Open manojazad opened 1 year ago
Hi @manojazad
I believe this one is related to the pre-flight validation, which is completed by AKS for the value on publicKeys
. This is specifically related to the Resource Provider.
I don't see anything specific in the docs on the referenced page for publicKeys
Etc:
I was able to make it work... using this workaround
instead of below:
which performs the pre-flight validation on the keyData value
ssh: {
publicKeys: [
{
keyData: sshKeyGenScript.properties.outputs.keyinfo.publicKey
}
]
}
I was able to use:
which skips the preflight validation
ssh: {
publicKeys: sshKeyGenScript.properties.outputs.keyInfo.publicKeys
}
I modified the json output to return the array in publicKeys e.g. keyData.
json="{\"keyInfo\":{\"privateKey\":\"$privateKey\",\"publicKeys\":[{\"keyData\":\"$publicKey\"}]}}"
scriptContent: '''
ssh-keygen -f aksCluster -t rsa -C azureuser
privateKey=$(cat aksCluster)
publicKey=$(cat 'aksCluster.pub')
json="{\"keyInfo\":{\"privateKey\":\"$privateKey\",\"publicKeys\":[{\"keyData\":\"$publicKey\"}]}}"
echo "$json" > $AZ_SCRIPTS_OUTPUT_PATH
'''
@brwilkinson - is this a false positive for preflight validation? Meaning preflight incorrectly flagged this (likely because AKS team is not handling Template Language Expressions properly? If so, let's move this to bicep-types-az
and @manojazad, the next step would be to open a support case and so this can be looked at by the AKS team.
@alex-frankel yes, that appears to be correct, just as you suggested 👍
@manojazad please also test the workaround.
Yes, It is working for me as well
@brwilkinson Sorry for bumping in in an "old" issue, but if we're using an sshPublicKeys
resource and reference that as keyData
it will generate the same error. How can the workaround be applied in this scenario?
Example bicep:
resource sshKey 'Microsoft.Compute/sshPublicKeys@2023-03-01' existing = {
name: 'ssh-${name}'
}
resource aksCluster 'Microsoft.ContainerService/managedClusters@2023-03-01' = {
// body omitted to simplify the example
properties: {
linuxProfile: {
adminUsername: 'azureuser'
ssh: {
publicKeys: [
{
keyData: sshKey.properties.publicKey
}
]
}
}
}
}
Facing this same issue while deploying an AKS cluster using Pulumi. Turned out to be a documentation issue related to AKS, refer here: https://github.com/Azure/azure-quickstart-templates/issues/680
Bicep version 0.16.2
Describe the bug I am trying to create an AKS cluster using bicep. I am trying to set up node linux profile using a rsa ssh key pair for authentication. For generating this key pair, I am using deployment script.
I am getting below error
To Reproduce Below Bicep code can be used
Additional context Add any other context about the problem here.