This dumb stuff is why even Microsoft should use a common, secured and vetted pipeline for service principals so this does not happen.