Move to uv #594
Closed
Move to uv #594
GitHub Actions / Test Results
failed
Aug 13, 2025 in 0s
9 errors, 1 fail, 35 skipped, 273 pass in 10m 34s
Annotations
Check failure on line 0 in azure-kusto-ingest.tests.test_e2e_ingest.TestE2E
github-actions / Test Results
1 out of 5 runs with error: test_json_ingest_existing_table (azure-kusto-ingest.tests.test_e2e_ingest.TestE2E)
artifacts/Unit Test Results (Python 3.10)/pytest.xml [took 8s]
Raw output
failed on setup with "azure.kusto.data.exceptions.KustoAuthenticationError: KustoAuthenticationError('AzureIdentityTokenProvider', 'ClientAuthenticationError("DefaultAzureCredential failed to retrieve a token from the included credentials.\nAttempted credentials:\n\tEnvironmentCredential: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.\nVisit https://aka.ms/azsdk/python/identity/environmentcredential/troubleshoot to troubleshoot this issue.\n\tWorkloadIdentityCredential: WorkloadIdentityCredential authentication unavailable. The workload options are not fully configured. See the troubleshooting guide for more information: https://aka.ms/azsdk/python/identity/workloadidentitycredential/troubleshoot. Missing required arguments: 'tenant_id', 'client_id', 'token_file_path'.\n\tManagedIdentityCredential: ManagedIdentityCredential authentication unavailable, no response from the IMDS endpoint. invalid_request\n\tSharedTokenCacheCredential: SharedTokenCacheCredential authentication unavailable. No accounts were found in the cache.\n\tVisualStudioCodeCredential: VisualStudioCodeCredential requires the 'azure-identity-broker' package to be installed. You must also ensure you have the Azure Resources extension installed and have signed in to Azure via Visual Studio Code.\n\tAzureCliCredential: ERROR: AADSTS700213: No matching federated identity record found for presented assertion subject 'repo:Azure/azure-kusto-python:pull_request'. Check your federated identity credential Subject, Audience and Issuer against the presented assertion. https://learn.microsoft.com/entra/workload-id/workload-identity-federation Trace ID: 7df80b1f-de01-4505-93a3-d5ac6ff01800 Correlation ID: 07f58a1a-1630-4f28-8458-3789bd32b268 Timestamp: 2025-08-13 07:22:43Z\nInteractive authentication is needed. Please run:\naz login\n\n\tAzurePowerShellCredential: Az.Account module >= 2.2.0 is not installed\n\tAzureDeveloperCliCredential: Azure Developer CLI could not be found. Please visit https://aka.ms/azure-dev for installation instructions and then,once installed, authenticate to your Azure account using 'azd auth login'.\n\tInteractiveBrowserCredential: Failed to open a browser\n\tBrokerCredential: InteractiveBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication.\nTo mitigate this issue, please refer to the troubleshooting guidelines here at https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot.")', '{'credential': <azure.identity._credentials.default.DefaultAzureCredential object at 0x7f13a9216200>, 'kusto_uri': 'https://sdkse2etestppe.westus2.kusto.windows.net'}')"
self = <azure.kusto.data.security._AadHelper object at 0x7f13a96324d0>
def acquire_authorization_header(self):
try:
> return _get_header_from_dict(self.token_provider.get_token())
azure-kusto-data/azure/kusto/data/security.py:82:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
azure-kusto-data/azure/kusto/data/_token_providers.py:164: in get_token
return _get_token()
.venv/lib/python3.10/site-packages/azure/core/tracing/decorator.py:119: in wrapper_use_tracer
return func(*args, **kwargs)
azure-kusto-data/azure/kusto/data/_token_providers.py:161: in _get_token
token = MonitoredActivity.invoke(self._get_token_impl, name_of_span=f"{self.name()}.get_token_impl", tracing_attributes=self.context())
azure-kusto-data/azure/kusto/data/_telemetry.py:116: in invoke
return span()
.venv/lib/python3.10/site-packages/azure/core/tracing/decorator.py:119: in wrapper_use_tracer
return func(*args, **kwargs)
azure-kusto-data/azure/kusto/data/_token_providers.py:677: in _get_token_impl
t = self.credential.get_token(self._scopes[0])
.venv/lib/python3.10/site-packages/azure/identity/_credentials/default.py:336: in get_token
token = super().get_token(*scopes, claims=claims, tenant_id=tenant_id, **kwargs)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <azure.identity._credentials.default.DefaultAzureCredential object at 0x7f13a9216200>
claims = None, tenant_id = None, enable_cae = False
scopes = ('https://kusto.kusto.windows.net/.default',), kwargs = {}
history = [(<azure.identity._credentials.environment.EnvironmentCredential object at 0x7f13a9215d80>, 'EnvironmentCredential aut...458-3789bd32b268 Timestamp: 2025-08-13 07:22:43Z\nInteractive authentication is needed. Please run:\naz login\n"), ...]
credential = <azure.identity._credentials.broker.BrokerCredential object at 0x7f13a9632fb0>
attempts = "\nAttempted credentials:\n\tEnvironmentCredential: EnvironmentCredential authentication unavailable. Environment vari...veBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication."
def get_token(
self,
*scopes: str,
claims: Optional[str] = None,
tenant_id: Optional[str] = None,
enable_cae: bool = False,
**kwargs: Any,
) -> AccessToken:
"""Request a token from each chained credential, in order, returning the first token received.
If no credential provides a token, raises :class:`azure.core.exceptions.ClientAuthenticationError`
with an error message from each credential.
This method is called automatically by Azure SDK clients.
:param str scopes: desired scopes for the access token. This method requires at least one scope.
For more information about scopes, see
https://learn.microsoft.com/entra/identity-platform/scopes-oidc.
:keyword str claims: additional claims required in the token, such as those returned in a resource provider's
claims challenge following an authorization failure.
:keyword str tenant_id: optional tenant to include in the token request.
:keyword bool enable_cae: indicates whether to enable Continuous Access Evaluation (CAE) for the requested
token. Defaults to False.
:return: An access token with the desired scopes.
:rtype: ~azure.core.credentials.AccessToken
:raises ~azure.core.exceptions.ClientAuthenticationError: no credential in the chain provided a token
"""
within_credential_chain.set(True)
history = []
for credential in self.credentials:
try:
# Prioritize "get_token". Fall back to "get_token_info" if not available.
if hasattr(credential, "get_token"):
token = cast(TokenCredential, credential).get_token(
*scopes, claims=claims, tenant_id=tenant_id, enable_cae=enable_cae, **kwargs
)
else:
options: TokenRequestOptions = {}
if claims:
options["claims"] = claims
if tenant_id:
options["tenant_id"] = tenant_id
options["enable_cae"] = enable_cae
token_info = cast(SupportsTokenInfo, credential).get_token_info(*scopes, options=options)
token = AccessToken(token_info.token, token_info.expires_on)
_LOGGER.info("%s acquired a token from %s", self.__class__.__name__, credential.__class__.__name__)
self._successful_credential = credential
within_credential_chain.set(False)
return token
except CredentialUnavailableError as ex:
# credential didn't attempt authentication because it lacks required data or state -> continue
history.append((credential, ex.message))
except Exception as ex: # pylint: disable=broad-except
# credential failed to authenticate, or something unexpectedly raised -> break
history.append((credential, str(ex)))
_LOGGER.debug(
'%s.get_token failed: %s raised unexpected error "%s"',
self.__class__.__name__,
credential.__class__.__name__,
ex,
exc_info=True,
)
break
within_credential_chain.set(False)
attempts = _get_error_message(history)
message = (
self.__class__.__name__
+ " failed to retrieve a token from the included credentials."
+ attempts
+ "\nTo mitigate this issue, please refer to the troubleshooting guidelines here at "
"https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot."
)
_LOGGER.warning(message)
> raise ClientAuthenticationError(message=message)
E azure.core.exceptions.ClientAuthenticationError: DefaultAzureCredential failed to retrieve a token from the included credentials.
E Attempted credentials:
E EnvironmentCredential: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.
E Visit https://aka.ms/azsdk/python/identity/environmentcredential/troubleshoot to troubleshoot this issue.
E WorkloadIdentityCredential: WorkloadIdentityCredential authentication unavailable. The workload options are not fully configured. See the troubleshooting guide for more information: https://aka.ms/azsdk/python/identity/workloadidentitycredential/troubleshoot. Missing required arguments: 'tenant_id', 'client_id', 'token_file_path'.
E ManagedIdentityCredential: ManagedIdentityCredential authentication unavailable, no response from the IMDS endpoint. invalid_request
E SharedTokenCacheCredential: SharedTokenCacheCredential authentication unavailable. No accounts were found in the cache.
E VisualStudioCodeCredential: VisualStudioCodeCredential requires the 'azure-identity-broker' package to be installed. You must also ensure you have the Azure Resources extension installed and have signed in to Azure via Visual Studio Code.
E AzureCliCredential: ERROR: AADSTS700213: No matching federated identity record found for presented assertion subject 'repo:Azure/azure-kusto-python:pull_request'. Check your federated identity credential Subject, Audience and Issuer against the presented assertion. https://learn.microsoft.com/entra/workload-id/workload-identity-federation Trace ID: 7df80b1f-de01-4505-93a3-d5ac6ff01800 Correlation ID: 07f58a1a-1630-4f28-8458-3789bd32b268 Timestamp: 2025-08-13 07:22:43Z
E Interactive authentication is needed. Please run:
E az login
E
E AzurePowerShellCredential: Az.Account module >= 2.2.0 is not installed
E AzureDeveloperCliCredential: Azure Developer CLI could not be found. Please visit https://aka.ms/azure-dev for installation instructions and then,once installed, authenticate to your Azure account using 'azd auth login'.
E InteractiveBrowserCredential: Failed to open a browser
E BrokerCredential: InteractiveBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication.
E To mitigate this issue, please refer to the troubleshooting guidelines here at https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot.
.venv/lib/python3.10/site-packages/azure/identity/_credentials/chained.py:159: ClientAuthenticationError
During handling of the above exception, another exception occurred:
cls = <class 'azure-kusto-ingest.tests.test_e2e_ingest.TestE2E'>
@classmethod
def setup_class(cls):
# DM CS can be composed from engine CS
cls.engine_cs = get_env("ENGINE_CONNECTION_STRING")
cls.dm_cs = get_env("DM_CONNECTION_STRING", default=cls.engine_cs.replace("//", "//ingest-"))
# Called to set the env variables for the default azure credentials
prepare_app_key_auth(optional=True)
cls.test_db = get_env("TEST_DATABASE")
cls.test_blob = get_env("TEST_BLOB", optional=True)
cls.cred = lambda: DefaultAzureCredential(exclude_interactive_browser_credential=False)
# Async credentials don't support interactive browser authentication for now, so until they do, we'll use the sync default credential for async tests
cls.async_cred = lambda: DefaultAzureCredential(exclude_interactive_browser_credential=False)
# Init clients
python_version = "_".join([str(v) for v in sys.version_info[:3]])
cls.test_table = "python_test_{0}_{1}_{2}".format(python_version, str(int(time.time())), random.randint(1, 100000))
cls.client = KustoClient(cls.engine_kcsb_from_env())
cls.ingest_client = QueuedIngestClient(cls.dm_kcsb_from_env())
cls.streaming_ingest_client = KustoStreamingIngestClient(cls.engine_kcsb_from_env())
cls.managed_streaming_ingest_client = ManagedStreamingIngestClient(cls.engine_kcsb_from_env(), cls.dm_kcsb_from_env())
cls.input_folder_path = cls.get_file_path()
cls.csv_file_path = os.path.join(cls.input_folder_path, "dataset.csv")
cls.tsv_file_path = os.path.join(cls.input_folder_path, "dataset.tsv")
cls.zipped_csv_file_path = os.path.join(cls.input_folder_path, "dataset.csv.gz")
cls.json_file_path = os.path.join(cls.input_folder_path, "dataset.json")
cls.zipped_json_file_path = os.path.join(cls.input_folder_path, "dataset.jsonz.gz")
cls.current_count = 0
> cls.client.execute(
cls.test_db,
f".create table {cls.test_table} (rownumber: int, rowguid: string, xdouble: real, xfloat: real, xbool: bool, xint16: int, xint32: int, xint64: long, xuint8: long, xuint16: long, xuint32: long, xuint64: long, xdate: datetime, xsmalltext: string, xtext: string, xnumberAsText: string, xtime: timespan, xtextWithNulls: string, xdynamicWithNulls: dynamic)",
)
azure-kusto-ingest/tests/test_e2e_ingest.py:206:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
azure-kusto-data/azure/kusto/data/client.py:163: in execute
return self.execute_mgmt(database, query, properties)
.venv/lib/python3.10/site-packages/azure/core/tracing/decorator.py:119: in wrapper_use_tracer
return func(*args, **kwargs)
azure-kusto-data/azure/kusto/data/client.py:214: in execute_mgmt
return self._execute(self._mgmt_endpoint, request, properties)
azure-kusto-data/azure/kusto/data/client.py:323: in _execute
request_headers["Authorization"] = self._aad_helper.acquire_authorization_header()
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <azure.kusto.data.security._AadHelper object at 0x7f13a96324d0>
def acquire_authorization_header(self):
try:
return _get_header_from_dict(self.token_provider.get_token())
except Exception as error:
kwargs = self.token_provider.context()
kwargs["kusto_uri"] = self.kusto_uri
> raise KustoAuthenticationError(self.token_provider.name(), error, **kwargs)
E azure.kusto.data.exceptions.KustoAuthenticationError: KustoAuthenticationError('AzureIdentityTokenProvider', 'ClientAuthenticationError("DefaultAzureCredential failed to retrieve a token from the included credentials.\nAttempted credentials:\n\tEnvironmentCredential: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.\nVisit https://aka.ms/azsdk/python/identity/environmentcredential/troubleshoot to troubleshoot this issue.\n\tWorkloadIdentityCredential: WorkloadIdentityCredential authentication unavailable. The workload options are not fully configured. See the troubleshooting guide for more information: https://aka.ms/azsdk/python/identity/workloadidentitycredential/troubleshoot. Missing required arguments: 'tenant_id', 'client_id', 'token_file_path'.\n\tManagedIdentityCredential: ManagedIdentityCredential authentication unavailable, no response from the IMDS endpoint. invalid_request\n\tSharedTokenCacheCredential: SharedTokenCacheCredential authentication unavailable. No accounts were found in the cache.\n\tVisualStudioCodeCredential: VisualStudioCodeCredential requires the 'azure-identity-broker' package to be installed. You must also ensure you have the Azure Resources extension installed and have signed in to Azure via Visual Studio Code.\n\tAzureCliCredential: ERROR: AADSTS700213: No matching federated identity record found for presented assertion subject 'repo:Azure/azure-kusto-python:pull_request'. Check your federated identity credential Subject, Audience and Issuer against the presented assertion. https://learn.microsoft.com/entra/workload-id/workload-identity-federation Trace ID: 7df80b1f-de01-4505-93a3-d5ac6ff01800 Correlation ID: 07f58a1a-1630-4f28-8458-3789bd32b268 Timestamp: 2025-08-13 07:22:43Z\nInteractive authentication is needed. Please run:\naz login\n\n\tAzurePowerShellCredential: Az.Account module >= 2.2.0 is not installed\n\tAzureDeveloperCliCredential: Azure Developer CLI could not be found. Please visit https://aka.ms/azure-dev for installation instructions and then,once installed, authenticate to your Azure account using 'azd auth login'.\n\tInteractiveBrowserCredential: Failed to open a browser\n\tBrokerCredential: InteractiveBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication.\nTo mitigate this issue, please refer to the troubleshooting guidelines here at https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot.")', '{'credential': <azure.identity._credentials.default.DefaultAzureCredential object at 0x7f13a9216200>, 'kusto_uri': 'https://sdkse2etestppe.westus2.kusto.windows.net'}')
azure-kusto-data/azure/kusto/data/security.py:86: KustoAuthenticationError
Check failure on line 0 in azure-kusto-data.tests.test_e2e_data.TestE2E
github-actions / Test Results
1 out of 5 runs with error: test_streaming_query (azure-kusto-data.tests.test_e2e_data.TestE2E)
artifacts/Unit Test Results (Python 3.10)/pytest.xml [took 9s]
Raw output
failed on setup with "azure.kusto.data.exceptions.KustoAuthenticationError: KustoAuthenticationError('AzureIdentityTokenProvider', 'ClientAuthenticationError("DefaultAzureCredential failed to retrieve a token from the included credentials.\nAttempted credentials:\n\tEnvironmentCredential: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.\nVisit https://aka.ms/azsdk/python/identity/environmentcredential/troubleshoot to troubleshoot this issue.\n\tWorkloadIdentityCredential: WorkloadIdentityCredential authentication unavailable. The workload options are not fully configured. See the troubleshooting guide for more information: https://aka.ms/azsdk/python/identity/workloadidentitycredential/troubleshoot. Missing required arguments: 'tenant_id', 'client_id', 'token_file_path'.\n\tManagedIdentityCredential: ManagedIdentityCredential authentication unavailable, no response from the IMDS endpoint. invalid_request\n\tSharedTokenCacheCredential: SharedTokenCacheCredential authentication unavailable. No accounts were found in the cache.\n\tVisualStudioCodeCredential: VisualStudioCodeCredential requires the 'azure-identity-broker' package to be installed. You must also ensure you have the Azure Resources extension installed and have signed in to Azure via Visual Studio Code.\n\tAzureCliCredential: ERROR: AADSTS700213: No matching federated identity record found for presented assertion subject 'repo:Azure/azure-kusto-python:pull_request'. Check your federated identity credential Subject, Audience and Issuer against the presented assertion. https://learn.microsoft.com/entra/workload-id/workload-identity-federation Trace ID: 1cb8563d-bb27-4a15-9650-fac128ec1f00 Correlation ID: 884e32f8-c845-436c-887d-9c194437881e Timestamp: 2025-08-13 07:22:42Z\nInteractive authentication is needed. Please run:\naz login\n\n\tAzurePowerShellCredential: Az.Account module >= 2.2.0 is not installed\n\tAzureDeveloperCliCredential: Azure Developer CLI could not be found. Please visit https://aka.ms/azure-dev for installation instructions and then,once installed, authenticate to your Azure account using 'azd auth login'.\n\tInteractiveBrowserCredential: Failed to open a browser\n\tBrokerCredential: InteractiveBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication.\nTo mitigate this issue, please refer to the troubleshooting guidelines here at https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot.")', '{'credential': <azure.identity._credentials.default.DefaultAzureCredential object at 0x7fcad33e4310>, 'kusto_uri': 'https://sdkse2etestppe.westus2.kusto.windows.net'}')"
self = <azure.kusto.data.security._AadHelper object at 0x7fcad3075f30>
def acquire_authorization_header(self):
try:
> return _get_header_from_dict(self.token_provider.get_token())
azure-kusto-data/azure/kusto/data/security.py:82:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
azure-kusto-data/azure/kusto/data/_token_providers.py:164: in get_token
return _get_token()
.venv/lib/python3.10/site-packages/azure/core/tracing/decorator.py:119: in wrapper_use_tracer
return func(*args, **kwargs)
azure-kusto-data/azure/kusto/data/_token_providers.py:161: in _get_token
token = MonitoredActivity.invoke(self._get_token_impl, name_of_span=f"{self.name()}.get_token_impl", tracing_attributes=self.context())
azure-kusto-data/azure/kusto/data/_telemetry.py:116: in invoke
return span()
.venv/lib/python3.10/site-packages/azure/core/tracing/decorator.py:119: in wrapper_use_tracer
return func(*args, **kwargs)
azure-kusto-data/azure/kusto/data/_token_providers.py:677: in _get_token_impl
t = self.credential.get_token(self._scopes[0])
.venv/lib/python3.10/site-packages/azure/identity/_credentials/default.py:336: in get_token
token = super().get_token(*scopes, claims=claims, tenant_id=tenant_id, **kwargs)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <azure.identity._credentials.default.DefaultAzureCredential object at 0x7fcad33e4310>
claims = None, tenant_id = None, enable_cae = False
scopes = ('https://kusto.kusto.windows.net/.default',), kwargs = {}
history = [(<azure.identity._credentials.environment.EnvironmentCredential object at 0x7fcad392e0b0>, 'EnvironmentCredential aut...87d-9c194437881e Timestamp: 2025-08-13 07:22:42Z\nInteractive authentication is needed. Please run:\naz login\n"), ...]
credential = <azure.identity._credentials.broker.BrokerCredential object at 0x7fcad3076680>
attempts = "\nAttempted credentials:\n\tEnvironmentCredential: EnvironmentCredential authentication unavailable. Environment vari...veBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication."
def get_token(
self,
*scopes: str,
claims: Optional[str] = None,
tenant_id: Optional[str] = None,
enable_cae: bool = False,
**kwargs: Any,
) -> AccessToken:
"""Request a token from each chained credential, in order, returning the first token received.
If no credential provides a token, raises :class:`azure.core.exceptions.ClientAuthenticationError`
with an error message from each credential.
This method is called automatically by Azure SDK clients.
:param str scopes: desired scopes for the access token. This method requires at least one scope.
For more information about scopes, see
https://learn.microsoft.com/entra/identity-platform/scopes-oidc.
:keyword str claims: additional claims required in the token, such as those returned in a resource provider's
claims challenge following an authorization failure.
:keyword str tenant_id: optional tenant to include in the token request.
:keyword bool enable_cae: indicates whether to enable Continuous Access Evaluation (CAE) for the requested
token. Defaults to False.
:return: An access token with the desired scopes.
:rtype: ~azure.core.credentials.AccessToken
:raises ~azure.core.exceptions.ClientAuthenticationError: no credential in the chain provided a token
"""
within_credential_chain.set(True)
history = []
for credential in self.credentials:
try:
# Prioritize "get_token". Fall back to "get_token_info" if not available.
if hasattr(credential, "get_token"):
token = cast(TokenCredential, credential).get_token(
*scopes, claims=claims, tenant_id=tenant_id, enable_cae=enable_cae, **kwargs
)
else:
options: TokenRequestOptions = {}
if claims:
options["claims"] = claims
if tenant_id:
options["tenant_id"] = tenant_id
options["enable_cae"] = enable_cae
token_info = cast(SupportsTokenInfo, credential).get_token_info(*scopes, options=options)
token = AccessToken(token_info.token, token_info.expires_on)
_LOGGER.info("%s acquired a token from %s", self.__class__.__name__, credential.__class__.__name__)
self._successful_credential = credential
within_credential_chain.set(False)
return token
except CredentialUnavailableError as ex:
# credential didn't attempt authentication because it lacks required data or state -> continue
history.append((credential, ex.message))
except Exception as ex: # pylint: disable=broad-except
# credential failed to authenticate, or something unexpectedly raised -> break
history.append((credential, str(ex)))
_LOGGER.debug(
'%s.get_token failed: %s raised unexpected error "%s"',
self.__class__.__name__,
credential.__class__.__name__,
ex,
exc_info=True,
)
break
within_credential_chain.set(False)
attempts = _get_error_message(history)
message = (
self.__class__.__name__
+ " failed to retrieve a token from the included credentials."
+ attempts
+ "\nTo mitigate this issue, please refer to the troubleshooting guidelines here at "
"https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot."
)
_LOGGER.warning(message)
> raise ClientAuthenticationError(message=message)
E azure.core.exceptions.ClientAuthenticationError: DefaultAzureCredential failed to retrieve a token from the included credentials.
E Attempted credentials:
E EnvironmentCredential: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.
E Visit https://aka.ms/azsdk/python/identity/environmentcredential/troubleshoot to troubleshoot this issue.
E WorkloadIdentityCredential: WorkloadIdentityCredential authentication unavailable. The workload options are not fully configured. See the troubleshooting guide for more information: https://aka.ms/azsdk/python/identity/workloadidentitycredential/troubleshoot. Missing required arguments: 'tenant_id', 'client_id', 'token_file_path'.
E ManagedIdentityCredential: ManagedIdentityCredential authentication unavailable, no response from the IMDS endpoint. invalid_request
E SharedTokenCacheCredential: SharedTokenCacheCredential authentication unavailable. No accounts were found in the cache.
E VisualStudioCodeCredential: VisualStudioCodeCredential requires the 'azure-identity-broker' package to be installed. You must also ensure you have the Azure Resources extension installed and have signed in to Azure via Visual Studio Code.
E AzureCliCredential: ERROR: AADSTS700213: No matching federated identity record found for presented assertion subject 'repo:Azure/azure-kusto-python:pull_request'. Check your federated identity credential Subject, Audience and Issuer against the presented assertion. https://learn.microsoft.com/entra/workload-id/workload-identity-federation Trace ID: 1cb8563d-bb27-4a15-9650-fac128ec1f00 Correlation ID: 884e32f8-c845-436c-887d-9c194437881e Timestamp: 2025-08-13 07:22:42Z
E Interactive authentication is needed. Please run:
E az login
E
E AzurePowerShellCredential: Az.Account module >= 2.2.0 is not installed
E AzureDeveloperCliCredential: Azure Developer CLI could not be found. Please visit https://aka.ms/azure-dev for installation instructions and then,once installed, authenticate to your Azure account using 'azd auth login'.
E InteractiveBrowserCredential: Failed to open a browser
E BrokerCredential: InteractiveBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication.
E To mitigate this issue, please refer to the troubleshooting guidelines here at https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot.
.venv/lib/python3.10/site-packages/azure/identity/_credentials/chained.py:159: ClientAuthenticationError
During handling of the above exception, another exception occurred:
cls = <class 'tests.test_e2e_data.TestE2E'>
@classmethod
def setup_class(cls):
cls.engine_cs = get_env("ENGINE_CONNECTION_STRING")
cls.ai_engine_cs = get_env("APPLICATION_INSIGHTS_ENGINE_CONNECTION_STRING", optional=True)
# Called to set the env variables for the default azure credentials
prepare_app_key_auth(optional=True)
set_env("AZURE_AUTHORITY_HOST", "login.microsoftonline.com")
cls.test_db = get_env("TEST_DATABASE")
cls.ai_test_db = get_env("APPLICATION_INSIGHTS_TEST_DATABASE", optional=True) # name of e2e database could be changed
cls.cred = lambda: DefaultAzureCredential(exclude_interactive_browser_credential=False)
# Async credentials don't support interactive browser authentication for now, so until they do, we'll use the sync default credential for async tests
cls.async_cred = lambda: DefaultAzureCredential(exclude_interactive_browser_credential=False)
cls.input_folder_path = cls.get_file_path()
with open(os.path.join(cls.input_folder_path, "big_source.csv")) as f:
cls.test_streaming_data_csv_raw = f.read()
reader = csv.reader(cls.test_streaming_data_csv_raw.splitlines())
cls.test_streaming_data = sorted(reader, key=lambda x: (float(x[0]), x[3])) # sort by AvgTicketPrice, Dest
# Init clients
> cls.streaming_test_table = cls.create_streaming_table()
azure-kusto-data/tests/test_e2e_data.py:140:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
azure-kusto-data/tests/test_e2e_data.py:156: in create_streaming_table
client.execute_mgmt(cls.test_db, f".create table {table_name} ({streaming_table_format})")
.venv/lib/python3.10/site-packages/azure/core/tracing/decorator.py:119: in wrapper_use_tracer
return func(*args, **kwargs)
azure-kusto-data/azure/kusto/data/client.py:214: in execute_mgmt
return self._execute(self._mgmt_endpoint, request, properties)
azure-kusto-data/azure/kusto/data/client.py:323: in _execute
request_headers["Authorization"] = self._aad_helper.acquire_authorization_header()
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <azure.kusto.data.security._AadHelper object at 0x7fcad3075f30>
def acquire_authorization_header(self):
try:
return _get_header_from_dict(self.token_provider.get_token())
except Exception as error:
kwargs = self.token_provider.context()
kwargs["kusto_uri"] = self.kusto_uri
> raise KustoAuthenticationError(self.token_provider.name(), error, **kwargs)
E azure.kusto.data.exceptions.KustoAuthenticationError: KustoAuthenticationError('AzureIdentityTokenProvider', 'ClientAuthenticationError("DefaultAzureCredential failed to retrieve a token from the included credentials.\nAttempted credentials:\n\tEnvironmentCredential: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.\nVisit https://aka.ms/azsdk/python/identity/environmentcredential/troubleshoot to troubleshoot this issue.\n\tWorkloadIdentityCredential: WorkloadIdentityCredential authentication unavailable. The workload options are not fully configured. See the troubleshooting guide for more information: https://aka.ms/azsdk/python/identity/workloadidentitycredential/troubleshoot. Missing required arguments: 'tenant_id', 'client_id', 'token_file_path'.\n\tManagedIdentityCredential: ManagedIdentityCredential authentication unavailable, no response from the IMDS endpoint. invalid_request\n\tSharedTokenCacheCredential: SharedTokenCacheCredential authentication unavailable. No accounts were found in the cache.\n\tVisualStudioCodeCredential: VisualStudioCodeCredential requires the 'azure-identity-broker' package to be installed. You must also ensure you have the Azure Resources extension installed and have signed in to Azure via Visual Studio Code.\n\tAzureCliCredential: ERROR: AADSTS700213: No matching federated identity record found for presented assertion subject 'repo:Azure/azure-kusto-python:pull_request'. Check your federated identity credential Subject, Audience and Issuer against the presented assertion. https://learn.microsoft.com/entra/workload-id/workload-identity-federation Trace ID: 1cb8563d-bb27-4a15-9650-fac128ec1f00 Correlation ID: 884e32f8-c845-436c-887d-9c194437881e Timestamp: 2025-08-13 07:22:42Z\nInteractive authentication is needed. Please run:\naz login\n\n\tAzurePowerShellCredential: Az.Account module >= 2.2.0 is not installed\n\tAzureDeveloperCliCredential: Azure Developer CLI could not be found. Please visit https://aka.ms/azure-dev for installation instructions and then,once installed, authenticate to your Azure account using 'azd auth login'.\n\tInteractiveBrowserCredential: Failed to open a browser\n\tBrokerCredential: InteractiveBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication.\nTo mitigate this issue, please refer to the troubleshooting guidelines here at https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot.")', '{'credential': <azure.identity._credentials.default.DefaultAzureCredential object at 0x7fcad33e4310>, 'kusto_uri': 'https://sdkse2etestppe.westus2.kusto.windows.net'}')
azure-kusto-data/azure/kusto/data/security.py:86: KustoAuthenticationError
Check failure on line 0 in azure-kusto-ingest.tests.test_e2e_ingest.TestE2E
github-actions / Test Results
1 out of 5 runs with error: test_json_ingest_existing_table_no_mapping (azure-kusto-ingest.tests.test_e2e_ingest.TestE2E)
artifacts/Unit Test Results (Python 3.10)/pytest.xml [took 0s]
Raw output
failed on setup with "azure.kusto.data.exceptions.KustoAuthenticationError: KustoAuthenticationError('AzureIdentityTokenProvider', 'ClientAuthenticationError("DefaultAzureCredential failed to retrieve a token from the included credentials.\nAttempted credentials:\n\tEnvironmentCredential: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.\nVisit https://aka.ms/azsdk/python/identity/environmentcredential/troubleshoot to troubleshoot this issue.\n\tWorkloadIdentityCredential: WorkloadIdentityCredential authentication unavailable. The workload options are not fully configured. See the troubleshooting guide for more information: https://aka.ms/azsdk/python/identity/workloadidentitycredential/troubleshoot. Missing required arguments: 'tenant_id', 'client_id', 'token_file_path'.\n\tManagedIdentityCredential: ManagedIdentityCredential authentication unavailable, no response from the IMDS endpoint. invalid_request\n\tSharedTokenCacheCredential: SharedTokenCacheCredential authentication unavailable. No accounts were found in the cache.\n\tVisualStudioCodeCredential: VisualStudioCodeCredential requires the 'azure-identity-broker' package to be installed. You must also ensure you have the Azure Resources extension installed and have signed in to Azure via Visual Studio Code.\n\tAzureCliCredential: ERROR: AADSTS700213: No matching federated identity record found for presented assertion subject 'repo:Azure/azure-kusto-python:pull_request'. Check your federated identity credential Subject, Audience and Issuer against the presented assertion. https://learn.microsoft.com/entra/workload-id/workload-identity-federation Trace ID: 7df80b1f-de01-4505-93a3-d5ac6ff01800 Correlation ID: 07f58a1a-1630-4f28-8458-3789bd32b268 Timestamp: 2025-08-13 07:22:43Z\nInteractive authentication is needed. Please run:\naz login\n\n\tAzurePowerShellCredential: Az.Account module >= 2.2.0 is not installed\n\tAzureDeveloperCliCredential: Azure Developer CLI could not be found. Please visit https://aka.ms/azure-dev for installation instructions and then,once installed, authenticate to your Azure account using 'azd auth login'.\n\tInteractiveBrowserCredential: Failed to open a browser\n\tBrokerCredential: InteractiveBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication.\nTo mitigate this issue, please refer to the troubleshooting guidelines here at https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot.")', '{'credential': <azure.identity._credentials.default.DefaultAzureCredential object at 0x7f13a9216200>, 'kusto_uri': 'https://sdkse2etestppe.westus2.kusto.windows.net'}')"
self = <azure.kusto.data.security._AadHelper object at 0x7f13a96324d0>
def acquire_authorization_header(self):
try:
> return _get_header_from_dict(self.token_provider.get_token())
azure-kusto-data/azure/kusto/data/security.py:82:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
azure-kusto-data/azure/kusto/data/_token_providers.py:164: in get_token
return _get_token()
.venv/lib/python3.10/site-packages/azure/core/tracing/decorator.py:119: in wrapper_use_tracer
return func(*args, **kwargs)
azure-kusto-data/azure/kusto/data/_token_providers.py:161: in _get_token
token = MonitoredActivity.invoke(self._get_token_impl, name_of_span=f"{self.name()}.get_token_impl", tracing_attributes=self.context())
azure-kusto-data/azure/kusto/data/_telemetry.py:116: in invoke
return span()
.venv/lib/python3.10/site-packages/azure/core/tracing/decorator.py:119: in wrapper_use_tracer
return func(*args, **kwargs)
azure-kusto-data/azure/kusto/data/_token_providers.py:677: in _get_token_impl
t = self.credential.get_token(self._scopes[0])
.venv/lib/python3.10/site-packages/azure/identity/_credentials/default.py:336: in get_token
token = super().get_token(*scopes, claims=claims, tenant_id=tenant_id, **kwargs)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <azure.identity._credentials.default.DefaultAzureCredential object at 0x7f13a9216200>
claims = None, tenant_id = None, enable_cae = False
scopes = ('https://kusto.kusto.windows.net/.default',), kwargs = {}
history = [(<azure.identity._credentials.environment.EnvironmentCredential object at 0x7f13a9215d80>, 'EnvironmentCredential aut...458-3789bd32b268 Timestamp: 2025-08-13 07:22:43Z\nInteractive authentication is needed. Please run:\naz login\n"), ...]
credential = <azure.identity._credentials.broker.BrokerCredential object at 0x7f13a9632fb0>
attempts = "\nAttempted credentials:\n\tEnvironmentCredential: EnvironmentCredential authentication unavailable. Environment vari...veBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication."
def get_token(
self,
*scopes: str,
claims: Optional[str] = None,
tenant_id: Optional[str] = None,
enable_cae: bool = False,
**kwargs: Any,
) -> AccessToken:
"""Request a token from each chained credential, in order, returning the first token received.
If no credential provides a token, raises :class:`azure.core.exceptions.ClientAuthenticationError`
with an error message from each credential.
This method is called automatically by Azure SDK clients.
:param str scopes: desired scopes for the access token. This method requires at least one scope.
For more information about scopes, see
https://learn.microsoft.com/entra/identity-platform/scopes-oidc.
:keyword str claims: additional claims required in the token, such as those returned in a resource provider's
claims challenge following an authorization failure.
:keyword str tenant_id: optional tenant to include in the token request.
:keyword bool enable_cae: indicates whether to enable Continuous Access Evaluation (CAE) for the requested
token. Defaults to False.
:return: An access token with the desired scopes.
:rtype: ~azure.core.credentials.AccessToken
:raises ~azure.core.exceptions.ClientAuthenticationError: no credential in the chain provided a token
"""
within_credential_chain.set(True)
history = []
for credential in self.credentials:
try:
# Prioritize "get_token". Fall back to "get_token_info" if not available.
if hasattr(credential, "get_token"):
token = cast(TokenCredential, credential).get_token(
*scopes, claims=claims, tenant_id=tenant_id, enable_cae=enable_cae, **kwargs
)
else:
options: TokenRequestOptions = {}
if claims:
options["claims"] = claims
if tenant_id:
options["tenant_id"] = tenant_id
options["enable_cae"] = enable_cae
token_info = cast(SupportsTokenInfo, credential).get_token_info(*scopes, options=options)
token = AccessToken(token_info.token, token_info.expires_on)
_LOGGER.info("%s acquired a token from %s", self.__class__.__name__, credential.__class__.__name__)
self._successful_credential = credential
within_credential_chain.set(False)
return token
except CredentialUnavailableError as ex:
# credential didn't attempt authentication because it lacks required data or state -> continue
history.append((credential, ex.message))
except Exception as ex: # pylint: disable=broad-except
# credential failed to authenticate, or something unexpectedly raised -> break
history.append((credential, str(ex)))
_LOGGER.debug(
'%s.get_token failed: %s raised unexpected error "%s"',
self.__class__.__name__,
credential.__class__.__name__,
ex,
exc_info=True,
)
break
within_credential_chain.set(False)
attempts = _get_error_message(history)
message = (
self.__class__.__name__
+ " failed to retrieve a token from the included credentials."
+ attempts
+ "\nTo mitigate this issue, please refer to the troubleshooting guidelines here at "
"https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot."
)
_LOGGER.warning(message)
> raise ClientAuthenticationError(message=message)
E azure.core.exceptions.ClientAuthenticationError: DefaultAzureCredential failed to retrieve a token from the included credentials.
E Attempted credentials:
E EnvironmentCredential: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.
E Visit https://aka.ms/azsdk/python/identity/environmentcredential/troubleshoot to troubleshoot this issue.
E WorkloadIdentityCredential: WorkloadIdentityCredential authentication unavailable. The workload options are not fully configured. See the troubleshooting guide for more information: https://aka.ms/azsdk/python/identity/workloadidentitycredential/troubleshoot. Missing required arguments: 'tenant_id', 'client_id', 'token_file_path'.
E ManagedIdentityCredential: ManagedIdentityCredential authentication unavailable, no response from the IMDS endpoint. invalid_request
E SharedTokenCacheCredential: SharedTokenCacheCredential authentication unavailable. No accounts were found in the cache.
E VisualStudioCodeCredential: VisualStudioCodeCredential requires the 'azure-identity-broker' package to be installed. You must also ensure you have the Azure Resources extension installed and have signed in to Azure via Visual Studio Code.
E AzureCliCredential: ERROR: AADSTS700213: No matching federated identity record found for presented assertion subject 'repo:Azure/azure-kusto-python:pull_request'. Check your federated identity credential Subject, Audience and Issuer against the presented assertion. https://learn.microsoft.com/entra/workload-id/workload-identity-federation Trace ID: 7df80b1f-de01-4505-93a3-d5ac6ff01800 Correlation ID: 07f58a1a-1630-4f28-8458-3789bd32b268 Timestamp: 2025-08-13 07:22:43Z
E Interactive authentication is needed. Please run:
E az login
E
E AzurePowerShellCredential: Az.Account module >= 2.2.0 is not installed
E AzureDeveloperCliCredential: Azure Developer CLI could not be found. Please visit https://aka.ms/azure-dev for installation instructions and then,once installed, authenticate to your Azure account using 'azd auth login'.
E InteractiveBrowserCredential: Failed to open a browser
E BrokerCredential: InteractiveBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication.
E To mitigate this issue, please refer to the troubleshooting guidelines here at https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot.
.venv/lib/python3.10/site-packages/azure/identity/_credentials/chained.py:159: ClientAuthenticationError
During handling of the above exception, another exception occurred:
cls = <class 'azure-kusto-ingest.tests.test_e2e_ingest.TestE2E'>
@classmethod
def setup_class(cls):
# DM CS can be composed from engine CS
cls.engine_cs = get_env("ENGINE_CONNECTION_STRING")
cls.dm_cs = get_env("DM_CONNECTION_STRING", default=cls.engine_cs.replace("//", "//ingest-"))
# Called to set the env variables for the default azure credentials
prepare_app_key_auth(optional=True)
cls.test_db = get_env("TEST_DATABASE")
cls.test_blob = get_env("TEST_BLOB", optional=True)
cls.cred = lambda: DefaultAzureCredential(exclude_interactive_browser_credential=False)
# Async credentials don't support interactive browser authentication for now, so until they do, we'll use the sync default credential for async tests
cls.async_cred = lambda: DefaultAzureCredential(exclude_interactive_browser_credential=False)
# Init clients
python_version = "_".join([str(v) for v in sys.version_info[:3]])
cls.test_table = "python_test_{0}_{1}_{2}".format(python_version, str(int(time.time())), random.randint(1, 100000))
cls.client = KustoClient(cls.engine_kcsb_from_env())
cls.ingest_client = QueuedIngestClient(cls.dm_kcsb_from_env())
cls.streaming_ingest_client = KustoStreamingIngestClient(cls.engine_kcsb_from_env())
cls.managed_streaming_ingest_client = ManagedStreamingIngestClient(cls.engine_kcsb_from_env(), cls.dm_kcsb_from_env())
cls.input_folder_path = cls.get_file_path()
cls.csv_file_path = os.path.join(cls.input_folder_path, "dataset.csv")
cls.tsv_file_path = os.path.join(cls.input_folder_path, "dataset.tsv")
cls.zipped_csv_file_path = os.path.join(cls.input_folder_path, "dataset.csv.gz")
cls.json_file_path = os.path.join(cls.input_folder_path, "dataset.json")
cls.zipped_json_file_path = os.path.join(cls.input_folder_path, "dataset.jsonz.gz")
cls.current_count = 0
> cls.client.execute(
cls.test_db,
f".create table {cls.test_table} (rownumber: int, rowguid: string, xdouble: real, xfloat: real, xbool: bool, xint16: int, xint32: int, xint64: long, xuint8: long, xuint16: long, xuint32: long, xuint64: long, xdate: datetime, xsmalltext: string, xtext: string, xnumberAsText: string, xtime: timespan, xtextWithNulls: string, xdynamicWithNulls: dynamic)",
)
azure-kusto-ingest/tests/test_e2e_ingest.py:206:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
azure-kusto-data/azure/kusto/data/client.py:163: in execute
return self.execute_mgmt(database, query, properties)
.venv/lib/python3.10/site-packages/azure/core/tracing/decorator.py:119: in wrapper_use_tracer
return func(*args, **kwargs)
azure-kusto-data/azure/kusto/data/client.py:214: in execute_mgmt
return self._execute(self._mgmt_endpoint, request, properties)
azure-kusto-data/azure/kusto/data/client.py:323: in _execute
request_headers["Authorization"] = self._aad_helper.acquire_authorization_header()
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <azure.kusto.data.security._AadHelper object at 0x7f13a96324d0>
def acquire_authorization_header(self):
try:
return _get_header_from_dict(self.token_provider.get_token())
except Exception as error:
kwargs = self.token_provider.context()
kwargs["kusto_uri"] = self.kusto_uri
> raise KustoAuthenticationError(self.token_provider.name(), error, **kwargs)
E azure.kusto.data.exceptions.KustoAuthenticationError: KustoAuthenticationError('AzureIdentityTokenProvider', 'ClientAuthenticationError("DefaultAzureCredential failed to retrieve a token from the included credentials.\nAttempted credentials:\n\tEnvironmentCredential: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.\nVisit https://aka.ms/azsdk/python/identity/environmentcredential/troubleshoot to troubleshoot this issue.\n\tWorkloadIdentityCredential: WorkloadIdentityCredential authentication unavailable. The workload options are not fully configured. See the troubleshooting guide for more information: https://aka.ms/azsdk/python/identity/workloadidentitycredential/troubleshoot. Missing required arguments: 'tenant_id', 'client_id', 'token_file_path'.\n\tManagedIdentityCredential: ManagedIdentityCredential authentication unavailable, no response from the IMDS endpoint. invalid_request\n\tSharedTokenCacheCredential: SharedTokenCacheCredential authentication unavailable. No accounts were found in the cache.\n\tVisualStudioCodeCredential: VisualStudioCodeCredential requires the 'azure-identity-broker' package to be installed. You must also ensure you have the Azure Resources extension installed and have signed in to Azure via Visual Studio Code.\n\tAzureCliCredential: ERROR: AADSTS700213: No matching federated identity record found for presented assertion subject 'repo:Azure/azure-kusto-python:pull_request'. Check your federated identity credential Subject, Audience and Issuer against the presented assertion. https://learn.microsoft.com/entra/workload-id/workload-identity-federation Trace ID: 7df80b1f-de01-4505-93a3-d5ac6ff01800 Correlation ID: 07f58a1a-1630-4f28-8458-3789bd32b268 Timestamp: 2025-08-13 07:22:43Z\nInteractive authentication is needed. Please run:\naz login\n\n\tAzurePowerShellCredential: Az.Account module >= 2.2.0 is not installed\n\tAzureDeveloperCliCredential: Azure Developer CLI could not be found. Please visit https://aka.ms/azure-dev for installation instructions and then,once installed, authenticate to your Azure account using 'azd auth login'.\n\tInteractiveBrowserCredential: Failed to open a browser\n\tBrokerCredential: InteractiveBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication.\nTo mitigate this issue, please refer to the troubleshooting guidelines here at https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot.")', '{'credential': <azure.identity._credentials.default.DefaultAzureCredential object at 0x7f13a9216200>, 'kusto_uri': 'https://sdkse2etestppe.westus2.kusto.windows.net'}')
azure-kusto-data/azure/kusto/data/security.py:86: KustoAuthenticationError
Check failure on line 0 in azure-kusto-data.tests.test_e2e_data.TestE2E
github-actions / Test Results
1 out of 5 runs with error: test_streaming_query_async (azure-kusto-data.tests.test_e2e_data.TestE2E)
artifacts/Unit Test Results (Python 3.10)/pytest.xml [took 0s]
Raw output
failed on setup with "azure.kusto.data.exceptions.KustoAuthenticationError: KustoAuthenticationError('AzureIdentityTokenProvider', 'ClientAuthenticationError("DefaultAzureCredential failed to retrieve a token from the included credentials.\nAttempted credentials:\n\tEnvironmentCredential: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.\nVisit https://aka.ms/azsdk/python/identity/environmentcredential/troubleshoot to troubleshoot this issue.\n\tWorkloadIdentityCredential: WorkloadIdentityCredential authentication unavailable. The workload options are not fully configured. See the troubleshooting guide for more information: https://aka.ms/azsdk/python/identity/workloadidentitycredential/troubleshoot. Missing required arguments: 'tenant_id', 'client_id', 'token_file_path'.\n\tManagedIdentityCredential: ManagedIdentityCredential authentication unavailable, no response from the IMDS endpoint. invalid_request\n\tSharedTokenCacheCredential: SharedTokenCacheCredential authentication unavailable. No accounts were found in the cache.\n\tVisualStudioCodeCredential: VisualStudioCodeCredential requires the 'azure-identity-broker' package to be installed. You must also ensure you have the Azure Resources extension installed and have signed in to Azure via Visual Studio Code.\n\tAzureCliCredential: ERROR: AADSTS700213: No matching federated identity record found for presented assertion subject 'repo:Azure/azure-kusto-python:pull_request'. Check your federated identity credential Subject, Audience and Issuer against the presented assertion. https://learn.microsoft.com/entra/workload-id/workload-identity-federation Trace ID: 1cb8563d-bb27-4a15-9650-fac128ec1f00 Correlation ID: 884e32f8-c845-436c-887d-9c194437881e Timestamp: 2025-08-13 07:22:42Z\nInteractive authentication is needed. Please run:\naz login\n\n\tAzurePowerShellCredential: Az.Account module >= 2.2.0 is not installed\n\tAzureDeveloperCliCredential: Azure Developer CLI could not be found. Please visit https://aka.ms/azure-dev for installation instructions and then,once installed, authenticate to your Azure account using 'azd auth login'.\n\tInteractiveBrowserCredential: Failed to open a browser\n\tBrokerCredential: InteractiveBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication.\nTo mitigate this issue, please refer to the troubleshooting guidelines here at https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot.")', '{'credential': <azure.identity._credentials.default.DefaultAzureCredential object at 0x7fcad33e4310>, 'kusto_uri': 'https://sdkse2etestppe.westus2.kusto.windows.net'}')"
self = <azure.kusto.data.security._AadHelper object at 0x7fcad3075f30>
def acquire_authorization_header(self):
try:
> return _get_header_from_dict(self.token_provider.get_token())
azure-kusto-data/azure/kusto/data/security.py:82:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
azure-kusto-data/azure/kusto/data/_token_providers.py:164: in get_token
return _get_token()
.venv/lib/python3.10/site-packages/azure/core/tracing/decorator.py:119: in wrapper_use_tracer
return func(*args, **kwargs)
azure-kusto-data/azure/kusto/data/_token_providers.py:161: in _get_token
token = MonitoredActivity.invoke(self._get_token_impl, name_of_span=f"{self.name()}.get_token_impl", tracing_attributes=self.context())
azure-kusto-data/azure/kusto/data/_telemetry.py:116: in invoke
return span()
.venv/lib/python3.10/site-packages/azure/core/tracing/decorator.py:119: in wrapper_use_tracer
return func(*args, **kwargs)
azure-kusto-data/azure/kusto/data/_token_providers.py:677: in _get_token_impl
t = self.credential.get_token(self._scopes[0])
.venv/lib/python3.10/site-packages/azure/identity/_credentials/default.py:336: in get_token
token = super().get_token(*scopes, claims=claims, tenant_id=tenant_id, **kwargs)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <azure.identity._credentials.default.DefaultAzureCredential object at 0x7fcad33e4310>
claims = None, tenant_id = None, enable_cae = False
scopes = ('https://kusto.kusto.windows.net/.default',), kwargs = {}
history = [(<azure.identity._credentials.environment.EnvironmentCredential object at 0x7fcad392e0b0>, 'EnvironmentCredential aut...87d-9c194437881e Timestamp: 2025-08-13 07:22:42Z\nInteractive authentication is needed. Please run:\naz login\n"), ...]
credential = <azure.identity._credentials.broker.BrokerCredential object at 0x7fcad3076680>
attempts = "\nAttempted credentials:\n\tEnvironmentCredential: EnvironmentCredential authentication unavailable. Environment vari...veBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication."
def get_token(
self,
*scopes: str,
claims: Optional[str] = None,
tenant_id: Optional[str] = None,
enable_cae: bool = False,
**kwargs: Any,
) -> AccessToken:
"""Request a token from each chained credential, in order, returning the first token received.
If no credential provides a token, raises :class:`azure.core.exceptions.ClientAuthenticationError`
with an error message from each credential.
This method is called automatically by Azure SDK clients.
:param str scopes: desired scopes for the access token. This method requires at least one scope.
For more information about scopes, see
https://learn.microsoft.com/entra/identity-platform/scopes-oidc.
:keyword str claims: additional claims required in the token, such as those returned in a resource provider's
claims challenge following an authorization failure.
:keyword str tenant_id: optional tenant to include in the token request.
:keyword bool enable_cae: indicates whether to enable Continuous Access Evaluation (CAE) for the requested
token. Defaults to False.
:return: An access token with the desired scopes.
:rtype: ~azure.core.credentials.AccessToken
:raises ~azure.core.exceptions.ClientAuthenticationError: no credential in the chain provided a token
"""
within_credential_chain.set(True)
history = []
for credential in self.credentials:
try:
# Prioritize "get_token". Fall back to "get_token_info" if not available.
if hasattr(credential, "get_token"):
token = cast(TokenCredential, credential).get_token(
*scopes, claims=claims, tenant_id=tenant_id, enable_cae=enable_cae, **kwargs
)
else:
options: TokenRequestOptions = {}
if claims:
options["claims"] = claims
if tenant_id:
options["tenant_id"] = tenant_id
options["enable_cae"] = enable_cae
token_info = cast(SupportsTokenInfo, credential).get_token_info(*scopes, options=options)
token = AccessToken(token_info.token, token_info.expires_on)
_LOGGER.info("%s acquired a token from %s", self.__class__.__name__, credential.__class__.__name__)
self._successful_credential = credential
within_credential_chain.set(False)
return token
except CredentialUnavailableError as ex:
# credential didn't attempt authentication because it lacks required data or state -> continue
history.append((credential, ex.message))
except Exception as ex: # pylint: disable=broad-except
# credential failed to authenticate, or something unexpectedly raised -> break
history.append((credential, str(ex)))
_LOGGER.debug(
'%s.get_token failed: %s raised unexpected error "%s"',
self.__class__.__name__,
credential.__class__.__name__,
ex,
exc_info=True,
)
break
within_credential_chain.set(False)
attempts = _get_error_message(history)
message = (
self.__class__.__name__
+ " failed to retrieve a token from the included credentials."
+ attempts
+ "\nTo mitigate this issue, please refer to the troubleshooting guidelines here at "
"https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot."
)
_LOGGER.warning(message)
> raise ClientAuthenticationError(message=message)
E azure.core.exceptions.ClientAuthenticationError: DefaultAzureCredential failed to retrieve a token from the included credentials.
E Attempted credentials:
E EnvironmentCredential: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.
E Visit https://aka.ms/azsdk/python/identity/environmentcredential/troubleshoot to troubleshoot this issue.
E WorkloadIdentityCredential: WorkloadIdentityCredential authentication unavailable. The workload options are not fully configured. See the troubleshooting guide for more information: https://aka.ms/azsdk/python/identity/workloadidentitycredential/troubleshoot. Missing required arguments: 'tenant_id', 'client_id', 'token_file_path'.
E ManagedIdentityCredential: ManagedIdentityCredential authentication unavailable, no response from the IMDS endpoint. invalid_request
E SharedTokenCacheCredential: SharedTokenCacheCredential authentication unavailable. No accounts were found in the cache.
E VisualStudioCodeCredential: VisualStudioCodeCredential requires the 'azure-identity-broker' package to be installed. You must also ensure you have the Azure Resources extension installed and have signed in to Azure via Visual Studio Code.
E AzureCliCredential: ERROR: AADSTS700213: No matching federated identity record found for presented assertion subject 'repo:Azure/azure-kusto-python:pull_request'. Check your federated identity credential Subject, Audience and Issuer against the presented assertion. https://learn.microsoft.com/entra/workload-id/workload-identity-federation Trace ID: 1cb8563d-bb27-4a15-9650-fac128ec1f00 Correlation ID: 884e32f8-c845-436c-887d-9c194437881e Timestamp: 2025-08-13 07:22:42Z
E Interactive authentication is needed. Please run:
E az login
E
E AzurePowerShellCredential: Az.Account module >= 2.2.0 is not installed
E AzureDeveloperCliCredential: Azure Developer CLI could not be found. Please visit https://aka.ms/azure-dev for installation instructions and then,once installed, authenticate to your Azure account using 'azd auth login'.
E InteractiveBrowserCredential: Failed to open a browser
E BrokerCredential: InteractiveBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication.
E To mitigate this issue, please refer to the troubleshooting guidelines here at https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot.
.venv/lib/python3.10/site-packages/azure/identity/_credentials/chained.py:159: ClientAuthenticationError
During handling of the above exception, another exception occurred:
cls = <class 'tests.test_e2e_data.TestE2E'>
@classmethod
def setup_class(cls):
cls.engine_cs = get_env("ENGINE_CONNECTION_STRING")
cls.ai_engine_cs = get_env("APPLICATION_INSIGHTS_ENGINE_CONNECTION_STRING", optional=True)
# Called to set the env variables for the default azure credentials
prepare_app_key_auth(optional=True)
set_env("AZURE_AUTHORITY_HOST", "login.microsoftonline.com")
cls.test_db = get_env("TEST_DATABASE")
cls.ai_test_db = get_env("APPLICATION_INSIGHTS_TEST_DATABASE", optional=True) # name of e2e database could be changed
cls.cred = lambda: DefaultAzureCredential(exclude_interactive_browser_credential=False)
# Async credentials don't support interactive browser authentication for now, so until they do, we'll use the sync default credential for async tests
cls.async_cred = lambda: DefaultAzureCredential(exclude_interactive_browser_credential=False)
cls.input_folder_path = cls.get_file_path()
with open(os.path.join(cls.input_folder_path, "big_source.csv")) as f:
cls.test_streaming_data_csv_raw = f.read()
reader = csv.reader(cls.test_streaming_data_csv_raw.splitlines())
cls.test_streaming_data = sorted(reader, key=lambda x: (float(x[0]), x[3])) # sort by AvgTicketPrice, Dest
# Init clients
> cls.streaming_test_table = cls.create_streaming_table()
azure-kusto-data/tests/test_e2e_data.py:140:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
azure-kusto-data/tests/test_e2e_data.py:156: in create_streaming_table
client.execute_mgmt(cls.test_db, f".create table {table_name} ({streaming_table_format})")
.venv/lib/python3.10/site-packages/azure/core/tracing/decorator.py:119: in wrapper_use_tracer
return func(*args, **kwargs)
azure-kusto-data/azure/kusto/data/client.py:214: in execute_mgmt
return self._execute(self._mgmt_endpoint, request, properties)
azure-kusto-data/azure/kusto/data/client.py:323: in _execute
request_headers["Authorization"] = self._aad_helper.acquire_authorization_header()
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <azure.kusto.data.security._AadHelper object at 0x7fcad3075f30>
def acquire_authorization_header(self):
try:
return _get_header_from_dict(self.token_provider.get_token())
except Exception as error:
kwargs = self.token_provider.context()
kwargs["kusto_uri"] = self.kusto_uri
> raise KustoAuthenticationError(self.token_provider.name(), error, **kwargs)
E azure.kusto.data.exceptions.KustoAuthenticationError: KustoAuthenticationError('AzureIdentityTokenProvider', 'ClientAuthenticationError("DefaultAzureCredential failed to retrieve a token from the included credentials.\nAttempted credentials:\n\tEnvironmentCredential: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.\nVisit https://aka.ms/azsdk/python/identity/environmentcredential/troubleshoot to troubleshoot this issue.\n\tWorkloadIdentityCredential: WorkloadIdentityCredential authentication unavailable. The workload options are not fully configured. See the troubleshooting guide for more information: https://aka.ms/azsdk/python/identity/workloadidentitycredential/troubleshoot. Missing required arguments: 'tenant_id', 'client_id', 'token_file_path'.\n\tManagedIdentityCredential: ManagedIdentityCredential authentication unavailable, no response from the IMDS endpoint. invalid_request\n\tSharedTokenCacheCredential: SharedTokenCacheCredential authentication unavailable. No accounts were found in the cache.\n\tVisualStudioCodeCredential: VisualStudioCodeCredential requires the 'azure-identity-broker' package to be installed. You must also ensure you have the Azure Resources extension installed and have signed in to Azure via Visual Studio Code.\n\tAzureCliCredential: ERROR: AADSTS700213: No matching federated identity record found for presented assertion subject 'repo:Azure/azure-kusto-python:pull_request'. Check your federated identity credential Subject, Audience and Issuer against the presented assertion. https://learn.microsoft.com/entra/workload-id/workload-identity-federation Trace ID: 1cb8563d-bb27-4a15-9650-fac128ec1f00 Correlation ID: 884e32f8-c845-436c-887d-9c194437881e Timestamp: 2025-08-13 07:22:42Z\nInteractive authentication is needed. Please run:\naz login\n\n\tAzurePowerShellCredential: Az.Account module >= 2.2.0 is not installed\n\tAzureDeveloperCliCredential: Azure Developer CLI could not be found. Please visit https://aka.ms/azure-dev for installation instructions and then,once installed, authenticate to your Azure account using 'azd auth login'.\n\tInteractiveBrowserCredential: Failed to open a browser\n\tBrokerCredential: InteractiveBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication.\nTo mitigate this issue, please refer to the troubleshooting guidelines here at https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot.")', '{'credential': <azure.identity._credentials.default.DefaultAzureCredential object at 0x7fcad33e4310>, 'kusto_uri': 'https://sdkse2etestppe.westus2.kusto.windows.net'}')
azure-kusto-data/azure/kusto/data/security.py:86: KustoAuthenticationError
Check failure on line 0 in azure-kusto-ingest.tests.test_e2e_ingest.TestE2E
github-actions / Test Results
1 out of 5 runs with error: test_ingest_complicated_props (azure-kusto-ingest.tests.test_e2e_ingest.TestE2E)
artifacts/Unit Test Results (Python 3.10)/pytest.xml [took 0s]
Raw output
failed on setup with "azure.kusto.data.exceptions.KustoAuthenticationError: KustoAuthenticationError('AzureIdentityTokenProvider', 'ClientAuthenticationError("DefaultAzureCredential failed to retrieve a token from the included credentials.\nAttempted credentials:\n\tEnvironmentCredential: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.\nVisit https://aka.ms/azsdk/python/identity/environmentcredential/troubleshoot to troubleshoot this issue.\n\tWorkloadIdentityCredential: WorkloadIdentityCredential authentication unavailable. The workload options are not fully configured. See the troubleshooting guide for more information: https://aka.ms/azsdk/python/identity/workloadidentitycredential/troubleshoot. Missing required arguments: 'tenant_id', 'client_id', 'token_file_path'.\n\tManagedIdentityCredential: ManagedIdentityCredential authentication unavailable, no response from the IMDS endpoint. invalid_request\n\tSharedTokenCacheCredential: SharedTokenCacheCredential authentication unavailable. No accounts were found in the cache.\n\tVisualStudioCodeCredential: VisualStudioCodeCredential requires the 'azure-identity-broker' package to be installed. You must also ensure you have the Azure Resources extension installed and have signed in to Azure via Visual Studio Code.\n\tAzureCliCredential: ERROR: AADSTS700213: No matching federated identity record found for presented assertion subject 'repo:Azure/azure-kusto-python:pull_request'. Check your federated identity credential Subject, Audience and Issuer against the presented assertion. https://learn.microsoft.com/entra/workload-id/workload-identity-federation Trace ID: 7df80b1f-de01-4505-93a3-d5ac6ff01800 Correlation ID: 07f58a1a-1630-4f28-8458-3789bd32b268 Timestamp: 2025-08-13 07:22:43Z\nInteractive authentication is needed. Please run:\naz login\n\n\tAzurePowerShellCredential: Az.Account module >= 2.2.0 is not installed\n\tAzureDeveloperCliCredential: Azure Developer CLI could not be found. Please visit https://aka.ms/azure-dev for installation instructions and then,once installed, authenticate to your Azure account using 'azd auth login'.\n\tInteractiveBrowserCredential: Failed to open a browser\n\tBrokerCredential: InteractiveBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication.\nTo mitigate this issue, please refer to the troubleshooting guidelines here at https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot.")', '{'credential': <azure.identity._credentials.default.DefaultAzureCredential object at 0x7f13a9216200>, 'kusto_uri': 'https://sdkse2etestppe.westus2.kusto.windows.net'}')"
self = <azure.kusto.data.security._AadHelper object at 0x7f13a96324d0>
def acquire_authorization_header(self):
try:
> return _get_header_from_dict(self.token_provider.get_token())
azure-kusto-data/azure/kusto/data/security.py:82:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
azure-kusto-data/azure/kusto/data/_token_providers.py:164: in get_token
return _get_token()
.venv/lib/python3.10/site-packages/azure/core/tracing/decorator.py:119: in wrapper_use_tracer
return func(*args, **kwargs)
azure-kusto-data/azure/kusto/data/_token_providers.py:161: in _get_token
token = MonitoredActivity.invoke(self._get_token_impl, name_of_span=f"{self.name()}.get_token_impl", tracing_attributes=self.context())
azure-kusto-data/azure/kusto/data/_telemetry.py:116: in invoke
return span()
.venv/lib/python3.10/site-packages/azure/core/tracing/decorator.py:119: in wrapper_use_tracer
return func(*args, **kwargs)
azure-kusto-data/azure/kusto/data/_token_providers.py:677: in _get_token_impl
t = self.credential.get_token(self._scopes[0])
.venv/lib/python3.10/site-packages/azure/identity/_credentials/default.py:336: in get_token
token = super().get_token(*scopes, claims=claims, tenant_id=tenant_id, **kwargs)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <azure.identity._credentials.default.DefaultAzureCredential object at 0x7f13a9216200>
claims = None, tenant_id = None, enable_cae = False
scopes = ('https://kusto.kusto.windows.net/.default',), kwargs = {}
history = [(<azure.identity._credentials.environment.EnvironmentCredential object at 0x7f13a9215d80>, 'EnvironmentCredential aut...458-3789bd32b268 Timestamp: 2025-08-13 07:22:43Z\nInteractive authentication is needed. Please run:\naz login\n"), ...]
credential = <azure.identity._credentials.broker.BrokerCredential object at 0x7f13a9632fb0>
attempts = "\nAttempted credentials:\n\tEnvironmentCredential: EnvironmentCredential authentication unavailable. Environment vari...veBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication."
def get_token(
self,
*scopes: str,
claims: Optional[str] = None,
tenant_id: Optional[str] = None,
enable_cae: bool = False,
**kwargs: Any,
) -> AccessToken:
"""Request a token from each chained credential, in order, returning the first token received.
If no credential provides a token, raises :class:`azure.core.exceptions.ClientAuthenticationError`
with an error message from each credential.
This method is called automatically by Azure SDK clients.
:param str scopes: desired scopes for the access token. This method requires at least one scope.
For more information about scopes, see
https://learn.microsoft.com/entra/identity-platform/scopes-oidc.
:keyword str claims: additional claims required in the token, such as those returned in a resource provider's
claims challenge following an authorization failure.
:keyword str tenant_id: optional tenant to include in the token request.
:keyword bool enable_cae: indicates whether to enable Continuous Access Evaluation (CAE) for the requested
token. Defaults to False.
:return: An access token with the desired scopes.
:rtype: ~azure.core.credentials.AccessToken
:raises ~azure.core.exceptions.ClientAuthenticationError: no credential in the chain provided a token
"""
within_credential_chain.set(True)
history = []
for credential in self.credentials:
try:
# Prioritize "get_token". Fall back to "get_token_info" if not available.
if hasattr(credential, "get_token"):
token = cast(TokenCredential, credential).get_token(
*scopes, claims=claims, tenant_id=tenant_id, enable_cae=enable_cae, **kwargs
)
else:
options: TokenRequestOptions = {}
if claims:
options["claims"] = claims
if tenant_id:
options["tenant_id"] = tenant_id
options["enable_cae"] = enable_cae
token_info = cast(SupportsTokenInfo, credential).get_token_info(*scopes, options=options)
token = AccessToken(token_info.token, token_info.expires_on)
_LOGGER.info("%s acquired a token from %s", self.__class__.__name__, credential.__class__.__name__)
self._successful_credential = credential
within_credential_chain.set(False)
return token
except CredentialUnavailableError as ex:
# credential didn't attempt authentication because it lacks required data or state -> continue
history.append((credential, ex.message))
except Exception as ex: # pylint: disable=broad-except
# credential failed to authenticate, or something unexpectedly raised -> break
history.append((credential, str(ex)))
_LOGGER.debug(
'%s.get_token failed: %s raised unexpected error "%s"',
self.__class__.__name__,
credential.__class__.__name__,
ex,
exc_info=True,
)
break
within_credential_chain.set(False)
attempts = _get_error_message(history)
message = (
self.__class__.__name__
+ " failed to retrieve a token from the included credentials."
+ attempts
+ "\nTo mitigate this issue, please refer to the troubleshooting guidelines here at "
"https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot."
)
_LOGGER.warning(message)
> raise ClientAuthenticationError(message=message)
E azure.core.exceptions.ClientAuthenticationError: DefaultAzureCredential failed to retrieve a token from the included credentials.
E Attempted credentials:
E EnvironmentCredential: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.
E Visit https://aka.ms/azsdk/python/identity/environmentcredential/troubleshoot to troubleshoot this issue.
E WorkloadIdentityCredential: WorkloadIdentityCredential authentication unavailable. The workload options are not fully configured. See the troubleshooting guide for more information: https://aka.ms/azsdk/python/identity/workloadidentitycredential/troubleshoot. Missing required arguments: 'tenant_id', 'client_id', 'token_file_path'.
E ManagedIdentityCredential: ManagedIdentityCredential authentication unavailable, no response from the IMDS endpoint. invalid_request
E SharedTokenCacheCredential: SharedTokenCacheCredential authentication unavailable. No accounts were found in the cache.
E VisualStudioCodeCredential: VisualStudioCodeCredential requires the 'azure-identity-broker' package to be installed. You must also ensure you have the Azure Resources extension installed and have signed in to Azure via Visual Studio Code.
E AzureCliCredential: ERROR: AADSTS700213: No matching federated identity record found for presented assertion subject 'repo:Azure/azure-kusto-python:pull_request'. Check your federated identity credential Subject, Audience and Issuer against the presented assertion. https://learn.microsoft.com/entra/workload-id/workload-identity-federation Trace ID: 7df80b1f-de01-4505-93a3-d5ac6ff01800 Correlation ID: 07f58a1a-1630-4f28-8458-3789bd32b268 Timestamp: 2025-08-13 07:22:43Z
E Interactive authentication is needed. Please run:
E az login
E
E AzurePowerShellCredential: Az.Account module >= 2.2.0 is not installed
E AzureDeveloperCliCredential: Azure Developer CLI could not be found. Please visit https://aka.ms/azure-dev for installation instructions and then,once installed, authenticate to your Azure account using 'azd auth login'.
E InteractiveBrowserCredential: Failed to open a browser
E BrokerCredential: InteractiveBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication.
E To mitigate this issue, please refer to the troubleshooting guidelines here at https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot.
.venv/lib/python3.10/site-packages/azure/identity/_credentials/chained.py:159: ClientAuthenticationError
During handling of the above exception, another exception occurred:
cls = <class 'azure-kusto-ingest.tests.test_e2e_ingest.TestE2E'>
@classmethod
def setup_class(cls):
# DM CS can be composed from engine CS
cls.engine_cs = get_env("ENGINE_CONNECTION_STRING")
cls.dm_cs = get_env("DM_CONNECTION_STRING", default=cls.engine_cs.replace("//", "//ingest-"))
# Called to set the env variables for the default azure credentials
prepare_app_key_auth(optional=True)
cls.test_db = get_env("TEST_DATABASE")
cls.test_blob = get_env("TEST_BLOB", optional=True)
cls.cred = lambda: DefaultAzureCredential(exclude_interactive_browser_credential=False)
# Async credentials don't support interactive browser authentication for now, so until they do, we'll use the sync default credential for async tests
cls.async_cred = lambda: DefaultAzureCredential(exclude_interactive_browser_credential=False)
# Init clients
python_version = "_".join([str(v) for v in sys.version_info[:3]])
cls.test_table = "python_test_{0}_{1}_{2}".format(python_version, str(int(time.time())), random.randint(1, 100000))
cls.client = KustoClient(cls.engine_kcsb_from_env())
cls.ingest_client = QueuedIngestClient(cls.dm_kcsb_from_env())
cls.streaming_ingest_client = KustoStreamingIngestClient(cls.engine_kcsb_from_env())
cls.managed_streaming_ingest_client = ManagedStreamingIngestClient(cls.engine_kcsb_from_env(), cls.dm_kcsb_from_env())
cls.input_folder_path = cls.get_file_path()
cls.csv_file_path = os.path.join(cls.input_folder_path, "dataset.csv")
cls.tsv_file_path = os.path.join(cls.input_folder_path, "dataset.tsv")
cls.zipped_csv_file_path = os.path.join(cls.input_folder_path, "dataset.csv.gz")
cls.json_file_path = os.path.join(cls.input_folder_path, "dataset.json")
cls.zipped_json_file_path = os.path.join(cls.input_folder_path, "dataset.jsonz.gz")
cls.current_count = 0
> cls.client.execute(
cls.test_db,
f".create table {cls.test_table} (rownumber: int, rowguid: string, xdouble: real, xfloat: real, xbool: bool, xint16: int, xint32: int, xint64: long, xuint8: long, xuint16: long, xuint32: long, xuint64: long, xdate: datetime, xsmalltext: string, xtext: string, xnumberAsText: string, xtime: timespan, xtextWithNulls: string, xdynamicWithNulls: dynamic)",
)
azure-kusto-ingest/tests/test_e2e_ingest.py:206:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
azure-kusto-data/azure/kusto/data/client.py:163: in execute
return self.execute_mgmt(database, query, properties)
.venv/lib/python3.10/site-packages/azure/core/tracing/decorator.py:119: in wrapper_use_tracer
return func(*args, **kwargs)
azure-kusto-data/azure/kusto/data/client.py:214: in execute_mgmt
return self._execute(self._mgmt_endpoint, request, properties)
azure-kusto-data/azure/kusto/data/client.py:323: in _execute
request_headers["Authorization"] = self._aad_helper.acquire_authorization_header()
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <azure.kusto.data.security._AadHelper object at 0x7f13a96324d0>
def acquire_authorization_header(self):
try:
return _get_header_from_dict(self.token_provider.get_token())
except Exception as error:
kwargs = self.token_provider.context()
kwargs["kusto_uri"] = self.kusto_uri
> raise KustoAuthenticationError(self.token_provider.name(), error, **kwargs)
E azure.kusto.data.exceptions.KustoAuthenticationError: KustoAuthenticationError('AzureIdentityTokenProvider', 'ClientAuthenticationError("DefaultAzureCredential failed to retrieve a token from the included credentials.\nAttempted credentials:\n\tEnvironmentCredential: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.\nVisit https://aka.ms/azsdk/python/identity/environmentcredential/troubleshoot to troubleshoot this issue.\n\tWorkloadIdentityCredential: WorkloadIdentityCredential authentication unavailable. The workload options are not fully configured. See the troubleshooting guide for more information: https://aka.ms/azsdk/python/identity/workloadidentitycredential/troubleshoot. Missing required arguments: 'tenant_id', 'client_id', 'token_file_path'.\n\tManagedIdentityCredential: ManagedIdentityCredential authentication unavailable, no response from the IMDS endpoint. invalid_request\n\tSharedTokenCacheCredential: SharedTokenCacheCredential authentication unavailable. No accounts were found in the cache.\n\tVisualStudioCodeCredential: VisualStudioCodeCredential requires the 'azure-identity-broker' package to be installed. You must also ensure you have the Azure Resources extension installed and have signed in to Azure via Visual Studio Code.\n\tAzureCliCredential: ERROR: AADSTS700213: No matching federated identity record found for presented assertion subject 'repo:Azure/azure-kusto-python:pull_request'. Check your federated identity credential Subject, Audience and Issuer against the presented assertion. https://learn.microsoft.com/entra/workload-id/workload-identity-federation Trace ID: 7df80b1f-de01-4505-93a3-d5ac6ff01800 Correlation ID: 07f58a1a-1630-4f28-8458-3789bd32b268 Timestamp: 2025-08-13 07:22:43Z\nInteractive authentication is needed. Please run:\naz login\n\n\tAzurePowerShellCredential: Az.Account module >= 2.2.0 is not installed\n\tAzureDeveloperCliCredential: Azure Developer CLI could not be found. Please visit https://aka.ms/azure-dev for installation instructions and then,once installed, authenticate to your Azure account using 'azd auth login'.\n\tInteractiveBrowserCredential: Failed to open a browser\n\tBrokerCredential: InteractiveBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication.\nTo mitigate this issue, please refer to the troubleshooting guidelines here at https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot.")', '{'credential': <azure.identity._credentials.default.DefaultAzureCredential object at 0x7f13a9216200>, 'kusto_uri': 'https://sdkse2etestppe.westus2.kusto.windows.net'}')
azure-kusto-data/azure/kusto/data/security.py:86: KustoAuthenticationError
Check failure on line 0 in azure-kusto-data.tests.test_e2e_data.TestE2E
github-actions / Test Results
1 out of 5 runs with error: test_streaming_query_internal (azure-kusto-data.tests.test_e2e_data.TestE2E)
artifacts/Unit Test Results (Python 3.10)/pytest.xml [took 0s]
Raw output
failed on setup with "azure.kusto.data.exceptions.KustoAuthenticationError: KustoAuthenticationError('AzureIdentityTokenProvider', 'ClientAuthenticationError("DefaultAzureCredential failed to retrieve a token from the included credentials.\nAttempted credentials:\n\tEnvironmentCredential: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.\nVisit https://aka.ms/azsdk/python/identity/environmentcredential/troubleshoot to troubleshoot this issue.\n\tWorkloadIdentityCredential: WorkloadIdentityCredential authentication unavailable. The workload options are not fully configured. See the troubleshooting guide for more information: https://aka.ms/azsdk/python/identity/workloadidentitycredential/troubleshoot. Missing required arguments: 'tenant_id', 'client_id', 'token_file_path'.\n\tManagedIdentityCredential: ManagedIdentityCredential authentication unavailable, no response from the IMDS endpoint. invalid_request\n\tSharedTokenCacheCredential: SharedTokenCacheCredential authentication unavailable. No accounts were found in the cache.\n\tVisualStudioCodeCredential: VisualStudioCodeCredential requires the 'azure-identity-broker' package to be installed. You must also ensure you have the Azure Resources extension installed and have signed in to Azure via Visual Studio Code.\n\tAzureCliCredential: ERROR: AADSTS700213: No matching federated identity record found for presented assertion subject 'repo:Azure/azure-kusto-python:pull_request'. Check your federated identity credential Subject, Audience and Issuer against the presented assertion. https://learn.microsoft.com/entra/workload-id/workload-identity-federation Trace ID: 1cb8563d-bb27-4a15-9650-fac128ec1f00 Correlation ID: 884e32f8-c845-436c-887d-9c194437881e Timestamp: 2025-08-13 07:22:42Z\nInteractive authentication is needed. Please run:\naz login\n\n\tAzurePowerShellCredential: Az.Account module >= 2.2.0 is not installed\n\tAzureDeveloperCliCredential: Azure Developer CLI could not be found. Please visit https://aka.ms/azure-dev for installation instructions and then,once installed, authenticate to your Azure account using 'azd auth login'.\n\tInteractiveBrowserCredential: Failed to open a browser\n\tBrokerCredential: InteractiveBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication.\nTo mitigate this issue, please refer to the troubleshooting guidelines here at https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot.")', '{'credential': <azure.identity._credentials.default.DefaultAzureCredential object at 0x7fcad33e4310>, 'kusto_uri': 'https://sdkse2etestppe.westus2.kusto.windows.net'}')"
self = <azure.kusto.data.security._AadHelper object at 0x7fcad3075f30>
def acquire_authorization_header(self):
try:
> return _get_header_from_dict(self.token_provider.get_token())
azure-kusto-data/azure/kusto/data/security.py:82:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
azure-kusto-data/azure/kusto/data/_token_providers.py:164: in get_token
return _get_token()
.venv/lib/python3.10/site-packages/azure/core/tracing/decorator.py:119: in wrapper_use_tracer
return func(*args, **kwargs)
azure-kusto-data/azure/kusto/data/_token_providers.py:161: in _get_token
token = MonitoredActivity.invoke(self._get_token_impl, name_of_span=f"{self.name()}.get_token_impl", tracing_attributes=self.context())
azure-kusto-data/azure/kusto/data/_telemetry.py:116: in invoke
return span()
.venv/lib/python3.10/site-packages/azure/core/tracing/decorator.py:119: in wrapper_use_tracer
return func(*args, **kwargs)
azure-kusto-data/azure/kusto/data/_token_providers.py:677: in _get_token_impl
t = self.credential.get_token(self._scopes[0])
.venv/lib/python3.10/site-packages/azure/identity/_credentials/default.py:336: in get_token
token = super().get_token(*scopes, claims=claims, tenant_id=tenant_id, **kwargs)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <azure.identity._credentials.default.DefaultAzureCredential object at 0x7fcad33e4310>
claims = None, tenant_id = None, enable_cae = False
scopes = ('https://kusto.kusto.windows.net/.default',), kwargs = {}
history = [(<azure.identity._credentials.environment.EnvironmentCredential object at 0x7fcad392e0b0>, 'EnvironmentCredential aut...87d-9c194437881e Timestamp: 2025-08-13 07:22:42Z\nInteractive authentication is needed. Please run:\naz login\n"), ...]
credential = <azure.identity._credentials.broker.BrokerCredential object at 0x7fcad3076680>
attempts = "\nAttempted credentials:\n\tEnvironmentCredential: EnvironmentCredential authentication unavailable. Environment vari...veBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication."
def get_token(
self,
*scopes: str,
claims: Optional[str] = None,
tenant_id: Optional[str] = None,
enable_cae: bool = False,
**kwargs: Any,
) -> AccessToken:
"""Request a token from each chained credential, in order, returning the first token received.
If no credential provides a token, raises :class:`azure.core.exceptions.ClientAuthenticationError`
with an error message from each credential.
This method is called automatically by Azure SDK clients.
:param str scopes: desired scopes for the access token. This method requires at least one scope.
For more information about scopes, see
https://learn.microsoft.com/entra/identity-platform/scopes-oidc.
:keyword str claims: additional claims required in the token, such as those returned in a resource provider's
claims challenge following an authorization failure.
:keyword str tenant_id: optional tenant to include in the token request.
:keyword bool enable_cae: indicates whether to enable Continuous Access Evaluation (CAE) for the requested
token. Defaults to False.
:return: An access token with the desired scopes.
:rtype: ~azure.core.credentials.AccessToken
:raises ~azure.core.exceptions.ClientAuthenticationError: no credential in the chain provided a token
"""
within_credential_chain.set(True)
history = []
for credential in self.credentials:
try:
# Prioritize "get_token". Fall back to "get_token_info" if not available.
if hasattr(credential, "get_token"):
token = cast(TokenCredential, credential).get_token(
*scopes, claims=claims, tenant_id=tenant_id, enable_cae=enable_cae, **kwargs
)
else:
options: TokenRequestOptions = {}
if claims:
options["claims"] = claims
if tenant_id:
options["tenant_id"] = tenant_id
options["enable_cae"] = enable_cae
token_info = cast(SupportsTokenInfo, credential).get_token_info(*scopes, options=options)
token = AccessToken(token_info.token, token_info.expires_on)
_LOGGER.info("%s acquired a token from %s", self.__class__.__name__, credential.__class__.__name__)
self._successful_credential = credential
within_credential_chain.set(False)
return token
except CredentialUnavailableError as ex:
# credential didn't attempt authentication because it lacks required data or state -> continue
history.append((credential, ex.message))
except Exception as ex: # pylint: disable=broad-except
# credential failed to authenticate, or something unexpectedly raised -> break
history.append((credential, str(ex)))
_LOGGER.debug(
'%s.get_token failed: %s raised unexpected error "%s"',
self.__class__.__name__,
credential.__class__.__name__,
ex,
exc_info=True,
)
break
within_credential_chain.set(False)
attempts = _get_error_message(history)
message = (
self.__class__.__name__
+ " failed to retrieve a token from the included credentials."
+ attempts
+ "\nTo mitigate this issue, please refer to the troubleshooting guidelines here at "
"https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot."
)
_LOGGER.warning(message)
> raise ClientAuthenticationError(message=message)
E azure.core.exceptions.ClientAuthenticationError: DefaultAzureCredential failed to retrieve a token from the included credentials.
E Attempted credentials:
E EnvironmentCredential: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.
E Visit https://aka.ms/azsdk/python/identity/environmentcredential/troubleshoot to troubleshoot this issue.
E WorkloadIdentityCredential: WorkloadIdentityCredential authentication unavailable. The workload options are not fully configured. See the troubleshooting guide for more information: https://aka.ms/azsdk/python/identity/workloadidentitycredential/troubleshoot. Missing required arguments: 'tenant_id', 'client_id', 'token_file_path'.
E ManagedIdentityCredential: ManagedIdentityCredential authentication unavailable, no response from the IMDS endpoint. invalid_request
E SharedTokenCacheCredential: SharedTokenCacheCredential authentication unavailable. No accounts were found in the cache.
E VisualStudioCodeCredential: VisualStudioCodeCredential requires the 'azure-identity-broker' package to be installed. You must also ensure you have the Azure Resources extension installed and have signed in to Azure via Visual Studio Code.
E AzureCliCredential: ERROR: AADSTS700213: No matching federated identity record found for presented assertion subject 'repo:Azure/azure-kusto-python:pull_request'. Check your federated identity credential Subject, Audience and Issuer against the presented assertion. https://learn.microsoft.com/entra/workload-id/workload-identity-federation Trace ID: 1cb8563d-bb27-4a15-9650-fac128ec1f00 Correlation ID: 884e32f8-c845-436c-887d-9c194437881e Timestamp: 2025-08-13 07:22:42Z
E Interactive authentication is needed. Please run:
E az login
E
E AzurePowerShellCredential: Az.Account module >= 2.2.0 is not installed
E AzureDeveloperCliCredential: Azure Developer CLI could not be found. Please visit https://aka.ms/azure-dev for installation instructions and then,once installed, authenticate to your Azure account using 'azd auth login'.
E InteractiveBrowserCredential: Failed to open a browser
E BrokerCredential: InteractiveBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication.
E To mitigate this issue, please refer to the troubleshooting guidelines here at https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot.
.venv/lib/python3.10/site-packages/azure/identity/_credentials/chained.py:159: ClientAuthenticationError
During handling of the above exception, another exception occurred:
cls = <class 'tests.test_e2e_data.TestE2E'>
@classmethod
def setup_class(cls):
cls.engine_cs = get_env("ENGINE_CONNECTION_STRING")
cls.ai_engine_cs = get_env("APPLICATION_INSIGHTS_ENGINE_CONNECTION_STRING", optional=True)
# Called to set the env variables for the default azure credentials
prepare_app_key_auth(optional=True)
set_env("AZURE_AUTHORITY_HOST", "login.microsoftonline.com")
cls.test_db = get_env("TEST_DATABASE")
cls.ai_test_db = get_env("APPLICATION_INSIGHTS_TEST_DATABASE", optional=True) # name of e2e database could be changed
cls.cred = lambda: DefaultAzureCredential(exclude_interactive_browser_credential=False)
# Async credentials don't support interactive browser authentication for now, so until they do, we'll use the sync default credential for async tests
cls.async_cred = lambda: DefaultAzureCredential(exclude_interactive_browser_credential=False)
cls.input_folder_path = cls.get_file_path()
with open(os.path.join(cls.input_folder_path, "big_source.csv")) as f:
cls.test_streaming_data_csv_raw = f.read()
reader = csv.reader(cls.test_streaming_data_csv_raw.splitlines())
cls.test_streaming_data = sorted(reader, key=lambda x: (float(x[0]), x[3])) # sort by AvgTicketPrice, Dest
# Init clients
> cls.streaming_test_table = cls.create_streaming_table()
azure-kusto-data/tests/test_e2e_data.py:140:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
azure-kusto-data/tests/test_e2e_data.py:156: in create_streaming_table
client.execute_mgmt(cls.test_db, f".create table {table_name} ({streaming_table_format})")
.venv/lib/python3.10/site-packages/azure/core/tracing/decorator.py:119: in wrapper_use_tracer
return func(*args, **kwargs)
azure-kusto-data/azure/kusto/data/client.py:214: in execute_mgmt
return self._execute(self._mgmt_endpoint, request, properties)
azure-kusto-data/azure/kusto/data/client.py:323: in _execute
request_headers["Authorization"] = self._aad_helper.acquire_authorization_header()
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <azure.kusto.data.security._AadHelper object at 0x7fcad3075f30>
def acquire_authorization_header(self):
try:
return _get_header_from_dict(self.token_provider.get_token())
except Exception as error:
kwargs = self.token_provider.context()
kwargs["kusto_uri"] = self.kusto_uri
> raise KustoAuthenticationError(self.token_provider.name(), error, **kwargs)
E azure.kusto.data.exceptions.KustoAuthenticationError: KustoAuthenticationError('AzureIdentityTokenProvider', 'ClientAuthenticationError("DefaultAzureCredential failed to retrieve a token from the included credentials.\nAttempted credentials:\n\tEnvironmentCredential: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.\nVisit https://aka.ms/azsdk/python/identity/environmentcredential/troubleshoot to troubleshoot this issue.\n\tWorkloadIdentityCredential: WorkloadIdentityCredential authentication unavailable. The workload options are not fully configured. See the troubleshooting guide for more information: https://aka.ms/azsdk/python/identity/workloadidentitycredential/troubleshoot. Missing required arguments: 'tenant_id', 'client_id', 'token_file_path'.\n\tManagedIdentityCredential: ManagedIdentityCredential authentication unavailable, no response from the IMDS endpoint. invalid_request\n\tSharedTokenCacheCredential: SharedTokenCacheCredential authentication unavailable. No accounts were found in the cache.\n\tVisualStudioCodeCredential: VisualStudioCodeCredential requires the 'azure-identity-broker' package to be installed. You must also ensure you have the Azure Resources extension installed and have signed in to Azure via Visual Studio Code.\n\tAzureCliCredential: ERROR: AADSTS700213: No matching federated identity record found for presented assertion subject 'repo:Azure/azure-kusto-python:pull_request'. Check your federated identity credential Subject, Audience and Issuer against the presented assertion. https://learn.microsoft.com/entra/workload-id/workload-identity-federation Trace ID: 1cb8563d-bb27-4a15-9650-fac128ec1f00 Correlation ID: 884e32f8-c845-436c-887d-9c194437881e Timestamp: 2025-08-13 07:22:42Z\nInteractive authentication is needed. Please run:\naz login\n\n\tAzurePowerShellCredential: Az.Account module >= 2.2.0 is not installed\n\tAzureDeveloperCliCredential: Azure Developer CLI could not be found. Please visit https://aka.ms/azure-dev for installation instructions and then,once installed, authenticate to your Azure account using 'azd auth login'.\n\tInteractiveBrowserCredential: Failed to open a browser\n\tBrokerCredential: InteractiveBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication.\nTo mitigate this issue, please refer to the troubleshooting guidelines here at https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot.")', '{'credential': <azure.identity._credentials.default.DefaultAzureCredential object at 0x7fcad33e4310>, 'kusto_uri': 'https://sdkse2etestppe.westus2.kusto.windows.net'}')
azure-kusto-data/azure/kusto/data/security.py:86: KustoAuthenticationError
Check failure on line 0 in azure-kusto-ingest.tests.test_e2e_ingest.TestE2E
github-actions / Test Results
1 out of 5 runs with error: test_streaming_ingest_from_csv_io_streams (azure-kusto-ingest.tests.test_e2e_ingest.TestE2E)
artifacts/Unit Test Results (Python 3.10)/pytest.xml [took 0s]
Raw output
failed on setup with "azure.kusto.data.exceptions.KustoAuthenticationError: KustoAuthenticationError('AzureIdentityTokenProvider', 'ClientAuthenticationError("DefaultAzureCredential failed to retrieve a token from the included credentials.\nAttempted credentials:\n\tEnvironmentCredential: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.\nVisit https://aka.ms/azsdk/python/identity/environmentcredential/troubleshoot to troubleshoot this issue.\n\tWorkloadIdentityCredential: WorkloadIdentityCredential authentication unavailable. The workload options are not fully configured. See the troubleshooting guide for more information: https://aka.ms/azsdk/python/identity/workloadidentitycredential/troubleshoot. Missing required arguments: 'tenant_id', 'client_id', 'token_file_path'.\n\tManagedIdentityCredential: ManagedIdentityCredential authentication unavailable, no response from the IMDS endpoint. invalid_request\n\tSharedTokenCacheCredential: SharedTokenCacheCredential authentication unavailable. No accounts were found in the cache.\n\tVisualStudioCodeCredential: VisualStudioCodeCredential requires the 'azure-identity-broker' package to be installed. You must also ensure you have the Azure Resources extension installed and have signed in to Azure via Visual Studio Code.\n\tAzureCliCredential: ERROR: AADSTS700213: No matching federated identity record found for presented assertion subject 'repo:Azure/azure-kusto-python:pull_request'. Check your federated identity credential Subject, Audience and Issuer against the presented assertion. https://learn.microsoft.com/entra/workload-id/workload-identity-federation Trace ID: 7df80b1f-de01-4505-93a3-d5ac6ff01800 Correlation ID: 07f58a1a-1630-4f28-8458-3789bd32b268 Timestamp: 2025-08-13 07:22:43Z\nInteractive authentication is needed. Please run:\naz login\n\n\tAzurePowerShellCredential: Az.Account module >= 2.2.0 is not installed\n\tAzureDeveloperCliCredential: Azure Developer CLI could not be found. Please visit https://aka.ms/azure-dev for installation instructions and then,once installed, authenticate to your Azure account using 'azd auth login'.\n\tInteractiveBrowserCredential: Failed to open a browser\n\tBrokerCredential: InteractiveBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication.\nTo mitigate this issue, please refer to the troubleshooting guidelines here at https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot.")', '{'credential': <azure.identity._credentials.default.DefaultAzureCredential object at 0x7f13a9216200>, 'kusto_uri': 'https://sdkse2etestppe.westus2.kusto.windows.net'}')"
self = <azure.kusto.data.security._AadHelper object at 0x7f13a96324d0>
def acquire_authorization_header(self):
try:
> return _get_header_from_dict(self.token_provider.get_token())
azure-kusto-data/azure/kusto/data/security.py:82:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
azure-kusto-data/azure/kusto/data/_token_providers.py:164: in get_token
return _get_token()
.venv/lib/python3.10/site-packages/azure/core/tracing/decorator.py:119: in wrapper_use_tracer
return func(*args, **kwargs)
azure-kusto-data/azure/kusto/data/_token_providers.py:161: in _get_token
token = MonitoredActivity.invoke(self._get_token_impl, name_of_span=f"{self.name()}.get_token_impl", tracing_attributes=self.context())
azure-kusto-data/azure/kusto/data/_telemetry.py:116: in invoke
return span()
.venv/lib/python3.10/site-packages/azure/core/tracing/decorator.py:119: in wrapper_use_tracer
return func(*args, **kwargs)
azure-kusto-data/azure/kusto/data/_token_providers.py:677: in _get_token_impl
t = self.credential.get_token(self._scopes[0])
.venv/lib/python3.10/site-packages/azure/identity/_credentials/default.py:336: in get_token
token = super().get_token(*scopes, claims=claims, tenant_id=tenant_id, **kwargs)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <azure.identity._credentials.default.DefaultAzureCredential object at 0x7f13a9216200>
claims = None, tenant_id = None, enable_cae = False
scopes = ('https://kusto.kusto.windows.net/.default',), kwargs = {}
history = [(<azure.identity._credentials.environment.EnvironmentCredential object at 0x7f13a9215d80>, 'EnvironmentCredential aut...458-3789bd32b268 Timestamp: 2025-08-13 07:22:43Z\nInteractive authentication is needed. Please run:\naz login\n"), ...]
credential = <azure.identity._credentials.broker.BrokerCredential object at 0x7f13a9632fb0>
attempts = "\nAttempted credentials:\n\tEnvironmentCredential: EnvironmentCredential authentication unavailable. Environment vari...veBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication."
def get_token(
self,
*scopes: str,
claims: Optional[str] = None,
tenant_id: Optional[str] = None,
enable_cae: bool = False,
**kwargs: Any,
) -> AccessToken:
"""Request a token from each chained credential, in order, returning the first token received.
If no credential provides a token, raises :class:`azure.core.exceptions.ClientAuthenticationError`
with an error message from each credential.
This method is called automatically by Azure SDK clients.
:param str scopes: desired scopes for the access token. This method requires at least one scope.
For more information about scopes, see
https://learn.microsoft.com/entra/identity-platform/scopes-oidc.
:keyword str claims: additional claims required in the token, such as those returned in a resource provider's
claims challenge following an authorization failure.
:keyword str tenant_id: optional tenant to include in the token request.
:keyword bool enable_cae: indicates whether to enable Continuous Access Evaluation (CAE) for the requested
token. Defaults to False.
:return: An access token with the desired scopes.
:rtype: ~azure.core.credentials.AccessToken
:raises ~azure.core.exceptions.ClientAuthenticationError: no credential in the chain provided a token
"""
within_credential_chain.set(True)
history = []
for credential in self.credentials:
try:
# Prioritize "get_token". Fall back to "get_token_info" if not available.
if hasattr(credential, "get_token"):
token = cast(TokenCredential, credential).get_token(
*scopes, claims=claims, tenant_id=tenant_id, enable_cae=enable_cae, **kwargs
)
else:
options: TokenRequestOptions = {}
if claims:
options["claims"] = claims
if tenant_id:
options["tenant_id"] = tenant_id
options["enable_cae"] = enable_cae
token_info = cast(SupportsTokenInfo, credential).get_token_info(*scopes, options=options)
token = AccessToken(token_info.token, token_info.expires_on)
_LOGGER.info("%s acquired a token from %s", self.__class__.__name__, credential.__class__.__name__)
self._successful_credential = credential
within_credential_chain.set(False)
return token
except CredentialUnavailableError as ex:
# credential didn't attempt authentication because it lacks required data or state -> continue
history.append((credential, ex.message))
except Exception as ex: # pylint: disable=broad-except
# credential failed to authenticate, or something unexpectedly raised -> break
history.append((credential, str(ex)))
_LOGGER.debug(
'%s.get_token failed: %s raised unexpected error "%s"',
self.__class__.__name__,
credential.__class__.__name__,
ex,
exc_info=True,
)
break
within_credential_chain.set(False)
attempts = _get_error_message(history)
message = (
self.__class__.__name__
+ " failed to retrieve a token from the included credentials."
+ attempts
+ "\nTo mitigate this issue, please refer to the troubleshooting guidelines here at "
"https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot."
)
_LOGGER.warning(message)
> raise ClientAuthenticationError(message=message)
E azure.core.exceptions.ClientAuthenticationError: DefaultAzureCredential failed to retrieve a token from the included credentials.
E Attempted credentials:
E EnvironmentCredential: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.
E Visit https://aka.ms/azsdk/python/identity/environmentcredential/troubleshoot to troubleshoot this issue.
E WorkloadIdentityCredential: WorkloadIdentityCredential authentication unavailable. The workload options are not fully configured. See the troubleshooting guide for more information: https://aka.ms/azsdk/python/identity/workloadidentitycredential/troubleshoot. Missing required arguments: 'tenant_id', 'client_id', 'token_file_path'.
E ManagedIdentityCredential: ManagedIdentityCredential authentication unavailable, no response from the IMDS endpoint. invalid_request
E SharedTokenCacheCredential: SharedTokenCacheCredential authentication unavailable. No accounts were found in the cache.
E VisualStudioCodeCredential: VisualStudioCodeCredential requires the 'azure-identity-broker' package to be installed. You must also ensure you have the Azure Resources extension installed and have signed in to Azure via Visual Studio Code.
E AzureCliCredential: ERROR: AADSTS700213: No matching federated identity record found for presented assertion subject 'repo:Azure/azure-kusto-python:pull_request'. Check your federated identity credential Subject, Audience and Issuer against the presented assertion. https://learn.microsoft.com/entra/workload-id/workload-identity-federation Trace ID: 7df80b1f-de01-4505-93a3-d5ac6ff01800 Correlation ID: 07f58a1a-1630-4f28-8458-3789bd32b268 Timestamp: 2025-08-13 07:22:43Z
E Interactive authentication is needed. Please run:
E az login
E
E AzurePowerShellCredential: Az.Account module >= 2.2.0 is not installed
E AzureDeveloperCliCredential: Azure Developer CLI could not be found. Please visit https://aka.ms/azure-dev for installation instructions and then,once installed, authenticate to your Azure account using 'azd auth login'.
E InteractiveBrowserCredential: Failed to open a browser
E BrokerCredential: InteractiveBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication.
E To mitigate this issue, please refer to the troubleshooting guidelines here at https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot.
.venv/lib/python3.10/site-packages/azure/identity/_credentials/chained.py:159: ClientAuthenticationError
During handling of the above exception, another exception occurred:
cls = <class 'azure-kusto-ingest.tests.test_e2e_ingest.TestE2E'>
@classmethod
def setup_class(cls):
# DM CS can be composed from engine CS
cls.engine_cs = get_env("ENGINE_CONNECTION_STRING")
cls.dm_cs = get_env("DM_CONNECTION_STRING", default=cls.engine_cs.replace("//", "//ingest-"))
# Called to set the env variables for the default azure credentials
prepare_app_key_auth(optional=True)
cls.test_db = get_env("TEST_DATABASE")
cls.test_blob = get_env("TEST_BLOB", optional=True)
cls.cred = lambda: DefaultAzureCredential(exclude_interactive_browser_credential=False)
# Async credentials don't support interactive browser authentication for now, so until they do, we'll use the sync default credential for async tests
cls.async_cred = lambda: DefaultAzureCredential(exclude_interactive_browser_credential=False)
# Init clients
python_version = "_".join([str(v) for v in sys.version_info[:3]])
cls.test_table = "python_test_{0}_{1}_{2}".format(python_version, str(int(time.time())), random.randint(1, 100000))
cls.client = KustoClient(cls.engine_kcsb_from_env())
cls.ingest_client = QueuedIngestClient(cls.dm_kcsb_from_env())
cls.streaming_ingest_client = KustoStreamingIngestClient(cls.engine_kcsb_from_env())
cls.managed_streaming_ingest_client = ManagedStreamingIngestClient(cls.engine_kcsb_from_env(), cls.dm_kcsb_from_env())
cls.input_folder_path = cls.get_file_path()
cls.csv_file_path = os.path.join(cls.input_folder_path, "dataset.csv")
cls.tsv_file_path = os.path.join(cls.input_folder_path, "dataset.tsv")
cls.zipped_csv_file_path = os.path.join(cls.input_folder_path, "dataset.csv.gz")
cls.json_file_path = os.path.join(cls.input_folder_path, "dataset.json")
cls.zipped_json_file_path = os.path.join(cls.input_folder_path, "dataset.jsonz.gz")
cls.current_count = 0
> cls.client.execute(
cls.test_db,
f".create table {cls.test_table} (rownumber: int, rowguid: string, xdouble: real, xfloat: real, xbool: bool, xint16: int, xint32: int, xint64: long, xuint8: long, xuint16: long, xuint32: long, xuint64: long, xdate: datetime, xsmalltext: string, xtext: string, xnumberAsText: string, xtime: timespan, xtextWithNulls: string, xdynamicWithNulls: dynamic)",
)
azure-kusto-ingest/tests/test_e2e_ingest.py:206:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
azure-kusto-data/azure/kusto/data/client.py:163: in execute
return self.execute_mgmt(database, query, properties)
.venv/lib/python3.10/site-packages/azure/core/tracing/decorator.py:119: in wrapper_use_tracer
return func(*args, **kwargs)
azure-kusto-data/azure/kusto/data/client.py:214: in execute_mgmt
return self._execute(self._mgmt_endpoint, request, properties)
azure-kusto-data/azure/kusto/data/client.py:323: in _execute
request_headers["Authorization"] = self._aad_helper.acquire_authorization_header()
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <azure.kusto.data.security._AadHelper object at 0x7f13a96324d0>
def acquire_authorization_header(self):
try:
return _get_header_from_dict(self.token_provider.get_token())
except Exception as error:
kwargs = self.token_provider.context()
kwargs["kusto_uri"] = self.kusto_uri
> raise KustoAuthenticationError(self.token_provider.name(), error, **kwargs)
E azure.kusto.data.exceptions.KustoAuthenticationError: KustoAuthenticationError('AzureIdentityTokenProvider', 'ClientAuthenticationError("DefaultAzureCredential failed to retrieve a token from the included credentials.\nAttempted credentials:\n\tEnvironmentCredential: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.\nVisit https://aka.ms/azsdk/python/identity/environmentcredential/troubleshoot to troubleshoot this issue.\n\tWorkloadIdentityCredential: WorkloadIdentityCredential authentication unavailable. The workload options are not fully configured. See the troubleshooting guide for more information: https://aka.ms/azsdk/python/identity/workloadidentitycredential/troubleshoot. Missing required arguments: 'tenant_id', 'client_id', 'token_file_path'.\n\tManagedIdentityCredential: ManagedIdentityCredential authentication unavailable, no response from the IMDS endpoint. invalid_request\n\tSharedTokenCacheCredential: SharedTokenCacheCredential authentication unavailable. No accounts were found in the cache.\n\tVisualStudioCodeCredential: VisualStudioCodeCredential requires the 'azure-identity-broker' package to be installed. You must also ensure you have the Azure Resources extension installed and have signed in to Azure via Visual Studio Code.\n\tAzureCliCredential: ERROR: AADSTS700213: No matching federated identity record found for presented assertion subject 'repo:Azure/azure-kusto-python:pull_request'. Check your federated identity credential Subject, Audience and Issuer against the presented assertion. https://learn.microsoft.com/entra/workload-id/workload-identity-federation Trace ID: 7df80b1f-de01-4505-93a3-d5ac6ff01800 Correlation ID: 07f58a1a-1630-4f28-8458-3789bd32b268 Timestamp: 2025-08-13 07:22:43Z\nInteractive authentication is needed. Please run:\naz login\n\n\tAzurePowerShellCredential: Az.Account module >= 2.2.0 is not installed\n\tAzureDeveloperCliCredential: Azure Developer CLI could not be found. Please visit https://aka.ms/azure-dev for installation instructions and then,once installed, authenticate to your Azure account using 'azd auth login'.\n\tInteractiveBrowserCredential: Failed to open a browser\n\tBrokerCredential: InteractiveBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication.\nTo mitigate this issue, please refer to the troubleshooting guidelines here at https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot.")', '{'credential': <azure.identity._credentials.default.DefaultAzureCredential object at 0x7f13a9216200>, 'kusto_uri': 'https://sdkse2etestppe.westus2.kusto.windows.net'}')
azure-kusto-data/azure/kusto/data/security.py:86: KustoAuthenticationError
Check failure on line 0 in azure-kusto-ingest.tests.test_e2e_ingest.TestE2E
github-actions / Test Results
1 out of 5 runs with error: test_streaming_ingest_from_json_io_streams (azure-kusto-ingest.tests.test_e2e_ingest.TestE2E)
artifacts/Unit Test Results (Python 3.10)/pytest.xml [took 0s]
Raw output
failed on setup with "azure.kusto.data.exceptions.KustoAuthenticationError: KustoAuthenticationError('AzureIdentityTokenProvider', 'ClientAuthenticationError("DefaultAzureCredential failed to retrieve a token from the included credentials.\nAttempted credentials:\n\tEnvironmentCredential: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.\nVisit https://aka.ms/azsdk/python/identity/environmentcredential/troubleshoot to troubleshoot this issue.\n\tWorkloadIdentityCredential: WorkloadIdentityCredential authentication unavailable. The workload options are not fully configured. See the troubleshooting guide for more information: https://aka.ms/azsdk/python/identity/workloadidentitycredential/troubleshoot. Missing required arguments: 'tenant_id', 'client_id', 'token_file_path'.\n\tManagedIdentityCredential: ManagedIdentityCredential authentication unavailable, no response from the IMDS endpoint. invalid_request\n\tSharedTokenCacheCredential: SharedTokenCacheCredential authentication unavailable. No accounts were found in the cache.\n\tVisualStudioCodeCredential: VisualStudioCodeCredential requires the 'azure-identity-broker' package to be installed. You must also ensure you have the Azure Resources extension installed and have signed in to Azure via Visual Studio Code.\n\tAzureCliCredential: ERROR: AADSTS700213: No matching federated identity record found for presented assertion subject 'repo:Azure/azure-kusto-python:pull_request'. Check your federated identity credential Subject, Audience and Issuer against the presented assertion. https://learn.microsoft.com/entra/workload-id/workload-identity-federation Trace ID: 7df80b1f-de01-4505-93a3-d5ac6ff01800 Correlation ID: 07f58a1a-1630-4f28-8458-3789bd32b268 Timestamp: 2025-08-13 07:22:43Z\nInteractive authentication is needed. Please run:\naz login\n\n\tAzurePowerShellCredential: Az.Account module >= 2.2.0 is not installed\n\tAzureDeveloperCliCredential: Azure Developer CLI could not be found. Please visit https://aka.ms/azure-dev for installation instructions and then,once installed, authenticate to your Azure account using 'azd auth login'.\n\tInteractiveBrowserCredential: Failed to open a browser\n\tBrokerCredential: InteractiveBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication.\nTo mitigate this issue, please refer to the troubleshooting guidelines here at https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot.")', '{'credential': <azure.identity._credentials.default.DefaultAzureCredential object at 0x7f13a9216200>, 'kusto_uri': 'https://sdkse2etestppe.westus2.kusto.windows.net'}')"
self = <azure.kusto.data.security._AadHelper object at 0x7f13a96324d0>
def acquire_authorization_header(self):
try:
> return _get_header_from_dict(self.token_provider.get_token())
azure-kusto-data/azure/kusto/data/security.py:82:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
azure-kusto-data/azure/kusto/data/_token_providers.py:164: in get_token
return _get_token()
.venv/lib/python3.10/site-packages/azure/core/tracing/decorator.py:119: in wrapper_use_tracer
return func(*args, **kwargs)
azure-kusto-data/azure/kusto/data/_token_providers.py:161: in _get_token
token = MonitoredActivity.invoke(self._get_token_impl, name_of_span=f"{self.name()}.get_token_impl", tracing_attributes=self.context())
azure-kusto-data/azure/kusto/data/_telemetry.py:116: in invoke
return span()
.venv/lib/python3.10/site-packages/azure/core/tracing/decorator.py:119: in wrapper_use_tracer
return func(*args, **kwargs)
azure-kusto-data/azure/kusto/data/_token_providers.py:677: in _get_token_impl
t = self.credential.get_token(self._scopes[0])
.venv/lib/python3.10/site-packages/azure/identity/_credentials/default.py:336: in get_token
token = super().get_token(*scopes, claims=claims, tenant_id=tenant_id, **kwargs)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <azure.identity._credentials.default.DefaultAzureCredential object at 0x7f13a9216200>
claims = None, tenant_id = None, enable_cae = False
scopes = ('https://kusto.kusto.windows.net/.default',), kwargs = {}
history = [(<azure.identity._credentials.environment.EnvironmentCredential object at 0x7f13a9215d80>, 'EnvironmentCredential aut...458-3789bd32b268 Timestamp: 2025-08-13 07:22:43Z\nInteractive authentication is needed. Please run:\naz login\n"), ...]
credential = <azure.identity._credentials.broker.BrokerCredential object at 0x7f13a9632fb0>
attempts = "\nAttempted credentials:\n\tEnvironmentCredential: EnvironmentCredential authentication unavailable. Environment vari...veBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication."
def get_token(
self,
*scopes: str,
claims: Optional[str] = None,
tenant_id: Optional[str] = None,
enable_cae: bool = False,
**kwargs: Any,
) -> AccessToken:
"""Request a token from each chained credential, in order, returning the first token received.
If no credential provides a token, raises :class:`azure.core.exceptions.ClientAuthenticationError`
with an error message from each credential.
This method is called automatically by Azure SDK clients.
:param str scopes: desired scopes for the access token. This method requires at least one scope.
For more information about scopes, see
https://learn.microsoft.com/entra/identity-platform/scopes-oidc.
:keyword str claims: additional claims required in the token, such as those returned in a resource provider's
claims challenge following an authorization failure.
:keyword str tenant_id: optional tenant to include in the token request.
:keyword bool enable_cae: indicates whether to enable Continuous Access Evaluation (CAE) for the requested
token. Defaults to False.
:return: An access token with the desired scopes.
:rtype: ~azure.core.credentials.AccessToken
:raises ~azure.core.exceptions.ClientAuthenticationError: no credential in the chain provided a token
"""
within_credential_chain.set(True)
history = []
for credential in self.credentials:
try:
# Prioritize "get_token". Fall back to "get_token_info" if not available.
if hasattr(credential, "get_token"):
token = cast(TokenCredential, credential).get_token(
*scopes, claims=claims, tenant_id=tenant_id, enable_cae=enable_cae, **kwargs
)
else:
options: TokenRequestOptions = {}
if claims:
options["claims"] = claims
if tenant_id:
options["tenant_id"] = tenant_id
options["enable_cae"] = enable_cae
token_info = cast(SupportsTokenInfo, credential).get_token_info(*scopes, options=options)
token = AccessToken(token_info.token, token_info.expires_on)
_LOGGER.info("%s acquired a token from %s", self.__class__.__name__, credential.__class__.__name__)
self._successful_credential = credential
within_credential_chain.set(False)
return token
except CredentialUnavailableError as ex:
# credential didn't attempt authentication because it lacks required data or state -> continue
history.append((credential, ex.message))
except Exception as ex: # pylint: disable=broad-except
# credential failed to authenticate, or something unexpectedly raised -> break
history.append((credential, str(ex)))
_LOGGER.debug(
'%s.get_token failed: %s raised unexpected error "%s"',
self.__class__.__name__,
credential.__class__.__name__,
ex,
exc_info=True,
)
break
within_credential_chain.set(False)
attempts = _get_error_message(history)
message = (
self.__class__.__name__
+ " failed to retrieve a token from the included credentials."
+ attempts
+ "\nTo mitigate this issue, please refer to the troubleshooting guidelines here at "
"https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot."
)
_LOGGER.warning(message)
> raise ClientAuthenticationError(message=message)
E azure.core.exceptions.ClientAuthenticationError: DefaultAzureCredential failed to retrieve a token from the included credentials.
E Attempted credentials:
E EnvironmentCredential: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.
E Visit https://aka.ms/azsdk/python/identity/environmentcredential/troubleshoot to troubleshoot this issue.
E WorkloadIdentityCredential: WorkloadIdentityCredential authentication unavailable. The workload options are not fully configured. See the troubleshooting guide for more information: https://aka.ms/azsdk/python/identity/workloadidentitycredential/troubleshoot. Missing required arguments: 'tenant_id', 'client_id', 'token_file_path'.
E ManagedIdentityCredential: ManagedIdentityCredential authentication unavailable, no response from the IMDS endpoint. invalid_request
E SharedTokenCacheCredential: SharedTokenCacheCredential authentication unavailable. No accounts were found in the cache.
E VisualStudioCodeCredential: VisualStudioCodeCredential requires the 'azure-identity-broker' package to be installed. You must also ensure you have the Azure Resources extension installed and have signed in to Azure via Visual Studio Code.
E AzureCliCredential: ERROR: AADSTS700213: No matching federated identity record found for presented assertion subject 'repo:Azure/azure-kusto-python:pull_request'. Check your federated identity credential Subject, Audience and Issuer against the presented assertion. https://learn.microsoft.com/entra/workload-id/workload-identity-federation Trace ID: 7df80b1f-de01-4505-93a3-d5ac6ff01800 Correlation ID: 07f58a1a-1630-4f28-8458-3789bd32b268 Timestamp: 2025-08-13 07:22:43Z
E Interactive authentication is needed. Please run:
E az login
E
E AzurePowerShellCredential: Az.Account module >= 2.2.0 is not installed
E AzureDeveloperCliCredential: Azure Developer CLI could not be found. Please visit https://aka.ms/azure-dev for installation instructions and then,once installed, authenticate to your Azure account using 'azd auth login'.
E InteractiveBrowserCredential: Failed to open a browser
E BrokerCredential: InteractiveBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication.
E To mitigate this issue, please refer to the troubleshooting guidelines here at https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot.
.venv/lib/python3.10/site-packages/azure/identity/_credentials/chained.py:159: ClientAuthenticationError
During handling of the above exception, another exception occurred:
cls = <class 'azure-kusto-ingest.tests.test_e2e_ingest.TestE2E'>
@classmethod
def setup_class(cls):
# DM CS can be composed from engine CS
cls.engine_cs = get_env("ENGINE_CONNECTION_STRING")
cls.dm_cs = get_env("DM_CONNECTION_STRING", default=cls.engine_cs.replace("//", "//ingest-"))
# Called to set the env variables for the default azure credentials
prepare_app_key_auth(optional=True)
cls.test_db = get_env("TEST_DATABASE")
cls.test_blob = get_env("TEST_BLOB", optional=True)
cls.cred = lambda: DefaultAzureCredential(exclude_interactive_browser_credential=False)
# Async credentials don't support interactive browser authentication for now, so until they do, we'll use the sync default credential for async tests
cls.async_cred = lambda: DefaultAzureCredential(exclude_interactive_browser_credential=False)
# Init clients
python_version = "_".join([str(v) for v in sys.version_info[:3]])
cls.test_table = "python_test_{0}_{1}_{2}".format(python_version, str(int(time.time())), random.randint(1, 100000))
cls.client = KustoClient(cls.engine_kcsb_from_env())
cls.ingest_client = QueuedIngestClient(cls.dm_kcsb_from_env())
cls.streaming_ingest_client = KustoStreamingIngestClient(cls.engine_kcsb_from_env())
cls.managed_streaming_ingest_client = ManagedStreamingIngestClient(cls.engine_kcsb_from_env(), cls.dm_kcsb_from_env())
cls.input_folder_path = cls.get_file_path()
cls.csv_file_path = os.path.join(cls.input_folder_path, "dataset.csv")
cls.tsv_file_path = os.path.join(cls.input_folder_path, "dataset.tsv")
cls.zipped_csv_file_path = os.path.join(cls.input_folder_path, "dataset.csv.gz")
cls.json_file_path = os.path.join(cls.input_folder_path, "dataset.json")
cls.zipped_json_file_path = os.path.join(cls.input_folder_path, "dataset.jsonz.gz")
cls.current_count = 0
> cls.client.execute(
cls.test_db,
f".create table {cls.test_table} (rownumber: int, rowguid: string, xdouble: real, xfloat: real, xbool: bool, xint16: int, xint32: int, xint64: long, xuint8: long, xuint16: long, xuint32: long, xuint64: long, xdate: datetime, xsmalltext: string, xtext: string, xnumberAsText: string, xtime: timespan, xtextWithNulls: string, xdynamicWithNulls: dynamic)",
)
azure-kusto-ingest/tests/test_e2e_ingest.py:206:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
azure-kusto-data/azure/kusto/data/client.py:163: in execute
return self.execute_mgmt(database, query, properties)
.venv/lib/python3.10/site-packages/azure/core/tracing/decorator.py:119: in wrapper_use_tracer
return func(*args, **kwargs)
azure-kusto-data/azure/kusto/data/client.py:214: in execute_mgmt
return self._execute(self._mgmt_endpoint, request, properties)
azure-kusto-data/azure/kusto/data/client.py:323: in _execute
request_headers["Authorization"] = self._aad_helper.acquire_authorization_header()
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <azure.kusto.data.security._AadHelper object at 0x7f13a96324d0>
def acquire_authorization_header(self):
try:
return _get_header_from_dict(self.token_provider.get_token())
except Exception as error:
kwargs = self.token_provider.context()
kwargs["kusto_uri"] = self.kusto_uri
> raise KustoAuthenticationError(self.token_provider.name(), error, **kwargs)
E azure.kusto.data.exceptions.KustoAuthenticationError: KustoAuthenticationError('AzureIdentityTokenProvider', 'ClientAuthenticationError("DefaultAzureCredential failed to retrieve a token from the included credentials.\nAttempted credentials:\n\tEnvironmentCredential: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.\nVisit https://aka.ms/azsdk/python/identity/environmentcredential/troubleshoot to troubleshoot this issue.\n\tWorkloadIdentityCredential: WorkloadIdentityCredential authentication unavailable. The workload options are not fully configured. See the troubleshooting guide for more information: https://aka.ms/azsdk/python/identity/workloadidentitycredential/troubleshoot. Missing required arguments: 'tenant_id', 'client_id', 'token_file_path'.\n\tManagedIdentityCredential: ManagedIdentityCredential authentication unavailable, no response from the IMDS endpoint. invalid_request\n\tSharedTokenCacheCredential: SharedTokenCacheCredential authentication unavailable. No accounts were found in the cache.\n\tVisualStudioCodeCredential: VisualStudioCodeCredential requires the 'azure-identity-broker' package to be installed. You must also ensure you have the Azure Resources extension installed and have signed in to Azure via Visual Studio Code.\n\tAzureCliCredential: ERROR: AADSTS700213: No matching federated identity record found for presented assertion subject 'repo:Azure/azure-kusto-python:pull_request'. Check your federated identity credential Subject, Audience and Issuer against the presented assertion. https://learn.microsoft.com/entra/workload-id/workload-identity-federation Trace ID: 7df80b1f-de01-4505-93a3-d5ac6ff01800 Correlation ID: 07f58a1a-1630-4f28-8458-3789bd32b268 Timestamp: 2025-08-13 07:22:43Z\nInteractive authentication is needed. Please run:\naz login\n\n\tAzurePowerShellCredential: Az.Account module >= 2.2.0 is not installed\n\tAzureDeveloperCliCredential: Azure Developer CLI could not be found. Please visit https://aka.ms/azure-dev for installation instructions and then,once installed, authenticate to your Azure account using 'azd auth login'.\n\tInteractiveBrowserCredential: Failed to open a browser\n\tBrokerCredential: InteractiveBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication.\nTo mitigate this issue, please refer to the troubleshooting guidelines here at https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot.")', '{'credential': <azure.identity._credentials.default.DefaultAzureCredential object at 0x7f13a9216200>, 'kusto_uri': 'https://sdkse2etestppe.westus2.kusto.windows.net'}')
azure-kusto-data/azure/kusto/data/security.py:86: KustoAuthenticationError
Check failure on line 0 in azure-kusto-ingest.tests.test_e2e_ingest.TestE2E
github-actions / Test Results
1 out of 5 runs with error: test_streaming_ingest_from_dataframe (azure-kusto-ingest.tests.test_e2e_ingest.TestE2E)
artifacts/Unit Test Results (Python 3.10)/pytest.xml [took 0s]
Raw output
failed on setup with "azure.kusto.data.exceptions.KustoAuthenticationError: KustoAuthenticationError('AzureIdentityTokenProvider', 'ClientAuthenticationError("DefaultAzureCredential failed to retrieve a token from the included credentials.\nAttempted credentials:\n\tEnvironmentCredential: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.\nVisit https://aka.ms/azsdk/python/identity/environmentcredential/troubleshoot to troubleshoot this issue.\n\tWorkloadIdentityCredential: WorkloadIdentityCredential authentication unavailable. The workload options are not fully configured. See the troubleshooting guide for more information: https://aka.ms/azsdk/python/identity/workloadidentitycredential/troubleshoot. Missing required arguments: 'tenant_id', 'client_id', 'token_file_path'.\n\tManagedIdentityCredential: ManagedIdentityCredential authentication unavailable, no response from the IMDS endpoint. invalid_request\n\tSharedTokenCacheCredential: SharedTokenCacheCredential authentication unavailable. No accounts were found in the cache.\n\tVisualStudioCodeCredential: VisualStudioCodeCredential requires the 'azure-identity-broker' package to be installed. You must also ensure you have the Azure Resources extension installed and have signed in to Azure via Visual Studio Code.\n\tAzureCliCredential: ERROR: AADSTS700213: No matching federated identity record found for presented assertion subject 'repo:Azure/azure-kusto-python:pull_request'. Check your federated identity credential Subject, Audience and Issuer against the presented assertion. https://learn.microsoft.com/entra/workload-id/workload-identity-federation Trace ID: 7df80b1f-de01-4505-93a3-d5ac6ff01800 Correlation ID: 07f58a1a-1630-4f28-8458-3789bd32b268 Timestamp: 2025-08-13 07:22:43Z\nInteractive authentication is needed. Please run:\naz login\n\n\tAzurePowerShellCredential: Az.Account module >= 2.2.0 is not installed\n\tAzureDeveloperCliCredential: Azure Developer CLI could not be found. Please visit https://aka.ms/azure-dev for installation instructions and then,once installed, authenticate to your Azure account using 'azd auth login'.\n\tInteractiveBrowserCredential: Failed to open a browser\n\tBrokerCredential: InteractiveBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication.\nTo mitigate this issue, please refer to the troubleshooting guidelines here at https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot.")', '{'credential': <azure.identity._credentials.default.DefaultAzureCredential object at 0x7f13a9216200>, 'kusto_uri': 'https://sdkse2etestppe.westus2.kusto.windows.net'}')"
self = <azure.kusto.data.security._AadHelper object at 0x7f13a96324d0>
def acquire_authorization_header(self):
try:
> return _get_header_from_dict(self.token_provider.get_token())
azure-kusto-data/azure/kusto/data/security.py:82:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
azure-kusto-data/azure/kusto/data/_token_providers.py:164: in get_token
return _get_token()
.venv/lib/python3.10/site-packages/azure/core/tracing/decorator.py:119: in wrapper_use_tracer
return func(*args, **kwargs)
azure-kusto-data/azure/kusto/data/_token_providers.py:161: in _get_token
token = MonitoredActivity.invoke(self._get_token_impl, name_of_span=f"{self.name()}.get_token_impl", tracing_attributes=self.context())
azure-kusto-data/azure/kusto/data/_telemetry.py:116: in invoke
return span()
.venv/lib/python3.10/site-packages/azure/core/tracing/decorator.py:119: in wrapper_use_tracer
return func(*args, **kwargs)
azure-kusto-data/azure/kusto/data/_token_providers.py:677: in _get_token_impl
t = self.credential.get_token(self._scopes[0])
.venv/lib/python3.10/site-packages/azure/identity/_credentials/default.py:336: in get_token
token = super().get_token(*scopes, claims=claims, tenant_id=tenant_id, **kwargs)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <azure.identity._credentials.default.DefaultAzureCredential object at 0x7f13a9216200>
claims = None, tenant_id = None, enable_cae = False
scopes = ('https://kusto.kusto.windows.net/.default',), kwargs = {}
history = [(<azure.identity._credentials.environment.EnvironmentCredential object at 0x7f13a9215d80>, 'EnvironmentCredential aut...458-3789bd32b268 Timestamp: 2025-08-13 07:22:43Z\nInteractive authentication is needed. Please run:\naz login\n"), ...]
credential = <azure.identity._credentials.broker.BrokerCredential object at 0x7f13a9632fb0>
attempts = "\nAttempted credentials:\n\tEnvironmentCredential: EnvironmentCredential authentication unavailable. Environment vari...veBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication."
def get_token(
self,
*scopes: str,
claims: Optional[str] = None,
tenant_id: Optional[str] = None,
enable_cae: bool = False,
**kwargs: Any,
) -> AccessToken:
"""Request a token from each chained credential, in order, returning the first token received.
If no credential provides a token, raises :class:`azure.core.exceptions.ClientAuthenticationError`
with an error message from each credential.
This method is called automatically by Azure SDK clients.
:param str scopes: desired scopes for the access token. This method requires at least one scope.
For more information about scopes, see
https://learn.microsoft.com/entra/identity-platform/scopes-oidc.
:keyword str claims: additional claims required in the token, such as those returned in a resource provider's
claims challenge following an authorization failure.
:keyword str tenant_id: optional tenant to include in the token request.
:keyword bool enable_cae: indicates whether to enable Continuous Access Evaluation (CAE) for the requested
token. Defaults to False.
:return: An access token with the desired scopes.
:rtype: ~azure.core.credentials.AccessToken
:raises ~azure.core.exceptions.ClientAuthenticationError: no credential in the chain provided a token
"""
within_credential_chain.set(True)
history = []
for credential in self.credentials:
try:
# Prioritize "get_token". Fall back to "get_token_info" if not available.
if hasattr(credential, "get_token"):
token = cast(TokenCredential, credential).get_token(
*scopes, claims=claims, tenant_id=tenant_id, enable_cae=enable_cae, **kwargs
)
else:
options: TokenRequestOptions = {}
if claims:
options["claims"] = claims
if tenant_id:
options["tenant_id"] = tenant_id
options["enable_cae"] = enable_cae
token_info = cast(SupportsTokenInfo, credential).get_token_info(*scopes, options=options)
token = AccessToken(token_info.token, token_info.expires_on)
_LOGGER.info("%s acquired a token from %s", self.__class__.__name__, credential.__class__.__name__)
self._successful_credential = credential
within_credential_chain.set(False)
return token
except CredentialUnavailableError as ex:
# credential didn't attempt authentication because it lacks required data or state -> continue
history.append((credential, ex.message))
except Exception as ex: # pylint: disable=broad-except
# credential failed to authenticate, or something unexpectedly raised -> break
history.append((credential, str(ex)))
_LOGGER.debug(
'%s.get_token failed: %s raised unexpected error "%s"',
self.__class__.__name__,
credential.__class__.__name__,
ex,
exc_info=True,
)
break
within_credential_chain.set(False)
attempts = _get_error_message(history)
message = (
self.__class__.__name__
+ " failed to retrieve a token from the included credentials."
+ attempts
+ "\nTo mitigate this issue, please refer to the troubleshooting guidelines here at "
"https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot."
)
_LOGGER.warning(message)
> raise ClientAuthenticationError(message=message)
E azure.core.exceptions.ClientAuthenticationError: DefaultAzureCredential failed to retrieve a token from the included credentials.
E Attempted credentials:
E EnvironmentCredential: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.
E Visit https://aka.ms/azsdk/python/identity/environmentcredential/troubleshoot to troubleshoot this issue.
E WorkloadIdentityCredential: WorkloadIdentityCredential authentication unavailable. The workload options are not fully configured. See the troubleshooting guide for more information: https://aka.ms/azsdk/python/identity/workloadidentitycredential/troubleshoot. Missing required arguments: 'tenant_id', 'client_id', 'token_file_path'.
E ManagedIdentityCredential: ManagedIdentityCredential authentication unavailable, no response from the IMDS endpoint. invalid_request
E SharedTokenCacheCredential: SharedTokenCacheCredential authentication unavailable. No accounts were found in the cache.
E VisualStudioCodeCredential: VisualStudioCodeCredential requires the 'azure-identity-broker' package to be installed. You must also ensure you have the Azure Resources extension installed and have signed in to Azure via Visual Studio Code.
E AzureCliCredential: ERROR: AADSTS700213: No matching federated identity record found for presented assertion subject 'repo:Azure/azure-kusto-python:pull_request'. Check your federated identity credential Subject, Audience and Issuer against the presented assertion. https://learn.microsoft.com/entra/workload-id/workload-identity-federation Trace ID: 7df80b1f-de01-4505-93a3-d5ac6ff01800 Correlation ID: 07f58a1a-1630-4f28-8458-3789bd32b268 Timestamp: 2025-08-13 07:22:43Z
E Interactive authentication is needed. Please run:
E az login
E
E AzurePowerShellCredential: Az.Account module >= 2.2.0 is not installed
E AzureDeveloperCliCredential: Azure Developer CLI could not be found. Please visit https://aka.ms/azure-dev for installation instructions and then,once installed, authenticate to your Azure account using 'azd auth login'.
E InteractiveBrowserCredential: Failed to open a browser
E BrokerCredential: InteractiveBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication.
E To mitigate this issue, please refer to the troubleshooting guidelines here at https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot.
.venv/lib/python3.10/site-packages/azure/identity/_credentials/chained.py:159: ClientAuthenticationError
During handling of the above exception, another exception occurred:
cls = <class 'azure-kusto-ingest.tests.test_e2e_ingest.TestE2E'>
@classmethod
def setup_class(cls):
# DM CS can be composed from engine CS
cls.engine_cs = get_env("ENGINE_CONNECTION_STRING")
cls.dm_cs = get_env("DM_CONNECTION_STRING", default=cls.engine_cs.replace("//", "//ingest-"))
# Called to set the env variables for the default azure credentials
prepare_app_key_auth(optional=True)
cls.test_db = get_env("TEST_DATABASE")
cls.test_blob = get_env("TEST_BLOB", optional=True)
cls.cred = lambda: DefaultAzureCredential(exclude_interactive_browser_credential=False)
# Async credentials don't support interactive browser authentication for now, so until they do, we'll use the sync default credential for async tests
cls.async_cred = lambda: DefaultAzureCredential(exclude_interactive_browser_credential=False)
# Init clients
python_version = "_".join([str(v) for v in sys.version_info[:3]])
cls.test_table = "python_test_{0}_{1}_{2}".format(python_version, str(int(time.time())), random.randint(1, 100000))
cls.client = KustoClient(cls.engine_kcsb_from_env())
cls.ingest_client = QueuedIngestClient(cls.dm_kcsb_from_env())
cls.streaming_ingest_client = KustoStreamingIngestClient(cls.engine_kcsb_from_env())
cls.managed_streaming_ingest_client = ManagedStreamingIngestClient(cls.engine_kcsb_from_env(), cls.dm_kcsb_from_env())
cls.input_folder_path = cls.get_file_path()
cls.csv_file_path = os.path.join(cls.input_folder_path, "dataset.csv")
cls.tsv_file_path = os.path.join(cls.input_folder_path, "dataset.tsv")
cls.zipped_csv_file_path = os.path.join(cls.input_folder_path, "dataset.csv.gz")
cls.json_file_path = os.path.join(cls.input_folder_path, "dataset.json")
cls.zipped_json_file_path = os.path.join(cls.input_folder_path, "dataset.jsonz.gz")
cls.current_count = 0
> cls.client.execute(
cls.test_db,
f".create table {cls.test_table} (rownumber: int, rowguid: string, xdouble: real, xfloat: real, xbool: bool, xint16: int, xint32: int, xint64: long, xuint8: long, xuint16: long, xuint32: long, xuint64: long, xdate: datetime, xsmalltext: string, xtext: string, xnumberAsText: string, xtime: timespan, xtextWithNulls: string, xdynamicWithNulls: dynamic)",
)
azure-kusto-ingest/tests/test_e2e_ingest.py:206:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
azure-kusto-data/azure/kusto/data/client.py:163: in execute
return self.execute_mgmt(database, query, properties)
.venv/lib/python3.10/site-packages/azure/core/tracing/decorator.py:119: in wrapper_use_tracer
return func(*args, **kwargs)
azure-kusto-data/azure/kusto/data/client.py:214: in execute_mgmt
return self._execute(self._mgmt_endpoint, request, properties)
azure-kusto-data/azure/kusto/data/client.py:323: in _execute
request_headers["Authorization"] = self._aad_helper.acquire_authorization_header()
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <azure.kusto.data.security._AadHelper object at 0x7f13a96324d0>
def acquire_authorization_header(self):
try:
return _get_header_from_dict(self.token_provider.get_token())
except Exception as error:
kwargs = self.token_provider.context()
kwargs["kusto_uri"] = self.kusto_uri
> raise KustoAuthenticationError(self.token_provider.name(), error, **kwargs)
E azure.kusto.data.exceptions.KustoAuthenticationError: KustoAuthenticationError('AzureIdentityTokenProvider', 'ClientAuthenticationError("DefaultAzureCredential failed to retrieve a token from the included credentials.\nAttempted credentials:\n\tEnvironmentCredential: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.\nVisit https://aka.ms/azsdk/python/identity/environmentcredential/troubleshoot to troubleshoot this issue.\n\tWorkloadIdentityCredential: WorkloadIdentityCredential authentication unavailable. The workload options are not fully configured. See the troubleshooting guide for more information: https://aka.ms/azsdk/python/identity/workloadidentitycredential/troubleshoot. Missing required arguments: 'tenant_id', 'client_id', 'token_file_path'.\n\tManagedIdentityCredential: ManagedIdentityCredential authentication unavailable, no response from the IMDS endpoint. invalid_request\n\tSharedTokenCacheCredential: SharedTokenCacheCredential authentication unavailable. No accounts were found in the cache.\n\tVisualStudioCodeCredential: VisualStudioCodeCredential requires the 'azure-identity-broker' package to be installed. You must also ensure you have the Azure Resources extension installed and have signed in to Azure via Visual Studio Code.\n\tAzureCliCredential: ERROR: AADSTS700213: No matching federated identity record found for presented assertion subject 'repo:Azure/azure-kusto-python:pull_request'. Check your federated identity credential Subject, Audience and Issuer against the presented assertion. https://learn.microsoft.com/entra/workload-id/workload-identity-federation Trace ID: 7df80b1f-de01-4505-93a3-d5ac6ff01800 Correlation ID: 07f58a1a-1630-4f28-8458-3789bd32b268 Timestamp: 2025-08-13 07:22:43Z\nInteractive authentication is needed. Please run:\naz login\n\n\tAzurePowerShellCredential: Az.Account module >= 2.2.0 is not installed\n\tAzureDeveloperCliCredential: Azure Developer CLI could not be found. Please visit https://aka.ms/azure-dev for installation instructions and then,once installed, authenticate to your Azure account using 'azd auth login'.\n\tInteractiveBrowserCredential: Failed to open a browser\n\tBrokerCredential: InteractiveBrowserBrokerCredential unavailable. The 'azure-identity-broker' package is required to use brokered authentication.\nTo mitigate this issue, please refer to the troubleshooting guidelines here at https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot.")', '{'credential': <azure.identity._credentials.default.DefaultAzureCredential object at 0x7f13a9216200>, 'kusto_uri': 'https://sdkse2etestppe.westus2.kusto.windows.net'}')
azure-kusto-data/azure/kusto/data/security.py:86: KustoAuthenticationError
Check warning on line 0 in azure-kusto-ingest.tests.test_status_q
github-actions / Test Results
All 5 runs failed: test_fail (azure-kusto-ingest.tests.test_status_q)
artifacts/Unit Test Results (Python 3.10)/pytest.xml [took 0s]
artifacts/Unit Test Results (Python 3.11)/pytest.xml [took 0s]
artifacts/Unit Test Results (Python 3.12)/pytest.xml [took 0s]
artifacts/Unit Test Results (Python 3.13)/pytest.xml [took 0s]
artifacts/Unit Test Results (Python 3.9)/pytest.xml [took 0s]
Raw output
Exception: This test should not be called.
def test_fail():
> raise Exception("This test should not be called.")
E Exception: This test should not be called.
azure-kusto-ingest/tests/test_status_q.py:86: Exception
Loading