search

Azure / PSRule.Rules.Azure

Rules to validate Azure resources and infrastructure as code (IaC) using PSRule.
https://azure.github.io/PSRule.Rules.Azure/
MIT License
389 stars 84 forks source link

Templates using Secure parameters are missing the rendered placeholder value #1687

Closed ms-sambell closed 1 year ago

ms-sambell commented 1 year ago

Description of the issue

When rendering a template that uses a secure parameter the PSRule engine should convert the secureString parameter into a placeholder value. This isn't happening right now, the value is being added in clear text.

To Reproduce

Steps to reproduce the issue:

  1. Export the tests for a template that uses secure parameters.
  2. Check the output directory.
  3. Check the secureParameter to see if it's been overridden with the placeholder.

Expected behavior

The variable should be set with a default value.

Module in use and version:

Captured output from $PSVersionTable:

Name                           Value
----                           -----
PSVersion                      7.3.0-preview.6
PSEdition                      Core
GitCommitId                    7.3.0-preview.6
OS                             Microsoft Windows 10.0.22000
Platform                       Win32NT
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1
WSManStackVersion              3.0
ms-sambell commented 1 year ago

We determined that this isn't an issue.

The problem was that the code is doing the secret replacement on parameters that use a keyvault reference. Which is all secure parameter types. So initially I wasn't setting the secret parameter correct.