search

dotnet / docker-tools

This is a repo to house some common tools for our various docker repos.
MIT License
122 stars 46 forks source link

Tenant variable not set in public validation pipeline #1254

Closed mthalman closed 5 months ago

mthalman commented 5 months ago

The changes from https://github.com/dotnet/docker-tools/pull/1252 are causing a failure in the docker-tools-eng-validation-pr pipeline during the Copy Images step of the Publish stage:

Unhandled exception: System.ArgumentException: Invalid tenant id provided. You can locate your tenant id by following the instructions listed here: https://learn.microsoft.com/partner-center/find-ids-and-domain-names (Parameter 'tenantId')
   at Azure.Identity.Validations.ValidateTenantId(String tenantId, String argumentName, Boolean allowNull)
   at Azure.Identity.ClientSecretCredential..ctor(String tenantId, String clientId, String clientSecret, TokenCredentialOptions options, CredentialPipeline pipeline, MsalConfidentialClient client)
   at Azure.Identity.ClientSecretCredential..ctor(String tenantId, String clientId, String clientSecret)
   at Microsoft.DotNet.ImageBuilder.CopyImageService.ImportImageAsync(String subscription, String resourceGroup, ServicePrincipalOptions servicePrincipalOptions, String[] destTagNames, String destRegistryName, String srcTagName, String srcRegistryName, ResourceIdentifier srcResourceId, ContainerRegistryImportSourceCredentials sourceCredentials, Boolean isDryRun) in /image-builder/src/CopyImageService.cs:line 48
   at Microsoft.DotNet.ImageBuilder.Commands.CopyAcrImagesCommand.ExecuteAsync() in /image-builder/src/Commands/CopyAcrImagesCommand.cs:line 60
   at System.CommandLine.Invocation.CommandHandler.GetResultCodeAsync(Object value, InvocationContext context)
   at System.CommandLine.Invocation.ModelBindingCommandHandler.InvokeAsync(InvocationContext context)
   at System.CommandLine.Invocation.InvocationPipeline.<>c__DisplayClass4_0.<<BuildInvocationChain>b__0>d.MoveNext()

This happens specifically because this is a public pipeline. The YAML is configured to pass a tenant from a variable:

https://github.com/dotnet/docker-tools/blob/736b6b0f3ea2923a754a51ec7726074e7fe5ebb7/eng/common/templates/jobs/publish.yml#L71

But that variable is not set in the pipeline. It only exists in the internal pipeline via a variable group.

dotnet-issue-labeler[bot] commented 5 months ago

I couldn't figure out the best area label to add to this issue. If you have write-permissions please help me learn by adding exactly one area label.

lbussell commented 5 months ago

[Triage] This was fixed in https://github.com/dotnet/docker-tools/pull/1251/commits/6c89f3faa08770f2b757d7e70818bee0c474b724