test-kitchen / kitchen-azurerm

A driver for Test Kitchen that works with Azure Resource Manager
Apache License 2.0
48 stars 52 forks source link

Interactive login with `az login` is not working #218

Open bender-the-greatest opened 3 years ago

bender-the-greatest commented 3 years ago

Version:

Test Kitchen 3.0.0

Environment:

Windows 10.0.18363

Scenario:

Trying to get Test Kitchen working with the kitchen-azurerm driver interactively from my developer workstation. https://github.com/test-kitchen/kitchen-azurerm/issues/147 indicates this support was added. However, this errors out.

Steps to Reproduce:

Create a valid kitchen file that contains the subscription_id and attempt to create an instance or perform another operation which requires authenticating to Azure.

Expected Result:

I am expecting test kitchen to utilize my token as authenticated from the Azure CLI.

Actual Result:

I get an error about acquiring my token when the resource group attempts to be created:

-----> Starting Test Kitchen (v3.0.0)
-----> Creating <msbase-windows2019>...
$$$$$$ C:/Users/username/.azure/credentials was not found or not accessible.
$$$$$$ (C:/Users/username/.azure/credentials) does not contain tenant_id neither is the AZURE_TENANT_ID environment variable set.
$$$$$$ Using tenant id set through `az login`.
       Creating Resource Group: kitchen-msbase-windows2019-20211022T210424
>>>>>> ------Exception-------
>>>>>> Class: Kitchen::ActionFailed
>>>>>> Message: 1 actions failed.
>>>>>>     Failed to complete #create action: [Error acquiring token from the Azure CLI] on msbase-windows2019
>>>>>> ----------------------
>>>>>> Please see .kitchen/logs/kitchen.log for more details
>>>>>> Also try running `kitchen diagnose --all` for configuration
bender-the-greatest commented 3 years ago

Here is my (sanitized) .kitchen.yml config:

driver:
  name: azurerm
  subscription_id: SUBSCRIPTION_GUID
  transport:
    name: winrm
    winrm_transport: ssl

  instance_type: Standard_D2_v2
  location: "East US"
  vnet_id: VNET_URN
  subnet_id: VNET_SUBNET_URN

platforms:
  - name: windows2019
    driver:
      image_urn: MicrosoftWindowsServer:WindowsServer:2019-Datacenter-smalldisk:latest
      use_ephemeral_osdisk: true

suites:
  - name: msbase
    driver:
      vm_name: tk-server-2019-nilla
bender-the-greatest commented 3 years ago

It's worthy to note that the Azure CLI is authenticated and I can run commands against this subscription from the command line when this issue occurs with the kitchen-azurerm driver.

rogueautomation commented 2 years ago

I am encountering the same issue. @bender-the-greatest - did you ever find a workaround?

bender-the-greatest commented 2 years ago

I have not, but it's not been a high priority to revisit yet. Note that I have not tried providing an explicit client id and secret, so an app registration (service principal) with the permissions necessary for kitchen-azurerm to function may be a suitable workaround.

bender-the-greatest commented 2 years ago

@rogueautomation I did work around this, right now my workaround is to use an app registration and credentials file

shyambandi commented 1 year ago

@bender-the-greatest @rogueautomation any luck with this issue? i am facing the same problem.

rogueautomation commented 1 year ago

@shyambandi - not as of yet. Our workaround is currently running WSL 2, installing az cli and CHEF Workstation in our Ubuntu WSL VM's and running test-kitchen that way. I'm told that more and more folks are bringing this issue up to CHEF, but haven't heard on a target date for their prospective fix.

shyambandi commented 1 year ago

@rogueautomation i am running this on a Windows machine, can you suggest?