azcomputerguru/claudetools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: add sleep after SP creation + handle null appRoleAssignments in jq

Browse Source 
New SPs need ~5s to replicate before appRoleAssignments can be granted.
Also fixes jq null iterator error when SP has no existing assignments.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Mike Swanson
2026-04-20 18:51:48 -07:00
parent 7a2e41c28c
commit 89300e7ac7
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.claude/skills/remediation-tool/scripts/onboard-tenant.sh
View File

@@ -184,6 +184,8 @@ create_sp_if_missing() {
fi
echo " [CREATED] $app_name SP: $new_oid" >&2
# Brief pause for Graph replication before granting appRoleAssignments
sleep 5
echo "$new_oid"
}
@@ -199,7 +201,7 @@ grant_app_role() {
already=$(curl -s --max-time 15 \
-H "Authorization: Bearer $token" \
"https://graph.microsoft.com/v1.0/servicePrincipals/$principal_oid/appRoleAssignments" \
| jq --arg rid "$role_id" '[.value[] | select(.appRoleId == $rid)] | length > 0')
| jq --arg rid "$role_id" '([.value[]? | select(.appRoleId == $rid)] | length) > 0')
if [[ "$already" == "true" ]]; then
return 0