Containerizing .net core mvc fails with missing libsecret-1.so.0

Jeremiah Adams 171 Reputation points
2021-05-18T21:34:06.307+00:00

I've a working .NET Core MVC project PoC. This deploys to azure and works as expected. I am now attempting to containerize it for K8S deploys.

This application uses a SecretClient to fetch secrets from AZ Key Vault.

In Visual Studio 2019 I have right-clicked the project and added docker support. When I run the application it fails when attempting to fetch the value of the secret with this exception:

Microsoft.Identity.Client.Extensions.TraceSource Error: 0 : [MSAL.Extension][2021-05-18T21:21:46.7485285Z] [Verify Persistence] Could not clear the test data: System.DllNotFoundException: Unable to load shared library 'libsecret-1.so.0' or one of its dependencies. In order to help diagnose loading problems, consider setting the LD_DEBUG environment variable: liblibsecret-1.so.0: cannot open shared object file: No such file or directory
   at Microsoft.Identity.Client.Extensions.Msal.Libsecret.secret_schema_new(String name, Int32 flags, String attribute1, Int32 attribute1Type, String attribute2, Int32 attribute2Type, IntPtr end)
   at Microsoft.Identity.Client.Extensions.Msal.LinuxKeyringAccessor.GetLibsecretSchema()
   at Microsoft.Identity.Client.Extensions.Msal.LinuxKeyringAccessor.Clear()
   at Microsoft.Identity.Client.Extensions.Msal.MsalCacheStorage.VerifyPersistence()
Exception thrown: 'Azure.Identity.AuthenticationFailedException' in Azure.Security.KeyVault.Secrets.dll
An unhandled exception of type 'Azure.Identity.AuthenticationFailedException' occurred in Azure.Security.KeyVault.Secrets.dll: 'SharedTokenCacheCredential authentication failed: Persistence check failed. Inspect inner exception for details'
Stack trace:

I have tracked this down to understand that Alpine and Buster images do not have an install candidate for 'libsecret-1.so.0'. So I changed my Dockerfile to pull from 3.1-Focal and added commands to install the missing dependency. This all appears to work as expected but now throws a new Exception:

Exception thrown: 'Azure.Identity.AuthenticationFailedException' in Azure.Security.KeyVault.Secrets.dll
An unhandled exception of type 'Azure.Identity.AuthenticationFailedException' occurred in Azure.Security.KeyVault.Secrets.dll: 'SharedTokenCacheCredential authentication failed: Persistence check failed. Data was written but it could not be read. Possible cause: on Linux, LibSecret is installed but D-Bus isn't running because it cannot be started over SSH.'

Is this an example of .net core that won't run on linux?
Anyone know how to proceed to get this authentication to key vault to happen on a linux container?

.NET
.NET
Microsoft Technologies based on the .NET software framework.
3,600 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Jeremiah Adams 171 Reputation points
    2021-05-19T18:39:30.853+00:00

    For the next person that runs into this issue: https://github.com/Azure/azure-sdk-for-net/issues/17052

    0 comments No comments