Thread
#general
    d

    damp-honey-93158

    4 months ago
    Ok, it's official - I'm stuck on the azure provider (again). I want to simply make use of whatever account I'm logged into the az cli with. In my case this is an admin account, and I expect to be able to do anything with it within the Azure tenant. The only azure-native configuration I have in my pulumi stack configuration is for the location. When I run pulumi up, I get this: Diagnostics: pulumi😛ulumi:Stack (soxes-infra-bootstrapper): error: Running program 'G:\src\src_x25_exploration\global\bootstrapping\bin\Debug\netcoreapp3.1\bootstrapping.dll' failed with an unhandled exception: System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. at object RuntimeTypeHandle.CreateInstance(RuntimeType type, bool publicOnly, bool wrapExceptions, ref bool canBeCached, ref RuntimeMethodHandleInternal ctor, ref bool h asNoDefaultCtor) at object RuntimeType.CreateInstanceDefaultCtorSlow(bool publicOnly, bool wrapExceptions, bool fillCache) at object RuntimeType.CreateInstanceDefaultCtor(bool publicOnly, bool skipCheckThis, bool fillCache, bool wrapExceptions) at T Activator.CreateInstance<T>() at Task<int> Pulumi.Deployment+Runner.Pulumi.IRunner.RunAsync<TStack>(IServiceProvider serviceProvider)+() => { } at Task<int> Pulumi.Deployment+Runner.RunAsync<TStack>(Func<TStack> stackFactory) ---> Grpc.Core.RpcException: Status(StatusCode="Unknown", Detail="invocation of azure-n ative:authorization:getClientConfig returned an error: getting authenticated object ID: Error parsing json result from the Azure CLI: Error retrieving running Azure CLI: WARNIN G: The underlying Active Directory Graph API will be replaced by Microsoft Graph API in Azure CLI 2.37.0. Please carefully review all breaking changes introduced during this mi gration: https://docs.microsoft.com/cli/azure/microsoft-graph-migration") at async Task<InvokeResponse> Pulumi.GrpcMonitor.InvokeAsync(ResourceInvokeRequest request) at async Task<SerializationResult> Pulumi.Deployment.InvokeRawAsync(string token, SerializationResult argsSerializationResult, InvokeOptions options) x 2 at async Task<T> Pulumi.Deployment.InvokeAsync<T>(string token, InvokeArgs args, InvokeOptions options, bool convertResult) at async Task<string> ComponentLibrary.Util.GetSubscriptionScopeIdAsync() in G😕src/src_x25_exploration/ComponentLibrary/Util.cs:line 13 at string ComponentLibrary.Util.get_SubscriptionId() in G😕src/src_x25_exploration/ComponentLibrary/Util.cs:line 8 at new BootstrappingStack() in G😕src/src_x25_exploration/global/bootstrapping/BootstrappingStack.cs:line 31 --- End of inner exception stack trace --- Any pointers?
    e

    echoing-dinner-19531

    4 months ago
    Is this with the azure provider (not azure-native)? Can you try running
    az account get-access-token
    ?
    oh wait no this is azure-native I can't read! Still try that command out, might give some pointers
    d

    damp-honey-93158

    4 months ago
    it shows me stuff 🙂
    the token expires in about 10 minutes from now, the subscription matches the one I set using az account --subscription and it's tokenType "Bearer"
    e

    echoing-dinner-19531

    4 months ago
    Ok not its not hitting that path then
    az ad signed-in-user show -o=json
    is one of the other credential fetching commands
    d

    damp-honey-93158

    4 months ago
    lotsa stuff, obviously in json - seems to work. No errors at least. It did print the same warning but that's an az cli API thing I'm guessing.
    e

    echoing-dinner-19531

    4 months ago
    hah well that will be the issue then
    the code expects the command output to be pure json
    that warning is tripping it up
    d

    damp-honey-93158

    4 months ago
    I wonder if I can suppress that.
    if I can force it somehow to --only-show-errors then it'd work. is the underlying pulumi code really using a shell out?
    e

    echoing-dinner-19531

    4 months ago
    yeh it's actually using some terraform auth helper code from https://github.com/hashicorp/go-azure-helpers
    d

    damp-honey-93158

    4 months ago
    or, for now I'm happy to go any other path to get it working. My next step would be to create an SP by hand
    e

    echoing-dinner-19531

    4 months ago
    I don't know az auth methods enough to help out more here. I'd suggest raising an issue about this at https://github.com/pulumi/pulumi-azure-native/issues our providers team might have an answer for now and they'll need to fix this issue properly at some point
    d

    damp-honey-93158

    4 months ago
    downgrading az command line to 2.32.0 solves this problem.