Action Fails after Login via Az module

[ptsouk]

I am using azure/login@v1 with enable-AzPSSession: true to login to azure but the next step azure/powershell@v1 fails with error:

     | Your Azure credentials have not been set up or have expired, please run
     | Connect-AzAccount to set up your Azure credentials. No certificate
     | thumbprint or secret provided for the given service principal
     | '***'.

My yml is: here

name: AzurePowerShellLoginSample
on:
  workflow_dispatch:

jobs:

  build:
    runs-on: ubuntu-latest
    steps:

    - name: Login via Az module
      uses: azure/login@v1
      with:
        creds: ${{secrets.POLICY_COMPLIANCE_SCAN}}
        allow-no-subscriptions: true
        enable-AzPSSession: true

    - name: Az PowerShell
      uses: azure/powershell@v1
      with:
        azPSVersion: "latest"
        inlineScript: |
          Get-AzContext
          if(-not (Get-Module Az.ResourceGraph -ListAvailable))
          {
            Install-Module Az.ResourceGraph -Scope CurrentUser -Force
          }
          $query = "resourcecontainers | where type == 'microsoft.resources/subscriptions' | project name, id | sort by name asc"
          $subscriptions = Search-AzGraph -Query $query -UseTenantScope
          $subscriptions

I found a workaround - add a ps cmdlet at the start of the inline script.

So, the following fails:

    - name: Az PowerShell
      uses: azure/powershell@v1
      with:
        azPSVersion: "latest"
        inlineScript: |
          if(-not (Get-Module Az.ResourceGraph -ListAvailable))
          {
            Install-Module Az.ResourceGraph -Scope CurrentUser -Force
          }
          $query = "resourcecontainers | where type == 'microsoft.resources/subscriptions' | project name, id | sort by name asc"
          $subscriptions = Search-AzGraph -Query $query -UseTenantScope
          $subscriptions

but his one succeeds:

    - name: Az PowerShell
      uses: azure/powershell@v1
      with:
        azPSVersion: "latest"
        inlineScript: |
          Get-AzContext
          if(-not (Get-Module Az.ResourceGraph -ListAvailable))
          {
            Install-Module Az.ResourceGraph -Scope CurrentUser -Force
          }
          $query = "resourcecontainers | where type == 'microsoft.resources/subscriptions' | project name, id | sort by name asc"
          $subscriptions = Search-AzGraph -Query $query -UseTenantScope
          $subscriptions

I'm looking forward for your help. Thanks!

[BALAGA-GAYATRI]

Can you confirm if you are still facing the issue? Just want to check if it is an intermittent issue. Thanks!

[ptsouk]

As far as I can tell, the issue persists. Are you able to replicate? Thanks!

[github-actions[bot]]

This issue is idle because it has been open for 14 days with no activity.

[vandanakr7]

@BALAGA-GAYATRI: Am also facing the same issue. In my workflow, I have azure/login@v1 followed by azure/powershell@v1 calling a powershell script that stops all triggers in ADF in Azure. @ptsouk : Was it resolved for you. If yes, what was the fix applied.

[ptsouk]

@vandanakr7: The issue persists. I've created a repo demonstrating the issue and my workaround. Can anyone check?

[github-actions[bot]]

This issue is idle because it has been open for 14 days with no activity.

[Nikhil13x]

I am also facing the same issue. Anyone able to resolve?

[vandanakr7]

I have got the issue resolved when I changed the PSversion of az powershell task to the latest version (>9). The v7.3.0 was set previously as azPSVersion which was causing the issue in my workflow.

[Nikhil13x]

@vandanakr7 I tried with 9.3.0 version.. still same issue. in the inlineScript section are you directly keeping the PS commands?

In my case, I am invoking another ps1 file by passing some arguments. This was working fine couple of months back.

[vandanakr7]

@vandanakr7 I tried with 9.3.0 version.. still same issue. in the inlineScript section are you directly keeping the PS commands?

In my case, I am invoking another ps1 file by passing some arguments. This was working fine couple of months back.

I am calling a ps script in azure/powershell action after azure/login@v1 action and using azPSVersion: latest I also had added Get-AzContext just before calling the script as suggested by @ptsouk .

- name: Login via Az module
  uses: azure/login@v1
  with:
     creds: ${{secrets.AZURE_CREDENTIALS}}
     enable-AzPSSession: true

- name: Az PowerShell
  uses: azure/powershell@v1
  with:
     inlineScript: |
        Get-AzContext
        ./script.ps1 <args>

[Nikhil13x]

@vandanakr7 It was still failing for me. Finally figured out I had below line in the beginning of my ps1 script file.

Disable-AzContextAutosave

After moving that to end of the script file, its working fine.

Thank you for the help.

[YanaXu]

Hi @ptsouk , I've created a new issue Search-AzGraph "Your Azure credentials have not been set up or have expired" in GitHub Actions in Azure/azure-powershell. Let's track it there.

[github-actions[bot]]

This issue is idle because it has been open for 14 days with no activity.

[YanaXu]

The root cause of this issue is https://github.com/PowerShell/PowerShellGetv2/issues/704. When "Install-Module Az.ResourceGraph -Scope CurrentUser -Force" is run, an old version of Az.Accounts is installed, which is not expected. The workaround is to run "Import-Module Az.Accounts" before "Install-Module Az.ResourceGraph -Scope CurrentUser -Force".

    - name: Test ResourceGraph
      uses: azure/powershell@v1
      continue-on-error: true
      with:
        azPSVersion: "latest"
        inlineScript: |
          Import-Module Az.Accounts
          if(-not (Get-Module Az.ResourceGraph -ListAvailable))
          {
            Install-Module Az.ResourceGraph -Scope CurrentUser -Force
          }
          $query = "resourcecontainers | where type == 'microsoft.resources/subscriptions' | project name, id | sort by name asc"
          $subscriptions = Search-AzGraph -Query $query -UseTenantScope
          $subscriptions

[github-actions[bot]]

This issue is idle because it has been open for 14 days with no activity.