boltops-tools / armrest Goto Github PK
View Code? Open in Web Editor NEWLicense: Apache License 2.0
License: Apache License 2.0
The CLI Auth method does not correctly handle getting the token with the adequate scope.
When authenticated with the CLI the current token does not allow reading the vault secrets as its not correctly scoped, it generates the following error when trying to get the secrets:
WARN: AKV10022: Invalid audience. Expected https://vault.azure.net, found: https://management.core.windows.net/.
After troubleshooting this issue I found that the get_access_token
method would need to handle scoping so the token is generated for the needed API call.
Small hack: Note this fixes the armrest secret show
command but breaks the rest as the token is no longer valid for other API calls like resource creation...
armrest/lib/armrest/api/auth/cli.rb
Line 28 in 80d2d88
Add this just after the above line:
if ENV['ARMREST_VAULT'] || ENV['ARM_VAULT']
command = command + ' --scope "https://vault.azure.net/.default"'
end
Hi,
Any particular reason that you set camelize(data)
at line 67?
As I got an issue to set Azure Tags as it does not respect the case sensitivity and underscore for my azure backend tags
So as a workaround, I removed the line 67 on my local development machine and it works as expected
Thanks
armrest/lib/armrest/api/base.rb
Lines 65 to 71 in 3bb38d3
Reproduce:
az login -u xxx -p xxx # output account detail in json
armrest auth # output Unable to authenticate
armrest auth msi # output Unable to authenticate
armrest auth cli # output Unable to authenticate
Testing Environment:
os: wsl ubuntu 20.04
version: armrest v0.1.3
I'm a newbie in ruby. I try to debug with vscode on windows but It's quite difficult cuz there are some issue with devkit.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.