search

Azure / azure-rest-api-specs

The source for REST API specifications for Microsoft Azure.
MIT License
2.61k stars 5.03k forks source link

[Bug] VM extension `settings` property returned by `VirtualMachines.Get` is not Json Object #27146

Open XiaofeiCao opened 9 months ago

XiaofeiCao commented 9 months ago

Originated from IcM: https://portal.microsofticm.com/imp/v3/incidents/incident/449703041/summary

API: https://github.com/Azure/azure-rest-api-specs/blob/main/specification/compute/resource-manager/Microsoft.Compute/ComputeRP/stable/2020-12-01/compute.json#L3226

Response: 

{
  "name": "KeyVaultForLinux",
  "id": "/subscriptions/REDACTED/resourceGroups/rg-xiaofei5/providers/Microsoft.Compute/virtualMachines/test2023122005/extensions/KeyVaultForLinux",
  "type": "Microsoft.Compute/virtualMachines/extensions",
  "location": "eastus",
  "properties": {
    "autoUpgradeMinorVersion": true,
    "provisioningState": "Updating",
    "publisher": "Microsoft.Azure.KeyVault",
    "type": "KeyVaultForLinux",
    "typeHandlerVersion": "1.0",
    "settings": "secretsManagementSettings" // this is not Json
  }
}

This seems to contradict with the swagger definition: https://github.com/Azure/azure-rest-api-specs/blob/main/specification/compute/resource-manager/Microsoft.Compute/ComputeRP/stable/2020-12-01/compute.json#L7774

"settings": {
  "type": "object",
  "description": "Json formatted public settings for the extension."
}

This issue exists on latest 2023-07-01 as well.

TravisCragg-MSFT commented 8 months ago

Hi Xiaofei, to clarify - your issue is that this returns the 'secretsmanagementsettings' and not the JSON value of those setttings?

XiaofeiCao commented 8 months ago

Hi Xiaofei, to clarify - your issue is that this returns the 'secretsmanagementsettings' and not the JSON value of those setttings?

Exactly.

TravisCragg-MSFT commented 1 month ago

@XiaofeiCao Does this happen on other extensions outside of KeyVault? This seems like an encrypted version of the settings so keys are not in plaintext, which makes sense to me.

XiaofeiCao commented 1 month ago

@XiaofeiCao Does this happen on other extensions outside of KeyVault? This seems like an encrypted version of the settings so keys are not in plaintext, which makes sense to me.

Yeah, I've only see this happening for KeyVault extension. The setting value is just "secretsManagementSettings"..

GabstaMSFT commented 1 month ago

@XiaofeiCao we are working on deploying a fix for this, will update this issue once the fix is rolled out.

XiaofeiCao commented 1 month ago

Hi @GabstaMSFT , seems the issue has already been fixed and rolled out :) May I know if it's the fix just for KeyVaultForLinux extension, or all extensions in general?