Flanker32
commented
2 years ago @nvanhoeck Thanks for your report, it seems that maven toolkit did not use the azure cli credential (which should be used by default) but fall back to OAuth in Jenkins. Could you please try set auth method to azure_cli and see whether it could work?
<configuration>
<auth>
<type>azure_cli</type>
</auth>
</configuration>Besides, you may use service principal for authentication directly in maven plugin, you may get the detail guidance here
nvanhoeck
Plugin name and version
azure-webapp-maven-plugin 2.2.1
Plugin configuration in your
pom.xmlSteps to reproduce the problem
We upgraded from the maven azure plugin version 1.12.0 to 2.2.1, since we started having issues with deployments being successful in Jenkins but not actually uploaded to webapp itself.
We use a service principal to use as authentication. Locally running with this setup works. A browser opens, I get a new token and the webapp gets deployed. However on Jenkins I'm getting this issue below (see logs). Any idea how to make this work or bypass this? I believe our company has a multi-factor authentication forced. With version 1.12.0 we had no issues with this, but on 2.2.1 we do.
Our jenkins is hosted on a remote Windows server.
An alternative would be "stay on 1.12.0", but then I can open a new "issue" ticket since the webapps do not get deployed, even after being successful on the newly created webapps.
Logs
Masking supported pattern matches of %AZURE_SUBSCRIPTION_ID% or %AZURE_TENANT_ID% or %AZURE_CLIENT_SECRET% or %AZURE_CLIENT_ID% [Pipeline] { [Pipeline] bat
D:\Software\x64\Jenkins\workspace\QAP_Gateway_develop>az login --service-principal -u -p -t [ { "cloudName": "AzureCloud", "homeTenantId": "", "id": "", "isDefault": true, "managedByTenants": [ { "tenantId": "################################" } ], "name": "Atlas Copco - DevTest01", "state": "Enabled", "tenantId": "", "user": { "name": "****", "type": "servicePrincipal" } } ] [Pipeline] bat
D:\Software\x64\Jenkins\workspace\QAP_Gateway_develop>mvn azure-webapp:deploy -P DEVELOPMENT [INFO] Scanning for projects... [INFO] [INFO] ------------------< com.atlascopco.microservices:qap >------------------ [INFO] Building qap 0.0.1-SNAPSHOT [INFO] --------------------------------[ jar ]--------------------------------- [INFO] [INFO] --- azure-webapp-maven-plugin:2.2.1:deploy (default-cli) @ qap --- [INFO] Use maven proxy: 10.25.1.249:8080 [INFO] Auth type: OAUTH2 [WARNING] Configuration HTTPS_PROXY is an invalid URL and is being ignored. [WARNING] Configuration HTTPPROXY is an invalid URL and is being ignored. [ERROR] [Correlation ID: 3001a106-7dc6-4088-a7e8-96e7f0ceaa22] Execution of class com.microsoft.aad.msal4j.AcquireTokenByInteractiveFlowSupplier failed. com.microsoft.aad.msal4j.MsalClientException: java.io.IOException: Failed to open https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize?s....._&response_mode=form_post. Error message: No application is associated with the specified file for this operation.
Caused by: java.io.IOException: Failed to open https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize?s_....._&response_mode=form_post. Error message: No application is associated with the specified file for this operation.
[INFO] ------------------------------------------------------------------------ [INFO] BUILD FAILURE [INFO] ------------------------------------------------------------------------ [INFO] Total time: 12.859 s [INFO] Finished at: 2021-11-03T10:54:58+01:00 [INFO] ------------------------------------------------------------------------ [ERROR] Failed to execute goal com.microsoft.azure:azure-webapp-maven-plugin:2.2.1:deploy (default-cli) on project qap: deploy to Azure Web App with resource creation or updating: Failed to acquire token with Interactive Browser Authentication. java.io.IOException: Failed to open https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize?_...._6&response_mode=form_post. Error message: No application is associated with the specified file for this operation. -> [Help 1] [ERROR] [ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch. [ERROR] Re-run Maven using the -X switch to enable full debug logging. [ERROR] [ERROR] For more information about the errors and possible solutions, please read the following articles: [ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException [Pipeline] } [Pipeline] // withCredentials [Pipeline] } [Pipeline] // withEnv [Pipeline] } [Pipeline] // stage [Pipeline] stage [Pipeline] { (UAT/PRODUCTION promotion) Stage "UAT/PRODUCTION promotion" skipped due to earlier failure(s) [Pipeline] } [Pipeline] // stage [Pipeline] stage [Pipeline] { (Declarative: Post Actions) [Pipeline] archiveArtifacts Archiving artifacts Recording fingerprints [Pipeline] step [InfluxDB Plugin] Collecting data... [InfluxDB Plugin] SonarQube data found. Writing to InfluxDB... [InfluxDB Plugin] INFO: No SonarQube host URL found in environment variable SONAR_HOST_URL. Using build log instead. [InfluxDB Plugin] WARNING: No SonarQube auth token found in environment variable SONAR_AUTH_TOKEN. Depending on access rights, this might result in a HTTP/401. [InfluxDB Plugin] Completed. [Pipeline] emailext [Pipeline] cleanWs [WS-CLEANUP] Deleting project workspace... [WS-CLEANUP] Deferred wipeout is used... [WS-CLEANUP] done [Pipeline] } [Pipeline] // stage [Pipeline] } [Pipeline] // withEnv [Pipeline] } [Pipeline] // withEnv [Pipeline] } [Pipeline] // withEnv [Pipeline] } [Pipeline] // node [Pipeline] End of Pipeline [Bitbucket] Notifying commit build result [Bitbucket] Build result notified ERROR: script returned exit code 1 Finished: FAILURE