-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
{Core} Quick patch for managed_by_tenants
missing from response
#17509
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
"For more information about using Azure CLI with Azure Stack, see " | ||
"https://docs.microsoft.com/azure-stack/user/azure-stack-version-profiles-azurecli2" | ||
.format(cloud_name=self.cli_ctx.cloud.name)) | ||
if getattr(s, 'managed_by_tenants', None) is not None: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- If
managed_by_tenants
doesn't exist,getattr
returnsNone
and thisif
evaluates toFalse
- If
managed_by_tenants
is[]
,getattr
returns[]
and thisif
evaluates toTrue
, so[]
is preserved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
2 years later, I feel it was lucky that we didn't merge this PR.
There are 3 conditions:
# Condition 1: managedByTenants missing
{
}
# Condition 2: managedByTenants is null
{
"managedByTenants": null
}
# Condition 3: managedByTenants is empty list []
{
"managedByTenants": []
}
This statement doesn't take condition 2 "managedByTenants": null
into consideration. Even though this has never been observed, if ARM returns "managedByTenants": null
, Azure CLI output will omit managedByTenants
.
Also, for condition 1, the absence of managedByTenants
from ARM's Subscriptions - List REST API will propagate all the way to Azure CLI output, causing breaking change.
When will this fix be patched to azure pipeline? We have a bunch of |
Thank you so much to the product group for this patch! |
Sorry but if I apply the work around on windows it doesn't work. Which version of az cli i need for this workaround to work? |
@giacris82, the patch is for Azure CLI installed with MSI. How did you install Azure CLI? Could you check the installation location? # PowerShell
Get-Command az
# CMD
where az |
Are we sure this one works out 100%? Below is what we saw on Ubuntu after the quick patch:
|
Update: The rollback of ARM has completed at 2021-03-31 08:00 UTC. This quick patch is not longer needed.
⚠ WARNING
This PR is a workaround for an ongoing ARM incident. The ARM service team is investigating with highest priority. We will close this PR once ARM service is fixed.
Symptom
az login
fails withor (Azure CLI versions smaller than
2.15.0
)Root Cause Analysis
Azure CLI started using Subscriptions - List API
/subscriptions?api-version=2019-06-01
since Feb 2020 for public cloudAzureCloud
([Core][Profile] Support lighthouse multi-tenant subscription #11886). This call is made duringaz login
to fetch the subscriptions.Azure Stack returns the response for
/subscriptions?api-version=2019-06-01
with older API version2016-06-01
format withoutmanagedByTenants
property ([Resources] Response from Azure Stack doesn't comply with the spec subscriptions.json azure-rest-api-specs#9567).Az CLI checks this explicitly and shows the above error message to the user implying "Invalid profile is used for Azure Stack cloud and the profile is set to
latest
, you need to change the API profile to something like2019-03-01-hybrid
" ({Core} az login: Capture managed_by_tenants error #15550).Due to the ARM incident, now in public cloud
AzureCloud
, the/subscriptions
API's response omitsmanagedByTenants
in some regions. As a consequence, the lack ofmanagedByTenants
az login
to fail.Changes in this PR
This PR provides a quick patch which bypasses the check on
managedByTenants
and thus bypasses the ARM service incident.Apply the quick patch
The following commands replaces the
_profile.py
file of Azure CLI installed on local machine or Azure DevOps agent:Remove the quick patch
After the ARM incident is fixed, the patch needs to be removed.
Additional information
Microsoft internal tracking ticket for the ARM incident: IcM 234164333