuredevops_group" "admins_group" { │ ╵