question

StevenCheng71 avatar image
0 Votes"
StevenCheng71 asked prmanhas-MSFT commented

When I use bitbucket pipeline to deploy aks , an unable to recognize error occurred.

This is my screenshot.
99959-screen-shot-2021-05-27-at-072534.png

The pipeline run
$ az aks get-credentials
is success.

and
$ kubectl config use-context MY_AKS_NAME
success.

but
$ kubectl apply -f deployment.yml
is need to authenticate.

I can't to authenticate in continue deployment environment.
How to resolve it.



azure-kubernetes-service
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DeanPorter-4288 avatar image
0 Votes"
DeanPorter-4288 answered

I don't think you can use any type of interactive login, you will need to create an SPN in Azure and then specify that in the pipeline.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

prmanhas-MSFT avatar image
0 Votes"
prmanhas-MSFT answered prmanhas-MSFT commented

@StevenCheng71 Adding to @DeanPorter-4288 comment above yes he is right that you will need to create a Service Principal first in Azure .

As mentioned here:

You will need create a service principal with enough access to create an Azure App Service app. A service principal is an identity you can use in tools to interact with Azure. Use the following command to create a service principal.

az ad sp create-for-rbac --name <name for your principal>

This will give you a list of values that you can add to your variables in Bitbucket (in repository > Settings > Repository variables.

Where:

appId → AZURE_APP_ID

password → AZURE_PASSWORD

tenant → AZURE_TENANT_I


You can the refer to above documentation for deployment yml samples.

Hope it helps!!!

Please "Accept as Answer" if it helped so it can help others in community looking for help on similar topics.


· 5
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@prmanhas-MSFT Thanks for your answer. I will try it.

0 Votes 0 ·

@prmanhas-MSFT I rleady have a service principal.
I can use az login in my pipeline.
It it success.
But how can I check my service pricipal have enough access to deploy to my aks?

0 Votes 0 ·

@StevenCheng71 Apologies for the delay in response since I missed on the notification.

You can check below to understand what access is given to Service Principal to AKS:

https://docs.microsoft.com/en-us/azure/aks/kubernetes-service-principal?tabs=azure-cli

https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal

Hope it helps!!!

Please "Accept as Answer" if above answer helped so it can help others in community looking for help on similar topics.


1 Vote 1 ·

@prmanhas-MSFT Thanks for your reply!

0 Votes 0 ·
Show more comments