Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Azure CLI Authentication not working in Container Image due to missing Shell #19

Open
techdecline opened this issue Jun 19, 2024 · 1 comment
Open

Azure CLI Authentication not working in Container Image due to missing Shell #19

techdecline opened this issue Jun 19, 2024 · 1 comment

Comments

@techdecline
Copy link

Hi,

I'd like to run Azure-Janitor from the provided container image with the mounted .azure directory using the Azure CLI Authentication.

This fails probably due to missing shell environment within the image:

Stderr: {"level":"info","caller":"azure-janitor/main.go:42","msg":"starting azure-janitor v24.2.1 (5265f70; go1.22.0; by webdevops.io)"} {"level":"info","caller":"azure-janitor/main.go:43","msg":"{\"DryRun\":true,\"Logger\":{\"Debug\":false,\"Development\":false,\"Json\":true},\"Azure\":{\"Environment\":\"AZUREPUBLICCLOUD\",\"Subscription\":null,\"ResourceTags\":[\"owner\"]},\"Janitor\":{\"Interval\":3600000000000,\"Tag\":\"ttl\",\"TagTarget\":\"ttl_expiry\",\"ResourceGroups\":{\"Enable\":true,\"AdditionalFilter\":null,\"Filter\":\"tagName eq 'ttl'\"},\"Resources\":{\"Enable\":false,\"AdditionalFilter\":null,\"Filter\":\"\"},\"Deployments\":{\"Enable\":false,\"Ttl\":31536000000000000,\"Limit\":700},\"RoleAssignments\":{\"Enable\":false,\"Ttl\":21600000000000,\"RoleDefintionIds\":null,\"AdditionalFilter\":null,\"Filter\":\"\",\"DescriptionTtl\":null,\"DescriptionTtlRegExp\":null}},\"Server\":{\"Bind\":\":8080\",\"ReadTimeout\":5000000000,\"WriteTimeout\":10000000000}}"} {"level":"info","caller":"azure-janitor/main.go:45","msg":"init Azure connection"} {"level":"info","caller":"azure-janitor/main.go:48","msg":"init Janitor"} {"level":"info","caller":"azure-janitor/main.go:63","msg":"starting http server on :8080"} {"level":"panic","caller":"janitor/janitor.go:267","msg":"AzureCLICredential: fork/exec /bin/sh: no such file or directory","stacktrace":"github.com/webdevops/azure-janitor/janitor.(*Janitor).initAzureApiVersions\n\t/go/src/github.com/webdevops/azure-janitor/janitor/janitor.go:267\ngithub.com/webdevops/azure-janitor/janitor.(*Janitor).Init\n\t/go/src/github.com/webdevops/azure-janitor/janitor/janitor.go:82\nmain.main.func1\n\t/go/src/github.com/webdevops/azure-janitor/main.go:59"} panic: AzureCLICredential: fork/exec /bin/sh: no such file or directory

This is the snippet, that is executing the container:

class Ci:
    @function
    def run_azure_janitor(self, azure_cli_path: dagger.Directory) -> dagger.Container:
        """Returns a container that echoes whatever string argument is provided"""
        return (dag.container()
            .from_("webdevops/azure-janitor")
            .with_directory("/root/.azure",azure_cli_path)
            .with_env_variable("AZURE_AUTH", "az")
            .with_exec(["--janitor.resourcegroups"])
        )

Is it possible to provide an image that includs a shell?

Thanks and regards,
Cornelius
@mblaschke
Copy link
Member

the container image is a distroless image
i've added az cli image but normally either download the cli from the artifacts and/or use az-cli image from Microsoft and copy the binary into it.

for what do you need the az cli auth?
i would strongly recommend to use workload identity

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mblaschke @techdecline