search

dotnet / docker-tools

This is a repo to house some common tools for our various docker repos.
MIT License
122 stars 46 forks source link

Move ArmClient initialization out of dry run #1330

Closed mthalman closed 3 months ago

mthalman commented 3 months ago

The changes from https://github.com/dotnet/docker-tools/pull/1321 cause an attempt to get a token in CopyImageService when executing in dry run mode. This causes the following exception:

Unhandled exception: Azure.Identity.CredentialUnavailableException: DefaultAzureCredential failed to retrieve a token from the included credentials. See the troubleshooting guide for more information. https://aka.ms/azsdk/net/identity/defaultazurecredential/troubleshoot
- EnvironmentCredential authentication unavailable. Environment variables are not fully configured. See the troubleshooting guide for more information. https://aka.ms/azsdk/net/identity/environmentcredential/troubleshoot
- WorkloadIdentityCredential authentication unavailable. The workload options are not fully configured. See the troubleshooting guide for more information. https://aka.ms/azsdk/net/identity/workloadidentitycredential/troubleshoot
- ManagedIdentityCredential authentication unavailable. The requested identity has not been assigned to this resource.
Status: 400 (Bad Request)

That would be the expected behavior since it's not running in an authenticated context for a dry run. Instead, there should be no attempt made to get a token.

To fix this, I just moved the code which initializes ArmClient (and gets the token) to a section of the code that is only run when dry run is disabled.

dotnet-issue-labeler[bot] commented 3 months ago

I couldn't figure out the best area label to add to this PR. If you have write-permissions please help me learn by adding exactly one area label.

dotnet-issue-labeler[bot] commented 3 months ago

I couldn't figure out the best area label to add to this PR. If you have write-permissions please help me learn by adding exactly one area label.