Description of problem: I added a new Azure provider but did not specify a Subscription ID. Upon save, it defaulted to 9ee63d8e-aee7-4121-861c-d67a5b8d231e Tried again on a different appliance and different azure account and it defaulted to the same ID of 9ee63d8e-aee7-4121-861c-d67a5b8d231e Version-Release number of selected component (if applicable): 5.6.0.4-beta2.3.20160421172650_719e256 How reproducible: Both my system and Sshveta's system. Steps to Reproduce: 1. Add an Azure Cloud provider. 2. Do not enter anything in the subscriber ID field. (It's not required as of now.) 3. Save the provider. Actual results: If you immediately edit the provider you see the above subscription id. When you go to provider summary, last refresh may say failed. [----] E, [2016-04-29T14:59:51.215759 #19372:f2f990] ERROR -- : [Azure::Armrest::UnauthorizedException]: The access token is from the wrong issuer 'https://sts.windows.net/ad645659-ecb0-41a4-a7ad-3ce6d10910bf/'. It must match the tenant 'https://sts.windows.net/2e64678d-2fa8-40ed-8922-c9b8e2c3f100/' associated with this subscription. Please use the authority (URL) 'https://login.windows.net/2e64678d-2fa8-40ed-8922-c9b8e2c3f100' to get the token. Note, if the subscription is transferred to another tenant there is no impact to the services, but information about new tenant could take time to propagate (up to an hour). If you just transferred your subscription and see this error message, please try back later. Method:[rescue in block in refresh] Expected results: Either don't supply and ID or make the field mandatory. Additional info:
I am unable to duplicate this on master. I get subscription e6adc15d-xxx and it reports success. However, it's not impossible that you could get a mismatch between the subscription and the tenant id, as we have seen this before. In any case, I've submitted a PR to the azure-armrest gem which I believe will solve the problem. It does mean making 1 or more additional HTTP requests if no subscription ID is provided, as there is simply no other way to tell afaik. https://github.com/ManageIQ/azure-armrest/pull/164
Few updates. It's not immediately. It could take up to a minute. Second, it is definitely adding a subscription ID if one is not provided. 1. Add a new provider without setting the Subscription. 2. Validate Provider and then Save. 3. Wait a minute or so, and then Edit Provider. 4. In all my tries, it now showed a Subscriber ID. I did this latest test on a new appliance to make sure nothing was being cached. Can no longer reproduce the case where it retrieves an incorrect Subscription ID.
https://github.com/ManageIQ/manageiq/pull/8546
New commit detected on ManageIQ/manageiq/master: https://github.com/ManageIQ/manageiq/commit/3868db7172ca8a28e7e7dcb2603548531b018ab0 commit 3868db7172ca8a28e7e7dcb2603548531b018ab0 Author: Bronagh Sorota <bsorota> AuthorDate: Mon May 9 10:58:55 2016 -0400 Commit: Bronagh Sorota <bsorota> CommitDate: Mon May 9 10:58:55 2016 -0400 Bumped to latest azure-armrest gem https://bugzilla.redhat.com/show_bug.cgi?id=1331843 gems/pending/Gemfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
https://github.com/ManageIQ/manageiq/pull/8407
This looks good. It's just grabbing the default if one does not exist. Verified the gem version and moving to Verified for 5606.
https://github.com/ManageIQ/manageiq/pull/8473
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2016:1348