Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

az token expires before packer finishes all the steps #456

Closed
Dellson opened this issue Dec 1, 2024 · 6 comments
Closed

az token expires before packer finishes all the steps #456

Dellson opened this issue Dec 1, 2024 · 6 comments
Labels

Comments

@Dellson
Copy link

Dellson commented Dec 1, 2024

Overview of the Issue

After packer successfully finishes running the hcl file, it attempts to delete the remaining Azure resources.
It fails to do so with the Error: retry count exhausted. Last err: performing Delete: authorizing request: running Azure CLI: exit status 1: ERROR: AADSTS700024: Client assertion is not within its valid time range.

I noticed the issue for the first time last Wednesday. I did not modify none of the scripts used by Packer in the meantime.

Plugin and Packer version

packer {
  required_plugins {
    azure = {
      source  = "github.com/hashicorp/azure"
      version = "~> 1"
    }
    windows-update = {
      version = "0.16.7"
      source = "github.com/rgl/windows-update"
    }
  }
}

source "azure-arm"

Simplified Packer Buildfile

source "azure-arm" "exact-ta-template" {
  azure_tags = {
    	GalleryImageVersion = "${var.destination_gallery_image_version}"
  }
  communicator                      = "winrm"
  location                          = "${var.location}"
  os_type                           = "Windows"
  use_azure_cli_auth                = true
  vm_size                           = "${var.vm_size}"
  winrm_insecure                    = "true"
  winrm_timeout                     = "5m"
  winrm_use_ssl                     = "true"
  winrm_username                    = "${var.elevated_user}"

  shared_image_gallery {
    subscription        = "${var.subscription}"
    resource_group      = "${var.resource_group}"
    gallery_name        = "${var.source_gallery_name}"
    image_name          = "${var.source_gallery_image_name}"
    image_version       = "${var.source_gallery_image_version}"
  }

  shared_image_gallery_destination {
    subscription        = "${var.subscription}"
    resource_group      = "${var.resource_group}"
    gallery_name        = "${var.destination_gallery_name}"
    image_name          = "${var.destination_gallery_image_name}"
    image_version       = "${var.destination_gallery_image_version}"
  }
  
  managed_image_name                = "${var.destination_gallery_image_version}"
  managed_image_resource_group_name = "${var.resource_group}"
}

build {
  sources = ["source.azure-arm.exact-ta-template"]

  provisioner "windows-update" {
    search_criteria = "IsInstalled=0 and Type='Software' and IsHidden=0"
  }

  provisioner "powershell" {
    environment_vars = ["osShort=${var.packer_OS_name}"]
    scripts = ["scripts/packer_scripts/generalize_machine_with_sysprep.ps1"]
  }
}

Operating system and Environment details

Reproduced on Windows 10 (win10-22h2-pron-g2 from Azure).

  • azure-cli 2.67.0
  • core 2.67.0
  • telemetry 1.1.0
  • Extensions:
    • azure-devops 1.0.1
  • Dependencies:
    • msal 1.31.0
    • azure-mgmt-resource 23.1.1

Log Fragments and crash.log files

Last bit of the logs (redacted):

2024/11/26 18:59:49 packer.exe plugin: [INFO] 511 bytes written for 'uploadData'
2024/11/26 18:59:49 [INFO] 511 bytes written for 'uploadData'
2024/11/26 18:59:49 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 18:59:49 Uploading file to 'c:/Windows/Temp/packer-cleanup-67461a4d-d92e-2139-a12d-b280a6f62bd8.ps1'
2024/11/26 18:59:51 packer.exe plugin: failed to upload the remote cleanup script: "clean up script \"c:/Windows/Temp/packer-cleanup-67461a4d-d92e-2139-a12d-b280a6f62bd8.ps1\" failed to upload: Error uploading file to $env:TEMP\\winrmcp-6a156c5c-5bab-4e1e-47f4-b7e053f0f3c7.tmp: Couldn't create shell: http response error: 401 - invalid content type"
2024/11/26 18:59:51 packer.exe plugin: Retryable error: clean up script "c:/Windows/Temp/packer-cleanup-67461a4d-d92e-2139-a12d-b280a6f62bd8.ps1" failed to upload: Error uploading file to $env:TEMP\winrmcp-6a156c5c-5bab-4e1e-47f4-b7e053f0f3c7.tmp: Couldn't create shell: http response error: 401 - invalid content type
2024/11/26 19:00:01 packer.exe plugin: [INFO] 511 bytes written for 'uploadData'
2024/11/26 19:00:01 [INFO] 511 bytes written for 'uploadData'
2024/11/26 19:00:01 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:00:01 Uploading file to 'c:/Windows/Temp/packer-cleanup-67461a4d-d92e-2139-a12d-b280a6f62bd8.ps1'
2024/11/26 19:00:02 packer.exe plugin: failed to upload the remote cleanup script: "clean up script \"c:/Windows/Temp/packer-cleanup-67461a4d-d92e-2139-a12d-b280a6f62bd8.ps1\" failed to upload: Error uploading file to $env:TEMP\\winrmcp-f55f5091-3a2f-46a8-744f-0082f1ce5aaf.tmp: Couldn't create shell: http response error: 401 - invalid content type"
2024/11/26 19:00:02 packer.exe plugin: Retryable error: clean up script "c:/Windows/Temp/packer-cleanup-67461a4d-d92e-2139-a12d-b280a6f62bd8.ps1" failed to upload: Error uploading file to $env:TEMP\winrmcp-f55f5091-3a2f-46a8-744f-0082f1ce5aaf.tmp: Couldn't create shell: http response error: 401 - invalid content type
2024/11/26 19:00:12 packer.exe plugin: [INFO] 511 bytes written for 'uploadData'
2024/11/26 19:00:12 [INFO] 511 bytes written for 'uploadData'
2024/11/26 19:00:12 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:00:12 Uploading file to 'c:/Windows/Temp/packer-cleanup-67461a4d-d92e-2139-a12d-b280a6f62bd8.ps1'
2024/11/26 19:00:13 packer.exe plugin: failed to upload the remote cleanup script: "clean up script \"c:/Windows/Temp/packer-cleanup-67461a4d-d92e-2139-a12d-b280a6f62bd8.ps1\" failed to upload: Error uploading file to $env:TEMP\\winrmcp-b49a4a25-a4f4-4cc6-4b6e-c8683dacc8e7.tmp: Couldn't create shell: http response error: 401 - invalid content type"
2024/11/26 19:00:13 packer.exe plugin: Retryable error: clean up script "c:/Windows/Temp/packer-cleanup-67461a4d-d92e-2139-a12d-b280a6f62bd8.ps1" failed to upload: Error uploading file to $env:TEMP\winrmcp-b49a4a25-a4f4-4cc6-4b6e-c8683dacc8e7.tmp: Couldn't create shell: http response error: 401 - invalid content type
2024/11/26 19:00:23 packer.exe plugin: [INFO] 511 bytes written for 'uploadData'
2024/11/26 19:00:23 [INFO] 511 bytes written for 'uploadData'
2024/11/26 19:00:23 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:00:23 Uploading file to 'c:/Windows/Temp/packer-cleanup-67461a4d-d92e-2139-a12d-b280a6f62bd8.ps1'
2024/11/26 19:00:24 packer.exe plugin: failed to upload the remote cleanup script: "clean up script \"c:/Windows/Temp/packer-cleanup-67461a4d-d92e-2139-a12d-b280a6f62bd8.ps1\" failed to upload: Error uploading file to $env:TEMP\\winrmcp-0b3b2c1e-7e8c-45ca-74e7-f47f4b03a1a6.tmp: Couldn't create shell: http response error: 401 - invalid content type"
2024/11/26 19:00:24 packer.exe plugin: Retryable error: clean up script "c:/Windows/Temp/packer-cleanup-67461a4d-d92e-2139-a12d-b280a6f62bd8.ps1" failed to upload: Error uploading file to $env:TEMP\winrmcp-0b3b2c1e-7e8c-45ca-74e7-f47f4b03a1a6.tmp: Couldn't create shell: http response error: 401 - invalid content type
2024/11/26 19:00:35 packer.exe plugin: [INFO] 511 bytes written for 'uploadData'
2024/11/26 19:00:35 [INFO] 511 bytes written for 'uploadData'
2024/11/26 19:00:35 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:00:35 Uploading file to 'c:/Windows/Temp/packer-cleanup-67461a4d-d92e-2139-a12d-b280a6f62bd8.ps1'
2024/11/26 19:00:36 packer.exe plugin: failed to upload the remote cleanup script: "clean up script \"c:/Windows/Temp/packer-cleanup-67461a4d-d92e-2139-a12d-b280a6f62bd8.ps1\" failed to upload: Error uploading file to $env:TEMP\\winrmcp-c747d3bd-04b9-41bc-5418-7830b81ea449.tmp: Couldn't create shell: http response error: 401 - invalid content type"
2024/11/26 19:00:36 packer.exe plugin: Retryable error: clean up script "c:/Windows/Temp/packer-cleanup-67461a4d-d92e-2139-a12d-b280a6f62bd8.ps1" failed to upload: Error uploading file to $env:TEMP\winrmcp-c747d3bd-04b9-41bc-5418-7830b81ea449.tmp: Couldn't create shell: http response error: 401 - invalid content type
2024/11/26 19:00:46 packer.exe plugin: [INFO] 511 bytes written for 'uploadData'
2024/11/26 19:00:46 [INFO] 511 bytes written for 'uploadData'
2024/11/26 19:00:46 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:00:46 Uploading file to 'c:/Windows/Temp/packer-cleanup-67461a4d-d92e-2139-a12d-b280a6f62bd8.ps1'
2024/11/26 19:00:47 packer.exe plugin: failed to upload the remote cleanup script: "clean up script \"c:/Windows/Temp/packer-cleanup-67461a4d-d92e-2139-a12d-b280a6f62bd8.ps1\" failed to upload: Error uploading file to $env:TEMP\\winrmcp-31855b45-ff64-4c39-59ff-02b6efb7fdc2.tmp: Couldn't create shell: http response error: 401 - invalid content type"
2024/11/26 19:00:47 packer.exe plugin: Retryable error: clean up script "c:/Windows/Temp/packer-cleanup-67461a4d-d92e-2139-a12d-b280a6f62bd8.ps1" failed to upload: Error uploading file to $env:TEMP\winrmcp-31855b45-ff64-4c39-59ff-02b6efb7fdc2.tmp: Couldn't create shell: http response error: 401 - invalid content type
2024/11/26 19:00:57 packer.exe plugin: [INFO] 511 bytes written for 'uploadData'
2024/11/26 19:00:57 [INFO] 511 bytes written for 'uploadData'
2024/11/26 19:00:57 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:00:57 Uploading file to 'c:/Windows/Temp/packer-cleanup-67461a4d-d92e-2139-a12d-b280a6f62bd8.ps1'
2024/11/26 19:00:58 packer.exe plugin: failed to upload the remote cleanup script: "clean up script \"c:/Windows/Temp/packer-cleanup-67461a4d-d92e-2139-a12d-b280a6f62bd8.ps1\" failed to upload: Error uploading file to $env:TEMP\\winrmcp-4781b6dd-be7b-4f72-400c-4dc671ee1bbc.tmp: Couldn't create shell: http response error: 401 - invalid content type"
2024/11/26 19:00:58 packer.exe plugin: Retryable error: clean up script "c:/Windows/Temp/packer-cleanup-67461a4d-d92e-2139-a12d-b280a6f62bd8.ps1" failed to upload: Error uploading file to $env:TEMP\winrmcp-4781b6dd-be7b-4f72-400c-4dc671ee1bbc.tmp: Couldn't create shell: http response error: 401 - invalid content type
2024/11/26 19:00:58 packer.exe plugin: remote cleanup script failed to upload; skipping the removal of temporary files: c:/Windows/Temp/packer-ps-env-vars-67461a4d-29d2-1d0d-100a-422110a8708c.ps1,c:/Windows/Temp/script-67461a4d-a0d8-163b-4d89-25ed82a798b9.ps1;
2024/11/26 19:00:58 [INFO] (telemetry) ending powershell
2024/11/26 19:00:58 ui: ==> azure-arm.exact-ta-template: Querying the machine's properties ...
2024/11/26 19:00:58 ui: ==> azure-arm.exact-ta-template:  -> ResourceGroupName : 'pkr-Resource-Group-utx5xwnvjc'
2024/11/26 19:00:58 ui: ==> azure-arm.exact-ta-template:  -> ComputeName       : 'pkrvmutx5xwnvjc'
2024/11/26 19:00:58 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:00:58 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:01:00 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:01:00 [DEBUG] GET https://management.azure.com/subscriptions/[redacted]/resourceGroups/pkr-Resource-Group-utx5xwnvjc/providers/Microsoft.Compute/virtualMachines/pkrvmutx5xwnvjc?api-version=2022-03-01
2024/11/26 19:01:00 ui: ==> azure-arm.exact-ta-template:  -> Managed OS Disk   : '/subscriptions/[redacted]/resourceGroups/pkr-Resource-Group-utx5xwnvjc/providers/Microsoft.Compute/disks/pkrosutx5xwnvjc'
2024/11/26 19:01:00 ui: ==> azure-arm.exact-ta-template: Querying the machine's additional disks properties ...
2024/11/26 19:01:00 ui: ==> azure-arm.exact-ta-template:  -> ResourceGroupName : 'pkr-Resource-Group-utx5xwnvjc'
2024/11/26 19:01:00 ui: ==> azure-arm.exact-ta-template:  -> ComputeName       : 'pkrvmutx5xwnvjc'
2024/11/26 19:01:00 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:01:00 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:01:01 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:01:01 [DEBUG] GET https://management.azure.com/subscriptions/[redacted]/resourceGroups/pkr-Resource-Group-utx5xwnvjc/providers/Microsoft.Compute/virtualMachines/pkrvmutx5xwnvjc?api-version=2022-03-01
2024/11/26 19:01:02 ui: ==> azure-arm.exact-ta-template: Powering off machine ...
2024/11/26 19:01:02 ui: ==> azure-arm.exact-ta-template:  -> ResourceGroupName : 'pkr-Resource-Group-utx5xwnvjc'
2024/11/26 19:01:02 ui: ==> azure-arm.exact-ta-template:  -> ComputeName       : 'pkrvmutx5xwnvjc'
2024/11/26 19:01:02 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:01:02 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:01:03 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:01:03 [DEBUG] POST [redacted]
2024/11/26 19:01:14 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:01:14 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:01:15 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:01:15 [DEBUG] GET [redacted]
2024/11/26 19:01:45 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:01:45 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:01:47 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:01:47 [DEBUG] GET [redacted]
2024/11/26 19:01:47 ui: ==> azure-arm.exact-ta-template:  -> Compute ResourceGroupName : 'pkr-Resource-Group-utx5xwnvjc'
2024/11/26 19:01:47 ui: ==> azure-arm.exact-ta-template:  -> Compute Name              : 'pkrvmutx5xwnvjc'
2024/11/26 19:01:47 ui: ==> azure-arm.exact-ta-template:  -> Compute Location          : '[redacted]'
2024/11/26 19:01:47 ui: ==> azure-arm.exact-ta-template: Generalizing machine ...
2024/11/26 19:01:47 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:01:47 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:01:48 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:01:48 [DEBUG] POST https://management.azure.com/subscriptions/[redacted]/resourceGroups/pkr-Resource-Group-utx5xwnvjc/providers/Microsoft.Compute/virtualMachines/pkrvmutx5xwnvjc/generalize?api-version=2022-03-01
2024/11/26 19:01:49 ui: ==> azure-arm.exact-ta-template: Capturing image ...
2024/11/26 19:01:49 ui: ==> azure-arm.exact-ta-template:  -> Image ResourceGroupName   : '[redacted]'
2024/11/26 19:01:49 ui: ==> azure-arm.exact-ta-template:  -> Image Name                : '19045.203322.1'
2024/11/26 19:01:49 ui: ==> azure-arm.exact-ta-template:  -> Image Location            : '[redacted]'
2024/11/26 19:01:49 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:01:49 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:01:50 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:01:50 [DEBUG] PUT https://management.azure.com/subscriptions/[redacted]/resourceGroups/[redacted]/providers/Microsoft.Compute/images/19045.203322.1?api-version=2022-03-01
2024/11/26 19:02:03 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:02:03 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:02:04 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:02:04 [DEBUG] GET [redacted]
2024/11/26 19:02:05 ui: ==> azure-arm.exact-ta-template: Publishing to Shared Image Gallery ...
2024/11/26 19:02:05 ui: ==> azure-arm.exact-ta-template:  -> Source ID used for SIG publish        : '/subscriptions/[redacted]/resourceGroups/[redacted]/providers/Microsoft.Compute/images/19045.203322.1'
2024/11/26 19:02:05 ui: ==> azure-arm.exact-ta-template:  -> SIG publish resource group            : '[redacted]'
2024/11/26 19:02:05 ui: ==> azure-arm.exact-ta-template:  -> SIG gallery name                      : 'PackerImages'
2024/11/26 19:02:05 ui: ==> azure-arm.exact-ta-template:  -> SIG image name                        : 'WIN10-full-cicd'
2024/11/26 19:02:05 ui: ==> azure-arm.exact-ta-template:  -> SIG image version                     : '19045.203322.1'
2024/11/26 19:02:05 ui: ==> azure-arm.exact-ta-template:  -> SIG target regions                    : '[redacted]'
2024/11/26 19:02:05 ui: ==> azure-arm.exact-ta-template:  -> SIG storage account type              : ''
2024/11/26 19:02:05 ui: ==> azure-arm.exact-ta-template:  -> SIG image version endoflife date      : ''
2024/11/26 19:02:05 ui: ==> azure-arm.exact-ta-template:  -> SIG image version exclude from latest : 'false'
2024/11/26 19:02:05 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:02:05 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:02:06 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:02:06 [DEBUG] PUT https://management.azure.com/subscriptions/[redacted]/resourceGroups/[redacted]/providers/Microsoft.Compute/galleries/PackerImages/images/WIN10-full-cicd/versions/19045.203322.1?api-version=2023-07-03
2024/11/26 19:03:10 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:03:10 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:03:11 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:03:11 [DEBUG] GET [redacted]
2024/11/26 19:04:11 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:04:11 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:04:13 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:04:13 [DEBUG] GET [redacted]
2024/11/26 19:05:13 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:05:13 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:05:14 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:05:14 [DEBUG] GET [redacted]
2024/11/26 19:06:15 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:06:15 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:06:16 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:06:16 [DEBUG] GET [redacted]
2024/11/26 19:07:17 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:07:17 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:07:18 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:07:18 [DEBUG] GET [redacted]
2024/11/26 19:08:19 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:08:19 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:08:20 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:08:20 [DEBUG] GET [redacted]
2024/11/26 19:09:21 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:09:21 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:09:22 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:09:22 [DEBUG] GET [redacted]
2024/11/26 19:10:22 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:10:22 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:10:24 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:10:24 [DEBUG] GET [redacted]
2024/11/26 19:11:24 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:11:24 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:11:25 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:11:25 [DEBUG] GET [redacted]
2024/11/26 19:12:26 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:12:26 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:12:27 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:12:27 [DEBUG] GET [redacted]
2024/11/26 19:12:28 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:12:28 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:12:29 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:12:29 [DEBUG] GET https://management.azure.com/subscriptions/[redacted]/resourceGroups/[redacted]/providers/Microsoft.Compute/galleries/PackerImages/images/WIN10-full-cicd/versions/19045.203322.1?api-version=2023-07-03
2024/11/26 19:12:30 ui: ==> azure-arm.exact-ta-template:  -> Shared Gallery Image Version ID : '/subscriptions/[redacted]/resourceGroups/[redacted]/providers/Microsoft.Compute/galleries/PackerImages/images/WIN10-full-cicd/versions/19045.203322.1'
2024/11/26 19:12:30 ui: ==> azure-arm.exact-ta-template: 
==> azure-arm.exact-ta-template: Deleting Virtual Machine deployment and its attached resources...
2024/11/26 19:12:30 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:12:30 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:12:31 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:12:31 [DEBUG] GET https://management.azure.com/subscriptions/[redacted]/resourceGroups/pkr-Resource-Group-utx5xwnvjc/providers/Microsoft.Compute/virtualMachines/pkrvmutx5xwnvjc?api-version=2022-03-01
2024/11/26 19:12:32 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:12:32 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:12:33 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:12:33 [DEBUG] GET https://management.azure.com/subscriptions/[redacted]/resourceGroups/pkr-Resource-Group-utx5xwnvjc/deployments/pkrdputx5xwnvjc/operations?%24top=50&api-version=2022-09-01
2024/11/26 19:12:33 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:12:33 [INFO] Attempting deletion -> pkrvmutx5xwnvjc : Microsoft.Compute/virtualMachines
2024/11/26 19:12:33 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:12:33 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:12:35 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:12:35 [DEBUG] DELETE https://management.azure.com/subscriptions/[redacted]/resourceGroups/pkr-Resource-Group-utx5xwnvjc/providers/Microsoft.Compute/virtualMachines/pkrvmutx5xwnvjc?api-version=2022-03-01
2024/11/26 19:12:47 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:12:47 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:12:48 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:12:48 [DEBUG] GET https://management.azure.com/subscriptions/[redacted]/resourceGroups/pkr-Resource-Group-utx5xwnvjc/providers/Microsoft.Compute/virtualMachines/pkrvmutx5xwnvjc?api-version=2022-03-01
2024/11/26 19:12:48 ui: ==> azure-arm.exact-ta-template: Deleted -> pkrvmutx5xwnvjc : 'Microsoft.Compute/virtualMachines'
2024/11/26 19:12:48 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:12:48 [INFO] Attempting deletion -> pkrniutx5xwnvjc : Microsoft.Network/networkInterfaces
2024/11/26 19:12:48 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:12:48 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:12:49 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:12:49 [DEBUG] DELETE https://management.azure.com/subscriptions/[redacted]/resourceGroups/pkr-Resource-Group-utx5xwnvjc/providers/Microsoft.Network/networkInterfaces/pkrniutx5xwnvjc?api-version=2023-09-01
2024/11/26 19:13:01 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:13:01 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:13:02 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:13:02 [DEBUG] GET https://management.azure.com/subscriptions/[redacted]/resourceGroups/pkr-Resource-Group-utx5xwnvjc/providers/Microsoft.Network/networkInterfaces/pkrniutx5xwnvjc?api-version=2023-09-01
2024/11/26 19:13:03 ui: ==> azure-arm.exact-ta-template: Deleted -> pkrniutx5xwnvjc : 'Microsoft.Network/networkInterfaces'
2024/11/26 19:13:03 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:13:03 [INFO] Attempting deletion -> pkrsgutx5xwnvjc : Microsoft.Network/networkSecurityGroups
2024/11/26 19:13:03 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:13:03 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:13:03 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:13:03 [INFO] Attempting deletion -> pkriputx5xwnvjc : Microsoft.Network/publicIPAddresses
2024/11/26 19:13:03 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:13:03 [INFO] Attempting deletion -> pkrvnutx5xwnvjc : Microsoft.Network/virtualNetworks
2024/11/26 19:13:04 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:13:04 [DEBUG] DELETE https://management.azure.com/subscriptions/[redacted]/resourceGroups/pkr-Resource-Group-utx5xwnvjc/providers/Microsoft.Network/networkSecurityGroups/pkrsgutx5xwnvjc?api-version=2023-09-01
2024/11/26 19:13:04 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:13:04 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:13:05 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:13:05 [DEBUG] DELETE https://management.azure.com/subscriptions/[redacted]/resourceGroups/pkr-Resource-Group-utx5xwnvjc/providers/Microsoft.Network/virtualNetworks/pkrvnutx5xwnvjc?api-version=2023-09-01
2024/11/26 19:13:05 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:13:05 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:13:06 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:13:06 [INFO] Couldn't delete resource pkrsgutx5xwnvjc.Microsoft.Network/networkSecurityGroups, will retry
2024/11/26 19:13:06 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:13:06 Retryable error: performing Delete: unexpected status 400 (400 Bad Request) with error: InUseNetworkSecurityGroupCannotBeDeleted: Network security group /subscriptions/[redacted]/resourceGroups/pkr-Resource-Group-utx5xwnvjc/providers/Microsoft.Network/networkSecurityGroups/pkrsgutx5xwnvjc cannot be deleted because it is in use by the following resources: /subscriptions/[redacted]/resourceGroups/pkr-Resource-Group-utx5xwnvjc/providers/Microsoft.Network/virtualNetworks/pkrvnutx5xwnvjc/subnets/pkrsnutx5xwnvjc. In order to delete the Network security group, remove the association with the resource(s). To learn how to do this, see aka.ms/deletensg.
2024/11/26 19:13:07 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:13:07 [DEBUG] DELETE https://management.azure.com/subscriptions/[redacted]/resourceGroups/pkr-Resource-Group-utx5xwnvjc/providers/Microsoft.Network/publicIPAddresses/pkriputx5xwnvjc?api-version=2023-09-01
2024/11/26 19:13:09 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:13:09 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:13:10 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:13:10 [DEBUG] DELETE https://management.azure.com/subscriptions/[redacted]/resourceGroups/pkr-Resource-Group-utx5xwnvjc/providers/Microsoft.Network/networkSecurityGroups/pkrsgutx5xwnvjc?api-version=2023-09-01
2024/11/26 19:13:17 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:13:17 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:13:19 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:13:19 [DEBUG] GET https://management.azure.com/subscriptions/[redacted]/resourceGroups/pkr-Resource-Group-utx5xwnvjc/providers/Microsoft.Network/virtualNetworks/pkrvnutx5xwnvjc?api-version=2023-09-01
2024/11/26 19:13:19 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:13:19 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:13:19 ui: ==> azure-arm.exact-ta-template: Deleted -> pkrvnutx5xwnvjc : 'Microsoft.Network/virtualNetworks'
2024/11/26 19:13:20 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:13:20 [DEBUG] GET https://management.azure.com/subscriptions/[redacted]/resourceGroups/pkr-Resource-Group-utx5xwnvjc/providers/Microsoft.Network/publicIPAddresses/pkriputx5xwnvjc?api-version=2023-09-01
2024/11/26 19:13:20 ui: ==> azure-arm.exact-ta-template: Deleted -> pkriputx5xwnvjc : 'Microsoft.Network/publicIPAddresses'
2024/11/26 19:13:22 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:13:22 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:13:23 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:13:23 [INFO] Couldn't delete resource pkrsgutx5xwnvjc.Microsoft.Network/networkSecurityGroups, will retry
2024/11/26 19:13:23 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:13:23 Retryable error: polling after Delete: executing request: authorizing request: running Azure CLI: exit status 1: ERROR: AADSTS700024: Client assertion is not within its valid time range. Current time: 2024-11-26T19:13:23.5896509Z, assertion valid from 2024-11-26T18:17:53.0000000Z, expiry time of assertion 2024-11-26T18:27:53.0000000Z. Review the documentation at https://learn.microsoft.com/entra/identity-platform/certificate-credentials . Trace ID: a4751e38-24ba-4d91-8773-934c0b123c00 Correlation ID: 156c7b98-fdb0-4004-ab73-9e3959c9f270 Timestamp: 2024-11-26 19:13:23Z
2024/11/26 19:13:23 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: Interactive authentication is needed. Please run:
2024/11/26 19:13:23 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: az login
2024/11/26 19:13:28 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:13:28 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:13:29 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:13:29 [INFO] Couldn't delete resource pkrsgutx5xwnvjc.Microsoft.Network/networkSecurityGroups, will retry
2024/11/26 19:13:29 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:13:29 Retryable error: performing Delete: authorizing request: running Azure CLI: exit status 1: ERROR: AADSTS700024: Client assertion is not within its valid time range. Current time: 2024-11-26T19:13:29.5905786Z, assertion valid from 2024-11-26T18:17:53.0000000Z, expiry time of assertion 2024-11-26T18:27:53.0000000Z. Review the documentation at https://learn.microsoft.com/entra/identity-platform/certificate-credentials . Trace ID: 3e8d01f6-cd45-4132-83bb-c9af8d6d4200 Correlation ID: 43189581-37dc-4977-a702-7356d0c7228e Timestamp: 2024-11-26 19:13:29Z
2024/11/26 19:13:29 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: Interactive authentication is needed. Please run:
2024/11/26 19:13:29 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: az login
2024/11/26 19:13:36 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:13:36 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:13:38 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:13:38 [INFO] Couldn't delete resource pkrsgutx5xwnvjc.Microsoft.Network/networkSecurityGroups, will retry
2024/11/26 19:13:38 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:13:38 Retryable error: performing Delete: authorizing request: running Azure CLI: exit status 1: ERROR: AADSTS700024: Client assertion is not within its valid time range. Current time: 2024-11-26T19:13:37.7828789Z, assertion valid from 2024-11-26T18:17:53.0000000Z, expiry time of assertion 2024-11-26T18:27:53.0000000Z. Review the documentation at https://learn.microsoft.com/entra/identity-platform/certificate-credentials . Trace ID: cbe0bdb1-f767-447a-903e-c4c1c2cc3200 Correlation ID: b6d380d4-3373-4c1e-86db-7a05bb5a3486 Timestamp: 2024-11-26 19:13:37Z
2024/11/26 19:13:38 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: Interactive authentication is needed. Please run:
2024/11/26 19:13:38 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: az login
2024/11/26 19:13:48 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:13:48 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:13:49 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:13:49 [INFO] Couldn't delete resource pkrsgutx5xwnvjc.Microsoft.Network/networkSecurityGroups, will retry
2024/11/26 19:13:49 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:13:49 Retryable error: performing Delete: authorizing request: running Azure CLI: exit status 1: ERROR: AADSTS700024: Client assertion is not within its valid time range. Current time: 2024-11-26T19:13:49.3088776Z, assertion valid from 2024-11-26T18:17:53.0000000Z, expiry time of assertion 2024-11-26T18:27:53.0000000Z. Review the documentation at https://learn.microsoft.com/entra/identity-platform/certificate-credentials . Trace ID: 437859d5-79a9-40e9-825d-07af2e631400 Correlation ID: 3e4d3e0c-bd2b-440a-9567-9375a0c21ef9 Timestamp: 2024-11-26 19:13:49Z
2024/11/26 19:13:49 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: Interactive authentication is needed. Please run:
2024/11/26 19:13:49 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: az login
2024/11/26 19:14:04 ui: ==> azure-arm.exact-ta-template: Error deleting resource. Please delete manually.
==> azure-arm.exact-ta-template: 
==> azure-arm.exact-ta-template: Name: Microsoft.Network/networkSecurityGroups
==> azure-arm.exact-ta-template: Error: retry count exhausted. Last err: performing Delete: authorizing request: running Azure CLI: exit status 1: ERROR: AADSTS700024: Client assertion is not within its valid time range. Current time: 2024-11-26T19:13:49.3088776Z, assertion valid from 2024-11-26T18:17:53.0000000Z, expiry time of assertion 2024-11-26T18:27:53.0000000Z. Review the documentation at https://learn.microsoft.com/entra/identity-platform/certificate-credentials . Trace ID: 437859d5-79a9-40e9-825d-07af2e631400 Correlation ID: 3e4d3e0c-bd2b-440a-9567-9375a0c21ef9 Timestamp: 2024-11-26 19:13:49Z
==> azure-arm.exact-ta-template: Interactive authentication is needed. Please run:
==> azure-arm.exact-ta-template: az login
2024/11/26 19:14:04 ui error: ==> azure-arm.exact-ta-template: retry count exhausted. Last err: performing Delete: authorizing request: running Azure CLI: exit status 1: ERROR: AADSTS700024: Client assertion is not within its valid time range. Current time: 2024-11-26T19:13:49.3088776Z, assertion valid from 2024-11-26T18:17:53.0000000Z, expiry time of assertion 2024-11-26T18:27:53.0000000Z. Review the documentation at https://learn.microsoft.com/entra/identity-platform/certificate-credentials . Trace ID: 437859d5-79a9-40e9-825d-07af2e631400 Correlation ID: 3e4d3e0c-bd2b-440a-9567-9375a0c21ef9 Timestamp: 2024-11-26 19:13:49Z
==> azure-arm.exact-ta-template: Interactive authentication is needed. Please run:
==> azure-arm.exact-ta-template: az login
2024/11/26 19:14:04 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:14:04 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:14:06 ui: ==> azure-arm.exact-ta-template: Error deleting resource. Please delete manually.
==> azure-arm.exact-ta-template: 
==> azure-arm.exact-ta-template: Name: /subscriptions/[redacted]/resourceGroups/pkr-Resource-Group-utx5xwnvjc/providers/Microsoft.Compute/disks/pkrosutx5xwnvjc
==> azure-arm.exact-ta-template: Error: performing Delete: authorizing request: running Azure CLI: exit status 1: ERROR: AADSTS700024: Client assertion is not within its valid time range. Current time: 2024-11-26T19:14:05.7880248Z, assertion valid from 2024-11-26T18:17:53.0000000Z, expiry time of assertion 2024-11-26T18:27:53.0000000Z. Review the documentation at https://learn.microsoft.com/entra/identity-platform/certificate-credentials . Trace ID: cd180e18-4fec-4265-8928-1d0141d92f00 Correlation ID: 26b90b27-e713-48c4-8181-c3588f546e42 Timestamp: 2024-11-26 19:14:05Z
==> azure-arm.exact-ta-template: Interactive authentication is needed. Please run:
==> azure-arm.exact-ta-template: az login
2024/11/26 19:14:06 ui error: ==> azure-arm.exact-ta-template: performing Delete: authorizing request: running Azure CLI: exit status 1: ERROR: AADSTS700024: Client assertion is not within its valid time range. Current time: 2024-11-26T19:14:05.7880248Z, assertion valid from 2024-11-26T18:17:53.0000000Z, expiry time of assertion 2024-11-26T18:27:53.0000000Z. Review the documentation at https://learn.microsoft.com/entra/identity-platform/certificate-credentials . Trace ID: cd180e18-4fec-4265-8928-1d0141d92f00 Correlation ID: 26b90b27-e713-48c4-8181-c3588f546e42 Timestamp: 2024-11-26 19:14:05Z
==> azure-arm.exact-ta-template: Interactive authentication is needed. Please run:
==> azure-arm.exact-ta-template: az login
2024/11/26 19:14:06 ui: ==> azure-arm.exact-ta-template: Removing the created Deployment object: 'pkrdputx5xwnvjc'
2024/11/26 19:14:06 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:14:06 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:14:07 ui: ==> azure-arm.exact-ta-template: performing Delete: authorizing request: running Azure CLI: exit status 1: ERROR: AADSTS700024: Client assertion is not within its valid time range. Current time: 2024-11-26T19:14:07.2888053Z, assertion valid from 2024-11-26T18:17:53.0000000Z, expiry time of assertion 2024-11-26T18:27:53.0000000Z. Review the documentation at https://learn.microsoft.com/entra/identity-platform/certificate-credentials . Trace ID: 73219a83-ac32-49ea-951e-c7c24d4d3800 Correlation ID: 8f62cedd-fa42-4137-bc80-0c30b7d8fed6 Timestamp: 2024-11-26 19:14:07Z
==> azure-arm.exact-ta-template: Interactive authentication is needed. Please run:
==> azure-arm.exact-ta-template: az login
2024/11/26 19:14:07 ui: ==> azure-arm.exact-ta-template: 
==> azure-arm.exact-ta-template: Deleting KeyVault created during build
2024/11/26 19:14:07 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:14:07 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:14:09 ui error: ==> azure-arm.exact-ta-template: Could not retrieve deployment operations: loading results: authorizing request: running Azure CLI: exit status 1: ERROR: AADSTS700024: Client assertion is not within its valid time range. Current time: 2024-11-26T19:14:08.7788618Z, assertion valid from 2024-11-26T18:17:53.0000000Z, expiry time of assertion 2024-11-26T18:27:53.0000000Z. Review the documentation at https://learn.microsoft.com/entra/identity-platform/certificate-credentials . Trace ID: b031046a-4099-4be1-8c61-e3dcc8b92b00 Correlation ID: d00fb855-67ce-4b9e-9033-12dcf2908516 Timestamp: 2024-11-26 19:14:08Z
==> azure-arm.exact-ta-template: Interactive authentication is needed. Please run:
==> azure-arm.exact-ta-template: az login
==> azure-arm.exact-ta-template:  to get the KeyVault, please manually delete it
2024/11/26 19:14:09 ui: ==> azure-arm.exact-ta-template: Removing the created Deployment object: 'kvpkrdputx5xwnvjc'
2024/11/26 19:14:09 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:14:09 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:14:10 ui: ==> azure-arm.exact-ta-template: performing Delete: authorizing request: running Azure CLI: exit status 1: ERROR: AADSTS700024: Client assertion is not within its valid time range. Current time: 2024-11-26T19:14:10.2961754Z, assertion valid from 2024-11-26T18:17:53.0000000Z, expiry time of assertion 2024-11-26T18:27:53.0000000Z. Review the documentation at https://learn.microsoft.com/entra/identity-platform/certificate-credentials . Trace ID: 4fa0d200-fd21-412c-9af8-407e24415300 Correlation ID: 8bb66a2f-7e10-48e9-a1b0-f3aa42246b27 Timestamp: 2024-11-26 19:14:10Z
==> azure-arm.exact-ta-template: Interactive authentication is needed. Please run:
==> azure-arm.exact-ta-template: az login
2024/11/26 19:14:10 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 2024/11/26 19:14:10 [DEBUG] az-cli invocation: az account get-access-token --scope https://management.azure.com/.default --tenant [redacted] -o=json
2024/11/26 19:14:12 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: panic: runtime error: invalid memory address or nil pointer dereference
2024/11/26 19:14:12 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: [signal 0xc0000005 code=0x0 addr=0x10 pc=0x1b7fe1f]
2024/11/26 19:14:12 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 
2024/11/26 19:14:12 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: goroutine 14 [running]:
2024/11/26 19:14:12 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: github.com/hashicorp/packer-plugin-azure/builder/azure/arm.(*StepCreateResourceGroup).doesResourceGroupExist(0xc000825500, {0x272f928?, 0xc0000c4310?}, {0xc00013a300, 0x24}, {0xc0004b9540, 0x1d})
2024/11/26 19:14:12 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 	github.com/hashicorp/packer-plugin-azure/builder/azure/arm/step_create_resource_group.go:61 +0xbf
2024/11/26 19:14:12 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: github.com/hashicorp/packer-plugin-azure/builder/azure/arm.(*StepCreateResourceGroup).Cleanup(0xc000825500, {0x272f768, 0xc000825c50})
2024/11/26 19:14:12 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 	github.com/hashicorp/packer-plugin-azure/builder/azure/arm/step_create_resource_group.go:143 +0x1f4
2024/11/26 19:14:12 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: github.com/hashicorp/packer-plugin-sdk/multistep.(*BasicRunner).Run(0xc000825620, {0x272f8b8, 0xc00029caa0}, {0x272f768, 0xc000825c50})
2024/11/26 19:14:12 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 	github.com/hashicorp/packer-plugin-sdk@v0.5.4/multistep/basic_runner.go:85 +0x44f
2024/11/26 19:14:12 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: github.com/hashicorp/packer-plugin-azure/builder/azure/arm.(*Builder).Run(0xc0005d6400, {0x272f8b8, 0xc00029caa0}, {0x2739150, 0xc000825e60}, {0x2720fa0?, 0xc0006d8680})
2024/11/26 19:14:12 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 	github.com/hashicorp/packer-plugin-azure/builder/azure/arm/builder.go:460 +0x5f89
2024/11/26 19:14:12 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: github.com/hashicorp/packer-plugin-sdk/rpc.(*BuilderServer).Run(0xc0002a1000, 0xb310?, 0xc00000b2f0)
2024/11/26 19:14:12 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 	github.com/hashicorp/packer-plugin-sdk@v0.5.4/rpc/builder.go:120 +0x1c8
2024/11/26 19:14:12 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: reflect.Value.call({0xc00008cea0?, 0xc000108da8?, 0x0?}, {0x2323a71, 0x4}, {0xc0004ebef8, 0x3, 0x0?})
2024/11/26 19:14:12 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 	reflect/value.go:596 +0xce7
2024/11/26 19:14:12 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: reflect.Value.Call({0xc00008cea0?, 0xc000108da8?, 0x0?}, {0xc0004ebef8?, 0x0?, 0x0?})
2024/11/26 19:14:12 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 	reflect/value.go:380 +0xb9
2024/11/26 19:14:12 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: net/rpc.(*service).call(0xc0002a1040, 0x60be62a3a2efcef3?, 0x5ae4ab2a4c8824ab?, 0xc0004a0030, 0xc0000c3d80, 0x516d759703cc22b?, {0x1e90e80?, 0xc00000b2ec?, 0x0?}, {0x1dbf8a0, ...}, ...)
2024/11/26 19:14:12 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 	net/rpc/server.go:382 +0x211
2024/11/26 19:14:12 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: created by net/rpc.(*Server).ServeCodec in goroutine 1
2024/11/26 19:14:12 packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe plugin: 	net/rpc/server.go:479 +0x410
2024/11/26 19:14:12 [ERR] Error decoding response stream 58: EOF
2024/11/26 19:14:12 [ERR] Error decoding response stream 25: EOF
2024/11/26 19:14:12 [INFO] (telemetry) ending azure-arm.exact-ta-template
2024/11/26 19:14:12 ui error: Build 'azure-arm.exact-ta-template' errored after 55 minutes 51 seconds: unexpected EOF
2024/11/26 19:14:12 ui: 
==> Wait completed after 55 minutes 51 seconds
2024/11/26 19:14:12 machine readable: error-count []string{"1"}
2024/11/26 19:14:12 ui error: 
==> Some builds didn't complete successfully and had errors:
2024/11/26 19:14:12 machine readable: azure-arm.exact-ta-template,error []string{"unexpected EOF"}
2024/11/26 19:14:12 ui error: --> azure-arm.exact-ta-template: unexpected EOF
2024/11/26 19:14:12 ui: 
==> Builds finished but no artifacts were created.
2024/11/26 19:14:12 [INFO] (telemetry) Finalizing.
2024/11/26 19:14:12 [ERR] Error decoding response stream 40: EOF
2024/11/26 19:14:12 [ERR] Error decoding response stream 22: EOF
2024/11/26 19:14:12 [ERR] Error decoding response stream 61: EOF
2024/11/26 19:14:12 C:\Users\VssAdministrator\AppData\Roaming\packer.d\plugins\github.com\hashicorp\azure\packer-plugin-azure_v2.2.0_x5.0_windows_amd64.exe: plugin process exited
2024/11/26 19:14:12 waiting for all plugin processes to complete...
2024/11/26 19:14:12 C:\ProgramData\Chocolatey\lib\packer\tools\packer.exe: plugin process exited
2024/11/26 19:14:12 C:\ProgramData\Chocolatey\lib\packer\tools\packer.exe: plugin process exited
2024/11/26 19:14:12 C:\ProgramData\Chocolatey\lib\packer\tools\packer.exe: plugin process exited
2024/11/26 19:14:12 C:\Users\VssAdministrator\AppData\Roaming\packer.d\plugins\github.com\rgl\windows-update\packer-plugin-windows-update_v0.16.7_x5.0_windows_amd64.exe: plugin process exited
@Dellson Dellson added the bug label Dec 1, 2024
@fajterini
Copy link

If this is run under Federated Identity (OIDC) this is know issue I had the same when switching from password auth to federated identity, because maximum time for token refresh is 60 minutes. Azure/azure-cli#28708

@Dellson
Copy link
Author

Dellson commented Dec 2, 2024

That might be it. My last working packer run used older az cli (2.65.0 vs 2.67.0). The new run added --federated-token parameter by default.

Old (working) run:

Task         : Azure CLI
Version      : 2.247.3
[command]C:\Windows\system32\cmd.exe /D /S /C ""C:\Program Files\Microsoft SDKs\Azure\CLI2\wbin\az.cmd" --version"
WARNING: You have 2 update(s) available. Consider updating your CLI installation with 'az upgrade'
azure-cli                         2.65.0 *
core                              2.65.0 *

[command]C:\Windows\system32\cmd.exe /D /S /C ""C:\Program Files\Microsoft SDKs\Azure\CLI2\wbin\az.cmd" cloud set -n AzureCloud"
[command]C:\Windows\system32\cmd.exe /D /S /C ""C:\Program Files\Microsoft SDKs\Azure\CLI2\wbin\az.cmd" login --service-principal -u *** "--password=***" --tenant [redacted] --allow-no-subscriptions"

New run:

Task         : Azure CLI
Version      : 2.248.1
C:\Windows\system32\cmd.exe /D /S /C ""C:\Program Files\Microsoft SDKs\Azure\CLI2\wbin\az.cmd" --version"
azure-cli                         2.67.0
core                              2.67.0

Your CLI is up-to-date.
C:\Windows\system32\cmd.exe /D /S /C ""C:\Program Files\Microsoft SDKs\Azure\CLI2\wbin\az.cmd" cloud set -n AzureCloud"
C:\Windows\system32\cmd.exe /D /S /C ""C:\Program Files\Microsoft SDKs\Azure\CLI2\wbin\az.cmd" login --service-principal -u *** --tenant [redacted] --allow-no-subscriptions --federated-token ***

Is there a way to forcibly use the previous az version?
For now I don't see other option than to choose a different authentication method than azure cli.

@Dellson
Copy link
Author

Dellson commented Dec 2, 2024

BTW, for some reason the same packer file works flawlessly for Windows 11 marketplace image. Does anyone have any idea why?

@fajterini
Copy link

BTW, for some reason the same packer file works flawlessly for Windows 11 marketplace image. Does anyone have any idea why?

The OS version should not have big impact, what was image build time ? Was it shorter ? Could be if you uses faster VM or storage it will able to Finnish before authentication token expire.
Also Azure CLI have support for federated identity for long time. I believe you issue is not in packer but the automation task that is using packer plugin.
For Example if you uses AzureDevOps pipeline someone could convert service connection to federated identity type...

You are using in your configuration "use_azure_cli_auth = true" this means -> Flag to use Azure CLI authentication. Defaults to false. CLI auth will use the information from an active az login session to connect to Azure ... This means to me that you are already authenticated to azure cli when packer is running and will just uses active azure CLI login.

@Dellson
Copy link
Author

Dellson commented Dec 5, 2024

Okay, so the problem wasn't with the packer itself and settings there had nothing to do with the problem.

I used the AzureCLI@2 task to run packer steps (I don't use the PackerBuild@1 because we have lots of custom logic).
The AzureCLI@2 step uses the newest az cli version, which changed the logging to use federated token in the last update. And the federated token, as @fajterini aptly stated, expires after 60 minutes (in my case, it happened to expire even before reaching one hour mark but that's another story).

What I did to resolve the problem, was to override login before running packer steps, I used a service principal to achieve that:
az login --service-principal --username "$(CLIENT_ID)" --password "$(CLIENT_SECRET)" --tenant "$(TENANT)"

Hopefully this will be helpful for others.
The thread can be closed.

@JenGoldstrich
Copy link
Contributor

Ty for the detailed explanation @Dellson, and thanks @fajterini for helping out! I think this will be helpful for others experiencing this issue in the future, closing as requested

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

3 participants