search

Azure-Samples / apim-genai-gateway-toolkit

A repo to accelerate development and testing of GenAI Gateways built with Azure API Management. Includes various capabilities as examples/starters.
MIT License
32 stars 12 forks source link

Remove secrets from bicep deployment outputs #52

Open stuartleeks opened 1 month ago

stuartleeks commented 1 month ago

This issue is for a: (mark with an x)

- [X] bug report -> please search issues before submitting
- [ ] feature request
- [ ] documentation issue or request
- [ ] regression (a behavior that used to work and stopped in a new release)

Minimal steps to reproduce

Deploy the solution and see that the APIM subscription keys are listed in the deployment outputs

Expected/desired behavior

The deployment outputs don't contain secrets

OS and Version?

Windows 7, 8 or 10. Linux (which distribution). macOS (Yosemite? El Capitan? Sierra?)

Versions

Mention any other details that might be useful

The end-to-end test scripts need the subscription keys to run. An alternative approach would be to write the keys to KeyVault and have the scripts pull the values from KeyVault when needed.

stuartleeks commented 2 weeks ago 
/workspaces/apim-genai-gateway-toolkit/infra/apim-genai/modules/apiManagement.bicep(816,67) : Warning outputs-should-not-contain-secrets: Outputs should not contain secrets. Found possible secret: function 'listSecrets' [https://aka.ms/bicep/linter/outputs-should-not-contain-secrets]
/workspaces/apim-genai-gateway-toolkit/infra/apim-genai/modules/apiManagement.bicep(817,67) : Warning outputs-should-not-contain-secrets: Outputs should not contain secrets. Found possible secret: function 'listSecrets' [https://aka.ms/bicep/linter/outputs-should-not-contain-secrets]
/workspaces/apim-genai-gateway-toolkit/infra/apim-genai/modules/apiManagement.bicep(818,69) : Warning outputs-should-not-contain-secrets: Outputs should not contain secrets. Found possible secret: function 'listSecrets' [https://aka.ms/bicep/linter/outputs-should-not-contain-secrets]