Based on user @teeroddesigns issue here. There is a bug when assigning multiple user assigned managed identities to a Windows and Linux VM with the Azure CLI task.
Steps to recreate:
Create a service connection to Azure Resource Manager using managed identity
Provide details etc and setup succssfully
Add this managed identity to your VM running the Azure DevOps agent, along with an addtional, unrelated managed identity.
Run the AzureCli task,, you will see the errors:
ERROR: Failed to connect to MSI. Please make sure MSI is configured correctly.
##[error]Error Code: [1]
Get Token request returned http error: 400, reason: Bad Request
##[error]Error: Azure login failed using Managed Service Identity
##[error]Script failed with error: ERROR: Failed to connect to MSI. Please make sure MSI is configured correctly.
Get Token request returned http error: 400, reason: Bad Request
##[error]Script failed with error: ERROR: Failed to connect to MSI. Please make sure MSI is configured correctly.
Get Token request returned http error: 400, reason: Bad Request
To validate this, I went ahead and removed the unrelated managed identity from my VM, meaning only managed identity to the corresponding service connection, and it works:
Environment type (Please select at least one enviroment where you face this issue)
[X] Self-Hosted
[ ] Microsoft Hosted
[ ] VMSS Pool
[ ] Container
Azure DevOps Server type
dev.azure.com (formerly visualstudio.com)
Azure DevOps Server Version (if applicable)
No response
Operation system
Ubuntu22.04
Relevant log output
ERROR: Failed to connect to MSI. Please make sure MSI is configured correctly.
##[error]Error Code: [1]
Get Token request returned http error: 400, reason: Bad Request
##[error]Error: Azure login failed using Managed Service Identity
##[error]Script failed with error: ERROR: Failed to connect to MSI. Please make sure MSI is configured correctly.
Get Token request returned http error: 400, reason: Bad Request
##[error]Script failed with error: ERROR: Failed to connect to MSI. Please make sure MSI is configured correctly.
Get Token request returned http error: 400, reason: Bad Request
Full task logs with system.debug enabled
No response
Repro steps
Create a service connection to Azure Resource Manager using managed identity
Provide details etc and setup succssfully
Add this managed identity to your VM running the Azure DevOps agent, along with an addtional, unrelated managed identity.
New issue checklist
Task name
AzureCLI
Task version
2
Issue Description
Based on user @teeroddesigns issue here. There is a bug when assigning multiple user assigned managed identities to a Windows and Linux VM with the Azure CLI task.
Steps to recreate:
To validate this, I went ahead and removed the unrelated managed identity from my VM, meaning only managed identity to the corresponding service connection, and it works:
Environment type (Please select at least one enviroment where you face this issue)
Azure DevOps Server type
dev.azure.com (formerly visualstudio.com)
Azure DevOps Server Version (if applicable)
No response
Operation system
Ubuntu22.04
Relevant log output
Full task logs with system.debug enabled
No response
Repro steps
No response