search

Azure / logicapps

Azure Logic Apps labs, samples, and tools
MIT License
363 stars 301 forks source link

Logic App - does not process foreach loop when using set variable inside it. #1053

Closed JamievanZijl closed 4 months ago

JamievanZijl commented 4 months ago

Describe the Bug with repro steps

Overview: I tried to use a until loop with a variable boolean type to check whether a value is already present in a watchlist. However after adding the set variable inside the first foreach loop in the logic app, the logic app starts to 'lag out', not displaying input fields nor moving forward in the execution of the steps.

What type of Logic App Is this happening in?

Consumption (Portal)

Are you using new designer or old designer

New Designer

Did you refer to the TSG before filing this issue? https://aka.ms/lauxtsg

Yes

Workflow JSON

{
    "definition": {
        "$schema": "https://schema.management.azure.com/providers/Microsoft.Logic/schemas/2016-06-01/workflowdefinition.json#",
        "actions": {
            "Append_Product_Values": {
                "actions": {
                    "Append_to_array_variable": {
                        "inputs": {
                            "name": "ProductValue",
                            "value": "@item()?['properties.itemsKeyValue']?['Product']"
                        },
                        "type": "AppendToArrayVariable"
                    }
                },
                "foreach": "@body('Parse_JSON')?['properties']?['watchlistItems']",
                "runAfter": {
                    "Initialize_Products_Array": [
                        "Succeeded"
                    ]
                },
                "type": "Foreach"
            },
            "Does_CVE_Exist_in_Watchlist": {
                "inputs": {
                    "variables": [
                        {
                            "name": "CVEExists",
                            "type": "boolean",
                            "value": false
                        }
                    ]
                },
                "runAfter": {},
                "type": "InitializeVariable"
            },
            "For_each_AllVulnerabilities": {
                "actions": {
                    "For_each_Product": {
                        "actions": {
                            "Condition": {
                                "actions": {
                                    "CVE-ID": {
                                        "inputs": "@items('For_each_AllVulnerabilities')?['cve']?['id']",
                                        "type": "Compose"
                                    },
                                    "Condition_2": {
                                        "actions": {
                                            "Base-Score": {
                                                "inputs": "@items('For_each_AllVulnerabilities')?['cve']?['metrics']?['cvssMetricV31']?[0]?['cvssData']?['baseScore']",
                                                "type": "Compose"
                                            },
                                            "Watchlists_-_Add_a_new_Watchlist_Item_copy": {
                                                "inputs": {
                                                    "body": {
                                                        "CVE ID": "@outputs('CVE-ID')",
                                                        "Severity": "@outputs('Base-Score')"
                                                    },
                                                    "host": {
                                                        "connection": {
                                                            "name": "@parameters('$connections')['azuresentinel-2']['connectionId']"
                                                        }
                                                    },
                                                    "method": "put",
                                                    "path": "/Watchlists/subscriptions/@{encodeURIComponent('f9caaaca-cbad-4ba6-91b6-306279ab10d2')}/resourceGroups/@{encodeURIComponent('rg-sentinel-weu-vvdsluijs')}/workspaces/@{encodeURIComponent('e7c109a3-3369-4081-98bf-4e953818fce3')}/watchlists/@{encodeURIComponent('CVE-MONITOR-CVE')}/watchlistItem"
                                                },
                                                "runAfter": {
                                                    "Base-Score": [
                                                        "Succeeded"
                                                    ]
                                                },
                                                "type": "ApiConnection"
                                            }
                                        },
                                        "else": {
                                            "actions": {}
                                        },
                                        "expression": {
                                            "and": [
                                                {
                                                    "equals": [
                                                        "@variables('CVEExists')",
                                                        true
                                                    ]
                                                }
                                            ]
                                        },
                                        "runAfter": {
                                            "Until": [
                                                "Succeeded"
                                            ]
                                        },
                                        "type": "If"
                                    },
                                    "Until": {
                                        "actions": {
                                            "For_each": {
                                                "actions": {
                                                    "CVE_from_watchlist": {
                                                        "inputs": "@items('For_each')",
                                                        "type": "Compose"
                                                    },
                                                    "Condition_1": {
                                                        "actions": {
                                                            "Set_variable_1": {
                                                                "inputs": {
                                                                    "name": "CVEExists",
                                                                    "value": true
                                                                },
                                                                "type": "SetVariable"
                                                            }
                                                        },
                                                        "else": {
                                                            "actions": {}
                                                        },
                                                        "expression": {
                                                            "and": [
                                                                {
                                                                    "equals": [
                                                                        "@outputs('CVE_from_watchlist')",
                                                                        "@outputs('CVE-ID')"
                                                                    ]
                                                                }
                                                            ]
                                                        },
                                                        "runAfter": {
                                                            "CVE_from_watchlist": [
                                                                "Succeeded"
                                                            ]
                                                        },
                                                        "type": "If"
                                                    }
                                                },
                                                "foreach": "@body('Watchlists_-_Get_all_Watchlist_Items_for_a_given_Watchlist_(V2)_1')",
                                                "type": "Foreach"
                                            }
                                        },
                                        "expression": "@equals(variables('CVEExists'),true)",
                                        "limit": {
                                            "count": 1000,
                                            "timeout": "PT1H"
                                        },
                                        "runAfter": {
                                            "Watchlists_-_Get_all_Watchlist_Items_for_a_given_Watchlist_(V2)_1": [
                                                "Succeeded"
                                            ]
                                        },
                                        "type": "Until"
                                    },
                                    "Watchlists_-_Get_all_Watchlist_Items_for_a_given_Watchlist_(V2)_1": {
                                        "inputs": {
                                            "host": {
                                                "connection": {
                                                    "name": "@parameters('$connections')['azuresentinel-2']['connectionId']"
                                                }
                                            },
                                            "method": "get",
                                            "path": "/V2/Watchlists/subscriptions/@{encodeURIComponent('f9caaaca-cbad-4ba6-91b6-306279ab10d2')}/resourceGroups/@{encodeURIComponent('rg-sentinel-weu-vvdsluijs')}/workspaces/@{encodeURIComponent('e7c109a3-3369-4081-98bf-4e953818fce3')}/watchlists/@{encodeURIComponent('CVE-MONITOR-CVE')}/watchlistItems/"
                                        },
                                        "runAfter": {
                                            "CVE-ID": [
                                                "Succeeded"
                                            ]
                                        },
                                        "type": "ApiConnection"
                                    }
                                },
                                "else": {
                                    "actions": {}
                                },
                                "expression": {
                                    "and": [
                                        {
                                            "contains": [
                                                "@outputs('Description_EN')",
                                                "@item()"
                                            ]
                                        }
                                    ]
                                },
                                "runAfter": {
                                    "Description_EN": [
                                        "Succeeded"
                                    ]
                                },
                                "type": "If"
                            },
                            "Description_EN": {
                                "inputs": "@items('For_each_AllVulnerabilities')?['cve']?['descriptions']?[0]?['value']",
                                "type": "Compose"
                            }
                        },
                        "foreach": "@variables('ProductValue')",
                        "runAfter": {
                            "Set_variable": [
                                "Succeeded"
                            ]
                        },
                        "type": "Foreach"
                    },
                    "Set_variable": {
                        "inputs": {
                            "name": "CVEExists",
                            "value": false
                        },
                        "type": "SetVariable"
                    }
                },
                "foreach": "@variables('AllVulnerabilities')",
                "runAfter": {
                    "Append_Product_Values": [
                        "Succeeded"
                    ]
                },
                "type": "Foreach"
            },
            "HTTP_Request_for_Published_date": {
                "inputs": {
                    "headers": {
                        "apiKey": "b1a679b7-2655-4473-8f73-584923d8ac4f"
                    },
                    "method": "GET",
                    "uri": "https://services.nvd.nist.gov/rest/json/cves/2.0?keywordSearch=Ivanti"
                },
                "runAfter": {
                    "Does_CVE_Exist_in_Watchlist": [
                        "Succeeded"
                    ]
                },
                "type": "Http"
            },
            "Initialize_Products_Array": {
                "inputs": {
                    "variables": [
                        {
                            "name": "ProductValue",
                            "type": "array"
                        }
                    ]
                },
                "runAfter": {
                    "Parse_JSON": [
                        "Succeeded"
                    ]
                },
                "type": "InitializeVariable"
            },
            "Initialize_variable": {
                "inputs": {
                    "variables": [
                        {
                            "name": "AllVulnerabilities",
                            "type": "array",
                            "value": "@body('HTTP_Request_for_Published_date')?['vulnerabilities']"
                        }
                    ]
                },
                "runAfter": {
                    "HTTP_Request_for_Published_date": [
                        "Succeeded"
                    ]
                },
                "type": "InitializeVariable"
            },
            "Parse_JSON": {
                "inputs": {
                    "content": "@body('Watchlists_-_Get_all_Watchlist_Items_for_a_given_Watchlist_(V2)')",
                    "schema": {
                        "properties": {
                            "properties": {
                                "properties": {
                                    "watchlistItems": {
                                        "type": "array"
                                    }
                                },
                                "type": "object"
                            }
                        },
                        "type": "object"
                    }
                },
                "runAfter": {
                    "Watchlists_-_Get_all_Watchlist_Items_for_a_given_Watchlist_(V2)": [
                        "Succeeded"
                    ]
                },
                "type": "ParseJson"
            },
            "Watchlists_-_Get_all_Watchlist_Items_for_a_given_Watchlist_(V2)": {
                "inputs": {
                    "host": {
                        "connection": {
                            "name": "@parameters('$connections')['azuresentinel-2']['connectionId']"
                        }
                    },
                    "method": "get",
                    "path": "/V2/Watchlists/subscriptions/@{encodeURIComponent('f9caaaca-cbad-4ba6-91b6-306279ab10d2')}/resourceGroups/@{encodeURIComponent('rg-sentinel-weu-vvdsluijs')}/workspaces/@{encodeURIComponent('e7c109a3-3369-4081-98bf-4e953818fce3')}/watchlists/@{encodeURIComponent('CVE-MONITOR-COMMON-PRODUCTS')}/watchlistItems/"
                },
                "runAfter": {
                    "Initialize_variable": [
                        "Succeeded"
                    ]
                },
                "type": "ApiConnection"
            }
        },
        "contentVersion": "1.0.0.0",
        "outputs": {},
        "parameters": {
            "$connections": {
                "defaultValue": {},
                "type": "Object"
            }
        },
        "triggers": {
            "Recurrence": {
                "evaluatedRecurrence": {
                    "frequency": "Hour",
                    "interval": 2,
                    "timeZone": "W. Europe Standard Time"
                },
                "recurrence": {
                    "frequency": "Hour",
                    "interval": 2,
                    "timeZone": "W. Europe Standard Time"
                },
                "type": "Recurrence"
            }
        }
    }
}

Screenshots or Videos

No response

Browser

Chrome

Additional context

No response

JamievanZijl commented 4 months ago

Just saw that the placing of retrieving the watchlists items is not in the ideal position as it would now continously re-fetch them. However from what I observed when I ran it, it wouldn't even come to its execution after 18 minutes of run time.