search

Azure / bicep

Bicep is a declarative language for describing and deploying Azure resources
MIT License
3.22k stars 746 forks source link

Conditional dependsOn #7636

Closed RamBNarayanan closed 1 year ago

RamBNarayanan commented 2 years ago

Bicep version Bicep CLI version 0.8.9 (33a85174de)

Describe the bug Similar to the one exlained in #5974 on the last few comment where modules scoped to different scope

dependency creates errors when a module/resource depends on another module with if condition and scoped to different subscription and the condition is false

ERROR: InvalidTemplate - Deployment template validation failed: 'The resource 'Microsoft.Resources/deployments/registerCustomDomainDns' is not defined in the template. Please see https://aka.ms/arm-template for usage details.'.

To Reproduce below code will generate error because the dependency on the resource siteCustomDomain... for modules registerCustomDnsTxtRecord and registerCustomDnsName

param location string = 'westeurope'
param netFrameworkVersion string = 'v4.0'
@allowed([ 'AllAllowed', 'FtpsOnly', 'Disabled' ])
param ftpsState string = 'Disabled'
param DnsZoneSubscriptionID string = ''
param DnsZoneRG string = ''
param customDomainName string = ''
param dnsZoneName string = ''
param dnsRecordTTL int = 300

resource hostingPlan 'Microsoft.Web/serverfarms@2021-03-01' = {
  name: testPlan
  location: location
  sku: {
    name: B1   
    capacity: 1
  } 
  properties: {
    reserved: false
  }
}

resource appService 'Microsoft.Web/sites@2021-03-01' = {
  name: webSiteName 
  location: location
  identity: {
    type: 'SystemAssigned'
  }
  tags: tags
  properties: {
    serverFarmId: hostingPlan.id
    httpsOnly: true
    siteConfig: {
      minTlsVersion: '1.2'
      http20Enabled: true
      ftpsState: ftpsState 
      use32BitWorkerProcess: false
      netFrameworkVersion: netFrameworkVersion
    }
  }
}

module registerCustomDnsName 'dns-record.bicep' =  if(!empty(customDomainName) && !empty(dnsZoneName) ) {
  scope: resourceGroup(DnsZoneSubscriptionID, DnsZoneRG)
  name: 'registerCustomDomainDns'
  params: {
    zoneName: dnsZoneName
    dnsRecord: customDomainName
    ARecord: true
    dnsRecordValue: appService.properties.inboundIpAddress
    TTL: dnsRecordTTL
  }
}

module registerCustomDnsTxtRecord 'dns-record.bicep' =  if(!empty(customDomainName) && !empty(dnsZoneName) ) {
  scope: resourceGroup(DnsZoneSubscriptionID, DnsZoneRG)
  name: 'asuid'
  params: {
    zoneName: dnsZoneName
    dnsRecord: 'asuid.${customDomainName}'
    TxtRecord: true
    dnsRecordValue: appService.properties.customDomainVerificationId
    TTL: dnsRecordTTL
  }
}
var fqdn = '${customDomainName}.${dnsZoneName}'
resource siteCustomDomain 'Microsoft.Web/sites/hostNameBindings@2021-03-01' = if(!empty(customDomainName) && !empty(dnsZoneName) ) {
  name: fqdn
  parent: appService
  properties: {
    azureResourceName: fqdn
    azureResourceType: 'Website'
    customHostNameDnsRecordType: 'A'
    siteName: appService.name
  }
  dependsOn: [ registerCustomDnsName, registerCustomDnsTxtRecord  ] 
}

module dns-record.bicep

param zoneName string
param dnsRecord string
param TTL int = 300
param ARecord bool = false
param TxtRecord bool = false
param dnsRecordValue string

resource dnsZone 'Microsoft.Network/dnsZones@2018-05-01' existing = {
  name: zoneName

}

resource dnsARecord 'Microsoft.Network/dnsZones/A@2018-05-01' =  if(ARecord) { 
  name: dnsRecord
  parent: dnsZone
  properties: {
    TTL: TTL
    ARecords: [{
        ipv4Address: dnsRecordValue
      }]
  }  
}

resource dnsTxtRecord 'Microsoft.Network/dnsZones/TXT@2018-05-01' = if(TxtRecord) {
  name: dnsRecord
  parent: dnsZone
  properties: {
    TTL: TTL
    TXTRecords: [
      {
        value: [
          dnsRecordValue
        ]
      }
    ]
  }
}
brwilkinson commented 2 years ago

@RamBNarayanan

It appears that using an empty string for the RGName Or SubscriptionId is not valid/supported.

Please provide an alternate value for these, other than ''.

These zones must already exist, so consider using the correct RGName and SubscriptionId, using an empty string is not currently supported.

Once you validate this works correctly, I will follow up to ensure there is no way to work around this, however I am guessing there i not.

RamBNarayanan commented 2 years ago

@brwilkinson Please fill in the SubscriptionId and RGname (REsource Group Name) of your test environment there. Sorry I have left that empty as it is specific for each environment. You may also need to provide the values for param customDomainName string = 'myHost' param dnsZoneName string = 'myDomain.com'

brwilkinson commented 1 year ago

HI @RamBNarayanan just getting back to this one.

I am unable to repro.

Can you confirm these are the param settings that you want me to test with?

param location string = 'westeurope'
param netFrameworkVersion string = 'v4.0'
@allowed([ 'AllAllowed', 'FtpsOnly', 'Disabled' ])
param ftpsState string = 'Disabled'
param DnsZoneSubscriptionID string = '4185fa9b-f470-466a-b3ae-8e6c3314a542'
param DnsZoneRG string = 'AEU1-PE-CTL-RG-D1'
param customDomainName string = ''
param dnsZoneName string = ''
param dnsRecordTTL int = 300
brwilkinson commented 1 year ago

Given this is duplicate, I have moved this over to #5974 will close here.