Breaking change latest CLI version #56
Comments
|
Getting the same without passing the |
|
I can see the same error when using the latest Azure CLI version. |
|
Hi 👋 There is already an issue opened for this error with azure cli team. Will also investigate further if something can be done on our side. |
|
Hi @rvdlaarschot @marvinbuss @fhavrlent The issue is caused due to mismatch between az cli version on the agent and az cli version being used by azure/cli. This will resolve itself once all the agents have latest azcli version until then we will have to rely on specifically using version 2.29.2 in azure/cli. Root causeThe is because Azure Login still uses the old ADAL-based Azure CLI 2.29.0 while Azure CLI Action uses the latest MSAL-based Azure CLI 2.30.0. After the ADAL->MSAL migration (Azure/azure-cli#19853), the latest Azure CLI is not compatible with old versions. For more info- |
|
I'm guessing this issue with |
|
Hi All, |
|
@t-dedah yes, that would be an acceptable fix. |
|
We had this issue a week ago and set the azcliversion to 2.0.75. This worked for a week. Suddenly, we faced another issue today (the exact time should be one hour ago), it gave another error message: |
|
@cinderashhh, #57 changed default CLI version to the version on agent, so to use az-cli action with az login, you need to unpin az CLI version in the action (at least temporarily, until both login and CLI actions support version pinning) |
|
What worked for me was to run az version on azure/loginv1, which returned 2.30.0 (YMMV) and use that as azcliversion like: |
t-dedah
added
P1
|
@marvinbuss @rvdlaarschot @vermegi @ajmarks @pdebruin @sazarubin
Please test your scenarios and let us know if you face any more issues. |
|
@cinderashhh Can you please open a new issue for your error? |
|
@Jandev Can you please share the workflow you are using? If its confidential then you can share it via email at [email protected] |
|
I found out one of the tasks still did a |
Ok, but how do we pin the Azure CLI version? It wouldn't be the first time that a newer CLI version breaks things. We need predictable builds... |
|
@restfulhead You can still pin using |
|
@t-dedah Could you please elaborate how to do that? I'm facing the same issue as the author. Here's the config that used to work, pinning to 2.28.0. This suddenly broke a few days ago without changing anything. |
|
@restfulhead I assume you are using In order to fix you problem either set or leave it to default In default case, action will automatically choose azcliversion which is already installed on the agent so that there will be no mismatch, even if we have any further breaking changes in future. |
|
@t-dedah Thank you for the details. Upgrading to 2.30.0 works, yes. However, I am still wondering what's the best way for the future. If I don't pin the version, then there's the risk that a newer cli version could break things in our workflow. So I would like to be able to pin, however, doing this produced the issue here. I have a question based on the following, earlier comment.
So the |
|
@restfulhead Azure/login is under a separate team so you can raise an issue there but as per current understanding we cant pin a version on Azure/login as it directly uses the agent version Yes you have a valid point that in future some version can still break the actions, but the above fix makes sure its not atleast due to mismatch between version on agent and the version being used in azure/cli. |
|
It looks like this change has broken the Azure For example the following no longer works for me. I've raised separately here ansible-collections/azure#688 |
|
@dkirrane Unfortunately we dont own that action so we can't help you on this one. |
|
I just retested with leaving out the azcliversion parameter and can confirm it works for my previously failing workflow. |
|
Thank you @vermegi for the confirmation. |
Ok, thanks for confirming. Someone else already created an issue. For anyone following/interested, please upvote Azure/login#164. |
|
@ajmarks, your |
In the Windows CI's periodic runs the `azure/CLI` GitHub action library is leveraged to run various Azure-related commands. To avoid possible desyncing between the auth libraries of `azure/CLI` and the actual CLI executable on the CI job runner as described [here](Azure/cli#56 (comment)), this patch configures `azure/CLI` to always auto-detect and use the CLI version. Signed-off-by: Nashwan Azhari <[email protected]>
In the Windows CI's periodic runs the `azure/CLI` GitHub action library is leveraged to run various Azure-related commands. To avoid possible desyncing between the auth libraries of `azure/CLI` and the actual CLI executable on the CI job runner as described [here](Azure/cli#56 (comment)), this patch configures `azure/CLI` to always auto-detect and use the CLI version found on the job runner. Signed-off-by: Nashwan Azhari <[email protected]>
|
Closing this issue as a fixed was released 2 weeks ago. |
In the Windows CI's periodic runs the `azure/CLI` GitHub action library is leveraged to run various Azure-related commands. To avoid possible desyncing between the auth libraries of `azure/Login` and `azure/CLI` as described [here](Azure/cli#56 (comment)), this patch neglects to pass an explicit `azcliversion` to `azure/CLI` in order to have it default to the Azure CLI version set up by `azure/Login`. Signed-off-by: Nashwan Azhari <[email protected]>
Update CLI version (Azure/cli/issues/56)
Add account subscription to failing command. Update CLI version (Azure/cli/issues/56).
When running the Azure/[email protected] action with the latest CLI version (2.30.0 since today) in a workflow I get the following error despite having run the Azure/login@v1 action in a previous step in the same job:
ERROR: Could not retrieve credential from local cache for service principal *****. Run 'az login' for this service principal.Reverting to the previous CLI version by passing the argument
azcliversion: 2.29.2to the Azure/[email protected] action solved the issue for me.The text was updated successfully, but these errors were encountered: