Deployment failing when releasing changes to a lake database.

Initial deployment of the lake database is successful, but subsequent releases fail with the following message

2022-04-28T22:58:50.1234390Z For artifact: <lakedbname>: Checkstatus: 200; status message: OK
2022-04-28T22:58:50.1236326Z For artifact: <lakedbname>: Artifact Deployment status: Failed
2022-04-28T22:58:50.1242815Z Error during execution: Error: Failed to fetch the deployment status undefined
2022-04-28T22:58:50.1284739Z ##[error]Encountered with exception:Error: Failed to fetch the deployment status undefined

when running github action (GHA) below it "succeeds" if I go to the synapse workspace listed no change is there. Nothing gets processed

Azure/[email protected]
with:
TargetWorkspaceName: prod-synapse-eastus
TemplateFile: ./cp-dev-workspace/TemplateForWorkspace.json
ParametersFile: ./cp-dev-workspace/TemplateParametersForWorkspace.json
environment: Azure Public
resourceGroup: prod-synapse-eastus2
clientId: ***
clientSecret: ***
subscriptionId: ***
tenantId: ***

The only thing that shows in the GHA logs is:
Bundle source : https://web.azuresynapse.net/assets/cmd-api/main.js

I have checked the required fields and nothing seems missing to me. so not sure why I dont get any errors yet dont get any changes

When trying out this action on a test branch where I only added a notebook, the action crashes with the following error:

Stdout: Unexpected error during export template command: {"stack":"Error: ENOENT: no such file or directory, scandir 'synapse/pipeline'","message":"ENOENT: no such file or directory, scandir 'synapse/pipeline'","errno":-2,"code":"ENOENT","syscall":"scandir","path":"synapse/pipeline"}

Stderr: /home/runner/work/Anvil/Anvil/downloads/main.js:336518
          throw ex;
          ^

[Error: ENOENT: no such file or directory, scandir 'synapse/pipeline'] {
  errno: -2,
  code: 'ENOENT',
  syscall: 'scandir',
  path: 'synapse/pipeline'
}

I believe the action should ignore this if the folder doesn't exist.

Hello,

I am trying deploy synapse artifacts using this GitHub Actions but currently getting the following error:

Unable to fetch service principal token, status: 404; status message: Not Found

(node:2160) UnhandledPromiseRejectionWarning: Error
    at Object.<anonymous> (/home/runner/work/_actions/azure/synapse-workspace-deployment/v0.1/dist/index.js:1:147182)
    at step (/home/runner/work/_actions/azure/synapse-workspace-deployment/v0.1/dist/index.js:1:146139)
    at Object.next (/home/runner/work/_actions/azure/synapse-workspace-deployment/v0.1/dist/index.js:1:145424)
    at fulfilled (/home/runner/work/_actions/azure/synapse-workspace-deployment/v0.1/dist/index.js:1:144924)
    at processTicksAndRejections (internal/process/task_queues.js:93:5)
(node:2160) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). (rejection id: 1)
(node:2160) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.

I checked I was getting a valid response back with the same secret values using the following curl request by following this documentation:

curl -X GET -H 'Content-Type: application/x-www-form-urlencoded' \
-d 'grant_type=client_credentials&client_id=<client-id>&resource=<management-resource-endpoint>&client_secret=<application-secret>' \
https://login.microsoftonline.com/<tenantid>/oauth2/token

I've used the following for ADE and RDE values:

• secret.ADE: https://login.microsoftonline.com/<tenantid>/oauth2/token
• secret.RDE: https://management.core.windows.net/

Do you have any ideas on what I am doing wrong??? 😢

My workspace has a user assigned identity defined as credential. The exported template from my development workspace includes the credential, but with a hard-coded resource ID. My second workspace is using a different user assigned identity. This seems to be a bug wrt how the template is generated when publishing the template in the development workspace.

The same is happening for managed private endpoints. Why are these resource IDs not exposed as parameters within the generated template?

Why is the resource ID not parametrized?
Can this be changed in the source workspace, so that the resource ID is exposed as parameter in the template?

Thanks for your help!

For Artifact: SparkJobPipeline: ArtifactDeploymentTask status: 403; status message: Forbidden

According to documentation DeleteArtifactsNotInTemplate should be supported (we would like to have a clean workspace which only contains artifacts from the deployment) but it does not work, see below:

Unexpected input(s) 'DeleteArtifactsNotInTemplate', valid inputs are ['TargetWorkspaceName', 'TemplateFile', 'ParametersFile', 'OverrideArmParameters', 'Environment', 'resourceGroup', 'clientId', 'clientSecret', 'subscriptionId', 'tenantId', 'activeDirectoryEndpointUrl', 'resourceManagerEndpointUrl']

we use the github action as follows (the version is always required which is currently not described in your usage section):

• name: 'Synapse workspace deployment'
  uses: Azure/[email protected]
  with:
  ....
  DeleteArtifactsNotInTemplate: true

Please note the use of Azure US Government cloud.
Near the end of the deployment we see warnings and errors related to unhandled promise rejections.

Our configuration:

        TargetWorkspaceName: '<<REDACTED>>'
        TemplateFile: '<<REDACTED>>'
        ParametersFile: '<<REDACTED>>'
        OverrideArmParameters: '<<REDACTED>>'
        Environment: 'Azure US Government'
        resourceGroup: '<<REDACTED>>'
        clientId: <<REDACTED>>
        clientSecret: <<REDACTED>>
        subscriptionId: <<REDACTED>>
        tenantId: <<REDACTED>>
        DeleteArtifactsNotInTemplate: 'true'
        managedIdentity: 'false'
        operation: 'deploy'

Deployment Log:

Attempting to delete artifacts from workspace, that were not in the template.
Getting Artifacts from workspace: syn-synapse-***-prod.
Able to fetch service principal token: 200; status message: OK
Able to fetch service principal token: 200; status message: OK
Able to fetch service principal token: 200; status message: OK
(node:2676) UnhandledPromiseRejectionWarning: Error: connect ETIMEDOUT 52.126.195.80:443
    at TCPConnectWrap.afterConnect [as on***plete] (net.js:1144:16)
(node:2676) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). To terminate the node process on unhandled promise rejection, use the CLI flag `--unhandled-rejections=strict` (see https://nodejs.org/api/cli.html#cli_unhandled_rejections_mode). (rejection id: 1)
(node:2676) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.
##[debug]Node Action run ***pleted with exit code 0
##[debug]Finishing: Run actions/[email protected]~~~

Upon investigation of the IP address referenced in the log above the following certificate issue is encountered in a web browser:

This server could not prove that it is 52.126.195.80; its security certificate is from graph.aadg.microsoftonline.us. This may be caused by a misconfiguration or an attacker intercepting your connection.

Issue Description: current process sequence of section 'DeleteArtifactsNotInTemplate' in 'orchestrator.ts' file is ahead of deployment. Deployment fail in following scenario:
Step 1: 'Pipline1' has an dataflow activity 'dataflow1', hence 'dataflow1' is calling from 'Pipeline1'. Initial deployment succeed
Step 2: Updated 'Pipeline1' artifact by remove activity 'dataflow1'. Then delete dataflow 'dataflow1' since it is no longer needed
Step 3: Deploy again, it fails, error message is

2022-05-12T17:33:14.9428660Z The document cannot be deleted since it is referenced by Pxxxxxxn.
2022-05-12T17:33:14.9433308Z Error during execution: Error: For Artifact: Bxxxxxxg deletion failed. {"status":"Failed","error":{"code":"DeleteDataFactoryResourceOrchestrationError","message":"The document cannot be deleted since it is referenced by Pxxxxxxn."}}
2022-05-12T17:33:14.9471695Z ##[error]Encountered with exception:Error: For Artifact: Bxxxxxxg deletion failed. {"status":"Failed","error":{"code":"DeleteDataFactoryResourceOrchestrationError","message":"The document cannot be deleted since it is referenced by Pxxxxxxn."}}

Work around: run deployment twice, first time with 'DeleteArtifactsNotInTemplate' set to 'false', and deploy again with 'DeleteArtifactsNotInTemplate' set to 'true'

Suggest Solution: In orchestrator.ts file, move 'DeleteArtifactsNotInTemplate' after deployment

I am using the 'validate' option as part of a DevOps pipeline and the TemplateForWorkspace.json file is missing the reference to the sqlPool in one of the datasets defined. When publishing the end result is the dataset is not properly linked to the dedicated pool and thus none of the synapse pipelines that use that dataset work.

We recently introduced a MPE pointing to a private link service (to a load balancer in front of AKS).
The MPE definition looks like this in git:

{
    "name": "my-mpe",
    "properties": {
        "privateLinkResourceId": "/subscriptions/<mysubscription>/resourceGroups/<my_resourcegroup>/providers/Microsoft.Network/privateLinkServices/<my-private-link-service>",
        "groupId": "",
        "fqdns": [
            "myfqdn.example.com"
        ]
    }
}

When trying to deploy this mpe, I get the error

"StatusCode":400,"Message":"Invalid Request"

I suspect this might be because of parsing/validation of the groupId (which is in fact correct, and needs to be empty)?

While using this action in a workflow with a Client ID and Secret, the getBearer function failed to output the info logs indicating why the promise was rejected. Also, it outputs a string and not an error object, so that the catch in the calling function getParams returns an undefined error.

This problem particularly shows up with a 404 error.

We often face "Artifact Deployment failed: Error: connect ETIMEDOUT 40.113.176.228:443" issue

Workspace deployment fails on trigger that contains a filepath with double backslash (i.e. \domain.gov\folder\path).

Any documentation on how to use this repo would be great.

I am trying to do a simple clone/redeploy from my existing Synapse Workspace to a new Synapse Workspace, this repo seems to fit but there is minimal documentation.

Hello,

when we deploy the to the test Synapse Enviroment and some Trigger are activ we getting this Error:

WorkspaceType:] Job was submitted with resources=[24] when the compute has a capacity of=[12]

We need to aktivate some off the definied Triggers from the Develop Enviroment.
For Deployment we are using the mater Branch.

Hi,

We have a scenario where we do not want to deploy Development MPEs into different (Test/Prod) as they point to different resources. However, we also do not want to leave orphaned objects in the target that are not in the deployment.

The following settings remove the MPEs and the orphaned objects not in the build.

DeleteArtifactsNotInTemplate: true
DeployManagedPrivateEndpoints: false

The following settings deploy the Development MPEs to Test/Prod which isn't relevant and also removes the existing MPEs and orphaned objects that are not in the build.

DeleteArtifactsNotInTemplate: true
DeployManagedPrivateEndpoints: true

Removing the settings and allowing for the default ignores the MPEs but leaves in place the orphaned objects that are not in the build.

I need this task to

Remove the orphaned objects that are not in the build and leave the MPEs alone that already exist in Test/Prod and not deploy the development MPEs.

Could you please look into the issue?

Thanks

Toby.

Deployment of Synapse using ARM template and any branch as well is throwing following error message. Seems like deployment of managed endpoints is removing fqdns:

https://github.com/Azure/Synapse-workspace-deployment/blob/98870e90fc595f6b81b0f1e99de6851821f821bd/build_and_deploy/clients/artifacts_client.ts

It seems that there is a line of code that removes fqdns from payload. Lines 296-297.

if(payLoadJson["properties"].hasOwnProperty("fqdns")){
delete payLoadJson["properties"]["fqdns"];
}

I would say that this causes an error.

2023-02-16T09:06:44.7244414Z For Artifact: privateLS-onpremSqlServer: Deploy artifact failed: {"error":{"code":"UnknownError","message":"{"CorrelationId":"","StatusCode":400,"Message":"Invalid Request: Message=Invalid payload received. FQDN needs to be specified for the private endpoint targeting Private Link Service: /subscriptions/SUBS_ID/resourceGroups/RESOURCE_GROUP_NAME/providers/Microsoft.Network/privateLinkServices/PRIVATE_LINK_SERVICE_NAME.","ExceptionDetail":"Microsoft.Analytics.Clusters.Common.ClusterServiceException: Invalid payload received. FQDN needs to be specified for the private endpoint targeting Private Link Service: /subscriptions/SUBS_ID/resourceGroups/RESOURCE_GROUP_NAME/providers/Microsoft.Network/privateLinkServices/PRIVATE_LINK_SERVICE_NAME.\r\n ---> System.ArgumentException: FQDN needs to be specified for the private endpoint targeting Private Link Service: /subscriptions/SUBS_ID/resourceGroups/RESOURCE_GROUP_NAME/providers/Microsoft.Network/privateLinkServices/PRIVATE_LINK_SERVICE_NAME.\r\n at Microsoft.Analytics.Clusters.Services.NetworkService.Contract.PrivateEndpointRequestExtensions.Validate(PrivateEndpointRequest request, IServiceConfiguration conf, ILog logger) in C:\\__w\\1\\s\\Services\\NetworkService\\Service\\PrivateEndpointRequestExtensions.cs:line 118\r\n at Microsoft.Analytics.Clusters.Services.NetworkService.StatefulBE.Controllers.NetworkController.AddPrivateEndpointAsync(String clientId, String privateEndpointReferenceName, PrivateEndpointRequest request) in C:\\__w\\1\\s\\Services\\NetworkService\\NetworkServiceBE\\Controllers\\NetworkController.cs:line 295\r\n --- End of inner exception stack trace ---\r\n at Microsoft.Analytics.Clusters.Services.NetworkService.StatefulBE.Controllers.NetworkController.AddPrivateEndpointAsync(String clientId, String privateEndpointReferenceName, PrivateEndpointRequest request) in C:\\__w\\1\\s\\Services\\NetworkService\\NetworkServiceBE\\Controllers\\NetworkController.cs:line 295\r\n at lambda_method(Closure , Object )\r\n at Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.AwaitableObjectResultExecutor.Execute(IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments)\r\n at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.g__Awaited|12_0(ControllerActionInvoker invoker, ValueTask`1 actionResultValueTask)\r\n at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.g__Awaited|10_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)\r\n at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Rethrow(ActionExecutedContextSealed context)\r\n at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)\r\n at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.InvokeInnerFilterAsync()\r\n--- End of stack trace from previous location where exception was thrown ---\r\n at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.g__Awaited|24_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)\r\n at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Rethrow(ResourceExecutedContextSealed context)\r\n at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)\r\n at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.InvokeFilterPipelineAsync()\r\n--- End of stack trace from previous location where exception was thrown ---\r\n at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.g__Awaited|17_0(ResourceInvoker invoker, Task task, IDisposable scope)\r\n at Microsoft.AspNetCore.Routing.EndpointMiddleware.g__AwaitRequestTask|6_0(Endpoint endpoint, Task requestTask, ILogger logger)\r\n at Microsoft.Analytics.Clusters.Services.NetworkService.StatefulBE.ActivePartitionInstanceMiddleware.InvokeAsync(HttpContext context) in C:\\__w\\1\\s\\Services\\NetworkService\\NetworkServiceBE\\ActivePartitionInstanceMiddleware.cs:line 90\r\n at Microsoft.AspNetCore.Builder.UseMiddlewareExtensions.<>c__DisplayClass5_1.<b__1>d.MoveNext()\r\n--- End of stack trace from previous location where exception was thrown ---\r\n at Microsoft.Analytics.Clusters.Common.Web.ServiceFabricResourceNotFoundMiddleware.InvokeAsync(HttpContext httpContext) in C:\\__w\\1\\s\\Shared\\Web\\ServiceFabricResourceNotFoundMiddleware.cs:line 50\r\n at Microsoft.Analytics.Clusters.Common.Web.ExceptionMiddleware.InvokeAsync(HttpContext httpContext) in C:\\__w\\1\\s\\Shared\\Web\\ExceptionMiddleware.cs:line 57","ErrorType":"InvalidRequest","ErrorNumber":2190,"ErrorOn":"2023-02-16T09:06:44.7024062+00:00"}"}}

There are important files that Microsoft projects should all have that are not present in this repository. A pull request has been opened to add the missing file(s). When the pr is merged this issue will be closed automatically.

Microsoft teams can learn more about this effort and share feedback within the open source guidance available internally.

Merge this pull request

The README isn't very clear on the exact usage of validateDeploy operations when you also want to replace parameters.

• In that case you shouldn't use the ParametersFile parameter on the action, but the OverrideArmParameters parameter.
• Also, it is not obvious that ArtifactsFolder should be set to $GITHUB_WORKSPACE.

Full sample for this:

name: ValidateAndDeploy

on:
workflow_dispatch

jobs:
release:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2

    - uses: Azure/[email protected]
      with:
        TargetWorkspaceName: 'synapse-tryout-prod'
        ArtifactsFolder: '$GITHUB_WORKSPACE'
        environment: 'Azure Public'
        resourceGroup: 'synapse-tryout'
        clientId: ${{ secrets.CLIENTID }}
        clientSecret: ${{ secrets.CLIENTSECRET }}
        subscriptionId: ${{ secrets.SUBID }}
        tenantId: ${{ secrets.TENANTID }}
        operation: 'validateDeploy'
        OverrideArmParameters: 'myparams.yml'

    - uses: actions/upload-artifact@v3
      with:
        name: my-artifact
        path: ./ExportedArtifacts

Additionally, add to the README a sample on 2 step deploy, where validate is run first and then deploy:

name: ValidateAndDeploy2Steps

on:
workflow_dispatch

jobs:
release:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2

    - uses: Azure/[email protected]
      with:
        TargetWorkspaceName: 'synapse-tryout-prod'
        ArtifactsFolder: '$GITHUB_WORKSPACE'
        operation: 'validate'

    - uses: Azure/[email protected]
      with:
        TargetWorkspaceName: 'synapse-tryout-prod'
        TemplateFile: './ExportedArtifacts/TemplateForWorkspace.json'
        ParametersFile: './myparams.json'
        environment: 'Azure Public'
        resourceGroup: 'synapse-tryout'
        clientId: ${{ secrets.CLIENTID }}
        clientSecret: ${{ secrets.CLIENTSECRET }}
        subscriptionId: ${{ secrets.SUBID }}
        tenantId: ${{ secrets.TENANTID }}
        operation: 'deploy'

    - uses: actions/upload-artifact@v3
      with:
        name: my-artifact
        path: ./ExportedArtifacts

There is an active issue that was opened on MicrosoftDocs/azure-docs#95661
I think it is relevant to open it here. It is well explained so I just copy/paste here

We have a scenario where we do not want to deploy Development Managed Private Endpoint (MPEs) into different (Test/Prod) as they point to different resources. However, we also do not want to leave orphaned objects in the target that are not in the deployment.

The following settings remove the MPEs and the orphaned objects not in the build.

DeleteArtifactsNotInTemplate: true
DeployManagedPrivateEndpoints: false

The following settings deploy the Development MPEs to Test/Prod which isn't relevant and also removes the existing MPEs and orphaned objects that are not in the build.

DeleteArtifactsNotInTemplate: true
DeployManagedPrivateEndpoints: true

Removing the settings and allowing for the default ignores the MPEs but leaves in place the orphaned objects that are not in the build.

I need this task to
Remove the orphaned objects that are not in the build and leave the MPEs alone that already exist in Test/Prod and not deploy the development MPEs.

Getting a message when using the action:

Node.js 12 actions are deprecated. Please update the following actions to use Node.js 16: Azure/[email protected]. For more information see: https://github.blog/changelog/2022-09-22-github-actions-all-actions-will-begin-running-on-node16-instead-of-node12/.

Validate step is throwing strange error that I have not seen before and I haven't change to action file for a while.

• name: Validate synapse workspace
  uses: Azure/[email protected]
  with:
  TargetWorkspaceName: ${{ inputs.workspace_name }}
  ArtifactsFolder: ${{ inputs.artifacts_folder }}
  operation: 'validate'

Error:
ERROR === CmdApiApp: Failed to export Synapse template. Error: {"stack":"Error: Failed to generate ARM template. One or more resources are bad, fix them and retry the operation again., resource name: [object Object]\n

Thanks for this projects. It is not clear what are the dependencies to run this project. For e.g:

• Can this run without Azure DevOps project and only using Github actions? If yes, how?
• is there any sample template and parameters file to configure this pipeline? I could not see any.

Thanks
CK

This is a blocking issue in adoption of this since we are supposed to be only using WIF for all our service connections.

Not supporting WIF on means this is seen as a security issue.

Is there any plan to support OIDC login?

This is beneficial as it would allow us to move away from having to store and rotate secrets for authentication.

This could be achieved by using the authentication provided by the azure/login@v2 step https://github.com/Azure/login?tab=readme-ov-file#login-with-openid-connect-oidc-recommended

Thanks

Node 16 is end of life in GitHub Actions. As of Spring 2024, Node 20 will be available in GitHub actions.

This tasks should support Node 20.

An error occurs with this task when using Node 20:

Run azure/[email protected]
  with:
    TargetWorkspaceName: MASK
    ArtifactsFolder: MASK
    resourceGroup: MASK
    operation: validate
    deployManagedPrivateEndpoint: true
    DeleteArtifactsNotInTemplate: false
Bundle source : https://web.azuresynapse.net/assets/cmd-api/main.js
Downloading asset file
Asset file downloaded at : MASK/downloads/main.js
Starting export operation
Executing shell command
Command : node MASK/main.js export "MASK" MASK ExportedArtifacts
Stderr: node:internal/errors:541
      throw error;
      ^

TypeError [ERR_INVALID_ARG_TYPE]: The "this" argument must be an instance of Performance. Received an instance of Object
    at Module.now (node:internal/perf/performance:1[3](MASK#step:4:3)5:5)
    at new Window (MASK/downloads/main.js:396355:[4](MASK#step:4:4)1)
    at exports.createWindow (MASK/downloads/main.js:396210:10)
    at new JSDOM (MASK/downloads/main.js:39[5](MASK#step:4:5)879:20)
    at MASK/downloads/main.js:[6](MASK#step:4:6)57320:21
    at MASK/downloads/main.js:65[7](MASK#step:4:7)324:3
    at Object.<anonymous> (MASK/downloads/main.js:657413:12)
    at Module._compile (node:internal/modules/cjs/loader:136[9](MASK#step:4:10):14)
    at Module._extensions..js (node:internal/modules/cjs/loader:1427:[10](MASK#step:4:11))
    at Module.load (node:internal/modules/cjs/loader:1206:32) {
  code: 'ERR_INVALID_ARG_TYPE'
}

Node.js v20.12.2

Shell execution failed.
Action failed -> Error

Hey team,

I'm experiencing an issue where promotion fails intermittently when using datalake tables. 14 of my past 25 deployment attempts have failed. This issue does not seem to be correlated to changes in the datalake tables themselves.

Error:
For artifact: temp: Checkstatus: 200; status message: OK
Action failed -> Error: Orchestrate failed - Error: Artifiact deployment validation failed

Unfortunately the Orchestrate error does not populate an error to usefully debug. Also minor fix: Artifact is spelled wrong in check status function.

Please let me know what additional information I can provide.

Using operation 'validateDeploy' the action does not give a warning or error if the override arm parameter file specified is not found.

Instead the Action completes reporting successful, but has not picked up the overrides and deployed with the source workspaces settings.

It would be better if action could give a warning like it does when it can't locate the template-parameters-definiton.json file, so it is clear to the user it did not find the OverrideArmParameter file specified.

DeleteArtifactsNotInTemplate: 'true' also deletes Managed Private Endpoints which are never in the template as each workspace has a unique set. Each Managed Private Endpoint then needs to be recreated manually and approved.

Additionally, if DeleteArtifactsNotInTemplate runs on a Managed Private Endpoint in Resource Group with Delete Lock on the RG, the Managed Private Endpoints do not get deleted but change provisioning status to "Failed" instead. The result is such that testing Linked Service connection that uses such endpoint succeeds, but authorization fails.

Please provide an option to specify which Artifact types are to be included or excluded from the DeleteArtifactsNotInTemplate toggle, or better yet, exclude any such Artifact types which are never included in the template.

This is last tested using Azure/[email protected] on 23/09/2023

We use the Azure DevOps version of this task - is the underlying core code the same and are there plans to open source it?

I am thinking about contributing here but since we don't use the Github actions version of this, we wouldn't be able to test and these changes wouldn't benefit us.

Specific things we want to add:

• Incremental deployment
• Support for OIDC (and thus Workload identity federation)

Two different error messages received from executing the workflow. When managedIdentity is set to true, we get the message below. The workflow completes successfully but none of the resources show up in the target Synapse workspace.

When managedIdentity is set to false, this message appears and the workflow has "Failed":

Please suggest. Thanks

Any plans to support Azure authentication with OIDC?
GitHub OIDC Azure Login

Using git hub action Azure/[email protected]

Created a pipeline with a 3 web activities

1. Web activity with a specified url in main pipeline
2. Web activity within a until activity with a specified url
3. Web activity within a foreach activity with a specified url
4. Validated the workspace successfully.
5. Used the action with operation: 'validateDeploy' with a specified workspace git branch holding the new pipeline.

Once completed successfully no errors on deployment reported.

6. Went to destination workspace in Synapse studio and hit validate all.
7. The pipeline deployed however:
   2 errors reported 'Please specify and expression' relating to the 2 web activities in until and foreach loops.
8. On inspection of the activities the url's in settings have not been deployed and are blank.

Note: the web activity (step 1) outside of the loops in the main pipleline validates ok and has not lost the url

Error is any web activity within an until or foreach deployed loses the url on deployment to the target workspace.

for linked service property:
when having a string in workspace (screenshot 1) , and in git (branch) it is still a string (screenshot 2), it gets deployed as an int in the deployed workspace (screenshot 3).
i have a workaround in place (screenshot 4), but it should not be required ofcourse.

1. synapse workspace
   

2. git branch
   

3. after deployment using this devops task, it is passed as an integer, and the linkedservice shows an error (in this case, defaulting back to api version 45.0)
   

4. i am using this current workaround now to force it as a string:
   

We're seeing the following error during deployment when we don't disable all triggers on the deployment target:

Action failed -> Error: Orchestrate failed - Error: Failed to fetch the deployment status {"code":"TriggerEnabledCannotUpdate","message":"Cannot update enabled Trigger; the trigger needs to be disabled first. "}

We're told that the ADO version of this same action doesn't require triggers to be turned off at the target. Are we doing something incorrectly or is this an issue with this GitHub Action?

Action is rendering empty templates when using the validate operation.

When using code and workflows from the following repo: https://github.com/cmendible/azure_synapse_notebook_tests

And using the validate operation:

- name: Validate
        uses: Azure/[email protected]
        with:
          TargetWorkspaceName: "cfmcfm"
          operation: "validate"

      - name: Upload Artifacts
        uses: actions/upload-artifact@v3
        with:
          name: synapse-artifacts
          path: ./ExportedArtifacts

The resulting template and parameter files are empty.

Seems there is an issue parsing the resource types. This is a sample output from the worflow logs:

Stdout:  WARNING === ModelService: synchronizeInternal - Failed to find model for the resource, ignoring this resource. Error: {"stack":"Error: Not able to find model for type - ipeline and subType - undefined\n    at Function.ModelFetchUtils.getModelByResourceType (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:266506:15)\n    at ModelService.<anonymous> (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:166824:140)\n    at step (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:412979:17)\n    at Object.next (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:412910:14)\n    at /home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:4128[83](https://github.com/cmendible/azure_synapse_notebook_tests/actions/runs/3378540806/jobs/5608878580#step:3:84):67\n    at new Promise (<anonymous>)\n    at __awaiter (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:412862:10)\n    at ModelService._createAndFetchEntities (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:166787:65)\n    at ModelService.<anonymous> (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:166781:44)\n    at step (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:412979:17)","message":"Not able to find model for type - ipeline and subType - undefined"}

Stdout:  WARNING === ModelService: synchronizeInternal - Failed to find model for the resource, ignoring this resource. Error: {"stack":"Error: Not able to find model for type - inkedService and subType - undefined\n    at Function.ModelFetchUtils.getModelByResourceType (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:266506:15)\n    at ModelService.<anonymous> (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:166824:140)\n    at step (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:412979:17)\n    at Object.next (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:412910:14)\n    at /home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:412883:67\n    at new Promise (<anonymous>)\n    at __awaiter (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:412[86](https://github.com/cmendible/azure_synapse_notebook_tests/actions/runs/3378540806/jobs/5608878580#step:3:87)2:10)\n    at ModelService._createAndFetchEntities (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:166787:65)\n    at ModelService.<anonymous> (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:166781:44)\n    at step (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:412979:17)","message":"Not able to find model for type - inkedService and subType - undefined"}

Stdout:  WARNING === ModelService: synchronizeInternal - Failed to find model for the resource, ignoring this resource. Error: {"stack":"Error: Not able to find model for type - inkedService and subType - undefined\n    at Function.ModelFetchUtils.getModelByResourceType (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:266506:15)\n    at ModelService.<anonymous> (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:166824:140)\n    at step (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:412979:17)\n    at Object.next (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:412910:14)\n    at /home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:412883:67\n    at new Promise (<anonymous>)\n    at __awaiter (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:412862:10)\n    at ModelService._createAndFetchEntities (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:1667[87](https://github.com/cmendible/azure_synapse_notebook_tests/actions/runs/3378540806/jobs/5608878580#step:3:88):65)\n    at ModelService.<anonymous> (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:166781:44)\n    at step (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:412979:17)","message":"Not able to find model for type - inkedService and subType - undefined"}

Stdout:  WARNING === ModelService: synchronizeInternal - Failed to find model for the resource, ignoring this resource. Error: {"stack":"Error: Not able to find model for type - ntegrationRuntime and subType - undefined\n    at Function.ModelFetchUtils.getModelByResourceType (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:266506:15)\n    at ModelService.<anonymous> (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:166824:140)\n    at step (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:412979:17)\n    at Object.next (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:412910:14)\n    at /home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:412[88](https://github.com/cmendible/azure_synapse_notebook_tests/actions/runs/3378540806/jobs/5608878580#step:3:89)3:67\n    at new Promise (<anonymous>)\n    at __awaiter (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:412862:10)\n    at ModelService._createAndFetchEntities (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:166787:65)\n    at ModelService.<anonymous> (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:166781:44)\n    at step (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:412979:17)","message":"Not able to find model for type - ntegrationRuntime and subType - undefined"}

Stdout:  WARNING === ModelService: synchronizeInternal - Failed to find model for the resource, ignoring this resource. Error: {"stack":"Error: Not able to find model for type - redential and subType - undefined\n    at Function.ModelFetchUtils.getModelByResourceType (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:266506:15)\n    at ModelService.<anonymous> (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:166824:140)\n    at step (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:412979:17)\n    at Object.next (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:412910:14)\n    at /home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:412883:67\n    at new Promise (<anonymous>)\n    at __awaiter (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:412862:10)\n    at ModelService._createAndFetchEntities (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:166787:65)\n    at ModelService.<anonymous> (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:166781:44)\n    at step (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:412979:17)","message":"Not able to find model for type - redential and subType - undefined"}

Stdout:  WARNING === ModelService: synchronizeInternal - Failed to find model for the resource, ignoring this resource. Error: {"stack":"Error: Not able to find model for type - otebook and subType - undefined\n    at Function.ModelFetchUtils.getModelByResourceType (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:266506:15)\n    at ModelService.<anonymous> (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:166824:140)\n    at step (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:412979:17)\n    at Object.next (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:412[91](https://github.com/cmendible/azure_synapse_notebook_tests/actions/runs/3378540806/jobs/5608878580#step:3:92)0:14)\n    at /home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:412883:67\n    at new Promise (<anonymous>)\n    at __awaiter (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:412862:10)\n    at ModelService._createAndFetchEntities (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:166787:65)\n    at ModelService.<anonymous> (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:166781:44)\n    at step (/home/runner/work/azure_synapse_notebook_tests/azure_synapse_notebook_tests/downloads/main.js:412979:17)","message":"Not able to find model for type - otebook and subType - undefined"}

all of a sudden we get a this error while deploying our synapse workspace: Encountered with exception:Failed
it seems like a timeout issue while getting artifacts from the workspace, in order to determine the objects to delete.

we have this checkbox checked: : Delete Artifacts Not In Template

error log:

Getting Artifacts from workspace: syn-xxxxxx-acc.
2022-11-04T09:35:31.6963870Z Failed to fetch artifacts from workspace:  Error: Request timeout: /databases?api-version=2019-06-01-preview
2022-11-04T09:35:31.6965497Z     at ClientRequest.req.setTimeout (D:\a\_tasks\Synapse workspace deployment_51060321-a461-4140-9787-xxxxxxxxxx\2.3.0\node_modules\typed-rest-client\HttpClient.js:324:26)
2022-11-04T09:35:31.6966289Z     at Object.onceWrapper (events.js:286:20)
2022-11-04T09:35:31.6966836Z     at ClientRequest.emit (events.js:198:13)
2022-11-04T09:35:31.6967348Z     at TLSSocket.emitRequestTimeout (_http_client.js:673:40)
2022-11-04T09:35:31.6968255Z     at Object.onceWrapper (events.js:286:20)
2022-11-04T09:35:31.6968743Z     at TLSSocket.emit (events.js:198:13)
2022-11-04T09:35:31.6969232Z     at TLSSocket.Socket._onTimeout (net.js:443:8)
2022-11-04T09:35:31.6969685Z     at ontimeout (timers.js:436:11)
2022-11-04T09:35:31.6970168Z     at tryOnTimeout (timers.js:300:5)
2022-11-04T09:35:31.6970625Z     at listOnTimeout (timers.js:263:5)
2022-11-04T09:35:31.6971126Z deploy operation failed
2022-11-04T09:35:31.6971532Z An error occurred during execution: Failed
2022-11-04T09:35:31.7016579Z ##[error]Encountered with exception:Failed
2022-11-04T09:35:31.7112398Z ##[section]Finishing: Deploy Synapse Workspace V2

This started popping up for AzureSynapseWorkspace.synapsecicd-deploy.synapse-deploy.Synapse workspace deployment@2:

2022-05-25T18:18:41.8937652Z Starting deploy operation
2022-05-25T18:18:41.8942296Z deploy operation failed
2022-05-25T18:18:41.8944754Z An error occurred during execution: Error: Failed to fetch ARM parameters: Error: Input required: AzureResourceManagerConnection
2022-05-25T18:18:41.8945904Z ##[debug]task result: Failed
2022-05-25T18:18:41.8973480Z ##[error]Encountered with exception:Error: Failed to fetch ARM parameters: Error: Input required: AzureResourceManagerConnection
2022-05-25T18:18:41.8988761Z ##[debug]Processed: ##vso[task.issue type=error;]Encountered with exception:Error: Failed to fetch ARM parameters: Error: Input required: AzureResourceManagerConnection
2022-05-25T18:18:41.8991136Z ##[debug]Processed: ##vso[task.complete result=Failed;]Encountered with exception:Error: Failed to fetch ARM parameters: Error: Input required: AzureResourceManagerConnection

Missing action input for "DeleteArtifactsNotInTemplate":
const deleteArtifactsNotInTemplateString = core.getInput("DeleteArtifactsNotInTemplate");

Warning: Unexpected input(s) 'DeleteArtifactsNotInTemplate', valid inputs are ['TargetWorkspaceName', 'TemplateFile', 'ParametersFile', 'OverrideArmParameters', 'Environment', 'resourceGroup', 'clientId', 'clientSecret', 'subscriptionId', 'tenantId', 'activeDirectoryEndpointUrl', 'resourceManagerEndpointUrl']