Share via

Azure DevOps pipeline Login failed for user '

Dimitar Grozev 80 Reputation points
2024-01-19T11:57:08.0033333+00:00

Greetings,

We have a build pipeline that creates two ef migration bundles, which we then use in our release pipeline in a powershell scrip to apply to our Azure SQL Database. The release pipeline uses a service principle that is added to an Entra ID security group which the SQL Server has set as an admin. The Azure SQL Server is also inside a VNet with the option to talk to other azure services enabled . The ef bundles use the IDesignTimeDbContextFactory approach as the DbContext constructors accepts parameters.

Things I have tried so far:

  • Set the Azure SQL admin to be the service principle directly not using the group
  • Use a manual service connection instead of an automatic
  • Set the connection string as a flag to the execution of the efbundle.exe as well as a cli argument for the IDesignTimeDbContextFactory to accept
  • Try to manually fetch the token using the Az module
$token = (Get-AzAccessToken -ResourceUrl https://database.windows.net).Token
  • Add the service principle as a user in the database

Stack trace in Azure DevOps release pipeline:

I have been at this for 2 days, please assist :)

Thank you

Community Center Not monitored
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Pinaki Ghatak 5,600 Reputation points Microsoft Employee Volunteer Moderator
    2024-01-19T12:49:18.9866667+00:00

    Hello @Dimitar Grozev Hello, It seems like you’re having trouble with your Azure SQL Database and Entity Framework migrations. Here are a few additional things you could try:

    Check the permissions: Ensure that the service principal has the necessary permissions to execute the migrations on the Azure SQL Database.

    Check the connection string: Make sure that the connection string used by the IDesignTimeDbContextFactory is correct and has the necessary access to the Azure SQL Database.

    Use Azure Active Directory authentication: If you’re not already doing so, consider using Azure Active Directory authentication with the service principal.

    Check the firewall rules: Ensure that the necessary firewall rules are in place to allow the service principal to access the Azure SQL Database.

    Debug the pipeline: Consider adding some debug logging to your pipeline to help identify where the issue might be occurring.

    Remember to always keep your sensitive information secure when debugging and testing.

    I hope this helps!

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.