Azure / ResourceModules

This repository includes a CI platform for and collection of mature and curated Bicep modules. The platform supports both ARM and Bicep and can be leveraged using GitHub actions as well as Azure DevOps pipelines.
https://aka.ms/carml
MIT License
726 stars 457 forks source link

[Bug Report]: RSV module validation fails when deployed with identity #2391

Open eriqua opened 1 year ago

eriqua commented 1 year ago

Describe the bug

RSV deployment validation fails when system and user assigned identity parameters are added as input parameters. Failure started with this pipeline run https://github.com/Azure/ResourceModules/actions/runs/3530599233 and consistent ever since. Reproduced by adding identity parameters to the min test. The test failed the second time it was deployed, with the log output as below. Identity has been removed from common module validation test by PR #2388, but kept in the module, since the failure does not appear to be related to a wrong implementation. This issue is about further investigating on the bug and monitor overtime if the issue is temporary.

To reproduce

Add system and user assigned identity to any RSV test. Redeploy twice.

Code snippet

systemAssignedIdentity: true
    userAssignedIdentities: {
      '${resourceGroupResources.outputs.managedIdentityResourceId}': {}
    }

Relevant log output

Status Message: Identity operation for resource '/subscriptions/***/resourceGroups/ms.recoveryservices.vaults-rsvcom-rg/providers/Microsoft.RecoveryServices/vaults/***rsvcom001' failed with error 'Failed to perform resource identity operation. Status: 'Conflict'. Response: '{"error":{"code":"Conflict","message":"Request specified that resource '/subscriptions/***/resourcegroups/ms.recoveryservices.vaults-rsvcom-rg/providers/Microsoft.RecoveryServices/vaults/***rsvcom001' is new, but resource already exists. This may be due to a pending delete operation, try again later."}}'.'. (Code:FailedIdentityOperation)
eriqua commented 1 year ago

@fblix @JPEasier, I'd suggest the same approach of issue #1543 : move the issue to blocked, reference the external blocking issue and test again once the blocking issue is closed

JPEasier commented 1 year ago

blocked by bicep Issue

rahalan commented 1 year ago

To be followed up by RSV module owner