AZ CLI Issue - Github Actions Self hosted runner

Question

AZ CLI Issue - Github Actions Self hosted runner

939 Views Asked by user264953 At 22 May 2023 at 17:47

I get the error shown in screenshot below while trying to fetch Azure key vault secrets using Azure CLI from github actions. The error says Please run 'az login' to setup account.

As one can see, the AZ login was successful in the previous step. Based on the suggestion here, I have installed Azure CLI - eventhough the output says Azure CLI is already up to date in the self hosted runner.

What can be done to overcome this issue?

yml snippet

- name: Install Azure CLI
    run: |
      sudo apt-get install ca-certificates curl apt-transport-https lsb-release gnupg
      curl -sL https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor | 
      sudo tee /etc/apt/trusted.gpg.d/microsoft.gpg > /dev/null
      AZ_REPO=$(lsb_release -cs)
      echo "deb [arch=amd64] https://packages.microsoft.com/repos/azure-cli/ $AZ_REPO 
      main" | sudo tee /etc/apt/sources.list.d/azure-cli.list
      sudo apt-get update
      sudo apt-get install azure-cli
      
  - name: Login to Azure
    uses: azure/login@v1
    with:
       client-id: ${{ secrets.AZURE_CLIENT_ID }}
       tenant-id: ${{ secrets.AZURE_TENANT_ID }}
       subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
  - uses: azure/CLI@v1
    with: 
      inlineScript: |
        value1=$(az keyvault secret show --name $AZURE_SECRET_NAME --vault-name $AZURE_KEYVAULT_NAME --query value -o tsv)
        echo $value1
        value2=$(az keyvault secret show --name $AZURE_SECRET_NAME --vault-name $AZURE_KEYVAULT_NAME --query value)
        echo $value2
        #echo "::add-mask::$value"
        #printf "%s\n" $value >> GITHUB_OUTPUT
        echo "${value2//\"}" >> GITHUB_OUTPUT

Original Q&A

There are 1 best solutions below

**SiddheshDesai** · Answer 1 · 2023-05-24T08:16:58.713000

I ran the below Github workflow and got the Key vault secrets successfully after successful login by installing Azure CLI, Refer below:-

My github workflow:-

My complete github workflow Link

Referred Install Azure CLI commands from this MS Document and az key vault secret show command from here

name: Azure Key Vault Secrets

on:
  push:
    branches:
      - main

jobs:
  build:
    runs-on: ubuntu-latest

    steps:
    - name: Checkout code
      uses: actions/checkout@v2

    - name: Install Azure CLI
      run: |
        sudo apt-get update
        sudo apt-get install ca-certificates curl apt-transport-https lsb-release gnupg
        sudo mkdir -p /etc/apt/keyrings
        curl -sLS https://packages.microsoft.com/keys/microsoft.asc |
            gpg --dearmor |
            sudo tee /etc/apt/keyrings/microsoft.gpg > /dev/null
        sudo chmod go+r /etc/apt/keyrings/microsoft.gpg
        AZ_REPO=$(lsb_release -cs)
        echo "deb [arch=`dpkg --print-architecture` signed-by=/etc/apt/keyrings/microsoft.gpg] https://packages.microsoft.com/repos/azure-cli/ $AZ_REPO main" |
        sudo tee /etc/apt/sources.list.d/azure-cli.list
        sudo apt-get update
        sudo apt-get install azure-cli

    - name: Login to Azure
      uses: azure/login@v1
      with:
        creds: ${{ secrets.AZURE_CREDENTIALS }}

    - name: Authenticate Azure CLI
      run: az login

    - uses: azure/CLI@v1
      with: 
        inlineScript: |
          value1=$(az keyvault secret show --name keyvaultsecret --vault-name siliconkeyvault12 --query value -o tsv)
          echo $value1
          value2=$(az keyvault secret show --name keyvaultsecret --vault-name siliconkeyvault12 --query value)
          echo $value2
          #echo "::add-mask::$value"
          #printf "%s\n" $value >> GITHUB_OUTPUT
          echo "${value2//\"}" >> GITHUB_OUTPUT

Output:-

enter image description here

In Authenticate Azure CLI step it asked me to authenticate with the URL which I authenticated with my Azure account having proper role assigned on Key vault to access secret refer below:-

enter image description here

Key vault secret value got printed successfully like below:-

enter image description here

Portal:-

Key vault IAM to my user account:-

enter image description here

Key vault Secret:-

enter image description here

My Access policy is set to IAM in my Key vault.

AZ CLI Issue - Github Actions Self hosted runner

There are 1 best solutions below

Related Questions in AZURE

Related Questions in GITHUB-ACTIONS

Related Questions in AZURE-CLI

Related Questions in BUILDING-GITHUB-ACTIONS

Related Questions in GITHUB-ACTIONS-SELF-HOSTED-RUNNERS

Trending Questions

Popular # Hahtags

Popular Questions