Azure
aks-set-context failing due to the issue with Azure/login after new release of az cli version 2.67.0
Feature request
Hello,
We work with client Certificate as Secret when AZ login with SPN. We haven't faced any issue till last week when this action was using Azcli version < 2.67.0. Due to the latest release of Az cli, It started failing with below error:
Attempting Azure CLI login by using service principal with secret...
Error: AADSTS7000215: Invalid client secret provided. Ensure the secret being sent in the request is the client secret value, not the client secret ID, for a secret added to app '***'.
Error: The error may be caused by passing a service principal certificate with --password. Please note that --password no longer accepts a service principal certificate. To pass a service principal certificate, use --certificate instead.
Due to this Azure/login actions is failing as it doesn't support client certificate as secret. We are using azure/aks-set-context@v3 to deploy our apps to AKS. And aks-set-context failing due to the current issue with Azure/login action. Can we have workaround for this?
- uses: azure/login@v1
with:
creds: "{
\"clientId\": \"${{ env.ARM_CLIENT_ID }}\",
\"clientSecret\": \"key.pem\",
\"subscriptionId\": \"${{ env.ARM_SUBSCRIPTION_ID }}\",
\"tenantId\": \"${{ env.ARM_TENANT_ID }}\"
}"
- uses: azure/use-kubelogin@v1
with:
kubelogin-version: 'v0.0.25'
- uses: azure/aks-set-context@v3
with:
cluster-name: ${{ inputs.aks-name }}
resource-group: ${{ inputs.aks-rg-name }}
admin: 'false'
use-kubelogin: 'true'
ERROR: The command failed with an unexpected error. Here is the traceback:
ERROR: [Errno 13] Permission denied: '/home/runner/.azure/commands/2024-11-26.15-09-20.aks_get-credentials.2064.log'
Traceback (most recent call last):
File "/opt/az/lib/python3.12/site-packages/knack/cli.py", line 233, in invoke
cmd_result = self.invocation.execute(args)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/az/lib/python3.12/site-packages/azure/cli/core/commands/__init__.py", line 521, in execute
self.cli_ctx.raise_event(EVENT_INVOKER_PRE_CMD_TBL_TRUNCATE,
File "/opt/az/lib/python3.12/site-packages/knack/cli.py", line 170, in raise_event
func(self, **kwargs)
File "/opt/az/lib/python3.12/site-packages/azure/cli/core/azlogging.py", line 95, in init_command_file_logging
self._init_command_logfile_handlers(metadata_logger, args) # pylint: disable=protected-access
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/az/lib/python3.12/site-packages/azure/cli/core/azlogging.py", line 115, in _init_command_logfile_handlers
logfile_handler = logging.FileHandler(log_file_path, encoding=LOG_FILE_ENCODING)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/opt/az/lib/python3.12/logging/__init__.py", line 1231, in __init__
StreamHandler.__init__(self, self._open())
^^^^^^^^^^^^
File "/opt/az/lib/python3.12/logging/__init__.py", line 12[63](https://github.com/sede-x/geneva-utilities-osprey-team/actions/runs/12033459441/job/33547680685#step:8:66), in _open
return open_func(self.baseFilename, self.mode,
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
PermissionError: [Errno 13] Permission denied: '/home/runner/.azure/commands/2024-11-26.15-09-20.aks_get-credentials.20[64](https://github.com/sede-x/geneva-utilities-osprey-team/actions/runs/12033459441/job/33547680685#step:8:67).log'
To check existing issues, please visit: https://github.com/Azure/azure-cli/issues
Error: Error: The process '/usr/bin/az' failed with exit code 1
i see the Azure/login issue was resolved https://github.com/Azure/login/issues/496
is there an issue with aks-set-context here too? or is this now resolved since the login is working again?
Considering no response yet, we assume this issue was resolved. However, if you run into this issue again, please feel free to re open it.
