I tried this locally:
Code: Select all
;aic
SetVersion 1.2.3.4
SetAzureKeyVaultSecret -asdf-
Build
Code: Select all
;aic
SetVersion 1.2.3.4
SetAzureKeyVaultSecret -asdf-
Build
Code: Select all
SetAzureKeyVaultSecret SecretEnvVarName -secret_is_env_var_name
Are you guys passing the -secret_is_env_var_name switch? This way, the password should not be shown in the log.We are passing the key in as a variable. So our command string is SetAzureKeyVaultSecret %ourvariable%, which is exposing it to the pipeline output.
Could you please try to change the encoding of your .AIC file to UCS-2 LE BOM and let me know if that works?There are '-' characters in the secret and it seems they cause the problem. If I remove them, the build starts (but I'll get an invalid secret key error of course). I had the same locally and in Azure Pipelines.
Code: Select all
SetAzureKeyVaultSecret ENVVAR -secret_is_env_var_name
Code: Select all
SetAzureKeyVaultSecret -secret-with-hyphen-
Code: Select all
SetAzureKeyVaultSecret "-secret-with-hyphen-"
Code: Select all
SetAzureKeyVaultSecret SecretEnvVarName -secret_is_env_var_name
Code: Select all
SetAzureKeyVaultSecret SecretValue