Closed OranguTech closed 4 years ago
Hey @OranguTech - would definitely be helpful if you're able to post logs. From your description, it looks like the issue you're seeing is that variables aren't getting propogated through - how are you setting those variables?
Would also be helpful to have your organization name if possible so that I can determine what bits you were getting from the service. If you're not comfortable sharing any of this publicly, feel free to email me at damccorm@microsoft.com
I replied in email earlier with more details and logs. (Seems to be only an issue in the “initialize job” section of the “Agent job” task, it is not outputting all the variables as it did before, but the values are getting evaluated in the pipeline correctly.)
Further testing and better looking at logs, I think it's worthwhile to look at PR #2791 "mask secrets in URLs" .
Example previously
[ENV_ADFS_OAUTHTOKENSERVERURL] --> [https://abc.xyz.xkcd.gov/adfs/oauth2/token]
is now obfuscated to [ENV_ADFS_OAUTHTOKENSERVERURL] --> [https:***@xkcd.gov]
, and then a whole giant chunk of vars aren't enumerated.
Similary:
[ENV_CRM_SOAP_URL] --> [https://test2.dumbcrm-test.org7.xkcd.lcl/XRMServices/2011/Organization.svc] --> [ENV_CRM_SOAP_URL] --> [https:***@org7.xkcd.gov]
then a whole new chunk missing.
It does this 3 times in our set of variables. I don't know if the issue is the regex or what it does once the regex is tripped.
That definitely looks like the issue - I think the regex is overly aggressive here. For example, if you have:
https://abc.def
https://ghi.jkl
https://mno.pqr
https://password@example.com
the following gets masked by our regex ((?<=//[^:/?#]+:)[^@]+(?=@)
)
//ghi.jkl
https://mno.pqr
https://password
I think the regex should be (?<=//[^:/?#\n]+:)[^@]+(?=@)
(note the added \n
which stops looking for a match if we reach the EOL)
I'll add a PR
Thanks for the quick response.
If I wanted to try compiling my own copy, would compiling from Master be likely to work, or should I just make your change on current release branch?
Either should work.
For completeness, linking PR #2844
@OranguTech Thanks! I should've linked them.
Were you able to compile an agent and verify this fixes the issue?
I have not - opening the solution file immediately have errors about nuget package versions that a simple restore or update doesn't fix. I'm pretty new to the VS world, and it's not a blocking issue, so left it alone.
On Tue, Mar 10, 2020 at 7:19 PM Danny McCormick notifications@github.com wrote:
@OranguTech https://github.com/OranguTech Thanks! I should've linked them.
Were you able to compile an agent and verify this fixes the issue?
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/microsoft/azure-pipelines-agent/issues/2842?email_source=notifications&email_token=AAM44DNS4D3SCK5YRER3WYDRG3YJVA5CNFSM4LCWTLYKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEON36AY#issuecomment-597409539, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAM44DPX6DBC4OWSHYTDOLDRG3YJVANCNFSM4LCWTLYA .
(I'm assuming the fix will be in the next release)
@damccorm - Is there a general release schedule? I know this got merged into Master, I assume that will be branched into 2.165.3, but not sure on your dev/branch process. ( I'm just trying to get an ETA on this.)
@OranguTech normally we deploy at least once every 3 weeks. Right now is an exception though, we are currently in a deployment freeze due to Cornavirus, so it may be a little bit before this fix gets out.
Newer agents finally rolled out to our instance, verified that as of 2.166.4, issue appears fixed. Thank you @damccorm !
Have you tried troubleshooting?
Troubleshooting doc Yes, system.debug=true
Agent Version and Platform
Version of your agent? 2.165.0/2.165.1
OS of the machine running the agent? Windows, mostly Server 2016 but tested on Windows 10 1809 as well.
Azure DevOps Type and Version
dev.azure.com
If dev.azure.com, what is your organization name? https://dev.azure.com/{organization} or
'REDACTED' for now.
What's not working?
"A lot" of variables from our libraries aren't getting enumerated/expanded upon initialization, where they were before. I've narrowed down the issue to version of agent (on-prem), between 2.164.8 and 2.165.0.
Examples (potentially sensitive data obfuscated): Working:
Example not working/change in behavior:
Agent and Worker's Diagnostic Logs
Local agent logs available on request, likely will have to sanitize them before posting publicly.
This looks likely related to issue #2839 . Possibly due to .NET core 3.1?