Open citrixguyblog opened 8 months ago
I found a workaround to be able to run the packer build. There is an issue with the environment variable which is specifying the subscription id. If the subscription is hardcoded in the template everything is working.
Is there any other way to pass the env var? I don't have issues with other variables. Thats weird.
$SubscriptionID = "f3b2289d-601b-4b8b-8e22-8c930f7a829f"
[System.Environment]::SetEnvironmentVariable('AZURE_SUBSCRIPTION_ID',"$SubscriptionID ",[System.EnvironmentVariableTarget]::User)
Packer Template
variable "AZURE_SUBSCRIPTION_ID" {
type = string
default = "${env("AZURE_SUBSCRIPTION_ID")}"
}
subscription_id = "${var.AZURE_SUBSCRIPTION_ID}"
@citrixguyblog did you find any solution. I came across the same issue and couldn't find any solution.
@srinadhbh Is it working when you specify the subscription id without a variable? I didn't have the time to investigate this further.
Community Note
When filing a bug, please include the following headings if possible. Any example text in this template can be deleted.
Overview of the Issue
I am trying to execute a Packer build for Azure with a configured Service Principal. For an unknown reason it is always trying to use a Managed Identity. I don't see any issue with my packer template, I am providing the necessary details for "client_id" and "client_secret". The variables are specified and values are correct. Has anyone seen this kind of behaviour before?
Reproduction Steps
This is happening with every build. I tried several packer versions & azure plugins but it doesn't make a difference.
Packer version
Packer v1.10.0
packer-plugin-azure_v2.0.2_x5.0_windows_amd64 packer-plugin-azure_v2.0.1_x5.0_windows_amd64 packer-plugin-azure_v1.4.5_x5.0_windows_amd64
Simplified Packer Template
source "azure-arm" "test" {
Azure Info
subscription_id = "${var.subscription_id}" client_id = "${var.AZURE_CLIENT_ID}" client_secret = "${var.AZURE_CLIENT_SECRET}" cloud_environment_name = "Public" # China, Germany, or USGovernment
Packer Azure
build_resource_group_name = "rg-test # Resource Group needs to exist before!! managed_image_name = "${var.managed_image_name}-${formatdate("YYYY-MM-DD-hhmm",timestamp())}" managed_image_resource_group_name = "rg-test" managed_image_storage_account_type = "Premium_LRS" # Standard_LRS
Operating system and Environment details
Windows 11, Local
Log Fragments and crash.log files
==> Some builds didn't complete successfully and had errors: 2024/01/10 09:40:04 machine readable: azure-arm.avd,error []string{"error fetching subscriptionID from VM metadata service for Managed Identity authentication: Get \"http://169.254.169.254/metadata/instance/compute?api-version=2017-08-01&format=json\": dial tcp 169.254.169.254:80: connectex: A socket operation was attempted to an unreachable network."} 2024/01/10 09:40:04 ui error: --> azure-arm.avd: error fetching subscriptionID from VM metadata service for Managed Identity authentication: Get "http://169.254.169.254/metadata/instance/compute?api-version=2017-08-01&format=json": dial tcp 169.254.169.254:80: connectex: A socket operation was attempted to an unreachable network.