Skip to content
This repository has been archived by the owner on Nov 1, 2023. It is now read-only.

work around AAD service principal race condition #716

Merged
3 commits merged into from
Mar 23, 2021
Merged

work around AAD service principal race condition #716

3 commits merged into from
Mar 23, 2021

Conversation

bmc-msft
Copy link
Contributor

This works around an issue in AAD service principal creation. The race condition in AAD shows up as:

INFO:deploy:checking if RBAC already exists
INFO:deploy:creating Application registration
INFO:deploy:creating service principal
Traceback (most recent call last):
  File "deploy.py", line 926, in <module>
    main()
  File "deploy.py", line 920, in main
    state[1](client)
  File "deploy.py", line 303, in setup_rbac
    client.service_principals.create(service_principal_params)
  File "/tmp/tmpp2x7ybfg/deploy-venv/lib/python3.8/site-packages/azure/graphrbac/operations/service_principals_operations.py", line 87, in create
    raise models.GraphErrorException(self._deserialize, response)
azure.graphrbac.models.graph_error_py3.GraphErrorException: When using this permission, the backing application of the service principal being created must in the local tenant

The azure-cli has the same issue, as seen in Azure/azure-cli#14767

@bmc-msft bmc-msft requested a review from chkeita March 23, 2021 02:22
@jiasli jiasli mentioned this pull request Mar 23, 2021
Merged
ranweiler
ranweiler reviewed Mar 23, 2021
View reviewed changes
src/deployment/deploy.py Outdated Show resolved Hide resolved
@ghost
Copy link

ghost commented Mar 23, 2021

Hello @bmc-msft!

Because this pull request has the auto-merge label, I will be glad to assist with helping to merge this pull request once all check-in policies pass.

p.s. you can customize the way I help with merging this pull request, such as holding this pull request until a specific person approves. Simply @mention me (@msftbot) and give me an instruction to get started! Learn more here.

@ghost ghost merged commit de5c843 into microsoft:main Mar 23, 2021
@bmc-msft bmc-msft deleted the work-around-aad-service-principal-race-condition branch March 23, 2021 21:03
@ghost ghost locked as resolved and limited conversation to collaborators Apr 23, 2021
This pull request was closed.
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@ranweiler ranweiler ranweiler approved these changes

@chkeita chkeita Awaiting requested review from chkeita

Assignees
No one assigned
Labels
auto-merge passed-integration-tests
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@bmc-msft @ranweiler @demoray