maikvandergaag / msft-extensions

Repository for extensions mainly used for Azure DevOps Extensions
https://msftplayground.com
MIT License
125 stars 80 forks source link

Issues for Azure Resource Group with Tags and Lock after converting DevOps Service Connection to workload identity federation #565

Open originalRoze opened 2 days ago

originalRoze commented 2 days ago

Describe the issue After we converted Service Connections from Azure DevOps to Azure subscription from Service Principals to workload identity federation, actions using "Azure Resource Group with Tags and Lock" are failing to execute with following error ->

Extension

To Reproduce Steps to reproduce the behavior:

  1. Create or convert Azure Service Connection to use workload identity federation.
  2. Attempt to create a RG via either classic or yaml pipeline using several Tags.

Expected behavior A resource group with tags created, as it works for in pipelines that is still using Service Principal based configuration.

Situation (please complete the following information):

Log info tasklog_6.log

Additional information

maikvandergaag commented 2 days ago

Could you include a screenshot of the error? Besides that the extensions are not yet tested with the workload identity federation.

originalRoze commented 2 days ago

@maikvandergaag There you go and thank you for quick reply.

image

As for them not being tested for workload identity federation, figured that much. I have used this action in quite a few projects/pipelines, so it would be much appreciated if this could be tested and implemented. So I dont need to switch this out for some other action in all pipelines that requires creation of new RGs.