Description
Describe the bug
When api policies reference an Environment Variable, the apiproperties.json file downloaded by pac connector download includes the actual value of the Environment Variable, instead of a Reference to the variable. If you then re-upload this file, the resulting connector no longer has environment variable references in configured policies.
To Reproduce
Steps to reproduce the behavior:
- Create an Environment Variable
- Edit a Custom Connector and on the "Definition" tab, choose "new policy" at the very bottom
- Add a policy that uses the "Set HTTP Header" template
- In the "Header value" field, reference the environment variable you created in step 1 in the format @environmentVariables("xyz_logicalnameofthe vairable")
- Save and validate the connector
- execute
pac connector downloadfor the specified connector, then open the downloaded apiproperties.json file - notice in the policyTemplateInstances that the value is the value of the environment variable, not the reference you provided in the user interface
Expected behavior
downloaded properties should retain variable references
Screenshots
If applicable, add screenshots to help explain your problem.
Desktop (please complete the following information):
- OS: Windows 11
- VSCode 1.96.4
- CLI Version: 1.40.4+g8ef3243
Additional context
This is especially problematic because this behavior is occurring for both "regular" Environment Variables, as well as keyvault-connected Environment Variables, so that downloading a connector that has an api policy that references a keyvault-connector Environment Variable effectively ends up dumping the otherwise encrypted secret to plain text.
This particular bug was discovered while putting together the most concise steps for reproducing bug 1152