Error: Login failed with Error: Using auth-type: SERVICE_PRINCIPAL. Not all values are present.
Aholicknight opened this issue · comments
Hi @Aholicknight, based on the log you provided, it seems that client-id
and tenant-id
are missing when calling azure/login. Please provide these two parameters. And could you share your workflow here to help me better assist you with this issue?
Hi @Aholicknight, based on the log you provided, it seems that
client-id
andtenant-id
are missing when calling azure/login. Please provide these two parameters. And could you share your workflow here to help me better assist you with this issue?
Hello @MoChilia yes I can provide you my workflow file. I will edit this message when I have it.
EDIT: The workflow generated by Azure is here:
# Docs for the Azure Web Apps Deploy action: https://github.com/Azure/webapps-deploy
# More GitHub Actions for Azure: https://github.com/Azure/actions
name: Build and deploy Node.js app to Azure Web App - ictdatabaseapitwo
on:
push:
branches:
- main
workflow_dispatch:
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Node.js version
uses: actions/setup-node@v3
with:
node-version: '18.x'
- name: npm install, build, and test
run: |
npm install
npm run build --if-present
npm run test --if-present
- name: Zip artifact for deployment
run: zip release.zip ./* -r
- name: Upload artifact for deployment job
uses: actions/upload-artifact@v3
with:
name: node-app
path: release.zip
deploy:
runs-on: ubuntu-latest
needs: build
environment:
name: 'production'
url: ${{ steps.deploy-to-webapp.outputs.webapp-url }}
permissions:
id-token: write #This is required for requesting the JWT
steps:
- name: Download artifact from build job
uses: actions/download-artifact@v3
with:
name: node-app
- name: Unzip artifact for deployment
run: unzip release.zip
- name: Login to Azure
uses: azure/login@v1
with:
client-id: ${{ secrets.__clientidsecretname__ }}
tenant-id: ${{ secrets.__tenantidsecretname__ }}
subscription-id: ${{ secrets.__subscriptionidsecretname__ }}
- name: 'Deploy to Azure Web App'
id: deploy-to-webapp
uses: azure/webapps-deploy@v2
with:
app-name: 'ictdatabaseapitwo'
slot-name: 'production'
package: .
@Aholicknight, please check if __clientidsecretname__
and .__tenantidsecretname__
are stored as secrets in your repository. See https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions for how to use secrets in GitHub Actions. I am wondering if these secrets are auto generated by azure web app?
@Aholicknight, please check if
__clientidsecretname__
and.__tenantidsecretname__
are stored as secrets in your repository. See docs.github.com/en/actions/security-guides/using-secrets-in-github-actions for how to use secrets in GitHub Actions. I am wondering if these secrets are auto generated by azure web app?
@MoChilia these secrets are automatically generated by Azure web app. I do not have any secrets in my repository.
I tried to reproduce your issue by setting CI/CD with GitHub Actions for an Azure web app in development center. It works well for me. I chose the Authentication type: User-assigned identity. Then the workflow was automatically generated in my GitHub repo with the corresponding secrets stored in my repo.
It seems that an error occurred when Azure Web app is creating the user-assigned identity or when they are writing the secrets to your repository. You can report this issue to Azure/webapps-deploy.
For a quick fix, I have some suggestions for you. I can find the managed identity created by Azure web app. If it was also created for you, you can copy its Client ID
and Tenant ID
to store them as secrets in your repository. If you cannot find such managed identity, you may refer to the guide on how to login with OIDC.
@MoChilia I will try adding the repository secrets manually and see if that fixes the problem.
I think I fixed it by setting the action setting in my organization "read and write" before it was set to "read only"