We have just upgraded from 2021.1.7316 to 2021.3.8275 and have found our terraform steps have stopped working when getting the workspaces.
Details of configuration:
Azure account is bound to a variable populated based on tenant and environment. Using variable preview I have confirmed the correct account is being populated.
A workspace variable is also provided via a variable.
When the step runs, init seems to be ok, but when it attempts to get the workspace, it seems to not substitute the subscriptionId value:
Error: Failed to get existing workspaces: Error retrieving keys for Storage Account "[redacted]": azure.BearerAuthorizer#WithAuthorization: Failed to refresh the Token for request to https://management.azure.com/subscriptions/%23%7BOctopus.Action.Azure.SubscriptionId%7D/resourceGroups/[redacted]/providers/Microsoft.Storage/storageAccounts/[redacted]/listKeys?api-version=2021-01-01: StatusCode=200 -- Original Error: adal: Failed to unmarshal the service principal token during refresh. Error = 'invalid character '<' looking for beginning of value' JSON = '
Followed by HTML for azure sign-in page.
I have redacted the storage account name and resource group, but the value where the subscription id should be is as-is from octo. It appears to be the URL encoded value of
I can confirm that the subscription ID is present in the azure account and the account has been tested through Octo to show it works. It also was working before the upgrade (albeit not run for a couple of weeks before, so open to the idea that the upgrade timing is just coincidental)
Does anyone have any thoughts on what could be the issue?