search

dotnet / docker-tools

This is a repo to house some common tools for our various docker repos.
MIT License
124 stars 46 forks source link

Use service connection for MAR ingestion and use .default scope #1287

Closed lbussell closed 6 months ago

lbussell commented 6 months ago

This should fix https://github.com/dotnet/docker-tools/issues/1286 once the new ImageBuilder is built and flows in.

Using the service connection by itself yielded a new error:

 ---> Azure.Identity.AuthenticationFailedException: ClientAssertionCredential authentication failed: AADSTS1002012: The provided value for scope <snip> is not valid. Client credential flows must have a scope value with /.default suffixed to the resource identifier (application ID URI).

So that's why the ImageBuilder change is necessary. I will file a follow-up issue to use a pipeline variable for the status API scope since hardcoding it isn't great.

dotnet-issue-labeler[bot] commented 6 months ago

I couldn't figure out the best area label to add to this PR. If you have write-permissions please help me learn by adding exactly one area label.

lbussell commented 6 months ago

Filed https://github.com/dotnet/docker-tools/issues/1288