OctopusDeploy · harrisonmeister · Jan 29, 2026 · Jan 28, 2026
diff --git a/step-templates/azure-create-containerapp-environment.json b/step-templates/azure-create-containerapp-environment.json
@@ -3,13 +3,13 @@
   "Name": "Azure - Create Container App Environment",
   "Description": "Creates a Container App Environment if it doesn't exist.  An output variable called `ManagedEnvironmentId` is created which holds the Id.",
   "ActionType": "Octopus.Script",
-  "Version": 5,
+  "Version": 6,
   "CommunityActionTemplateId": null,
   "Packages": [],
   "Properties": {
     "Octopus.Action.Script.ScriptSource": "Inline",
     "Octopus.Action.Script.Syntax": "PowerShell",
-    "Octopus.Action.Script.ScriptBody": "# Define functions\nfunction Get-ModuleInstalled\n{\n    # Define parameters\n    param(\n        $PowerShellModuleName\n    )\n\n    # Check to see if the module is installed\n    if ($null -ne (Get-Module -ListAvailable -Name $PowerShellModuleName))\n    {\n        # It is installed\n        return $true\n    }\n    else\n    {\n        # Module not installed\n        return $false\n    }\n}\n\nfunction Get-NugetPackageProviderNotInstalled\n{\n\t# See if the nuget package provider has been installed\n    return ($null -eq (Get-PackageProvider -ListAvailable -Name Nuget -ErrorAction SilentlyContinue))\n}\n\nfunction Install-PowerShellModule\n{\n    # Define parameters\n    param(\n        $PowerShellModuleName,\n        $LocalModulesPath\n    )\n\n\t# Check to see if the package provider has been installed\n    if ((Get-NugetPackageProviderNotInstalled) -ne $false)\n    {\n    \t# Display that we need the nuget package provider\n        Write-Host \"Nuget package provider not found, installing ...\"\n        \n        # Install Nuget package provider\n        Install-PackageProvider -Name Nuget -Force\n    }\n\n\t# Save the module in the temporary location\n    Write-Host \"Saving module $PowerShellModuleName to temporary folder ...\"\n    Save-Module -Name $PowerShellModuleName -Path $LocalModulesPath -Force\n    Write-Host \"Save successful!\"\n}\n\n# Check to see if $IsWindows is available\n# Check to see if $IsWindows is available\nif ($null -eq $IsWindows)\n{\n     Write-Host \"Determining Operating System...\"\n    $IsWindows = ([System.Environment]::OSVersion.Platform -eq \"Win32NT\")\n    $IsLinux = ([System.Environment]::OSVersion.Platform -eq \"Unix\")\n}\n\n# Check to see if it's running on Windows\nif ($IsWindows)\n{\n\t# Disable the progress bar so downloading files via Invoke-WebRequest are faster\n    $ProgressPreference = 'SilentlyContinue'\n}\n\nif ($PSEdition -eq \"Core\") {\n    $PSStyle.OutputRendering = \"PlainText\"\n}\n\n# Define PowerShell Modules path\n$LocalModules = (New-Item \"$PWD/Modules\" -ItemType Directory -Force).FullName\n$env:PSModulePath = \"$LocalModules$([IO.Path]::PathSeparator)$env:PSModulePath\"\n$azureModule = \"Az.App\"\n\n# Get variables\n$templateAzureAccountClient = $OctopusParameters['Template.Azure.Account.ClientId']\n$templateAzureAccountPassword = $OctopusParameters['Template.Azure.Account.Password']\n$templateAzureAccountTenantId = $OctopusParameters['Template.Azure.Account.TenantId']\n$templateAzureResourceGroup = $OctopusParameters['Template.Azure.ResourceGroup.Name']\n$templateAzureSubscriptionId = $OctopusParameters['Template.Azure.Account.SubscriptionId']\n$templateEnvironmentName = $OctopusParameters['Template.ContainerApp.Environment.Name']\n$templateAzureLocation = $OctopusParameters['Template.Azure.Location.Name']\n\n# Check for required PowerShell module\nWrite-Host \"Checking for module $azureModule ...\"\n\nif ((Get-ModuleInstalled -PowerShellModuleName $azureModule) -eq $false)\n{\n\t# Install the module\n    Install-PowerShellModule -PowerShellModuleName $azureModule -LocalModulesPath $LocalModules\n}\n\n# Import the necessary module\nWrite-Host \"Importing module $azureModule ...\"\nImport-Module $azureModule\n\n# Check to see if the account was specified\nif (![string]::IsNullOrWhitespace($templateAzureAccountClient))\n{\n\t# Login using the provided account\n    Write-Host \"Logging in as specified account ...\"\n    \n\t# Create credential object for az module\n\t$securePassword = ConvertTo-SecureString $templateAzureAccountPassword -AsPlainText -Force\n\t$azureCredentials = New-Object System.Management.Automation.PSCredential ($templateAzureAccountClient, $securePassword)  \n\n    Connect-AzAccount -Credential $azureCredentials -ServicePrincipal -Tenant $templateAzureAccountTenantId -Subscription $templateAzureSubscriptionId | Out-Null\n    \n    Write-Host \"Login successful!\"\n}\nelse\n{\n\tWrite-Host \"Using machine Managed Identity ...\"\n    Connect-AzAccount -Identity | Out-Null\n    \n    # Get Identity context\n    $identityContext = Get-AzContext\n    \n    # Set variables\n    $templateAzureSubscriptionId = $identityContext.Subscription\n    \n    if ([string]::IsNullOrWhitespace($templateAzureAccountTenantId))\n    {\n    \t$templateAzureAccountTenantId = $identityContext.Tenant\n    }\n    \n    Set-AzContext -Tenant $templateAzureAccountTenantId | Out-Null\n\n\tWrite-Host \"Successfully set context for Managed Identity!\"\n}\n\n# Check to see if Container App Environment already exists\nWrite-Host \"Getting list of existing environments ...\"\n$existingEnvironments = Get-AzContainerAppManagedEnv -ResourceGroupName $templateAzureResourceGroup -SubscriptionId $templateAzureSubscriptionId\n$managedEnvironment = $null\n\nif (($null -ne $existingEnvironments) -and ($null -ne ($existingEnvironments | Where-Object {$_.Name -eq $templateEnvironmentName})))\n{\n\tWrite-Host \"Environment $templateEnvironmentName already exists.\"\n    $managedEnvironment = $existingEnvironments | Where-Object {$_.Name -eq $templateEnvironmentName}\n}\nelse\n{\n\tWrite-Host \"Environment $templateEnvironmentName not found, creating ...\"\n    $managedEnvironment = New-AzContainerAppManagedEnv -EnvName $templateEnvironmentName -ResourceGroupName $templateAzureResourceGroup -Location $templateAzureLocation -AppLogConfigurationDestination \"\" # Empty AppLogConfigurationDestination is workaround for properties issue caused by marking this as required\n}\n\n# Set output variable\nWrite-Host \"Setting output variable ManagedEnvironmentId to $($managedEnvironment.Id)\"\nSet-OctopusVariable -name \"ManagedEnvironmentId\" -value \"$($managedEnvironment.Id)\""
+    "Octopus.Action.Script.ScriptBody": "# Define functions\nfunction Get-ModuleInstalled\n{\n    # Define parameters\n    param(\n        $PowerShellModuleName\n    )\n\n    # Check to see if the module is installed\n    if ($null -ne (Get-Module -ListAvailable -Name $PowerShellModuleName))\n    {\n        # It is installed\n        return $true\n    }\n    else\n    {\n        # Module not installed\n        return $false\n    }\n}\n\nfunction Get-NugetPackageProviderNotInstalled\n{\n\t# See if the nuget package provider has been installed\n    return ($null -eq (Get-PackageProvider -ListAvailable -Name Nuget -ErrorAction SilentlyContinue))\n}\n\nfunction Install-PowerShellModule\n{\n    # Define parameters\n    param(\n        $PowerShellModuleName,\n        $LocalModulesPath\n    )\n\n\t# Check to see if the package provider has been installed\n    if ((Get-NugetPackageProviderNotInstalled) -ne $false)\n    {\n    \t# Display that we need the nuget package provider\n        Write-Host \"Nuget package provider not found, installing ...\"\n        \n        # Install Nuget package provider\n        Install-PackageProvider -Name Nuget -Force\n    }\n\n\t# Save the module in the temporary location\n    Write-Host \"Saving module $PowerShellModuleName to temporary folder ...\"\n    Save-Module -Name $PowerShellModuleName -Path $LocalModulesPath -Force\n    Write-Host \"Save successful!\"\n}\n\n# Check to see if $IsWindows is available\nif ($null -eq $IsWindows)\n{\n    Write-Host \"Determining Operating System...\"\n    $IsWindows = ([System.Environment]::OSVersion.Platform -eq \"Win32NT\")\n    $IsLinux = ([System.Environment]::OSVersion.Platform -eq \"Unix\")\n}\n\n# Check to see if it's running on Windows\nif ($IsWindows)\n{\n\t# Disable the progress bar so downloading files via Invoke-WebRequest are faster\n    $ProgressPreference = 'SilentlyContinue'\n}\n\nif ($PSEdition -eq \"Core\") {\n    $PSStyle.OutputRendering = \"PlainText\"\n}\n\n# Define PowerShell Modules path\n$LocalModules = (New-Item \"$PWD/Modules\" -ItemType Directory -Force).FullName\n$env:PSModulePath = \"$LocalModules$([IO.Path]::PathSeparator)$env:PSModulePath\"\n$azureModule = \"Az.App\"\n\n# Get variables\n$templateAzureAccountClient = $OctopusParameters['Template.Azure.Account.ClientId']\n$templateAzureAccountPassword = $OctopusParameters['Template.Azure.Account.Password']\n$templateAzureAccountTenantId = $OctopusParameters['Template.Azure.Account.TenantId']\n$templateAzureResourceGroup = $OctopusParameters['Template.Azure.ResourceGroup.Name']\n$templateAzureSubscriptionId = $OctopusParameters['Template.Azure.Account.SubscriptionId']\n$templateEnvironmentName = $OctopusParameters['Template.ContainerApp.Environment.Name']\n$templateAzureLocation = $OctopusParameters['Template.Azure.Location.Name']\n$templateAzureJWTToken = $OctopusParameters['Template.Azure.Account.JWTToken']\n\n# Check for required PowerShell module\nWrite-Host \"Checking for module $azureModule ...\"\n\nif ((Get-ModuleInstalled -PowerShellModuleName $azureModule) -eq $false)\n{\n\t# Install the module\n    Install-PowerShellModule -PowerShellModuleName $azureModule -LocalModulesPath $LocalModules\n}\n\n# Import the necessary module\nWrite-Host \"Importing module $azureModule ...\"\nImport-Module $azureModule\n\n# Check to see if the account was specified\nif (![string]::IsNullOrWhitespace($templateAzureAccountClient))\n{\n\t# Login using the provided account\n    Write-Host \"Logging in as specified account ...\"\n\n    # Check to see if jwt token was provided\n    if (![string]::IsNullOrWhitespace($templateAzureJWTToken))\n    {\n        # Log in with OIDC\n        Write-Host \"Logging in using OIDC ...\"\n\n        # Log in\n        Connect-AzAccount -FederatedToken $templateAzureJWTToken -ApplicationId $templateAzureAccountClient -Tenant $templateAzureAccountTenantId -Subscription $templateAzureSubscriptionId | Out-Null    \n    }\n\n    if (![string]::IsNullOrWhitespace($templateAzureAccountPassword))\n    {\n        # Log in with Azure Service Principal\n        Write-Host \"Logging in with Azure Service Principal ...\"\n        \n        # Create credential object for az module\n\t    $securePassword = ConvertTo-SecureString $templateAzureAccountPassword -AsPlainText -Force\n\t    $azureCredentials = New-Object System.Management.Automation.PSCredential ($templateAzureAccountClient, $securePassword)  \n\n        Connect-AzAccount -Credential $azureCredentials -ServicePrincipal -Tenant $templateAzureAccountTenantId -Subscription $templateAzureSubscriptionId | Out-Null\n    }    \n    \n    Write-Host \"Login successful!\"\n}\nelse\n{\n\tWrite-Host \"Using machine Managed Identity ...\"\n    Connect-AzAccount -Identity | Out-Null\n    \n    # Get Identity context\n    $identityContext = Get-AzContext\n    \n    # Set variables\n    $templateAzureSubscriptionId = $identityContext.Subscription\n    \n    if ([string]::IsNullOrWhitespace($templateAzureAccountTenantId))\n    {\n    \t$templateAzureAccountTenantId = $identityContext.Tenant\n    }\n    \n    Set-AzContext -Tenant $templateAzureAccountTenantId | Out-Null\n\n\tWrite-Host \"Successfully set context for Managed Identity!\"\n}\n\n# Check to see if Container App Environment already exists\nWrite-Host \"Getting list of existing environments ...\"\n$existingEnvironments = Get-AzContainerAppManagedEnv -ResourceGroupName $templateAzureResourceGroup -SubscriptionId $templateAzureSubscriptionId\n$managedEnvironment = $null\n\nif (($null -ne $existingEnvironments) -and ($null -ne ($existingEnvironments | Where-Object {$_.Name -eq $templateEnvironmentName})))\n{\n\tWrite-Host \"Environment $templateEnvironmentName already exists.\"\n    $managedEnvironment = $existingEnvironments | Where-Object {$_.Name -eq $templateEnvironmentName}\n}\nelse\n{\n\tWrite-Host \"Environment $templateEnvironmentName not found, creating ...\"\n    $managedEnvironment = New-AzContainerAppManagedEnv -EnvName $templateEnvironmentName -ResourceGroupName $templateAzureResourceGroup -Location $templateAzureLocation -AppLogConfigurationDestination \"\" # Empty AppLogConfigurationDestination is workaround for properties issue caused by marking this as required\n}\n\n# Set output variable\nWrite-Host \"Setting output variable ManagedEnvironmentId to $($managedEnvironment.Id)\"\nSet-OctopusVariable -name \"ManagedEnvironmentId\" -value \"$($managedEnvironment.Id)\""
   },
   "Parameters": [
     {
@@ -62,6 +62,16 @@
         "Octopus.ControlType": "Sensitive"
       }
     },
+    {
+      "Id": "a4a216e0-0ba5-4dd9-b759-6c7121eda110",
+      "Name": "Template.Azure.Account.JWTToken",
+      "Label": "Azure Account JWT Token",
+      "HelpText": "The JWT token of the Azure account to use.  This value can be retrieved from an Azure Account variable type.  Add an Azure Account to your project , then assign the `OpenIdConnect.Jwt` property to for this entry.   Leave blank if you're using an Azure Service Principal account type.\n\nFor example, if your Azure Account variable is called MyAccount, the value for this input would be `#{MyAccount.OpenIdConnect.Jwt}`",
+      "DefaultValue": "",
+      "DisplaySettings": {
+        "Octopus.ControlType": "SingleLineText"
+      }
+    },    
     {
       "Id": "66f5ee93-3ba9-44e7-8a04-50535b1907cb",
       "Name": "Template.ContainerApp.Environment.Name",
@@ -85,8 +95,8 @@
   ],
   "StepPackageId": "Octopus.Script",
   "$Meta": {
-    "ExportedAt": "2025-03-26T15:16:57.216Z",
-    "OctopusVersion": "2025.1.9982",
+    "ExportedAt": "2026-01-28T16:54:33.969Z",
+    "OctopusVersion": "2026.1.5902",
     "Type": "ActionTemplate"
   },
   "LastModifiedBy": "twerthi",