Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug: Inconsistent behaviour of make-mi-fic.py #4478

Closed
theunrepentantgeek opened this issue Dec 1, 2024 · 1 comment · Fixed by #4493
Closed

Bug: Inconsistent behaviour of make-mi-fic.py #4478

theunrepentantgeek opened this issue Dec 1, 2024 · 1 comment · Fixed by #4493
Assignees
@super-harsh
Labels
bug 🪲 Something isn't working
Milestone
v2.12.0

Comments

@theunrepentantgeek
Copy link
Member

theunrepentantgeek commented Dec 1, 2024
edited
Loading

Describe the bug

The Python script make-mi-fic.py is used to create a managed-identity when testing ASO during development.

When it creates an identity, the files miclientid.txt and fix.txt are created in the directory v2/out/aks-identity/azure with details that are consumed by other tasks that run later.

However, when the identity already exists, the script terminates early with the message "An identity already exists, not creating another one" without ensuring those files exist, ensuring that later task steps fail with cryptic errors.

Expected behavior

The script make-mi-fic.py should ensure the files miclientid.txt and fix.txt exist with the correct content regardless of whether the identity already existed or not.

To Reproduce

Run task to create a managed identity:

task controller:create-mi-for-workload-identity

Remove the out folder

rm -rf v2/out

Run the task again and note that the files are not recreated

task controller:create-mi-for-workload-identity

Additional context

In my original case, the files weren't created because the script make-mi-fic.py failed after creating the identity, but before creating the files. The steps given above are a synthetic way to replicate the failure conditions.
@theunrepentantgeek theunrepentantgeek added the bug 🪲 Something isn't working label Dec 1, 2024
@theunrepentantgeek
Copy link
Member Author

Also

  • the method create_role_assignment specifies role Owner which doesn't always work
  • the file azure/roleassignmentid.txt also needs to be populated.

@theunrepentantgeek theunrepentantgeek added this to the v2.12.0 milestone Dec 2, 2024
@super-harsh super-harsh mentioned this issue Dec 8, 2024
Merged
@github-project-automation github-project-automation bot moved this from Backlog to Recently Completed in Azure Service Operator Roadmap Dec 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@super-harsh super-harsh

Labels
bug 🪲 Something isn't working
Projects
Azure Service Operator Roadmap
Status: Recently Completed
Milestone
v2.12.0
Development

Successfully merging a pull request may close this issue.

Add fixes for make-mi-fic.py consistency Azure/azure-service-operator
2 participants
@theunrepentantgeek @super-harsh