Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-48171

Unable to verify configuration with a valid credential

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Cannot Reproduce
    • Icon: Blocker Blocker
    • _unsorted
    • None
    • Jenkins version 2.91 installed on Azure VM
      Azure VM agents version 0.4.8

      I'm trying to add a "Microsoft Azure VM Agents" Cloud with a valid Azure Credential (this credential is OK when validating it on Credential Management Panel)

      When i'm trying to validate the new Cloud instance, one error is displayed

      Trying to get the real cause of it on Jenkins log on it (CF  Issue https://issues.jenkins-ci.org/browse/JENKINS-46337 )

       

      Error shown in logs

       

      Caused by: java.util.concurrent.ExecutionException: com.microsoft.azure.vmagent.exceptions.AzureCloudException: Exceeded maximum retry count 3: Status code 403, {"error":{"code":"AuthorizationFailed","message":"The client '3f7e9fcf-1d40-4b43-ba60-89be3db09aa0' with object id '3f7e9fcf-1d40-4b43-ba60-89be3db09aa0' does not have authorization to perform action 'Microsoft.Storage/storageAccounts/read' over scope '/subscriptions/90f11acb-fb53-4aff-9a5f-672791875bed/resourceGroups/jenkins/providers/Microsoft.Storage/storageAccounts/CI_SYSTEM'."}}
at java.util.concurrent.FutureTask.report(FutureTask.java:122)
at java.util.concurrent.FutureTask.get(FutureTask.java:192)
at com.microsoft.azure.vmagent.util.ExecutionEngine.executeWithRetry(ExecutionEngine.java:41)
... 89 more
Caused by: com.microsoft.azure.vmagent.exceptions.AzureCloudException: Exceeded maximum retry count 3: Status code 403, {"error":{"code":"AuthorizationFailed","message":"The client '3f7e9fcf-1d40-4b43-ba60-89be3db09aa0' with object id '3f7e9fcf-1d40-4b43-ba60-89be3db09aa0' does not have authorization to perform action 'Microsoft.Storage/storageAccounts/read' over scope '/subscriptions/90f11acb-fb53-4aff-9a5f-672791875bed/resourceGroups/jenkins/providers/Microsoft.Storage/storageAccounts/CI_SYSTEM'."}}
at com.microsoft.azure.vmagent.exceptions.AzureCloudException.create(AzureCloudException.java:49)
at com.microsoft.azure.vmagent.retry.ExponentialRetryStrategy.canRetry(ExponentialRetryStrategy.java:60)
at com.microsoft.azure.vmagent.retry.ExponentialRetryStrategy.handleRetry(ExponentialRetryStrategy.java:48)
at com.microsoft.azure.vmagent.retry.RetryTask.call(RetryTask.java:52)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
... 3 more

      It seems, this plugin try to search for a ResourceGroup called CI_SYSTEM first then allow us to specify one, this doesn't reflect the real error.

      The issue is that I don't have "read access" to any ressource groups (my current subscription disallow me to do that), BUT I can use a specified one.

      In this case, we should enter a specified resource group without browsing it on Azure (so not using a select field, but a textfield)

       

        1. image-2017-11-22-18-03-32-405.png
          image-2017-11-22-18-03-32-405.png
          7 kB
        2. image-2017-11-27-11-03-25-664.png
          image-2017-11-27-11-03-25-664.png
          47 kB

            azure_devops Azure DevOps
            abouquet Anthony BOUQUET
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: