Microsoft.ContainerRegistry/registries/tokens incremental resource deployment is wiping token passwords
Closed this issue · 2 comments
oleksandr9379992 commented
Bicep version
Bicep CLI version 0.13.1 (e3ac80d678)
Describe the bug
The following bicep code incremental deployment is wiping passwords for the tokens.
targetScope = 'resourceGroup'
param acrTokenName string
param acrScopeMapName string
param acrName string
resource acr 'Microsoft.ContainerRegistry/registries@2021-09-01' existing = {
name: acrName
}
resource adminScopeMap 'Microsoft.ContainerRegistry/registries/scopeMaps@2022-02-01-preview' existing = {
name: acrScopeMapName
parent: acr
}
resource acrAdminUserToken 'Microsoft.ContainerRegistry/registries/tokens@2022-02-01-preview' = {
name: acrTokenName
parent: acr
properties: {
scopeMapId: adminScopeMap.id
}
}
module acrUserTokenAdmin '../modules/acr-token.bicep' = {
scope: resourceGroup(acrRgName)
name: 'acrUserTokenAdmin-${dateTimeToEpoch(dateTimeNow)}'
params: {
acrName: acrName
acrScopeMapName: '_repositories_admin'
acrTokenName: '${acrName}-user-admin'
}
dependsOn: [
acr
]
}
To Reproduce
- Create the token with the code provided above. Any api version.
az deployment sub create
- Open the portal and create password for the token:
- Run the same bicep code again
az deployment sub create
- See that password disappeared.
Additional context
I would expect, that incremental deployments never wipe generated passwords.
terencet-dev commented
Please open a support ticket with our team to investigate as this board is primarily used to provide roadmap updates. If you don’t have any additional questions here, this issue will close in 7 days. Thanks!
terencet-dev commented
Closing as this issue is now inactive for over 7 days. Thanks!