Scratch Org From Snapshot - Copied with failing Connected App, but without certificates #3178
Description
Summary
When scratch org is created from Scratch Org Snapshot, new scratch org contains Connected App. Any interaction with this app leads to Internal Server Error
At the same time, the scratch org is not copied with certificates, which I think provides value compared to Connected App:
- When you are building project that relies on external API and authorize through JWT, you have to generate private key in Salesforce and upload public key in the API platform. It's a problem for scratch orgs, since they are temporary and either you have to spam API team with new public keys for every scratch org, or have exportable cert on long living org and import that.
If snapshot were copied with certs, the process becomes trivial - we are setting up certificate on snapshot and all scratch orgs are good to go right away. It's much safer, because the private keys is never touched by human hands.
Steps To Reproduce
- Create Scratch org which will be used as snapshot
- Create Connected App
- Create Self-Signed Certificate
- Create scratch org snapshot from this org
- Create new scratch org from the snapshot
- Observe that it has Connected App and it's failing with internal error and certificate is gone.
Expected result
Actual result
Additional information
System Information
Windows + Bash (git)
{
"architecture": "win32-x64",
"cliVersion": "@salesforce/cli/2.70.7",
"nodeVersion": "node-v21.6.0",
"osVersion": "Windows_NT 10.0.19045",
"rootPath": "C:\\Developer\\npm\\node_modules\\@salesforce\\cli",
"shell": "cmd.exe",
"pluginVersions": [
"@oclif/plugin-autocomplete 3.2.13 (core)",
"@oclif/plugin-commands 4.1.13 (core)",
"@oclif/plugin-help 6.2.19 (core)",
"@oclif/plugin-not-found 3.2.30 (core)",
"@oclif/plugin-plugins 5.4.22 (core)",
"@oclif/plugin-search 1.2.17 (core)",
"@oclif/plugin-update 4.6.17 (core)",
"@oclif/plugin-version 2.2.17 (core)",
"@oclif/plugin-warn-if-update-available 3.1.26 (core)",
"@oclif/plugin-which 3.2.20 (core)",
"@salesforce/cli 2.70.7 (core)",
"apex 3.6.7 (core)",
"api 1.3.2 (core)",
"auth 3.6.80 (core)",
"custom-metadata 3.3.33 (user) published 115 days ago (Sun Sep 22 2024) (latest is 3.3.41)",
"data 3.13.1 (core)",
"deploy-retrieve 3.15.20 (core)",
"env 3.0.32 (user) published 216 days ago (Thu Jun 13 2024) (latest is 3.0.34)",
"info 3.4.27 (core)",
"limits 3.3.42 (core)",
"marketplace 1.3.7 (core)",
"org 5.2.9 (core)",
"packaging 2.9.6 (core)",
"schema 3.3.44 (core)",
"settings 2.4.9 (core)",
"signups 2.6.8 (user) published 39 days ago (Sat Dec 07 2024) (latest is 2.6.10)",
"sobject 1.4.46 (core)",
"telemetry 3.6.27 (core)",
"templates 56.3.33 (core)",
"trust 3.7.50 (core)",
"user 3.6.4 (core)",
"@salesforce/sfdx-scanner 4.7.0 (user) published 77 days ago (Tue Oct 29 2024) (latest is 4.8.0)",
"sfdmu 4.33.17 (user) published 258 days ago (Thu May 02 2024) (latest is 4.38.0)",
"sfdx-hardis 5.2.3 (user) published 88 days ago (Sat Oct 19 2024) (latest is 5.15.4)"
]
}