Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Getting Failed to add firewall rule error during SQL DB deployment using GitHub Hosted Runner #174

Open
tmfahim opened this issue Apr 10, 2023 · 12 comments
Labels
idle Inactive for 14 days need-to-triage Requires investigation

Comments

@tmfahim
Copy link

tmfahim commented Apr 10, 2023

Getting Failed to add firewall rule error during SQL DB deployment using GitHub Hosted Runner although 'Allow Azure Services And resources to access this server" is checked in the SQL server

Error: Failed to add firewall rule. Unable to detect client IP Address. Sqlcmd: Error: Microsoft ODBC Driver 17 for SQL Server : Login failed for user 'MCSSQLADMIN'..
Error: The process 'C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\SQLCMD.exe' failed with exit code 1

@tmfahim tmfahim added the need-to-triage Requires investigation label Apr 10, 2023
@zijchen
Copy link
Contributor

zijchen commented Apr 13, 2023

Could you share a snippet of your yaml definition with the Azure login and sql-action tasks?

@dzsquared
Copy link
Collaborator

The error portion Error: Microsoft ODBC Driver 17 for SQL Server suggests this is an older version of sql-action. Will you try your pipeline with an updated version (v2.1.1 is latest)

@tmfahim
Copy link
Author

tmfahim commented Apr 13, 2023 via email

@zijchen
Copy link
Contributor

zijchen commented Apr 13, 2023

Formatted yml:

  release:
    # Set the dependency for the build job
    needs: BuildDacpac

    # The type of runner that the job will run on
   runs-on: windows-latest
    environment: PRD
    permissions:
      id-token: write
      contents: read

    # Steps represent a sequence of tasks that will be executed as part of the job
    steps:
     - name: download SQL Pool artifact
        # Downloads artifact to dacpac folder
        uses: ***@***.******@***.***>
        with:
          name: SQLPool

      # Login using Azure credentials
      - name: 'OIDC Login to Azure Public Cloud with AzPowershell'
        uses: ***@***.***
        with:
         client-id: ${{ secrets.CLIENT_ID }}
         subscription-id: ${{ secrets.SUBSCRIPTION_ID }}
         tenant-id: ${{ secrets.TENANT_ID }}
         enable-AzPSSession: true

      - name: Azure SQL Deploy
        uses: ***@***.******@***.***>
        with:
          # Name of the SQL Server
          server-name: ${{ vars.SQL_SERVER }}
          # The connection string, including authentication information for the Azure SQL Database
          connection-string: '${{ secrets.AZURE_SQL_CONNECTION_STRING }}'
          # Path to the Azure SQL database dacpac file
          dacpac-package: 'uda-mcs-sql-db-cloud.dacpac'
          # Additional arguments
          arguments: '/p:IncludeCompositeObjects=true'

@zijchen
Copy link
Contributor

zijchen commented Apr 13, 2023

Looks like the Actions steps themselves were masked (maybe the email client thought they were email addresses), but as @dzsquared mentioned, could you try using [email protected]?

      - name: Azure SQL Deploy
        uses: azure/[email protected]
        with:
          # The connection string, including authentication information for the Azure SQL Database
          connection-string: '${{ secrets.AZURE_SQL_CONNECTION_STRING }}'
          # Path to the Azure SQL database dacpac file
          path: 'uda-mcs-sql-db-cloud.dacpac'
          action: 'Publish'
          # Additional arguments
          arguments: '/p:IncludeCompositeObjects=true'

@tmfahim
Copy link
Author

tmfahim commented Apr 13, 2023 via email

@github-actions
Copy link

This issue is idle because it has been open for 14 days with no activity.

@github-actions github-actions bot added the idle Inactive for 14 days label Apr 28, 2023
@github-actions github-actions bot removed the idle Inactive for 14 days label May 15, 2023
@catoa
Copy link

catoa commented May 19, 2023

I'm also encountering this issue when trying to deploy a SQL managed instance.

@github-actions
Copy link

github-actions bot commented Jun 2, 2023

This issue is idle because it has been open for 14 days with no activity.

@github-actions github-actions bot added the idle Inactive for 14 days label Jun 2, 2023
@ttaher
Copy link

ttaher commented Sep 5, 2024

Hello, i got this issue as well recently and i have an action that add the current Ip to my allowed ip list that can access my resource and IP was listed but still getting this error and preventing me to deploy database changes
image

@dzsquared
Copy link
Collaborator

@ttaher - you likely have an authentication issue to the SQL database, in the July release we added skip-firewall-check: as an option that you can use to validate the root cause in your case

@ttaher
Copy link

ttaher commented Sep 15, 2024

yes, I used it and it works now thanks a lot

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
idle Inactive for 14 days need-to-triage Requires investigation
Projects
None yet
Development

No branches or pull requests

5 participants