fix: resolves #5074 #5102
Open
fix: resolves #5074 #5102
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…tions when cluster is azure rbac enabled or local account is disabled
pauldotyu
requested review from
wbreza,
vhvb1989,
hemarina,
weikanglim and
JeffreyCA
as code owners
vhvb1989
reviewed
Apr 21, 2025
| @@ -606,6 +606,7 @@ func (t *aksTarget) ensureClusterContext( | |||
| convertOptions := &kubelogin.ConvertOptions{ | |||
| Login: "azd", | |||
| KubeConfig: kubeConfigPath, | |||
| TenantId: t.env.GetTenantId(), | |||
There was a problem hiding this comment.
tenantId is not ensured to be in the azd-environment.
We have a way to resolve the tenantId for a project here: https://github.com/Azure/azure-dev/blob/main/cli/azd/cmd/auth_token.go#L84
Most cases, it is resolved from the subscription Id, which is ensured to be in the azd-env
There was a problem hiding this comment.
Thanks for the review @vhvb1989 and got it... Couldn't we also get it directly from the cluster to ensure the kubelogin get-token command is for the exact tenant that it is deployed into and not worry about azd auth env variables?
Suggested change
| TenantId: t.env.GetTenantId(), | |
| TenantId: *managedCluster.Properties.AADProfile.TenantID, |
There was a problem hiding this comment.
Let me ping @wbreza as I am not very familiar with the managedCluster
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Resolves #5074 by adding tenant id to kubeconfig convert options when cluster is Azure RBAC enabled or local account is disabled.