Azure Container Registry auth failure when using Managed Identity · Issue #425 · dotnet/sdk-container-builds (original) (raw)

A user reported failures when attempting to use our tools when logged in to ACR via a managed identity via an Azure Devops-Managed Service Connection. We should verify/fix that Managed Identity authentication works.

I did a bit of digging into why/how managed identities work to try and triage this. After digging into the user's report, we aren't failing fetching the credentials, but we are failing during actual auth. I'm not able to get insight into the value of the token/auth that's retrieved.

Useful links:

• the DockerAzDo task
• the common docker code that the Docker task uses for handling auth - there is managed-identity-specific code here
• the ACR-specific token code

We should investigate this logic and try to set up a test suite for Managed Identity support.