Azure / ALZ-PowerShell-Module

The Azure Landing Zones Accelerators PowerShell module
https://www.powershellgallery.com/packages/ALZ/
MIT License
72 stars 36 forks source link

Bug: Custom Modules Directory Prioritization #177

Open oZakari opened 1 month ago

oZakari commented 1 month ago

Is there an existing issue for this?

Infrastrcuture as Code Type? (Required)

bicep

Module Versions (Required)

ALZ PowerShell Module: 3.0.3 Accelerator Bootstrap Modules: 3.0.1 Terraform Starter Modules: N/A Bicep Starter Modules: 0.19.0

Input arguments of the ALZ-PowerShell-Module (Optional)

No response

Debug Output/Panic Output (Optional)

No response

Expected Behaviour (Required)

We need to address an issue with the custom-modules directory. If a module in the custom-modules directory matches one from the upstream (ALZ-Bicep), the CD pipeline should prioritize the custom module. Unfortunately, this isn't happening as it should.

Actual Behaviour (Required)

If we create a custom-modules directory and place a module with the same name as the upstream repo for Bicep. The workflows are still prioritizing the upstream references.

Steps to Reproduce (Optional)

Follow the steps within the PowerShell wiki for Github or Azure DevOps.

Important Factoids (Optional)

No response

References (Optional)

No response

michael-novak-80 commented 1 month ago

Hi @oZakari, Sorry it took time to get back to this.

I am aware that you mention "modules" here but I can also confirm that custom parameters defined in "C:\accelerator\output\starter\v0.19.4\config\custom-parameters" are still not being used by the bootstrap.

C:\accelerator\output\starter\v0.19.4\config\custom-parameters\managementGroups.parameters.all.json


{
  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
  "contentVersion": "1.0.0.0",
  "parameters": {
    "parTopLevelManagementGroupPrefix": {
      "value": "mg-atc"
    },
    "parTopLevelManagementGroupSuffix": {
      "value": ""
    },
    "parTopLevelManagementGroupDisplayName": {
      "value": "ATC-JR"
    },
    "parTopLevelManagementGroupParentId": {
      "value": ""
    },
    "parLandingZoneMgAlzDefaultsEnable": {
      "value": true
    },
    "parPlatformMgAlzDefaultsEnable": {
      "value": true
    },
    "parLandingZoneMgConfidentialEnable": {
      "value": false
    },
    "parLandingZoneMgChildren": {
      "value": {}
    },
    "parPlatformMgChildren": {
      "value": {}
    },
    "parTelemetryOptOut": {
      "value": false
    }
  }
}

It seems that the parameter file used during delployment is "managementGroupsScopeEscape.bicep" ?


targetScope = 'managementGroup'

metadata name = 'ALZ Bicep - Management Groups Module with Scope Escape'
metadata description = 'ALZ Bicep Module to set up Management Group structure, using Scope Escaping feature of ARM to allow deployment not requiring tenant root scope access.'

@sys.description('Prefix used for the management group hierarchy. This management group will be created as part of the deployment.')
@minLength(2)
@maxLength(10)
param parTopLevelManagementGroupPrefix string = 'alz'

@sys.description('Optional suffix for the management group hierarchy. This suffix will be appended to management group names/IDs. Include a preceding dash if required. Example: -suffix')
@maxLength(10)
param parTopLevelManagementGroupSuffix string = ''

@sys.description('Display name for top level management group. This name will be applied to the management group prefix defined in parTopLevelManagementGroupPrefix parameter.')
@minLength(2)
param parTopLevelManagementGroupDisplayName string = 'Azure Landing Zones'

Log:

Deployment Name: atc-Management-Groups-Deployment-20241003133242
VERBOSE: Using Bicep v0.30.23
VERBOSE: Calling Bicep with arguments: build "/home/runner/work/atc-mgmt/atc-mgmt/infra-as-code/bicep/modules/managementGroups/managementGroupsScopeEscape.bicep" --stdout
WARNING: /home/runner/work/atc-mgmt/atc-mgmt/infra-as-code/bicep/CRML/customerUsageAttribution/cuaIdManagementGroup.bicep(1,1) : Info Bicep Linter Configuration: Custom bicepconfig.json file found (/home/runner/work/atc-mgmt/atc-mgmt/infra-as-code/bicep/bicepconfig.json).
/home/runner/work/atc-mgmt/atc-mgmt/infra-as-code/bicep/modules/managementGroups/managementGroupsScopeEscape.bicep(1,1) : Info Bicep Linter Configuration: Custom bicepconfig.json file found (/home/runner/work/atc-mgmt/atc-mgmt/infra-as-code/bicep/bicepconfig.json).

VERBOSE: 
VERBOSE: 13:32:50 - Template is valid.
VERBOSE: 13:32:53 - Create template deployment 'atc-Management-Groups-Deployment-20241003133242-01'
VERBOSE: 13:32:53 - Checking deployment status in 5 seconds
Deployment Name: atc-Management-Groups-Deployment-20[241](https://github.com/stsk-deployment/atc-mgmt/actions/runs/11162986249/job/31028860739#step:7:243)003133242
Deployment ID: /providers/Microsoft.Management/managementGroups/ba4e7295-d5cd-46f9-be44-2aa7f6fd9aa2/providers/Microsoft.Resources/deployments/atc-Management-Groups-Deployment-20241003133[242](https://github.com/stsk-deployment/atc-mgmt/actions/runs/11162986249/job/31028860739#step:7:244)-01
Deployment Url: https://portal.azure.com/#view/HubsExtension/DeploymentDetailsBlade/~/overview/id/%2Fproviders%2FMicrosoft.Management%2FmanagementGroups%2Fba4e7295-d5cd-46f9-be44-2aa7f6fd9aa2%2Fproviders%2FMicrosoft.Resources%2Fdeployments%2Fatc-Management-Groups-Deployment-20241003133242-01
Id                      : /providers/Microsoft.Management/managementGroups/ba4e
                          7295-d5cd-46f9-be44-2aa7f6fd9aa2/providers/Microsoft.
                          Resources/deployments/atc-Management-Groups-Deploymen
                          t-20241003133242-01
DeploymentName          : atc-Management-Groups-Deployment-20241003133242-01
ManagementGroupId       : ba4e7295-d5cd-46f9-be44-2aa7f6fd9aa2
Location                : northeurope
ProvisioningState       : Succeeded
Timestamp               : 10/03/2024 13:34:09
Mode                    : Incremental
TemplateLink            : 
Parameters              : 
                          Name                                     Type        
                                         Value     
                          =======================================  ============
                          =============  ==========
                          parTopLevelManagementGroupPrefix         String      
                                         "atc"     
                          parTopLevelManagementGroupSuffix         String      
                                         ""        
                          parTopLevelManagementGroupDisplayName    String      
                                         "Azure Landing Zones"
                          parTopLevelManagementGroupParentId       String      
                                         ""        
                          parLandingZoneMgAlzDefaultsEnable        Bool        
                                         true      
                          parPlatformMgAlzDefaultsEnable           Bool        
                                         true      
                          parLandingZoneMgConfidentialEnable       Bool        
                                         false     
                          parLandingZoneMgChildren                 Object      
                                         {}        
                          parPlatformMgChildren                    Object      
                                         {}        
                          parTelemetryOptOut                       Bool        
                                         false
oZakari commented 3 weeks ago

Hi @michael-novak-80, no problem and sorry that I missed that part in your original request. The bicep module that is used for the management group deployment is the managementGroupsScopeEscape.bicep, but the parameter file that this Bicep module uses as well as the normal managementGroups.bicep file are the same.

What I am wondering is if there were changes made to your local parameter file (C:\accelerator\output\starter\v0.19.4\config\custom-parameters\managementGroups.parameters.all.json) that were not pushed up to your remote branch. I assume that within your inputs.yaml file that you used for the initial bootstrap was "atc" and then you modified the parameter file in your local machine's directory to get the mg-atc? If so, can you please verify on your side if the remote branch for that parameters file your local branch?