Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

VMR synchronization started requiring Maestro authentication #4389

Open
premun opened this issue Jan 28, 2025 · 0 comments
Open

VMR synchronization started requiring Maestro authentication #4389

premun opened this issue Jan 28, 2025 · 0 comments
Labels
Ops - First Responder

Comments

@premun
Copy link
Member

premun commented Jan 28, 2025

Context

Some developers (UB, SB) use the vmr-sync script to synchronize their local VMRs.
Some of them use Linux where the web authentication flow does not work. However, the authentication should not be required for most flows where public repos (GitHub) are used only.

The full exception I got when I tried this out is this:

prvysoky@PRVYSOKY-OVERTHINKPAD:/mnt/d/repos/arcade-services/src/Microsoft.DotNet.Darc/Darc$ ../../../.dotnet/dotnet run -- vmr update --vmr /mnt/d/tmp/dotnet2/ --tmp /mnt/d/tmp --debug scenario-tests:141707edc417c4d0430d8522ee6eb277912610cb
[0.0.99-dev / Microsoft.DotNet.Darc.exe] darc command issued: vmr update --vmr /mnt/d/tmp/dotnet2/ --tmp /mnt/d/tmp --debug scenario-tests:141707edc417c4d0430d8522ee6eb277912610cb
Unhandled exception encountered
Azure.Identity.AuthenticationFailedException: InteractiveBrowserCredential authentication failed: Persistence check failed. Inspect inner exception for details
 ---> Microsoft.Identity.Client.Extensions.Msal.MsalCachePersistenceException: Persistence check failed. Inspect inner exception for details
 ---> System.DllNotFoundException: Unable to load shared library 'libsecret-1.so.0' or one of its dependencies. In order to help diagnose loading problems, consider using a tool like strace. If you're using glibc, consider setting the LD_DEBUG environment variable:
/mnt/d/repos/arcade-services/artifacts/bin/Microsoft.DotNet.Darc/Debug/net6.0/runtimes/linux-x64/native/libsecret-1.so.0: cannot open shared object file: No such file or directory
/mnt/d/repos/arcade-services/.dotnet/shared/Microsoft.NETCore.App/8.0.7/libsecret-1.so.0: cannot open shared object file: No such file or directory
/mnt/d/repos/arcade-services/artifacts/bin/Microsoft.DotNet.Darc/Debug/net6.0/libsecret-1.so.0: cannot open shared object file: No such file or directory
/mnt/d/repos/arcade-services/artifacts/bin/Microsoft.DotNet.Darc/Debug/net6.0/runtimes/linux-x64/native/liblibsecret-1.so.0: cannot open shared object file: No such file or directory
/mnt/d/repos/arcade-services/.dotnet/shared/Microsoft.NETCore.App/8.0.7/liblibsecret-1.so.0: cannot open shared object file: No such file or directory
/mnt/d/repos/arcade-services/artifacts/bin/Microsoft.DotNet.Darc/Debug/net6.0/liblibsecret-1.so.0: cannot open shared object file: No such file or directory
/mnt/d/repos/arcade-services/artifacts/bin/Microsoft.DotNet.Darc/Debug/net6.0/runtimes/linux-x64/native/libsecret-1.so.0.so: cannot open shared object file: No such file or directory
/mnt/d/repos/arcade-services/.dotnet/shared/Microsoft.NETCore.App/8.0.7/libsecret-1.so.0.so: cannot open shared object file: No such file or directory
/mnt/d/repos/arcade-services/artifacts/bin/Microsoft.DotNet.Darc/Debug/net6.0/libsecret-1.so.0.so: cannot open shared object file: No such file or directory
/mnt/d/repos/arcade-services/artifacts/bin/Microsoft.DotNet.Darc/Debug/net6.0/runtimes/linux-x64/native/liblibsecret-1.so.0.so: cannot open shared object file: No such file or directory
/mnt/d/repos/arcade-services/.dotnet/shared/Microsoft.NETCore.App/8.0.7/liblibsecret-1.so.0.so: cannot open shared object file: No such file or directory
/mnt/d/repos/arcade-services/artifacts/bin/Microsoft.DotNet.Darc/Debug/net6.0/liblibsecret-1.so.0.so: cannot open shared object file: No such file or directory

   at Microsoft.Identity.Client.Extensions.Msal.Libsecret.secret_schema_new(String name, Int32 flags, String attribute1, Int32 attribute1Type, String attribute2, Int32 attribute2Type, IntPtr end)
   at Microsoft.Identity.Client.Extensions.Msal.LinuxKeyringAccessor.GetLibsecretSchema()
   at Microsoft.Identity.Client.Extensions.Msal.LinuxKeyringAccessor.Write(Byte[] data)
   at Microsoft.Identity.Client.Extensions.Msal.Storage.VerifyPersistence()
   --- End of inner exception stack trace ---
   at Microsoft.Identity.Client.Extensions.Msal.Storage.VerifyPersistence()
   at Microsoft.Identity.Client.Extensions.Msal.MsalCacheHelper.VerifyPersistence()
   at Azure.Identity.MsalCacheHelperWrapper.VerifyPersistence()
   at Azure.Identity.TokenCache.GetCacheHelperAsync(Boolean async, CancellationToken cancellationToken)
   at Azure.Identity.TokenCache.GetCacheHelperAsync(Boolean async, CancellationToken cancellationToken)
   at Azure.Identity.TokenCache.RegisterCache(Boolean async, ITokenCache tokenCache, CancellationToken cancellationToken)
   at Azure.Identity.MsalClientBase`1.GetClientAsync(Boolean enableCae, Boolean async, CancellationToken cancellationToken)
   at Azure.Identity.MsalPublicClient.AcquireTokenInteractiveCoreAsync(String[] scopes, String claims, Prompt prompt, String loginHint, String tenantId, Boolean enableCae, BrowserCustomizationOptions browserOptions, TokenRequestContext tokenRequestContext, Boolean async, CancellationToken cancellationToken)
   at Azure.Identity.MsalPublicClient.AcquireTokenInteractiveAsync(String[] scopes, String claims, Prompt prompt, String loginHint, String tenantId, Boolean enableCae, BrowserCustomizationOptions browserOptions, TokenRequestContext tokenRequestContext, Boolean async, CancellationToken cancellationToken)
   at Azure.Identity.InteractiveBrowserCredential.GetTokenViaBrowserLoginAsync(TokenRequestContext context, Boolean async, CancellationToken cancellationToken)
   at Azure.Identity.InteractiveBrowserCredential.AuthenticateImplAsync(Boolean async, TokenRequestContext requestContext, CancellationToken cancellationToken)
   --- End of inner exception stack trace ---
   at Azure.Identity.CredentialDiagnosticScope.FailWrapAndThrow(Exception ex, String additionalMessage, Boolean isCredentialUnavailable)
   at Azure.Identity.InteractiveBrowserCredential.AuthenticateImplAsync(Boolean async, TokenRequestContext requestContext, CancellationToken cancellationToken)
   at Azure.Core.Pipeline.TaskExtensions.EnsureCompleted[T](Task`1 task)
   at Azure.Identity.InteractiveBrowserCredential.Authenticate(TokenRequestContext requestContext, CancellationToken cancellationToken)
   at Maestro.Common.AppCredentials.AppCredential.GetInteractiveCredential(String appId, TokenRequestContext requestContext, String authRecordPath) in /mnt/d/repos/arcade-services/src/Maestro/Maestro.Common/AppCredentials/AppCredential.cs:line 111
   at Maestro.Common.AppCredentials.AppCredential.CreateUserCredential(String appId, TokenRequestContext requestContext) in /mnt/d/repos/arcade-services/src/Maestro/Maestro.Common/AppCredentials/AppCredential.cs:line 53
   at Maestro.Common.AppCredentials.AppCredential.CreateUserCredential(String appId, String userScope) in /mnt/d/repos/arcade-services/src/Maestro/Maestro.Common/AppCredentials/AppCredential.cs:line 45
   at Maestro.Common.AppCredentials.AppCredentialResolver.CreateCredential(AppCredentialResolverOptions options) in /mnt/d/repos/arcade-services/src/Maestro/Maestro.Common/AppCredentials/AppCredentialResolver.cs:line 34
   at Microsoft.DotNet.ProductConstructionService.Client.ProductConstructionServiceApiOptions..ctor(String baseUri, String accessToken, String managedIdentityId, Boolean disableInteractiveAuth) in /mnt/d/repos/arcade-services/src/ProductConstructionService/Microsoft.DotNet.ProductConstructionService.Client/ProductConstructionServiceApiOptions.cs:line 49
   at Microsoft.DotNet.ProductConstructionService.Client.PcsApiFactory.GetAuthenticated(String baseUri, String accessToken, String managedIdentityId, Boolean disableInteractiveAuth) in /mnt/d/repos/arcade-services/src/ProductConstructionService/Microsoft.DotNet.ProductConstructionService.Client/PcsApiFactory.cs:line 58
   at Microsoft.DotNet.DarcLib.BarApiClient..ctor(String buildAssetRegistryPat, String managedIdentityId, Boolean disableInteractiveAuth, String buildAssetRegistryBaseUri) in /mnt/d/repos/arcade-services/src/Microsoft.DotNet.Darc/DarcLib/BarApiClient.cs:line 26
   at Microsoft.DotNet.Darc.Options.CommandLineOptions.<>c__DisplayClass42_0.<RegisterServices>b__2(IServiceProvider sp) in /mnt/d/repos/arcade-services/src/Microsoft.DotNet.Darc/Darc/Options/CommandLineOptions.cs:line 146
   at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitFactory(FactoryCallSite factoryCallSite, RuntimeResolverContext context)
   at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteVisitor`2.VisitCallSiteMain(ServiceCallSite callSite, TArgument argument)
   at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitRootCache(ServiceCallSite callSite, RuntimeResolverContext context)
   at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteVisitor`2.VisitCallSite(ServiceCallSite callSite, TArgument argument)
   at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.Resolve(ServiceCallSite callSite, ServiceProviderEngineScope scope)
   at Microsoft.Extensions.DependencyInjection.ServiceProvider.CreateServiceAccessor(ServiceIdentifier serviceIdentifier)
   at System.Collections.Concurrent.ConcurrentDictionary`2.GetOrAdd(TKey key, Func`2 valueFactory)
   at Microsoft.Extensions.DependencyInjection.ServiceProvider.GetService(ServiceIdentifier serviceIdentifier, ServiceProviderEngineScope serviceProviderEngineScope)
   at Microsoft.Extensions.DependencyInjection.ServiceLookup.ServiceProviderEngineScope.GetService(Type serviceType)
   at Microsoft.Extensions.DependencyInjection.ServiceProviderServiceExtensions.GetRequiredService(IServiceProvider provider, Type serviceType)
   at Microsoft.Extensions.DependencyInjection.ServiceProviderServiceExtensions.GetRequiredService[T](IServiceProvider provider)
   at Microsoft.DotNet.Darc.Options.CommandLineOptions.<>c.<RegisterServices>b__42_3(IServiceProvider sp) in /mnt/d/repos/arcade-services/src/Microsoft.DotNet.Darc/Darc/Options/CommandLineOptions.cs:line 151
   at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitFactory(FactoryCallSite factoryCallSite, RuntimeResolverContext context)
   at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteVisitor`2.VisitCallSiteMain(ServiceCallSite callSite, TArgument argument)
   at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitRootCache(ServiceCallSite callSite, RuntimeResolverContext context)
   at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteVisitor`2.VisitCallSite(ServiceCallSite callSite, TArgument argument)
   at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitConstructor(ConstructorCallSite constructorCallSite, RuntimeResolverContext context)
   at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteVisitor`2.VisitCallSiteMain(ServiceCallSite callSite, TArgument argument)
   at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitDisposeCache(ServiceCallSite transientCallSite, RuntimeResolverContext context)
   at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteVisitor`2.VisitCallSite(ServiceCallSite callSite, TArgument argument)
   at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.Resolve(ServiceCallSite callSite, ServiceProviderEngineScope scope)
   at Microsoft.Extensions.DependencyInjection.ServiceLookup.DynamicServiceProviderEngine.<>c__DisplayClass2_0.<RealizeService>b__0(ServiceProviderEngineScope scope)
   at Microsoft.Extensions.DependencyInjection.ServiceProvider.GetService(ServiceIdentifier serviceIdentifier, ServiceProviderEngineScope serviceProviderEngineScope)
   at Microsoft.Extensions.DependencyInjection.ServiceProvider.GetService(Type serviceType)
   at Microsoft.Extensions.DependencyInjection.ActivatorUtilities.ConstructorInfoEx.GetService(IServiceProvider serviceProvider, Int32 parameterIndex)
   at Microsoft.Extensions.DependencyInjection.ActivatorUtilities.ConstructorMatcher.CreateInstance(IServiceProvider provider)
   at Microsoft.Extensions.DependencyInjection.ActivatorUtilities.CreateInstance(IServiceProvider provider, Type instanceType, Object[] parameters)
   at Microsoft.Extensions.DependencyInjection.ActivatorUtilities.CreateInstance[T](IServiceProvider provider, Object[] parameters)
   at Microsoft.DotNet.Darc.Options.CommandLineOptions`1.GetOperation(ServiceProvider sp) in /mnt/d/repos/arcade-services/src/Microsoft.DotNet.Darc/Darc/Options/CommandLineOptions.cs:line 23
   at Microsoft.DotNet.Darc.Program.RunOperation(CommandLineOptions opts, ServiceProvider sp) in /mnt/d/repos/arcade-services/src/Microsoft.DotNet.Darc/Darc/Program.cs:line 68

Goal

Fix the darc vmr update command to not require auth by default (only when it's really needed).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Ops - First Responder
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@premun