Inconsistent secret validation between portal and cli #28072
Assignees
Labels
Auto-Assign
Auto assign by bot
bug
This issue requires a change to an existing behavior in the product in order to be resolved.
ContainerApp
customer-reported
Issues that are reported by GitHub users external to the Azure organization.
Service Attention
This issue is responsible by Azure service team.
Comments
BenjaminMichaelis
added
the
bug
microsoft-github-policy-service
bot
added
customer-reported
|
Thank you for opening this issue, we will look into it. |
|
@Greedygre, could you please help take a look? |
I will take a look at it. |
|
|
Yes I agree, but if you put in a bad one, like And in this one, a This might be better issue for the portal side of things and I can move it if there is a good place to move it too. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
On portal, the requirements for a secret referenced from the keyvault is the following:
Then on the cli with the same secret name:
Invalid secret name: Must consist of alphanumeric characters or '-', and must start and end with an alphanumeric character (e.g. 'my-name', or '123-abc', regex used for validation is '[a-z0-9]([-a-z0-9]*[a-z0-9])?')I used a secret name of github.clientid .
Related command
az containerapp secret set
Errors
Invalid secret name: Must consist of alphanumeric characters or '-', and must start and end with an alphanumeric character (e.g. 'my-name', or '123-abc', regex used for validation is '[a-z0-9]([-a-z0-9]*[a-z0-9])?')Issue script & Debug output
cli.azure.cli.core.util: Request method: 'POST'
cli.azure.cli.core.util: Request headers:
cli.azure.cli.core.util: 'User-Agent': 'python/3.11.5 (Windows-10-10.0.22621-SP0) AZURECLI/2.55.0 (MSI)'
cli.azure.cli.core.util: 'Accept-Encoding': 'gzip, deflate'
cli.azure.cli.core.util: 'Accept': '/'
cli.azure.cli.core.util: 'Connection': 'keep-alive'
cli.azure.cli.core.util: 'x-ms-client-request-id': '6282f13f-eefa-4036-825b-93ba6ef41405'
cli.azure.cli.core.util: 'CommandName': 'containerapp secret set'
cli.azure.cli.core.util: 'ParameterSetName': '-n -g --secrets --debug'
cli.azure.cli.core.util: 'Authorization': 'Bearer eyJ0eXAiOiJKV...'
cli.azure.cli.core.util: 'Content-Length': '0'
cli.azure.cli.core.util: Request body:
cli.azure.cli.core.util: None
urllib3.connectionpool: Starting new HTTPS connection (1): management.azure.com:443
urllib3.connectionpool: https://management.azure.com:443 "POST /subscriptions/34/resourceGroups/Dev/providers/Microsoft.App/containerApps/dev-ca/listSecrets?api-version=2023-05-01 HTTP/1.1" 200 None
cli.azure.cli.core.util: Response status: 200
cli.azure.cli.core.util: Response headers:
cli.azure.cli.core.util: 'Cache-Control': 'no-cache'
cli.azure.cli.core.util: 'Pragma': 'no-cache'
cli.azure.cli.core.util: 'Transfer-Encoding': 'chunked'
cli.azure.cli.core.util: 'Content-Type': 'application/json; charset=utf-8'
cli.azure.cli.core.util: 'Content-Encoding': 'gzip'
cli.azure.cli.core.util: 'Expires': '-1'
cli.azure.cli.core.util: 'Vary': 'Accept-Encoding,Accept-Encoding'
cli.azure.cli.core.util: 'x-ms-ratelimit-remaining-subscription-writes': '1199'
cli.azure.cli.core.util: 'api-supported-versions': '2022-03-01, 2022-06-01-preview, 2022-10-01, 2022-11-01-preview, 2023-04-01-preview, 2023-05-01, 2023-05-02-preview, 2023-08-01-preview, 2023-11-02-preview'
cli.azure.cli.core.util: 'Server': 'Microsoft-IIS/10.0'
cli.azure.cli.core.util: 'X-Powered-By': 'ASP.NET'
cli.azure.cli.core.util: 'x-ms-request-id': '26ee496a-658a-46bb-9854-c38200ac489e'
cli.azure.cli.core.util: 'x-ms-correlation-request-id': '26ee496a-658a-46bb-9854-c38200ac489e'
cli.azure.cli.core.util: 'x-ms-routing-request-id': 'WESTUS2:20231220T170544Z:26ee496a-658a-46bb-9854-c38200ac489e'
cli.azure.cli.core.util: 'Strict-Transport-Security': 'max-age=31536000; includeSubDomains'
cli.azure.cli.core.util: 'X-Content-Type-Options': 'nosniff'
cli.azure.cli.core.util: 'Date': 'Wed, 20 Dec 2023 17:05:43 GMT'
cli.azure.cli.core.util: Response content:
cli.azure.cli.core.util: {"value":[{"name":"devacrazurecrio-devacr","value":"I8"}]}
cli.azure.cli.core.azclierror: Traceback (most recent call last):
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\knack/cli.py", line 233, in invoke
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 663, in execute
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 726, in _run_jobs_serially
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 718, in _run_job
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/command_modules/containerapp/_client_factory.py", line 28, in _polish_bad_errors
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 697, in _run_job
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/init.py", line 333, in call
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/core/commands/command_operation.py", line 121, in handler
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/command_modules/containerapp/custom.py", line 3114, in set_secrets
File "D:\a_work\1\s\build_scripts\windows\artifacts\cli\Lib\site-packages\azure/cli/command_modules/containerapp/_utils.py", line 392, in parse_secret_flags
azure.cli.core.azclierror.ValidationError: Identityref is missing. Secrets must be in format "= = ..." or "=keyvaultref:keyvaulturl,identityref:indentityId ...".
cli.azure.cli.core.azclierror: Identityref is missing. Secrets must be in format "= = ..." or "=keyvaultref:keyvaulturl,identityref:indentityId ...".
az_command_data_logger: Identityref is missing. Secrets must be in format "= = ..." or "=keyvaultref:keyvaulturl,identityref:indentityId ...".
cli.knack.cli: Event: Cli.PostExecute [<function AzCliLogging.deinit_cmd_metadata_logging at 0x000002EB448960C0>]
az_command_data_logger: exit code: 1
cli.main: Command ran in 3.773 seconds (init: 0.390, invoke: 3.383)
telemetry.main: Begin splitting cli events and extra events, total events: 1
telemetry.client: Accumulated 0 events. Flush the clients.
telemetry.main: Finish splitting cli events and extra events, cli events: 1
telemetry.save: Save telemetry record of length 3566 in cache
telemetry.main: Begin creating telemetry upload process.
telemetry.process: Creating upload process: "C:\Microsoft SDKs\Azure\CLI2\python.exe C:\Microsoft SDKs\Azure\CLI2\Lib\site-packages\azure\cli\telemetry_init_.pyc C:\Users\.azure"
telemetry.process: Return from creating process
telemetry.main: Finish creating telemetry upload process.
Expected behavior
I expected it to match the portal's requirements
Environment Summary
azure-cli 2.55.0
core 2.55.0
telemetry 1.1.0
Dependencies:
msal 1.24.0b2
azure-mgmt-resource 23.1.0b2
Python location 'C:\Microsoft SDKs\Azure\CLI2\python.exe'
Extensions directory 'C:\Users\Users.azure\cliextensions'
Python (Windows) 3.11.5 (tags/v3.11.5:cce6ba9, Aug 24 2023, 14:38:34) [MSC v.1936 64 bit (AMD64)]
Additional context
No response
The text was updated successfully, but these errors were encountered: