Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[REGRESSION]: Failed to obtain the Json Web Token(JWT) using service principal client ID #20279

Open
4 of 7 tasks
bradselw opened this issue Aug 9, 2024 · 1 comment
Open
4 of 7 tasks

[REGRESSION]: Failed to obtain the Json Web Token(JWT) using service principal client ID #20279

bradselw opened this issue Aug 9, 2024 · 1 comment
Labels
bug regression This used to work, but a change in the service/tasks broke it. triage

Comments

@bradselw
Copy link
Member

bradselw commented Aug 9, 2024
edited
Loading

New issue checklist

Task name

PublishToAzureServiceBusV2

Breaking task version

2.243.0

Last working task version

2.243.0

Regression Description

As part of security work at Microsoft, we switched our pipelines from PublishToAzureServiceBusV1 (which uses a connection string to publish messages to an Azure Service Bus) to PublishToAzureServiceBusV2 (which uses a federated workload identity).

At around 8/5 at 5pm UTC, these tasks started failing with the following message:
image

Since then, the errors have been increasing in frequency:
image

Environment type (Please select at least one enviroment where you face this issue)

  • Self-Hosted
  • Microsoft Hosted
  • VMSS Pool
  • Container

Azure DevOps Server type

dev.azure.com (formerly visualstudio.com)

Azure DevOps Server Version (if applicable)

No response

Operation system

Agentless

Relevant log output

Failed to obtain the Json Web Token(JWT) using service principal client ID

Full task logs with system.debug enabled

UNSUCCESSFUL RUN 
"Message payload signature was not generated."
Failed to obtain the Json Web Token(JWT) using service principal client ID
SUCCESSFUL RUN 
"Message payload signature was not generated."
2024-08-09T17:41:53.0426621Z Received instance ID of: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx.xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx.xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx.xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
2024-08-09T17:41:53.5453278Z Successfully started orchestration with ID 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx.xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx.xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx.xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx'.
2024-08-09T17:41:53.6093454Z Getting build status for build ID 10019795
2024-08-09T17:41:54.3673798Z Found build ID '10019795' with status 'Completed'
2024-08-09T17:41:54.8858050Z 'DD-CB-PR' with run ID '10019795' completed with result 'Succeeded'.

Repro steps

- task: PublishToAzureServiceBus@2
  inputs:
    azureSubscription: 'VSEng/DartLab'
    serviceBusQueueName: 'deploymachines-prod1'
    serviceBusNamespace: 'vsengtradtl'
    signPayload: false
    waitForCompletion: true
    useDataContractSerializer: false
@bradselw bradselw added bug regression This used to work, but a change in the service/tasks broke it. labels Aug 9, 2024
@v-schhabra
Copy link
Contributor

Please refer this icm for more updates https://portal.microsofticm.com/imp/v5/incidents/details/530278277/summary

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug regression This used to work, but a change in the service/tasks broke it. triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bradselw @v-schhabra