Azure / bicep

Bicep is a declarative language for describing and deploying Azure resources
MIT License
3.27k stars 756 forks source link

Missing type validation / inaccuracies #784

Closed anthony-c-martin closed 1 year ago

anthony-c-martin commented 4 years ago

Please submit all type inaccuracy issues to the Bicep Types Repo here: https://aka.ms/bicep-type-issues

joshuawaddell commented 4 years ago

From a multi-resource deployment file:

bmoore-msft commented 4 years ago

The scope property on Microsoft.Authorization/roleAssignments is flagged as read-only but is available for PUT.

sethwenzel commented 4 years ago

Resource locks show as missing types: https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/lock-resources#arm-template

for a multi resource bicep file for a function app I get the following warnings when adding locks:

bmoore-msft commented 4 years ago

@sethwenzel - those are all "extension resources" and we'll have a simpler way for constructing them as we did with the scope property in JSON. Anything that has "providers" in the type (diags, roles, locks) will fall into that category.

anthony-c-martin commented 4 years ago

I've raised https://github.com/MicrosoftDocs/azure-docs/issues/65815 to update our ARM template JSON samples.

As @bmoore-msft mentioned, this should light up once we have https://github.com/Azure/bicep/blob/main/docs/spec/resource-scopes.md#resource-scope-property implemented. I've created https://github.com/Azure/bicep/issues/870 to track this independently.

SimonWahlin commented 4 years ago

Warning BCP081: Resource type "Microsoft.KeyVault/vaults/secrets@2019-09-01" does not have types available. Warning BCP081: Resource type "Microsoft.Web/sites/config@2020-06-01" does not have types available.

johndowns commented 4 years ago

Warning BCP081: Resource type "Microsoft.Network/frontDoors/frontendEndpoints/customHttpsConfiguration@2020-07-01" does not have types available.

johndowns commented 4 years ago

Warning BCP081: Resource type "Microsoft.EventGrid/topics/providers/eventSubscriptions@2018-01-01" does not have types available.

ld0614 commented 4 years ago

Resource type "Microsoft.RecoveryServices/vaults@2019-06-01" does not have types available. Resource type "Microsoft.RecoveryServices/vaults/backupstorageconfig@2019-05-13" does not have types available.

Ideally 'Microsoft.RecoveryServices/vaults/backupPolicies@2019-06-15' property Timezone should auto complete valid timezones

Microsoft.Automation/automationAccounts@2015-10-31 is missing location as a required properties: location + Properties -> Sku -> name

dgard1981 commented 4 years ago

Resource type "Microsoft.DocumentDB/databaseAccounts/providers/diagnosticSettings@2017-05-01-preview" does not have types available. Resource type "Microsoft.Web/sites/providers/diagnosticSettings@2017-05-01-preview" does not have types available. Resource type "Microsoft.Web/sites/slots/providers/diagnosticSettings@2017-05-01-preview" does not have types available.

I don't know exactly which types you'd expect to provide diagnosticSettings, but it doesn't look like any are included.

alex-frankel commented 4 years ago

Thanks for reporting @dgard1981 - this is a similar case to /locks above. They are both extension resources, which means they can be appended to any currently existing resource (that supports it). We have a proposal to have a new way of authoring these types of resources at which point we should be able to start validating these properly: https://github.com/Azure/bicep/issues/870

Philo commented 4 years ago
Warning BCP081: Resource type "Microsoft.Storage/storageAccounts/providers/roleAssignments@2020-04-01-preview" 
does not have types available.

I would also suspect this is a similar case for other RBAC resource types.

markgar commented 4 years ago

Whenever I'm trying to define an Azure Spring Cloud cluster (Microsoft.AppPlatform/Spring@2020-07-01), I'm not given an enum for sku.name or sku.tier

resource mySpring 'Microsoft.AppPlatform/Spring@2020-07-01' = {
  name: 'myCluster'
  location: resourceGroup().location
  sku: {
    name: ''
    tier: ''
  } 
}
alex-frankel commented 4 years ago

Originally reported with Azure/bicep#791

--

Bicep version Bicep CLI version 0.1.223-alpha (895cac24a7)

Describe the bug When defining a vnet resource, the properties attribute isn't being marked as required. Per ARM template reference, properties is required: https://docs.microsoft.com/en-us/azure/templates/microsoft.network/virtualnetworks

Furthermore, the properties.addressSpace is required in order for deployment to complete.

To Reproduce

param location string = resourceGroup().location

resource vnet 'Microsoft.Network/virtualNetworks@2020-06-01' = {
    location: location
    name: 'vnet'
}

Types with issue (not exhaustive):

Additional context

Expected

  1. Intellisense warning
  2. Error BCP035: The specified object is missing the following required properties
kartben commented 4 years ago

resource type 'Microsoft.KeyVault/vaults/secrets' gets autocompleted with a wrong API version. It gets completed to Microsoft.KeyVault/vaults/secrets@2020-04-01-preview instead of Microsoft.KeyVault/vaults/secrets@2019-09-01. When using the proper (2019-09-01) version, one gets the error message below:

Resource type "Microsoft.KeyVault/vaults/secrets@2019-09-01" does not have types available.bicep(BCP081)
smokedlinq commented 4 years ago

Bicep version 0.2.14

Describe the bug The resource type @ version Microsoft.Web/connections@2016-06-01 is not available (BCP081)

To Reproduce resource connection 'Microsoft.Web/connections@2016-06-01' = { .. }

miqm commented 4 years ago

Bicep CLI version 0.2.46 (fa6e2c5d92)

Element: Microsoft.Web/certificates@2020-06-01 Message: Warning BCP035: The specified "object" declaration is missing the following required properties: "password".

Although reference (https://docs.microsoft.com/en-us/azure/templates/microsoft.web/certificates) describes password as required, in fact it isn't.

StefanIvemo commented 4 years ago

Bicep version Bicep CLI version 0.2.14

Describe the bug Defining a VPN Gateway Connection 'Microsoft.Network/connections@2020-06-01 and using the id property in the VirtualNetworkGatewayModel object and LocalNetworkGateway object to reference existing VPN Gateways and Local Network Gateways, you get a warning message.

Warning BCP035: The specified "object" declaration is missing the following required properties: "properties".

To Reproduce

resource s2sconnection 'Microsoft.Network/connections@2020-06-01' = {
  name: 'onprem-hub-cn'
  location: location
  properties: {
    connectionType: 'IPsec'
    connectionProtocol: 'IKEv2'
    virtualNetworkGateway1: {
      id: vpngwid
    }
    enableBgp: true
    sharedKey: psk
    localNetworkGateway2: {
      id: localnetworkgw.id
    }
  }
}
JFolberth commented 4 years ago

Microsoft.DataFactory/factories/pipelines@2018-06-01 incorrect types under properties->activities. Have this on PR Azure/bicep#999 Looking 'Container' or 'Execution'

alex-frankel commented 4 years ago
'Resource type "Microsoft.KeyVault/vaults/keys@2019-09-01" does not have types available.'

Originally reported in Azure/bicep#1020

alex-frankel commented 3 years ago

FYI the keyVault related issues should be resolved in the next 2-3 weeks.

DanniJuhl commented 3 years ago

Bicep CLI version 0.2.59 (5b0314c03c)

I don't know if this belongs here or not, as the error seems to be on the api side. When trying to deploy Microsoft.Insights/components@2020-02-02-preview, I get the following warning:

Warning BCP035: The specified "object" declaration is missing the following required properties: "Application_Type"

Looking at the reference for the endpoint, it is marked as required, but deploying a resource without is completed successfully. Reference bicep to reproduce:

resource appi 'Microsoft.Insights/components@2020-02-02-preview' = {
  name: appInsightsName
  location: location
  kind: 'web'
  properties: {
    WorkspaceResourceId: log.id
  }
}
JFolberth commented 3 years ago

Bicep version: 0.2.59 (5b0314c03c)

Microsoft.EventHub/namespaces@2018-01-01-preview' says: Resource type "Microsoft.EventHub/namespaces@2018-01-01-preview" does not have types available.bicep(BCP081)

anthony-c-martin commented 3 years ago

Bicep version: 0.2.59 (5b0314c)

Microsoft.EventHub/namespaces@2018-01-01-preview' says: Resource type "Microsoft.EventHub/namespaces@2018-01-01-preview" does not have types available.bicep(BCP081)

This is a result of https://github.com/Azure/azure-rest-api-specs/issues/12065 which I've just raised.

markgar commented 3 years ago

I'm finding that this bicep code

resource asp 'Microsoft.Web/serverfarms@2020-06-01' = {
  location: resourceGroup().location
  name: 'my-app-service-plan'
}

Does not throw an error in bicep, but when deployed gives a very generic error:

"error":{"code":"InvalidTemplateDeployment","message":"The template deployment 'main' is not valid according to the validation procedure. The tracking id is 'd9064387-8ea6-4e9e-ad63-60cd18c2a1e0'. See inner errors for details.","details":[{"message":"Object reference not set to an instance of an object."}]}}

I found that by adding sku.name that things started working.

  sku: {
    name: 'S1'
  }
anthony-c-martin commented 3 years ago

"error":{"code":"InvalidTemplateDeployment","message":"The template deployment 'main' is not valid according to the validation procedure. The tracking id is 'd9064387-8ea6-4e9e-ad63-60cd18c2a1e0'. See inner errors for details.","details":[{"message":"Object reference not set to an instance of an object."}]}}

Thanks for reporting this, I've raised it internally with the Microsoft.Web team.

anthony-c-martin commented 3 years ago

Adding reports for missing types from https://github.com/Azure/bicep-types-az/issues/28 to this issue (both look like instances of Azure/bicep#657):

markgar commented 3 years ago

I think this will be fixed soon already, but wanted to report for completeness.

Resource type "Microsoft.AppConfiguration/configurationStores/keyValues@2020-07-01-preview" does not have types available.

markgar commented 3 years ago

This is a little different from my earlier report related to this.

Should sku.name be an enum? I was expecting one...

resource asp 'Microsoft.Web/serverfarms@2020-06-01' = {
  location: resourceGroup().location
  name: 'micro-asp-${unqStr}'
  sku: {
    name: 'S1'
  }
}
markgar commented 3 years ago

Should sku.name be an enum? I checked the docs and it isn't listed (https://docs.microsoft.com/en-us/azure/templates/microsoft.appconfiguration/configurationstores) but I think there are only 2 values. standard and free.

resource configSvcs 'Microsoft.AppConfiguration/configurationStores@2020-06-01' = {
  location: resourceGroup().location
  name: 'micro-appcfg-${unqStr}'
  sku: {
    name: 'standard'
  }
}
anthony-c-martin commented 3 years ago

I think this will be fixed soon already, but wanted to report for completeness.

Resource type "Microsoft.AppConfiguration/configurationStores/keyValues@2020-07-01-preview" does not have types available.

Thanks for raising this, I've raised https://github.com/Azure/azure-rest-api-specs/issues/12136 for it.

markgar commented 3 years ago

Microsoft.DevTestLab/schedules says that properties is required but doesn't require any of the attributes inside the properties object. To me, either something inside properties should be required, or if nothing is required inside, then properties itself shouldn't be required.

resource cartShutdown 'Microsoft.DevTestLab/schedules@2018-09-15' = {
  name: 'myschedule'
  properties: {}
}

https://docs.microsoft.com/en-us/azure/templates/microsoft.devtestlab/schedules

FWIW, the doc link has the same as I'm finding in bicep - that properties is required, but nothing inside properties is required.

Edit: formatting and correct doc link

anthony-c-martin commented 3 years ago

Microsoft.DevTestLab/schedules says that properties is required but doesn't require any of the attributes inside the properties object. To me, either something inside properties should be required, or if nothing is required inside, then properties itself shouldn't be required.

Thanks for reporting! Bicep Types and documentation are both being generated from the same source - swagger specifications. The source of this problem is here in the swagger spec. I'll raise this as an issue in the specs repo.

alex-frankel commented 3 years ago

More issues for recoveryServices from Azure/bicep#1286:

C:\bicepModules\recoveryvault.bicep(9,5) : Warning BCP037: No other properties are allowed on objects of type "Sku".
C:\bicepModules\recoveryvault.bicep(14,39) : Warning BCP081: Resource type "Microsoft.RecoveryServices/vaults/backupstorageconfig@2020-02-02" does not have types available.
C:\bicepModules\recoveryvault.bicep(26,5) : Warning BCP038: The property "instantRpRetentionRangeInDays" is not allowed on objects of type "AzureIaasVM". Permissible properties include "protectedItemsCount".
C:\bicepModules\recoveryvault.bicep(29,24) : Warning BCP036: The property "scheduleRunDays" expected a value of type "'Friday' | 'Monday' | 'Saturday' | 'Sunday' | 'Thursday' | 'Tuesday' | 'Wednesday'[]" but the provided value is of type "null".
C:\bicepModules\recoveryvault.bicep(57,24) : Warning BCP036: The property "monthlySchedule" expected a value of type "MonthlyRetentionSchedule" but the provided value is of type "null".
C:\bicepModules\recoveryvault.bicep(58,23) : Warning BCP036: The property "yearlySchedule" expected a value of type "YearlyRetentionSchedule" but the provided value is of type "null".
C:\bicepModules\recoveryvault.bicep(61,5) : Warning BCP038: The property "timeZone" is not allowed on objects of type "AzureIaasVM". Permissible properties include "protectedItemsCount".
C:\bicepModules\recoveryvault.bicep(72,24) : Warning BCP036: The property "protectedItemType" expected a value of type "'AzureFileShareProtectedItem' | 'AzureIaaSVMProtectedItem' | 'AzureVmWorkloadProtectedItem' | 'DPMProtectedItem' | 'GenericProtectedItem' | 'MabFileFolderProtectedItem' | 'Microsoft.Sql/servers/databases'" but the provided value is of type "'Microsoft.Compute/virtualMachines'".
johndowns commented 3 years ago

Warning BCP081: Resource type "Microsoft.ApiManagement/service/products/apis@2020-06-01-preview" does not have types available.

johndowns commented 3 years ago

Warning BCP081: Resource type "Microsoft.Network/loadBalancers/backendAddressPools@2020-07-01" does not have types available.

Philo commented 3 years ago

Warning BCP081: Resource type "Microsoft.Web/sites/config@2020-06-01" does not have types available.

SimonWahlin commented 3 years ago

Warning BCP081: Resource type "Microsoft.Network/routeTables@2020-07-01" does not have types available.

anthony-c-martin commented 3 years ago

Thanks for reporting the missing Microsoft.Network 2020-07-01 types. I've raised https://github.com/Azure/azure-rest-api-specs/issues/12679 to track this.

stan-sz commented 3 years ago

For

resource eh_cg 'Microsoft.EventHub/namespaces/eventhubs/consumergroups@2017-04-01' = {
    name: 'name'
}

the properties is not signaled as required, but the generated JSON and the docs claim it's required.

stan-sz commented 3 years ago

Resource type "Microsoft.Storage/storageAccounts/tableServices/tables@2019-06-01" does not have types

anthony-c-martin commented 3 years ago

Resource type "Microsoft.Storage/storageAccounts/tableServices/tables@2019-06-01" does not have types

Root cause is type generation was skipped: https://github.com/Azure/bicep-types-az/blob/b609d7dbb043470bc9f16af5743f0454dd74124f/generated/storage/log.out#L12 - I'll need to investigate further.

anthony-c-martin commented 3 years ago

For

resource eh_cg 'Microsoft.EventHub/namespaces/eventhubs/consumergroups@2017-04-01' = {
    name: 'name'
}

the properties is not signaled as required, but the generated JSON and the docs claim it's required.

The JSON & Docs generator actually enforce required for all resource properties fields, regardless of what the RP has declared support for (previous discussion on this in the docs/JSON generator repo here). There have been a few cases where properties is legitimately not required by the RP service. Do you happen to know whether the JSON/docs are correct or incorrect in this scenario?

tonesandtones commented 3 years ago

Microsoft.Insights/components@2020-02-02-preview

Requires properties.WorkspaceResourceId, but this is not true. Deployments specifying only Application_Type and not WorkspaceResourceId work fine.

Similar and related to @DanniJuhl's previous comment about a false error stating that Application_Type is required when only providing WorkspaceResourceId.

miqm commented 3 years ago

Microsoft.Web/sites@2020-06-01

As an readOnly property you can get inboundIpAddress but it's not in REST API specs, so it throws warning. That property is needed if you wish to configure custom domain using A record.

johndowns commented 3 years ago

The new version of Front Door (currently in preview) has a documented API but gives errors:

Warning BCP081: Resource type "Microsoft.Cdn/profiles@2020-09-01" does not have types available.

SenthuranSivananthan commented 3 years ago

Missing intellisense for Microsoft.Management/managementGroups@*

I'm able to add the fields based on ARM Reference, build and deploy the generated arm template.

anthony-c-martin commented 3 years ago

Missing intellisense for Microsoft.Management/managementGroups@*

I'm able to add the fields based on ARM Reference, build and deploy the generated arm template.

Prior to v0.3, that'll be because you're missing targetScope = 'tenant' at the top of your file.

With v0.3, it should show up in completions, but you will see an error warning you that you are targeting the incorrect scope.

SenthuranSivananthan commented 3 years ago

Missing intellisense for Microsoft.Management/managementGroups@* I'm able to add the fields based on ARM Reference, build and deploy the generated arm template.

Prior to v0.3, that'll be because you're missing targetScope = 'tenant' at the top of your file.

With v0.3, it should show up in completions, but you will see an error warning you that you are targeting the incorrect scope.

I had targetScope = 'tenant'. I can wait for v0.3 since it's coming soon.

stan-sz commented 3 years ago

Missing intelisense for Microsoft.Resources/deploymentScripts@2020-10-01/identity/userAssignedIdentities

resource script 'Microsoft.Resources/deploymentScripts@2020-10-01' = {
  name: 'upload'
  kind: 'AzureCLI'
  location: 'location'
  identity: {
    type: 'UserAssigned'
    userAssignedIdentities: {
      // missing intelisense
      principalId: '123'
      clientId: '123'
    }
  }
  properties: {
    azCliVersion: '2.0.80'
    retentionInterval: 'PT4H'
  }
}

The property "principalId" expected a value of type "UserAssignedIdentity" but the provided value is of type "'123'".bicep(BCP036)