Add a useManagedIdentity context to know when to disable storage (#4515)

nturinski · web-flow · commit bbe4c665853b · 2025-05-15T16:07:24.000-07:00
* Try using oauth2 token for storage client

* Update azure utils package

* Add a useManagedIdenttiy context to know when to disable storage

* Bump appservice package

* Add comment
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1412,7 +1412,7 @@
         "@azure/storage-blob": "^12.5.0",
         "@microsoft/vscode-azext-azureappservice": "^3.6.2",
         "@microsoft/vscode-azext-azureappsettings": "^0.2.8",
-        "@microsoft/vscode-azext-azureutils": "^3.3.2",
+        "@microsoft/vscode-azext-azureutils": "^3.3.3",
         "@microsoft/vscode-azext-utils": "^3.1.1",
         "@microsoft/vscode-azureresources-api": "^2.0.4",
         "cross-fetch": "^4.0.0",
diff --git a/src/commands/createFunctionApp/AuthenticationPromptStep.ts b/src/commands/createFunctionApp/AuthenticationPromptStep.ts
@@ -11,14 +11,13 @@ import { localize } from "../../localize";
 import { type IFunctionAppWizardContext } from "./IFunctionAppWizardContext";
 
 export class AuthenticationPromptStep<T extends IFunctionAppWizardContext> extends AzureWizardPromptStep<T> {
-    private _useManagedIdentity: boolean = false;
     public constructor() {
         super();
     }
 
     public async prompt(context: T): Promise<void> {
         const options: IAzureQuickPickOptions = { placeHolder: 'Select resource authentication type', id: `AuthenticationPromptStep` };
-        this._useManagedIdentity = (await context.ui.showQuickPick(this.getQuickPicks(context), options)).label === 'Managed identity';
+        context.useManagedIdentity = (await context.ui.showQuickPick(this.getQuickPicks(context), options)).label === 'Managed identity';
     }
 
     public shouldPrompt(context: T): boolean {
@@ -27,7 +26,7 @@ export class AuthenticationPromptStep<T extends IFunctionAppWizardContext> exten
     }
 
     public async getSubWizard(context: T): Promise<IWizardOptions<T> | undefined> {
-        if (this._useManagedIdentity) {
+        if (context.useManagedIdentity) {
             const promptSteps: AzureWizardPromptStep<T>[] = [];
             const executeSteps: AzureWizardExecuteStep<T>[] = [];
             if (context.advancedCreation) {
diff --git a/src/commands/createFunctionApp/IFunctionAppWizardContext.ts b/src/commands/createFunctionApp/IFunctionAppWizardContext.ts
@@ -25,6 +25,7 @@ export interface IFunctionAppWizardContext extends IAppServiceWizardContext, ICr
     newSiteStack?: FullFunctionAppStack;
     durableStorageType?: DurableBackendValues;
     useFlexConsumptionPlan?: boolean;
+    useManagedIdentity?: boolean;
 
     // Detected local connection string
     hasAzureStorageConnection?: boolean;
diff --git a/src/tree/SubscriptionTreeItem.ts b/src/tree/SubscriptionTreeItem.ts
@@ -4,10 +4,10 @@
  *--------------------------------------------------------------------------------------------*/
 
 import { type Site, type WebSiteManagementClient } from '@azure/arm-appservice';
-import { type IAppServiceWizardContext } from '@microsoft/vscode-azext-azureappservice';
 import { SubscriptionTreeItemBase, uiUtils } from '@microsoft/vscode-azext-azureutils';
 import { AzureWizard, parseError, type AzExtTreeItem, type IActionContext, type ICreateChildImplContext } from '@microsoft/vscode-azext-utils';
 import { type WorkspaceFolder } from 'vscode';
+import { type IFunctionAppWizardContext } from '../commands/createFunctionApp/IFunctionAppWizardContext';
 import { createCreateFunctionAppComponents } from '../commands/createFunctionApp/createCreateFunctionAppComponents';
 import { projectLanguageSetting } from '../constants';
 import { ext } from '../extensionVariables';
@@ -87,7 +87,7 @@ export class SubscriptionTreeItem extends SubscriptionTreeItemBase {
         const registerProvidersTask = registerProviders(context, subscription);
         const { wizardContext, promptSteps, executeSteps } = await createCreateFunctionAppComponents(context, subscription.subscription, language)
         const title: string = localize('functionAppCreatingTitle', 'Create new Function App in Azure');
-        const wizard: AzureWizard<IAppServiceWizardContext> = new AzureWizard(wizardContext, {
+        const wizard: AzureWizard<IFunctionAppWizardContext> = new AzureWizard(wizardContext, {
             promptSteps,
             executeSteps,
             title,
@@ -99,6 +99,9 @@ export class SubscriptionTreeItem extends SubscriptionTreeItemBase {
         // if the providers aren't registered yet, await it here because it is required by this point
         await registerProvidersTask;
         wizardContext.activityTitle = localize('functionAppCreateActivityTitle', 'Create Function App "{0}"', nonNullProp(wizardContext, 'newSiteName'))
+        // only disable shared key access if the user is using a managed identity and a flex consumption plan since other app service plans
+        // and containerized function still rely on connection strings
+        wizardContext.disableSharedKeyAccess = wizardContext.useManagedIdentity && wizardContext.useFlexConsumptionPlan;
         await wizard.execute();
 
         let node: SlotTreeItem | ContainerTreeItem;
