Skip to content

az containerapp --yaml fails parsing to json when user assigned identity is included #23307

Open
Open
az containerapp --yaml fails parsing to json when user assigned identity is included#23307
Labels
Auto-AssignAuto assign by botContainer Instancesaz containerContainerAppService AttentionThis issue is responsible by Azure service team.act-observability-squadcustomer-reportedIssues that are reported by GitHub users external to the Azure organization.questionThe issue doesn't require a change to the product in order to be resolved. Most issues start as that
@Garwakizashi

Description

@Garwakizashi
Garwakizashi
opened on Jul 22, 2022

az feedback auto-generates most of the information requested below, as of CLI version 2.0.62

Related command
az containerapp create -n container-name -g resource-group --yaml file.yaml

Describe the bug
Using the yaml specification for creating a containerapp, when user assigned identities are specified, it will always say:
The 'UserAssignedIdentities' property keys should only be empty json objects, null or the resource exisiting property. (actually the response also has a typo exisiting 😄 )

Upon checking running again with --verbose on, it seems the empty json object {}, still get parsed to json as:

"identity": {
        "type": "UserAssigned",
        "userAssignedIdentities": {
            "managed-identity-id": {
                "principalId": null,
                "clientId": null
            }
        },
        "principalId": null,
        "tenantId": null
    }

I understand that the use of identity in the yaml specification isn't actually listed in the documentation, but it seems that it is possible to use it, just that the parsing of empty {} values in yaml creates those null principalId and clientId properties.

To Reproduce

  1. Create a managed identity (managed-identity)
  2. Have a yaml specification file (file.yaml) ready, but also include:
identity:
    type: UserAssigned
    userAssignedIdentities:
      managed-identity-id: {}
  1. Have a resource group ready (example-rg)
  2. Run: az containerapp create -n container-name -g example-rg --yaml file.yaml

Expected behavior
I'd expect the container app to be created with the managed identity assigned to the ACA

Environment summary
My az version: 2.38.0

Additional context

After finding checking out the request body via --verbose, I've tried it myself via rest , and changing the identity value to empty json works.
i.e

"identity": {
        "type": "UserAssigned",
        "userAssignedIdentities": {
            "managed-identity-id": {}
        },
        "principalId": null,
        "tenantId": null
    }

Metadata

Metadata

Assignees

No one assigned

    Labels

    Auto-AssignAuto assign by botContainer Instancesaz containerContainerAppService AttentionThis issue is responsible by Azure service team.act-observability-squadcustomer-reportedIssues that are reported by GitHub users external to the Azure organization.questionThe issue doesn't require a change to the product in order to be resolved. Most issues start as that

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions