This is autogenerated. Please review and update as needed.
Describe the bug
Command Name
az ad app credential reset
Errors:
Command returns an exit code -1 despite of the fact it ran successfully and did what it was supposed to do resulting in terminating error.
To Reproduce:
Steps to reproduce the behavior. Note that argument values have been redacted, as they may contain sensitive information.
- Set up needed variables and all resources needed to use such as Key Vault, certificate in KV, Service Principal or app registration etc
- Code to run:
$newCert = $null
$retryCount = 0
while ($null -eq $newCert -and $retryCount -le 1)
{
$newCert = (az ad app credential reset --id $applicationId --cert $certificateName --keyvault $keyVaultName --years 99 2>$logFilePath) | ConvertFrom-Json
if ($LASTEXITCODE -ne 0)
{
Write-Output $LASTEXITCODE
Write-Warning "$(Get-Content $logFilePath)"
$retryCount++
Start-Sleep -Seconds 5
}
}
if ($null -eq $newCert)
{
Write-Warning "Certificate $certificateName has not been applied to SPN $($servicePrincipal.displayName)!"
Write-Output "--------------------------"
continue
}
2022-06-14T09:16:48.8902397Z Applying certificate to <sensitive>...
2022-06-14T09:16:51.0174300Z -1
2022-06-14T09:16:51.1133841Z WARNING:
2022-06-14T09:16:56.1168297Z Applying certificate to <sensitive>...
2022-06-14T09:16:58.2848774Z -1
2022-06-14T09:16:58.3644079Z WARNING:
2022-06-14T09:17:03.3676186Z WARNING: Certificate <sensitive> has not been applied to SPN <sensitive>!
- Command ran successfully, checked with:
$keyId = @((az ad app show --id $applicationId | ConvertFrom-Json).keyCredentials.customKeyIdentifier)
$certHex = (az keyvault certificate show -n $certificateName --vault-name $keyVaultName 2>$null | ConvertFrom-Json).x509ThumbprintHex
if ($keyId[0] -match $certHex)
...
Expected Behavior
Expected behavior would be to return an exit code 0.
Environment Summary
Azure Pipelines Agent (Hosted)
windows-latest
Azure CLI v2 task with PowerShell (not core)
Additional Context
I wanted to run a stage in classic release pipeline which consists of 3 scripts, first is irrelevant to the issue, second (Azure PowerShell task) creates a new certificate in Key Vault for each app registration found in Get-AzADApplication, third (which the issue is about) applies each certificate from Key Vault, created in second script, to appropriate app registration found in az ad app list --all. Unfortunately az ad app credential reset with --cert argument returns exit code -1 despite of the fact that certificate has been applied successfully (I've compared thumbprints of certificates and these are the same).
This pipeline has been working fine on Azure CLI 2.0.36, now I had to refactor error handlers to stop using $LASTEXITCODE since it doesn't work as it should.
This is autogenerated. Please review and update as needed.
Describe the bug
Command Name
az ad app credential resetErrors:
Command returns an exit code -1 despite of the fact it ran successfully and did what it was supposed to do resulting in terminating error.
To Reproduce:
Steps to reproduce the behavior. Note that argument values have been redacted, as they may contain sensitive information.
Expected Behavior
Expected behavior would be to return an exit code 0.
Environment Summary
Additional Context
I wanted to run a stage in classic release pipeline which consists of 3 scripts, first is irrelevant to the issue, second (Azure PowerShell task) creates a new certificate in Key Vault for each app registration found in
Get-AzADApplication, third (which the issue is about) applies each certificate from Key Vault, created in second script, to appropriate app registration found inaz ad app list --all. Unfortunatelyaz ad app credential resetwith--certargument returns exit code -1 despite of the fact that certificate has been applied successfully (I've compared thumbprints of certificates and these are the same).This pipeline has been working fine on Azure CLI 2.0.36, now I had to refactor error handlers to stop using $LASTEXITCODE since it doesn't work as it should.