search

radius-project / radius

Radius is a cloud-native, portable application platform that makes app development easier for teams building cloud-native apps.
https://radapp.io
Apache License 2.0
1.45k stars 92 forks source link

Better error message needed for the environment cloud provider configuration #6861

Open ytimocin opened 9 months ago

ytimocin commented 9 months ago

Bug information

Getting this error while deploying:

{
"code": "AuthorizationFailed",
"message": "The client 'f96424a0-61a3-4fdf-814e-b15aff634321' with object id 'f96424a0-61a3-4fdf-814e-b15aff634321' does not have authorization to perform action 'Microsoft.ServiceBus/namespaces/write' over scope '/providers/Microsoft.ServiceBus/namespaces/testservicebusnamespace' or the scope is invalid. If access was recently granted, please refresh your credentials.",
"target": "/providers/Microsoft.ServiceBus/namespaces/testservicebusnamespace"
}

This is basically an environment that are missing cloud provider configuration. This needs to be told to the Radius user/operator with a more clear message.

Steps to reproduce (required)

  1. Create an environment without cloud provider configuration.
  2. Deploy a bicep file that has cloud resources (like Azure Cosmos DB)
  3. See the error message.

Observed behavior (required)

Error message not being clear.

Desired behavior (required)

Error message should state that a cloud provider needs to be configured.

Workaround (optional)

System information

rad Version (required)

RELEASE VERSION BICEP COMMIT 0.27.1 v0.27.1 0.27.1 a0fa10b71c2517934cbea90ddb87486f55652f82

Operating system (required)

macOS, Sonoma 14.1.1, Apple Chip

Additional context

Discussion on Discord: https://discord.com/channels/1113519723347456110/1176534953345957888/1176534953345957888.

AB#10546

radius-triage-bot[bot] commented 9 months ago

:wave: @ytimocin Thanks for filing this bug report.

A project maintainer will review this report and get back to you soon. If you'd like immediate help troubleshooting, please visit our Discord server.

For more information on our triage process please visit our triage overview

radius-triage-bot[bot] commented 9 months ago

:+1: We've reviewed this issue and have agreed to add it to our backlog. Please subscribe to this issue for notifications, we'll provide updates when we pick it up.

We also welcome community contributions! If you would like to pick this item up sooner and submit a pull request, please visit our contribution guidelines and assign this to yourself by commenting "/assign" on this issue.

For more information on our triage process please visit our triage overview

radius-triage-bot[bot] commented 7 months ago

This issue is a great one to pickup for new contributors. It should only require small changes and not assume a deep knowledge of the Radius architecture.

We always welcome community contributions! If you would like to pick this item up sooner and submit a pull request, please visit our contribution guidelines and assign this to yourself by commenting "/assign" on this issue.

For more information on our triage process please visit our triage overview

willtsai commented 2 weeks ago

The root cause of this is missing configuration for the Azure Scope as a part of the environment, thus the error message should indicate as such. Because the scope is missing, we're sending ARM a request something the use didn't intend, hence the authorization error being returned from Azure.