AzureKeyVault task - Fix keyvault name format (#16523) (#16570)

* Add error message in case of invalid key vault name * bump version Co-authored-by: Simona Saitta <simonasaitta@microsoft.com> Co-authored-by: Pavlo Andriiesh <pavlo.andriiesh@gmail.com>
microsoft · Jul 11, 2022 · 3886877 · 3886877
1 parent 5e7bb73
commit 3886877
Show file tree

Hide file tree

Showing 5 changed files with 15 additions and 352 deletions.
diff --git a/Tasks/AzureKeyVaultV2/Strings/resources.resjson/en-US/resources.resjson b/Tasks/AzureKeyVaultV2/Strings/resources.resjson/en-US/resources.resjson
@@ -46,5 +46,6 @@
   "loc.messages.CouldNotFetchAccessTokenforMSIDueToMSINotConfiguredProperlyStatusCode": "Could not fetch access token for Managed Service Principal. Please configure Managed Service Identity (MSI) for virtual machine 'https://aka.ms/azure-msi-docs'. Status code: %s, status message: %s",
   "loc.messages.CouldNotFetchAccessTokenforMSIStatusCode": "Could not fetch access token for Managed Service Principal. Status code: %s, status message: %s",
   "loc.messages.RetryingWithVaultResourceIdFromResponse": "Retrying with vault resource Id reterieved from response : %s",
-  "loc.messages.ExpiredServicePrincipal": "Could not fetch access token for Azure. Verify if the Service Principal used is valid and not expired."
+  "loc.messages.ExpiredServicePrincipal": "Could not fetch access token for Azure. Verify if the Service Principal used is valid and not expired.",
+  "loc.messages.InvalidKeyVaultName": "%s is an invalid KeyVault name."
 }
diff --git a/Tasks/AzureKeyVaultV2/models/KeyVaultTaskParameters.ts b/Tasks/AzureKeyVaultV2/models/KeyVaultTaskParameters.ts
@@ -23,6 +23,9 @@ export class KeyVaultTaskParameters {
         var connectedService = tl.getInput("ConnectedServiceName", true);
         this.subscriptionId = tl.getEndpointDataParameter(connectedService, "SubscriptionId", true);
         this.keyVaultName = tl.getInput("KeyVaultName", true);
+        if (this.keyVaultName != encodeURIComponent(this.keyVaultName)){
+            throw new Error(tl.loc("InvalidKeyVaultName", this.keyVaultName));
+        }
         this.secretsFilter = tl.getDelimitedInput("SecretsFilter", ",", true);
         var azureKeyVaultDnsSuffix = tl.getEndpointDataParameter(connectedService, "AzureKeyVaultDnsSuffix", true);
         if (!azureKeyVaultDnsSuffix) {

diff --git a/Tasks/AzureKeyVaultV2/npm-shrinkwrap.json b/Tasks/AzureKeyVaultV2/npm-shrinkwrap.json
diff --git a/Tasks/AzureKeyVaultV2/task.json b/Tasks/AzureKeyVaultV2/task.json
@@ -14,7 +14,7 @@
     "author": "Microsoft Corporation",
     "version": {
         "Major": 2,
-        "Minor": 200,
+        "Minor": 207,
         "Patch": 0
     },
     "demands": [],
@@ -118,6 +118,7 @@
         "CouldNotFetchAccessTokenforMSIDueToMSINotConfiguredProperlyStatusCode": "Could not fetch access token for Managed Service Principal. Please configure Managed Service Identity (MSI) for virtual machine 'https://aka.ms/azure-msi-docs'. Status code: %s, status message: %s",
         "CouldNotFetchAccessTokenforMSIStatusCode": "Could not fetch access token for Managed Service Principal. Status code: %s, status message: %s",
         "RetryingWithVaultResourceIdFromResponse": "Retrying with vault resource Id reterieved from response : %s",
-        "ExpiredServicePrincipal": "Could not fetch access token for Azure. Verify if the Service Principal used is valid and not expired."
+        "ExpiredServicePrincipal": "Could not fetch access token for Azure. Verify if the Service Principal used is valid and not expired.",
+        "InvalidKeyVaultName": "%s is an invalid KeyVault name."
     }
 }