Skip to content

az group deployment create parameter processing affected by character in sshKey #20054

Open
Open
az group deployment create parameter processing affected by character in sshKey#20054
Assignees
zhoxing-ms
Labels
ARMaz resource/group/lock/tag/deployment/policy/managementapp/account management-groupact-identity-squadcustomer-reportedIssues that are reported by GitHub users external to the Azure organization.feature-request
Milestone
Backlog
@raveenaaa

Description

@raveenaaa
raveenaaa
opened on Oct 26, 2021

Describe the bug
I have an ARM template with certain string parameters, int, and boolean parameters. Among the string parameters is a parameter (sshRSAPublicKey) accepting the contents of the public key file which is generated using ssh-keygen -b 2048 -t rsa command. A special charater in the sshKey throws off the processing of the commandline. As a result, any parameters (template parameters or command parameters) passed after the sshKey aren't being processed by az group deployment create command.

To Reproduce
ARM Template file used:

{
    "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
    "contentVersion": "1.0.0.1",
    "parameters": {
      "clusterName": {
        "type": "string",
        "defaultValue": "aks101cluster",
        "metadata": {
          "description": "The name of the Managed Cluster resource."
        }
      },
      "location": {
        "type": "string",
        "defaultValue": "[resourceGroup().location]",
        "metadata": {
          "description": "The location of the Managed Cluster resource."
        }
      },
      "dnsPrefix": {
        "type": "string",
        "metadata": {
          "description": "Optional DNS prefix to use with hosted Kubernetes API server FQDN."
        },
        "defaultValue": "temporarydns"
      },
      "osDiskSizeGB": {
        "type": "int",
        "defaultValue": 0,
        "minValue": 0,
        "maxValue": 1023,
        "metadata": {
          "description": "Disk size (in GB) to provision for Linux pool nodes. This value ranges from 0 to 1023. Specifying 0 will apply the default disk size for that agentVMSize."
        }
      },
      "osDiskSizeGBWin": {
        "type": "int",
        "defaultValue": 0,
        "minValue": 0,
        "maxValue": 1023,
        "metadata": {
          "description": "Disk size (in GB) to provision for each of the Windows pool nodes. This value ranges from 0 to 1023. Specifying 0 will apply the default disk size for that agentVMSize."
        }
      },
      "agentCountMin": {
        "type": "int",
        "defaultValue": 3,
        "minValue": 1,
        "maxValue": 50,
        "metadata": {
          "description": "The minimum number of Linux nodes for the cluster."
        }
      },
      "agentCountMax": {
        "type": "int",
        "defaultValue": 3,
        "minValue": 1,
        "maxValue": 50,
        "metadata": {
          "description": "The maximum number of Linux nodes for the cluster."
        }
      },
      "agentCountMinWin": {
        "type": "int",
        "defaultValue": 0,
        "minValue": 0,
        "maxValue": 50,
        "metadata": {
          "description": "The minimum number of Windows nodes for the cluster."
        }
      },
      "agentCountMaxWin": {
        "type": "int",
        "defaultValue": 0,
        "minValue": 0,
        "maxValue": 50,
        "metadata": {
          "description": "The maxium number of Windows nodes for the cluster."
        }
      },
      "agentVMSize": {
        "type": "string",
        "defaultValue": "Standard_D4s_v3",
        "metadata": {
          "description": "The size of the Virtual Machine."
        }
      },
      "agentVmSizeWin": {
        "type": "string",
        "defaultValue": "Standard_D4s_v3",
        "metadata": {
          "description": "The size of the Virtual Machine for Windows."
        }
      },
      "linuxAdminUsername": {
        "type": "string",
        "metadata": {
          "description": "User name for the Linux Virtual Machines."
        }
      },
      "windowsAdminUsername": {
        "type": "string",
        "defaultValue":"locustuser",
        "metadata": {
          "description": "User name for the Linux Virtual Machines."
        }
      },
      "windowsAdminPassword": {
        "type": "securestring",
        "metadata": {
          "description": "Password for Windows Virtual Machines."
        }
      },
      "sshRSAPublicKey": {
        "type": "string",
        "metadata": {
          "description": "Configure all linux machines with the SSH RSA public key string. Your key should include three parts, for example 'ssh-rsa AAAAB...snip...UcyupgH azureuser@linuxvm'"
        }
      },
      "deployWindows": {
        "type": "bool",
        "defaultValue": false,
        "metadata": {
          "description": "Whether to deploy Windows nodes."
        }
      }
    },
    "variables": {
        "windowsProfile": {
            "adminUsername": "[parameters('windowsAdminUsername')]",
            "adminPassword": "[parameters('windowsAdminPassword')]"
        },
        "linuxAgent": [{
            "name": "agentpool",
            "osDiskSizeGB": "[parameters('osDiskSizeGB')]",
            "vmSize": "[parameters('agentVMSize')]",
            "osType": "Linux",
            "storageProfile": "ManagedDisks",
            "type": "VirtualMachineScaleSets",
            "mode": "System",
            "maxCount": "[parameters('agentCountMax')]",
            "minCount": "[parameters('agentCountMin')]",
            "Count": "[parameters('agentCountMin')]",
            "enableAutoScaling": true
        }],
        "windowsAgent": [{
            "name": "win",
            "osDiskSizeGB": "[parameters('osDiskSizeGBWin')]",
            "vmSize": "[parameters('agentVmSizeWin')]",
            "osType": "Windows",
            "storageProfile": "ManagedDisks",
            "type": "VirtualMachineScaleSets",
            "mode": "User",
            "enableAutoScaling": true,
            "maxCount": "[parameters('agentCountMaxWin')]",
            "minCount": "[parameters('agentCountMinWin')]",
            "Count": "[parameters('agentCountMinWin')]"
        }],
        "agentPools": "[if(parameters('deployWindows'), union(variables('linuxAgent'),variables('windowsAgent')), variables('linuxAgent'))]"
    },
    "resources": [
      {
        "type": "Microsoft.ContainerService/managedClusters",
        "apiVersion": "2020-03-01",
        "name": "[parameters('clusterName')]",
        "location": "[parameters('location')]",
        "properties": {
          "networkProfile": {
                "networkPlugin": "azure",
                "loadBalancerSku": "Standard",
                "serviceCidr": "10.0.0.0/16",
                "dnsServiceIP": "10.0.0.10",
                "dockerBridgeCidr": "172.17.0.1/16"
          },
          "dnsPrefix": "[parameters('dnsPrefix')]",
          "agentPoolProfiles": "[variables('agentPools')]",
          "linuxProfile": {
            "adminUsername": "[parameters('linuxAdminUsername')]",
            "ssh": {
              "publicKeys": [
                {
                  "keyData": "[parameters('sshRSAPublicKey')]"
                }
              ]
            }
          },
          "windowsProfile":"[if(parameters('deployWindows'), variables('windowsProfile'), json('null'))]",
          "autoScalerProfile": {
          }
        },
        "identity": {
            "type": "SystemAssigned"
        }
      }
    ],
    "outputs": {
      "controlPlaneFQDN": {
        "type": "string",
        "value": "[reference(parameters('clusterName')).fqdn]"
      }
    }
  }

Create a deployment using the following command:

az deployment group create -g $resourceGroup --template-file $templatePath --parameters  location=$location agentCountMin=$linuxNodeCountMin agentCountMax=$linuxNodeCountMax agentCountMinWin=$windowsNodeCountMin agentCountMaxWin=$windowsNodeCountMax agentVMSize=$linuxNodeSKU agentVmSizeWin=$windowsNodeSKU  linuxAdminUsername=$linuxAdminUsername windowsAdminUsername=$windowsAdminUsername dnsPrefix=$clusterName sshRSAPublicKey=$sshKey deployWindows=$deployWindows clusterName=$clusterName

Expected behavior
The parameters after sshRSAPublicKey, should NOT take the defaults and should accept values provided using variables $deployWindows and $clusterName however, these aren't passed to the cli and only default values are taken. Any template and command parameters passed after sshRSAPublicKey are being omitted / not processed.

Environment summary

  • az-cli 2.29.0
  • Powershell Core 7.1.4
  • Windows 10

Additional context
I worked around this issue by ensuring that the last parameter passed to the group deployment command is sshKey to ensure all parameters are being processed.

Metadata

Metadata

Assignees

Labels

ARMaz resource/group/lock/tag/deployment/policy/managementapp/account management-groupact-identity-squadcustomer-reportedIssues that are reported by GitHub users external to the Azure organization.feature-request

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions