Feature Request: Private Bicep Registry

[milkyware]

Hi,

Been using this extension for a couple of months, and it has been really useful so far. I've started to look into using a bicep registry in a private container registry but get failures as the task has no concept of being logged into Azure. Would it be possible to include a parameter for specifying an Azure Subscription to perform an az login and provide access to scanning referenced bicep modules?

Many Thanks Cameron

[sam-cogan]

Hi Cameron, thanks for the request. This seems like a very good idea, I'll take a look at it in the near future.

[tnsholding]

Need this as well. We are having all our bicep modules in a private container registry. When using the old non cross platform task, everything worked, but after switching to this new task, we get an authentication error: Unhandled exception: Azure.Identity.CredentialUnavailableException: The ChainedTokenCredential failed to retrieve a token from the included credentials

[tnsholding]

It seems a workaround for now is to have an AzureCLI@2 task right before the RunARMTTKTestsXPlat@1 task. The AzureCLI@2 will ensure login to Azure, and RunARMTTKTestsXPlat@1 will be able to use that.

[milkyware]

Ahh ok, I'll give that a go for now

[milkyware]

Hi @tnsholding, did you manage to get it working? Below is a snippet from my pipeline from still getting an error around needing to login to access my private bicep registry

I noticed at the end of the AzCli task that the command /usr/bin/az account clear is used

[sam-cogan]

I think I have a working solution for this in the extension, just ironing out some issues and testing, hopefully, have it released in the next few days. It will require you to have the Azure CLI installed on the build agent.

[sam-cogan]

Once your extensions upgraded to 1.1.12 you should see an azureServiceConnection property that can be set to an a service connection to login to.