Comments (8)
Fixed by the PR : #51
from aci-deploy.
Just realized I created dup to #42
Feel free to merge.
from aci-deploy.
The az cli supports two forms of environment variables for azure container instances.
--secure-environment-variables - all variables specified in this block have their values obfuscated in the azure portal so they are not visible and cannot be retrieved via the cli. This functionality is useful for things like passwords.
--environment-variables - all variables specified here have their values visible in the azure portal and cli.
It appears that the github action is grouping both flags together and just treating them all as environment variables.
In the taskparameters.ts file it appears that the two flags are being processed independently, but the processes for both is the same.
private _getEnvironmentVariables(environmentVariables: string, secureEnvironmentVariables: string) {
if(environmentVariables) {
// split on whitespace, but ignore the ones that are enclosed in quotes
let keyValuePairs = environmentVariables.match(/(?:[^\s"]+|"[^"]*")+/g) || [];
keyValuePairs.forEach((pair: string) => {
// value is either wrapped in quotes or not
let pairList = pair.split(/=(?:"(.+)"|(.+))/);
let obj: ContainerInstanceManagementModels.EnvironmentVariable = {
"name": pairList[0],
"value": pairList[1] || pairList[2]
};
this._environmentVariables.push(obj);
})
}
if(secureEnvironmentVariables) {
// split on whitespace, but ignore the ones that are enclosed in quotes
let keyValuePairs = secureEnvironmentVariables.match(/(?:[^\s"]+|"[^"]*")+/g) || [];
keyValuePairs.forEach((pair: string) => {
// value is either wrapped in quotes or not
let pairList = pair.split(/=(?:"(.+)"|(.+))/);
let obj: ContainerInstanceManagementModels.EnvironmentVariable = {
"name": pairList[0],
"value": pairList[1] || pairList[2]
};
this._environmentVariables.push(obj);
})
}
}
from aci-deploy.
This issue is marked need-to-triage for generating issues report.
from aci-deploy.
@prein @dbrooks5 Is there anything that we can help you with?
(Seems like you have figured out something on your own :) )
from aci-deploy.
@kanika1894 @prein @dbrooks5 fix should be to usesecureValue
instead of value
when adding secure environment variables to _environmentVariables
, per the snippet below. I tested this on one of my projects and confirm that secure environment variables are no longer visible in the properties of the the container instance. Also created a PR: #51
Problem code:
aci-deploy/src/taskparameters.ts
Lines 154 to 166 in abb2c5f
Potential fix:
if(secureEnvironmentVariables) {
// split on whitespace, but ignore the ones that are enclosed in quotes
let keyValuePairs = secureEnvironmentVariables.match(/(?:[^\s"]+|"[^"]*")+/g) || [];
keyValuePairs.forEach((pair: string) => {
// value is either wrapped in quotes or not
let pairList = pair.split(/=(?:"(.+)"|(.+))/);
let obj: ContainerInstanceManagementModels.EnvironmentVariable = {
"name": pairList[0],
"secureValue": pairList[1] || pairList[2]
};
this._environmentVariables.push(obj);
})
from aci-deploy.
It is fixed in the source ts file, but not in the lib js file, so when using it in Github actions secure environment variables are still passed on as normal environment variables.
from aci-deploy.
@sroebert yeah, this project needs to be built again (and preferably a new release). More info in #57
from aci-deploy.
Related Issues (20)
- Multi Container Groups HOT 9
- Setting `ip-address` to `Private` causes an error HOT 11
- Container group cannot be updated HOT 9
- secure-environment-variables have visible values in azure portal HOT 11
- Multiple azure-file-volume-share-name and azure-file-volume-mount-path pairs support HOT 3
- Add support for using a configuration file HOT 5
- Make it easier to understand when it takes time to deploy an image HOT 3
- Feature request: In the documentation be more clear that you can/should set CPU/RAM HOT 1
- Start, Stop and Restart container instances HOT 2
- Prophet Model Deployment ERROR HOT 3
- Container App: CI deploy from GitHub failing after transferring ownership HOT 2
- Removing JS from version control HOT 6
- This issue is marked need-to-triage for generating issues report. HOT 2
- Add support for Vnet integration HOT 6
- Upgrade to node16 + stop using the "set-output" command HOT 3
- Azure ACI doesn't restart when log-analytics-workspace-* key/values are set
- How to deal with docker-compose projects?
- Error: Encountered an internal server error. The tracking activity id is '...', correlation id is '...' HOT 3
- Include guidance on .NET 8 deployment
- GitHub Actions Fails to Recognize Successful Azure Container Instances Deployment
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from aci-deploy.