markdown fixes

mrlockstar · mrlockstar · commit f27b65d6deb6 · 2025-12-31T14:54:15.000Z
diff --git a/docs/infrastructure/infra-faq.md b/docs/infrastructure/infra-faq.md
@@ -28,7 +28,7 @@ terraform -chdir=infrastructure/terraform import  -var-file ../environments/${EN
 
 This happens when running terraform commands accessing the state file like [import](#import-into-terraform-state-file), `state list` or `force-unlock`.
 
-```
+```shell
 Failed to load state: blobs.Client#Get: Failure responding to request: StatusCode=403 -- Original Error: autorest/azure: Service returned an error. Status=403 Code="KeyBasedAuthenticationNotPermitted" Message="Key based authentication is not permitted on this storage account.
 ```
 
@@ -44,7 +44,7 @@ ARM_USE_AZUREAD=true terraform force-unlock xxx-yyy
 
 Example:
 
-```
+```shell
 Running Azure CLI Login.
 ...
 Attempting Azure CLI login by using OIDC...
@@ -60,7 +60,7 @@ The managed identity does not exist or Github secrets are not set correctly
 
 Example:
 
-```
+```shell
 Running Azure CLI Login.
 ...
 Attempting Azure CLI login by using OIDC...
@@ -76,7 +76,7 @@ Federated credentials are not configured.
 
 Example:
 
-```
+```shell
 Running Azure CLI Login.
 ...
 Attempting Azure CLI login by using OIDC...
@@ -89,21 +89,21 @@ Give the managed identity Reader role on a subscription (normally Devops)
 
 Examples:
 
-```
+```shell
 ERROR: TF401444: Please sign-in at least once as ***\***\xxx in a web browser to enable access to the service.
 Error: Process completed with exit code 1.
 ```
 
 Or
 
-```
+```shell
 ERROR: TF400813: The user 'xxx' is not authorized to access this resource.
 Error: Process completed with exit code 1.
 ```
 
 Or
 
-```
+```shell
 ERROR: VS800075: The project with id 'vstfs:///Classification/TeamProject/' does not exist, or you do not have permission to access it.
 Error: Process completed with exit code 1.
 ```
@@ -120,7 +120,7 @@ The ADO group must have the "View project-level information" permission.
 
 Example:
 
-```
+```shell
 The pipeline is not valid. Job DeployApp: Step input azureSubscription references service connection lungrc-review which could not be found. The service connection does not exist, has been disabled or has not been authorized for use. For authorization details, refer to https://aka.ms/yamlauthz. Job DeployApp: Step input azureSubscription references service connection lungrc-review which could not be found. The service connection does not exist, has been disabled or has not been authorized for use. For authorization details, refer to https://aka.ms/yamlauthz.
 ```
 
@@ -132,7 +132,7 @@ The Azure service connection lungrc-[environment] is missing
 
 Example:
 
-```
+```shell
 ERROR: {"status":"Failed","error":{"code":"DeploymentFailed","target":"/subscriptions/xxx/providers/Microsoft.Resources/deployments/main","message":"At least one reson failed. Please list deployment operations for details. Please see https://aka.ms/arm-deployment-operations for usage details.","details":[{"code":"RoleAssignmentUpdateNotPermitted","message":"Tenprincipal ID, and scope are not allowed to be updated."},{"code":"RoleAssignmentUpdateNotPermitted","message":"Tenant ID, application ID, principal ID, and scope are not allowed to be updated."},{"cteNotPermitted","message":"Tenant ID, application ID, principal ID, and scope are not allowed to be updated."}]}}
 ```
 
@@ -146,7 +146,7 @@ If you can't find the right scope, follow this process:
 
 - Find the role assignment id. Here: abcd-123
 
-```
+```shell
  ~ Microsoft.Authorization/roleAssignments/abcd-123 [2022-04-01]
     ~ properties.principalId: "xxx" => "[reference('/subscriptions/xxx/resourceGroups/rg-mi-review-uks/providers/Microsoft.ManagedIdentity/userAssignedIdentities/mi-lungrc-ado-review-uks', '2024-11-30').principalId]"
 ```
@@ -160,15 +160,15 @@ If you can't find the right scope, follow this process:
 
 Example:
 
-```
+```shell
 ERROR: {"status":"Failed","error":{"code":"DeploymentFailed","target":"/subscriptions/exxx/providers/Microsoft.Resources/deployments/main","message":"At least one reson failed. Please list deployment operations for details. Please see https://aka.ms/arm-deployment-operations for usage details.","details":[{"code":"PrincipalNotFound","message":"Principal xxx does not exist in the directory xxx. Check that you have the correct principal ID. If you are creating this principal and then immediately assigning a role, this era replication delay. In this case, set the role assignment principalType property to a value, such as ServicePrincipal, User, or Group.  See https://aka.ms/docs-principaltype"}...
 ```
 
 Race condition: the managed identity is not created in time for the resources that depend on it. Solution: rerun the command.
 
 ### The client does not have permission
 
-```
+```shell
 {"code": "InvalidTemplateDeployment", "message": "Deployment failed with multiple errors: 'Authorization failed for template resource 'xxx' of type 'Microsoft.Authorization/roleAssignments'. The client 'xxx' with object id 'xxx' does not have permission to perform action 'Microsoft.Authorization/roleAssignments/write' at scope '/subscriptions/xxx/providers/Microsoft.Authorization/roleAssignments/xxx'...
 ```
 
@@ -205,13 +205,13 @@ When initially creating the terraform; the pipeline will try to create a state f
 
 Example:
 
-```
+```shell
 Failed to get existing workspaces: containers.Client#ListBlobs: Failure sending request: StatusCode=0 -- Original Error: Get "https://salungrcpreprodtfstate.blob.core.windows.net/terraform-state?comp=list&prefix=preprod.tfstateenv%3A&restype=container": dial tcp: lookup salungrcpreprodtfstate.blob.core.windows.net on *.*.*.*:53: no such host
 ```
 
 You can check to see if the blobstorage is accessible via logging into the VDI machine and trying to do an nslookup on the blob storage account: -
 
-```
+```shell
 $ nslookup salungrcpreprodtfstate.blob.core.windows.net
 Server: UnKnown
 Address: _._._._
