Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

az vm format-secret does not work #5718

Closed
chiyao-ms opened this issue Mar 2, 2018 · 5 comments · Fixed by #5946
Closed

az vm format-secret does not work #5718

chiyao-ms opened this issue Mar 2, 2018 · 5 comments · Fixed by #5946
Assignees
@tjprescott
Labels
bug This issue requires a change to an existing behavior in the product in order to be resolved. Compute az vm/vmss/image/disk/snapshot KeyVault az keyvault Service Attention This issue is responsible by Azure service team.
Milestone
Sprint 35

Comments

@chiyao-ms
Copy link

Environment summary

Install Method (e.g. pip, interactive script, apt-get, Docker, MSI, edge build) : MSI

CLI version (az --version)
chi@Azure:~$ az --version
azure-cli (2.0.27)

OS version : Windows 10
Shell Type (e.g. bash, cmd.exe, Bash on Windows) : bash on windows

I am following these steps to try to build a LINUX VM with SSL certificate.

https://docs.microsoft.com/en-us/azure/virtual-machines/linux/tutorial-secure-web-server

But I am failing at following step.

$ secret=$(az keyvault secret list-versions --vault-name WebSvrCert --name WebCert --query "[?attributes.enabled].id" --output tsv)

$ echo $secret
https://websvrcert.vault.azure.net/secrets/WebCert/d79e98486c5f42a6a12c863608b3a6e8

$ vm_secret=$(az vm secret format --secret "$secret")
Parameter 'resource_group_name' can not be None.
Traceback (most recent call last):
File "/opt/az/lib/python3.6/site-packages/knack/cli.py", line 194, in invoke
cmd_result = self.invocation.execute(args)
File "/opt/az/lib/python3.6/site-packages/azure/cli/core/commands/init.py", line 331, in execute
six.reraise(*sys.exc_info())
File "/opt/az/lib/python3.6/site-packages/six.py", line 693, in reraise
raise value
File "/opt/az/lib/python3.6/site-packages/azure/cli/core/commands/init.py", line 304, in execute
result = cmd(params)
File "/opt/az/lib/python3.6/site-packages/azure/cli/core/commands/init.py", line 168, in call
return super(AzCliCommand, self).call(*args, **kwargs)
File "/opt/az/lib/python3.6/site-packages/knack/commands.py", line 109, in call
return self.handler(*args, **kwargs)
File "/opt/az/lib/python3.6/site-packages/azure/cli/core/init.py", line 348, in default_command_handler
result = op(**command_args)
File "/opt/az/lib/python3.6/site-packages/azure/cli/command_modules/vm/custom.py", line 1429, in get_vm_format_secret
'id': _get_vault_id_from_name(cmd.cli_ctx, client, vault_name)
File "/opt/az/lib/python3.6/site-packages/azure/cli/command_modules/vm/custom.py", line 1406, in _get_vault_id_from_name
vault = client.get(group_name, vault_name)
File "/opt/az/lib/python3.6/site-packages/azure/mgmt/keyvault/operations/vaults_operations.py", line 193, in get
'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str'),
File "/opt/az/lib/python3.6/site-packages/msrest/serialization.py", line 488, in url
data = self.validate(data, name, required=True, **kwargs)
File "/opt/az/lib/python3.6/site-packages/msrest/serialization.py", line 558, in validate
raise ValidationError("required", name, True)
msrest.exceptions.ValidationError: Parameter 'resource_group_name' can not be None.
chi@Azure:~/clouddrive$
@chiyao-ms chiyao-ms mentioned this issue Mar 2, 2018
Closed
@tjprescott tjprescott added Compute az vm/vmss/image/disk/snapshot KeyVault az keyvault bug This issue requires a change to an existing behavior in the product in order to be resolved. labels Mar 2, 2018
@tjprescott
Copy link
Member

My suspicion is that the keyvault is not visible to the subscription you are logged into. Regardless, it should not throw up a stack trace.

@chiyao-ms
Copy link
Author

chiyao-ms commented Mar 13, 2018 via email

@tjprescott
Copy link
Member

I get the same stack trace using your secret ID, but that's because the vault isn't in a subscription I can access. I'll take a look.

@tjprescott tjprescott added this to the Sprint 35 milestone Mar 13, 2018
@tjprescott tjprescott self-assigned this Mar 13, 2018
@chiyao-ms
Copy link
Author

chiyao-ms commented Mar 20, 2018 via email

@tjprescott
Copy link
Member

It's scheduled to be addressed next sprint.

@tjprescott tjprescott mentioned this issue Mar 28, 2018
Merged
2 tasks
tjprescott added a commit that referenced this issue Mar 29, 2018
@tjprescott
[VM] Improve secret format command (#5946)
baa2e89 
* Fix #5718.

* Code review feedback.
@bsiegel bsiegel added the Service Attention This issue is responsible by Azure service team. label Sep 26, 2018
@WiseMack WiseMack mentioned this issue Jan 4, 2019
Closed
@haroldrandom haroldrandom added bug This issue requires a change to an existing behavior in the product in order to be resolved. Compute az vm/vmss/image/disk/snapshot KeyVault az keyvault Service Attention This issue is responsible by Azure service team. labels Oct 25, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tjprescott tjprescott

Labels
bug This issue requires a change to an existing behavior in the product in order to be resolved. Compute az vm/vmss/image/disk/snapshot KeyVault az keyvault Service Attention This issue is responsible by Azure service team.
Projects
None yet
Milestone
Sprint 35
Development

Successfully merging a pull request may close this issue.

[VM] Improve secret format command
4 participants
@bsiegel @tjprescott @haroldrandom @chiyao-ms