mysqlazure-devopsazure-cli

az mysql flexible-server create creates server that cannot connect into

The command az mysql flexible-server create creates a server in a state that mysql client cannot connect into. This is done in an Azure DevOps pipeline.

Here is the full script:

az mysql flexible-server create --resource-group $resourcegroup \
                       --name $sername \
                       --location $location \
                       --admin-user $adminusername \
                       --admin-password $adminpassword \
                       --sku-name $sku \
                       --version $mysqlversion \
                       --yes \
                       --tags CreatedBy=AzDO

  az mysql flexible-server firewall-rule create --resource-group $resourcegroup \
                                      --name $sername \
                                      --rule-name AllowAllIPs \
                                      --start-ip-address 0.0.0.0 \
                                      --end-ip-address 255.255.255.255 

#THIS LINE WORKS. MEANING SERVER IS CREATED AND THIS COMMAND DOESN'T FAIL
 az mysql flexible-server connect -n $sername -u $adminusername -p $adminpassword -d flexibleserverdb

  #THIS FOLLOWING LINE FAILS WITH CONECTION REFUSED ERROR
  #IDENTICAL SETUP CREATED MANUALLY WORKS
#ANY MYSQL COMMAND FAILS

  mysql --host=$sername.mysql.database.azure.com \
        --user=$adminusername@$sername \
        --password=$adminpassword \
        --execute="DROP DATABASE IF EXISTS flexibleserverdb;"

  mysql --host=$sername.mysql.database.azure.com \
            --user=$adminusername@$sername \
            --password=$adminpassword \
            --ssl-mode=REQUIRED \
            --execute="CREATE DATABASE $dbname;"

and variables as follows: variables: mysqladminusername: 'somenewadmin' mysqladminpassword: 'Password$001$' mysqlserverversion: '8.4' resourcegroup: 'siteweb' sku: 'Standard_B1ms' region: 'CanadaCentral'

The same setup if I create it manually works. Very strange. Thanks in advance.

Solution

  • Testing your scripts in my pipeline I can reproduce the same error ERROR 1045 (28000): Access denied for user *** (using password: YES).

    The cause of the issue is that you are using wrong --user=$adminusername@$sername in your failed commands. Modify it to --user=$adminusername as shown below, then the pipeline will work as expected.

      mysql --host=$sername.mysql.database.azure.com \
        --user=$adminusername \
        --password=$adminpassword \
        --execute="DROP DATABASE IF EXISTS flexibleserverdb;"

  mysql --host=$sername.mysql.database.azure.com \
            --user=$adminusername \
            --password=$adminpassword \
            --ssl-mode=REQUIRED \
            --execute="CREATE DATABASE $dbname;"