Open waltervos opened 2 years ago
Did you try to leave out the client_secret
attribute in the azure_login
block? If I remember correctly, setting it to an empty value (""
) actually sets it to a value, and prevents it from being picked up from the environment variable.
Hi,
I've been going around in circles for a while now, trying to manage AD users/groups in Azure SQL databases with this provider in an Azure DevOps pipeline. Here are some excerpts from my terraform project:
In my azure-pipelines.yml, I'm executing this task to set the MSSQL_CLIENT_SECRET environment variable:
I'm using this very same $env:servicePrincipalKey to authenticate to the Azure resource manager provider, so I "know" it's valid.
Executing this definition ultimately ends in:
When I set the TF_LOG environment variable to INFO, I can see 90 seconds worth of log messages that say: "provider.terraform-provider-mssql_v0.2.5.exe: ... failed to connect to database: parameter 'secret' cannot be empty: timestamp=..."
I've tried looking around in the source code to see if I can find where this might be going wrong but I just don't understand Go well enough to make real sense of it. As far as I can tell, the client secret is meant to be exchanged for an OAuth token. Does anybody have any thought on what I'm doing wrong, or if this is a bug of some sorts?