search

jenkinsci / azure-vm-agents-plugin

This repo is for azure vm agents plugin for jenkins. Azure devops CICD is the team which owns it for now
https://plugins.jenkins.io/azure-vm-agents/
46 stars 102 forks source link

Issue spinning up a VM due to a" private only resource group" policy #280

Closed mattigot closed 3 years ago

mattigot commented 3 years ago

Version report

Jenkins and plugins versions report:

Jenkins: 2.293
OS: Linux - 4.14.13-perform
---
workflow-step-api:2.23
azure-sdk:12.vc102aedd3c66
pipeline-milestone-step:1.3.2
okhttp-api:3.14.9
pipeline-stage-tags-metadata:1.8.4
antisamy-markup-formatter:2.1
ldap:2.7
pipeline-model-extensions:1.8.4
pipeline-rest-api:2.19
github-api:1.123
ws-cleanup:0.39
sshd:3.0.3
extended-read-permission:3.2
lockable-resources:2.10
jdk-tool:1.5
credentials-binding:1.24
mailer:1.34
ssh-slaves:1.31.7
bouncycastle-api:2.20
echarts-api:5.1.0-2
popper-api:1.16.1-2
pipeline-input-step:2.12
handlebars:3.0.8
matrix-project:1.18
workflow-multibranch:2.24
resource-disposer:0.15
trilead-api:1.0.13
pipeline-model-api:1.8.4
snakeyaml-api:1.27.0
github-branch-source:2.10.4
pam-auth:1.6
durable-task:1.36
command-launcher:1.6
caffeine-api:2.9.1-23.v51c4e2c879c8
cloud-stats:0.27
azure-vm-agents:779.v5ea1414ec40f
plugin-util-api:2.2.0
azure-credentials:182.v3ccd4a755864
pipeline-model-definition:1.8.4
jquery3-api:3.6.0-1
timestamper:1.13
pipeline-build-step:2.13
pipeline-graph-analysis:1.10
azure-cli:0.9
workflow-api:2.42
workflow-support:3.8
github:1.33.1
workflow-scm-step:2.12
branch-api:2.6.4
workflow-basic-steps:2.23
build-timeout:1.20
git-server:1.9
font-awesome-api:5.15.3-2
workflow-aggregator:2.6
credentials:2.4.1
cloudbees-folder:6.15
jjwt-api:0.11.2-9.c8b45b8bb173
structs:1.23
workflow-durable-task-step:2.39
checks-api:1.7.0
display-![cfg3](https://user-images.githubusercontent.com/19428559/119084536-a5db8b00-ba0a-11eb-9afd-ac2955a7d15a.png)-api:2.3.4
momentjs:1.1.1
ant:1.11
pipeline-stage-step:2.5
workflow-job:2.40
gradle:1.36
ace-editor:1.1
apache-httpcomponents-client-4-api:4.5.13-1.0
email-ext:2.82
workflow-cps-global-lib:2.19
git:4.7.1
scm-api:2.6.4
token-macro:2.15
junit:1.49
git-client:3.7.1
jsch:0.1.55.2
pipeline-github-lib:1.0
jackson2-api:2.12.3
pipeline-stage-view:2.19
plain-credentials:1.7
script-security:1.77
bootstrap4-api:4.6.0-3
ssh-credentials:1.18.2
matrix-auth:2.6.7
workflow-cps:2.92

Using docker jenkins agent 
https://hub.docker.com/r/jenkins/jenkins

Reproduction steps

Results

Expected result:

VM should start

Actual result:

Getting "InvalidTemplateDeployment" error (see that attached screen shot) VM fails to to start due to a policy issue. We are using a hybrid network Azure account,. the company policy does not allow public resource groups or storage account

we are running with a private endpoint with a private ip address.

The VM provisioning tries to create a public resource group called /resourceGroups/databricks-rg-

When creating a temporary exception in my company policy, and allowing to have public resource groups, this works. the VM is created properly, but i do not see that databricks-rg- was created. obviously i can't have this exception all of the time, and i must fix this

Searching the plugin source code does not find any string called "databricks"

why is this happening ? how can i fix this

attached: error.png - the error i am getting cfg1-5..png - template configuration

cfg6 cfg5 cfg4 cfg3 cfg2 cfg1 error

timja commented 3 years ago

Duplicate of https://github.com/jenkinsci/azure-vm-agents-plugin/issues/259