Fix #10846: Calling az keyvault secret show-deleted --id <value> still says secret_name "can not" be none (#11496)

* Fix #10846

* Fix linter errors

src/azure-cli/HISTORY.rst

@@ -19,6 +19,10 @@ Release History
 
 * [BREAKING CHANGE] Removed --failover-region parameter from manual-failover. Now it will failover to assigned geo-paired secondary region.
 
+**Key Vault**
+
+* Fix #10846: Calling az keyvault secret show-deleted --id <value> still says secret_name "can not" be none
+
 **Network**
 
 * az network list-service-aliases: support list service aliases which can be used for Service Endpoint Policies

src/azure-cli/azure/cli/command_modules/keyvault/_validators.py

@@ -301,19 +301,20 @@ def validate_subnet(cmd, namespace):
 
 
 def validate_vault_id(entity_type):
-
     def _validate(ns):
         from azure.keyvault.key_vault_id import KeyVaultIdentifier
-        name = getattr(ns, entity_type.replace('deleted', '') + '_name', None)
+
+        pure_entity_type = entity_type.replace('deleted', '')
+        name = getattr(ns, pure_entity_type + '_name', None)
         vault = getattr(ns, 'vault_base_url', None)
         identifier = getattr(ns, 'identifier', None)
 
         if identifier:
             ident = KeyVaultIdentifier(uri=identifier, collection=entity_type + 's')
-            setattr(ns, entity_type + '_name', ident.name)
+            setattr(ns, pure_entity_type + '_name', ident.name)
             setattr(ns, 'vault_base_url', ident.vault)
-            if hasattr(ns, entity_type + '_version'):
-                setattr(ns, entity_type + '_version', ident.version)
+            if hasattr(ns, pure_entity_type + '_version'):
+                setattr(ns, pure_entity_type + '_version', ident.version)
         elif not (name and vault):
             raise CLIError('incorrect usage: --id ID | --vault-name VAULT --name NAME [--version VERSION]')
 

src/azure-cli/azure/cli/command_modules/keyvault/tests/latest/test_keyvault_commands.py

@@ -31,7 +31,6 @@ TEST_DIR = os.path.abspath(os.path.join(os.path.abspath(__file__), '..'))
 
 
 def _create_keyvault(test, kwargs, additional_args=None):
-
     # need premium KeyVault to store keys in HSM
     kwargs['add'] = additional_args or ''
     return test.cmd('keyvault create -g {rg} -n {kv} -l {loc} --sku premium {add}')
@@ -257,13 +256,11 @@ class KeyVaultSecretScenarioTest(ScenarioTest):
 
     @ResourceGroupPreparer(name_prefix='cli_test_keyvault_secret')
     def test_keyvault_secret(self, resource_group):
-
         self.kwargs.update({
             'kv': self.create_random_name('cli-test-kevault-', 24),
             'loc': 'westus',
             'sec': 'secret1'
         })
-
         _create_keyvault(self, self.kwargs)
 
         # create a secret
@@ -330,6 +327,25 @@ class KeyVaultSecretScenarioTest(ScenarioTest):
 
         self._test_download_secret()
 
+        # show deleted
+        self.cmd('keyvault update -n {kv} --enable-soft-delete',
+                 checks=self.check('properties.enableSoftDelete', True))
+        if self.is_live:
+            time.sleep(20)
+
+        self.cmd('keyvault secret set --vault-name {kv} -n {sec} --value ABC123',
+                 checks=self.check('value', 'ABC123'))
+        data = self.cmd('keyvault secret delete --vault-name {kv} -n {sec}').get_output_in_json()
+        if self.is_live:
+            time.sleep(20)
+
+        self.kwargs['secret_id'] = data['id']
+        self.kwargs['secret_recovery_id'] = data['recoveryId']
+        self.cmd('keyvault secret show-deleted --id {secret_recovery_id}',
+                 checks=self.check('id', '{secret_id}'))
+        self.cmd('keyvault secret show-deleted --vault-name {kv} -n {sec}',
+                 checks=self.check('id', '{secret_id}'))
+
 
 class KeyVaultCertificateContactsScenarioTest(ScenarioTest):