Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Deploy management failed - AZURE_CREDENTIALS set as GitHub secret #2984

Closed
dusan-ilic-mhra opened this issue Dec 22, 2022 · 4 comments
Closed

Deploy management failed - AZURE_CREDENTIALS set as GitHub secret #2984

dusan-ilic-mhra opened this issue Dec 22, 2022 · 4 comments
Labels
question Further information is requested

Comments

@dusan-ilic-mhra
Copy link
Contributor

Describe the bug

We upgraded the OSS version to 0.7.0 and now we are facing this issue when we deploy using CI:

image

I reviewed this PR:
#2654

and created AZURE_CREDENTIALS as a GitHub secret in the mentioned format:

{
"clientId": "xxx",
"clientSecret": "xxx",
"tenantId": "xxx",
"subscriptionId": "xxx",
"resourceManagerEndpointUrl": "management.azure.com"
}

Steps to reproduce

  1. Run Deploy Azure TRE workflow

Do I miss something? Could you please help us because this is currently a blocker for us?
@dusan-ilic-mhra dusan-ilic-mhra added the bug Something isn't working label Dec 22, 2022
@tamirkamara
Copy link
Collaborator

@dusan-ilic-mhra please verify that the format & values corrosponds to the example given here.
I think you should try the change the resourceManagerEndpointUrl

@tamirkamara tamirkamara added question Further information is requested and removed bug Something isn't working labels Dec 27, 2022
@dusan-ilic-mhra
Copy link
Contributor Author

dusan-ilic-mhra commented Jan 9, 2023
edited
Loading

@tamirkamara Where I can find resourceManagerEndpointUrl for the existing ARM client ID?

@dusan-ilic-mhra
Copy link
Contributor Author

dusan-ilic-mhra commented Jan 9, 2023
edited
Loading

@tamirkamara Following your comment to take a look at this link https://github.com/marketplace/actions/azure-login#configure-deployment-credentials

I run a command for the existing App Reg:

az ad sp create-for-rbac --name "App_Reg_Name" --role contributor --scopes /subscriptions/Subscription_ID/resourceGroups/management_rg_name --sdk-auth

and I’ve got this output:

{
"clientId": "xxxxxxxxxxxxxxxxxxxx",
"clientSecret": "xxxxxxxxxxxxxxxxxxxx",
"subscriptionId": "xxxxxxxxxxxxxxxxxxxx",
"tenantId": "xxxxxxxxxxxxxxxxxxxx",
"activeDirectoryEndpointUrl": "xxxxxxxxxxxxxxxxxxxx",
"resourceManagerEndpointUrl": "https://management.azure.com/",
"activeDirectoryGraphResourceId": "xxxxxxxxxxxxxxxxxxxx",
"sqlManagementEndpointUrl": "xxxxxxxxxxxxxxxxxxxx",
"galleryEndpointUrl": "xxxxxxxxxxxxxxxxxxxx",
"managementEndpointUrl": "xxxxxxxxxxxxxxxxxxxx"
}

I put this output in as AZURE_CREDENTIALS in GitHub secrets and still getting this error:
image

@dusan-ilic-mhra
Copy link
Contributor Author

dusan-ilic-mhra commented Jan 11, 2023
edited
Loading

@tamirkamara You can close this issue as we solved it by adding new secrets:
MGMT_RESOURCE_GROUP_NAME
MGMT_STORAGE_ACCOUNT_NAME
As their name has been changed in the new version.

Thank you for your support.

@anatbal anatbal closed this as completed Jan 11, 2023
@tamirkamara tamirkamara mentioned this issue Jan 12, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@anatbal @tamirkamara @dusan-ilic-mhra