azure-cli icon indicating copy to clipboard operation
azure-cli copied to clipboard

Published 20 hours ago verified publisher icon Azure

[Identity] `az identity revoke`: Add a command to revoke all tokens issued in the past for a specified user assigned identity

Open RamyaElangovanP opened this issue 1 year ago • 10 comments

…preview API version

Related command

Description

Testing Guide

History Notes

[Component Name 1] BREAKING CHANGE: az command a: Make some customer-facing breaking change [Component Name 2] az command b: Add some customer-facing feature

This checklist is used to make sure that common guidelines for a pull request are followed.

RamyaElangovanP avatar Dec 11 '23 08:12 RamyaElangovanP

❌AzureCLI-FullTest
️✔️acr
️✔️2020-09-01-hybrid
️✔️3.11
️✔️3.9
️✔️latest
️✔️3.11
️✔️3.9
️✔️acs
️✔️2020-09-01-hybrid
️✔️3.11
️✔️3.9
️✔️latest
️✔️3.11
️✔️3.9
️✔️advisor
️✔️latest
️✔️3.11
️✔️3.9
️✔️ams
️✔️latest
️✔️3.11
️✔️3.9
️✔️apim
️✔️latest
️✔️3.11
️✔️3.9
️✔️appconfig
️✔️latest
️✔️3.11
️✔️3.9
️✔️appservice
️✔️latest
️✔️3.11
️✔️3.9
️✔️aro
️✔️latest
️✔️3.11
️✔️3.9
️✔️backup
️✔️latest
️✔️3.11
️✔️3.9
️✔️batch
️✔️latest
️✔️3.11
️✔️3.9
️✔️batchai
️✔️latest
️✔️3.11
️✔️3.9
️✔️billing
️✔️latest
️✔️3.11
️✔️3.9
️✔️botservice
️✔️latest
️✔️3.11
️✔️3.9
️✔️cdn
️✔️latest
️✔️3.11
️✔️3.9
️✔️cloud
️✔️latest
️✔️3.11
️✔️3.9
️✔️cognitiveservices
️✔️latest
️✔️3.11
️✔️3.9
️✔️config
️✔️latest
️✔️3.11
️✔️3.9
️✔️configure
️✔️latest
️✔️3.11
️✔️3.9
️✔️consumption
️✔️latest
️✔️3.11
️✔️3.9
️✔️container
️✔️latest
️✔️3.11
️✔️3.9
️✔️containerapp
️✔️latest
️✔️3.11
️✔️3.9
️✔️core
️✔️2018-03-01-hybrid
️✔️3.11
️✔️3.9
️✔️2019-03-01-hybrid
️✔️3.11
️✔️3.9
️✔️2020-09-01-hybrid
️✔️3.11
️✔️3.9
️✔️latest
️✔️3.11
️✔️3.9
️✔️cosmosdb
️✔️latest
️✔️3.11
️✔️3.9
️✔️databoxedge
️✔️2019-03-01-hybrid
️✔️3.11
️✔️3.9
️✔️2020-09-01-hybrid
️✔️3.11
️✔️3.9
️✔️latest
️✔️3.11
️✔️3.9
️✔️dla
️✔️latest
️✔️3.11
️✔️3.9
️✔️dls
️✔️latest
️✔️3.11
️✔️3.9
️✔️dms
️✔️latest
️✔️3.11
️✔️3.9
️✔️eventgrid
️✔️latest
️✔️3.11
️✔️3.9
️✔️eventhubs
️✔️latest
️✔️3.11
️✔️3.9
️✔️feedback
️✔️latest
️✔️3.11
️✔️3.9
️✔️find
️✔️latest
️✔️3.11
️✔️3.9
️✔️hdinsight
️✔️latest
️✔️3.11
️✔️3.9
❌identity
❌latest
❌3.11
Type Test Case Error Message Line
Failed test_federated_identity_credential self = <azure.cli.core.commands.AzCliCommandInvoker object at 0x7f9cd1692d90>
parsed_ns = Namespace(log_verbosity_verbose=False, log_verbosity_debug=False, log_verbosity_only_show_errors=False, output_for...atter'>, conflict_handler='error', add_help=True), cmd=<azure.cli.core.commands.AzCliCommand object at 0x7f9cd16668d0>)

    def validation(self, parsed_ns):
        try:
            cmd_validator = getattr(parsed_ns, 'command_validator', None)
            if cmd_validator:
>               self.validate_cmd_level(parsed_ns, cmd_validator)

env/lib/python3.11/site-packages/knack/invocation.py:111: 
                                        
src/azure-cli-core/azure/cli/core/commands/init.py:849: in validate_cmd_level
    cmd_validator(**self.build_kwargs(cmd_validator, ns))
src/azure-cli/azure/cli/command_modules/identity/validators.py:10: in process_msi_namespace
    get_default_location_from_resource_group(cmd, namespace)
src/azure-cli-core/azure/cli/core/commands/validators.py:81: in get_default_location_from_resource_group
    rg = resource_client.resource_groups.get(namespace.resource_group_name)
env/lib/python3.11/site-packages/azure/core/tracing/decorator.py:76: in wrapper_use_tracer
    return func(*args, **kwargs)
env/lib/python3.11/site-packages/azure/mgmt/resource/resources/v2022_09_01/operations/operations.py:11668: in get
    pipeline_response: PipelineResponse = self.client.pipeline.run(  # pylint: disable=protected-access
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:213: in run
    return first_node.send(pipeline_request)
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/mgmt/core/policies/base.py:47: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/policies/redirect.py:181: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/policies/retry.py:467: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/policies/authentication.py:115: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:108: in send
    self.sender.send(request.http_request, **request.context.options),
env/lib/python3.11/site-packages/azure/core/pipeline/transport/requests_basic.py:338: in send
    response = self.session.request(  # type: ignore
env/lib/python3.11/site-packages/requests/sessions.py:589: in request
    resp = self.send(prep, **send_kwargs)
env/lib/python3.11/site-packages/requests/sessions.py:703: in send
    r = adapter.send(request, **kwargs)
env/lib/python3.11/site-packages/requests/adapters.py:486: in send
    resp = conn.urlopen(
env/lib/python3.11/site-packages/urllib3/connectionpool.py:715: in urlopen
    httplib_response = self.make_request(
env/lib/python3.11/site-packages/urllib3/connectionpool.py:458: in make_request
    httplib_response = conn.getresponse(buffering=True)
                                        

self = <vcr.patch.VCRRequestsHTTPSConnection/mnt/vss/work/1/s/src/azure-cli/azure/cli/command_modules/identity/tests/latest/recordings/test_federated_identity_credential.yaml object at 0x7f9cd147e9d0>
 = False, kwargs = {'buffering': True}

    def getresponse(self, =False, **kwargs):
        """Retrieve the response"""
        # Check to see if the cassette has a response for this request. If so,
        # then return it
        if self.cassette.can_play_response_for(self.vcr_request):
            log.info(f"Playing response for {self.vcr_request} from cassette")
            response = self.cassette.play_response(self.vcr_request)
            return VCRHTTPResponse(response)
        else:
            if self.cassette.write_protected and self.cassette.filter_request(self.vcr_request):
>               raise CannotOverwriteExistingCassetteException(
                    cassette=self.cassette,
                    failed_request=self.vcr_request,
                )
E               vcr.errors.CannotOverwriteExistingCassetteException: Can't overwrite existing cassette ('/mnt/vss/work/1/s/src/azure-cli/azure/cli/command_modules/identity/tests/latest/recordings/test_federated_identity_credential.yaml') in your current record mode ('once').
E               No match for the request (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_federated_identity_credential_000001?api-version=2022-09-01>) was found.
E               Found 4 similar requests with 2 different matcher(s) :
E               
E               1 - (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials/fic1?api-version=2023-01-31>).
E               Matchers succeeded : ['method', 'scheme', 'host', 'port']
E               Matchers failed :
E               path - assertion failure :
E               /subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_federated_identity_credential_000001 != /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials/fic1
E               custom_request_query_matcher - assertion failure :
E               None
E               
E               2 - (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials?api-version=2023-01-31>).
E               Matchers succeeded : ['method', 'scheme', 'host', 'port']
E               Matchers failed :
E               path - assertion failure :
E               /subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_federated_identity_credential_000001 != /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials
E               custom_request_query_matcher - assertion failure :
E               None
E               
E               3 - (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials?api-version=2023-01-31>).
E               Matchers succeeded : ['method', 'scheme', 'host', 'port']
E               Matchers failed :
E               path - assertion failure :
E               /subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_federated_identity_credential_000001 != /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials
E               custom_request_query_matcher - assertion failure :
E               None
E               
E               4 - (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials?api-version=2023-01-31>).
E               Matchers succeeded : ['method', 'scheme', 'host', 'port']
E               Matchers failed :
E               path - assertion failure :
E               /subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_federated_identity_credential_000001 != /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials
E               custom_request_query_matcher - assertion failure :
E               None

env/lib/python3.11/site-packages/vcr/stubs/init.py:263: CannotOverwriteExistingCassetteException

During handling of the above exception, another exception occurred:

self = <azure.cli.command_modules.identity.tests.latest.test_identity.TestIdentity testMethod=test_federated_identity_credential>
resource_group = 'cli_test_federated_identity_credential_000001'

    @ResourceGroupPreparer(name_prefix='cli_test_federated_identity_credential', location='eastus2euap')
    def test_federated_identity_credential(self, resource_group):
        self.kwargs.update({
            'identity': 'ide',
            'fic1': 'fic1',
            'fic2': 'fic2',
            'subject1': 'system:serviceaccount:ns:svcaccount1',
            'subject2': 'system:serviceaccount:ns:svcaccount2',
            'subject3': 'system:serviceaccount:ns:svcaccount3',
            'issuer': 'https://oidc.prod-aks.azure.com/IssuerGUID',
            'audience': 'api://AzureADTokenExchange',
        })
    
>       self.cmd('identity create -n {identity} -g {rg}')

src/azure-cli/azure/cli/command_modules/identity/tests/latest/test_identity.py:45: 
                                        
src/azure-cli-testsdk/azure/cli/testsdk/base.py:175: in cmd
    return execute(self.cli_ctx, command, expect_failure=expect_failure).assert_with_checks(checks)
src/azure-cli-testsdk/azure/cli/testsdk/base.py:250: in init
    self.in_process_execute(cli_ctx, command, expect_failure=expect_failure)
src/azure-cli-testsdk/azure/cli/testsdk/base.py:301: in in_process_execute
    self.exit_code = cli_ctx.invoke(shlex.split(command), out_file=stdout_buf) or 0
env/lib/python3.11/site-packages/knack/cli.py:250: in invoke
    raise ex
env/lib/python3.11/site-packages/knack/cli.py:233: in invoke
    cmd_result = self.invocation.execute(args)
src/azure-cli-core/azure/cli/core/commands/init.py:651: in execute
    self.validation(expanded_arg)
env/lib/python3.11/site-packages/knack/invocation.py:118: in validation
    getattr(parsed_ns, 'parser', self.parser).validation_error(str(err))
src/azure-cli-core/azure/cli/core/parser.py:150: in validation_error
    self.exit(2)
                                        

self = AzCliCommandParser(prog='az identity create', usage=None, description='', formatter_class=<class 'argparse.HelpFormatter'>, conflict_handler='error', add_help=True)
status = 2, message = None

    def exit(self, status=0, message=None):
        if message:
            self._print_message(message, _sys.stderr)
>       _sys.exit(status)
E       SystemExit: 2

/opt/hostedtoolcache/Python/3.11.6/x64/lib/python3.11/argparse.py:2617: SystemExit		 azure/cli/command_modules/identity/tests/latest/test_identity.py:31
Failed test_identity_management self = <azure.cli.core.commands.AzCliCommandInvoker object at 0x7f9cd15102d0>
parsed_ns = Namespace(log_verbosity_verbose=False, log_verbosity_debug=False, log_verbosity_only_show_errors=False, output_for...atter'>, conflict_handler='error', add_help=True), cmd=<azure.cli.core.commands.AzCliCommand object at 0x7f9cd15931d0>)

    def validation(self, parsed_ns):
        try:
            cmd_validator = getattr(parsed_ns, 'command_validator', None)
            if cmd_validator:
>               self.validate_cmd_level(parsed_ns, cmd_validator)

env/lib/python3.11/site-packages/knack/invocation.py:111: 
                                        
src/azure-cli-core/azure/cli/core/commands/init.py:849: in validate_cmd_level
    cmd_validator(**self.build_kwargs(cmd_validator, ns))
src/azure-cli/azure/cli/command_modules/identity/validators.py:10: in process_msi_namespace
    get_default_location_from_resource_group(cmd, namespace)
src/azure-cli-core/azure/cli/core/commands/validators.py:81: in get_default_location_from_resource_group
    rg = resource_client.resource_groups.get(namespace.resource_group_name)
env/lib/python3.11/site-packages/azure/core/tracing/decorator.py:76: in wrapper_use_tracer
    return func(*args, **kwargs)
env/lib/python3.11/site-packages/azure/mgmt/resource/resources/v2022_09_01/operations/operations.py:11668: in get
    pipeline_response: PipelineResponse = self.client.pipeline.run(  # pylint: disable=protected-access
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:213: in run
    return first_node.send(pipeline_request)
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/mgmt/core/policies/base.py:47: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/policies/redirect.py:181: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/policies/retry.py:467: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/policies/authentication.py:115: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:108: in send
    self.sender.send(request.http_request, **request.context.options),
env/lib/python3.11/site-packages/azure/core/pipeline/transport/requests_basic.py:338: in send
    response = self.session.request(  # type: ignore
env/lib/python3.11/site-packages/requests/sessions.py:589: in request
    resp = self.send(prep, **send_kwargs)
env/lib/python3.11/site-packages/requests/sessions.py:703: in send
    r = adapter.send(request, **kwargs)
env/lib/python3.11/site-packages/requests/adapters.py:486: in send
    resp = conn.urlopen(
env/lib/python3.11/site-packages/urllib3/connectionpool.py:715: in urlopen
    httplib_response = self.make_request(
env/lib/python3.11/site-packages/urllib3/connectionpool.py:458: in make_request
    httplib_response = conn.getresponse(buffering=True)
                                        

self = <vcr.patch.VCRRequestsHTTPSConnection/mnt/vss/work/1/s/src/azure-cli/azure/cli/command_modules/identity/tests/latest/recordings/test_identity_management.yaml object at 0x7f9cd152d950>
 = False, kwargs = {'buffering': True}

    def getresponse(self, =False, **kwargs):
        """Retrieve the response"""
        # Check to see if the cassette has a response for this request. If so,
        # then return it
        if self.cassette.can_play_response_for(self.vcr_request):
            log.info(f"Playing response for {self.vcr_request} from cassette")
            response = self.cassette.play_response(self.vcr_request)
            return VCRHTTPResponse(response)
        else:
            if self.cassette.write_protected and self.cassette.filter_request(self.vcr_request):
>               raise CannotOverwriteExistingCassetteException(
                    cassette=self.cassette,
                    failed_request=self.vcr_request,
                )
E               vcr.errors.CannotOverwriteExistingCassetteException: Can't overwrite existing cassette ('/mnt/vss/work/1/s/src/azure-cli/azure/cli/command_modules/identity/tests/latest/recordings/test_identity_management.yaml') in your current record mode ('once').
E               No match for the request (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_identity_mgmt_000001?api-version=2022-09-01>) was found.
E               Found 2 similar requests with 2 different matcher(s) :
E               
E               1 - (<Request (GET) https://management.azure.com/providers/Microsoft.ManagedIdentity/operations?api-version=2023-01-31>).
E               Matchers succeeded : ['method', 'scheme', 'host', 'port']
E               Matchers failed :
E               path - assertion failure :
E               /subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_identity_mgmt_000001 != /providers/Microsoft.ManagedIdentity/operations
E               custom_request_query_matcher - assertion failure :
E               None
E               
E               2 - (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_identity_mgmt_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities?api-version=2023-01-31>).
E               Matchers succeeded : ['method', 'scheme', 'host', 'port']
E               Matchers failed :
E               path - assertion failure :
E               /subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_identity_mgmt_000001 != /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_identity_mgmt_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities
E               custom_request_query_matcher - assertion failure :
E               None

env/lib/python3.11/site-packages/vcr/stubs/init.py:263: CannotOverwriteExistingCassetteException

During handling of the above exception, another exception occurred:

self = <azure.cli.command_modules.identity.tests.latest.test_identity.TestIdentity testMethod=test_identity_management>
resource_group = 'cli_test_identity_mgmt_000001'

    @ResourceGroupPreparer(name_prefix='cli_test_identity_mgmt')
    def test_identity_management(self, resource_group):
        self.kwargs.update({
            'identity': 'myidentity'
        })
    
        operations = self.cmd('identity list-operations').get_output_in_json()
        self.assertGreaterEqual(len(operations), 1)
    
>       self.cmd('identity create -n {identity} -g {rg}', checks=[
            self.check('name', '{identity}'),
            self.check('resourceGroup', '{rg}')
        ])

src/azure-cli/azure/cli/command_modules/identity/tests/latest/test_identity.py:23: 
                                        
src/azure-cli-testsdk/azure/cli/testsdk/base.py:175: in cmd
    return execute(self.cli_ctx, command, expect_failure=expect_failure).assert_with_checks(checks)
src/azure-cli-testsdk/azure/cli/testsdk/base.py:250: in init
    self.in_process_execute(cli_ctx, command, expect_failure=expect_failure)
src/azure-cli-testsdk/azure/cli/testsdk/base.py:301: in in_process_execute
    self.exit_code = cli_ctx.invoke(shlex.split(command), out_file=stdout_buf) or 0
env/lib/python3.11/site-packages/knack/cli.py:250: in invoke
    raise ex
env/lib/python3.11/site-packages/knack/cli.py:233: in invoke
    cmd_result = self.invocation.execute(args)
src/azure-cli-core/azure/cli/core/commands/init.py:651: in execute
    self.validation(expanded_arg)
env/lib/python3.11/site-packages/knack/invocation.py:118: in validation
    getattr(parsed_ns, 'parser', self.parser).validation_error(str(err))
src/azure-cli-core/azure/cli/core/parser.py:150: in validation_error
    self.exit(2)
                                        

self = AzCliCommandParser(prog='az identity create', usage=None, description='', formatter_class=<class 'argparse.HelpFormatter'>, conflict_handler='error', add_help=True)
status = 2, message = None

    def exit(self, status=0, message=None):
        if message:
            self._print_message(message, _sys.stderr)
>       _sys.exit(status)
E       SystemExit: 2

/opt/hostedtoolcache/Python/3.11.6/x64/lib/python3.11/argparse.py:2617: SystemExit		 azure/cli/command_modules/identity/tests/latest/test_identity.py:13
Failed test_revoke_token self = <azure.cli.core.commands.AzCliCommandInvoker object at 0x7f9cd1692d90>
parsed_ns = Namespace(log_verbosity_verbose=False, log_verbosity_debug=False, log_verbosity_only_show_errors=False, output_for...atter'>, conflict_handler='error', add_help=True), cmd=<azure.cli.core.commands.AzCliCommand object at 0x7f9cd16668d0>)

    def validation(self, parsed_ns):
        try:
            cmd_validator = getattr(parsed_ns, 'command_validator', None)
            if cmd_validator:
>               self.validate_cmd_level(parsed_ns, cmd_validator)

env/lib/python3.11/site-packages/knack/invocation.py:111: 
                                        
src/azure-cli-core/azure/cli/core/commands/init.py:849: in validate_cmd_level
    cmd_validator(**self.build_kwargs(cmd_validator, ns))
src/azure-cli/azure/cli/command_modules/identity/validators.py:10: in process_msi_namespace
    get_default_location_from_resource_group(cmd, namespace)
src/azure-cli-core/azure/cli/core/commands/validators.py:81: in get_default_location_from_resource_group
    rg = resource_client.resource_groups.get(namespace.resource_group_name)
env/lib/python3.11/site-packages/azure/core/tracing/decorator.py:76: in wrapper_use_tracer
    return func(*args, **kwargs)
env/lib/python3.11/site-packages/azure/mgmt/resource/resources/v2022_09_01/operations/operations.py:11668: in get
    pipeline_response: PipelineResponse = self.client.pipeline.run(  # pylint: disable=protected-access
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:213: in run
    return first_node.send(pipeline_request)
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/mgmt/core/policies/base.py:47: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/policies/redirect.py:181: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/policies/retry.py:467: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/policies/authentication.py:115: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.11/site-packages/azure/core/pipeline/base.py:108: in send
    self.sender.send(request.http_request, **request.context.options),
env/lib/python3.11/site-packages/azure/core/pipeline/transport/requests_basic.py:338: in send
    response = self.session.request(  # type: ignore
env/lib/python3.11/site-packages/requests/sessions.py:589: in request
    resp = self.send(prep, **send_kwargs)
env/lib/python3.11/site-packages/requests/sessions.py:703: in send
    r = adapter.send(request, **kwargs)
env/lib/python3.11/site-packages/requests/adapters.py:486: in send
    resp = conn.urlopen(
env/lib/python3.11/site-packages/urllib3/connectionpool.py:715: in urlopen
    httplib_response = self.make_request(
env/lib/python3.11/site-packages/urllib3/connectionpool.py:458: in make_request
    httplib_response = conn.getresponse(buffering=True)
                                        

self = <vcr.patch.VCRRequestsHTTPSConnection/mnt/vss/work/1/s/src/azure-cli/azure/cli/command_modules/identity/tests/latest/recordings/test_revoke_token.yaml object at 0x7f9cd14aaa90>
 = False, kwargs = {'buffering': True}

    def getresponse(self, =False, **kwargs):
        """Retrieve the response"""
        # Check to see if the cassette has a response for this request. If so,
        # then return it
        if self.cassette.can_play_response_for(self.vcr_request):
            log.info(f"Playing response for {self.vcr_request} from cassette")
            response = self.cassette.play_response(self.vcr_request)
            return VCRHTTPResponse(response)
        else:
            if self.cassette.write_protected and self.cassette.filter_request(self.vcr_request):
>               raise CannotOverwriteExistingCassetteException(
                    cassette=self.cassette,
                    failed_request=self.vcr_request,
                )
E               vcr.errors.CannotOverwriteExistingCassetteException: Can't overwrite existing cassette ('/mnt/vss/work/1/s/src/azure-cli/azure/cli/command_modules/identity/tests/latest/recordings/test_revoke_token.yaml') in your current record mode ('once').
E               No match for the request (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_revoke_token_000001?api-version=2022-09-01>) was found.
E               Found 2 similar requests with 3 different matcher(s) :
E               
E               1 - (<Request (PUT) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_revoke_token_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide?api-version=2023-01-31>).
E               Matchers succeeded : ['scheme', 'host', 'port']
E               Matchers failed :
E               method - assertion failure :
E               GET != PUT
E               path - assertion failure :
E               /subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_revoke_token_000001 != /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_revoke_token_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide
E               custom_request_query_matcher - assertion failure :
E               None
E               
E               2 - (<Request (POST) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_revoke_token_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/revokeTokens?api-version=2023-07-31-preview>).
E               Matchers succeeded : ['scheme', 'host', 'port']
E               Matchers failed :
E               method - assertion failure :
E               GET != POST
E               path - assertion failure :
E               /subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_revoke_token_000001 != /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_revoke_token_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/revokeTokens
E               custom_request_query_matcher - assertion failure :
E               None

env/lib/python3.11/site-packages/vcr/stubs/init.py:263: CannotOverwriteExistingCassetteException

During handling of the above exception, another exception occurred:

self = <azure.cli.command_modules.identity.tests.latest.test_identity.TestIdentity testMethod=test_revoke_token>
resource_group = 'cli_test_revoke_token_000001'

    @ResourceGroupPreparer(name_prefix='cli_test_revoke_token', location='eastus2euap')
    def test_revoke_token(self, resource_group):
        self.kwargs.update({
            'identity': 'ide'
        })
    
>       self.cmd('identity create -n {identity} -g {rg}')

src/azure-cli/azure/cli/command_modules/identity/tests/latest/test_identity.py:127: 
                                        
src/azure-cli-testsdk/azure/cli/testsdk/base.py:175: in cmd
    return execute(self.cli_ctx, command, expect_failure=expect_failure).assert_with_checks(checks)
src/azure-cli-testsdk/azure/cli/testsdk/base.py:250: in init
    self.in_process_execute(cli_ctx, command, expect_failure=expect_failure)
src/azure-cli-testsdk/azure/cli/testsdk/base.py:301: in in_process_execute
    self.exit_code = cli_ctx.invoke(shlex.split(command), out_file=stdout_buf) or 0
env/lib/python3.11/site-packages/knack/cli.py:250: in invoke
    raise ex
env/lib/python3.11/site-packages/knack/cli.py:233: in invoke
    cmd_result = self.invocation.execute(args)
src/azure-cli-core/azure/cli/core/commands/init.py:651: in execute
    self.validation(expanded_arg)
env/lib/python3.11/site-packages/knack/invocation.py:118: in validation
    getattr(parsed_ns, 'parser', self.parser).validation_error(str(err))
src/azure-cli-core/azure/cli/core/parser.py:150: in validation_error
    self.exit(2)
                                        

self = AzCliCommandParser(prog='az identity create', usage=None, description='', formatter_class=<class 'argparse.HelpFormatter'>, conflict_handler='error', add_help=True)
status = 2, message = None

    def exit(self, status=0, message=None):
        if message:
            self._print_message(message, _sys.stderr)
>       _sys.exit(status)
E       SystemExit: 2

/opt/hostedtoolcache/Python/3.11.6/x64/lib/python3.11/argparse.py:2617: SystemExit		 azure/cli/command_modules/identity/tests/latest/test_identity.py:120
❌3.9
Type Test Case Error Message Line
Failed test_federated_identity_credential self = <azure.cli.core.commands.AzCliCommandInvoker object at 0x7f1dd645e160>
parsed_ns = Namespace(log_verbosity_verbose=False, log_verbosity_debug=False, log_verbosity_only_show_errors=False, output_for...atter'>, conflict_handler='error', add_help=True), cmd=<azure.cli.core.commands.AzCliCommand object at 0x7f1dd6403d30>)

    def validation(self, parsed_ns):
        try:
            cmd_validator = getattr(parsed_ns, 'command_validator', None)
            if cmd_validator:
>               self.validate_cmd_level(parsed_ns, cmd_validator)

env/lib/python3.9/site-packages/knack/invocation.py:111: 
                                        
src/azure-cli-core/azure/cli/core/commands/init.py:849: in validate_cmd_level
    cmd_validator(**self.build_kwargs(cmd_validator, ns))
src/azure-cli/azure/cli/command_modules/identity/validators.py:10: in process_msi_namespace
    get_default_location_from_resource_group(cmd, namespace)
src/azure-cli-core/azure/cli/core/commands/validators.py:81: in get_default_location_from_resource_group
    rg = resource_client.resource_groups.get(namespace.resource_group_name)
env/lib/python3.9/site-packages/azure/core/tracing/decorator.py:76: in wrapper_use_tracer
    return func(*args, **kwargs)
env/lib/python3.9/site-packages/azure/mgmt/resource/resources/v2022_09_01/operations/operations.py:11668: in get
    pipeline_response: PipelineResponse = self.client.pipeline.run(  # pylint: disable=protected-access
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:213: in run
    return first_node.send(pipeline_request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/mgmt/core/policies/base.py:47: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/policies/redirect.py:181: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/policies/retry.py:467: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/policies/authentication.py:115: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:108: in send
    self.sender.send(request.http_request, **request.context.options),
env/lib/python3.9/site-packages/azure/core/pipeline/transport/requests_basic.py:338: in send
    response = self.session.request(  # type: ignore
env/lib/python3.9/site-packages/requests/sessions.py:589: in request
    resp = self.send(prep, **send_kwargs)
env/lib/python3.9/site-packages/requests/sessions.py:703: in send
    r = adapter.send(request, **kwargs)
env/lib/python3.9/site-packages/requests/adapters.py:486: in send
    resp = conn.urlopen(
env/lib/python3.9/site-packages/urllib3/connectionpool.py:715: in urlopen
    httplib_response = self.make_request(
env/lib/python3.9/site-packages/urllib3/connectionpool.py:458: in make_request
    httplib_response = conn.getresponse(buffering=True)
                                        

self = <vcr.patch.VCRRequestsHTTPSConnection/mnt/vss/work/1/s/src/azure-cli/azure/cli/command_modules/identity/tests/latest/recordings/test_federated_identity_credential.yaml object at 0x7f1dd6433880>
 = False, kwargs = {'buffering': True}

    def getresponse(self, =False, **kwargs):
        """Retrieve the response"""
        # Check to see if the cassette has a response for this request. If so,
        # then return it
        if self.cassette.can_play_response_for(self.vcr_request):
            log.info(f"Playing response for {self.vcr_request} from cassette")
            response = self.cassette.play_response(self.vcr_request)
            return VCRHTTPResponse(response)
        else:
            if self.cassette.write_protected and self.cassette.filter_request(self.vcr_request):
>               raise CannotOverwriteExistingCassetteException(
                    cassette=self.cassette,
                    failed_request=self.vcr_request,
                )
E               vcr.errors.CannotOverwriteExistingCassetteException: Can't overwrite existing cassette ('/mnt/vss/work/1/s/src/azure-cli/azure/cli/command_modules/identity/tests/latest/recordings/test_federated_identity_credential.yaml') in your current record mode ('once').
E               No match for the request (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_federated_identity_credential_000001?api-version=2022-09-01>) was found.
E               Found 4 similar requests with 2 different matcher(s) :
E               
E               1 - (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials/fic1?api-version=2023-01-31>).
E               Matchers succeeded : ['method', 'scheme', 'host', 'port']
E               Matchers failed :
E               path - assertion failure :
E               /subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_federated_identity_credential_000001 != /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials/fic1
E               custom_request_query_matcher - assertion failure :
E               None
E               
E               2 - (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials?api-version=2023-01-31>).
E               Matchers succeeded : ['method', 'scheme', 'host', 'port']
E               Matchers failed :
E               path - assertion failure :
E               /subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_federated_identity_credential_000001 != /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials
E               custom_request_query_matcher - assertion failure :
E               None
E               
E               3 - (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials?api-version=2023-01-31>).
E               Matchers succeeded : ['method', 'scheme', 'host', 'port']
E               Matchers failed :
E               path - assertion failure :
E               /subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_federated_identity_credential_000001 != /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials
E               custom_request_query_matcher - assertion failure :
E               None
E               
E               4 - (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials?api-version=2023-01-31>).
E               Matchers succeeded : ['method', 'scheme', 'host', 'port']
E               Matchers failed :
E               path - assertion failure :
E               /subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_federated_identity_credential_000001 != /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_federated_identity_credential_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/federatedIdentityCredentials
E               custom_request_query_matcher - assertion failure :
E               None

env/lib/python3.9/site-packages/vcr/stubs/init.py:263: CannotOverwriteExistingCassetteException

During handling of the above exception, another exception occurred:

self = <azure.cli.command_modules.identity.tests.latest.test_identity.TestIdentity testMethod=test_federated_identity_credential>
resource_group = 'cli_test_federated_identity_credential_000001'

    @ResourceGroupPreparer(name_prefix='cli_test_federated_identity_credential', location='eastus2euap')
    def test_federated_identity_credential(self, resource_group):
        self.kwargs.update({
            'identity': 'ide',
            'fic1': 'fic1',
            'fic2': 'fic2',
            'subject1': 'system:serviceaccount:ns:svcaccount1',
            'subject2': 'system:serviceaccount:ns:svcaccount2',
            'subject3': 'system:serviceaccount:ns:svcaccount3',
            'issuer': 'https://oidc.prod-aks.azure.com/IssuerGUID',
            'audience': 'api://AzureADTokenExchange',
        })
    
>       self.cmd('identity create -n {identity} -g {rg}')

src/azure-cli/azure/cli/command_modules/identity/tests/latest/test_identity.py:45: 
                                        
src/azure-cli-testsdk/azure/cli/testsdk/base.py:175: in cmd
    return execute(self.cli_ctx, command, expect_failure=expect_failure).assert_with_checks(checks)
src/azure-cli-testsdk/azure/cli/testsdk/base.py:250: in init
    self.in_process_execute(cli_ctx, command, expect_failure=expect_failure)
src/azure-cli-testsdk/azure/cli/testsdk/base.py:301: in in_process_execute
    self.exit_code = cli_ctx.invoke(shlex.split(command), out_file=stdout_buf) or 0
env/lib/python3.9/site-packages/knack/cli.py:250: in invoke
    raise ex
env/lib/python3.9/site-packages/knack/cli.py:233: in invoke
    cmd_result = self.invocation.execute(args)
src/azure-cli-core/azure/cli/core/commands/init.py:651: in execute
    self.validation(expanded_arg)
env/lib/python3.9/site-packages/knack/invocation.py:118: in validation
    getattr(parsed_ns, 'parser', self.parser).validation_error(str(err))
src/azure-cli-core/azure/cli/core/parser.py:150: in validation_error
    self.exit(2)
                                        

self = AzCliCommandParser(prog='az identity create', usage=None, description='', formatter_class=<class 'argparse.HelpFormatter'>, conflict_handler='error', add_help=True)
status = 2, message = None

    def exit(self, status=0, message=None):
        if message:
            self._print_message(message, _sys.stderr)
>       _sys.exit(status)
E       SystemExit: 2

/opt/hostedtoolcache/Python/3.9.18/x64/lib/python3.9/argparse.py:2569: SystemExit		 azure/cli/command_modules/identity/tests/latest/test_identity.py:31
Failed test_identity_management self = <azure.cli.core.commands.AzCliCommandInvoker object at 0x7f1dd647c1f0>
parsed_ns = Namespace(log_verbosity_verbose=False, log_verbosity_debug=False, log_verbosity_only_show_errors=False, output_for...atter'>, conflict_handler='error', add_help=True), cmd=<azure.cli.core.commands.AzCliCommand object at 0x7f1dd6395d00>)

    def validation(self, parsed_ns):
        try:
            cmd_validator = getattr(parsed_ns, 'command_validator', None)
            if cmd_validator:
>               self.validate_cmd_level(parsed_ns, cmd_validator)

env/lib/python3.9/site-packages/knack/invocation.py:111: 
                                        
src/azure-cli-core/azure/cli/core/commands/init.py:849: in validate_cmd_level
    cmd_validator(**self.build_kwargs(cmd_validator, ns))
src/azure-cli/azure/cli/command_modules/identity/validators.py:10: in process_msi_namespace
    get_default_location_from_resource_group(cmd, namespace)
src/azure-cli-core/azure/cli/core/commands/validators.py:81: in get_default_location_from_resource_group
    rg = resource_client.resource_groups.get(namespace.resource_group_name)
env/lib/python3.9/site-packages/azure/core/tracing/decorator.py:76: in wrapper_use_tracer
    return func(*args, **kwargs)
env/lib/python3.9/site-packages/azure/mgmt/resource/resources/v2022_09_01/operations/operations.py:11668: in get
    pipeline_response: PipelineResponse = self.client.pipeline.run(  # pylint: disable=protected-access
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:213: in run
    return first_node.send(pipeline_request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/mgmt/core/policies/base.py:47: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/policies/redirect.py:181: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/policies/retry.py:467: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/policies/authentication.py:115: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:108: in send
    self.sender.send(request.http_request, **request.context.options),
env/lib/python3.9/site-packages/azure/core/pipeline/transport/requests_basic.py:338: in send
    response = self.session.request(  # type: ignore
env/lib/python3.9/site-packages/requests/sessions.py:589: in request
    resp = self.send(prep, **send_kwargs)
env/lib/python3.9/site-packages/requests/sessions.py:703: in send
    r = adapter.send(request, **kwargs)
env/lib/python3.9/site-packages/requests/adapters.py:486: in send
    resp = conn.urlopen(
env/lib/python3.9/site-packages/urllib3/connectionpool.py:715: in urlopen
    httplib_response = self.make_request(
env/lib/python3.9/site-packages/urllib3/connectionpool.py:458: in make_request
    httplib_response = conn.getresponse(buffering=True)
                                        

self = <vcr.patch.VCRRequestsHTTPSConnection/mnt/vss/work/1/s/src/azure-cli/azure/cli/command_modules/identity/tests/latest/recordings/test_identity_management.yaml object at 0x7f1dd63491f0>
 = False, kwargs = {'buffering': True}

    def getresponse(self, =False, **kwargs):
        """Retrieve the response"""
        # Check to see if the cassette has a response for this request. If so,
        # then return it
        if self.cassette.can_play_response_for(self.vcr_request):
            log.info(f"Playing response for {self.vcr_request} from cassette")
            response = self.cassette.play_response(self.vcr_request)
            return VCRHTTPResponse(response)
        else:
            if self.cassette.write_protected and self.cassette.filter_request(self.vcr_request):
>               raise CannotOverwriteExistingCassetteException(
                    cassette=self.cassette,
                    failed_request=self.vcr_request,
                )
E               vcr.errors.CannotOverwriteExistingCassetteException: Can't overwrite existing cassette ('/mnt/vss/work/1/s/src/azure-cli/azure/cli/command_modules/identity/tests/latest/recordings/test_identity_management.yaml') in your current record mode ('once').
E               No match for the request (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_identity_mgmt_000001?api-version=2022-09-01>) was found.
E               Found 2 similar requests with 2 different matcher(s) :
E               
E               1 - (<Request (GET) https://management.azure.com/providers/Microsoft.ManagedIdentity/operations?api-version=2023-01-31>).
E               Matchers succeeded : ['method', 'scheme', 'host', 'port']
E               Matchers failed :
E               path - assertion failure :
E               /subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_identity_mgmt_000001 != /providers/Microsoft.ManagedIdentity/operations
E               custom_request_query_matcher - assertion failure :
E               None
E               
E               2 - (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_identity_mgmt_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities?api-version=2023-01-31>).
E               Matchers succeeded : ['method', 'scheme', 'host', 'port']
E               Matchers failed :
E               path - assertion failure :
E               /subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_identity_mgmt_000001 != /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_identity_mgmt_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities
E               custom_request_query_matcher - assertion failure :
E               None

env/lib/python3.9/site-packages/vcr/stubs/init.py:263: CannotOverwriteExistingCassetteException

During handling of the above exception, another exception occurred:

self = <azure.cli.command_modules.identity.tests.latest.test_identity.TestIdentity testMethod=test_identity_management>
resource_group = 'cli_test_identity_mgmt_000001'

    @ResourceGroupPreparer(name_prefix='cli_test_identity_mgmt')
    def test_identity_management(self, resource_group):
        self.kwargs.update({
            'identity': 'myidentity'
        })
    
        operations = self.cmd('identity list-operations').get_output_in_json()
        self.assertGreaterEqual(len(operations), 1)
    
>       self.cmd('identity create -n {identity} -g {rg}', checks=[
            self.check('name', '{identity}'),
            self.check('resourceGroup', '{rg}')
        ])

src/azure-cli/azure/cli/command_modules/identity/tests/latest/test_identity.py:23: 
                                        
src/azure-cli-testsdk/azure/cli/testsdk/base.py:175: in cmd
    return execute(self.cli_ctx, command, expect_failure=expect_failure).assert_with_checks(checks)
src/azure-cli-testsdk/azure/cli/testsdk/base.py:250: in init
    self.in_process_execute(cli_ctx, command, expect_failure=expect_failure)
src/azure-cli-testsdk/azure/cli/testsdk/base.py:301: in in_process_execute
    self.exit_code = cli_ctx.invoke(shlex.split(command), out_file=stdout_buf) or 0
env/lib/python3.9/site-packages/knack/cli.py:250: in invoke
    raise ex
env/lib/python3.9/site-packages/knack/cli.py:233: in invoke
    cmd_result = self.invocation.execute(args)
src/azure-cli-core/azure/cli/core/commands/init.py:651: in execute
    self.validation(expanded_arg)
env/lib/python3.9/site-packages/knack/invocation.py:118: in validation
    getattr(parsed_ns, 'parser', self.parser).validation_error(str(err))
src/azure-cli-core/azure/cli/core/parser.py:150: in validation_error
    self.exit(2)
                                        

self = AzCliCommandParser(prog='az identity create', usage=None, description='', formatter_class=<class 'argparse.HelpFormatter'>, conflict_handler='error', add_help=True)
status = 2, message = None

    def exit(self, status=0, message=None):
        if message:
            self._print_message(message, _sys.stderr)
>       _sys.exit(status)
E       SystemExit: 2

/opt/hostedtoolcache/Python/3.9.18/x64/lib/python3.9/argparse.py:2569: SystemExit		 azure/cli/command_modules/identity/tests/latest/test_identity.py:13
Failed test_revoke_token self = <azure.cli.core.commands.AzCliCommandInvoker object at 0x7f1dd64a9070>
parsed_ns = Namespace(log_verbosity_verbose=False, log_verbosity_debug=False, log_verbosity_only_show_errors=False, output_for...atter'>, conflict_handler='error', add_help=True), cmd=<azure.cli.core.commands.AzCliCommand object at 0x7f1dd6479fd0>)

    def validation(self, parsed_ns):
        try:
            cmd_validator = getattr(parsed_ns, 'command_validator', None)
            if cmd_validator:
>               self.validate_cmd_level(parsed_ns, cmd_validator)

env/lib/python3.9/site-packages/knack/invocation.py:111: 
                                        
src/azure-cli-core/azure/cli/core/commands/init.py:849: in validate_cmd_level
    cmd_validator(**self.build_kwargs(cmd_validator, ns))
src/azure-cli/azure/cli/command_modules/identity/validators.py:10: in process_msi_namespace
    get_default_location_from_resource_group(cmd, namespace)
src/azure-cli-core/azure/cli/core/commands/validators.py:81: in get_default_location_from_resource_group
    rg = resource_client.resource_groups.get(namespace.resource_group_name)
env/lib/python3.9/site-packages/azure/core/tracing/decorator.py:76: in wrapper_use_tracer
    return func(*args, **kwargs)
env/lib/python3.9/site-packages/azure/mgmt/resource/resources/v2022_09_01/operations/operations.py:11668: in get
    pipeline_response: PipelineResponse = self.client.pipeline.run(  # pylint: disable=protected-access
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:213: in run
    return first_node.send(pipeline_request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/mgmt/core/policies/base.py:47: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/policies/redirect.py:181: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/policies/retry.py:467: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/policies/authentication.py:115: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:70: in send
    response = self.next.send(request)
env/lib/python3.9/site-packages/azure/core/pipeline/base.py:108: in send
    self.sender.send(request.http_request, **request.context.options),
env/lib/python3.9/site-packages/azure/core/pipeline/transport/requests_basic.py:338: in send
    response = self.session.request(  # type: ignore
env/lib/python3.9/site-packages/requests/sessions.py:589: in request
    resp = self.send(prep, **send_kwargs)
env/lib/python3.9/site-packages/requests/sessions.py:703: in send
    r = adapter.send(request, **kwargs)
env/lib/python3.9/site-packages/requests/adapters.py:486: in send
    resp = conn.urlopen(
env/lib/python3.9/site-packages/urllib3/connectionpool.py:715: in urlopen
    httplib_response = self.make_request(
env/lib/python3.9/site-packages/urllib3/connectionpool.py:458: in make_request
    httplib_response = conn.getresponse(buffering=True)
                                        

self = <vcr.patch.VCRRequestsHTTPSConnection/mnt/vss/work/1/s/src/azure-cli/azure/cli/command_modules/identity/tests/latest/recordings/test_revoke_token.yaml object at 0x7f1dd6cb1100>
 = False, kwargs = {'buffering': True}

    def getresponse(self, =False, **kwargs):
        """Retrieve the response"""
        # Check to see if the cassette has a response for this request. If so,
        # then return it
        if self.cassette.can_play_response_for(self.vcr_request):
            log.info(f"Playing response for {self.vcr_request} from cassette")
            response = self.cassette.play_response(self.vcr_request)
            return VCRHTTPResponse(response)
        else:
            if self.cassette.write_protected and self.cassette.filter_request(self.vcr_request):
>               raise CannotOverwriteExistingCassetteException(
                    cassette=self.cassette,
                    failed_request=self.vcr_request,
                )
E               vcr.errors.CannotOverwriteExistingCassetteException: Can't overwrite existing cassette ('/mnt/vss/work/1/s/src/azure-cli/azure/cli/command_modules/identity/tests/latest/recordings/test_revoke_token.yaml') in your current record mode ('once').
E               No match for the request (<Request (GET) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_revoke_token_000001?api-version=2022-09-01>) was found.
E               Found 2 similar requests with 3 different matcher(s) :
E               
E               1 - (<Request (PUT) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_revoke_token_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide?api-version=2023-01-31>).
E               Matchers succeeded : ['scheme', 'host', 'port']
E               Matchers failed :
E               method - assertion failure :
E               GET != PUT
E               path - assertion failure :
E               /subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_revoke_token_000001 != /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_revoke_token_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide
E               custom_request_query_matcher - assertion failure :
E               None
E               
E               2 - (<Request (POST) https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_revoke_token_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/revokeTokens?api-version=2023-07-31-preview>).
E               Matchers succeeded : ['scheme', 'host', 'port']
E               Matchers failed :
E               method - assertion failure :
E               GET != POST
E               path - assertion failure :
E               /subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/cli_test_revoke_token_000001 != /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/cli_test_revoke_token_000001/providers/Microsoft.ManagedIdentity/userAssignedIdentities/ide/revokeTokens
E               custom_request_query_matcher - assertion failure :
E               None

env/lib/python3.9/site-packages/vcr/stubs/init.py:263: CannotOverwriteExistingCassetteException

During handling of the above exception, another exception occurred:

self = <azure.cli.command_modules.identity.tests.latest.test_identity.TestIdentity testMethod=test_revoke_token>
resource_group = 'cli_test_revoke_token_000001'

    @ResourceGroupPreparer(name_prefix='cli_test_revoke_token', location='eastus2euap')
    def test_revoke_token(self, resource_group):
        self.kwargs.update({
            'identity': 'ide'
        })
    
>       self.cmd('identity create -n {identity} -g {rg}')

src/azure-cli/azure/cli/command_modules/identity/tests/latest/test_identity.py:127: 
                                        
src/azure-cli-testsdk/azure/cli/testsdk/base.py:175: in cmd
    return execute(self.cli_ctx, command, expect_failure=expect_failure).assert_with_checks(checks)
src/azure-cli-testsdk/azure/cli/testsdk/base.py:250: in init
    self.in_process_execute(cli_ctx, command, expect_failure=expect_failure)
src/azure-cli-testsdk/azure/cli/testsdk/base.py:301: in in_process_execute
    self.exit_code = cli_ctx.invoke(shlex.split(command), out_file=stdout_buf) or 0
env/lib/python3.9/site-packages/knack/cli.py:250: in invoke
    raise ex
env/lib/python3.9/site-packages/knack/cli.py:233: in invoke
    cmd_result = self.invocation.execute(args)
src/azure-cli-core/azure/cli/core/commands/init.py:651: in execute
    self.validation(expanded_arg)
env/lib/python3.9/site-packages/knack/invocation.py:118: in validation
    getattr(parsed_ns, 'parser', self.parser).validation_error(str(err))
src/azure-cli-core/azure/cli/core/parser.py:150: in validation_error
    self.exit(2)
                                        

self = AzCliCommandParser(prog='az identity create', usage=None, description='', formatter_class=<class 'argparse.HelpFormatter'>, conflict_handler='error', add_help=True)
status = 2, message = None

    def exit(self, status=0, message=None):
        if message:
            self._print_message(message, _sys.stderr)
>       _sys.exit(status)
E       SystemExit: 2

/opt/hostedtoolcache/Python/3.9.18/x64/lib/python3.9/argparse.py:2569: SystemExit		 azure/cli/command_modules/identity/tests/latest/test_identity.py:120
️✔️iot
️✔️2019-03-01-hybrid
️✔️3.11
️✔️3.9
️✔️2020-09-01-hybrid
️✔️3.11
️✔️3.9
️✔️latest
️✔️3.11
️✔️3.9
️✔️keyvault
️✔️2018-03-01-hybrid
️✔️3.11
️✔️3.9
️✔️2020-09-01-hybrid
️✔️3.11
️✔️3.9
️✔️latest
️✔️3.11
️✔️3.9
️✔️kusto
️✔️latest
️✔️3.11
️✔️3.9
️✔️lab
️✔️latest
️✔️3.11
️✔️3.9
️✔️managedservices
️✔️latest
️✔️3.11
️✔️3.9
️✔️maps
️✔️latest
️✔️3.11
️✔️3.9
️✔️marketplaceordering
️✔️latest
️✔️3.11
️✔️3.9
️✔️monitor
️✔️latest
️✔️3.11
️✔️3.9
️✔️mysql
️✔️latest
️✔️3.11
️✔️3.9
️✔️netappfiles
️✔️latest
️✔️3.11
️✔️3.9
️✔️network
️✔️2018-03-01-hybrid
️✔️3.11
️✔️3.9
️✔️latest
️✔️3.11
️✔️3.9
️✔️policyinsights
️✔️latest
️✔️3.11
️✔️3.9
️✔️privatedns
️✔️latest
️✔️3.11
️✔️3.9
️✔️profile
️✔️latest
️✔️3.11
️✔️3.9
️✔️rdbms
️✔️latest
️✔️3.11
️✔️3.9
️✔️redis
️✔️latest
️✔️3.11
️✔️3.9
️✔️relay
️✔️latest
️✔️3.11
️✔️3.9
️✔️resource
️✔️2018-03-01-hybrid
️✔️3.11
️✔️3.9
️✔️2019-03-01-hybrid
️✔️3.11
️✔️3.9
️✔️latest
️✔️3.11
️✔️3.9
️✔️role
️✔️latest
️✔️3.11
️✔️3.9
️✔️search
️✔️latest
️✔️3.11
️✔️3.9
️✔️security
️✔️latest
️✔️3.11
️✔️3.9
️✔️servicebus
️✔️latest
️✔️3.11
️✔️3.9
️✔️serviceconnector
️✔️latest
️✔️3.11
️✔️3.9
️✔️servicefabric
️✔️latest
️✔️3.11
️✔️3.9
️✔️signalr
️✔️latest
️✔️3.11
️✔️3.9
️✔️sql
️✔️latest
️✔️3.11
️✔️3.9
️✔️sqlvm
️✔️latest
️✔️3.11
️✔️3.9
️✔️storage
️✔️2018-03-01-hybrid
️✔️3.11
️✔️3.9
️✔️2019-03-01-hybrid
️✔️3.11
️✔️3.9
️✔️2020-09-01-hybrid
️✔️3.11
️✔️3.9
️✔️latest
️✔️3.11
️✔️3.9
️✔️synapse
️✔️latest
️✔️3.11
️✔️3.9
️✔️telemetry
️✔️2018-03-01-hybrid
️✔️3.11
️✔️3.9
️✔️2019-03-01-hybrid
️✔️3.11
️✔️3.9
️✔️2020-09-01-hybrid
️✔️3.11
️✔️3.9
️✔️latest
️✔️3.11
️✔️3.9
️✔️util
️✔️latest
️✔️3.11
️✔️3.9
️✔️vm
️✔️2018-03-01-hybrid
️✔️3.11
️✔️3.9
️✔️2019-03-01-hybrid
️✔️3.11
️✔️3.9
️✔️2020-09-01-hybrid
️✔️3.11
️✔️3.9
️✔️latest
️✔️3.11
️✔️3.9

azure-client-tools-bot-prd[bot] avatar Dec 11 '23 08:12 azure-client-tools-bot-prd[bot]

⚠️AzureCLI-BreakingChangeTest
⚠️identity
rule cmd_name rule_message suggest_message
⚠️ 1001 - CmdAdd identity revoke cmd identity revoke added

azure-client-tools-bot-prd[bot] avatar Dec 11 '23 08:12 azure-client-tools-bot-prd[bot]

Identity

yonzhan avatar Dec 11 '23 08:12 yonzhan

@RamyaElangovanP Please resolve these CI issues

zhoxing-ms avatar Dec 11 '23 10:12 zhoxing-ms

Let me check with you if the all changes of this PR are: Add a command az identity revoke to revoke all tokens issued in the past for a specified user assigned identity

If so, suggested title is: [Identity] az identity revoke: Add a command to revoke all tokens issued in the past for a specified user assigned identity

yanzhudd avatar Dec 12 '23 03:12 yanzhudd

Please add test for this change.

yanzhudd avatar Dec 12 '23 03:12 yanzhudd

Let me check with you if the all changes of this PR are: Add a command az identity revoke to revoke all tokens issued in the past for a specified user assigned identity

If so, suggested title is: [Identity] az identity revoke: Add a command to revoke all tokens issued in the past for a specified user assigned identity

yeah it is. Updated as suggested

RamyaElangovanP avatar Dec 12 '23 09:12 RamyaElangovanP

Please add test for this change.

Added test

RamyaElangovanP avatar Dec 13 '23 02:12 RamyaElangovanP

Please resolve CI failed items

yanzhudd avatar Dec 13 '23 03:12 yanzhudd

@RamyaElangovanP Any update?

zhoxing-ms avatar Dec 25 '23 08:12 zhoxing-ms