From 75252d6e80e40151b358c44e8409ddecd6d948e3 Mon Sep 17 00:00:00 2001
From: Dexter Williams <dexterwilliams04@gmail.com>
Date: Wed, 25 Sep 2019 11:09:20 -0500
Subject: [PATCH] update authn app service with keyvault values for acr pull
 (#302)

---
 infra/templates/az-isolated-service-single-region/ase.tf | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/infra/templates/az-isolated-service-single-region/ase.tf b/infra/templates/az-isolated-service-single-region/ase.tf
index aa41464..a7893e0 100644
--- a/infra/templates/az-isolated-service-single-region/ase.tf
+++ b/infra/templates/az-isolated-service-single-region/ase.tf
@@ -89,13 +89,13 @@ module "authn_app_service" {
   service_plan_name                = module.service_plan.service_plan_name
   app_service_name_prefix          = local.auth_svc_name_prefix
   service_plan_resource_group_name = azurerm_resource_group.admin_rg.name
-  vault_uri                        = module.keyvault.keyvault_uri
   app_insights_instrumentation_key = module.app_insights.app_insights_instrumentation_key
   uses_acr                         = true
+  vault_uri                        = module.keyvault.keyvault_uri
   azure_container_registry_name    = module.container_registry.container_registry_name
   docker_registry_server_url       = module.container_registry.container_registry_login_server
-  docker_registry_server_username  = module.container_registry.admin_username
-  docker_registry_server_password  = module.container_registry.admin_password
+  docker_registry_server_username  = module.acr_service_principal_acrpull.service_principal_application_id
+  docker_registry_server_password  = format("@Microsoft.KeyVault(SecretUri=%s)", module.acr_service_principal_password.keyvault_secret_attributes[0].id)
   app_service_config = {
     for target in var.authn_deployment_targets :
     target.app_name => {