CSE seems to not handle some special characters such as # < > when passed as values in commandToExecute

[dkirby-ms]

I have a CSE as part of a Bicep template that is passing a password secret value through protectedSettings -> commandToExecute like such -

properties: {
publisher: 'Microsoft.Compute'
type: 'CustomScriptExtension'
typeHandlerVersion: '1.10'
autoUpgradeMinorVersion: true
settings: {
fileUris: [
uri(templateBaseUrl, 'artifacts/Bootstrap.ps1')
]
commandToExecute: 'powershell.exe -ExecutionPolicy Bypass -File Bootstrap.ps1 -adminUsername ${windowsAdminUsername} -adminPassword ${windowsAdminPassword}

If windowsAdminPassword contains one of # < > then CSE seems to not handle this and truncates the value.

Checking status.0 on a test machine I can see that it correctly holds the value with the special character.

[{"version":"1","timestampUTC":"2023-01-23T21:32:23.1378235Z","status":{"name":"powershell.exe -ExecutionPolicy Bypass -File Bootstrap.ps1 -adminUsername arcdemo -adminPassword vk3jyL!24dCTA1>jYrkor9}]

But when I look at the actual PowerShell script execution I can see the value was truncated when the script is run.

---

Windows PowerShell transcript start
Start time: 20230123212225
Username: WORKGROUP\SYSTEM
RunAs User: WORKGROUP\SYSTEM
Configuration Name:
Machine: HCIBox-Client (Microsoft Windows NT 10.0.20348.0)
Host Application: powershell.exe -ExecutionPolicy Bypass -File Bootstrap.ps1 -adminUsername arcdemo -adminPassword vk3jyL!24dCTA1

Is there a better way in CSE to handle these characters or is this a known issue/limitation?

[dkirby-ms]

I should have submitted this on CSE for Windows. Apologies

[dkirby-ms]

Is there a diff repo for CSE Windows issues? I cant seem to find it.