Skip to content

Fix: Resolve multiple bugs in setup WorkloadZone in ADO causing silent failures#1011

Open
nnoaman wants to merge 3 commits intoAzure:release/january-2026from
nnoaman:fix/sdaf-ado-workload-zone-bugs
Open

Fix: Resolve multiple bugs in setup WorkloadZone in ADO causing silent failures#1011
nnoaman wants to merge 3 commits intoAzure:release/january-2026from
nnoaman:fix/sdaf-ado-workload-zone-bugs

Conversation

@nnoaman
Copy link
Contributor

@nnoaman nnoaman commented Jan 30, 2026

Summary

Fixes multiple bugs in New-SDAFADOWorkloadZone that caused false success reporting and resources created in wrong projects.

Issues Addressed

  • Variable groups created in wrong Azure DevOps project
  • Service connection creation failing silently
  • Wrong Managed Identity property causing authentication failures

Changes

1. Add Azure DevOps configuration

Files: New-SDAFADOWorkloadZone.ps1, SDAFUtilities.psm1

The function now calls az devops configure --defaults at the beginning to ensure all operations target the correct organization and project. This matches the pattern used in New-SDAFADOProject.

2. Fix Managed Identity Client ID query

Changed .id to .clientId in the az identity list query:

- az identity list --query "[?principalId=='...'].id"
+ az identity list --query "[?principalId=='...'].clientId"

The previous code returned the full ARM resource ID instead of the client ID required for service connection authentication.

3. Add error handling for service connection creation

Added $LASTEXITCODE checks after all az devops service-endpoint commands. The function now properly reports failures instead of displaying false success messages.

  az devops service-endpoint create --service-endpoint-configuration $JsonInputFile --organization $AdoOrganization --project $AdoProject --output none --only-show-errors
+ if ($LASTEXITCODE -ne 0) {
+     Write-Error "Failed to create service connection"
+     throw "Service connection creation failed"
+ }
  Write-Host "Service connection '$ConnectionName' created successfully." -ForegroundColor Green

@nnoaman nnoaman requested a review from Copilot January 30, 2026 20:49
Copilot AI reviewed Jan 30, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR addresses critical bugs in the New-SDAFADOWorkloadZone function that caused silent failures when setting up Azure DevOps workload zones. The changes fix service connection authentication issues and add error handling to prevent false success reporting.

Changes:

  • Added Azure DevOps configuration defaults to ensure operations target the correct organization and project
  • Fixed Managed Identity property query to use clientId instead of id for service connection authentication
  • Added error handling for service connection creation commands to detect and report failures

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 6 comments.

File Description
New-SDAFADOWorkloadZone.ps1 Added az devops configure defaults, fixed managed identity client ID query, and added error handling for service connection creation
New-SDAFADOProject.ps1 Added error handling for service connection creation to match the pattern in New-SDAFADOWorkloadZone
SDAFUtilities.psm1 Compiled module containing the same changes as the source files above

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@nnoaman nnoaman requested a review from Copilot February 6, 2026 15:19
Copilot AI reviewed Feb 6, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 3 out of 3 changed files in this pull request and generated no new comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@nnoaman nnoaman marked this pull request as ready for review February 6, 2026 15:25
@nnoaman nnoaman requested a review from a team as a code owner February 6, 2026 15:25
@nnoaman nnoaman requested review from dhruvmicrosoft and hdamecharla and removed request for a team and dhruvmicrosoft February 6, 2026 15:25
@nnoaman nnoaman linked an issue Feb 6, 2026 that may be closed by this pull request
[BUG] New-SDAFADOWorkloadZone fail while reporting success and use wrong azure devops project to create variable groups #1009
Open
@nnoaman nnoaman mentioned this pull request Feb 6, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@hdamecharla hdamecharla Awaiting requested review from hdamecharla

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[BUG] New-SDAFADOWorkloadZone fail while reporting success and use wrong azure devops project to create variable groups

1 participant

@nnoaman